CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/02/26 9:28 p.m.•2 views

CVE-2026-27162

Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, postsnearby was checking topic access but then returning all posts regardless of type, including whispers that should only be visible to whisperers. Use Post.securedguardian to properly filter po...

7.1CVSS0.00047EPSS

RedhatCVE•added 2025/05/22 7:30 p.m.•11 views

CVE-2021-27162

An issue was discovered on FiberHome HG6245D devices through RP2613. The web daemon contains the hardcoded user / tattoo@home credentials for an ISP...

9.8CVSS7.1AI score0.00188EPSS

Circl•added 2025/05/01 9:3 p.m.•9 views

CVE-2021-27162

creationtimestamp| type| source ---|---|--- 2025-05-01 21:03:04+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lo57i25jcy23...

9.8CVSS6.9AI score0.00188EPSS

RedhatCVE•added 2025/03/13 7:34 p.m.•13 views

CVE-2025-27162

Acrobat Reader versions 24.001.30225, 20.005.30748, 25.001.20428 and earlier are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim mus...

7.8CVSS7.3AI score0.00089EPSS

Exploits0References3

NVD•added 2025/03/11 6:15 p.m.•13 views

CVE-2025-27162

7.8CVSS0.00089EPSS

OSV•added 2025/03/11 6:15 p.m.•0 views

CVE-2025-27162

7.8CVSS6.3AI score0.00089EPSS

Cvelist•added 2025/03/11 6:10 p.m.•13 views

CVE-2025-27162 Acrobat Reader | Access of Uninitialized Pointer (CWE-824)

7.8CVSS0.00089EPSS

Vulnrichment•added 2025/03/11 6:10 p.m.•10 views

CVE-2025-27162 Acrobat Reader | Access of Uninitialized Pointer (CWE-824)

7.8CVSS7.8AI score0.00089EPSS

Cvelist•added 2024/06/14 3:39 a.m.•48 views

CVE-2024-27162 DOM-based XSS

Toshiba printers provide a web interface that will load the JavaScript file. The file contains insecure codes vulnerable to XSS and is loaded inside all the webpages provided by the printer. An attacker can steal the cookie of an admin user. As for the affected products/models/versions, see the...

6.1CVSS0.03993EPSS

Circl•added 2023/04/01 12:22 a.m.•2 views

CVE-2023-27162

creationtimestamp| type| source ---|---|--- 2023-04-01 00:22:23+00:00| seen| https://t.me/cibsecurity/61285...

9.1CVSS8.6AI score0.00274EPSS

NVD•added 2023/03/31 8:15 p.m.•11 views

CVE-2023-27162

openapi-generator up to v6.4.0 was discovered to contain a Server-Side Request Forgery SSRF via the component /api/gen/clients/language. This vulnerability allows attackers to access network resources and sensitive information via a crafted API request...

9.1CVSS9AI score0.00274EPSS

OSV•added 2023/03/31 8:15 p.m.•16 views

CVE-2023-27162

9.1CVSS9.2AI score

Exploits0References4

Vulnrichment•added 2023/03/31 12:0 a.m.•5 views

CVE-2023-27162

9AI score0.00274EPSS

Cvelist•added 2023/03/31 12:0 a.m.•9 views

CVE-2023-27162

9.2AI score0.00274EPSS

CVE•added 2023/03/31 12:0 a.m.•98 views

CVE-2023-27162

CVE-2023-27162 affects openapi-generator up to v6.4.0. Affected component: SSRF via /api/gen/clients/{language}, enabling an attacker to access network resources and sensitive information. CVSS v3.1 base score 9.1 (CRITICAL); attack vector network, low complexity, no privileges, no user interacti...

9.1CVSS8.9AI score0.00274EPSS

Exploits1References4Affected Software1

ATTACKERKB•added 2022/04/12 4:15 p.m.•0 views

CVE-2022-27162

CSZ CMS 1.2.2 is vulnerable to SQL Injection via cszcmsadminMemberseditUser...

9.8CVSS6AI score0.00245EPSS

Exploits1References2

Cvelist•added 2022/04/12 3:6 p.m.•12 views

CVE-2022-27162

CSZ CMS 1.2.2 is vulnerable to SQL Injection via cszcmsadminMemberseditUser...

10AI score0.00245EPSS