CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

EUVD•added 2025/10/03 8:7 p.m.•0 views

EUVD-2025-12178

Malicious code in bioql PyPI...

8CVSS7.9AI score0.00013EPSS

Exploits0References3

NVD•added 2023/01/30 11:15 a.m.•18 views

CVE-2022-38451

A directory traversal vulnerability exists in the httpd update.cgi functionality of FreshTomato 2022.5. A specially crafted HTTP request can lead to arbitrary file read. An attacker can send an HTTP request to trigger this vulnerability...

7.5CVSS6.8AI score0.04164EPSS

Exploits1References2

OSV•added 2023/01/30 11:15 a.m.•0 views

CVE-2022-38451

7.5CVSS5.9AI score0.04164EPSS

Exploits1References2

Prion•added 2023/01/30 11:15 a.m.•18 views

Directory traversal

5CVSS7.5AI score0.04164EPSS

Exploits1References1Affected Software2

CVE•added 2023/01/30 10:11 a.m.•42 views

CVE-2022-38451

CVE-2022-38451 is a directory traversal vulnerability in FreshTomato 2022.5 (and related firmware derived from it, e.g., Siretta QUARTZ-GOLD). TALOS-2022-1642 documents a flaw in FreshTomato’s httpd update.cgi: the wo_update path builds /var/notice/ from an unsanitized exec/arg parameter, leading...

7.5CVSS8.6AI score0.04164EPSS

Exploits1References2Affected Software1

CNNVD•added 2023/01/30 12:0 a.m.•2 views

FreshTomato 路径遍历漏洞

FreshTomato is a Linux-based open source firmware from FreshTomato Open Source. The firmware provides a variety of features for Broadcom-based routers. A security vulnerability exists in FreshTomato version 2022.5, which stems from its httpd update.cgi function that allows an attacker to cause...

7.5CVSS7.2AI score0.04164EPSS

Exploits1References2

Talos•added 2023/01/26 12:0 a.m.•41 views

FreshTomato httpd update.cgi directory traversal vulnerability

Talos Vulnerability Report TALOS-2022-1642 FreshTomato httpd update.cgi directory traversal vulnerability January 26, 2023 CVE Number CVE-2022-38451 SUMMARY A directory traversal vulnerability exists in the httpd update.cgi functionality of FreshTomato 2022.5. A specially crafted HTTP request can...

7.5CVSS7AI score0.04164EPSS

Exploits1

CNVD•added 2019/06/17 12:0 a.m.•1 views

Webmin Arbitrary Command Execution Vulnerability

Webmin is a set of Web-based system management tools for Unix-like operating systems. A security vulnerability exists in Webmin versions 1.910 and earlier. The vulnerability can be exploited to execute arbitrary commands with root privileges by sending the 'data' parameter to the update.cgi file...

9CVSS7.5AI score0.87938EPSS

Exploits9References1

NVD•added 2019/06/15 8:29 p.m.•17 views

CVE-2019-12840

In Webmin through 1.910, any user authorized to the "Package Updates" module can execute arbitrary commands with root privileges via the data parameter to update.cgi...

9CVSS9AI score0.87938EPSS

Exploits9References4

OSV•added 2018/12/21 11:29 p.m.•1 views

CVE-2018-20193

Certain Secure Access SA Series SSL VPN products originally developed by Juniper Networks but now sold and supported by Pulse Secure, LLC allow privilege escalation, as demonstrated by Secure Access SSL VPN SA-4000 5.1R5 build 9627 4.2 Release build 7631. This occurs because appropriate controls...

8.8CVSS5.8AI score

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by