CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-28402

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.00179EPSS

Exploits1References1

RedhatCVE•added 2025/08/30 6:21 p.m.•0 views

CVE-2025-52054

An issue was discovered in Tenda AC8 v4.0 AC1200 Dual-band Gigabit Wireless Router AC8v4.0 Firmware 16.03.33.05. The root password of the device is calculated with a static string and the last two octets of the MAC address of the device. This allows an unauthenticated attacker to authenticate wit...

5.3CVSS7.4AI score0.00179EPSS

Exploits1References1

OSV•added 2025/08/28 3:16 p.m.•1 views

CVE-2025-52054

5.3CVSS5.8AI score0.00179EPSS

Exploits1References1

NVD•added 2025/08/28 3:16 p.m.•1 views

CVE-2025-52054

5.3CVSS0.00179EPSS

Exploits1References1

CVE•added 2025/08/28 12:0 a.m.•12 views

CVE-2025-52054

CVE-2025-52054 affects Tenda AC8 v4.0 AC1200 Dual-band Gigabit Router, firmware 16.03.33.05. Root password is derived from a static string and the device’s last MAC octets, enabling unauthenticated access to network services. Connected sources confirm the vulnerable component and root-password de...

5.3CVSS6.8AI score0.00179EPSS

Exploits1References1Affected Software1

Cvelist•added 2025/08/28 12:0 a.m.•4 views

CVE-2025-52054

0.00179EPSS

Exploits1References1

Vulnrichment•added 2025/08/28 12:0 a.m.•1 views

CVE-2025-52054

6.9AI score0.00179EPSS

Exploits1References1

Positive Technologies•added 2025/08/28 12:0 a.m.•1 views

PT-2025-35091

Name of the Vulnerable Software and Affected Versions: Tenda AC8 v4.0 AC1200 Dual-band Gigabit Wireless Router versions 16.03.33.05 Description: An issue exists where the root password of the device is calculated using a static string and the last two octets of the device's MAC address. This allo...

5.3CVSS6.6AI score0.00179EPSS

Exploits1References3

OSV•added 2025/08/14 6:52 p.m.•1 views

MAL-2025-40951 Malicious code in zero-old-static-string-daemon (npm)

The package zero-old-static-string-daemon was found to contain malicious code...

7.2AI score

Exploits0

OSSF Malicious Packages•added 2025/08/14 6:52 p.m.•2 views

Malicious code in zero-old-static-string-daemon (npm)

The package zero-old-static-string-daemon was found to contain malicious code...

7AI score

Exploits0

RedhatCVE•added 2025/05/22 8:4 a.m.•9 views

CVE-2019-13177

verification.py in django-rest-registration aka Django REST Registration library before 0.5.0 relies on a static string for signatures i.e., the Django Signing API is misused, which allows remote attackers to spoof the verification process. This occurs because incorrect code refactoring led to...

9.8CVSS7AI score0.00405EPSS

Exploits1References1

CNNVD•added 2024/10/03 12:0 a.m.•1 views

DrayTek Vigor 3910 安全漏洞

The DrayTek Vigor 3910 is a high-performance router for enterprise networks from China-based DrayTek. A security vulnerability exists in the DrayTek Vigor 3910 version 4.3.2.6 and prior versions, which originates from the Vigor Management UI's httpd server using static strings to seed OpenSSL's...

7.5CVSS6.8AI score0.00074EPSS

Exploits0References3

SUSE CVE•added 2023/02/15 5:57 a.m.•1 views

SUSE CVE-2010-3053

bdf/bdflib.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service application crash via a crafted BDF font file, related to an attempted modification of a value in a static string...

4.3CVSS6.7AI score0.01701EPSS

Exploits0References7

Huntr•added 2021/08/02 4:58 p.m.•19 views

in star7th/showdoc

✍️ Description The referenced code block computes a MD5 hash based on a string "rgrsfsrfsrf", the current time, and a random number. The string used is static and does not appear to change, therefore I'm not sure why it is there in the first place as it does not provide any additional security...

4.3CVSS0.6AI score0.00391EPSS

Exploits0