CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

17 matches found

EUVD•added 2026/04/15 6:31 p.m.•1 views

EUVD-2026-22871

: Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all pkix modules. PKIX draft CompositeVerifier accepts empty signature sequence as valid. This issue affects BC-JAVA: from 1.49 before 1.84...

10CVSS5.8AI score0.00013EPSS

Exploits0References2

NVD•added 2026/04/15 10:16 a.m.•0 views

CVE-2026-5588

Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpkix on all pkix modules, Legion of the Bouncy Castle Inc. BCPKIX-FIPS bcpkix on All pkix modules, Legion of the Bouncy Castle Inc. BCPIX-LTS bcpkix on All pkix modules. This vulnerability...

6.3CVSS0.00013EPSS

Exploits0References2

Cvelist•added 2026/04/15 9:6 a.m.•27 views

CVE-2026-5588 PKIX draft CompositeVerifier accepts empty signature sequence as valid.

6.3CVSS0.00013EPSS

Exploits0References2

Tenable Nessus•added 2026/01/19 12:0 a.m.•3 views

MiracleLinux 3 : perl-DBD-Pg-1.49-4.AXS3 (AXSA:2012-693:01)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2012-693:01 advisory. An implementation of DBI for PostgreSQL for Perl. Security issues fixed with this release: CVE-2012-1151 No description available at the time of writing, plea...

5CVSS5.7AI score0.02719EPSS

Exploits0References2

Tenable Nessus•added 2025/09/12 12:0 a.m.•2 views

Security Updates for Azure Connected Machine Agent < 1.49

The Microsoft Azure Connected Machine Agent installation on the remote host is missing security updates. It is, therefore, affected by an elevation of privilege vulnerability. An attacker can exploit this to gain elevated privileges. Note that Nessus has not tested for this issue but has instead...

7.8CVSS5.6AI score0.00286EPSS

Exploits0References2

CNNVD•added 2025/06/27 12:0 a.m.•2 views

WordPress plugin Domnoo 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

8.1CVSS6.2AI score0.00547EPSS

Exploits0References1

OSV•added 2024/09/14 12:43 a.m.•30 views

RHSA-2021:2243 Red Hat Security Advisory: rust-toolset-1.49 and rust-toolset-1.49-rust update

Bulletin has no description...

9.8CVSS8.4AI score0.00356EPSS

Exploits2References12

RedHat Linux•added 2021/05/18 3:15 p.m.•1 views

rust: memory safety violation in String::retain()

In the standard library in Rust before 1.49.0, String::retain function has a panic safety problem. It allows creation of a non-UTF-8 Rust string when the provided closure panics. This bug could result in a memory safety violation when other string APIs assume that UTF-8 encoding is used on the sa...

7.5CVSS5.8AI score0.00203EPSS

Exploits1References4

Microsoft CVE•added 2021/04/23 7:0 a.m.•2 views

In the standard library in Rust before 1.49.0 String::retain() function has a panic safety problem. It allows creation of a non-UTF-8 Rust string when the provided closure panics. This bug could result in a memory safety violation when other string APIs assume that UTF-8 encoding is used on the same string.

...

7.5CVSS7AI score0.00203EPSS

Exploits1

Veracode•added 2020/11/04 6:0 a.m.•9 views

Hash Collision

Bouncy Castle is vulnerable to hash collision attacks. The library keystore files uses a HMAC hash that is only 16 bits long, allowing a malicious user to retrieve the password used for keystore integrity verification checks. This vulnerability only affects users of the BKS-V1 keystore format,...

2.5AI score

Exploits0

VulnCheck KEV•added 2020/01/31 12:0 a.m.•2 views

VulnCheck KEV: CVE-2019-1003000

A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java that allows attackers with the ability to provide sandboxed scripts to execute arbitrary code on the Jenkins master JVM...

8.8CVSS7.1AI score0.94443EPSS

Exploits15References1

Positive Technologies•added 2019/01/22 12:0 a.m.•5 views

PT-2019-11301 · Jenkins · Script Security Plugin +1

Name of the Vulnerable Software and Affected Versions: Script Security Plugin versions 1.49 and earlier Description: A sandbox bypass issue exists that allows attackers with the ability to provide sandboxed scripts to execute arbitrary code on the Jenkins master JVM. This is due to a vulnerabilit...

8.8CVSS6.4AI score0.94443EPSS

Exploits17References17

Veracode•added 2018/03/22 8:43 a.m.•31 views

Hash Collision

4.4CVSS5.1AI score0.00153EPSS

Exploits0References8Affected Software10

Cvelist•added 2005/08/20 4:0 a.m.•11 views

CVE-2004-2462

cplay 1.49 on Linux allows local users to overwrite arbitrary files via a symlink attack on the cplaycontrol temporary file...

6.3AI score0.00159EPSS

Exploits0References5

Debian CVE•added 2005/08/20 4:0 a.m.•16 views

CVE-2004-2462

Removed by vendor...

4.6CVSS7AI score0.00159EPSS

Exploits0

exploitpack•added 2005/01/13 12:0 a.m.•9 views

ITA Forum 1.49 - SQL Injection

ITA Forum 1.49 - SQL Injection !/usr/bin/perl use LWP::UserAgent; ITA Forum 1.49 sql injection exploit with one char bruteforce by 1dt.w0lf // r57 :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: example: r57ita.pl http://127.0.0.1/ITA/...

0.5AI score

Exploits0

NVD•added 2004/12/31 5:0 a.m.•10 views

CVE-2004-2462

cplay 1.49 on Linux allows local users to overwrite arbitrary files via a symlink attack on the cplaycontrol temporary file...

4.6CVSS6.3AI score0.00159EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by