CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4930 matches found

Kaseya Virtual System Administrator - Open Redirect

Kaseya Virtual System Administrator 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 before 9.0.0.14, and 9.1 before 9.1.0.4 are susceptible to an open redirect vulnerability. An attacker can redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. id: CVE-2015-286...

4.3CVSS5.4AI score0.10317EPSS

Exploits2References5

RedhatCVE•added 2026/06/05 7:40 p.m.•6 views

CVE-2025-13167

Improper neutralization of input during web page generation 'Cross-site Scripting' vulnerability in contact functionality in Synology Contacts before 1.0.10-20659 allows remote authenticated users to read or write specific files containing non-sensitive information via unspecified vectors...

5.4CVSS5.5AI score0.00254EPSS

Exploits0References1

Positive Technologies•added 2026/06/03 12:0 a.m.•11 views

PT-2026-45931

An improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in Backup Task functionality in Synology Hyper Backup before 4.1.2-4036 allows remote authenticated users to write specific files via unspecified vectors...

4.3CVSS5.8AI score0.00277EPSS

Exploits0References2

Vulnrichment•added 2026/05/27 8:34 a.m.•7 views

CVE-2025-13167

5.4CVSS5.8AI score0.00254EPSS

Exploits0References1

CVE•added 2026/05/27 8:26 a.m.•12 views

CVE-2024-11399

CVE-2024-11399 affects Synology BeeDrive for Desktop (redis-server component) prior to version 1.3.2-13814. Local users can trigger a denial-of-service via unspecified vectors, with impact on availability (CVSSv3.1: AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H). Root cause details are not specified in the...

6.8CVSS5.8AI score0.00112EPSS

Exploits0References1Affected Software1

ATTACKERKB•added 2026/05/27 8:25 a.m.•12 views

CVE-2023-52945

Uncontrolled search path element vulnerability in OpenSSL DLL component in Synology BeeDrive for desktop before 1.3.2-13814 allows local users to execute arbitrary code via unspecified vectors...

7.8CVSS6.2AI score0.00139EPSS

Exploits0References2

RedhatCVE•added 2026/01/07 9:50 a.m.•8 views

CVE-2013-6868

SAP Sybase Adaptive Server Enterprise ASE 15.0.3 before 15.0.3 ESD4.3, 15.5 before 15.5 ESD5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows local users to obtain sensitive information via unspecified vectors...

7.8CVSS6.3AI score0.01058EPSS

Exploits0References1

RedhatCVE•added 2025/12/05 3:27 p.m.•4 views

CVE-2025-8074

Origin validation error vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.3-13973 allows local users to write arbitrary files with non-sensitive information via unspecified vectors...

5.6CVSS6.5AI score0.00081EPSS

Exploits0References1

RedhatCVE•added 2025/12/05 3:27 p.m.•3 views

CVE-2025-54158

Missing authentication for critical function vulnerability in BeeDrive in Synology BeeDrive for desktop before 1.4.2-13960 allows local users to execute arbitrary code via unspecified vectors...

7.8CVSS7.8AI score0.00168EPSS

Exploits0References1

OSV•added 2025/12/04 4:16 p.m.•4 views

CVE-2025-8074

5.6CVSS5.9AI score0.00081EPSS

Exploits0References1

Cvelist•added 2025/12/04 3:17 p.m.•21 views

CVE-2025-8074

5.6CVSS0.00081EPSS

Exploits0References1

OSV•added 2025/12/04 3:15 p.m.•2 views

CVE-2024-45538

Cross-Site Request Forgery CSRF vulnerability in WebAPI Framework in Synology DiskStation Manager DSM before 7.2.1-69057-2 and 7.2.2-72806 and Synology Unified Controller DSMUC before 3.1.4-23079 allows remote attackers to execute arbitrary code via unspecified vectors...

9.6CVSS6.1AI score0.00301EPSS

Exploits0References1

Cvelist•added 2025/12/04 12:0 a.m.•20 views

CVE-2025-57210

Incorrect access control in the component ApiPayController.java of platform v1.0.0 allows attackers to access sensitive information via unspecified vectors...

0.00246EPSS

Exploits0References2

Positive Technologies•added 2025/12/04 12:0 a.m.•2 views

PT-2025-49073

Name of the Vulnerable Software and Affected Versions platform version 1.0.0 Description An access control issue exists in the ApiPayController.java component, potentially allowing unauthorized access to sensitive information. The vulnerability is present in platform version 1.0.0. The attack...

7.5CVSS6.3AI score0.00246EPSS

Exploits0References9

EUVD•added 2025/12/04 12:0 a.m.•3 views

EUVD-2025-201238

Incorrect access control in the component ApiPayController.java of platform v1.0.0 allows attackers to access sensitive information via unspecified vectors...

6.1AI score0.00246EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•12 views

EUVD-2007-5745

Malware in sbrugna...

9.8CVSS6.2AI score0.26909EPSS

Exploits1References3

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2012-5185

Malware in sbrugna...

10CVSS6AI score0.07273EPSS

Exploits0References7