CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

154 matches found

NVD•added 2026/06/11 12:16 p.m.•10 views

CVE-2026-8464

Golem OEE MES is vulnerable to an unauthenticated path traversal flaw. This vulnerability allows an attacker in the same local network to read arbitrary files from the server's operating system by manipulating HTTP request paths. This issue has been fixed in version 11.6.0...

8.3CVSS0.00204EPSS

Exploits0References2

Cvelist•added 2026/06/11 10:32 a.m.•27 views

CVE-2026-8464 Path traversal in Neuron Soft Golem OEE MES

8.3CVSS0.00204EPSS

Exploits0References2

Positive Technologies•added 2026/06/11 12:0 a.m.•11 views

PT-2026-48654

8.3CVSS5.5AI score0.00204EPSS

Exploits0References3

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fixed a memory leak in the mes self test. The fences associated with the mes queue must be freed during amdgpuringfini...

5.5CVSS6.2AI score0.00143EPSS

Exploits0References2

Tenable Nessus•added 2026/01/22 12:0 a.m.•3 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-37853)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37853 advisory. - In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: debugfs hanghws skip GPU wit...

5.5CVSS6.7AI score0.00222EPSS

Exploits0References2

Tenable Nessus•added 2026/01/22 12:0 a.m.•6 views

Azure Linux 3.0 Security Update: kernel (CVE-2024-38581)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-38581 advisory. - In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/mes: fix use-after-free issue...

7.8CVSS6.7AI score0.0023EPSS

Exploits0References2

NVD•added 2026/01/12 10:16 p.m.•6 views

CVE-2026-22788

WebErpMesv2 is a Resource Management and Manufacturing execution system Web for industry. Prior to 1.19, the WebErpMesV2 application exposes multiple sensitive API endpoints without authentication middleware. An unauthenticated remote attacker can read business-critical data including companies,...

8.2CVSS0.00527EPSS

Exploits1References2

Redos•added 2026/01/12 12:0 a.m.•5 views

ROS-20260112-7318

A vulnerability in the amdgpumesremovering function in the drivers/gpu/drm/amd/amdgpu/amdgpumes.c module of the amdgpu driver of the Linux kernel is related to the reuse of previously freed memory. Exploitation of the vulnerability could allow an attacker to affect the confidentiality, integrity...

7.8CVSS6.2AI score0.0023EPSS

Exploits0

RedhatCVE•added 2025/11/11 12:50 p.m.•5 views

CVE-2025-63617

ktg-mes before commit a484f96 2025-07-03 has a fastjson deserialization vulnerability. This is because it uses a vulnerable version of fastjson and deserializes unsafe input data...

6.5CVSS7AI score0.00243EPSS

Exploits1References1

EUVD•added 2025/11/10 9:30 p.m.•4 views

EUVD-2025-50782

ktg-mes before commit a484f96 2025-07-03 has a fastjson deserialization vulnerability. This is because it uses a vulnerable version of fastjson and deserializes unsafe input data...

6.5AI score0.00243EPSS

Exploits1References3

OSV•added 2025/11/10 9:15 p.m.•3 views

CVE-2025-63617

ktg-mes before commit a484f96 2025-07-03 has a fastjson deserialization vulnerability. This is because it uses a vulnerable version of fastjson and deserializes unsafe input data...

6.5CVSS5.8AI score0.00243EPSS

Exploits1References2

NVD•added 2025/11/10 9:15 p.m.•4 views

CVE-2025-63617

ktg-mes before commit a484f96 2025-07-03 has a fastjson deserialization vulnerability. This is because it uses a vulnerable version of fastjson and deserializes unsafe input data...

6.5CVSS0.00243EPSS

Exploits1References2

Cvelist•added 2025/11/10 12:0 a.m.•7 views

CVE-2025-63617

ktg-mes before commit a484f96 2025-07-03 has a fastjson deserialization vulnerability. This is because it uses a vulnerable version of fastjson and deserializes unsafe input data...

0.00243EPSS

Exploits1References2

CNNVD•added 2025/11/10 12:0 a.m.•5 views

ktg-mes 安全漏洞

ktg-mes Bitter Candy MES is a production execution management system by the individual developer kutangguo. A security vulnerability exists in ktg-mes due to the use of a vulnerable version of fastjson and deserialization of insecure input data...

6.5CVSS6.9AI score0.00243EPSS

Exploits1References2

Vulnrichment•added 2025/11/10 12:0 a.m.•4 views

CVE-2025-63617

ktg-mes before commit a484f96 2025-07-03 has a fastjson deserialization vulnerability. This is because it uses a vulnerable version of fastjson and deserializes unsafe input data...

6.7AI score0.00243EPSS

Exploits1References2

Positive Technologies•added 2025/11/10 12:0 a.m.•6 views

PT-2025-46192

Name of the Vulnerable Software and Affected Versions ktg-mes versions prior to commit a484f96 2025-07-03 Description The software contains a fastjson deserialization issue. This occurs due to the use of a vulnerable version of fastjson and the deserialization of untrusted input data...

6.7AI score0.00243EPSS

Exploits1References4

CVE•added 2025/11/10 12:0 a.m.•11 views

CVE-2025-63617

CVE-2025-63617 affects ktg-mes prior to commit a484f96 (2025-07-03), featuring a deserialization vulnerability in fastjson due to deserializing unsafe input. Root cause: use of a vulnerable fastjson version in ktg-mes leading to incomplete input validation during deserialization. Impact (per CVSS...

6.5CVSS6.7AI score0.00243EPSS

Exploits1References2Affected Software1

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2017-18566

Malware in sbrugna...

3.9CVSS4.7AI score0.0024EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•7 views

EUVD-2017-18568

Malware in sbrugna...

4.1CVSS4.7AI score0.00238EPSS

Exploits0References4