CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

SIF is an open source implementation of the Singularity Container Image Format. The siftool new command and func siftool.New produce predictable UUID identifiers due to insecure randomness in the version of the github.com/satori/go.uuid module used as a dependency. A patch is available in version...

7.5CVSS6.8AI score0.00317EPSS

Exploits1References1

Github Security Blog•added 2025/05/15 4:8 p.m.•12 views

Sulu vulnerable to XXE in SVG File upload Inspector

Impact A admin user can upload SVG which may load external data via XML DOM library, specially this can be used for eventually reference none secure XML External Entity References. Patches The problem has not been patched yet. Users should upgrade to patched versions once they become available...

8.6CVSS6.7AI score0.00243EPSS

Exploits0References5Affected Software1

Github Security Blog•added 2025/04/22 4:59 p.m.•12 views

XSS in the /files Endpoint of the Generic REST API

Impact The input parameter, which consists of a file path and name, can be manipulated to return the Content-Type header with text/html if the name part ends with .html. This could allow malicious JavaScript code to be executed in the browser. For a successful attack, a malicious file needs to be...

6.4CVSS6.7AI score0.00189EPSS

Exploits0References7Affected Software1

Cvelist•added 2025/04/11 9:38 a.m.•11 views

CVE-2025-31932

Deserialization of untrusted data issue exists in BizRobo! all versions. If this vulnerability is exploited, an arbitrary code is executed on the Management Console. The vendor provides the workaround information and recommends to apply it to the deployment environment...

8.8CVSS0.0058EPSS

Exploits0References5

NCSC•added 2024/07/18 12:25 p.m.•2 views

Vulnerability fixed in SonicOS

A vulnerability has been fixed in SonicWall SonicOS IPSec. The vulnerability in SonicWall SonicOS IPSec allows an unauthenticated remote malicious person to cause Denial of Service DoS. SonicWall has made available a workaround and patch to fix the vulnerability. See the reference for more...

7.5CVSS6.9AI score0.10163EPSS

Exploits0References2

securityvulns•added 2005/01/04 12:0 a.m.•31 views

[UNIX] vBulletin init.php SQL Injection (specialtemplates)

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...

0.1AI score

Exploits0

securityvulns•added 2004/02/04 12:0 a.m.•29 views

[Full-Disclosure] Remote openbsd crash with ip6, yet still openbsd much better than windows

Georgi Guninski security advisory 66, 2004 Remote openbsd crash with ip6, yet still openbsd much better than windows Systems affected: tested on openbsd 3.4 not clear about netbsd freebsd not vulnerable Risk: Medium Date: 4 February 2004 Legal Notice: This Advisory is Copyright c 2004 Georgi...

Exploits0

securityvulns•added 2003/07/17 12:0 a.m.•29 views

Cisco Security Advisory: Cisco IOS Interface Blocked by IPv4 Packet

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco IOS Interface Blocked by IPv4 Packet Revision 1.0 ============ For Public Release 2003 July 17 at 0:00 UTC GMT - -------------------------------------------------------------------------- Please provide your feedback on...

0.1AI score

Exploits0

CERT•added 2002/05/09 12:0 a.m.•33 views

Sun Solaris cachefsd vulnerable to stack overflow in fscache_setup() function

Overview Sun's NFS/RPC cachefs daemon cachefsd is shipped and installed by default with Sun Solaris 2.5.1, 2.6, 7, and 8 SPARC and Intel architectures. Cachefsd caches requests for operations on remote file systems mounted via the use of NFS protocol. An exploitable stack overflow exists in...

7.2CVSS7.2AI score0.03227EPSS

Exploits1References4

securityvulns•added 2001/06/19 12:0 a.m.•22 views

udirectory from Microburst Technologies remote command execution

udirectory from Microburst Technologies, Inc. http://www.uburst.com/uDirectory/ allows remote command execution Vulnerable versions: 2.0, possibly earlier versions uDirectory is an online directory and listing management system that allows you to easily create, update, and maintain an on-line...

7.3AI score

Exploits0

Packet Storm•added 1999/08/17 12:0 a.m.•49 views

ftpd.txt

------------------------------------------------------------------------- Netect, Inc. General Public Security Advisory % Advisory: palmetto.ftpd % Issue date: February 9, 1999 % Revision: February 8, 1999 % Contact: Jordan Ritter Topic Remote buffer overflows in various FTP servers leads to...

Exploits0

Packet Storm•added 1999/08/17 12:0 a.m.•27 views

solaris.5.7.mount.suid.txt

Date: Mon, 10 May 1999 09:14:12 +0200 From: Jonas Stahre To: [email protected] Subject: SunOS 5.7 rmmount, no nosuid. The man-page for rmmount under SunOS 5.7 says: File systems mounted by rmmount are always mounted with the nosuid flag set, thereby disabling set-uid programs and access to blo...

7.4AI score

Exploits0

FreeBSD Advisory•added 1996/07/16 12:0 a.m.•6 views

FreeBSD-SA-96:17.rzsz

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-96:17 Security Advisory Revised: Tue Jul 16 21:44:54 PDT 1996 FreeBSD, Inc. Topic: "Trojan Horse" vulnerability via rz program Category: ports Module: rzsz Announced:...

6AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by