CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Rockylinux•added 2025/07/29 1:38 p.m.•5 views

python36:3.6 security update

An update is available for module.python-virtualenv, python-virtualenv, python-distro, module.scipy, module.python-nose, module.python-wheel, module.python36, module.python-docutils, module.python-pygments, module.python-PyMySQL, python36, python-docs, python-pygments, scipy, python-PyMySQL,...

8.1CVSS6.4AI score0.00663EPSS

Rockylinux•added 2025/07/29 1:38 p.m.•5 views

idm:DL1 security update

An update is available for python-jwcrypto, module.bind-dyndb-ldap, python-yubico, bind-dyndb-ldap, slapi-nis, module.python-qrcode, custodia, module.opendnssec, ipa-healthcheck, module.softhsm, softhsm, module.ipa, module.ipa-healthcheck, python-qrcode, module.custodia, module.python-yubico, ipa...

9.1CVSS9.4AI score0.01827EPSS

Exploits1

Rockylinux•added 2025/07/29 1:38 p.m.•4 views

nodejs:20 security update

An update is available for module.nodejs-nodemon, nodejs, nodejs-nodemon, nodejs-packaging, module.nodejs, module.nodejs-packaging. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

8.3CVSS7.5AI score0.00523EPSS

Rockylinux•added 2025/07/29 1:38 p.m.•4 views

go-toolset:rhel8 security update

An update is available for module.go-toolset, golang, module.delve, go-toolset, module.golang, delve. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Go Toolset...

6.8CVSS6.9AI score0.0056EPSS

Rockylinux•added 2025/07/29 1:38 p.m.•6 views

python39:3.9 security update

An update is available for python-cffi, module.numpy, module.python3x-setuptools, module.python-psutil, python-urllib3, module.scipy, python-lxml, python-pycparser, python3x-pip, module.python-wheel, python3x-six, PyYAML, python-chardet, module.python-idna, module.python3x-six, python-psutil,...

7.5CVSS7.2AI score0.0069EPSS

Exploits1

NVD•added 2025/07/29 12:15 a.m.•5 views

CVE-2025-54769

An authenticated, read-only user can upload a file and perform a directory traversal to have the uploaded file placed in a location of their choosing. This can be used to overwrite existing PERL modules within the application to achieve remote code execution RCE by an attacker...

8.8CVSS0.02864EPSS

Exploits4References3

OSV•added 2025/07/29 12:15 a.m.•6 views

CVE-2025-54769

8.8CVSS6.3AI score0.02864EPSS

Exploits4References3

OSV•added 2025/07/28 7:57 p.m.•5 views

GO-2025-3783 OpenBao allows cancellation of root rekey and recovery rekey operations without authentication in github.com/openbao/openbao

OpenBao allows cancellation of root rekey and recovery rekey operations without authentication in github.com/openbao/openbao...

7.5CVSS6.3AI score0.00331EPSS

Exploits0References5

Gitee•added 2025/07/27 4:32 a.m.•248 views

redis-rce

Redis RCE A exploit for Redis 4.x/5.x RCE, inspired by Redis post-exploitation. This repo is a modified version of . Usage: Compile exp.so from . usage: redis-rce.py -h -r RHOST -p RPORT -L LHOST -P LPORT -f FILE -a AUTH -v Redis 4.x/5.x RCE with RedisModules optional arguments: -h, --help show...

Gitee•added 2025/07/27 3:55 a.m.•136 views

isf

This is a Python-based exploitation framework called ISF Industrial Exploitation Framework that is similar to Metasploit. It is designed for industrial control system ICS exploitation and is used for testing and demonstrating vulnerabilities in ICS devices. The framework is based on the open-sour...

Gitee•added 2025/07/27 3:36 a.m.•86 views

PoC

Pedro Ribeiro @pedrib Exploit Dumping Grounds === This repository contains information, exploits, scripts, etc, that I have made public and it is located at https://github.com/pedrib/PoC. advisories: all my public advisories, research notes, etc Pwn2Own: advisories related to my Pwn2Own...

7.5AI score

OSSF Malicious Packages•added 2025/07/26 3:2 p.m.•6 views

Malicious code in prof-qux (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 5b87af8d8f13bd43c1cf3490ea551b8d60fe05a482875597ef2fe5d2c200ca19 Package silently exfiltrates user's credentials ahead of starting the promised functionality. First batch used simple code, the newer attempt to hide...

OSV•added 2025/07/26 3:2 p.m.•1 views

MAL-2025-191821 Malicious code in prof-qux (PyPI)

6.9AI score

OSV•added 2025/07/25 9:55 p.m.•3 views

MAL-2025-191822 Malicious code in prof-qx (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 eb25a7704dc642f82be2ae6a92dcd60cc3235144351fbc18cd11ca96d970c7e3 Package silently exfiltrates user's credentials ahead of starting the promised functionality. First batch used simple code, the newer attempt to hide...

6.9AI score

NVD•added 2025/07/25 7:15 p.m.•3 views

CVE-2025-52453

Server-Side Request Forgery SSRF vulnerability in Salesforce Tableau Server on Windows, Linux Flow Data Source modules allows Resource Location Spoofing. This issue affects Tableau Server: before 2025.1.3, before 2024.2.12, before 2023.3.19...

8.2CVSS0.00288EPSS

Exploits0References1

CVE•added 2025/07/25 7:5 p.m.•22 views

CVE-2025-52453

CVE-2025-52453 is a Server-Side Request Forgery (SSRF) vulnerability in Salesforce Tableau Server on Windows and Linux, specifically in the Flow Data Source modules, that enables Resource Location Spoofing. Affected Tableau Server versions are before 2025.1.3, before 2024.2.12, and before 2023.3....

8.2CVSS6.7AI score0.00288EPSS

Exploits0References1Affected Software1

OSSF Malicious Packages•added 2025/07/25 12:14 p.m.•4 views

Malicious code in prof-qu (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9f83d01100c725673d7685ad3e206d71bb2f18d371a452cd2927d1391ec02cf4 Package silently exfiltrates user's credentials ahead of starting the promised functionality. First batch used simple code, the newer attempt to hide...