CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

OSV•added 2025/12/19 4:15 p.m.•1 views

CVE-2025-34433

AVideo versions 14.3.1 prior to 20.1 contain an unauthenticated remote code execution vulnerability caused by predictable generation of an installation salt using PHP uniqid. The installation timestamp is exposed via a public endpoint, and a derived hash identifier is accessible through...

9.3CVSS8.5AI score

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2019-15028

Malware in sbrugna...

8.1CVSS8.1AI score0.00377EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2016-3638

Malware in sbrugna...

5.9CVSS5.9AI score0.00305EPSS

Exploits0References4

OSV•added 2019/05/28 7:29 p.m.•17 views

CVE-2019-5440

Use of cryptographically weak PRNG in the password recovery token generation of Revive Adserver v4.2.1 causes a potential authentication bypass attack if an attacker exploits the password recovery functionality. In lib/OA/Dal/PasswordRecovery.php, the function generateRecoveryId generates a...

8.1CVSS7.3AI score

Exploits0References1

OSV•added 2017/04/23 3:59 p.m.•3 views

CVE-2016-2564

Invision Power Services IPS Community Suite before 4.1.9 makes session hijack easier by relying on the PHP uniqid function without the moreentropy flag. Attackers can guess an Invision Power Board session cookie if they can predict the exact time of cookie generation...

5.9CVSS5.8AI score0.00305EPSS

Exploits0References2