CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in Drupal Core allows Privilege Escalation.This issue affects Drupal Core: from 8.0.0 before 10.2.11, from 10.3.0 before 10.3.9, from 11.0.0...

8.1CVSS5.4AI score0.01148EPSS

Exploits0References2

Tenable Nessus•added 2025/08/10 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2024-55637

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Deserialization of Untrusted Data vulnerability in Drupal Core allows Object Injection.This issue affects Drupal Core: from 8.0.0 before 10.2.11, from 10.3.0...

9.8CVSS9AI score0.09982EPSS

Exploits0References2

Atlassian•added 2025/08/07 7:9 a.m.•12 views

DoS (Denial of Service) Third-Party Dependency in Jira Software Data Center and Server

This High severity Third-Party Dependency vulnerability was introduced in versions 9.12.0, 10.3.0, and 10.7.1 of Jira Software Data Center and Server. This Third-Party Dependency vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H allows an...

7.5CVSS6.8AI score0.00683EPSS

Exploits0

RedhatCVE•added 2025/05/22 12:16 a.m.•9 views

CVE-2005-2745

Mail.app in Mail for Apple Mac OS X 10.3.9, when using Kerberos 5 for SMTP authentication, can include uninitialized memory in a message, which might allow remote attackers to obtain sensitive information...

5CVSS6.4AI score0.00748EPSS

Exploits0References1

RedhatCVE•added 2025/05/21 7:35 p.m.•7 views

CVE-2005-2743

The Java extensions for QuickTime 6.52 and earlier in Apple Mac OS X 10.3.9 allow untrusted applets to call arbitrary functions in system libraries, which allows remote attackers to execute arbitrary code...

7.5CVSS7.5AI score0.01732EPSS

Exploits0References1

OSV•added 2024/12/10 12:31 a.m.•11 views

GHSA-938F-5R4F-H65V Drupal core contains a potential PHP Object Injection vulnerability

Drupal core contains a potential PHP Object Injection vulnerability that if combined with another exploit could lead to Artbitrary File Deletion. It is not directly exploitable. This issue is mitigated by the fact that in order to be exploitable, a separate vulnerability must be present that allo...

9.8CVSS9.4AI score0.11473EPSS

Exploits0References4

OSV•added 2024/12/10 12:15 a.m.•0 views

UBUNTU-CVE-2024-55637

Deserialization of Untrusted Data vulnerability in Drupal Core allows Object Injection.This issue affects Drupal Core: from 8.0.0 before 10.2.11, from 10.3.0 before 10.3.9, from 11.0.0 before 11.0.8. Drupal core contains a chain of methods that is exploitable when an insecure deserialization...

9.8CVSS7.9AI score0.09982EPSS

Exploits0References2

CNNVD•added 2024/12/10 12:0 a.m.•1 views

Drupal core 安全漏洞

Drupal core is a free, open source content management system developed in PHP by the Drupal community. A security vulnerability exists in Drupal core version 7.0 up to and including version 7.102, version 8.0.0 up to and including version 10.2.11, and version 10.3.0 up to and including version...

9.8CVSS9AI score0.09687EPSS

Exploits0References2

Cvelist•added 2024/12/09 11:24 p.m.•153 views

CVE-2024-55636 Drupal core - Less critical - Gadget chain - SA-CORE-2024-006

0.11473EPSS

Exploits0References1

Patchstack•added 2024/06/04 6:34 a.m.•1 views

WordPress WP eMember plugin < 10.3.9 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by kauenavarro in WordPress Plugin WP eMember versions 10.3.9...

8.3CVSS6.4AI score0.00176EPSS

Exploits2References1Affected Software1

NVD•added 2024/04/24 3:15 p.m.•8 views

CVE-2024-32872

Umbraco workflow provides workflows for the Umbraco content management system. Prior to versions 10.3.9, 12.2.6, and 13.0.6, an Umbraco Backoffice user can modify requests to a particular API endpoint to include SQL, which will be executed by the server. Umbraco Workflow versions 10.3.9, 12.2.6,...

5.5CVSS5.4AI score0.00066EPSS

Exploits0References1

CNNVD•added 2021/04/13 12:0 a.m.•2 views

Siren Federate 安全漏洞

Siren Federate is an application from Siren Ireland. It extends the Elasticsearch API to add high performance and scalable joins. A security vulnerability exists in Siren Federate that discloses user information across thread contexts when a low-privileged user and a high-privileged user execute...

4.3CVSS5.2AI score0.00391EPSS

Exploits0References2

ALT Linux•added 2018/08/19 12:0 a.m.•33 views

Security fix for the ALT Linux 9 package mariadb version 10.3.9-alt1

Aug. 19, 2018 Alexey Shabalin 10.3.9-alt1 - 10.3.9 - Fixes for the following security vulnerabilities: + CVE-2018-3060 + CVE-2018-3064 + CVE-2018-3063 + CVE-2018-3058 + CVE-2018-3066 - fix path to plugin dir in chroot ALT 35242 - change mode of plugin dir in chroot ALT 33259...

5.5CVSS6.3AI score0.00227EPSS

Exploits0

NVD•added 2007/12/20 12:46 a.m.•7 views

CVE-2007-6456

Unspecified vulnerability in OpenOffice.org code in Planamesa NeoOffice 2.2.2 before Patch 4 has unknown impact and attack vectors related to MacOS 10.3.9 .odb files. NOTE: it is not clear whether this issue is a vulnerability...

10CVSS6.5AI score0.00343EPSS

Exploits0References4