CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4512 matches found

Positive Technologies•added 2025/04/08 12:0 a.m.•5 views

PT-2025-15322 · Unknown · Esafenet Cdg

Name of the Vulnerable Software and Affected Versions: ESAFENET CDG version 5.6.3.154.205 20250114 Description: A critical issue has been found, affecting some unknown functionality of the file /pubinfo/updateNotice.jsp. The manipulation of the ID argument leads to SQL injection. The attack can b...

9.8CVSS7.6AI score0.00522EPSS

Exploits1References8

Positive Technologies•added 2025/04/04 12:0 a.m.•6 views

PT-2025-14830 · Tenda · Tenda W18E

Name of the Vulnerable Software and Affected Versions: Tenda W18E version 16.01.0.11 Description: A problematic vulnerability was found in Tenda W18E, affecting the formSetAccountList function of the file /goform/setModules. The manipulation of the Password argument leads to a stack-based buffer...

5.3CVSS5AI score0.00499EPSS

Exploits0References12

Positive Technologies•added 2025/04/03 12:0 a.m.•5 views

PT-2025-14628 · Unknown · Project Worlds Online Lawyer Management System

Name of the Vulnerable Software and Affected Versions: Project Worlds Online Lawyer Management System version 1.0 Description: A critical issue has been found, affecting the /single lawyer.php file. The manipulation of the u id argument leads to SQL injection. This issue can be exploited remotely...

9.8CVSS8.1AI score0.00445EPSS

Exploits0References10

Positive Technologies•added 2025/04/03 12:0 a.m.•4 views

PT-2025-14629 · Fastcms · Fastcms

Name of the Vulnerable Software and Affected Versions: FastCMS version 0.1.5 Description: A critical issue affects the JWT Handler component, where the manipulation leads to the use of a hard-coded cryptographic key. The attack can be initiated remotely, with a rather high complexity, making...

8.1CVSS7AI score0.00398EPSS

Exploits1References11

Positive Technologies•added 2025/04/03 12:0 a.m.•2 views

PT-2025-14626 · Unknown · Project Worlds Online Lawyer Management System

Name of the Vulnerable Software and Affected Versions: Project Worlds Online Lawyer Management System version 1.0 Description: A critical issue has been discovered, affecting an unknown functionality of the file /searchLawyer.php. The manipulation of the experience argument leads to SQL injection...

9.8CVSS7.6AI score0.00478EPSS

Exploits1References10

Positive Technologies•added 2025/04/02 12:0 a.m.•5 views

PT-2025-14562 · Pytorch +1 · Pytorch +1

Name of the Vulnerable Software and Affected Versions: PyTorch version 2.6.0 Description: A problematic vulnerability has been found in PyTorch, affecting the function torch.jit.jit module from flatbuffer. This issue leads to memory corruption and requires local access to exploit. The exploit has...

5.5CVSS3.9AI score0.00236EPSS

Exploits1References20

CBLMariner•added 2025/03/19 3:8 p.m.•15 views

CVE-2022-3162 affecting package rook for versions less than 1.6.2-24

CVE-2022-3162 affecting package rook for versions less than 1.6.2-24. A patched version of the package is available...

6.5CVSS7.7AI score0.01191EPSS

Exploits0

RedhatCVE•added 2025/03/12 3:10 p.m.•12 views

CVE-2025-1497

A vulnerability, that could result in Remote Code Execution RCE, has been found in PlotAI. Lack of validation of LLM-generated output allows attacker to execute arbitrary Python code. Vendor commented out vulnerable line, further usage of the software requires uncommenting it and thus accepting t...

9.8CVSS8.3AI score0.00952EPSS

Exploits0References1

Positive Technologies•added 2025/03/12 12:0 a.m.•4 views

PT-2025-12495 · D Link · D-Link Dap-1620

Name of the Vulnerable Software and Affected Versions: D-Link DAP-1620 version 1.03 Description: A critical vulnerability has been found in the D-Link DAP-1620, affecting the mod graph auth uri handler function of the Authentication Handler component. This vulnerability leads to a stack-based...

10CVSS9.8AI score0.07486EPSS

Exploits2References22

Positive Technologies•added 2025/03/11 12:0 a.m.•4 views

PT-2025-10850

Name of the Vulnerable Software and Affected Versions: Microsoft Windows affected versions not specified Description: The issue allows remote attackers to execute arbitrary code and affect the system. It involves a relative path traversal in the Remote Desktop Client, enabling unauthorized...

10CVSS7.7AI score0.03227EPSS

Exploits0References19

Positive Technologies•added 2025/03/11 12:0 a.m.•3 views

PT-2025-10847 · Microsoft · Visual Studio Code

Name of the Vulnerable Software and Affected Versions: Visual Studio Code affected versions not specified Description: The issue is related to an uncontrolled search path element that allows an authorized attacker to elevate privileges locally. There is no information provided about the estimated...

7.3CVSS8.4AI score0.00525EPSS

Exploits0References7

Positive Technologies•added 2025/03/11 12:0 a.m.•8 views

PT-2025-17553 · Totolink · Totolink A810R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A810R version 4.1.2cu.5182 B20201026 Description: A stack overflow issue was discovered via the startTime and endTime parameters in the setParentalRules function. Recommendations: For TOTOLINK A810R version 4.1.2cu.5182 B20201026, as...

10CVSS6.5AI score0.00375EPSS

Exploits1References9

PyPA•added 2025/03/10 2:15 p.m.•7 views

PYSEC-2025-22

A vulnerability, that could result in Remote Code Execution RCE, has been found in PlotAI. Lack of validation of LLM-generated output allows attacker to execute arbitrary Python code.Vendor commented out vulnerable line, further usage of the software requires uncommenting it and thus accepting th...

9.8CVSS7.8AI score0.00952EPSS

Exploits0References5Affected Software1

NVD•added 2025/03/10 2:15 p.m.•36 views

CVE-2025-1497

9.8CVSS0.00952EPSS

Exploits0References4

OSV•added 2025/03/10 2:15 p.m.•16 views

CVE-2025-1497

9.8CVSS7.6AI score0.00952EPSS

Exploits0References4

Cvelist•added 2025/03/10 1:56 p.m.•40 views

CVE-2025-1497 Remote Code Execution in PlotAI

9.3CVSS0.00952EPSS

Exploits0References4

Tenable Nessus•added 2025/03/06 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2024-5841

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in V8 in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium...

8.8CVSS8.1AI score0.00477EPSS

Exploits0References2

Tenable Nessus•added 2025/03/06 12:0 a.m.•7 views

Linux Distros Unpatched Vulnerability : CVE-2025-1149

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in GNU Binutils 2.43. It has been classified as problematic. This affects the function xstrdup of the file libiberty/xmalloc.c of the...

3.1CVSS4.2AI score0.00531EPSS

Exploits1References4

Tenable Nessus•added 2025/03/06 12:0 a.m.•14 views

Linux Distros Unpatched Vulnerability : CVE-2024-56587

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - leds: class: Protect brightnessshow with ledcdev-ledaccess mutex There is NULL pointer issue observed if from Process A where hid device being added which resul...

5.5CVSS6.6AI score0.00249EPSS

Exploits0References3

Tenable Nessus•added 2025/03/06 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2020-25742

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - pcichangeirqlevel in hw/pci/pci.c in QEMU before 5.1.1 has a NULL pointer dereference because pcigetbus might not return a valid pointer. CVE-2020-25742 Note th...

3.2CVSS6.2AI score0.00461EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by