CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2147 matches found

Positive Technologies•added 2025/10/13 12:0 a.m.•3 views

PT-2025-41763

Name of the Vulnerable Software and Affected Versions Kiloview N30 version 2.02.246 Description The firmware contains a hardcoded TLS private key and certificate. This allows a malicious actor to perform a man-in-the-middle attack over the network. Recommendations At the moment, there is no...

8.7CVSS6.3AI score0.00041EPSS

Exploits0References4

NVD•added 2025/10/12 10:15 p.m.•2 views

CVE-2025-11647

A flaw has been found in Tomofun Furbo 360 and Furbo Mini. This issue affects some unknown processing of the component GATT Service. This manipulation of the argument DeviceToken causes information disclosure. The attack is only possible within the local network. A high degree of complexity is...

6.8CVSS0.00048EPSS

Exploits1References4

CVE•added 2025/10/12 9:32 p.m.•5 views

CVE-2025-11647

The CVE-2025-11647 issue affects Tomofun Furbo 360 and Furbo Mini, specifically the GATT Service handling. Affects Furbo 360 up to FB0035_FW_036 and Furbo Mini up to MC0020_FW_074. The root cause is manipulation of the DeviceToken argument in the GATT Service, leading to information disclosure. E...

6.8CVSS3.3AI score0.00048EPSS

Exploits1References4Affected Software1

CNNVD•added 2025/10/12 12:0 a.m.•1 views

Tomofun Furbo 360和Tomofun Furbo Mini 访问控制错误漏洞

Tomofun Furbo 360 and Tomofun Furbo Mini are both smart pet cameras from Tomofun Corporation of Taiwan, China. An access control error vulnerability exists in Tomofun Furbo 360 FB0035FW036 and earlier versions and Tomofun Furbo Mini MC0020FW074 and earlier versions, which stems from improper acce...

8.1CVSS6.3AI score0.00032EPSS

Exploits1References5

EUVD•added 2025/10/09 9:31 p.m.•2 views

EUVD-2025-33550

Improper neutralization of input during web page generation 'cross-site scripting' in Azure Monitor allows an authorized attacker to perform spoofing over a network...

8.7CVSS6.3AI score0.00071EPSS

Exploits0References2

NVD•added 2025/10/09 9:15 p.m.•3 views

CVE-2025-55321

Improper neutralization of input during web page generation 'cross-site scripting' in Azure Monitor allows an unauthorized attacker to perform spoofing over a network...

9.3CVSS0.00071EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•6 views

EUVD-2017-1808

Malware in sbrugna...

5.8CVSS5.5AI score0.00407EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2016-7019

Malware in sbrugna...

6.5CVSS6.9AI score0.00175EPSS

Exploits0References3