CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14823 matches found

Tenable Nessus•added 2025/06/10 12:0 a.m.•5 views

Fortinet Fortigate SSH key is added even if operation is aborted (FG-IR-23-008)

The version of Fortigate installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-23-008 advisory. - An incomplete cleanup vulnerability CWE-459 in FortiOS 7.2 all versions and before & FortiProxy version 7.2.0 through 7.2.2...

3.2CVSS5.6AI score0.00183EPSS

Exploits0References2

CISA•added 2025/06/09 12:0 p.m.•7 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-32433link is external Erlang Erlang/OTP SSH Server Missing Authentication for Critical Function Vulnerability CVE-2024-42009link is external RoundCube...

10CVSS6.8AI score0.97673EPSS

In wildExploits42References7

GithubExploit•added 2025/06/09 10:4 a.m.•380 views

Exploit for Missing Authentication for Critical Function in Erlang Erlang\/Otp

CVE-2025-32433 Erlang SSH Library Exploit 🛑 Description: E...

10CVSS9AI score0.97673EPSS

Exploits36

Amazon•added 2025/06/09 12:0 a.m.•2 views

Important: amazon-ssm-agent

Issue Overview: SSH servers which implement file transfer protocols are vulnerable to a denial of service attack from clients which complete the key exchange slowly, or not at all, causing pending content to be read into memory, but never transmitted. CVE-2025-22869 Affected Packages:...

7.5CVSS6.9AI score0.00868EPSS

Exploits0

CISA KEV Catalog•added 2025/06/09 12:0 a.m.•21 views

Erlang Erlang/OTP SSH Server Missing Authentication for Critical Function Vulnerability

Erlang Erlang/OTP SSH server contains a missing authentication for critical function vulnerability. This could allow an attacker to execute arbitrary commands without valid credentials, potentially leading to unauthenticated remote code execution RCE. By exploiting a flaw in how SSH protocol...

10CVSS10AI score0.97673EPSS

In wildExploits36

RedhatCVE•added 2025/06/08 12:8 a.m.•16 views

CVE-2025-49599

Huawei EG8141A5 devices through V5R019C00S100, EG8145V5 devices through V5R019C00S100, and EG8145V5-V2 devices through V5R021C00S184 allow the Epuser account to disable ONT firewall functionality, e.g., to remove the default blocking of the SSH and TELNET TCP ports, aka HWNO-56Q3...

4.1CVSS4.5AI score0.00094EPSS

Exploits0References1

RedhatCVE•added 2025/06/06 5:21 p.m.•6 views

CVE-2025-20163

A vulnerability in the SSH implementation of Cisco Nexus Dashboard Fabric Controller NDFC could allow an unauthenticated, remote attacker to impersonate Cisco NDFC-managed devices. This vulnerability is due to insufficient SSH host key validation. An attacker could exploit this vulnerability by...

8.7CVSS7.3AI score0.00365EPSS

Exploits0References1

RedhatCVE•added 2025/06/06 5:21 p.m.•4 views

CVE-2025-20261

A vulnerability in the SSH connection handling of Cisco Integrated Management Controller IMC for Cisco UCS B-Series, UCS C-Series, UCS S-Series, and UCS X-Series Servers could allow an authenticated, remote attacker to access internal services with elevated privileges. This vulnerability is due t...

8.8CVSS7.2AI score0.00381EPSS

Exploits0References1

RedhatCVE•added 2025/06/06 5:21 p.m.•7 views

CVE-2025-20277

A vulnerability in the web-based management interface of Cisco Unified CCX could allow an authenticated, local attacker to execute arbitrary code on an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to improper...

6.7CVSS7.9AI score0.00147EPSS

Exploits0References1

NVD•added 2025/06/06 5:15 p.m.•12 views

CVE-2025-49599

4.1CVSS0.00094EPSS

Exploits0References1

Cvelist•added 2025/06/06 12:0 a.m.•7 views

CVE-2025-49599

4.1CVSS0.00094EPSS

Exploits0References1

Vulnrichment•added 2025/06/06 12:0 a.m.•3 views

CVE-2025-49599

4.1CVSS4.8AI score0.00094EPSS

Exploits0References1

CVE•added 2025/06/06 12:0 a.m.•90 views

CVE-2025-49599

CVE-2025-49599 affects Huawei ONT gateway devices: EG8141A5 (V5R019C00S100 and earlier), EG8145V5 (V5R019C00S100 and earlier), and EG8145V5-V2 (V5R021C00S184 and earlier). The issue allows the Epuser account to disable the ONT firewall, removing default blocking of SSH/TELNET ports. Connected sou...

4.1CVSS7.1AI score0.00094EPSS

Exploits0References1

Tenable Nessus•added 2025/06/06 12:0 a.m.•7 views

Cisco Integrated Management Controller Privilege Escalation (cisco-sa-ucs-ssh-priv-esc-2mZDtdjM)

According to its self-reported version, Cisco Integrated Management Controller Privilege Escalation is affected by a vulnerability. - A vulnerability in the SSH connection handling of Cisco Integrated Management Controller IMC for Cisco UCS B-Series, UCS C-Series, UCS S-Series, and UCS X-Series...

8.8CVSS5.7AI score0.00381EPSS

Exploits0References4

Tenable Nessus•added 2025/06/05 12:0 a.m.•4 views

RHEL 10 : gvisor-tap-vsock (RHSA-2025:7484)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:7484 advisory. A replacement for libslirp and VPNKit, written in pure Go. It is based on the network stack of gVisor. Compared to libslirp, gvisor-tap-vsock brings...

7.5CVSS7.1AI score0.00868EPSS

Exploits0References4

NVD•added 2025/06/04 5:15 p.m.•7 views

CVE-2025-20277

6.7CVSS0.00147EPSS

Exploits0References1