CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

25 matches found

RedhatCVE•added 2026/01/07 9:11 a.m.•13 views

CVE-2025-1750

An SQL injection vulnerability exists in the delete function of DuckDBVectorStore in run-llama/llamaindex version v0.12.19. This vulnerability allows an attacker to manipulate the refdocid parameter, enabling them to read and write arbitrary files on the server, potentially leading to remote code...

9.8CVSS8.6AI score0.0168EPSS

Exploits1References1

Tenable Nessus•added 2025/05/13 12:0 a.m.•5 views

Security Updates for Microsoft SharePoint Server Subscription Edition (May 2025)

The Microsoft SharePoint Server Subscription Edition installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Elevation of Privilege Vulnerability CVE-2025-29976 - Remote Code Execution Vulnerabilites. CVE-2025-30378, CVE-2025-30382,...

7.8CVSS8.4AI score0.01672EPSS

Exploits0References5

The Hacker News•added 2025/04/09 7:6 a.m.•39 views

Microsoft Patches 126 Flaws Including Actively Exploited Windows CLFS Vulnerability

Microsoft has released security fixes to address a massive set of 126 flaws affecting its software products, including one vulnerability that it said has been actively exploited in the wild. Of the 126 vulnerabilities, 11 are rated Critical, 112 are rated Important, and two are rated Low in...

8.1CVSS8.5AI score0.86946EPSS

Exploits23

Tenable Nessus•added 2025/04/08 12:0 a.m.•19 views

Security Updates for Microsoft Excel Products (April 2025)

The Microsoft Excel Products are missing a security update. They are, therefore, affected by multiple remote code execution vulnerabilities. An attacker can exploit these to bypass authentication and execute unauthorized arbitrary commands. Note that Nessus has not tested for these issues but has...

7.8CVSS8.1AI score0.01391EPSS

Exploits4References4

Tenable Nessus•added 2025/03/13 12:0 a.m.•41 views

Security Updates for Microsoft Office Products (March 2025)

The Microsoft Office Products are missing security updates. They are, therefore, affected by multiple remote code execution vulnerabilities. An attacker can exploit these to bypass authentication and execute unauthorized arbitrary commands. Note that Nessus has not tested for these issues but has...

7.8CVSS8.1AI score0.00221EPSS

Exploits0References5

Tenable Nessus•added 2025/03/11 12:0 a.m.•28 views

Security Updates for Microsoft Excel Products (March 2025)

7.8CVSS8.1AI score0.00209EPSS

Exploits0References4

OSV•added 2024/12/18 6:15 a.m.•9 views

CVE-2024-21546

Versions of the package unisharp/laravel-filemanager before 2.9.1 are vulnerable to Remote Code Execution RCE through using a valid mimetype and inserting the . character after the php file extension. This allows the attacker to execute malicious code...

9.3CVSS7.6AI score

Exploits0References3

ThreatPost•added 2021/11/02 5:20 p.m.•90 views

Android Patches Actively Exploited Zero-Day Kernel Bug

Among Google’s November Android security updates is a patch for a zero-day weakness that “may be under limited, targeted exploitation,” the company said. Out of this month’s batch of 39 patches, 18 of them plug flaws in the framework and system components and another 18 address vulnerabilities in...

10CVSS8.9AI score0.02934EPSS

Exploits0References5

Tenable Nessus•added 2021/04/13 12:0 a.m.•162 views

KB5001342: Windows 10 version 1809 / Windows Server 2019 Security Update (Apr 2021)

The remote Windows host is missing security updates. It is, therefore, affected by multiple vulnerabilities: - Win32k Elevation of Privilege Vulnerability CVE-2021-27072, CVE-2021-28310 - Windows Media Photo Codec Information Disclosure Vulnerability CVE-2021-27079 - Windows Event Tracing Elevati...

9.8CVSS7.3AI score0.53955EPSS

Exploits4References78

Microsoft KB•added 2020/12/08 8:0 a.m.•93 views

Description of the security update for PowerPoint 2016: December 8, 2020

Description of the security update for PowerPoint 2016: December 8, 2020 Summary This security update resolves Microsoft PowerPoint remote code execution vulnerabilities. To learn more about these vulnerabilities, see Microsoft Common Vulnerabilities and Exposures CVE-2020-17124. Note To apply th...

9.3CVSS7.8AI score0.12927EPSS

Exploits0

OpenVAS•added 2020/01/15 12:0 a.m.•40 views

Microsoft Excel 2013 Service Pack 1 Remote Code Execution Vulnerabilities (KB4484234)

This host is missing an important security update according to Microsoft KB4484234 Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

9.3CVSS7.6AI score0.33652EPSS

Exploits0References1

CISA•added 2019/10/17 12:0 a.m.•9 views

Cisco Releases Security Updates

Cisco has released security updates to address vulnerabilities in Cisco products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities see the Cisco Security Advisories page. The Cybersecurity an...

7.7AI score

Exploits0References7

Veracode•added 2019/05/02 4:41 a.m.•40 views

Remote Code Execution (RCE)

Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with...

8.8CVSS9.3AI score0.04573EPSS

Exploits10References30Affected Software3

Microsoft KB•added 2018/05/08 7:0 a.m.•40 views

Description of the security update for SharePoint Enterprise Server 2013: May 8, 2018

Description of the security update for SharePoint Enterprise Server 2013: May 8, 2018 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see th...

5.4CVSS6.2AI score0.013EPSS

Exploits0

myhack58•added 2016/08/18 12:0 a.m.•19 views

Cisco repair Shadow Brokers announced the vulnerability and released technical analysis-vulnerability warning-the black bar safety net

A, event summary 2 0 1 6 years 8 on 1 5 December, a named“The Shadow Brokers”the shadow broker-hacking group claims to Own the intrusion of the Equation Group equation organization of hacking an organization's computer system, and successfully steal a lot of confidential information and hacker...

1.7AI score

Exploits0

Tenable Nessus•added 2016/02/29 12:0 a.m.•46 views

VMware ESX / ESXi Multiple Vulnerabilities (VMSA-2012-0016) (remote check)

The remote VMware ESX / ESXi host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities, including remote code execution vulnerabilities, in several components and third-party libraries : - bind - expat - nspr and nss - python - vSphere API %NASLMINLEVEL 7030...

8.5CVSS8.1AI score0.53159EPSS

Exploits8References11

Tenable Nessus•added 2012/01/30 12:0 a.m.•100 views

Blueberry FlashBack SDK 'BB FlashBack Recorder.dll' Remote Code Execution

The remote host has a vulnerable version of the Blueberry 'BB FlashBack Recorder.dll' control installed. This control is affected by multiple unspecified remote code execution vulnerabilities related the 'FBRecorder' class and the 'Start', 'PauseAndSave', 'InsertMarker', 'InsertSoundToFBRAtMarker...

9.3CVSS6.4AI score0.02089EPSS

Exploits0References11

Cvelist•added 2003/05/08 4:0 a.m.•16 views

CVE-2003-0264

Multiple buffer overflows in SLMail 5.1.0.4420 allows remote attackers to execute arbitrary code via 1 a long EHLO argument to slmail.exe, 2 a long XTRN argument to slmail.exe, 3 a long string to POPPASSWD, or 4 a long password to the POP3 server...

7.9AI score0.55213EPSS

Exploits4References4