CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

362 matches found

AstraLinux•added 2026/05/03 11:59 p.m.•1 views

Astra Linux - уязвимость в ansible

A security flaw was discovered in Ansible Engine. This flaw occurs in Ansible 2.7.x versions prior to 2.7.17, Ansible 2.8.x versions prior to 2.8.11, and Ansible 2.9.x versions prior to 2.9.7 when managing Kubernetes using the k8s module. Sensitive parameters such as passwords and tokens are pass...

5.5CVSS6.7AI score0.00051EPSS

Exploits1References2

OSV•added 2026/04/07 5:16 p.m.•1 views

DEBIAN-CVE-2026-35611

Addressable is an alternative implementation to the URI implementation that is part of Ruby's standard library. From 2.3.0 to before 2.9.0, within the URI template implementation in Addressable, two classes of URI template generate regular expressions vulnerable to catastrophic backtracking...

7.5CVSS5.2AI score0.00027EPSS

Exploits0References1

CNNVD•added 2026/04/03 12:0 a.m.•2 views

Juju 安全漏洞

Juju is a canonical Juju open-source application orchestration engine. Vulnerabilities existed in versions of Juju between 2.9 and 2.9.56, as well as in versions between 3.6 and 3.6.19. These vulnerabilities stemmed from the possibility that compromised workload machines could read any log file o...

6.9CVSS5.8AI score0.00013EPSS

Exploits0References3

EUVD•added 2026/03/25 6:31 p.m.•3 views

EUVD-2026-15800

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in G5Theme Darna Framework darna-framework allows Reflected XSS.This issue affects Darna Framework: from n/a through = 2.9...

7.1CVSS5.8AI score0.00045EPSS

Exploits0References2

ATTACKERKB•added 2026/03/05 5:54 a.m.•4 views

CVE-2026-28117

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes smart SEO smartSEO allows PHP Local File Inclusion.This issue affects smart SEO: from n/a through = 2.9...

8.1CVSS5.9AI score0.00172EPSS

Exploits0References2

Positive Technologies•added 2026/02/19 12:0 a.m.•2 views

PT-2026-20688

Missing Authorization vulnerability in Wisernotify team WiserReview Product Reviews for WooCommerce wiser-review allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WiserReview Product Reviews for WooCommerce: from n/a through = 2.9...

5.5AI score0.00013EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:42 a.m.•4 views

CVE-2022-26233

Barco Control Room Management through Suite 2.9 Build 0275 was discovered to be vulnerable to directory traversal, allowing attackers to access sensitive information and components. Requests must begin with the "GET /..\.." substring...

7.5CVSS6.7AI score0.70035EPSS

Exploits3References1

EUVD•added 2025/12/09 6:30 p.m.•1 views

EUVD-2025-202139

Missing Authorization vulnerability in Elated-Themes The Aisle theaisle allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Aisle: from n/a through = 2.9...

6.5AI score0.00036EPSS

Exploits0References2

CVE•added 2025/12/09 2:13 p.m.•4 views

CVE-2025-66534

CVE-2025-66534 is linked to WordPress The Aisle theme (Elated-Themes) versions = 2.9.1 (or equivalent patch) is released by the vendor. Monitor PatchStack/CVE listings for updated mitigation or version fixes.

4.3CVSS6.6AI score0.00036EPSS

Exploits0References1

NVD•added 2025/10/22 3:16 p.m.•3 views

CVE-2025-60228

Deserialization of Untrusted Data vulnerability in designthemes Knowledge Base kbase allows Object Injection.This issue affects Knowledge Base: from n/a through = 2.9...

8.8CVSS0.00113EPSS

Exploits0References1

CVE•added 2025/10/22 2:32 p.m.•3 views

CVE-2025-60228

CVE-2025-60228 describes a PHP Object Injection vulnerability in the WordPress Knowledge Base theme (versions

8.8CVSS6.6AI score0.00113EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-16396

Malware in sbrugna...

5.4CVSS5.6AI score0.00206EPSS

Exploits1References2