CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

791 matches found

CVE-2026-35716

A stack-based buffer overflow in the motionprivacy.cgi binary in VIVOTEK FD8136 firmware FD8136-VVTK-0300a allows authenticated remote attackers to execute arbitrary code as root via an oversized n1 parameter in a POST request to the /cgi-bin/admin/setpm.cgi, /cgi-bin/admin/setmd.cgi, or...

6.3CVSS6.5AI score0.00053EPSS

Exploits0References1

Nuclei•added yesterday•6 views

Schneider Electric U.motion Builder - SQL Injection

The vulnerability exists within processing of trackimportexport.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the objectid input parameter. id: CVE-2018-7765 info: name: Schneider Electric U.motion...

8.8CVSS7.4AI score0.06089EPSS

Exploits3References2

NVD•added 2 days ago•6 views

CVE-2026-35716

6.3CVSS0.00053EPSS

Exploits0References2

ATTACKERKB•added 2 days ago•3 views

CVE-2026-35716

6.5AI score0.00053EPSS

Exploits0References3

Cvelist•added 2 days ago•33 views

CVE-2026-35716

0.00053EPSS

Exploits0References2

EUVD•added 2 days ago•6 views

EUVD-2026-33969

6.5AI score0.00053EPSS

Exploits0References2

CVE•added 2 days ago•4 views

CVE-2026-35716

CVE-2026-35716 describes a stack-based buffer overflow in the motion_privacy.cgi binary of VIVOTEK FD8136 firmware (FD8136-VVTK-0300a). The issue occurs when an oversized n1 parameter in a POST request to endpoints /cgi-bin/admin/setpm.cgi, /cgi-bin/admin/setmd.cgi, or /cgi-bin/admin/setmd_profil...

6.3CVSS6.5AI score0.00053EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2 days ago•1 views

CVE-2026-35716

6.5AI score0.00053EPSS

Exploits0References2

OSV•added 3 days ago•2 views

UBUNTU-CVE-2025-60486

A heap use-after-free in the dasherprocess function /filters/dasher.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted MPEG-2 file...

5.5CVSS5.8AI score0.00012EPSS

Exploits0References7

Snyk•added 3 days ago•2 views

Malicious Package

Overview motion-tool is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorshi...

9.8CVSS5.8AI score

Exploits0References2

Patchstack•added 2026/05/26 3:52 p.m.•5 views

WordPress Animation Addons for Elementor – GSAP Motion Elementor Addons & Website Templates plugin <= 2.6.3 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Osvaldo Noe Gonzalez Del Rio Os - krei.dev | ogbuilders.io in WordPress Plugin Animation Addons for Elementor versions = 2.6.3...

5.8AI score

Exploits0References1Affected Software1

OSSF Malicious Packages•added 2026/05/25 7:8 p.m.•6 views

Malicious code in motion-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f13ebafd858996faf32f6987cd969b933bf5c31c7ac329cf55f160bb6bbf6007 This package masquerades as the pino logger README copied from pino, exports module.exports.pino = middleware but its middleware does no logging. Whe...

6.3AI score

Exploits0References2

Snyk•added 2026/05/25 8:47 a.m.•4 views

Malicious Package

Overview motion-ui-tool is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.8AI score

Exploits0References2

OSV•added 2026/05/25 8:47 a.m.•7 views

MAL-2026-4321 Malicious code in motion-ui-tool (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 21ddce58f1bde22bf0563aee5f71aefe48c82ad61076557935bf8fff16eb9df3 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

5.8AI score

Exploits0References1

OSSF Malicious Packages•added 2026/05/25 8:47 a.m.•9 views

Malicious code in motion-ui-tool (npm)

5.8AI score

Exploits0References1

OSV•added 2026/05/20 1:4 p.m.•7 views

USN-8285-1 gst-plugins-good1.0 vulnerability

It was discovered that GStreamer Good Plugins incorrectly handled certain MOV/MP4 media files. A remote attacker could use this issue to cause GStreamer Good Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.4AI score

Exploits0References2

Ubuntu•added 2026/05/20 1:4 p.m.•8 views

USN-8285-1: GStreamer Good Plugins vulnerability

7.4AI score

Exploits0

AstraLinux•added 2026/05/20 5:53 a.m.•7 views

Astra Linux - уязвимость в libde265

It was discovered that Libde265 v1.0.8 contains a heap-buffer-overflow vulnerability through the use of mcluma in the motion.cc library. This vulnerability allows attackers to cause a Denial of Service DoS attack by using a specially crafted video file...

6.5CVSS6.9AI score0.00391EPSS

Exploits1References2

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в libde265

It was discovered that Libde265 v1.0.8 contains a heap-buffer-overflow vulnerability through the use of putqpelfallback in fallback-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS attack using a specially crafted video file...

6.5CVSS6.9AI score0.00299EPSS

Exploits1References2

AstraLinux•added 2026/05/20 5:53 a.m.•1 views

Astra Linux - уязвимость в libde265

It was discovered that Libde265 v1.0.8 contains a heap-buffer-overflow vulnerability through the ffhevcputhevcepelpixels8sse function in sse-motion.cc. This vulnerability allows attackers to cause a Denial of Service DoS attack using a crafted video file...

6.5CVSS6.9AI score0.00335EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by