CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

88 matches found

Circl•added 2026/05/20 1:0 a.m.•3 views

CVE-2026-2587

creationtimestamp| type| source ---|---|--- 2026-05-20 01:00:51+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mmapdtv3ko2w 2026-05-20 22:00:04+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/85099 2026-05-20 23:00:11+00:00| published-proof-of-concept|...

9.6CVSS5.7AI score0.00146EPSS

Exploits2References3

EUVD•added 2026/01/14 12:31 a.m.•2 views

EUVD-2026-2587

EUVD-2026-2587...

8.5CVSS6.4AI score0.00026EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2010-4162

Malware in sbrugna...

9.3CVSS6.1AI score0.05571EPSS

Exploits0References7

RedhatCVE•added 2025/05/23 12:8 a.m.•3 views

CVE-2022-2587

Out of bounds write in Chrome OS Audio Server in Google Chrome on Chrome OS prior to 102.0.5005.125 allowed a remote attacker to potentially exploit heap corruption via crafted audio metadata...

9.8CVSS6.8AI score0.00655EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 3:14 a.m.•4 views

CVE-2012-2587

Multiple cross-site scripting XSS vulnerabilities in AfterLogic MailSuite Pro 6.3 allow remote attackers to inject arbitrary web script or HTML via an e-mail message body with a crafted SRC attribute of 1 an IFRAME element or 2 a SCRIPT element...

4.3CVSS5.9AI score0.00359EPSS

Exploits2References1

Cvelist•added 2025/03/21 12:0 p.m.•18 views

CVE-2025-2587 Jinher OA C6 IncentivePlanFulfillAppprove.aspx sql injection

A vulnerability, which was classified as critical, was found in Jinher OA C6 1.0. This affects an unknown part of the file IncentivePlanFulfillAppprove.aspx. The manipulation of the argument httpOID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

6.5CVSS0.00052EPSS

Exploits1References4

CVE•added 2025/03/21 12:0 p.m.•52 views

CVE-2025-2587

CVE-2025-2587 affects Jinher OA C6 1.0. The vulnerability is in IncentivePlanFulfillAppprove.aspx where manipulation of the httpOID parameter enables SQL injection. Attack can be initiated remotely; exploitation has been publicly disclosed. Affected component is the file IncentivePlanFulfillApppr...

6.5CVSS6.8AI score0.00052EPSS

Exploits1References4Affected Software1

Tenable Nessus•added 2025/03/04 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2017-2587

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A memory allocation vulnerability was found in netpbm before 10.61. A maliciously crafted SVG file could cause the application to crash. CVE-2017-2587 Note that...

5.5CVSS5.6AI score0.00077EPSS

Exploits0References2

RedhatCVE•added 2025/02/05 2:20 p.m.•12 views

CVE-2020-2587

Vulnerability in the Oracle Human Resources product of Oracle E-Business Suite component: Hierarchy Diagrammers. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.9. Easily exploitable vulnerability allows low privileged attacker with network access via HTTPS to compromise...

9.9CVSS7.7AI score0.01882EPSS

Exploits0References3

Tenable Nessus•added 2024/07/12 12:0 a.m.•38 views

Amazon Linux 2 : harfbuzz (ALAS-2024-2587)

The version of harfbuzz installed on the remote host is prior to 1.7.5-2. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2587 advisory. hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger On^2 growth via consecutive marks during the proces...

7.5CVSS6.4AI score0.00068EPSS

Exploits0References4

Tenable Nessus•added 2024/04/30 12:0 a.m.•29 views

RHEL 8 : unbound (RHSA-2024:2587)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2587 advisory. The unbound packages provide a validating, recursive, and caching DNS or DNSSEC resolver. Security Fixes: bind9: KeyTrap - Extreme CPU...

8CVSS7.1AI score0.43701EPSS

Exploits1References8

Circl•added 2024/03/18 3:26 p.m.•2 views

CVE-2024-2587

creationtimestamp| type| source ---|---|--- 2024-03-18 15:26:25+00:00| seen| https://t.me/ctinow/210636...

8.2CVSS4.8AI score0.00048EPSS

Exploits0References1

OSV•added 2024/03/18 2:15 p.m.•2 views

CVE-2024-2587

Vulnerability in AMSS++ version 4.31 that allows SQL injection through /amssplus/modules/book/main/bookdetailkhetperson.php, in multiple parameters. This vulnerability could allow a remote attacker to send a specially crafted SQL query to the server and retrieve all the information stored in the ...

7.5CVSS5.9AI score

Exploits0References1

Vulnrichment•added 2024/03/18 1:53 p.m.•12 views

CVE-2024-2587 SQL injection vulnerability in AMSS++

8.2CVSS8.3AI score0.00048EPSS

Exploits0References1

CVE•added 2024/03/18 1:53 p.m.•42 views

CVE-2024-2587

AMSS++ 4.31 is affected by a SQL injection vulnerability in the page /amssplus/modules/book/main/bookdetail_khet_person.php, exploitable via multiple parameters. The weakness could allow a remote attacker to send crafted SQL payloads and retrieve information stored in the database. The CVE entry ...

8.2CVSS8.3AI score0.00048EPSS

Exploits0References1Affected Software1

Circl•added 2024/02/26 2:42 p.m.•2 views

RHSA-2019:2587

creationtimestamp| type| source ---|---|--- 2024-02-26 14:42:07+00:00| seen| https://t.me/ctinow/193374...

4.8AI score

Exploits0References1

OSV•added 2024/01/19 6:15 p.m.•1 views

CVE-2024-22919

swftools0.9.2 was discovered to contain a global-buffer-overflow vulnerability via the function parseExpression at swftools/src/swfc.c:2587...

7.8CVSS5.8AI score0.00098EPSS

Exploits1References1