CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16817 matches found

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2018-17235

Malware in sbrugna...

8.8CVSS8.8AI score0.01775EPSS

Exploits0References3

CNNVD•added 2025/10/07 12:0 a.m.•4 views

IBM Engineering Requirements Management DOORS Next 跨站脚本漏洞

IBM Engineering Requirements Management DOORS Next is a scalable solution from International Business Machines IBM. The solution helps you capture, track, analyze, and manage systems and advanced IT application development. A cross-site scripting vulnerability exists in IBM Engineering Requiremen...

5.4CVSS5.9AI score0.00162EPSS

Exploits0References2

Positive Technologies•added 2025/10/07 12:0 a.m.•5 views

PT-2025-40998

Name of the Vulnerable Software and Affected Versions Clash Verge versions through 2.2.3 Description The software installs system services clash-verge-service by default and exposes functions through an unauthorized HTTP API. Specifically, the /start clash API endpoint allows local users to submi...

7.8CVSS5.5AI score0.0021EPSS

Exploits1References9

Positive Technologies•added 2025/10/07 12:0 a.m.•5 views

PT-2025-41143

Name of the Vulnerable Software and Affected Versions IBM Engineering Requirements Management DOORS Next versions 7.0.2 through 7.0.2 iFix034 IBM Engineering Requirements Management DOORS Next versions 7.0.3 through 7.0.3 iFix016 IBM Engineering Requirements Management DOORS Next versions 7.1.0...

5.4CVSS5.9AI score0.00162EPSS

Exploits0References5

Github Security Blog•added 2025/10/06 8:18 p.m.•18 views

SillyTavern Web Interface Vulnerable DNS Rebinding

Summary The web UI for SillyTavern is susceptible to DNS rebinding, allowing attackers to perform actions like install malicious extensions, read chats, inject arbitrary HTML for phishing, etc. Details DNS rebinding is a method to bypass the CORS policies by tricking the browser into resolving...

9.6CVSS6.6AI score0.00239EPSS

Exploits0References7Affected Software1

Vulnrichment•added 2025/10/06 4:32 p.m.•5 views

CVE-2025-11339 D-Link DI-7100G C1 jhttpd hi_block.asp sub_4BD4F8 buffer overflow

A vulnerability has been found in D-Link DI-7100G C1 up to 20250928. This issue affects the function sub4BD4F8 of the file /webchat/hiblock.asp of the component jhttpd. The manipulation of the argument popupId leads to buffer overflow. The attack can be initiated remotely. The exploit has been...

9CVSS6.9AI score0.00881EPSS

Exploits0References6

Vulnrichment•added 2025/10/06 3:31 p.m.•2 views

CVE-2025-59159 SillyTavern Web Interface Vulnerable to DNS Rebinding

SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. In versions prior to 1.13.4, the web user interface for SillyTavern is susceptible to DNS rebinding, allowing...

9.6CVSS6.1AI score0.00239EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•6 views

EUVD-2022-52945

Malicious code in bioql PyPI...

5.3CVSS5.6AI score0.00774EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2022-33815

Malicious code in bioql PyPI...

9.8CVSS8.7AI score0.01218EPSS

Exploits1References1