CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Incorrect Implementation of Authentication Algorithm vulnerability in ABB ABB Ability OPTIMAX.This issue affects ABB Ability OPTIMAX: 6.1, 6.2, from 6.3.0 before 6.3.1-251120, from 6.4.0 before 6.4.1-251120...

9.2CVSS6.5AI score0.00032EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2006-4122

Malware in sbrugna...

5CVSS6.4AI score0.0238EPSS

Exploits0References10

RedhatCVE•added 2025/05/23 3:40 a.m.•2 views

CVE-2023-2948

Cross-site Scripting XSS - Generic in GitHub repository openemr/openemr prior to 7.0.1...

8.3CVSS6.1AI score0.86507EPSS

Exploits1References1

Circl•added 2025/02/05 2:32 p.m.•5 views

CVE-2009-2948

creationtimestamp| type| source ---|---|--- 2025-02-05 14:32:32+00:00| seen| https://gist.github.com/krnowak/99bf3c7cb0c4eba1e9f4f6c5e3f1df00...

1.9CVSS6.8AI score0.00211EPSS

Exploits1References1

RedhatCVE•added 2025/02/05 2:14 a.m.•3 views

CVE-2024-2948

The Favorites plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'userfavorites' shortcode in all versions up to, and including, 2.3.3 due to insufficient input sanitization and output escaping on user supplied attributes such as 'nofavorites'. This makes it possib...

7.2CVSS5.8AI score0.00158EPSS

Exploits0References1

Patchstack•added 2024/04/01 12:0 a.m.•6 views

WordPress Favorites Plugin <= 2.3.3 is vulnerable to Cross Site Scripting (XSS)

Software Favorites Type Plugin Vulnerable versions = 2.3.3 Fixed in 2.3.4 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2948 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID c2692eb6e95c Credits Krzysztof Zając Required...

7.2CVSS5.8AI score0.00158EPSS

Exploits0References3Affected Software1

CVE•added 2024/03/30 7:36 a.m.•45 views

CVE-2024-2948

CVE-2024-2948 affects the WordPress Favorites plugin: all versions up to 2.3.3 are vulnerable to Stored XSS via the user_favorites shortcode due to insufficient input sanitization/output escaping on attributes like no_favorites. Exploitation requires contributor+ access and can inject scripts tha...

7.2CVSS7.6AI score0.00158EPSS

Exploits0References2

Cvelist•added 2024/03/30 7:36 a.m.•14 views

CVE-2024-2948 Favorites <= 2.3.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

6.4CVSS6.2AI score0.00158EPSS

Exploits0References2

Circl•added 2023/11/15 4:53 p.m.•1 views

CVE-2019-2948

creationtimestamp| type| source ---|---|--- 2023-11-15 16:53:22+00:00| seen| https://t.me/BABATATASASA/5989 2024-01-15 10:06:43+00:00| seen| https://t.me/ctinow/168237...

4.9CVSS6.2AI score0.00409EPSS

Exploits0References2

Circl•added 2023/05/28 7:29 a.m.•1 views

CVE-2023-2948

creationtimestamp| type| source ---|---|--- 2023-05-28 07:29:53+00:00| seen| https://t.me/cibsecurity/64745 2024-04-24 21:52:41+00:00| seen| https://t.me/arpsyndicate/4827...

8.3CVSS7AI score0.86507EPSS

Exploits1References2

NVD•added 2023/05/28 4:15 a.m.•11 views

CVE-2023-2948

Cross-site Scripting XSS - Generic in GitHub repository openemr/openemr prior to 7.0.1...

8.3CVSS6.3AI score0.86507EPSS

Exploits1References2

Vulnrichment•added 2023/05/28 12:0 a.m.•7 views

CVE-2023-2948 Cross-site Scripting (XSS) - Generic in openemr/openemr

Cross-site Scripting XSS - Generic in GitHub repository openemr/openemr prior to 7.0.1...

8.3CVSS6.1AI score0.86507EPSS

Exploits1References2

OSV•added 2023/05/28 12:0 a.m.•13 views

CVE-2023-2948 Cross-site Scripting (XSS) - Generic in openemr/openemr

Cross-site Scripting XSS - Generic in GitHub repository openemr/openemr prior to 7.0.1...

8.3CVSS7.8AI score0.86507EPSS

Exploits1References4

CVE•added 2023/05/28 12:0 a.m.•109 views

CVE-2023-2948

OpenEMR

8.3CVSS6.3AI score0.86507EPSS

Exploits1References2Affected Software1

Tenable Nessus•added 2023/05/24 12:0 a.m.•61 views

Oracle Linux 8 : device-mapper-multipath (ELSA-2023-2948)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-2948 advisory. 0.8.4-37 - Fix bugzilla linked to the changes was previously linked to the wrong bug, 2162537 - Resolves: bz 2166468 0.8.4-36 - Add...

7.8CVSS7.6AI score0.00231EPSS

Exploits4References2

Tenable Nessus•added 2023/05/20 12:0 a.m.•38 views

AlmaLinux 8 : device-mapper-multipath (ALSA-2023:2948)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:2948 advisory. - multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. Local users able to...

7.8CVSS7.5AI score0.00231EPSS

Exploits5References2

RedHat Linux•added 2023/05/16 8:31 a.m.•32 views

Moderate: Red Hat Security Advisory: device-mapper-multipath security and bug fix update

An update for device-mapper-multipath is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

7.8CVSS7.3AI score0.00231EPSS

Exploits4References10

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by