CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2025/07/22 1:37 a.m.•2 views

MAL-2025-6148 Malicious code in airbnb-shims (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 3f76fda5dc4d9010b0a0adb54190e014c01ed266b27db4335bc079d0035081c8 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSV•added 2025/07/01 5:8 a.m.•2 views

MAL-2025-5513 Malicious code in notification-logs (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 38d50a72b129f2bbf4413f253f4cc198bb674e07061123d5ba873a3374ed7ecd Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSV•added 2025/06/03 6:54 a.m.•2 views

MAL-2025-4644 Malicious code in https-parse (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ef1ec069afa771aee14fdc9cedd50a8db0d66030e38f15897a5816782e20a892 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSV•added 2025/05/19 6:21 a.m.•1 views

MAL-2025-4011 Malicious code in nestjs-translator (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware b0ceb5fa1318b74c2003c389bed9724f792a9755ee095548718c1aaead2bbaaf Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSV•added 2025/02/28 3:54 p.m.•1 views

MAL-2025-1593 Malicious code in floqast (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ee9b823d5e1026c463d7bfda29b3832b2d54415a7bdd50538e1faf5d9ec0e6e0 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSV•added 2025/02/28 3:53 p.m.•1 views

MAL-2025-1638 Malicious code in unpnotifyserv (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware ae8dc59eb2d9dac2d74fc1c76d26bee3a61d3a8519b9d61195455646c024585b Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

OSV•added 2025/02/05 11:27 p.m.•3 views

GO-2025-3455 Contrast's unauthenticated recovery allows Coordinator impersonation in github.com/edgelesssys/contrast

Contrast's unauthenticated recovery allows Coordinator impersonation in github.com/edgelesssys/contrast...

7.2AI score

CNNVD•added 2024/03/27 12:0 a.m.•1 views

Cisco IOS XE Software 安全漏洞

Cisco IOS XE Software is an operating system from Cisco, Inc. A single operating system for enterprise wired and wireless access, aggregation, core and WAN, Cisco IOS XE reduces business and network complexity. A security vulnerability exists in Cisco IOS XE Software that stems from a vulnerabili...

5.8CVSS6.5AI score0.00263EPSS

Exploits0References2

Vulnrichment•added 2024/01/16 9:41 p.m.•4 views

CVE-2024-20977

...

6.5CVSS6.5AI score0.00244EPSS

Exploits0References2

IBM Security Bulletins•added 2018/08/03 4:23 a.m.•44 views

Security Bulletin: Security Vulnerability in Apache Batik (CVE-2015-0250)

Summary Apache Batik could allow a remote attacker to obtain sensitive information. By persuading a victim to open a specially-crafted SVG file, an attacker could exploit this vulnerability to reveal files and obtain sensitive information. Vulnerability Details CVEID: CVE-2015-0250 DESCRIPTION:...

6.4CVSS1.3AI score0.02944EPSS

Exploits1Affected Software3

IBM Security Bulletins•added 2018/08/03 4:23 a.m.•51 views

Security Bulletin: ClassLoader manipulation with Apache Struts in WebSphere Application Server affecting Rational Developer for Power Systems Software, Rational Developer for AIX and Linux, Rational Developer for i, (CVE-2014-0114)

Summary Portions of IBM Rational Application Developer for WebSphere Software are shipped as a component of Rational Developer for Power Systems Software, Rational Developer for i, and Rational Developer for AIX and Linux. Information about a security vulnerability affecting Rational Application...

7.5CVSS1.6AI score0.92332EPSS

Exploits4Affected Software3

IBM Security Bulletins•added 2018/08/03 4:23 a.m.•17 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Rational Developer for i, Rational Developer for AIX and Linux, Rational Developer for Power Systems Software

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 7 and 8 that are used by Rational Developer for i, Rational Developer for AIX and Linux, Rational Developer for Power Systems Software. These issues were disclosed as part of the IBM Java SDK updates in...

7.5CVSS0.5AI score0.40993EPSS

Exploits7Affected Software3

IBM Security Bulletins•added 2018/08/03 4:23 a.m.•36 views

Security Bulletin: Vulnerability in Apache Commons affects Rational Developer for i, Rational Developer for AIX and Linux and Rational Developer for Power Systems Software (CVE-2015-7450)

Summary An Apache Commons Collections vulnerability for handling Java object deserialization was addressed by Rational Developer for i, Rational Developer for AIX and Linux and Rational Developer for Power Systems Software. Vulnerability Details CVEID: CVE-2015-7450 DESCRIPTION: Apache Commons...

10CVSS1.8AI score0.93274EPSS

Exploits10Affected Software3

IBM Security Bulletins•added 2018/08/03 4:23 a.m.•27 views

Security Bulletin: Man In The Middle Attack Vulnerability Affecting Rational Developer for AIX and Linux, Rational Developer for i, and Rational Developer for Power Systems Software (CVE-2014-0411)

Summary The version of the Java Runtime Environment shipped with certain versions of Rational Developer for AIX and Linux, Rational Developer for i, and Rational Developer for Power Systems Software has security vulnerabilities which affect these products. Vulnerability Details | Subscribe to My...

4CVSS1.2AI score0.01371EPSS

Exploits0Affected Software3

ThreatPost•added 2017/08/18 1:55 p.m.•109 views

Vendor Exposes Backup of Chicago Voter Roll via AWS Bucket

Voter registration data belonging to the entirety of Chicago’s electoral roll—1.8 million records—was found a week ago in an Amazon Web Services bucket configured for public access. The data was a backup stored in AWS by Election Systems & Software ES&S, a voting machine and election management...

0.2AI score