CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware a24a99ddaa80c4d726f189f11309cdab74b4343f1e567ec3c5fd01fcd9832b3c Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score

Exploits0References1

Tenable Nessus•added 2025/10/07 12:0 a.m.•2 views

Unity Linux 20.1070a Security Update: firefox (UTSA-2025-987439)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987439 advisory. An attacker who enumerated resources from the WebCompat extension could have obtained a persistent UUID that identified the browser, and persisted between containers...

4.3CVSS6.4AI score0.00249EPSS

Exploits0References4

Tenable Nessus•added 2025/10/07 12:0 a.m.•1 views

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414635)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414635 advisory. The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went too fa...

6.5CVSS6.7AI score0.00332EPSS

Exploits0References3

NVD•added 2025/10/06 4:15 p.m.•9 views

CVE-2025-61687

Flowise is a drag & drop user interface to build a customized large language model flow. A file upload vulnerability in version 3.0.7 of FlowiseAI allows authenticated users to upload arbitrary files without proper validation. This enables attackers to persistently store malicious Node.js web...

8.8CVSS0.10182EPSS

Exploits2References9

EUVD•added 2025/10/06 3:54 p.m.•4 views

EUVD-2025-32548

8.3CVSS7.1AI score0.10182EPSS

Exploits2References9

Packet Storm•added 2025/10/06 12:0 a.m.•129 views

📄 Mac OS X Persistent Payload Installer

This Metasploit module provides a persistent boot payload by creating a launch item, which can be a LaunchAgent or a LaunchDaemon. LaunchAgents run with user level permissions and are triggered upon login by a plist entry in /Library/LaunchAgents. LaunchDaemons run with elevated privileges, and a...

6.9AI score

Exploits0

Positive Technologies•added 2025/10/06 12:0 a.m.•5 views

PT-2025-40908

Name of the Vulnerable Software and Affected Versions Flowise version 3.0.7 Description Flowise, a drag & drop user interface for building customized large language model flows, contains a file upload issue. Authenticated users can upload arbitrary files without proper validation, enabling...

8.3CVSS7AI score0.10182EPSS

Exploits2References15

Packet Storm News•added 2025/10/05 12:0 a.m.•5 views

Cyber Warfare during Operation Sindoor: Malware Campaign Analysis and Detection Framework

Rapid digitization of critical infrastructure has made cyberwarfare one of the important dimensions of modern conflicts. Attacking the critical infrastructure is an attractive pre-emptive proposition for adversaries as it can be done remotely without crossing borders. Such attacks disturb the...

6.9AI score

Exploits0

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2023-58660

Malicious code in bioql PyPI...

6.3CVSS5.8AI score0.00388EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-25715

Malicious code in bioql PyPI...

5.5CVSS5.7AI score0.00119EPSS

Exploits0References1