CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

58 matches found

RedhatCVE•added 2026/06/05 7:20 p.m.•7 views

CVE-2026-41060

WWBN AVideo is an open source video platform. In versions 29.0 and below, the isSSRFSafeURL function in objects/functions.php contains a same-domain shortcircuit lines 4290-4296 that allows any URL whose hostname matches webSiteRootURL to bypass all SSRF protections. Because the check compares on...

7.7CVSS5.6AI score0.0004EPSS

Exploits1References1

Cvelist•added 2026/06/04 9:51 p.m.•28 views

CVE-2024-6858 In Arista’s EOS when in 802.1X mode, multi-auth unauthenticated hosts might be allowed access to a switch port if there exists an EAPOL capable device in the fallback VLAN.

In Arista’s EOS when in 802.1X mode, multi-auth unauthenticated hosts might be allowed access to a switch port if there exists an EAPOL capable device in the fallback VLAN...

0.00099EPSS

Exploits0References1

Vulnrichment•added 2026/04/14 3:5 p.m.•1 views

CVE-2026-4832

CWE-798 Use of Hard-coded Credentials vulnerability exists that could cause unauthorized access to sensitive device information when an unauthenticated attacker is able to interrogate the SNMP port...

6.9CVSS5.8AI score0.00113EPSS

Exploits0References1

Tenable Nessus•added 2026/01/27 12:0 a.m.•2 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005147)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005147 advisory. In the Linux kernel, the following vulnerability has been resolved: serial: protect uartportdtrrts in uartshutdown too Commit af224ca2df29 serial: core: Prevent...

5.5CVSS5.8AI score0.00013EPSS

Exploits0References3

EUVD•added 2025/12/16 5:19 a.m.•2 views

EUVD-2025-203500

An Improper Access Control vulnerability in Advantech SUSI driver susi.sys allows attackers to read/write arbitrary memory, I/O ports, and MSRs, resulting in privilege escalation, arbitrary code execution, and information disclosure. This issue affects Advantech SUSI: 5.0.24335 and prior...

8.5CVSS6.8AI score0.00016EPSS

Exploits0References2

Vulnrichment•added 2025/12/16 5:19 a.m.•1 views

CVE-2025-14252

8.5CVSS6.9AI score0.00016EPSS

Exploits0References1

RedhatCVE•added 2025/10/23 9:13 a.m.•4 views

CVE-2025-41109

Ghost Robotics Vision 60 v0.27.2 includes, among its physical interfaces, three RJ45 connectors and a USB Type-C port. The vulnerability is due to the lack of authentication mechanisms when establishing connections through these ports. Specifically, with regard to network connectivity, the robot'...

8.7CVSS7AI score0.00023EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2019-3771

Malware in sbrugna...

9.8CVSS9.2AI score0.01146EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2019-2633

Malware in sbrugna...

9.4CVSS9AI score0.00595EPSS

Exploits3References7

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2020-8563

Malware in sbrugna...

8.1CVSS7.8AI score0.07085EPSS

Exploits4References6

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2000-0149

Malware in sbrugna...

7.5CVSS6.4AI score0.00471EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-2893

Malicious code in bioql PyPI...

2.1CVSS6.3AI score0.00216EPSS

Exploits0References10

RedhatCVE•added 2025/05/21 8:33 p.m.•7 views

CVE-2002-2110

The RCA Digital Cable Modems DCM225 and DCM225E allow remote attackers to cause a denial of service modem device reset by connecting to port 80 on the 10.0.0.0/8 device...

5CVSS7AI score0.01099EPSS

Exploits0References1

RedhatCVE•added 2025/04/25 5:57 p.m.•6 views

CVE-2025-32858

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UpdateWebServerGatewaySettings' method. This could allow an authenticated remote attacker to bypass authorization controls, t...

8.8CVSS7.8AI score0.00045EPSS

Exploits0References1

RedhatCVE•added 2025/04/25 5:49 p.m.•6 views

CVE-2025-32852

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'LockDatabaseSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read fro...

8.8CVSS7.8AI score0.00054EPSS

Exploits0References1

RedhatCVE•added 2025/04/25 5:24 p.m.•4 views

CVE-2025-32822

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'DeleteProject' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and...

8.8CVSS7.8AI score0.0004EPSS

Exploits0References1

NVD•added 2025/04/16 6:16 p.m.•10 views

CVE-2025-32867

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'CreateBackup' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and...

8.8CVSS0.00045EPSS

Exploits0References1

Cvelist•added 2025/04/16 5:38 p.m.•9 views

CVE-2025-32868

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'ExportCertificate' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from a...

8.8CVSS0.00039EPSS

Exploits0References1

Cvelist•added 2025/04/16 5:38 p.m.•8 views

CVE-2025-32863

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'UnlockTraceLevelSettings' method. This could allow an authenticated remote attacker to bypass authorization controls, to read...

8.8CVSS0.00045EPSS

Exploits0References1