CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

589 matches found

GithubExploit•added 2026/05/26 12:57 p.m.•45 views

Exploit for CVE-2020-25078

ABYSS C2 — HiSilicon DVR Exploit Framework ⚠️ EDUCATIONAL...

7.5CVSS7.6AI score0.94146EPSS

Exploits4

GithubExploit•added 2026/03/31 11:18 a.m.•173 views

Exploit for CVE-2014-8361

Vuln Scanner - Advanced Network Security Scanner !Licenseht...

10CVSS7.4AI score0.94436EPSS

Exploits412

Packet Storm News•added 2026/03/10 12:0 a.m.•0 views

External Entropy Supply for IoT Devices Employing a RISC-V Trusted Execution Environment

Entropy--a measure of randomness--is compulsory for the generation of secure cryptographic keys; however, Internet of Things IoT devices that are small or constrained often struggle to collect suf ficient entropy. In this article, we solve the entropy provisioning problem for a fleet of IoT devic...

5.8AI score

Exploits0

RedhatCVE•added 2026/01/09 11:23 a.m.•4 views

CVE-2021-31643

An XSS vulnerability exists in several IoT devices from CHIYU Technology, including SEMAC, Biosense, BF-630, BF-631, and Webpass due to a lack of sanitization on the component if.cgi - username parameter...

5.4CVSS6.1AI score0.0381EPSS

Exploits4References1

RedhatCVE•added 2026/01/09 9:19 a.m.•6 views

CVE-2021-22547

In IoT Devices SDK, there is an implementation of calloc that doesn't have a length check. An attacker could pass in memory objects larger than the buffer and wrap around to have a smaller buffer than required, allowing the attacker access to the other parts of the heap. We recommend upgrading th...

7.8CVSS7.1AI score0.00026EPSS

Exploits0References1

The Hacker News•added 2026/01/05 12:53 p.m.•22 views

⚡ Weekly Recap: IoT Exploits, Wallet Breaches, Rogue Extensions, AI Abuse & More

The year opened without a reset. The same pressure carried over, and in some places it tightened. Systems people assume are boring or stable are showing up in the wrong places. Attacks moved quietly, reused familiar paths, and kept working longer than anyone wants to admit. This week's stories...

10CVSS8.7AI score0.8966EPSS

Exploits373

The Hacker News•added 2026/01/01 9:19 a.m.•12 views

RondoDox Botnet Exploits Critical React2Shell Flaw to Hijack IoT Devices and Web Servers

Cybersecurity researchers have disclosed details of a persistent nine-month-long campaign that has targeted Internet of Things IoT devices and web applications to enroll them into a botnet known as RondoDox. As of December 2025, the activity has been observed leveraging the recently disclosed...

10CVSS8.1AI score0.93701EPSS

Exploits413

Krebs on Security•added 2025/11/06 2:4 a.m.•5 views

Cloudflare Scrubs Aisuru Botnet from Top Domains List

For the past week, domains associated with the massive Aisuru botnet have repeatedly usurped Amazon , Apple , Google and Microsoft in Cloudflare's public ranking of the most frequently requested websites. Cloudflare responded by redacting Aisuru domain names from their top websites list. The chie...

7.2AI score

Exploits0

The Hacker News•added 2025/10/29 3:38 p.m.•11 views

Experts Reports Sharp Increase in Automated Botnet Attacks Targeting PHP Servers and IoT Devices

Cybersecurity researchers are calling attention to a spike in automated attacks targeting PHP servers, IoT devices, and cloud gateways by various botnets such as Mirai, Gafgyt, and Mozi. "These automated campaigns exploit known CVE vulnerabilities and cloud misconfigurations to gain control over...

10CVSS9AI score0.94461EPSS

Exploits109

Krebs on Security•added 2025/10/10 4:10 p.m.•3 views

DDoS Botnet Aisuru Blankets US ISPs in Record DDoS

The world's largest and most disruptive botnet is now drawing a majority of its firepower from compromised Internet-of-Things IoT devices hosted on U.S. Internet providers like AT &T, Comcast and Verizon , new evidence suggests. Experts say the heavy concentration of infected devices at U.S...

7AI score

Exploits0