CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

42 matches found

VulnCheck KEV•added 2025/10/20 12:0 a.m.•2 views

VulnCheck KEV: CVE-2022-28054

Improper sanitization of trigger action scripts in VanDyke Software VShell for Windows v4.6.2 allows attackers to execute arbitrary code via a crafted value...

9.8CVSS6.2AI score0.01614EPSS

In wildExploits0References2

The Hacker News•added 2025/10/16 2:28 p.m.•14 views

LinkPro Linux Rootkit Uses eBPF to Hide and Activates via Magic TCP Packets

An investigation into the compromise of an Amazon Web Services AWS-hosted infrastructure has led to the discovery of a new GNU/Linux rootkit dubbed LinkPro , according to findings from Synacktiv. "This backdoor features functionalities relying on the installation of two eBPF extended Berkeley...

9.8CVSS9AI score0.94466EPSS

Exploits45

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2001-0156

Malware in sbrugna...

2.1CVSS6.4AI score0.00099EPSS

Exploits1References5

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2001-0155

Malware in sbrugna...

7.5CVSS6.4AI score0.01125EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2007-6001

Malware in sbrugna...

7.8CVSS6.4AI score0.00673EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-32540

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.01614EPSS

Exploits0References1

The Hacker News•added 2025/08/22 2:31 p.m.•5 views

Linux Malware Delivered via Malicious RAR Filenames Evades Antivirus Detection

Cybersecurity researchers have shed light on a novel attack chain that employs phishing emails to deliver an open-source backdoor called VShell. The "Linux-specific malware infection chain that starts with a spam email with a malicious RAR archive file," Trellix researcher Sagar Bade said in a...

8.7AI score

Exploits0

RedhatCVE•added 2025/05/22 10:40 p.m.•3 views

CVE-2022-28054

Improper sanitization of trigger action scripts in VanDyke Software VShell for Windows v4.6.2 allows attackers to execute arbitrary code via a crafted value...

9.8CVSS7.8AI score0.01614EPSS

Exploits0References1

The Hacker News•added 2025/05/22 3:6 p.m.•14 views

Chinese Hackers Exploit Trimble Cityworks Flaw to Infiltrate U.S. Government Networks

A Chinese-speaking threat actor tracked as UAT-6382 has been linked to the exploitation of a now-patched remote-code-execution vulnerability in Trimble Cityworks to deliver Cobalt Strike and VShell. "UAT-6382 successfully exploited CVE-2025-0944, conducted reconnaissance, and rapidly deployed a...

5.3CVSS9.5AI score0.00081EPSS

Exploits1

Talos Blog•added 2025/05/22 10:0 a.m.•35 views

UAT-6382 exploits Cityworks zero-day vulnerability to deliver malware

Cisco Talos has observed exploitation of CVE-2025-0994, a remote-code-execution vulnerability in Cityworks, a popular asset management system. The Cybersecurity and Infrastructure Security Agency CISA and Trimble have both released advisories pertaining to this vulnerability, with Trimble's...

9.8CVSS8.9AI score0.74864EPSS

Exploits1

The Hacker News•added 2025/04/15 2:6 p.m.•86 views

Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool

The China-linked threat actor known as UNC5174 has been attributed to a new campaign that leverages a variant of a known malware dubbed SNOWLIGHT and a new open-source tool called VShell to infect Linux systems. "Threat actors are increasingly using open source tools in their arsenals for...

9.8CVSS8.8AI score0.94225EPSS

Exploits22

ATTACKERKB•added 2022/05/04 11:0 p.m.•2 views

CVE-2022-20734

A vulnerability in Cisco SD-WAN vManage Software could allow an authenticated, local attacker to view sensitive information on an affected system. This vulnerability is due to insufficient file system restrictions. An authenticated attacker with netadmin privileges could exploit this vulnerabilit...

4.9CVSS5.8AI score0.00058EPSS

Exploits0References2

OSV•added 2022/05/04 5:15 p.m.•1 views

CVE-2022-20734

4.4CVSS5.8AI score

Exploits0References1

NVD•added 2022/05/04 5:15 p.m.•14 views

CVE-2022-20734

4.9CVSS0.00058EPSS

Exploits0References1

Prion•added 2022/05/04 5:15 p.m.•15 views

Design/Logic Flaw

4.9CVSS4.3AI score0.00058EPSS

Exploits0References1Affected Software1

Cvelist•added 2022/05/04 5:5 p.m.•12 views

CVE-2022-20734 Cisco SD-WAN vManage Software Information Disclosure Vulnerability

4.4CVSS4.5AI score0.00058EPSS

Exploits0References1

Vulnrichment•added 2022/05/04 5:5 p.m.•9 views

CVE-2022-20734 Cisco SD-WAN vManage Software Information Disclosure Vulnerability

4.4CVSS5.9AI score0.00058EPSS

Exploits0References1

Positive Technologies•added 2022/05/04 12:0 a.m.•1 views

PT-2022-2505 · Cisco · Cisco Sd-Wan Vmanage

Name of the Vulnerable Software and Affected Versions: Cisco SD-WAN vManage Software affected versions not specified Description: A vulnerability in Cisco SD-WAN vManage Software could allow an authenticated, local attacker to view sensitive information on an affected system. This issue is due to...

4.9CVSS4.1AI score0.00058EPSS

Exploits0References5

ATTACKERKB•added 2022/05/02 2:15 p.m.•2 views

CVE-2022-28054

Improper sanitization of trigger action scripts in VanDyke Software VShell for Windows v4.6.2 allows attackers to execute arbitrary code via a crafted value...

9.8CVSS6.2AI score0.01614EPSS

Exploits0References2

NVD•added 2022/05/02 2:15 p.m.•11 views

CVE-2022-28054

Improper sanitization of trigger action scripts in VanDyke Software VShell for Windows v4.6.2 allows attackers to execute arbitrary code via a crafted value...

9.8CVSS0.01614EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by