CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

15 matches found

Packet Storm News•added 3 days ago•2 views

Quantum Secure Blind Decryption with Two Users

We propose two types of protocols for quantum secure blind decryption, involving two users and servers. User 1 holds the encrypted ciphertext. The servers store several indexed keys including the key encrypting the ciphertext. User 2 aims to obtain the decrypted text. The protocols are designed t...

5.8AI score

Exploits0

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2017-5936

Malware in sbrugna...

9CVSS8.8AI score0.02645EPSS

Exploits2References2

Tenable Nessus•added 2025/10/04 12:0 a.m.•3 views

RockyLinux 9 : mod_auth_openidc (RLSA-2025:9396)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:9396 advisory. modauthopenidc: DoS via Empty POST in modauthopenidc with OIDCPreservePost Enabled CVE-2025-3891 Tenable has extracted the preceding description block directly fr...

7.5CVSS6.2AI score0.00673EPSS

Exploits0References3

NVD•added 2025/08/20 1:15 p.m.•3 views

CVE-2025-54174

QuickCMS is vulnerable to Cross-Site Request Forgery in article creation functionality. Malicious attacker can craft special website, which when visited by the admin, will automatically send a POST request creating a malicious article with content defined by the attacker. The vendor was notified...

5.1CVSS0.00026EPSS

Exploits0References2

SUSE CVE•added 2023/02/15 4:31 a.m.•1 views

SUSE CVE-2018-5704

Open On-Chip Debugger OpenOCD 0.10.0 does not block attempts to use HTTP POST for sending data to 127.0.0.1 port 4444, which allows remote attackers to conduct cross-protocol scripting attacks, and consequently execute arbitrary commands, via a crafted web site...

9.6CVSS9.1AI score0.0189EPSS

Exploits1References3

CNVD•added 2020/05/08 12:0 a.m.•1 views

WAVLINK WL-WN579G3 and WL-WN575A3 Information Disclosure Vulnerability

WAVLINK WL-WN579G3 and WL-WN575A3 are both wireless network signal extenders from China-based RuiYin Technology WAVLINK. A security vulnerability exists in the backup function in WAVLINK WL-WN579G3 - M79X3.V5030.180719 version and WL-WN575A3 - RPT75A3.V4300.180801 version. An attacker can exploit...

7.5CVSS6.8AI score0.0034EPSS

Exploits0References1

OSV•added 2018/01/16 9:29 a.m.•3 views

CVE-2018-5704

9.6CVSS9.1AI score

Exploits0References3

Hacker One•added 2017/11/17 9:58 p.m.•70 views

Electroneum: Hackerone [Mainsite Vulnerability]

96 Hello, I was checking out the website Electroneum – Crowdfunding Token Sale – Electroneum – the mobile based cryptocurrency for any vulnerabilities through hackerone. I would like to submit a vulnerability for consideration towards a bounty. Currently you have the file...

0.1AI score

Exploits0

Hacker One•added 2016/10/15 11:27 a.m.•23 views

Brave Software: Access to local file system using javascript

Hey, The browser can access the local files using iframes with a local html file. this is very normal and often used for local web development but javascript shouldn't be able to get the content of that iframe because this can be used to post the contents to the attackers server. something else I...

6.9AI score

Exploits0

Kitploit•added 2014/04/20 2:52 p.m.•16 views

FS-NyarL - Network Takeover & Forensic Analysis Tool

NyarL it's Nyarlathotep, a mitological chaotic deity of the writer HP. Lovecraft's cosmogony. It's represent Crawling Chaos and FS-NyarL it's The Crawling Chaos of Cyber Security :- A network takeover & forensic analysis tool - useful to advanced PenTest tasks & for fun and profit - but use it at...

7.7AI score

Exploits0

Kitploit•added 2013/11/09 12:35 a.m.•13 views

[FS-NyarL] A network takeover & forensic analysis tool

7.7AI score

Exploits0

OSV•added 2013/04/01 4:55 p.m.•3 views

CVE-2013-2686

main/http.c in the HTTP server in Asterisk Open Source 1.8.x before 1.8.20.2, 10.x before 10.12.2, and 11.x before 11.2.2; Certified Asterisk 1.8.15 before 1.8.15-cert2; and Asterisk Digiumphones 10.x-digiumphones before 10.12.2-digiumphones does not properly restrict Content-Length values, which...

6.3AI score

Exploits0References3

Exploit DB•added 2007/01/29 12:0 a.m.•55 views

CVSTrac 2.0.0 - Defacement Denial of Service

cvstrack-resurrect.pl -- CVSTrac Post-Attack Database Resurrection Copyright c 2007 Ralf S. Engelschall use DBI; requires OpenPKG perl-dbi use DBD::SQLite; requires OpenPKG perl-dbi, perl-dbi::withdbdsqlite=yes use DBIx::Simple; requires OpenPKG perl-dbix use Date::Format; requires OpenPKG...

7.4AI score

Exploits0

0day.today•added 2007/01/29 12:0 a.m.•22 views

CVSTrac 2.0.0 Post-Attack Database Resurrection DoS Exploit

Exploit for cgi platform in category web applications =========================================================== CVSTrac 2.0.0 Post-Attack Database Resurrection DoS Exploit =========================================================== cvstrack-resurrect.pl -- CVSTrac Post-Attack Database...

7.1AI score

Exploits0