CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ATTACKERKB•added 2026/04/29 2:22 p.m.•0 views

CVE-2026-7111

5.5AI score0.0002EPSS

Exploits0References3

CNNVD•added 2026/04/29 12:0 a.m.•5 views

Text-CSV_XS 资源管理错误漏洞

Text-CSVXS is a CSV file parsing and generation tool developed by CPAN authors under open source. Versions of Text-CSVXS prior to 1.62 contained a resource management vulnerability. This vulnerability stemmed from the use of the Perl parameter stack during registration callback extensions; reusin...

8.4CVSS5.8AI score0.0002EPSS

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2002-2005

Malware in sbrugna...

7.5CVSS6.4AI score0.0501EPSS

Exploits1References4

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2008-0818

Malware in sbrugna...

7.5CVSS6.4AI score0.00462EPSS

Exploits0References4

Tenable Nessus•added 2025/08/18 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2022-31152

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. The Matrix specification specifies a list of event authorizatio...

7.5CVSS7.2AI score0.00731EPSS

Exploits0References2

OSV•added 2024/11/26 5:15 p.m.•1 views

AZL-53456 CVE-2024-11407 affecting package grpc for versions less than 1.62.0-4

There exists a denial of service through Data corruption in gRPC-C++ - gRPC-C++ servers with transmit zero copy enabled through the channel arg GRPCARGTCPTXZEROCOPYENABLED can experience data corruption issues. The data sent by the application may be corrupted before transmission over the network...

7.5CVSS6.7AI score0.00045EPSS

ATTACKERKB•added 2023/10/05 8:15 p.m.•0 views

CVE-2023-40920

Prixan prixanconnect up to v1.62 was discovered to contain a SQL injection vulnerability via the component CartsGuruCatalogModuleFrontController::importProducts...

9.8CVSS5.7AI score0.0007EPSS

Exploits1References2

Positive Technologies•added 2023/10/05 12:0 a.m.•2 views

PT-2023-27700 · Unknown · Prixan Prixanconnect

Name of the Vulnerable Software and Affected Versions: Prixan prixanconnect versions up to v1.62 Description: The issue is related to a SQL injection vulnerability via the component CartsGuruCatalogModuleFrontController::importProducts. This vulnerability allows for the injection of malicious SQL...

9.8CVSS7.8AI score0.0007EPSS

Exploits1References7

Japan Vulnerability Notes•added 2022/10/19 7:23 a.m.•0 views

Stack-based buffer overflow vulnerability in Yokogawa Test & Measurement WTViewerE

Overview WTViewerE provided by Yokogawa Test & Measurement Corporation contains a stack-based buffer overflow vulnerability CWE-121. Michael Heinzl reported this vulnerability to JPCERT/CC. JPCERT/CC coordinated with the developer. Impact Processing a long file name may cause the product to crash...

9.8CVSS7.1AI score0.00654EPSS

PyPA•added 2022/09/02 8:15 p.m.•6 views

PYSEC-2022-262

Synapse is an open-source Matrix homeserver written and maintained by the Matrix.org Foundation. The Matrix specification specifies a list of event authorization rules which must be checked when determining if an event should be accepted into a room. In versions of Synapse up to and including...

7.5CVSS6.8AI score0.00731EPSS

Exploits0References4Affected Software1

OSV•added 2022/05/24 4:55 p.m.•0 views

GHSA-HVMX-5HV4-F235 Sandbox bypass vulnerability in Jenkins Script Security Plugin

A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of property names in property expressions on the left-hand side of assignment expressions allowed attackers to execute arbitrary code in sandboxed scripts...

4.2CVSS7.5AI score0.00162EPSS

RedHat Linux•added 2019/12/17 2:18 a.m.•2 views

jenkins-script-security-plugin: handling of property names in property expressions in increment and decrement expressions allowed attackers to execute arbitrary code in sandboxed scripts

A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of property names in property expressions in increment and decrement expressions allowed attackers to execute arbitrary code in sandboxed scripts...

RedHat Linux•added 2019/12/17 2:18 a.m.•3 views

jenkins-script-security-plugin: handling of property names in property expressions on the left-hand side of assignment expression leads to execute arbitrary code in sandboxed scripts

RedHat Linux•added 2019/12/16 1:54 p.m.•3 views

jenkins-script-security-plugin: handling of method names in method call expressions allowed attackers to execute arbitrary code in sandboxed scripts

A sandbox bypass vulnerability in Jenkins Script Security Plugin 1.62 and earlier related to the handling of method names in method call expressions allowed attackers to execute arbitrary code in sandboxed scripts...

RedHat Linux•added 2019/12/11 8:38 a.m.•2 views

jenkins-script-security-plugin: handling of method names in method call expressions allowed attackers to execute arbitrary code in sandboxed scripts

CNVD•added 2019/09/17 12:0 a.m.•1 views

CloudBees Jenkins Script Security Plugin Input Validation Error Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing project and some timed tasks . Script Security Plugin is used in one of the...

4.9CVSS7.2AI score0.00162EPSS

CNVD•added 2019/09/17 12:0 a.m.•1 views

CloudBees Jenkins Script Security plugin sandbox bypass vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Script Security Plugin is used in one of the...

4.9CVSS7.3AI score0.00162EPSS