CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 5 days ago•3 views

EUVD-2018-21939

ATTACKERKB•added 5 days ago•6 views

CVE-2018-25417

Exploits0References4Affected Software1

Cvelist•added 5 days ago•25 views

CVE-2018-25417 AiOPMSD Final 1.0.0 SQL Injection via quality.php

8.8CVSS0.00068EPSS

CVE•added 5 days ago•11 views

CVE-2018-25417

AiOPMSD Final 1.0.0 contains an SQL injection vulnerability via the quality parameter in quality.php. Unauthenticated attackers can send crafted SQL payloads to extract sensitive data (usernames, database names, version details). CVSS metrics indicate high severity (CVSS 3.1: 8.2; CVSS 4.0: 8.8)....

Vulnrichment•added 5 days ago•4 views

CVE-2018-25417 AiOPMSD Final 1.0.0 SQL Injection via quality.php

Packet Storm News•added 5 days ago•1 views

Quality-Diversity Evolution for Discovering Diverse Vulnerabilities in LLM Safety

Current approaches to LLM adversarial testing suffer from coverage gaps: manual red-teaming does not scale, LLM-as-attacker methods exhibit mode collapse, and gradient-based approaches produce uninterpretable gibberish. We introduce a quality-diversity evolutionary framework that operates at the...

5.8AI score

Exploits0

Positive Technologies•added 5 days ago•4 views

PT-2026-45117

CNNVD•added 5 days ago•3 views

Exploits0References5

AiOPMSD Final SQL注入漏洞

AiOPMSD Final is a video stream download tool developed by AiOPMSD Corporation. Version 1.0.0 of AiOPMSD Final contains a SQL injection vulnerability. This vulnerability arises from injecting malicious code through the quality parameter, potentially allowing unauthenticated attackers to execute...

8.8CVSS6.2AI score0.00068EPSS

NVD•added last week•3 views

CVE-2026-46153

In the Linux kernel, the following vulnerability has been resolved: 8021q: delete cleared egress QoS mappings vlandevsetegresspriority currently keeps cleared egress priority mappings in the hash as tombstones. Repeated set/clear cycles with distinct skb priorities therefore accumulate mapping...

0.00024EPSS

Debian CVE•added last week•3 views

CVE-2026-46153

5.7AI score0.00024EPSS

Exploits0

CNNVD•added 2026/05/28 12:0 a.m.•4 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the unresolved QoS mapping in 8021q, which may lead to memory leaks if not removed...

5.8AI score0.00024EPSS

ATTACKERKB•added 2026/05/25 4:45 p.m.•8 views

CVE-2026-9475

A vulnerability was determined in Totolink A8000RU 7.1cu.643b20200521. This affects the function setIpQosRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. This manipulation of the argument Comment causes os command injection. Remote exploitation of the attack is...

10CVSS7AI score0.01254EPSS

Exploits0References5Affected Software1

ATTACKERKB•added 2026/05/25 6:45 a.m.•4 views

CVE-2026-9435

A vulnerability was detected in Totolink A8000RU 7.1cu.643b20200521. The affected element is the function setQosCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Performing a manipulation of the argument enable results in os command injection. Remote exploitation of...

10CVSS7.1AI score0.01254EPSS

Exploits0References5Affected Software1

Positive Technologies•added 2026/05/25 12:0 a.m.•8 views

PT-2026-43090

A vulnerability was determined in Totolink A8000RU 7.1cu.643 b20200521. This affects the function setIpQosRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. This manipulation of the argument Comment causes os command injection. Remote exploitation of the attack is...

10CVSS7AI score0.01254EPSS

Exploits0References5

CNNVD•added 2026/05/25 12:0 a.m.•3 views

TOTOLINK A8000RU 操作系统命令注入漏洞

The TOTOLINK A8000RU is a wireless router from China's Gion Electronics TOTOLINK. The Totolink A8000RU version 7.1cu.643b20200521 suffers from an OS command injection vulnerability that originates from the operation of the function setQosCfg on the parameter enable in the file /cgi-bin/cstecgi.cg...

10CVSS7.3AI score0.01254EPSS

Exploits0References5

Packet Storm News•added 2026/05/22 12:0 a.m.•6 views

Cybersecurity of Electric Vehicle Charging Infrastructure: Recent Advances, Open Challenges, and Future Directions

Electric Vehicles EVs have emerged as significant disruptors in the transportation sector over the past decade. Their growing popularity and adoption are accompanied by capital expenditures to deploy charging infrastructure. EV charging infrastructure sits at the intersection of the power grid, t...

5.8AI score

Exploits0

AstraLinux•added 2026/05/20 5:53 a.m.•3 views

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: interconnect: exynos: fix node leak in probe PM QoS error path Make sure to add the newly allocated interconnect node to the provider before adding the PM QoS request, so that the node is freed in case of errors...

5.5CVSS6.1AI score0.00065EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•1 views

Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15

In the Linux kernel, the following vulnerabilities have been resolved: blk-rq-qos: fixed a crash that occurred during the race between rqqoswait and rqqoswakefunction. We are encountering crashes due to rqqoswakefunction, which manifest as follows: BUG: Unable to handle a page fault for address:...

4.7CVSS6.5AI score0.00013EPSS

AstraLinux•added 2026/05/20 5:53 a.m.•4 views

Astra Linux - уязвимость в jetty9

In Eclipse Jetty 9.4.6.v20170531 to 9.4.36.v20210114 inclusive, as well as 10.0.0 and 11.0.0, when Jetty handles a request containing multiple Accept headers with a large number of “quality” i.e., q parameters, the server may enter a Denial-of-Service DoS state due to high CPU usage in processing...

5.3CVSS6.7AI score0.33816EPSS