CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/05/04 8:21 p.m.•3 views

CVE-2026-7703

A flaw has been found in AV Stumpfl Pixera Two Media Server up to 25.2 R2. Impacted is an unknown function of the component Websocket API. This manipulation causes code injection. The attack can be initiated remotely. The exploit has been published and may be used. Upgrading to version 25.2 R3 is...

7.5CVSS6.7AI score0.00067EPSS

NVD•added 2026/05/03 5:16 p.m.•6 views

CVE-2026-7704

5.3CVSS0.0001EPSS

NVD•added 2026/05/03 5:16 p.m.•10 views

CVE-2026-7703

7.5CVSS0.00067EPSS

ATTACKERKB•added 2026/05/03 4:45 p.m.•6 views

CVE-2026-7704

5.3CVSS5.2AI score0.0001EPSS

Cvelist•added 2026/05/03 4:45 p.m.•32 views

CVE-2026-7704 AV Stumpfl Pixera Two Media Server Service Port 1338 path traversal

5.3CVSS0.0001EPSS

Vulnrichment•added 2026/05/03 4:45 p.m.•2 views

CVE-2026-7704 AV Stumpfl Pixera Two Media Server Service Port 1338 path traversal

5.3CVSS5.2AI score0.0001EPSS

EUVD•added 2026/05/03 4:15 p.m.•9 views

EUVD-2026-26841

7.5CVSS6.7AI score0.00067EPSS

ATTACKERKB•added 2026/05/03 4:15 p.m.•7 views

CVE-2026-7703

7.5CVSS5.4AI score0.00067EPSS

Positive Technologies•added 2026/05/03 12:0 a.m.•3 views

PT-2026-36708

Name of the Vulnerable Software and Affected Versions AV Stumpfl Pixera Two Media Server versions prior to 25.2 R3 Description An issue exists in an unknown function of the Service Port 1338 component. This flaw allows for path traversal, a technique used to access files and directories outside t...

5.3CVSS5.8AI score0.0001EPSS

Exploits0References8

NVD•added 2026/04/09 10:16 p.m.•6 views

CVE-2026-33785

A Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS on MX Series allows a local, authenticated user with low privileges to execute specific commands which will lead to a complete compromise of managed devices. Any user logged in, without requiring specific privileges, ca...

8.8CVSS0.00006EPSS

RedhatCVE•added 2026/03/27 5:9 p.m.•1 views

CVE-2026-33402

Sakai is a Collaboration and Learning Environment CLE. In versions 23.0 through 23.4 and 25.0 through 25.1, group titles and description can contain cross-site scripting scripts. The patch is included in releases 25.2 and 23.5. As a workaround, one can check the SAKAISITEGROUP table for titles an...

6.1CVSS5.8AI score0.00013EPSS

NVD•added 2026/03/27 2:16 p.m.•3 views

CVE-2025-13478

Cache misconfiguration vulnerability in OpenText Identity Manager on Windows, Linux allows remote authenticated users to obtain another user's session data via insecure application cache handling. This issue affects Identity Manager: 25.2v4.10.1...

8.4CVSS0.00274EPSS

ATTACKERKB•added 2026/03/26 4:45 p.m.•0 views

CVE-2026-33402

5.3CVSS5.6AI score0.00013EPSS

Exploits0References3Affected Software1

EUVD•added 2026/03/26 4:45 p.m.•1 views

EUVD-2026-16256

5.3CVSS5.6AI score0.00013EPSS

Vulnrichment•added 2026/03/26 4:45 p.m.•1 views

CVE-2026-33402 SAK-52311: Sakai site-manage group titles can contain XSS content

5.3CVSS5.6AI score0.00013EPSS

Cvelist•added 2026/03/26 4:45 p.m.•19 views

CVE-2026-33402 SAK-52311: Sakai site-manage group titles can contain XSS content

5.3CVSS0.00013EPSS

Cvelist•added 2026/03/18 1:49 p.m.•23 views

CVE-2026-3278 XSS Vulnerability discovered in OpenText™ ZENworks Service Desk.

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in OpenText™ ZENworks Service Desk allows Cross-Site Scripting XSS. The vulnerability could allow an attacker to execute arbitrary JavaScript leading to unauthorized actions on behalf of the user.This...

7.4CVSS0.00041EPSS