CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

This repository contains a collection of scripts written by AverageSecurityGuy for use in penetration testing engagements. The scripts are categorized into various folders, each containing a specific type of script, such as password brute forcing, cloud interaction, database testing, enumeration,...

7AI score

Exploits0

OSV•added 2025/09/12 2:25 p.m.•3 views

OESA-2025-2259 buildah security update

The package provides a command line tool which can be used to create a working container from scratch or create a working container from an image as a starting point mount/umount a working container's root file system for manipulation save container's root file system layer to create a new image...

9.1CVSS6.5AI score0.03092EPSS

Exploits2References4

Positive Technologies•added 2025/06/16 12:0 a.m.•4 views

PT-2025-25604

Name of the Vulnerable Software and Affected Versions Teleport versions prior to 17.5.2 Teleport versions 17.0.0 through 17.5.1 Teleport versions 16.0.0 through 16.5.11 Teleport versions 15.0.0 through 15.5.2 Teleport versions 14.0.0 through 14.4.0 Teleport versions 13.0.0 through 13.4.26 Telepor...

10CVSS6.6AI score0.07754EPSS

Exploits0References92

RedhatCVE•added 2025/05/23 4:53 a.m.•5 views

CVE-2023-20046

A vulnerability in the key-based SSH authentication feature of Cisco StarOS Software could allow an authenticated, remote attacker to elevate privileges on an affected device. This vulnerability is due to insufficient validation of user-supplied credentials. An attacker could exploit this...

8.8CVSS7.2AI score0.00861EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 4:25 a.m.•4 views

CVE-2023-43809

Soft Serve is a self-hostable Git server for the command line. Prior to version 0.6.2, a security vulnerability in Soft Serve could allow an unauthenticated, remote attacker to bypass public key authentication when keyboard-interactive SSH authentication is active, through the allow-keyless...

7.5CVSS7.3AI score0.0089EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 1:55 a.m.•7 views

CVE-2023-24022

Baicells Nova 227, Nova 233, and Nova 243 LTE TDD eNodeB devices with firmware through RTS/RTD 3.7.11.3 have hardcoded credentials that are easily discovered and can be used by remote attackers to authenticate via ssh. The credentials are stored in the firmware, encrypted by the crypt function...

10CVSS7AI score0.01557EPSS

Exploits0References1

AstraLinux•added 2025/05/19 3:19 p.m.•2 views

Astra Linux – Vulnerability in Erlang

Erlang is a programming language and runtime system designed for building massively scalable, soft-real-time systems with high availability requirements. OTP is a set of Erlang libraries, which includes the Erlang runtime system and several ready-to-use components written in Erlang. The packet si...

7CVSS6.3AI score0.00449EPSS

Exploits0References3

Vulnrichment•added 2025/05/07 10:4 p.m.•7 views

CVE-2025-36546 F5OS Appliance Mode vulnerability

On an F5OS system, if the root user had previously configured the system to allow login via SSH key-based authentication, and then enabled Appliance Mode; access via SSH key-based authentication is still allowed. For an attacker to exploit this vulnerability they must obtain the root user's SSH...

9.2CVSS8.2AI score0.00372EPSS

Exploits0References1

RedhatCVE•added 2025/04/26 1:18 a.m.•19 views

CVE-2025-43013

In JetBrains Toolbox App before 2.6 unencrypted credential transmission during SSH authentication was possible...

7.5CVSS7.2AI score0.00134EPSS

Exploits0References1

CNVD•added 2025/04/22 12:0 a.m.•14 views

Unspecified Vulnerability in JetBrains Toolbox App

JetBrains Toolbox App is an application for managing JetBrains development tools that helps users install, update and manage multiple JetBrains development tools. A security vulnerability exists in JetBrains Toolbox App that stems from unencrypted transmission of credentials during SSH...

7.5CVSS5.9AI score0.00134EPSS

Exploits0References1