CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedHat Linux•added 2026/06/17 10:41 a.m.•7 views

redis: RESTORE invalid memory access may allow remote code execution

8.8CVSS6AI score0.01228EPSS

RedHat Linux•added 2026/06/16 1:39 p.m.•6 views

redis: RESTORE invalid memory access may allow remote code execution

8.8CVSS6AI score0.01228EPSS

Talos•added 2026/05/07 12:0 a.m.•11 views

Tp-Link Archer AX53 v1.0 configuration restore crt.sed vulnerability

Talos Vulnerability Report TALOS-2025-2304 Tp-Link Archer AX53 v1.0 configuration restore crt.sed vulnerability May 7, 2026 CVE Number CVE-2026-30816 SUMMARY An external config control vulnerability exists in the Openvpn configuration restore crt.sed functionality of Tp-Link Archer AX53 v1.0 1.3....

6.8CVSS6.1AI score0.00286EPSS

Exploits0

Debian CVE•added 2026/05/05 4:44 p.m.•6 views

CVE-2026-25243

Redis is an in-memory data structure store. In versions of redis-server up to 8.6.3, the RESTORE command does not properly validate serialized values. An authenticated attacker with permission to execute RESTORE can supply a crafted serialized payload that triggers invalid memory access and may...

8.8CVSS6.2AI score0.01228EPSS

Exploits0

RedhatCVE•added 2026/02/19 8:55 a.m.•5 views

CVE-2026-26045

A flaw was identified in Moodle’s backup restore functionality where specially crafted backup files were not properly validated during processing. If a malicious backup file is restored, it could lead to unintended execution of server-side code. Since restore capabilities are typically available ...

7.2CVSS5.7AI score0.00553EPSS

RedhatCVE•added 2025/12/24 10:29 p.m.•5 views

CVE-2025-12838

MSP360 Free Backup Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MSP360 Free Backup. An attacker must first obtain the ability to execute low-privileged code on the target system in order to...

7.3CVSS7.5AI score0.00147EPSS

EUVD•added 2025/12/24 12:30 a.m.•3 views

EUVD-2025-204965

7.3CVSS7AI score0.00147EPSS

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-30778

Malicious code in bioql PyPI...

8.6CVSS6.4AI score0.00469EPSS

Positive Technologies•added 2025/09/22 12:0 a.m.•3 views

PT-2025-38704

Name of the Vulnerable Software and Affected Versions Invoice Ninja versions prior to 5.11.73 Description A flaw exists in the admin "Restore" function that allows attackers with admin credentials to execute arbitrary code on the server. This is possible through the upload of malicious .php files...

8.6CVSS7.5AI score0.00469EPSS

Exploits0References5

NVD•added 2025/08/20 5:15 p.m.•6 views

CVE-2025-8612

AOMEI Backupper Workstation Link Following Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of AOMEI Backupper Workstation. An attacker must first obtain the ability to execute low-privileged code on the target...

7.3CVSS0.00179EPSS

Cvelist•added 2025/08/20 4:26 p.m.•8 views

CVE-2025-8612 AOMEI Backupper Workstation Link Following Local Privilege Escalation Vulnerability

7.3CVSS0.00179EPSS

BDU FSTEC•added 2025/07/10 12:0 a.m.•6 views

The vulnerability of the Live-Restore parameter in software for remote IT support and monitoring of Dell Secure Connect Gateway (SCG) allows a hacker to circumvent existing security restrictions.

The vulnerability of the Live-Restore parameter in software for remote IT support and monitoring of Dell Secure Connect Gateway SCG is related to deficiencies in authentication procedures. Exploiting this vulnerability could allow a malicious actor to circumvent existing security restrictions...

5.5CVSS5.5AI score0.0015EPSS

Exploits0References2Affected Software1

OSV•added 2024/05/03 2:15 a.m.•5 views

CVE-2023-35742

D-Link DAP-2622 DDP Configuration Restore Auth Username Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2622 routers. Authentication is not required to exploit...

8.8CVSS6.3AI score0.00855EPSS

OSV•added 2022/04/28 3:15 p.m.•2 views

CVE-2021-43934

Elcomplus SmartPTT is vulnerable as the backup and restore system does not adequately validate upload requests, enabling a malicious user to potentially upload arbitrary files...

9.8CVSS7.4AI score

The Hacker News•added 2018/06/14 7:59 a.m.•2 views

New 'Lazy FP State Restore' Vulnerability Found in All Modern Intel CPUs

Hell Yeah! Another security vulnerability has been discovered in Intel chips that affects the processor's speculative execution technology—like Specter and Meltdown—and could potentially be exploited to access sensitive information, including encryption related data. Dubbed Lazy FP State Restore ...

5.6CVSS6.5AI score0.00611EPSS

Exploits0

RedHat Linux•added 2017/10/12 7:53 a.m.•3 views

mysql: Incorrect input validation allowing code execution via mysqldump

It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A database user with privileges to create databases or tables could cause the mysql command to execute arbitrary shell or SQL commands while restoring database...

6.6CVSS7.5AI score0.0264EPSS

CNVD•added 2017/07/10 12:0 a.m.•1 views

Cisco FireSIGHT System Software Arbitrary Code Execution Vulnerability

Cisco FireSIGHT Management Center enables centralized management of network security and operational functions for Cisco ASA with FirePOWER Services and Cisco FirePOWER devices. A security vulnerability exists in the Cisco FireSIGHT System Software in the backup and restore functions, which arise...

7.2CVSS7.5AI score0.0042EPSS