CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

35 matches found

RedhatCVE•added 2026/01/09 12:14 p.m.•6 views

CVE-2018-9122

In Crea8social 2018.2, there is Reflected Cross-Site Scripting via the term parameter to the /search URI...

5.4CVSS6.4AI score0.00257EPSS

Exploits3References1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-20723

Malware in sbrugna...

5.4CVSS5.5AI score0.00257EPSS

Exploits3References3

RedhatCVE•added 2025/05/22 8:24 a.m.•5 views

CVE-2018-9121

In Crea8social 2018.2, there is Stored Cross-Site Scripting via a post comment...

5.4CVSS6.1AI score0.00257EPSS

Exploits3References1

CNVD•added 2020/09/25 12:0 a.m.•0 views

Gradle Enterprise Cross-Site Request Forgery Vulnerability (CNVD-2020-54143)

Gradle is a set of JVM-based project build tools , it supports maven, Ivy repository and so on. A cross-site request forgery vulnerability exists in Gradle Enterprise version 2018.2 and Build Cache Node version 4.1. The vulnerability stems from a WEB application that does not adequately validate...

7.5CVSS6.9AI score0.00107EPSS

Exploits0References1

CNVD•added 2020/09/21 12:0 a.m.•1 views

Gradle Enterprise Cross-Site Request Forgery Vulnerability

Gradle is a set of JVM-based project build tools , it supports maven, Ivy repository and so on. A cross-site request forgery vulnerability exists in Gradle Enterprise versions 2018.2 through 2020.2.4. The vulnerability stems from a WEB application that does not adequately validate that a request ...

8.8CVSS6.9AI score0.00601EPSS

Exploits0References1

CVE•added 2020/08/26 11:45 p.m.•35 views

CVE-2020-14728

CVE-2020-14728 affects Oracle NetSuite SuiteCommerce Advanced (SCA). Affected SCA versions include Montblanc, Vinson, Elbrus, Kilimanjaro, Aconcagua, 2018.2, 2019.1, 2019.2. The vulnerability is exposed via HTTP with network access, with low privileges and requires UI interaction. Root cause deta...

5.4CVSS4.8AI score0.00185EPSS

Exploits0References1Affected Software1

CNVD•added 2020/04/23 12:0 a.m.•1 views

JetBrains TeamCity Information Disclosure Vulnerability (CNVD-2020-27793)

JetBrains TeamCity is a set of distributed build management and continuous integration tools from the Czech company JetBrains. The tool provides continuous unit testing, code quality analysis and build problem analysis reports and other features. A security vulnerability exists in JetBrains...

4.9CVSS7.1AI score0.00004EPSS

Exploits0References1

Prion•added 2020/04/22 2:15 p.m.•11 views

Design/Logic Flaw

In JetBrains TeamCity 2018.2 through 2019.2.1, a project administrator was able to see scrambled password parameters used in a project. The issue was resolved in 2019.2.2...

4CVSS5.1AI score0.00004EPSS

Exploits0References1Affected Software1

Cvelist•added 2020/04/22 1:52 p.m.•17 views

CVE-2020-11938

In JetBrains TeamCity 2018.2 through 2019.2.1, a project administrator was able to see scrambled password parameters used in a project. The issue was resolved in 2019.2.2...

6.2AI score0.00004EPSS

Exploits0References1

NVD•added 2019/12/19 7:15 p.m.•12 views

CVE-2019-18181

In CloudVision Portal all releases in the 2018.1 and 2018.2 Code train allows users with read-only permissions to bypass permissions for restricted functionality via CVP API calls through the Configlet Builder modules. This vulnerability can potentially enable authenticated users with read-only...

7.8CVSS7.6AI score0.00044EPSS

Exploits0References1

Prion•added 2019/12/19 5:15 p.m.•15 views

Design/Logic Flaw

In CloudVision Portal CVP for all releases in the 2018.2 Train, under certain conditions, the application logs user passwords in plain text for certain API calls, potentially leading to user password exposure. This only affects CVP environments where: 1. Devices have enable mode passwords which a...

3.5CVSS5AI score0.00101EPSS

Exploits0References1Affected Software1

Cvelist•added 2019/12/19 4:39 p.m.•10 views

CVE-2019-18615

5.1AI score0.00101EPSS

Exploits0References1

CVE•added 2019/12/19 4:39 p.m.•58 views

CVE-2019-18615

CVE-2019-18615 applies to Arista’s CloudVision Portal (CVP) 2018.2 train. Under certain conditions, CVP logs user passwords in plain text for specific API calls: (1) devices have enable passwords different from the user login password, or (2) configlet builders use the Device class and specify us...

4.9CVSS5.1AI score0.00101EPSS

Exploits0References1Affected Software1

OSV•added 2019/10/02 7:15 p.m.•1 views

CVE-2019-12157

In JetBrains UpSource versions before 2018.2 build 1293, there is credential disclosure via RPC commands...

9.8CVSS6.8AI score

Exploits0References1

Prion•added 2019/10/02 7:15 p.m.•15 views

Design/Logic Flaw

In JetBrains UpSource versions before 2018.2 build 1293, there is credential disclosure via RPC commands...

10CVSS9.2AI score0.00004EPSS

Exploits0References1Affected Software2

HackRead•added 2018/05/07 10:4 p.m.•58 views

Download Kali Linux 2018.2 with new security features

By Waqas Kali Linux 2018.2 is now available for download with new This is a post from HackRead.com Read the original post: Download Kali Linux 2018.2 with new security features...

1.6AI score

Exploits0

OSV•added 2018/03/29 5:29 a.m.•1 views

CVE-2018-9122

In Crea8social 2018.2, there is Reflected Cross-Site Scripting via the term parameter to the /search URI...

5.4CVSS5.8AI score

Exploits0References2

NVD•added 2018/03/29 5:29 a.m.•7 views

CVE-2018-9121

In Crea8social 2018.2, there is Stored Cross-Site Scripting via a post comment...

5.4CVSS5.3AI score0.00257EPSS

Exploits3References2