CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14814 matches found

Vulnrichment•added 2025/10/15 1:55 p.m.•6 views

CVE-2025-53868 BIG-IP SCP and SFTP vulnerability

When running in Appliance mode, a highly privileged authenticated attacker with access to SCP and SFTP may be able to bypass Appliance mode restrictions using undisclosed commands. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS6.3AI score0.00408EPSS

Exploits0References1

SUSE Linux•added 2025/10/14 3:20 p.m.•3 views

Security update for libssh

This update for libssh fixes the following issues: CVE-2025-8114: Fixed NULL pointer dereference when calculating the session ID during the key exchange KEX process bsc1246974 CVE-2025-8277: Fixed Memory Exhaustion via Repeated Key Exchange bsc1249375 Patch Instructions: To install this SUSE upda...

5.7CVSS7.1AI score0.00375EPSS

Exploits0References8

Tenable Nessus•added 2025/10/14 12:0 a.m.•4 views

Dell Enterprise SONiC OS < 4.5.0a RCE (DSA-2025-275)

The version of Dell Enterprise SONiC OS running on the remote host is prior to 4.5.0a. It is, therefore, affected by a remote code execution vulnerability as detailed in the DSA-2025-275 advisory: - Dell Enterprise SONiC OS, version 4.5.0, contains a cryptographic key vulnerability in SSH. An...

7.5CVSS6.5AI score0.00355EPSS

Exploits0References2

OpenVAS•added 2025/10/14 12:0 a.m.•2 views

OPENVAS SCAN / Greenbone Enterprise Appliance (GEA) / Greenbone Security Manager (GSM) / Greenbone OS (GOS) (SSH Banner)

SSH banner-based detection of OPENVAS SCAN / Greenbone Enterprise Appliance GEA / Greenbone Security Manager GSM / Greenbone OS GOS. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

7AI score

Exploits0

OSV•added 2025/10/11 1:20 p.m.•2 views

OESA-2025-2370 erlang security update

Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson. Security Fixes: Allocation of Resources Without Limits or Throttling...

5.3CVSS6.9AI score0.00359EPSS

Exploits0References2

Hacker One•added 2025/10/10 5:40 p.m.•19 views

curl: Missing enforcement of SFTP quote syntax can lead to operation on wrong object

Summary: curl supports -Q or --quote and libcurl CURLOPTQUOTE to specify "commands" to execute for ftp and SFTP connections. The SFTP supports commands that perform operations on filesystem objects. When the object path has a filename, the caller is supposed to quote the parameter example: -Q...

7.2AI score

Exploits0

OSV•added 2025/10/09 5:8 p.m.•2 views

JLSEC-2025-7 ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain...

ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. A configuration...

3.6CVSS6.7AI score0.00221EPSS

Exploits2References10

Positive Technologies•added 2025/10/09 12:0 a.m.•6 views

PT-2025-41409

Name of the Vulnerable Software and Affected Versions Juniper Networks Junos Space versions prior to 22.2R1 Patch V3 Juniper Networks Junos Space versions 23.1 before 23.1R1 Patch V3 Description An Uncontrolled Resource Consumption issue exists in the HTTP daemon httpd of Juniper Networks Junos...

8.7CVSS6.6AI score0.00379EPSS

Exploits0References8

Positive Technologies•added 2025/10/09 12:0 a.m.•1 views

PT-2025-41791

Уязвимость микропрограммного обеспечения медиаконвертеров TRC-2190 Series связана с использованием жестко закодированного криптографического ключа. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, выполнить атаку типа «человек посередине» путем использования общедоступно...

10CVSS7AI score

Exploits0References2

OSV•added 2025/10/08 7:21 p.m.•5 views

CLSA-2025-1759951300 libssh: Fix of CVE-2025-5372

CVE-2025-5372: uninitialized key buffers caused by inconsistent sshkdf return value...

8.8CVSS6.8AI score0.00407EPSS

Exploits0References1

RedHat Linux•added 2025/10/08 3:52 p.m.•6 views

Important: Red Hat Security Advisory: OpenShift Container Platform 4.17.41 bug fix and security update

Red Hat OpenShift Container Platform release 4.17.41 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.17. Red Hat Product Security has rated this update as having a...

9.1CVSS6.8AI score0.03092EPSS

Exploits2References2

Tenable Nessus•added 2025/10/08 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2025-61984

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution...

3.6CVSS6.8AI score0.00221EPSS

Exploits2References3