CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1180 matches found

RedhatCVE•added 2025/10/15 6:36 a.m.•4 views

CVE-2025-8594

The Pz-LinkCard WordPress plugin before 2.5.7 does not validate a parameter before making a request to it, which could allow users with a role as low as Contributor to perform SSRF attack...

3.8CVSS6.7AI score0.00032EPSS

Exploits0References1

CNNVD•added 2025/10/15 12:0 a.m.•2 views

BESTWOND Intelligent Flow Control Router 安全漏洞

BESTWOND Intelligent Flow Control Router is an intelligent flow control router from China's BESTWOND. A security vulnerability exists in the BESTWOND Intelligent Flow Control Router that stems from not properly validating the path parameter and displaying it back to the shell environment, which...

9.3CVSS7AI score0.00296EPSS

Exploits0References4

EUVD•added 2025/10/14 6:31 a.m.•1 views

EUVD-2025-34142

The Pz-LinkCard WordPress plugin before 2.5.7 does not validate a parameter before making a request to it, which could allow users with a role as low as Contributor to perform SSRF attack...

3.8CVSS6.2AI score0.00032EPSS

Exploits0References3

NVD•added 2025/10/14 6:15 a.m.•2 views

CVE-2025-8594

The Pz-LinkCard WordPress plugin before 2.5.7 does not validate a parameter before making a request to it, which could allow users with a role as low as Contributor to perform SSRF attack...

3.8CVSS0.00032EPSS

Exploits0References1

Cvelist•added 2025/10/14 6:0 a.m.•6 views

CVE-2025-8594 Pz-LinkCard < 2.5.7 - Contributor+ SSRF

The Pz-LinkCard WordPress plugin before 2.5.7 does not validate a parameter before making a request to it, which could allow users with a role as low as Contributor to perform SSRF attack...

0.00032EPSS

Exploits0References1

Positive Technologies•added 2025/10/14 12:0 a.m.•3 views

PT-2025-41851

Name of the Vulnerable Software and Affected Versions Pz-LinkCard WordPress plugin versions prior to 2.5.7 Description The software does not properly validate a parameter before using it in a request, potentially allowing Server-Side Request Forgery SSRF attacks. Users with Contributor privileges...

3.8CVSS6.6AI score0.00032EPSS

Exploits0References3

Tenable Nessus•added 2025/10/08 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2025-39909

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/damon/lrusort: avoid divide-by-zero in damonlrusortapplyparameters Patch series mm/damon: avoid divide-by-zero in DAMON module's parameters application...

5.5CVSS6AI score0.00019EPSS

Exploits0References2

CVE•added 2025/10/07 12:37 p.m.•9 views

CVE-2025-40889

CVE-2025-40889 involves a path traversal in Nozomi Networks Guardian/CMC Time Machine functionality caused by inadequate validation of two input parameters. An authenticated user with limited privileges can craft requests to potentially alter file structures/content in the /data directory or affe...

8.1CVSS6.3AI score0.00095EPSS

Exploits0References1Affected Software2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-28812

Malware in sbrugna...

9.3CVSS8.6AI score0.00734EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-23506

Malware in sbrugna...

10CVSS9.4AI score0.00767EPSS

Exploits0References2