CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Name of the Vulnerable Software and Affected Versions Windows Speech affected versions not specified Description An issue exists where sensitive information is inserted into sent data within Windows Speech. This could allow an authorized attacker to disclose information locally. Recommendations A...

5.5CVSS5.2AI score0.00074EPSS

Exploits0References6

EUVD•added 2025/11/10 6:2 p.m.•2 views

EUVD-2025-49339

Malicious code in specifiedbonoboz3n npm...

6.6AI score

Exploits0

OSV•added 2025/11/10 6:2 p.m.•0 views

MAL-2025-61330 Malicious code in specified_bonobo_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 1e4df4365620f9e0d959266e313d536e78c314f8febbc908fb98dd3a34aaa0e1 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score

Exploits0

EUVD•added 2025/11/10 6:2 p.m.•1 views

EUVD-2025-49337

Malicious code in specifiedpenguinz3n npm...

6.6AI score

Exploits0

Positive Technologies•added 2025/11/10 12:0 a.m.•2 views

PT-2025-46585

Name of the Vulnerable Software and Affected Versions rust-sudo-rs affected versions not specified Description A security update is available. The package rust-sudo-rs in Debian is affected by vulnerabilities. Recommendations At the moment, there is no information about a newer version that...

4.4CVSS6.5AI score0.00026EPSS

Exploits0References20

Positive Technologies•added 2025/11/06 12:0 a.m.•3 views

PT-2025-45377

Name of the Vulnerable Software and Affected Versions Rubygem MQTT affected versions not specified Description The Rubygem MQTT package did not have hostname validation enabled by default, which could allow for a Man-in-the-Middle MITM attack. This means a malicious actor could potentially...

7.4CVSS6.5AI score0.00048EPSS

Exploits0References12

RedhatCVE•added 2025/10/30 2:13 p.m.•3 views

CVE-2025-64136

A cross-site request forgery CSRF vulnerability in Jenkins Themis Plugin 1.4.1 and earlier allows attackers to connect to an attacker-specified HTTP server...

4.3CVSS6.7AI score0.00023EPSS

Exploits0References1

Positive Technologies•added 2025/10/30 12:0 a.m.•2 views

PT-2025-44397

Name of the Vulnerable Software and Affected Versions tftpsync affected versions not specified Description A path traversal flaw exists in the tftpsync/add and tftpsync/delete scripts. A remote attacker on an adjacent network can potentially write or delete files on the filesystem with the...

8.7CVSS6.5AI score0.00444EPSS

Exploits0References5

NVD•added 2025/10/29 2:15 p.m.•2 views

CVE-2025-64139

A missing permission check in Jenkins Start Windocks Containers Plugin 1.4 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL...

4.3CVSS0.00025EPSS

Exploits0References2

OSV•added 2025/10/29 2:15 p.m.•3 views

CVE-2025-64136

A cross-site request forgery CSRF vulnerability in Jenkins Themis Plugin 1.4.1 and earlier allows attackers to connect to an attacker-specified HTTP server...

4.3CVSS5.7AI score0.00023EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by