CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

41 matches found

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2022-34069

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.01068EPSS

Exploits1References1

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2022-34062

Malicious code in bioql PyPI...

9.8CVSS9.4AI score0.01068EPSS

Exploits1References1

The Hacker News•added 2025/09/09 11:53 a.m.•5 views

RatOn Android Malware Detected With NFC Relay and ATS Banking Fraud Capabilities

A new Android malware called RatOn has evolved from a basic tool capable of conducting Near Field Communication NFC relay attacks to a sophisticated remote access trojan with Automated Transfer System ATS capabilities to conduct device fraud. "RatOn merges traditional overlay attacks with automat...

7AI score

Exploits0

CNNVD•added 2025/06/10 12:0 a.m.•1 views

ZendTo 安全漏洞

ZendTo is a web-based file transfer system from ZendTo Inc. A security vulnerability exists in ZendTo 6.10-6 Beta and earlier versions, which stems from an os command injection due to the misbehavior of the parameter file1 in the file NSSDropoff.php...

7.5CVSS7.7AI score0.01863EPSS

Exploits0References4

OSV•added 2025/02/25 8:3 p.m.•16 views

CVE-2025-27142 LocalSend path traversal vulnerability in the file upload endpoint allows nearby devices to execute arbitrary commands

LocalSend is a free, open-source app that allows users to securely share files and messages with nearby devices over their local network without needing an internet connection. Prior to version 1.17.0, due to the missing sanitization of the path in the POST /api/localsend/v2/prepare-upload and th...

8.7CVSS7.2AI score0.00514EPSS

Exploits0References4

BDU FSTEC•added 2023/12/01 12:0 a.m.•4 views

The vulnerability of the MOVEit Gateway proxy server software, which is used for processing and transmitting confidential data in the Progress MOVEit Transfer system, allows a perpetrator to carry out cross-site scripting attacks.

The vulnerability of the MOVEit Gateway proxy server software for processing and transmitting confidential data within the Progress MOVEit Transfer system is related to the lack of security measures for the website structure. Exploiting this vulnerability allows a malicious actor to perform...

8.5CVSS6AI score0.00511EPSS

Exploits0References5

The Hacker News•added 2023/09/26 11:49 a.m.•48 views

Xenomorph Banking Trojan: A New Variant Targeting 35+ U.S. Financial Institutions

An updated version of an Android banking trojan called Xenomorph has set its sights on more than 35 financial institutions in the U.S. The campaign, according to Dutch security firm ThreatFabric, leverages phishing web pages that are designed to entice victims into installing malicious Android ap...

6.6AI score

Exploits0

The Hacker News•added 2023/05/05 11:49 a.m.•3 views

Hackers Targeting Italian Corporate Banking Clients with New Web-Inject Toolkit DrIBAN

Italian corporate banking clients are the target of an ongoing financial fraud campaign that has been leveraging a new web-inject toolkit called drIBAN since at least 2019. "The main goal of drIBAN fraud operations is to infect Windows workstations inside corporate environments trying to alter...

6.1AI score

Exploits0

The Hacker News•added 2023/03/10 10:3 a.m.•94 views

Xenomorph Android Banking Trojan Returns with a New and More Powerful Variant

A new variant of the Android banking trojan named Xenomorph has surfaced in the wild, latest findings from ThreatFabric reveal. Named "Xenomorph 3rd generation" by the Hadoken Security Group, the threat actor behind the operation, the updated version comes with new features that allow it to perfo...

1.8AI score

Exploits0

The Hacker News•added 2023/02/04 1:39 p.m.•5 views

PixPirate: New Android Banking Trojan Targeting Brazilian Financial Institutions

A new Android banking trojan has set its eyes on Brazilian financial institutions to commit fraud by leveraging the PIX payments platform. Italian cybersecurity company Cleafy, which discovered the malware between the end of 2022 and the beginning of 2023, is tracking it under the name PixPirate...

6.8AI score

Exploits0

OSV•added 2022/06/10 1:15 p.m.•3 views

CVE-2021-44582

A Privilege Escalation vulnerability exists in Sourcecodester Money Transfer Management System 1.0, which allows a remote malicious user to gain elevated privileges to the Admin role via any URL...

8.8CVSS5.8AI score0.01392EPSS

Exploits1References2

CNNVD•added 2022/06/10 12:0 a.m.•3 views

Money Transfer Management System 安全漏洞

Money Transfer Management System is a remittance management system.An elevation of privilege vulnerability exists in Money Transfer Management System version 1.0. A remote attacker can exploit this vulnerability to gain elevated privileges to the Admin role via any URL...

8.8CVSS5.7AI score0.01392EPSS

Exploits1References3