CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

36 matches found

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2020-4259

Malware in sbrugna...

4.3CVSS4.8AI score0.01124EPSS

Exploits1References4

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-7318

Malicious code in bioql PyPI...

9.1CVSS6.4AI score0.00339EPSS

Exploits1References2

RedHat Linux•added 2025/07/14 7:35 a.m.•4 views

cloud-init: Cloud init permissions flaw

An access permissions flaw was found in cloud-init. When a non-x86 platform is detected, cloud-init grants root access to a hardcoded URL with a local IP address, which creates a security exposure...

8.8CVSS5.7AI score0.00205EPSS

Exploits0References6

NVD•added 2025/06/26 10:15 a.m.•7 views

CVE-2024-6174

When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this, cloud-init default configurations disable platform enumeration...

8.8CVSS0.00205EPSS

Exploits0References1

Debian CVE•added 2025/06/26 9:15 a.m.•7 views

CVE-2024-6174

When a non-x86 platform is detected, cloud-init grants root access to a hardcoded url with a local IP address. To prevent this, cloud-init default configurations disable platform enumeration...

8.8CVSS5.2AI score0.00205EPSS

Exploits0

CVE•added 2025/06/26 9:15 a.m.•59 views

CVE-2024-6174

Summary: CVE-2024-6174 affects cloud-init. When a non-x86 platform is detected, it could grant root access to a hardcoded URL with a local IP. This is the underlying cause. Impact: High (CVSS v3.1: 8.8, privileges required: none, user interaction: none, scope: unchanged). Affected scope (from con...

8.8CVSS7AI score0.00205EPSS

Exploits0References1Affected Software1

RedhatCVE•added 2025/05/21 6:7 p.m.•6 views

CVE-1999-0195

Denial of service in RPC portmapper allows attackers to register or unregister RPC services or spoof RPC services using a spoofed source IP address such as 127.0.0.1...

5CVSS6.8AI score0.01489EPSS

Exploits0References1

RedhatCVE•added 2025/03/25 3:22 p.m.•17 views

CVE-2025-2691

Versions of the package nossrf before 1.0.4 are vulnerable to Server-Side Request Forgery SSRF where an attacker can provide a hostname that resolves to a local or reserved IP address space and bypass the SSRF protection mechanism...

9.1CVSS7.1AI score0.00339EPSS

Exploits1References1

CVE•added 2025/03/23 2:21 p.m.•64 views

CVE-2025-2691

CVE-2025-2691 affects the package nossrf prior to version 1.0.4. The vulnerability is Server-Side Request Forgery (SSRF) where an attacker can supply a hostname that resolves to a local or reserved IP address, bypassing the SSRF protection mechanism. Summary of what is known from connected docume...

9.1CVSS6.9AI score0.00339EPSS

Exploits1References1Affected Software1

Cvelist•added 2025/03/23 2:21 p.m.•24 views

CVE-2025-2691

8.8CVSS0.00339EPSS

Exploits1References1

Veracode•added 2025/02/05 1:21 a.m.•4 views

Information Disclosure

gvisor.dev/gvisor is vulnerable to Information Disclosure. The vulnerability is due to weak hashing algorithms and small seed/secret sizes, allowing remote attackers to calculate a local IP address and per-boot identifier that could aid in tracking a device in specific situations...

6.3CVSS6.6AI score0.00216EPSS

Exploits1References5Affected Software1

NVD•added 2025/01/30 8:15 p.m.•13 views

CVE-2024-10026

A weak hashing algorithm and small sizes of seeds/secrets in Google's gVisor allowed for a remote attacker to calculate a local IP address and a per-boot identifier that could aid in tracking of a device in certain circumstances...

6.3CVSS0.00216EPSS

Exploits1References4

Vulnrichment•added 2025/01/30 7:12 p.m.•7 views

CVE-2024-10026 Improved Seeding and Hashing In gVisor

6.3CVSS6.5AI score0.00216EPSS

Exploits1References4

Positive Technologies•added 2024/09/26 12:0 a.m.•3 views

PT-2024-7081 · D Link · D-Link Dir-878 +1

Name of the Vulnerable Software and Affected Versions: D-Link DIR-878 version DIR 878 FW130B08 D-Link DIR-882 version DIR 882 FW130B06 Description: The issue exists due to the lack of neutralization of special elements used in the operating system command in the SetVirtualServerSettings function ...

8CVSS8AI score0.02049EPSS

Exploits0References7

Fedora•added 2024/06/02 3:39 a.m.•7 views

[SECURITY] Fedora 39 Update: rust-local_ipaddress-0.1.3-8.fc39

Get your local IP address without panic...

7.1AI score

Exploits0

OpenVAS•added 2024/05/27 12:0 a.m.•5 views

Fedora: Security Advisory for rust-local_ipaddress (FEDORA-2024-ce2936b568)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score

Exploits0References2

Fedora•added 2024/05/26 1:29 a.m.•12 views

[SECURITY] Fedora 40 Update: rust-local_ipaddress-0.1.3-8.fc40

Get your local IP address without panic...

7.1AI score

Exploits0

CNNVD•added 2024/05/03 12:0 a.m.•2 views

D-Link DIR-2640 安全漏洞

The D-Link DIR-2640 is a high power Wi-Fi router from China-based AUO D-Link. A security vulnerability exists in the D-Link DIR-2640 that stems from a LocalIPAddress command injection remote code execution vulnerability...

6.8CVSS7.5AI score0.01796EPSS

Exploits0References3

NVD•added 2023/06/28 8:15 p.m.•10 views

CVE-2021-25827

Emby Server 4.7.12.0 is vulnerable to a login bypass attack by setting the X-Forwarded-For header to a local IP-address...

9.8CVSS9.1AI score0.01165EPSS

Exploits1References3