CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

18125 matches found

Jira Rainbow.Zen - Cross-Site Scripting

Jira Rainbow.Zen contains a cross-site scripting vulnerability via Jira/secure/BrowseProject.jspa which allows remote attackers to inject arbitrary web script or HTML via the id parameter. id: CVE-2007-0885 info: name: Jira Rainbow.Zen - Cross-Site Scripting author: geeknik severity: medium...

6.8CVSS5.8AI score0.0135EPSS

Exploits0References3

Tenable Nessus•added 23 hours ago•2 views

RockyLinux 10 : postgresql18 (RLSA-2026:19009)

The remote RockyLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:19009 advisory. postgresql: PostgreSQL pgtrgm heap buffer overflow writes pattern onto server memory CVE-2026-2007 postgresql: PostgreSQL oidvector discloses a few byt...

8.8CVSS6.3AI score0.00059EPSS

Exploits3References11

Rockylinux•added 5 days ago•8 views

postgresql18 security update

An update is available for postgresql18. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list PostgreSQL is an advanced Object-Relational database management system...

8.8CVSS6.2AI score0.00059EPSS

Exploits3

RedHat Linux•added 2026/05/19 1:28 p.m.•5 views

Important: Red Hat Security Advisory: postgresql18 security update

An update for postgresql18 is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

8.8CVSS6.3AI score0.00059EPSS

Exploits3References6

Tenable Nessus•added 2026/05/19 12:0 a.m.•4 views

RHEL 10 : postgresql18 (RHSA-2026:19009)

The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:19009 advisory. PostgreSQL is an advanced Object-Relational database management system DBMS. The base postgresql package contains the client programs that...

8.8CVSS6.2AI score0.00059EPSS

Exploits3References12

EUVD•added 2026/04/23 12:31 p.m.•2 views

EUVD-2026-25213

Borg SPM 2007 Sales Ended in 2008 developed by BorG Technology Corporation has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents...

9.8CVSS6AI score0.00116EPSS

Exploits0References3

EUVD•added 2026/04/23 12:31 p.m.•0 views

EUVD-2026-25209

Borg SPM 2007 Sales Ended in 2008 developed by BorG Technology Corporation has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...

9.8CVSS6.5AI score0.00275EPSS

Exploits0References3

NVD•added 2026/04/23 10:16 a.m.•2 views

CVE-2026-6885

9.8CVSS0.00275EPSS

Exploits0References2

NVD•added 2026/04/23 10:16 a.m.•2 views

CVE-2026-6886

Borg SPM 2007 Sales Ended in 2008 developed by BorG Technology Corporation has a Authentication Bypass vulnerability, allowing unauthenticated remote attackers to log into the system as any user...

9.8CVSS0.00273EPSS

Exploits0References2

NVD•added 2026/04/23 10:16 a.m.•2 views

CVE-2026-6887

9.8CVSS0.00116EPSS

Exploits0References2

ATTACKERKB•added 2026/04/23 9:30 a.m.•1 views

CVE-2026-6887

9.8CVSS6AI score0.00116EPSS

Exploits0References3

Cvelist•added 2026/04/23 9:30 a.m.•25 views

CVE-2026-6887 BorG Technology Corporation｜Borg SPM 2007 - SQL Injection

9.8CVSS0.00116EPSS

Exploits0References2

CVE•added 2026/04/23 9:30 a.m.•4 views

CVE-2026-6887

The CVE-2026-6887 entry concerns Borg SPM 2007 (BorG Technology Corporation). The connected sources describe a SQL Injection vulnerability that allows unauthenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents. The vulnerability impact is descr...

9.8CVSS6AI score0.00116EPSS

Exploits0References2

ATTACKERKB•added 2026/04/23 9:25 a.m.•1 views

CVE-2026-6886

Borg SPM 2007 Sales Ended in 2008 developed by BorG Technology Corporation has a Authentication Bypass vulnerability, allowing unauthenticated remote attackers to log into the system as any user...

9.8CVSS5.8AI score0.00273EPSS

Exploits0References3

CVE•added 2026/04/23 9:25 a.m.•6 views

CVE-2026-6886

CVE-2026-6886 concerns Borg SPM 2007 (BorG Technology Corporation). The provided records describe an authentication bypass that allows unauthenticated remote attackers to log in as any user. Documents list CRITICAL CVSS scores (4.0: 9.3; 3.1: 9.8) and confirm the vulnerability, but no explicit ro...

9.8CVSS5.8AI score0.00273EPSS

Exploits0References2

Cvelist•added 2026/04/23 9:25 a.m.•27 views

CVE-2026-6886 BorG Technology Corporation｜Borg SPM 2007 - Authentication Bypass

Borg SPM 2007 Sales Ended in 2008 developed by BorG Technology Corporation has a Authentication Bypass vulnerability, allowing unauthenticated remote attackers to log into the system as any user...

9.8CVSS0.00273EPSS

Exploits0References2

Cvelist•added 2026/04/23 9:5 a.m.•27 views

CVE-2026-6885 BorG Technology Corporation｜Borg SPM 2007 - Arbitrary File Upload

9.8CVSS0.00275EPSS

Exploits0References2

CVE•added 2026/04/23 9:5 a.m.•5 views

CVE-2026-6885

CVE-2026-6885 affects Borg SPM 2007 from BorG Technology Corporation. The vulnerability is described as Arbitrary File Upload that allows unauthenticated remote attackers to upload and execute a web shell, enabling arbitrary code execution on the server. The connected sources do not provide concr...

9.8CVSS6.5AI score0.00275EPSS

Exploits0References2

ATTACKERKB•added 2026/04/23 9:5 a.m.•2 views

CVE-2026-6885

9.8CVSS6.5AI score0.00275EPSS

Exploits0References3