CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7022 matches found

GithubExploit•added 2025/09/29 9:35 a.m.•201 views

Hacking-Tools-Master

🔐 Hacking-Tools Master A modular & documented collection of P...

6.9AI score

Exploits0

AlpineLinux•added 2025/09/26 4:15 p.m.•3 views

CVE-2025-59842

jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. Prior to version 4.4.8, links generated with LaTeX typesetters in Markdown files and Markdown cells in JupyterLab and Jupyter Notebook did not include the noopener...

4.3CVSS6.9AI score0.00034EPSS

Exploits0References2

OSV•added 2025/09/26 4:15 p.m.•0 views

UBUNTU-CVE-2025-59842

4.3CVSS5.8AI score0.00034EPSS

Exploits0References4

Vulnrichment•added 2025/09/26 3:53 p.m.•1 views

CVE-2025-59842 JupyterLab LaTeX typesetter links did not enforce `noopener` attribute

2.1CVSS6.5AI score0.00034EPSS

Exploits0References2

OSV•added 2025/09/26 3:53 p.m.•2 views

CVE-2025-59842 JupyterLab LaTeX typesetter links did not enforce `noopener` attribute

2.1CVSS6.5AI score0.00034EPSS

Exploits0References4

CVE•added 2025/09/26 3:53 p.m.•21 views

CVE-2025-59842

CVE-2025-59842 affects jupyterlab; prior to 4.4.8, links generated from LaTeX renderers in Markdown cells could lack noopener, enabling potential reverse-tabnabbing with target=_blank. The issue was patched in jupyterlab 4.4.8. Fedora and other advisories indicate the fixes are provided in jupyte...

4.3CVSS6.5AI score0.00034EPSS

Exploits0References2Affected Software1

RedhatCVE•added 2025/09/26 2:48 p.m.•2 views

CVE-2025-59426

Lobe Chat is an open-source artificial intelligence chat framework. Prior to version 1.130.1, the project's OIDC redirect handling logic constructs the host and protocol of the final redirect URL based on the X-Forwarded-Host or Host headers and the X-Forwarded-Proto value. In deployments where a...

4.3CVSS6.9AI score0.00153EPSS

Exploits1References1

Positive Technologies•added 2025/09/26 12:0 a.m.•2 views

PT-2025-39661

Name of the Vulnerable Software and Affected Versions DIR-823 firmware version 20250416 Description A remote code execution issue exists in the set cassword settings interface. The http casswd parameter does not properly filter the '&' character, allowing for the injection of reverse connection...

8.8CVSS8.1AI score0.00112EPSS

Exploits1References5

CNNVD•added 2025/09/26 12:0 a.m.•2 views

JupyterLab 安全漏洞

JupyterLab is a JupyterLab open source extensible environment for interactive and repeatable computation, based on the Jupyter Notebook and architecture. A security vulnerability exists in JupyterLab versions prior to 4.4.8, which stems from a missing noopener attribute on links generated by LaTe...

4.3CVSS6.2AI score0.00034EPSS

Exploits0References3

NVD•added 2025/09/25 2:15 p.m.•2 views

CVE-2025-59426

4.3CVSS0.00153EPSS

Exploits1References3

CVE•added 2025/09/25 2:0 p.m.•12 views

CVE-2025-59426

Lobe Chat (prior to v1.130.1) is vulnerable to an Open Redirect via the OIDC redirect handling that uses X-Forwarded-Host/Host and X-Forwarded-Proto without validation. The code obtains an internal redirect URL and then attempts to coerce it with correctOIDCUrl, falling back to the raw URL if par...

4.3CVSS6.5AI score0.00153EPSS

Exploits1References3Affected Software1

RedhatCVE•added 2025/09/25 2:53 a.m.•3 views

CVE-2025-59822

Http4s is a Scala interface for HTTP services. In versions from 1.0.0-M1 to before 1.0.0-M45 and before 0.23.31, http4s is vulnerable to HTTP Request Smuggling due to improper handling of HTTP trailer section. This vulnerability could enable attackers to bypass front-end servers security controls...

6.3CVSS6.6AI score0.00108EPSS

Exploits1References1

Packet Storm News•added 2025/09/25 12:0 a.m.•3 views

SoK: Potentials and Challenges of Large Language Models for Reverse Engineering

Reverse Engineering RE is central to software security, enabling tasks such as vulnerability discovery and malware analysis, but it remains labor-intensive and requires substantial expertise. Earlier advances in deep learning start to automate parts of RE, particularly for malware detection and...

6.8AI score

Exploits0

OSV•added 2025/09/24 5:28 p.m.•3 views

DRUPAL-CONTRIB-2025-111

This module allows you to specify an HTTP header name to determine the client's IP address. The module doesn't sufficiently handle all cases under the scenario if Drupal Core settings $settings'reverseproxy' is set to TRUE and $settings'reverseproxyaddresses' is configured. This vulnerability...

5.3CVSS6.7AI score0.00099EPSS

Exploits0References1

RedhatCVE•added 2025/09/24 12:28 a.m.•6 views

CVE-2025-57601

AiKaan Cloud Controller uses a single hardcoded SSH private key and the username proxyuser for remote terminal access to all managed IoT/edge devices. When an administrator initiates "Open Remote Terminal" from the AiKaan dashboard, the controller sends this same static private key to the target...

9.8CVSS7.1AI score0.00068EPSS

Exploits0References1

Drupal•added 2025/09/24 12:0 a.m.•9 views

Reverse Proxy Header - Less critical - Access bypass - SA-CONTRIB-2025-111

5.3CVSS5.6AI score0.00099EPSS

Exploits0References2

Positive Technologies•added 2025/09/24 12:0 a.m.•3 views

PT-2025-39385

Name of the Vulnerable Software and Affected Versions Lobe Chat versions prior to 1.130.1 Description Lobe Chat, an open-source artificial intelligence chat framework, has an issue in its OIDC redirect handling logic. The logic builds the redirect URL’s host and protocol using the X-Forwarded-Hos...

4.3CVSS6.7AI score0.00153EPSS

Exploits1References11