CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

18 matches found

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-20034

Malware in sbrugna...

7.1CVSS6.9AI score0.00176EPSS

Exploits1References4

OSSF Malicious Packages•added 2025/08/14 6:52 p.m.•2 views

Malicious code in yam-mmi-project (npm)

The package yam-mmi-project was found to contain malicious code...

7AI score

Exploits0

OSV•added 2025/08/14 6:52 p.m.•1 views

MAL-2025-40166 Malicious code in yam-mmi-project (npm)

The package yam-mmi-project was found to contain malicious code...

7.2AI score

Exploits0

Vulnrichment•added 2024/05/03 12:0 a.m.•18 views

CVE-2024-27453

In Extreme XOS through 22.6.1.4, a read-only user can escalate privileges to root via a crafted HTTP POST request to the python method of the Machine-to-Machine Interface MMI...

7.1AI score0.00291EPSS

Exploits1References2

Cvelist•added 2024/05/03 12:0 a.m.•13 views

CVE-2024-27453

In Extreme XOS through 22.6.1.4, a read-only user can escalate privileges to root via a crafted HTTP POST request to the python method of the Machine-to-Machine Interface MMI...

7AI score0.00291EPSS

Exploits1References2

CVE•added 2024/05/03 12:0 a.m.•57 views

CVE-2024-27453

Summary: CVE-2024-27453 affects Extreme XOS up to version 22.6.1.4. A read-only user can escalate to root by sending a crafted HTTP POST to the Machine-to-Machine Interface (MMI) Python method. This is a network-accessible vulnerability with no user interaction required. Affected software/area: E...

8.6CVSS7AI score0.00291EPSS

Exploits1References2Affected Software1

NVD•added 2023/08/29 9:15 a.m.•9 views

CVE-2023-23771

Motorola MBTS Base Radio accepts hard-coded backdoor password. The Motorola MBTS Base Radio Man Machine Interface MMI, allowing for service technicians to diagnose and configure the device, accepts a hard-coded backdoor password that cannot be changed or disabled...

8.4CVSS8.5AI score0.00035EPSS

Exploits0References1

NVD•added 2023/08/29 9:15 a.m.•9 views

CVE-2023-23770

Motorola MBTS Site Controller accepts hard-coded backdoor password. The Motorola MBTS Site Controller Man Machine Interface MMI, allowing for service technicians to diagnose and configure the device, accepts a hard-coded backdoor password that cannot be changed or disabled...

9.8CVSS9.5AI score0.00107EPSS

Exploits0References1

Prion•added 2023/08/29 9:15 a.m.•11 views

Hardcoded credentials

4.6CVSS8.3AI score0.00035EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2023/08/29 8:47 a.m.•67 views

CVE-2023-23770

9.4CVSS7.1AI score0.00107EPSS

Exploits0References1

OSV•added 2020/11/11 3:15 p.m.•2 views

CVE-2020-27524

On Audi A7 MMI 2014 vehicles, the Bluetooth stack in Audi A7 MMI Multiplayer with version N+RCNAUP0395 mishandles %x and %s format string specifiers in a device name. This may lead to memory content leaks and potentially crash the services...

7.1CVSS5.8AI score

Exploits0References3

Prion•added 2020/11/11 3:15 p.m.•10 views

Format string

4.8CVSS6.8AI score0.00176EPSS

Exploits1References3Affected Software1

Cvelist•added 2020/11/11 2:20 p.m.•7 views

CVE-2020-27524

6.9AI score0.00176EPSS

Exploits1References3

CVE•added 2020/11/11 2:20 p.m.•31 views

CVE-2020-27524

The CVE-2020-27524 entry concerns the Bluetooth stack in the Audi A7 MMI 2014 family, specifically the MMI Multiplayer variant labeled N+R_CN_AU_P0395. The underlying issue is a mishandling of %x and %s format string specifiers in a device name, which can lead to memory content leaks and may caus...

7.1CVSS6.8AI score0.00176EPSS

Exploits1References3Affected Software1

Tenable Nessus•added 2019/10/15 12:0 a.m.•49 views

SUSE SLED12 / SLES12 Security Update : binutils (SUSE-SU-2019:2650-1)

This update for binutils fixes the following issues : binutils was updated to current 2.32 branch @7b468db3 jscECO-368 : Includes the following security fixes : CVE-2018-17358: Fixed invalid memory access in bfdstabsectionfindnearestline in syms.c bsc1109412 CVE-2018-17359: Fixed invalid memory...

7.8CVSS6.6AI score0.0076EPSS

Exploits15References55

Openbugbounty•added 2018/07/09 12:34 a.m.•12 views

mmi-g.co.jp XSS vulnerability

Open Bug Bounty ID: OBB-642776 Description| Value ---|--- Affected Website:| mmi-g.co.jp Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Exploits0

Prion•added 2018/05/02 3:29 p.m.•20 views

Design/Logic Flaw

The NotificationBroadcastReceiver class in the com.android.phone process in Google Android 4.1.1 through 4.4.2 allows attackers to bypass intended access restrictions and consequently make phone calls to arbitrary numbers, send mmi or ussd codes, or hangup ongoing calls via a crafted application...

6.8CVSS7AI score0.00139EPSS

Exploits1References5Affected Software1