CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2025/11/05 5:40 a.m.•2 views

EUVD-2025-37809

Out-of-bounds write in libimagecodec.quram.so prior to SMR Nov-2025 Release 1 allows remote attackers to access out-of-bounds memory...

4.3CVSS6.4AI score0.0022EPSS

Exploits1References2

EUVD•added 2025/11/05 5:40 a.m.•4 views

EUVD-2025-37806

Out-of-bounds write in handling opcode in fingerprint trustlet prior to SMR Nov-2025 Release 1 allows local privileged attackers to write out-of-bounds memory...

5.7CVSS6AI score0.001EPSS

EUVD•added 2025/11/05 5:31 a.m.•14 views

EUVD-2025-37802

The AI Engine plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.1.3 via the /mcp/v1/ REST API endpoint that exposes the 'Bearer Token' value when 'No-Auth URL' is enabled. This makes it possible for unauthenticated attackers to extract th...

9.8CVSS5.9AI score0.68846EPSS

Exploits5References4

EUVD•added 2025/11/05 3:27 a.m.•4 views

EUVD-2025-37811

The Paid Membership Subscriptions – Effortless Memberships, Recurring Payments & Content Restriction plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability and validation check on the PMSAJAXCheckoutHandler::processpayment function in all versions up t...

5.3CVSS4.9AI score0.0019EPSS

EUVD•added 2025/11/05 12:31 a.m.•2 views

EUVD-2025-37825

EUVD-2025-37825...

7.5CVSS6.4AI score0.00196EPSS

Exploits1References2

EUVD•added 2025/11/05 12:31 a.m.•4 views

EUVD-2025-37824

EUVD-2025-37824...

6CVSS6.4AI score0.00189EPSS

EUVD•added 2025/11/05 12:31 a.m.•5 views

EUVD-2025-37823

EUVD-2025-37823...

8.4CVSS6.4AI score0.00152EPSS

Exploits0References4

EUVD•added 2025/11/05 12:31 a.m.•3 views

EUVD-2025-37821

EUVD-2025-37821...

8.2CVSS6.4AI score0.00295EPSS

EUVD•added 2025/11/05 12:0 a.m.•2 views

EUVD-2025-37764

MDaemon Mail Server 23.5.2 validates SPF, DKIM, and DMARC using the email enclosed in angle brackets in the From: header of SMTP DATA. An attacker can craft a From: header with multiple invisible Unicode thin spaces to display a spoofed sender while passing validation, allowing email spoofing eve...

7.1CVSS6.3AI score0.00192EPSS

EUVD•added 2025/11/04 9:31 p.m.•4 views

EUVD-2025-37828

EUVD-2025-37828...

6.5CVSS6.4AI score0.00181EPSS

5.3CVSS6.4AI score0.00256EPSS

EUVD-2025-37822

EUVD-2025-37822...

5.3CVSS6.4AI score0.00183EPSS

EUVD-2025-37838

EUVD-2025-37838...

6.1CVSS6.4AI score0.00161EPSS

EUVD-2025-37837

EUVD-2025-37837...

EUVD•added 2025/11/04 9:31 p.m.•2 views

EUVD-2025-37830

EUVD-2025-37830...

6.5CVSS6.4AI score0.00175EPSS

EUVD•added 2025/11/04 9:31 p.m.•2 views

EUVD-2025-37829

EUVD-2025-37829...

5.3CVSS6.4AI score0.00193EPSS

EUVD•added 2025/11/04 9:31 p.m.•2 views

EUVD-2025-37839

EUVD-2025-37839...

5.3CVSS6.4AI score0.00183EPSS

7.5CVSS6.4AI score0.00289EPSS

EUVD-2025-37833

EUVD-2025-37833...

EUVD•added 2025/11/04 6:20 a.m.•2 views

EUVD-2025-37561

In wlan AP driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Patch ID: WCNCR00432679; Issue ID: MSV-395...

6.7CVSS6.2AI score0.0016EPSS

EUVD•added 2025/11/04 6:20 a.m.•4 views

EUVD-2025-37555

6.7CVSS6.2AI score0.00127EPSS