CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Authorities in the United Kingdom this week arrested four people aged 17 to 20 in connection with recent data theft and extortion attacks against the retailers Marks & Spencer and Harrods , and the British food retailer Co-op Group. The breaches have been linked to a prolific but loosely-affiliat...

7.3AI score

Exploits0

Wiz blog•added 2025/07/02 3:0 p.m.•4 views

Exposed JDWP Exploited in the Wild: What Happens When Debug Ports Are Left Open

Understanding the risks and impact of deploying dev-mode in production environments...

7.3AI score

Exploits0

IBM Security Bulletins•added 2025/06/16 9:16 a.m.•12 views

Security Bulletin: IBM Cloud Pak for Data s vulnerable to Improper Input Validation due to follow-redirects ( CVE-2023-26159 )

Summary Potential vulnerabilities in follow-redirects module has been identified that may affect IBM Cloud Pak for Data. Vulnerability Details CVEID:CVE-2023-26159 DESCRIPTION: Versions of the package follow-redirects before 1.15.4 are vulnerable to Improper Input Validation due to the improper...

7.3CVSS6.6AI score0.00797EPSS

Exploits1Affected Software1

CVE•added 2025/06/10 5:2 p.m.•65 views

CVE-2025-47171

CVE-2025-47171: Microsoft Outlook (Office) contains a code-execution vulnerability due to improper input validation. The issue affects Outlook components within Microsoft Office and requires an authenticated user with local access and user interaction. CVSS 3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H...

6.7CVSS6.6AI score0.01337EPSS

Exploits0References1Affected Software4

Positive Technologies•added 2025/06/06 12:0 a.m.•1 views

PT-2025-24099

Name of the Vulnerable Software and Affected Versions Axiomthemes Sweet Dessert versions prior to 1.1.13 Description The issue is related to Deserialization of Untrusted Data, which allows Object Injection. This can potentially lead to security breaches. Recommendations For versions prior to...

9.8CVSS9.3AI score0.00408EPSS

Exploits0References6

Positive Technologies•added 2025/05/23 12:0 a.m.•3 views

PT-2025-22766

Name of the Vulnerable Software and Affected Versions STAGGS versions n/a through 2.11.0 Description The issue allows for the unrestricted upload of files with dangerous types, enabling the upload of a web shell to a web server. This can lead to potential security breaches. Recommendations For...

10CVSS7.3AI score0.00365EPSS

Exploits0References5

The Hacker News•added 2025/05/22 11:11 a.m.•14 views

Identity Security Has an Automation Problem—And It's Bigger Than You Think

For many organizations, identity security appears to be under control. On paper, everything checks out. But new research from Cerby, based on insights from over 500 IT and security leaders, reveals a different reality: too much still depends on people—not systems—to function. In fact, fewer than ...

7.2AI score

Exploits0

The Hacker News•added 2025/05/20 11:0 a.m.•16 views

The Crowded Battle: Key Insights from the 2025 State of Pentesting Report

In the newly released 2025 State of Pentesting Report, Pentera surveyed 500 CISOs from global enterprises 200 from within the USA to understand the strategies, tactics, and tools they use to cope with the thousands of security alerts, the persisting breaches and the growing cyber risks they have ...

7.1AI score

Exploits0

Tenable Nessus•added 2025/05/06 12:0 a.m.•5 views

EulerOS 2.0 SP12 : llvm (EulerOS-SA-2025-1427)

According to the versions of the llvm packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When using Arm Cortex-M Security Extensions CMSE, Secure stack contents can be leaked to Non-secure state via floating-point registers when a Secure...

3.7CVSS5.4AI score0.00478EPSS

Exploits1References2

Qualys Blog•added 2025/04/29 12:46 p.m.•10 views

Guard Against GenAI and LLM Risks from Development to Deployment with Qualys TotalAI

Artificial intelligence is fundamentally reshaping the enterprise. From automating customer service to accelerating code generation, large language models LLMs are rapidly becoming embedded in how businesses operate and compete. But as organizations embrace this innovation, they are also opening...

7.8AI score

Exploits0

HackRead•added 2025/03/26 7:34 p.m.•10 views

Penetration Testing Services: Strengthening Cybersecurity Against Evolving Threats

Cybersecurity threats are evolving at an unprecedented pace, leaving organizations vulnerable to large-scale attacks. Security breaches and data…...

7.3AI score

Exploits0

The Hacker News•added 2025/03/05 11:0 a.m.•19 views

Identity: The New Cybersecurity Battleground

The rapid adoption of cloud services, SaaS applications, and the shift to remote work have fundamentally reshaped how enterprises operate. These technological advances have created a world of opportunity but also brought about complexities that pose significant security threats. At the core of...

7.3AI score

Exploits0