CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

33406 matches found

OSV•added 10 hours ago•3 views

ROOT-OS-DEBIAN-13-CVE-2014-9900 CVE-2014-9900 in rootio-linux - Patched by Root

Root has patched CVE-2014-9900 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...

5.5CVSS8.3AI score0.00519EPSS

Exploits0

OSV•added 10 hours ago•9 views

ROOT-OS-DEBIAN-13-CVE-2014-9892 CVE-2014-9892 in rootio-linux - Patched by Root

Root has patched CVE-2014-9892 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...

5.5CVSS8.2AI score0.00499EPSS

Exploits0

OSV•added 10 hours ago•7 views

ROOT-OS-DEBIAN-12-CVE-2014-9892 CVE-2014-9892 in rootio-linux - Patched by Root

Root has patched CVE-2014-9892 in the rootio-linux package for Root:Debian:12. Multiple fixed versions available...

5.5CVSS8.3AI score0.00499EPSS

Exploits0

OSV•added 10 hours ago•4 views

ROOT-OS-DEBIAN-12-CVE-2014-9900 CVE-2014-9900 in rootio-linux - Patched by Root

Root has patched CVE-2014-9900 in the rootio-linux package for Root:Debian:12. Multiple fixed versions available...

5.5CVSS8.2AI score0.00519EPSS

Exploits0

OSV•added 10 hours ago•6 views

ROOT-OS-DEBIAN-11-CVE-2014-9892 CVE-2014-9892 in rootio-linux - Patched by Root

Root has patched CVE-2014-9892 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

5.5CVSS8.2AI score0.00499EPSS

Exploits0

Nuclei•added 11 hours ago•25 views

Cross RSS 1.7 - Local File Inclusion

Absolute path traversal vulnerability in Cross-RSS wp-cross-rss plugin 1.7 for WordPress allows remote attackers to read arbitrary files via a full pathname in the rss parameter to proxy.php. id: CVE-2014-4941 info: name: Cross RSS 1.7 - Local File Inclusion author: DhiyaneshDK severity: medium...

5CVSS7.5AI score0.04306EPSS

Exploits1References3

Nuclei•added 11 hours ago•22 views

Last.fm Rotation 1.0 - Path Traversal

Directory traversal vulnerability in lastfm-proxy.php in the Last.fm Rotation lastfm-rotation plugin 1.0 for WordPress allows remote attackers to read arbitrary files via a .. dot dot in the snode parameter. id: CVE-2014-5181 info: name: Last.fm Rotation 1.0 - Path Traversal author: DhiyaneshDK...

5CVSS6AI score0.04259EPSS

Exploits1

Nuclei•added 11 hours ago•19 views

Sitecore CMS - Cross-Site Scripting

Sitecore CMS contains a cross-site scripting vulnerability via the "special way" of displaying XML Controls directly, which allows for a Cross Site Scripting Attack. id: CVE-2014-100004 info: name: Sitecore CMS - Cross-Site Scripting author: DhiyaneshDK severity: medium description: | Sitecore CM...

4.3CVSS5.6AI score0.02016EPSS

Exploits1References3

Nuclei•added 11 hours ago•87 views

Eyou E-Mail <3.6 - Remote Code Execution

Eyou Mail System before 3.6 allows remote attackers to execute arbitrary commands via shell metacharacters in the domain parameter to admin/domain/iploginset/diploginget.php via the getloginipconfigfile function. id: CVE-2014-1203 info: name: Eyou E-Mail 3.6 - Remote Code Execution author: pikpik...

9.8CVSS7.6AI score0.15647EPSS

Exploits0References5

Nuclei•added 11 hours ago•43 views

Node.js st module Directory Traversal

A directory traversal vulnerability in the st module before 0.2.5 for Node.js allows remote attackers to read arbitrary files via a %2e%2e encoded dot dot in an unspecified path. id: CVE-2014-3744 info: name: Node.js st module Directory Traversal author: geeknik severity: high description: A...

7.5CVSS7.3AI score0.34012EPSS

Exploits0References5

Nuclei•added 11 hours ago•64 views

Siemens SIMATIC S7-1200 CPU - Cross-Site Scripting

A cross-site scripting vulnerability in the integrated web server on Siemens SIMATIC S7-1200 CPU devices 2.x and 3.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. id: CVE-2014-2908 info: name: Siemens SIMATIC S7-1200 CPU - Cross-Site Scripting author:...

4.3CVSS5.8AI score0.2095EPSS

Exploits3References5

Nuclei•added 11 hours ago•28 views

Belkin N150 Router 1.00.08/1.00.09 - Path Traversal

A path traversal vulnerability in the webproc cgi module on the Belkin N150 F9K1009 v1 router with firmware before 1.00.08 allows remote attackers to read arbitrary files via a full pathname in the getpage parameter. id: CVE-2014-2962 info: name: Belkin N150 Router 1.00.08/1.00.09 - Path Traversa...

7.8CVSS6AI score0.47095EPSS

Exploits1References5

Nuclei•added 11 hours ago•23 views

WooCommerce Swipe <= 2.7.1 - Cross-Site Scripting

A cross-site scripting vulnerability in test-plugin.php in the Swipe Checkout for WooCommerce plugin 2.7.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the apiurl parameter. id: CVE-2014-4558 info: name: WooCommerce Swipe = 2.7.1 - Cross-Site...

6.1CVSS6.4AI score0.04055EPSS

Exploits2References4

Nuclei•added 11 hours ago•24 views

WordPress Plugin Tera Charts - Local File Inclusion

Multiple local file inclusion vulnerabilities in Tera Charts tera-charts plugin 0.1 for WordPress allow remote attackers to read arbitrary files via a .. dot dot in the fn parameter to 1 charts/treemap.php or 2 charts/zoomabletreemap.php. id: CVE-2014-4940 info: name: WordPress Plugin Tera Charts...

5CVSS7.5AI score0.18734EPSS

Exploits2References4

Nuclei•added 11 hours ago•21 views

WP Planet <= 0.1 - Cross-Site Scripting

A cross-site scripting vulnerability in rss.class/scripts/magpiedebug.php in the WP-Planet plugin 0.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the url parameter. id: CVE-2014-4592 info: name: WP Planet = 0.1 - Cross-Site Scripting author:...

6.1CVSS6.4AI score0.03884EPSS

Exploits2References4

Nuclei•added 11 hours ago•31 views

webEdition 6.3.8.0 - Directory Traversal

A directory traversal vulnerability in showTempFile.php in webEdition CMS before 6.3.9.0 Beta allows remote authenticated users to read arbitrary files via a .. dot dot in the file parameter. id: CVE-2014-5258 info: name: webEdition 6.3.8.0 - Directory Traversal author: daffainfo severity: medium...

4CVSS6AI score0.19764EPSS

Exploits6References5

Nuclei•added 11 hours ago•22 views

Frontend Uploader <= 0.9.2 - Cross-Site Scripting

The Frontend Uploader WordPress plugin prior to v.0.9.2 was affected by an unauthenticated Cross-Site Scripting security vulnerability. id: CVE-2014-9444 info: name: Frontend Uploader = 0.9.2 - Cross-Site Scripting author: daffainfo severity: medium description: The Frontend Uploader WordPress...

4.3CVSS5.8AI score0.06701EPSS

Exploits2References4

Nuclei•added 11 hours ago•33 views

Podcast Channels < 0.28 - Cross-Site Scripting

The Podcast Channels WordPress plugin was affected by an unauthenticated reflected cross-site scripting security vulnerability. id: CVE-2014-4544 info: name: Podcast Channels 0.28 - Cross-Site Scripting author: daffainfo severity: medium description: The Podcast Channels WordPress plugin was...

6.1CVSS6.2AI score0.03779EPSS

Exploits1References4

Nuclei•added 11 hours ago•24 views

Movies <= 0.6 - Cross-Site Scripting

A cross-site scripting vulnerability in the Movies plugin 0.6 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the filename parameter to getid3/demos/demo.mimeonly.php. id: CVE-2014-4539 info: name: Movies = 0.6 - Cross-Site Scripting author: daffainfo...

6.1CVSS6.4AI score0.03983EPSS

Exploits2References4

Nuclei•added 11 hours ago•24 views

Import Legacy Media <= 0.1 - Cross-Site Scripting

A cross-site scripting vulnerability in the Import Legacy Media plugin 0.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the filename parameter to getid3/demos/demo.mimeonly.php. id: CVE-2014-4535 info: name: Import Legacy Media = 0.1 - Cross-Site...

6.1CVSS6.4AI score0.03983EPSS

Exploits2References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by