CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

27 matches found

RedhatCVE•added 2026/01/09 8:44 a.m.•7 views

CVE-2022-23447

An improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability CWE-22 in FortiExtender management interface 7.0.0 through 7.0.3, 4.2.0 through 4.2.4, 4.1.1 through 4.1.8, 4.0.0 through 4.0.2, 3.3.0 through 3.3.2, 3.2.1 through 3.2.3, 5.3 all versions may allow an...

7.5CVSS7.3AI score0.00152EPSS

Exploits0References1

GithubExploit•added 2025/12/04 1:40 a.m.•125 views

Exploit for CVE-2025-55182

CVE-2025-55182 Raw HTTP Requests to exploit the insecure lazy...

10CVSS7.4AI score0.82011EPSS

Exploits358

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2016-0879

Malware in sbrugna...

10CVSS9.4AI score0.00129EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-2185

Malware in sbrugna...

9.8CVSS9.5AI score0.00602EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-1805

Malware in sbrugna...

9.8CVSS9.5AI score0.00846EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-19874

Malicious code in bioql PyPI...

4.3CVSS6.4AI score0.00118EPSS

Exploits0References7

OSV•added 2025/08/25 2:15 p.m.•0 views

CVE-2025-29514

Incorrect access control in the config.xgi function of D-Link DSL-7740C with firmware DSL7740C.V6.TR069.20211230 allows attackers to download the configuration file via providing a crafted web request...

9.8CVSS5.8AI score0.00269EPSS

Exploits1References2

NVD•added 2025/08/25 2:15 p.m.•6 views

CVE-2025-29514

9.8CVSS0.00269EPSS

Exploits1References2

ATTACKERKB•added 2025/06/10 5:21 p.m.•3 views

CVE-2025-31104

An Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability CWE-78 in FortiADC 7.6.0 through 7.6.1, 7.4.0 through 7.4.6, 7.2.0 through 7.2.7, 7.1.0 through 7.1.4, 7.0 all versions, 6.2 all versions, 6.1 all versions may allow an authenticated attacker...

7.2CVSS5.7AI score0.00457EPSS

Exploits0References2Affected Software1

RedhatCVE•added 2025/05/23 7:6 a.m.•3 views

CVE-2024-46450

Incorrect access control in Tenda AC1200 Smart Dual-Band WiFi Router Model AC6 v2.0 Firmware v15.03.06.50 allows attackers to bypass authentication via a crafted web request...

8.1CVSS7.1AI score0.00118EPSS

Exploits0References1

CNNVD•added 2025/02/12 12:0 a.m.•1 views

Q-Free MAXTIME Suite 访问控制错误漏洞

Q-Free MAXTIME Suite is a software suite for local traffic signal management from Q-Free. An access control error vulnerability exists in Q-Free MAXTIME Suite version 2.11.0 and prior versions, which stems from a lack of authentication for critical functions in maxprofile/menu/routes.lua. An...

9.8CVSS6.7AI score0.00752EPSS

Exploits0References1

CNNVD•added 2025/02/12 12:0 a.m.•1 views

Q-Free MAXTIME Suite 访问控制错误漏洞

9.1CVSS6.7AI score0.01246EPSS

Exploits0References1

CNNVD•added 2025/02/04 12:0 a.m.•3 views

Four-Faith F3x36 安全漏洞

The Four-Faith F3x36 is a portable wireless mobile router from Four-Faith China. A security vulnerability exists in Four-Faith F3x36 version v2.0.0, which stems from the use of hard-coded credentials. An attacker could exploit the vulnerability to gain administrative access via a specially crafte...

9.8CVSS6.7AI score0.1585EPSS

Exploits0References2

CNNVD•added 2023/10/09 12:0 a.m.•1 views

SICK APU Security Vulnerability

SICK APU is a railroad analysis system from SICK, Germany. A security vulnerability exists in the SICK APU RDT400 that originates from a vulnerability that allows an attacker to change the path to a file using an HTTP request so that the site fails to load the necessary strings...

6.5CVSS6.7AI score0.00354EPSS

Exploits0References4

ATTACKERKB•added 2023/08/03 11:15 p.m.•0 views

CVE-2023-38949

An issue in a hidden API in ZKTeco BioTime v8.5.5 allows unauthenticated attackers to arbitrarily reset the Administrator password via a crafted web request...

7.5CVSS7.1AI score0.00211EPSS

Exploits0References3

ATTACKERKB•added 2023/08/03 2:15 a.m.•0 views

CVE-2023-38958

An access control issue in ZKTeco BioAccess IVS v3.3.1 allows unauthenticated attackers to arbitrarily close and open the doors managed by the platform remotely via sending a crafted web request...

5.3CVSS6.1AI score0.00199EPSS

Exploits0References3

OSV•added 2023/07/06 3:15 p.m.•1 views

CVE-2023-25122

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS6.3AI score0.00302EPSS

Exploits1References2

CNNVD•added 2023/05/19 12:0 a.m.•3 views

Fastweb FASTGate 缓冲区错误漏洞

Fastweb FASTGate is a modem from Fastweb Italy. A security vulnerability exists in the Fastweb FASTGate MediaAccess FGA2130FWB 18.3.n.0482FW230FGA2130 firmware version and the DGA4131FWB 18.3.n.0462FW261DGA4131 and previous firmware versions, which stems from a security flaw that allows a remote...

7.5CVSS7.4AI score0.04489EPSS

Exploits2References5

CNNVD•added 2022/01/26 12:0 a.m.•11 views

Reolink Rlc-410W 输入验证错误漏洞

Reolink Rlc-410W is a Wifi security camera from Reolink China.A security vulnerability exists in Reolink RLC-410W, which can be exploited by attackers to cause a reboot via a crafted HTTP request...

8.6CVSS5.6AI score0.00189EPSS

Exploits1References3

CNNVD•added 2021/04/14 12:0 a.m.•1 views

TotoLink X5000R 操作系统命令注入漏洞

Totolink X5000R is a router from China's Gion Electronics Totolink. The TOTOLINK X5000R router suffers from an operating system command injection vulnerability that can be exploited by an attacker to execute arbitrary operating system commands by sending a modified HTTP request...

10CVSS6.2AI score0.2015EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by