CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2021-10080

Malware in sbrugna...

5.8CVSS5.6AI score0.00346EPSS

EUVD•added 2025/10/07 12:30 a.m.•14 views

EUVD-2021-2391

Malware in sbrugna...

7.5CVSS7.5AI score0.01075EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2021-10078

Malware in sbrugna...

6.5CVSS6.5AI score0.00427EPSS

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2024-38913

Malicious code in bioql PyPI...

5.1CVSS6.2AI score0.00991EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-38910

Malicious code in bioql PyPI...

6.9CVSS6.2AI score0.0078EPSS

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-38909

Malicious code in bioql PyPI...

6.9CVSS6.2AI score0.00593EPSS

EUVD•added 2025/10/03 8:7 p.m.•7 views

EUVD-2023-58371

Malicious code in bioql PyPI...

8.9CVSS6.6AI score0.00661EPSS

RedhatCVE•added 2025/05/22 7:16 p.m.•6 views

CVE-2021-22951

Unauthorized individuals could view password protected files using viewinline in Concrete CMS previously concrete 5 prior to version 8.5.7. Concrete CMS now checks to see if a file has a password in viewinline and, if it does, the file is not rendered.For version 8.5.6, the following mitigations...

7.5CVSS7AI score0.01075EPSS

RedhatCVE•added 2025/05/22 7:16 p.m.•10 views

CVE-2021-22950

Concrete CMS prior to 8.5.6 had a CSFR vulnerability allowing attachments to comments in the conversation section to be deleted.Credit for discovery: "Solar Security Research Team"...

6.5CVSS6.8AI score0.00427EPSS

Vulnrichment•added 2024/12/24 5:30 a.m.•5 views

CVE-2024-41884 Null Pointer Dereference

Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on the NVR. If an attacker does not enter any value for a specific URL parameter, NULL pointer references will occur and the NVR will reboot. The manufacturer has released patch firmware for the flaw,...

6.9CVSS8.1AI score0.0078EPSS

CVE•added 2024/12/24 5:27 a.m.•48 views

CVE-2024-41885

CVE-2024-41885 affects the NVR. The root cause is a hardcoded seed for the encryption key, enabling remote code execution when combined with required local access. Vendor has issued a patch firmware; see the manufacturer report for details and workarounds. Current metrics indicate local attack ve...

5.6CVSS7.5AI score0.00182EPSS

Cvelist•added 2024/12/24 5:27 a.m.•23 views

CVE-2024-41885 Hardcoding sensitive information

Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on the NVR. The seed string for the encrypt key was hardcoding. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and workarounds...

5.6CVSS0.00182EPSS

Vulnrichment•added 2024/12/24 5:23 a.m.•7 views

CVE-2024-41886 Improper Input Validation

Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on the NVR. An attacker could inject malformed data into url input parameters to reboot the NVR. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for...

6.9CVSS7.5AI score0.00593EPSS

Snyk•added 2023/03/14 8:19 a.m.•2 views

Malicious Package

Overview cms-ui-views is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...

Snyk•added 2023/03/01 8:18 a.m.•2 views

Malicious Package

Overview testneb is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...

Snyk•added 2023/03/01 8:18 a.m.•1 views

Malicious Package

Overview typeparsers is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...

Snyk•added 2023/03/01 8:18 a.m.•0 views

Malicious Package

Overview @skinternal/sk-logger is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this...

Snyk•added 2023/01/29 3:29 p.m.•1 views

Malicious Package

Overview robloxtracer is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...

Snyk•added 2023/01/29 3:29 p.m.•2 views

Malicious Package

Overview editsession is a malicious package. The package's name is based on existing repositories, namespaces, or components used by popular companies in an effort to trick employees into downloading it, also known as 'dependency confusion'. Therefore, you're only vulnerable if this package was...