CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

85 matches found

OSV•added 2025/10/14 10:15 a.m.•3 views

CVE-2025-40773

A vulnerability has been identified in SiPass integrated All versions V3.0. Affected server applications contains a broken access control vulnerability. The authorization mechanism lacks sufficient server-side checks, allowing an attacker to execute a specific API request. Successful exploitation...

5.3CVSS5.8AI score0.0004EPSS

Exploits0References1

Vulnrichment•added 2025/10/14 9:15 a.m.•3 views

CVE-2025-40773

5.1CVSS6.8AI score0.0004EPSS

Exploits0References1

OSV•added 2025/10/07 2:15 p.m.•2 views

CVE-2025-50505

Clash Verge Rev thru 2.2.3 fixed in 2.3.0 forces the installation of system servicesclash-verge-service by default and exposes key functions through the unauthorized HTTP API /startclash, allowing local users to submit arbitrary binpath parameters and pass them directly to the service process for...

7.8CVSS5.9AI score0.00025EPSS

Exploits1References5

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-29639

Malware in sbrugna...

6.5CVSS6.5AI score0.00333EPSS

Exploits1References2

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2024-46875

Malicious code in bioql PyPI...

4.3CVSS6.5AI score0.00227EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-59669

Malicious code in bioql PyPI...

5.4CVSS6.6AI score0.00133EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-17087

Malicious code in bioql PyPI...

6.2CVSS6.6AI score0.00034EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2024-43465

Malicious code in bioql PyPI...

8.1CVSS6.5AI score0.00191EPSS

Exploits0References1

CNNVD•added 2025/08/20 12:0 a.m.•2 views

Radar 安全漏洞

Radar wind control engine is a lightweight real-time wind control engine by feihu.wang individual developers. A security vulnerability exists in Radar v1.0.8, which stems from improper access control and could lead to unauthorized access to sensitive APIs...

9.8CVSS6.5AI score0.00083EPSS

Exploits0References3

GithubExploit•added 2025/06/10 9:7 p.m.•336 views

Exploit for Deserialization of Untrusted Data in Wazuh

CVE-2025-24016 Wazuh Remote Code Execution RCE - PoC 🚨 De...

9.9CVSS10AI score0.93874EPSS

Exploits10

OSV•added 2025/06/06 7:15 a.m.•3 views

CVE-2025-48904

Vulnerability that cards can call unauthorized APIs in the FRS process Impact: Successful exploitation of this vulnerability may affect availability...

6.2CVSS5.8AI score0.00034EPSS

Exploits0References1

Vulnrichment•added 2025/06/06 6:36 a.m.•4 views

CVE-2025-48904

Vulnerability that cards can call unauthorized APIs in the FRS process Impact: Successful exploitation of this vulnerability may affect availability...

4.4CVSS5AI score0.00034EPSS

Exploits0References1

Cvelist•added 2025/06/06 6:36 a.m.•5 views

CVE-2025-48904

Vulnerability that cards can call unauthorized APIs in the FRS process Impact: Successful exploitation of this vulnerability may affect availability...

4.4CVSS0.00034EPSS

Exploits0References1

CVE•added 2025/06/06 6:36 a.m.•48 views

CVE-2025-48904

CVE-2025-48904 affects Huawei’s HarmonyOS family (noted with HarmonyOS 5.0.0 in CNVD/CNNVD). The issue is described as: cards can call unauthorized APIs in the FRS process, which can impact availability if exploited. The NVD entry documents a LOCAL, low-attack‑complexity vector with no privileges...

6.2CVSS6.9AI score0.00034EPSS

Exploits0References1Affected Software1

RedhatCVE•added 2025/05/23 5:15 a.m.•7 views

CVE-2023-47142

IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 could allow an attacker on the organization's local network to escalate their privileges due to unauthorized API access. IBM X-Force ID: 270267...

8.8CVSS6.4AI score0.0004EPSS

Exploits0References1

Vulnrichment•added 2025/04/23 10:43 a.m.•6 views

CVE-2025-42604 Detailed Error Response Vulnerability in Meon KYC solutions

This vulnerability exists in Meon KYC solutions due to debug mode is enabled in certain API endpoints. A remote attacker could exploit this vulnerability by accessing certain unauthorized API endpoints leading to detailed error messages as response leading to disclosure of system related...

6.9CVSS6.8AI score0.0061EPSS

Exploits0References1

Cvelist•added 2025/04/23 10:43 a.m.•12 views

CVE-2025-42604 Detailed Error Response Vulnerability in Meon KYC solutions

6.9CVSS0.0061EPSS

Exploits0References1

Vulnrichment•added 2025/03/20 10:9 a.m.•5 views

CVE-2024-10481 Cross-Site Request Forgery (CSRF) in comfyanonymous/comfyui

A CSRF vulnerability exists in comfyanonymous/comfyui versions up to v0.2.2. This vulnerability allows attackers to host malicious websites that, when visited by authenticated ComfyUI users, can perform arbitrary API requests on behalf of the user. This can be exploited to perform actions such as...

6.5CVSS6.5AI score0.00174EPSS

Exploits1References1

CVE•added 2025/02/24 12:0 a.m.•99 views

CVE-2024-56897

The CVE-2024-56897 issue affects YI Car Dashcam v3.88, caused by improper access control in the device’s HTTP server. This vulnerability allows unauthenticated attackers to perform unrestricted file downloads and uploads and to issue API commands that can modify device settings (e.g., disable rec...

9.8CVSS7.1AI score0.00249EPSS

Exploits1References3Affected Software1

RedhatCVE•added 2025/02/05 5:51 a.m.•5 views

CVE-2024-49579

In JetBrains YouTrack before 2024.3.47197 insecure plugin iframe allowed arbitrary JavaScript execution and unauthorized API requests...

8.1CVSS7.1AI score0.00191EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by