CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Tenable Nessus•added 2025/08/24 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2005-1308

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - SqWebMail allows remote attackers to inject arbitrary web script or HTML via CRLF sequences in the redirect parameter followed by the desired script or HTML...

7.5CVSS5.9AI score0.02284EPSS

Tenable Nessus•added 2025/08/21 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2018-6110

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Parsing documents as HTML in Downloads in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to cause Chrome to execute scripts via a local non-HTML...

5.8CVSS7.1AI score0.01247EPSS

Tenable Nessus•added 2025/08/21 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2013-2022

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple cross-site scripting XSS vulnerabilities in actionscript/Jplayer.as in the Flash SWF component jplayer.swf in jPlayer before 2.2.23 allow remote...

4.3CVSS5.5AI score0.05494EPSS

Exploits3References2

OSSF Malicious Packages•added 2025/08/14 10:30 p.m.•3 views

Malicious code in jsonist (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4c74a199a696dbc18994242bc3c29e9a018ddda51fa2bbe224620d9ded6f1818 Calling a method starts downloading and starting an infostealer script --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers...

7.1AI score

OSV•added 2025/08/14 10:30 p.m.•3 views

MAL-2025-191767 Malicious code in jsonist (PyPI)

OSV•added 2025/08/13 2:57 p.m.•5 views

USN-6885-6 apache2 regression

USN-6885-1 fixed vulnerabilities in Apache. The patch for CVE-2024-38474 was incomplete and caused a regression. This update provides the fix for this issue. Original advisory details: Orange Tsai discovered that the Apache HTTP Server modrewrite module incorrectly handled certain substitutions. ...

9.8CVSS7.2AI score0.02456EPSS

Positive Technologies•added 2025/08/13 12:0 a.m.•2 views

PT-2025-32991 · Marktwo · Marktwo

Name of the Vulnerable Software and Affected Versions: MarkTwo versions prior to commit e3a1d3f90cce4ea9c26efcbbf3a1cbfb9dcdb298 May 2025 Description: A Cross-Site Scripting XSS issue exists in MarkTwo. The application does not properly sanitize user-supplied Markdown before rendering it, allowin...

6.1CVSS6.3AI score0.0037EPSS

Exploits0References7

OSSF Malicious Packages•added 2025/08/05 4:11 p.m.•6 views

Malicious code in flashsimplelogger (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 8c4753ee44e481f1f689cfaeddcddaef8dcdf86fbb1db19b3fe0acc2fadac305 It's a clone of "loguru" package which on import loads a second-stage script from loguru.guru. This makes a few checks and downloads the next stage, which is a...

7.2AI score

OSV•added 2025/08/05 4:11 p.m.•4 views

MAL-2025-191729 Malicious code in flashsimplelogger (PyPI)

OSV•added 2025/08/02 1:52 p.m.•6 views

MAL-2025-191928 Malicious code in web3dummycti (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9a702a53b1f08d4ee8e06e9dc19f6c942ee7bd755274f898a2ff737796557316 If the method from the module is called, it attempts to download a malicious code identified as msf payload and save it locally. In the analysed version, the...

7.5AI score

OSSF Malicious Packages•added 2025/08/02 1:52 p.m.•4 views

Malicious code in web3dummycti (PyPI)

7.6AI score

OSSF Malicious Packages•added 2025/08/01 3:57 p.m.•5 views

Malicious code in loggerex (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7a27ca3e673f54a1e041d55e84b8a0e871239df2331c9a3fd1dbe20d1fa86f56 It's a clone of "loguru" package which on import loads a second-stage script from loguru.guru. This makes a few checks and downloads the next stage, which is a...

7.2AI score

OSV•added 2025/08/01 3:57 p.m.•1 views

MAL-2025-191782 Malicious code in loggerex (PyPI)

OSSF Malicious Packages•added 2025/08/01 1:47 p.m.•3 views

Malicious code in loquru (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 a98209ec0f506986521ebd7b24de4f266f6bb61aba50f2dc511c391f1037848b It's a clone of "loguru" package which on import loads a second-stage script from loguru.guru. This makes a few checks and downloads the next stage, which is a...

7.2AI score

OSV•added 2025/08/01 1:47 p.m.•1 views

MAL-2025-191784 Malicious code in loquru (PyPI)

OSV•added 2025/07/31 8:37 a.m.•3 views

MAL-2025-191689 Malicious code in backtradingbot (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 117c24f5b7a0f5e4921e4478231a717ecca01748a5b266d8984e619f06173984 Running the installed entry point downloads and executes remote code. During the analysis, the code was switching to websockets, adding a startup script and...