CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

36 matches found

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-8357

Malicious code in bioql PyPI...

5.3CVSS9AI score0.00513EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-28695

Malicious code in bioql PyPI...

4.3CVSS6.4AI score0.00041EPSS

Exploits0References2

Tenable Nessus•added 2025/08/27 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2023-27117

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebAssembly v1.0.29 was discovered to contain a heap overflow via the component component wabt::Node::operator. CVE-2023-27117 Note that Nessus relies on the...

7.8CVSS7.1AI score0.0014EPSS

Exploits1References3

Tenable Nessus•added 2025/08/18 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2023-27119

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - WebAssembly v1.0.29 was discovered to contain a segmentation fault via the component wabt::Decompiler::WrapChild. CVE-2023-27119 Note that Nessus relies on the...

5.5CVSS6.1AI score0.00099EPSS

Exploits1References3

Positive Technologies•added 2025/08/08 12:0 a.m.•2 views

PT-2025-108: Insufficient authorization in FreeScout

The vulnerability was identified in FreeScout, version 1.8.182. The discovered vulnerability allows an attacker to subvert access‑control verification in the Kanban module, obtaining unauthorized access to protected functionality. Vulnerability status: Confirmed by vendor Date of vulnerability...

8.6CVSS5.8AI score

Exploits0References2

CNNVD•added 2025/06/26 12:0 a.m.•2 views

WordPress plugin Homerunner 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site reques...

4.3CVSS6.3AI score0.00041EPSS

Exploits0References2

RedhatCVE•added 2025/05/23 6:56 a.m.•4 views

CVE-2024-37458

Cross-Site Request Forgery CSRF vulnerability in extendthemes Highlight highlight allows Cross Site Request Forgery.This issue affects Highlight: from n/a through = 1.0.29...

4.3CVSS5.9AI score0.00162EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 4:30 a.m.•6 views

CVE-2023-51413

Missing Authorization vulnerability in Piotnet Forms.This issue affects Piotnet Forms: from n/a through 1.0.29...

5.3CVSS6.9AI score0.00206EPSS

Exploits0

Cvelist•added 2025/01/02 12:0 p.m.•12 views

CVE-2024-37458 WordPress Highlight theme <= 1.0.29 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in extendthemes Highlight highlight allows Cross Site Request Forgery.This issue affects Highlight: from n/a through = 1.0.29...

4.3CVSS0.00162EPSS

Exploits0References1

CNNVD•added 2024/12/18 12:0 a.m.•2 views

WordPress plugin Simple Page Access Restriction 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...

5.3CVSS7.4AI score0.0061EPSS

Exploits0References2

Positive Technologies•added 2024/12/18 12:0 a.m.•3 views

PT-2024-16890 · WordPress · Simple Page Access Restriction

Name of the Vulnerable Software and Affected Versions: Simple Page Access Restriction plugin for WordPress versions up to 1.0.29 Description: The issue allows unauthenticated attackers to extract sensitive data from posts restricted to higher-level roles, such as logged-in users, via the WordPres...

5.3CVSS9.4AI score0.0061EPSS

Exploits0References7

Patchstack•added 2024/12/17 10:18 p.m.•5 views

WordPress Simple Page Access Restriction plugin <= 1.0.29 - Unauthenticated Content Restriction Bypass to Sensitive Information Exposure vulnerability

Unauthenticated Content Restriction Bypass to Sensitive Information Exposure vulnerability discovered by Francesco Carlucci in WordPress Plugin Simple Page Access Restriction versions = 1.0.29...

5.3CVSS6.8AI score0.0061EPSS

Exploits0References1Affected Software1

Patchstack•added 2024/07/01 11:38 a.m.•3 views

WordPress Highlight theme <= 1.0.29 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das Patchstack Alliance in WordPress Theme Highlight versions = 1.0.29...

4.3CVSS7AI score0.00162EPSS

Exploits0Affected Software1

CNNVD•added 2024/06/12 12:0 a.m.•2 views

WordPress plugin Piotnet Forms security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.3CVSS6.8AI score0.00206EPSS

Exploits0References2

Patchstack•added 2023/12/27 12:0 a.m.•7 views

WordPress Piotnet Forms Plugin <= 1.0.29 is vulnerable to Broken Access Control

Software Piotnet Forms Type Plugin Vulnerable versions = 1.0.29 Fixed in 1.0.30 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-51413 Patch priority Medium CVSS severity Medium 5.3 Developer Claim ownership PSID 662da8d8f3b6 Credits Abdi Pranata Required...

5.3CVSS6.5AI score0.00206EPSS

Exploits0References2Affected Software1