CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2018-3490

Malware in sbrugna...

7.8CVSS7.9AI score0.00375EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-12710

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00239EPSS

Exploits0References2

RedhatCVE•added 2025/05/02 11:11 a.m.•12 views

CVE-2025-24340

A vulnerability in the users configuration file of ctrlX OS may allow a remote authenticated low-privileged attacker to recover the plaintext passwords of other users...

6.5CVSS6.9AI score0.00239EPSS

Exploits0References1

CVE•added 2025/04/30 10:59 a.m.•49 views

CVE-2025-24340

CVE-2025-24340 affects ctrlX OS. The vulnerability is in the users configuration file, allowing a remote authenticated (low-privileged) attacker to recover plaintext passwords of other users. CVSS 3.1 base score 6.5 (Network, Low AWS, Privileges Required: Low, User Interaction: None, Confidential...

6.5CVSS6.7AI score0.00239EPSS

Exploits0References1

Packet Storm•added 2024/08/31 12:0 a.m.•157 views

Nuuo Central Management Server Authenticated Arbitrary File Download

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nuuo Central Management Server Authenticated Arbitrary File Download', 'Description' = %q The Nuuo Central Management Server allows an...

9.8CVSS7AI score0.19653EPSS

Exploits2

CNNVD•added 2021/02/03 12:0 a.m.•5 views

SolarWinds Serv-U FTP Server Authorization Issues Vulnerability

SolarWinds Serv-U FTP Server is a suite of FTP and MFT file transfer software from the US-based SolarWinds Corporation. A security vulnerability exists in SolarWinds Serv-U before 15.2.2 Hotfix 1, which stems from a directory containing a user configuration file which includes a user's password...

7.1CVSS7.2AI score0.00468EPSS

Exploits1References2

NVD•added 2017/07/21 2:29 p.m.•13 views

CVE-2015-3639

phpMyBackupPro 2.5 and earlier does not properly sanitize input strings, which allows remote authenticated users to execute arbitrary PHP code by storing a crafted string in a user configuration file...

8.8CVSS8.7AI score0.01972EPSS

Exploits0References3

Cvelist•added 2017/07/21 2:0 p.m.•17 views

CVE-2015-3639

8.7AI score0.01972EPSS

Exploits0References3

myhack58•added 2017/02/17 12:0 a.m.•31 views

For the Node. js in the node-serialize module deserialization vulnerability the subsequent analysis-vulnerability warning-the black bar safety net

Of the Node. js serialization remote command execution vulnerabilities of a number of follow-up found and how to develop the attack load. A few days ago I was in opsecx blog found an article How to use a named node-serialize nodejs module in the RCE remote code execution error blog. The article...

0.2AI score

Exploits0

securityvulns•added 2002/04/29 12:0 a.m.•48 views

QPopper 4.0.4 buffer overflow

Affected versions 4.0.3 and 4.0.4. default install. Servers, not processing users configuration file /.qpopper-options are insensible to this bug. popbull.c ----------- int CopyOneBull POP p, long bnum, char name FILE bull; char buffer MAXMSGLINELEN ; BOOL inheader = TRUE; BOOL firstline = TRUE;...

0.6AI score

Exploits0

NVD•added 2001/10/18 4:0 a.m.•18 views

CVE-2001-0782

KDE ktvision 0.1.1-271 and earlier allows local attackers to gain root privileges via a symlink attack on a user configuration file...

7.2CVSS6.6AI score0.00856EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by