CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

41 matches found

OSV•added 2026/05/25 9:16 p.m.•7 views

UBUNTU-CVE-2026-48852

PuTTY 0.71 before 0.84 has an assertion failure in ECDSA signature verification...

3.7CVSS5.8AI score0.00274EPSS

Exploits0References4

CVE•added 2026/05/25 8:19 p.m.•29 views

CVE-2026-48852

PuTTY 0.71 before 0.84 is affected by an assertion failure in ECDSA signature verification (CVE-2026-48852). The public data specifies affected version range and impact but provides no remediation details in the documents. The CVSS v3.1 vector yields a LOW overall impact (availability loss) with ...

3.7CVSS5.8AI score0.00274EPSS

Exploits0References2Affected Software1

UbuntuCve•added 2026/02/04 6:16 p.m.•3 views

CVE-2026-23624

GLPI is a free asset and IT management software package. In versions starting from 0.71 to before 10.0.23 and before 11.0.5, when remote authentication is used, based on SSO variables, a user can steal a GLPI session previously opened by another user on the same machine. This issue has been patch...

6.5CVSS5.8AI score0.00373EPSS

Exploits0References4

Vulnrichment•added 2026/02/04 5:15 p.m.•5 views

CVE-2026-23624 GLPI is vulnerable to session stealing on externally authenticated user change

4.3CVSS5.4AI score0.00373EPSS

Exploits0References3

ATTACKERKB•added 2026/02/04 5:15 p.m.•4 views

CVE-2026-23624

4.3CVSS5.4AI score0.00373EPSS

Exploits0References4Affected Software1

OSV•added 2026/02/04 5:15 p.m.•4 views

CVE-2026-23624 GLPI is vulnerable to session stealing on externally authenticated user change

4.3CVSS5.5AI score0.00373EPSS

Exploits0References5

Positive Technologies•added 2026/02/04 12:0 a.m.•3 views

PT-2026-6181

Name of the Vulnerable Software and Affected Versions GLPI versions 0.71 through 10.0.22 GLPI versions 0.71 through 11.0.4 Description GLPI is an asset and IT management software package. When remote authentication is used with Single Sign-On SSO variables, a user can potentially gain access to...

6.5CVSS5.5AI score0.00373EPSS

Exploits0References7

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2019-19253

Malware in sbrugna...

7.5CVSS8.5AI score0.03021EPSS

Exploits0References12

RedhatCVE•added 2025/04/26 5:39 p.m.•11 views

CVE-2025-46511

Server-Side Request Forgery SSRF vulnerability in Derek Springer BeerXML Shortcode beerxml-shortcode allows Server Side Request Forgery.This issue affects BeerXML Shortcode: from n/a through = 0.7.1...

6.4CVSS7.2AI score0.00174EPSS

Exploits0References1

NVD•added 2025/04/24 4:15 p.m.•8 views

CVE-2025-46511

6.4CVSS0.00174EPSS

Exploits0References1

Cvelist•added 2025/04/24 4:9 p.m.•18 views

CVE-2025-46511 WordPress BeerXML Shortcode plugin <= 0.7.1 - Server Side Request Forgery (SSRF) Vulnerability

6.4CVSS0.00174EPSS

Exploits0References1

Vulnrichment•added 2025/02/25 3:37 p.m.•22 views

CVE-2025-21626 GLPI vulnerable to exposure of sensitive information in the `status.php` endpoint

GLPI is a free asset and IT management software package. Starting in version 0.71 and prior to version 10.0.18, an anonymous user can fetch sensitive information from the status.php endpoint. Version 10.0.18 contains a fix for the issue. Some workarounds are available. One may delete the status.p...

5.8CVSS5.7AI score0.00393EPSS

Exploits0References2

CNNVD•added 2025/02/25 12:0 a.m.•1 views

GLPI 信息泄露漏洞

GLPI is an open source IT and asset management software from GLPI Open Source. The software provides a full-featured IT resource management interface that you can use to build databases to fully manage IT computers, monitors, servers, printers, network devices, phones, and even toner and ink...

6.5CVSS4.5AI score0.00393EPSS

Exploits0References2

SUSE CVE•added 2023/02/15 4:13 a.m.•3 views

SUSE CVE-2019-9897

Multiple denial-of-service attacks that can be triggered by writing to the terminal exist in PuTTY versions before 0.71...

7.5CVSS8.5AI score0.03021EPSS

Exploits0References5

CNNVD•added 2021/11/10 12:0 a.m.•3 views

Modesty Pdf2json 代码问题漏洞

PDF2JSON is a Java-based code library that allows PDF files to interact with Json files. PDF2JSON has a code problem vulnerability that stems from the discovery that pdf2json v0.71 contains a null pointer dereference in the component ObjectStream::getObject. No detailed vulnerability details are...

7.5CVSS5.6AI score0.01361EPSS

Exploits1References2

Tenable Nessus•added 2019/03/25 12:0 a.m.•14 views

Fedora 29 : filezilla (2019-10812c1db6)

Backport a security fix from PuTTY 0.71 affecting SFTP connections: Fix an integer overflow in the RSA key exchange preceeding host key verification Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempt...

5.5AI score

Exploits0References1

OSV•added 2019/03/21 4:1 p.m.•2 views

ALPINE-CVE-2019-9897

Multiple denial-of-service attacks that can be triggered by writing to the terminal exist in PuTTY versions before 0.71...

7.5CVSS6.9AI score0.03021EPSS

Exploits0References1

OSV•added 2019/03/21 4:1 p.m.•1 views

ALPINE-CVE-2019-9894

A remotely triggerable memory overwrite in RSA key exchange in PuTTY before 0.71 can occur before host key verification...

7.5CVSS7AI score0.02447EPSS

Exploits0References1