CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1797 matches found

Positive Technologies•added 2025/12/08 12:0 a.m.•3 views

PT-2025-49541

Name of the Vulnerable Software and Affected Versions Infinera MTC-9 versions R22.1.1.0275 through R22.1.1.0275 Description The Remote Shell Service RSH in Infinera MTC-9 allows an attacker to gain system access. This is achieved by exploiting password-less user accounts and activating a reverse...

9.8CVSS7.8AI score0.00059EPSS

Exploits0References8

Packet Storm•added 2025/12/08 12:0 a.m.•138 views

📄 Zimbra Collaboration Suite Postjournal 9.0.0 Remote Command Execution

A critical vulnerability exists in the Zimbra Collaboration Suite ZCS PostJournal service that allows attackers to execute arbitrary system commands without authentication. The vulnerability is triggered through SMTP injection using a malicious RCPT TO parameter. This exploit provides full remote...

8.5AI score

Exploits0

GithubExploit•added 2025/12/07 6:54 p.m.•286 views

CS-Cart-POC

CS-Cart RCE & LFI Exploit Developed by: Strikoder Tes...

7.6AI score

Exploits0

GithubExploit•added 2025/12/07 11:49 a.m.•145 views

Exploit for CVE-2025-9074

CVE-2025-9074 Exploit Tool A sophisticated exploitation frame...

9.3CVSS7.9AI score0.01192EPSS

Exploits15

GithubExploit•added 2025/12/07 9:42 a.m.•125 views

Exploit for Deserialization of Untrusted Data in Facebook React

React2Shell CVE-2025-55182 PoC Usage bash Interacti...

10CVSS7.2AI score0.83197EPSS

Exploits363

OSSF Malicious Packages•added 2025/12/06 4:25 p.m.•4 views

Malicious code in evil-rce2 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 63a6a4d1f5ad55b3b2b836b95a7153f322bb4ea2f718f665a51a4a94f32576d5 Running the module starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-12-evil-rce...

7.6AI score

Exploits0References1

OSV•added 2025/12/06 4:25 p.m.•2 views

MAL-2025-192362 Malicious code in evil-rce2 (PyPI)

7.5AI score

Exploits0References1

OSSF Malicious Packages•added 2025/12/06 4:24 p.m.•5 views

Malicious code in telco (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 55c8199592663c3f388cba22988800084bbc3a5696279eb22c53e837c1d8ac40 Running the module starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-12-evil-rce...

7.6AI score

Exploits0References1

OSV•added 2025/12/06 4:24 p.m.•1 views

MAL-2025-192363 Malicious code in telco (PyPI)

7.5AI score

Exploits0References1

OSV•added 2025/12/06 2:11 p.m.•1 views

MAL-2025-192351 Malicious code in evil-rce (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 74a74a4133ed8082eba8452bb59a82dcf6975e1e8c4d6630a47088c17d6b6cca Running the module starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-12-evil-rce...

7.5AI score

Exploits0References1

OSSF Malicious Packages•added 2025/12/06 2:11 p.m.•4 views

Malicious code in evil-rce (PyPI)

7.6AI score

Exploits0References1

Rapid7 Blog•added 2025/12/05 8:58 p.m.•23 views

Metasploit Wrap-Up 12/05/2025

Twonky Auth Bypass, RCEs and RISC-V Reverse Shell Payloads This was another fantastic week in terms of PR contribution to the Metasploit Framework. Rapid7’s very own Ryan Emmons recently disclosed CVE-2025-13315 and CVE-2025-13316 which exist in Twonky Server and allow decrypting admin credential...

9.8CVSS9AI score0.85741EPSS

Exploits8

GithubExploit•added 2025/12/05 1:40 p.m.•144 views

Exploit for CVE-2025-55182

CVE-2025-55182 – React2Shell RCE Summary Remote Code Exec...

10CVSS8.7AI score0.83197EPSS

Exploits363

GithubExploit•added 2025/12/05 1:8 a.m.•129 views

Exploit for CVE-2025-55182

⚠️ Warning: Used only for authorization security testing. Pleas...

10CVSS7.1AI score0.83197EPSS

Exploits363

GithubExploit•added 2025/12/03 6:39 a.m.•132 views

Exploit for Missing Authentication for Critical Function in F5 Big-Ip_Access_Policy_Manager

F5 BIG-IP CVE-2023-46747 - Unauthenticated RCE + Auto Reverse...

9.8CVSS8.2AI score0.94436EPSS

Exploits17

GithubExploit•added 2025/12/02 9:55 a.m.•237 views

Exploit for Code Injection in Samba

CVE-2017-7494 Remote root exploit for the SAMBA CVE-2017-7494...

10CVSS9AI score0.94176EPSS

Exploits24

Positive Technologies•added 2025/11/24 12:0 a.m.•1 views

PT-2025-47956

Rooting Tesla's Linux-based infotainment system typically involves exploiting software vulnerabilities, like improper access controls in diagnostic interfaces e.g., CVE-2022-42008. Enthusiasts connect via Ethernet ports, use tools to gain a reverse shell, and set up persistence by modifying...

6.8AI score

Exploits1References1

GithubExploit•added 2025/11/23 11:9 a.m.•221 views

Exploit for Use of Uninitialized Resource in Microsoft

Proof-of-Concept exploit for the Untrusted Pointer Dereferenc...

9.8CVSS8.1AI score0.11243EPSS

Exploits6

GithubExploit•added 2025/11/19 12:39 a.m.•159 views

Exploit for CVE-2025-34299

Monsta FTP CVE-2025-34299 Exploit Python exploit for the RCE...

9.3CVSS8.2AI score0.7411EPSS

Exploits6

OSSF Malicious Packages•added 2025/11/14 5:24 p.m.•5 views

Malicious code in pam98wyfupa98w (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 be7177fd2d56b518724377233ca5eda13a07f6252e400cfb4c1115db456b5fd8 Importing the module starts a reverse shell --- Category: MALICIOUS - The campaign has clearly malicious intent, like infostealers. Campaign: 2025-11-d1n0...

7.6AI score

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by