CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNNVD•added 2026/04/30 12:0 a.m.•8 views

Absolute Secure Access 信息泄露漏洞

Absolute Secure Access is an application developed by Absolute Corporation. It provides secure service edge SSE services optimized for mixed and mobile work environments. Versions of Absolute Secure Access prior to 14.50 contained a vulnerability related to information leakage, caused by a format...

4.8CVSS5.8AI score0.001EPSS

Positive Technologies•added 2026/04/30 12:0 a.m.•6 views

PT-2026-36170

Name of the Vulnerable Software and Affected Versions Secure Access client for MacOS versions prior to 14.50 Description A format string issue exists in the logging subsystem. Attackers controlling a modified server can force the client to dump small portions of memory into log files, which may...

4.8CVSS5.8AI score0.001EPSS

Exploits0References5

OSV•added 2026/01/17 2:15 a.m.•3 views

CVE-2026-0519

In Secure Access 12.70 and prior to 14.20, the logging subsystem may write an unredacted authentication token to logs under certain configurations. Any party with access to those logs could read the token and reuse it to access an integrated system...

3.4CVSS5.8AI score0.0012EPSS

NVD•added 2026/01/17 2:15 a.m.•7 views

CVE-2026-0519

4.6CVSS0.0012EPSS

CVE•added 2026/01/17 1:13 a.m.•11 views

CVE-2026-0519

CVE-2026-0519 : In Secure Access 12.70 and earlier than 14.20, the logging subsystem may write an unredacted authentication token to logs under certain configurations. This could allow any party with access to those logs to read the token and reuse it to access an integrated system. The provided ...

4.6CVSS6.6AI score0.0012EPSS

Exploits0References1Affected Software1

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2021-0154

Malware in sbrugna...

6.5CVSS6.4AI score0.0149EPSS

Exploits1References7

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2017-15760

Malware in sbrugna...

5.1CVSS5.4AI score0.00384EPSS

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2017-12939

Malware in sbrugna...

5.3CVSS5.5AI score0.01479EPSS

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2017-9154

Malware in sbrugna...

6.1CVSS6.3AI score0.02307EPSS

Exploits2References5

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-18222

Malicious code in bioql PyPI...

6.5CVSS5AI score0.00379EPSS

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2021-6750

Malicious code in bioql PyPI...

5.5CVSS5.5AI score0.00284EPSS

Amazon•added 2025/06/12 12:0 a.m.•4 views

Medium: python3-tornado

Issue Overview: Tornado is a Python web framework and asynchronous networking library. When Tornado's multipart/form-data parser encounters certain errors, it logs a warning but continues trying to parse the remainder of the data. This allows remote attackers to generate an extremely high volume ...

7.5CVSS7.2AI score0.00636EPSS

Exploits0

Tenable Nessus•added 2025/06/12 12:0 a.m.•8 views

Amazon Linux 2023 : python3-tornado (ALAS2023-2025-1002)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1002 advisory. Tornado is a Python web framework and asynchronous networking library. When Tornado's multipart/form- data parser encounters certain errors, it logs a warning but continues trying to parse the remainde...

Tenable Nessus•added 2025/06/12 12:0 a.m.•9 views

Amazon Linux 2 : python3-tornado (ALAS-2025-2889)

The version of python3-tornado installed on the remote host is prior to 5.0.2-4. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2889 advisory. Tornado is a Python web framework and asynchronous networking library. When Tornado's multipart/form- data parser encounter...

Tenable Nessus•added 2025/06/12 12:0 a.m.•9 views

Amazon Linux 2 : python-tornado (ALAS-2025-2888)

The version of python-tornado installed on the remote host is prior to 4.2.1-3. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2888 advisory. Tornado is a Python web framework and asynchronous networking library. When Tornado's multipart/form- data parser encounters...

Amazon•added 2025/06/10 12:0 a.m.•6 views

Medium: python-tornado

7.5CVSS7.3AI score0.00636EPSS

Exploits0

OSV•added 2025/06/06 2:4 p.m.•6 views

OESA-2025-1614 python-tornado security update

Tornado is an open source version of the scalable, non-blocking web server and tools. Security Fixes: Tornado is a Python web framework and asynchronous networking library. When Tornado's multipart/form-data parser encounters certain errors, it logs a warning but continues trying to parse the...

7.5CVSS6.8AI score0.00636EPSS

Exploits0References2

Tenable Nessus•added 2025/05/23 12:0 a.m.•25 views

Python Library Tornado 6.5.0 DoS

The detected version of the Tornado Python package, Tornado, is prior to 6.4.2. It is therefore affected by a DoS vulnerability that happens When Tornado's multipart/form-data parser encounters certain errors, it logs a warning but continues trying to parse the remainder of the data. This allows...