CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2026/01/28 11:58 a.m.•5 views

EUVD-2025-206496

5.1CVSS5.9AI score0.00173EPSS

ATTACKERKB•added 2026/01/28 11:58 a.m.•5 views

CVE-2025-59896

5.1CVSS5.9AI score0.00173EPSS

Cvelist•added 2026/01/28 11:58 a.m.•27 views

CVE-2025-59896 Authenticated Cross-Site Scripting (XSS) vulnerability in Sync Breeze Enterprise Server

5.1CVSS0.00173EPSS

Cvelist•added 2026/01/28 11:55 a.m.•28 views

CVE-2025-59895 Remote denial-of-service (DoS) vulnerability in Sync Breeze Enterprise Server

Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a remote denial-of-service DoS vulnerability in the configuration restore functionality. The issue is due to insufficient validation of user-supplied data during this process. An attacker could send malicious reques...

8.2CVSS0.00367EPSS

EUVD•added 2026/01/28 11:55 a.m.•3 views

EUVD-2025-206494

8.2CVSS5.9AI score0.00367EPSS

ATTACKERKB•added 2026/01/28 11:55 a.m.•6 views

CVE-2025-59895

8.2CVSS5.9AI score0.00367EPSS

Cvelist•added 2026/01/28 11:53 a.m.•29 views

CVE-2025-59894 Cross-Site request forgery (CSRF) vulnerability in Sync Breeze Enterprise Server

Cross-Site request forgery CSRF vulnerability in Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18. An authenticated user could cause another user to perform unwanted actions within the application they are logged into. This vulnerability is possible due to the lack of...

8.5CVSS0.00124EPSS

ATTACKERKB•added 2026/01/28 11:53 a.m.•3 views

CVE-2025-59894

CVE•added 2026/01/28 11:53 a.m.•12 views

CVE-2025-59894

CVE-2025-59894 is a CSRF flaw affecting Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18. The issue arises from missing CSRF token validation, enabling an authenticated attacker to induce other logged-in users to perform unintended actions, such as issuing a POST to delet...

Exploits0References1Affected Software2

Vulnrichment•added 2026/01/28 11:53 a.m.•5 views

CVE-2025-59894 Cross-Site request forgery (CSRF) vulnerability in Sync Breeze Enterprise Server

EUVD•added 2026/01/28 11:53 a.m.•6 views

EUVD-2025-206493

EUVD•added 2026/01/28 11:52 a.m.•3 views

EUVD-2025-206492

ATTACKERKB•added 2026/01/28 11:52 a.m.•5 views

CVE-2025-59893

CVE•added 2026/01/28 11:52 a.m.•13 views

CVE-2025-59893

CVE-2025-59893 is a CSRF vulnerability affecting Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18. An authenticated attacker could induce another user to perform unwanted actions due to missing CSRF token protection. The description notes a specific vector: a POST request...

Exploits0References1Affected Software2

Cvelist•added 2026/01/28 11:52 a.m.•30 views

CVE-2025-59893 Cross-Site request forgery (CSRF) vulnerability in Sync Breeze Enterprise Server

8.5CVSS0.00127EPSS

CVE•added 2026/01/28 11:52 a.m.•10 views

CVE-2025-59892

Cross-Site Request Forgery (CSRF) vulnerability affecting Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18. Root cause: lack of proper CSRF token implementation allows an authenticated user to cause actions on behalf of another user. Practical impact includes unauthentica...

Exploits0References1Affected Software2

EUVD•added 2026/01/28 11:52 a.m.•4 views

EUVD-2025-206490

Cvelist•added 2026/01/28 11:52 a.m.•28 views

CVE-2025-59892 Cross-Site request forgery (CSRF) vulnerability in Sync Breeze Enterprise Server

8.5CVSS0.00127EPSS