CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - It was discovered that uscan, a tool to scan/watch upstream sources for new releases of software, included in devscripts a collection of scripts to make the lif...

9.8CVSS5.8AI score0.00233EPSS

Exploits0References3

RedhatCVE•added 2025/08/14 3:49 p.m.•3 views

CVE-2025-8452

By using the "uscan" protocol provided by the eSCL specification, an attacker can discover the serial number of multi-function printers that implement the Brother-provided firmware. This serial number can, in turn, can be leveraged by the flaw described by CVE-2024-51978 to calculate the default...

9.8CVSS7.2AI score0.53599EPSS

Exploits0References1

Positive Technologies•added 2025/08/12 12:0 a.m.•3 views

PT-2025-32682 · Brother Industries +2 · Ads-1250W +668

CVE-2025-8452 By using the "uscan" protocol provided by the eSCL specification, an attacker can discover the serial number of multi-function printers that implement the Brother-provi… https://t.co/pbwa4nsgUj...

4.3CVSS7.2AI score0.00039EPSS

Exploits0References7

RedhatCVE•added 2025/08/03 2:14 p.m.•7 views

CVE-2025-8454

It was discovered that uscan, a tool to scan/watch upstream sources for new releases of software, included in devscripts a collection of scripts to make the life of a Debian Package maintainer easier, skips OpenPGP verification if the upstream source is already downloaded from a previous run even...

9.8CVSS6.2AI score0.00233EPSS

Exploits0References1

SUSE CVE•added 2025/08/01 11:24 p.m.•1 views

SUSE CVE-2025-8454

9.8CVSS6.6AI score0.00233EPSS

Exploits0References3

OSV•added 2025/08/01 6:15 a.m.•3 views

CVE-2025-8454

9.8CVSS6.1AI score

Exploits0References1

NVD•added 2025/08/01 6:15 a.m.•4 views

CVE-2025-8454

9.8CVSS0.00233EPSS

Exploits0References1

OSV•added 2025/08/01 6:15 a.m.•1 views

UBUNTU-CVE-2025-8454

9.8CVSS5.8AI score0.00233EPSS

Exploits0References3

CVE•added 2025/08/01 5:41 a.m.•30 views

CVE-2025-8454

CVE-2025-8454 affects the uscan component of devscripts. The vulnerability arises because uscan skips OpenPGP verification when the upstream source has already been downloaded in a prior run, even if verification had failed previously. This behavior is described across multiple sources (e.g., Red...

9.8CVSS6.5AI score0.00233EPSS

Exploits0References1Affected Software1

Debian CVE•added 2025/08/01 5:41 a.m.•5 views

CVE-2025-8454

9.8CVSS5.2AI score0.00233EPSS

Exploits0

Vulnrichment•added 2025/08/01 5:41 a.m.•2 views

CVE-2025-8454

7.1AI score0.00233EPSS

Exploits0References1

Cvelist•added 2025/08/01 5:41 a.m.•6 views

CVE-2025-8454

0.00233EPSS

Exploits0References1

CNNVD•added 2025/08/01 12:0 a.m.•1 views

Debian devscripts 安全漏洞

Debian devscripts is a Debian community package that contains a collection of packages for system maintenance and scripting. A security vulnerability exists in Debian devscripts that stems from the uscan tool skipping OpenPGP authentication when verifying upstream sources...

9.8CVSS6.7AI score0.00233EPSS

Exploits0References2

Positive Technologies•added 2025/08/01 12:0 a.m.•2 views

PT-2025-31608 · Unknown +2 · Devscripts +2

Name of the Vulnerable Software and Affected Versions: uscan affected versions not specified Description: uscan, a tool included in devscripts, skips OpenPGP verification for files already downloaded, even if a previous verification failed. Recommendations: At the moment, there is no information...

9.8CVSS5.9AI score0.00233EPSS

Exploits0References16

SUSE CVE•added 2023/02/15 5:33 a.m.•1 views

SUSE CVE-2013-6888

Uscan in devscripts before 2.13.9 allows remote attackers to execute arbitrary code via a crafted tarball...

7.5CVSS7.6AI score0.02539EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by