CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Name of the Vulnerable Software and Affected Versions Bayraktar Solar Energies ScadaWatt Otopilot versions prior to 27.05.2025 Description A SQL Injection issue exists in Bayraktar Solar Energies ScadaWatt Otopilot. The vulnerability is due to improper neutralization of special elements used in a...

9.8CVSS5.7AI score0.00103EPSS

Exploits0References7

Positive Technologies•added 2025/06/27 12:0 a.m.•1 views

PT-2025-27160 · WordPress · Wp Edit

Name of the Vulnerable Software and Affected Versions: WP Edit versions 4.0.4 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker can inject malicious...

5.9CVSS6.2AI score0.0017EPSS

Exploits0References3

OSV•added 2025/06/26 10:27 p.m.•2 views

MAL-2025-6596 Malicious code in sqiul83 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 67d309c2d4c740426c07cc17768f6313eebd765242e7e4a63aa04213d21358ea During installation of the source package, it attempts to silently download and start a remote executable. At the time of analysis, the downloading link did no...

6.9AI score

Exploits0References1

OSV•added 2025/05/09 8:14 p.m.•1 views

MAL-2025-6524 Malicious code in initer (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 d2aac1e40660cbe4323a93d03087f3b9a2d596a5dcfcf2bae3cb0a2ab37cf646 File is designed to download, hide under system-like name, and run a remote executable, widely identified as malicious. --- Category: MALICIOUS - The campaign...

6.9AI score

Exploits0References3

OSV•added 2025/03/31 4:0 p.m.•4 views

CGA-2R95-88F8-3H79

Bulletin has no description...

7.8CVSS7.2AI score0.00064EPSS

Exploits1

Chainguard•added 2025/03/12 7:15 p.m.•21 views

CVE-2025-22870 vulnerabilities

Vulnerabilities for packages: rabbitmq-messaging-topology-operator-fips, flux, kubeflow-fips, azcopy, terraform-provider-pagerduty, spire-controller-manager-fips, flux-notification-controller, fuse-overlayfs-snapshotter, harbor-scanner-trivy-fips, kube-bench, conftest-fips, envoy-ratelimit-fips,...

4.4CVSS6.4AI score0.00032EPSS

Exploits2

OSV•added 2025/03/10 4:2 p.m.•1 views

MAL-2025-2225 Malicious code in layouts-lib (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 668d31349d49bb3ffdf31cb641b2829be6ffcae92877d17241a593565a0dddb5 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7.2AI score

Exploits0References1

OSV•added 2025/03/03 10:30 a.m.•7 views

CVE-2025-0475 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 15.10 prior to 17.7.6, 17.8 prior to 17.8.4, and 17.9 prior to 17.9.1. A proxy feature could potentially allow unintended content rendering leading to XSS under specific circumstances...

8.7CVSS8.2AI score0.01145EPSS

Exploits0References5

RedhatCVE•added 2025/02/27 9:42 a.m.•6 views

CVE-2022-49065

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix the svcdeferredevent trace class Fix a NULL deref crash that occurs when an svcrqst is deferred while the sunrpc tracing subsystem is enabled. svcrevisit sets dr-xprt to NULL, so it can't be relied upon in the...

5.5CVSS6.4AI score0.0001EPSS

Exploits0References4

Chainguard•added 2025/02/25 1:11 p.m.•2 views

GHSA-MF63-R9WM-8Q2M vulnerabilities

Vulnerabilities for packages: mysql...

7.3AI score

Exploits0

The Hacker News•added 2025/02/07 11:1 a.m.•22 views

Microsoft Identifies 3,000 Leaked ASP.NET Keys Enabling Code Injection Attacks

Microsoft is warning of an insecure practice wherein software developers are incorporating publicly disclosed ASP.NET machine keys from publicly accessible resources, thereby putting their applications in attackers' pathway. The tech giant's threat intelligence team said it observed limited...

8.8AI score

Exploits0

Debian CVE•added 2025/01/29 8:0 p.m.•9 views

CVE-2025-0840

A vulnerability, which was classified as problematic, was found in GNU Binutils up to 2.43. This affects the function disassemblebytes of the file binutils/objdump.c. The manipulation of the argument buf leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The...

7.5CVSS5AI score0.00101EPSS

Exploits1

Chainguard•added 2024/12/18 10:15 p.m.•13 views

CVE-2024-12692 vulnerabilities

Vulnerabilities for packages: chromium...

8.8CVSS6.8AI score0.05389EPSS

Exploits0

Chainguard•added 2024/12/12 12:15 p.m.•11 views

CVE-2024-12570 vulnerabilities

Vulnerabilities for packages: gitlab-cng-fips...

6.7CVSS7.3AI score0.00026EPSS

Exploits1