CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

262 matches found

CVE•added 2026/05/26 12:0 a.m.•9 views

CVE-2025-68710

CVE-2025-68710 concerns Easyelife App lock 1.9.2 for Android. The vulnerability arises because the lock is implemented as an overlay instead of using Android’s secure authentication APIs, allowing a local attacker with physical access to bypass the PIN. By navigating cascading interface flows and...

2.4CVSS5.8AI score0.00036EPSS

Exploits0References3

Tenable Nessus•added 2026/05/11 12:0 a.m.•7 views

Unity Linux 20.1070e Security Update: gdm (UTSA-2026-017683)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017683 advisory. A vulnerability was discovered in gdm before 3.31.4. When timed login is enabled in configuration, an attacker could bypass the lock screen by selecting the timed...

6.9CVSS6.7AI score0.00075EPSS

Exploits1References4

CNVD•added 2026/03/09 12:0 a.m.•1 views

Google Android elevation of privilege vulnerability (CNVD-2026-13144)

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability that is caused by a lock screen bypass due to competing conditions in multiple functions of KeyguardViewMediator.java. An attacker can exploit the...

7.4CVSS5.9AI score0.00002EPSS

Exploits0References1

OSV•added 2026/03/02 7:16 p.m.•4 views

CVE-2025-48568

In multiple locations, there is a possible lockscreen bypass due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.4CVSS5.9AI score0.00003EPSS

Exploits0References1

Cvelist•added 2026/03/02 6:42 p.m.•28 views

CVE-2025-48605

In multiple functions of KeyguardViewMediator.java, there is a possible lockscreen bypass due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

0.00003EPSS

Exploits0References1

CNNVD•added 2026/03/02 12:0 a.m.•2 views

Google Android 安全漏洞

Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android, which stem from race conditions in multiple locations. These vulnerabilities may bypass the lock screen and lead to an increase in local privileges...

7.4CVSS5.8AI score0.00003EPSS

Exploits0References2

CNNVD•added 2026/03/02 12:0 a.m.•1 views

Google Android 安全漏洞

7.4CVSS5.8AI score0.00002EPSS

Exploits0References2

ATTACKERKB•added 2026/02/19 6:38 p.m.•2 views

CVE-2026-27472

SPIP before 4.4.9 allows Blind Server-Side Request Forgery SSRF via syndicated sites in the private area. When editing a syndicated site, the application does not verify that the syndication URL is a valid remote URL, allowing an authenticated attacker to make the server issue requests to arbitra...

5.3CVSS5.9AI score0.00063EPSS

Exploits0References4Affected Software1

UbuntuCve•added 2026/02/19 4:27 p.m.•2 views

CVE-2026-26345

SPIP before 4.4.8 contains a stored cross-site scripting XSS vulnerability in the public area triggered in certain edge-case usage patterns. The echapperhtmlsuspect function does not adequately sanitize user-controlled content, allowing authenticated users with content-editing privileges e.g.,...

8.6CVSS5.8AI score0.00065EPSS

Exploits0References4

Positive Technologies•added 2026/02/19 12:0 a.m.•4 views

PT-2026-20844

SPIP before 4.4.8 allows Cross-Site Scripting XSS in the public area for certain edge-case usage patterns. The echapper html suspect function does not adequately detect all forms of malicious content, permitting an attacker to inject scripts that execute in a visitor's browser. This vulnerability...

4.7CVSS5.6AI score

Exploits0References3

Tenable Nessus•added 2026/01/20 12:0 a.m.•5 views

MiracleLinux 7 : GNOME (AXSA:2020-080:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-080:01 advisory. gnome-shell: partial lock screen bypass CVE-2019-3820 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...

4.8CVSS5.6AI score0.00045EPSS

Exploits1References2

Tenable Nessus•added 2026/01/16 12:0 a.m.•3 views

MiracleLinux 7 : gdm-3.22.3-11.el7, gnome-session-3.22.3-4.el7 (AXSA:2017-2139:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-2139:01 advisory. gdm GDM provides the graphical login screen, shown shortly after boot up, log out, and when user-switching. gnome-session gnome-session manages a GNOME deskt...

7.2CVSS5.3AI score0.00079EPSS

Exploits0References2

NVD•added 2025/12/03 9:15 a.m.•2 views

CVE-2025-29864

Protection Mechanism Failure vulnerability in ESTsoft ALZip on Windows allows SmartScreen bypass.This issue affects ALZip: from 12.01 before 12.29...

6.2CVSS0.0002EPSS

Exploits0References1

RedhatCVE•added 2025/10/22 12:11 a.m.•6 views

CVE-2025-56800

Reolink desktop application 8.18.12 contains a vulnerability in its local authentication mechanism. The application implements lock screen password logic entirely on the client side using JavaScript within an Electron resource file. Because the password is stored and returned via a modifiable...

5.1CVSS6.7AI score0.0008EPSS

Exploits2References1

OSV•added 2025/10/21 7:21 p.m.•1 views

CVE-2025-56800

5.1CVSS5.8AI score0.0008EPSS

Exploits2References2