CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

193 matches found

CNNVD•added 2026/04/17 12:0 a.m.•6 views

Firebird 安全漏洞

Firebird is a set of open-source, cross-platform relational database management systems provided by the Firebird Foundation, offering multiple ANSI SQL-92 features. Vulnerabilities exist in versions prior to Firebird 5.0.4, 4.0.7, and 3.0.14. These vulnerabilities stem from the server failing to...

8.2CVSS5.8AI score0.00465EPSS

Exploits1References2

EUVD•added 2026/03/04 9:32 p.m.•4 views

EUVD-2026-9479

A vulnerability in the OSPF protocol of Cisco Secure Firewall ASA Software and Cisco Secure FTD Software could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpectedly, resulting in a DoS condition when OSPF canonicalization debug is enabled by using the...

6.1CVSS5.9AI score0.00194EPSS

Exploits0References2

Packet Storm•added 2026/02/18 12:0 a.m.•110 views

📄 Saturn Remote Mouse Server 1 Command Injection

A service component of Saturn Remote Mouse Server listens for unauthenticated UDP JSON-like frames on UDP port 27000. Improper input handling allows specially crafted frames to cause execution of arbitrary commands within the context of the service process, resulting in remote code execution on t...

8.6CVSS6.8AI score0.01209EPSS

Exploits1

RedhatCVE•added 2026/01/09 8:59 a.m.•6 views

CVE-2023-49133

A command execution vulnerability exists in the tddpd enabletestmode functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point EAP225 V3 v5.1.0 Build 20220926 and Tp-Link N300 Wireless Access Point EAP115 V4 v5.0.4 Build 20220216. A specially crafted series of network requests can lea...

9.8CVSS7.3AI score0.01749EPSS

Exploits1References1

CVE•added 2025/12/22 2:32 p.m.•27 views

CVE-2025-61740

Johnson Controls IQ Panels2, 2+, IQHub, IQPanel 4 and PowerG are affected by an origin validation error where the device does not verify the source of a received packet. This can enable a denial-of-service or modification of device configuration (CVSS v4.0 base score 7.2). The connected documents...

7.2CVSS6.4AI score0.00123EPSS

Exploits0References2

CNNVD•added 2025/12/22 12:0 a.m.•3 views

Johnson Controls IQ series和Johnson Controls PowerG 安全漏洞

The Johnson Controls IQ series and Johnson Controls PowerG are both products of Johnson Controls, Inc.The Johnson Controls IQ series is a series of intelligent security and automation control platforms.The Johnson Johnson Controls PowerG is a communications device. A security vulnerability exists...

7.2CVSS6.8AI score0.00123EPSS

Exploits0References2

RedhatCVE•added 2025/12/19 2:9 p.m.•3 views

CVE-2025-40891

A Stored HTML Injection vulnerability was discovered in the Time Machine Snapshot Diff functionality due to improper validation of network traffic data. An unauthenticated attacker can send specially crafted network packets at two different times to inject HTML tags into asset attributes across t...

4.7CVSS6.5AI score0.00143EPSS

Exploits0References1

NVD•added 2025/12/18 2:15 p.m.•3 views

CVE-2025-40893

A Stored HTML Injection vulnerability was discovered in the Asset List functionality due to improper validation of network traffic data. An unauthenticated attacker can send specially crafted network packets to inject HTML tags into asset attributes. When a victim views the affected assets in the...

6.1CVSS0.0016EPSS

Exploits0References2

Positive Technologies•added 2025/12/18 12:0 a.m.•2 views

PT-2025-52221

6.1CVSS6AI score0.0016EPSS

Exploits0References1

RedhatCVE•added 2025/12/02 4:14 p.m.•4 views

CVE-2025-55222

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP USB Function functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to a denial of service. An attacker can send an unauthenticated packet to trigger this vulnerability.This...

8.6CVSS6.8AI score0.00349EPSS

Exploits0References1

RedhatCVE•added 2025/12/02 4:14 p.m.•15 views

CVE-2025-54850

A denial of service vulnerability exists in the Modbus TCP and Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted series of network requests can lead to a denial of service. An attacker can send a sequence of unauthenticated packets to trigger this...

7.5CVSS6.9AI score0.00268EPSS

Exploits0References1

RedhatCVE•added 2025/12/02 4:14 p.m.•6 views

CVE-2025-20085

A denial of service vulnerability exists in the Modbus RTU over TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to denial of service and weaken credentials resulting in default documented credentials being applied to the device. An attacker can...

7.2CVSS6.8AI score0.00229EPSS

Exploits0References1

RedhatCVE•added 2025/12/02 4:14 p.m.•13 views

CVE-2024-49572

A denial of service vulnerability exists in the Modbus TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted network packet can lead to denial of service and weaken credentials resulting in default documented credentials being applied to the device. An attacker can send an...

7.2CVSS6.8AI score0.00229EPSS

Exploits0References1

RedhatCVE•added 2025/12/02 4:14 p.m.•4 views

CVE-2025-26858

A buffer overflow vulnerability exists in the Modbus TCP functionality of Socomec DIRIS Digiware M-70 1.6.9. A specially crafted set of network packets can lead to denial of service. An attacker can send a sequence of unauthenticated packets to trigger this vulnerability...

8.6CVSS7.2AI score0.0043EPSS

Exploits0References1