CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16 matches found

Tenable Nessus•added 2026/03/28 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-33320

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Dasel is a command-line tool and library for querying, modifying, and transforming data structures. Starting in version 3.0.0 and prior to version 3.3.1, Dasel'...

6.2CVSS6.4AI score0.00008EPSS

Exploits1References2

RedhatCVE•added 2026/03/26 3:9 p.m.•4 views

CVE-2026-33320

Dasel is a command-line tool and library for querying, modifying, and transforming data structures. Starting in version 3.0.0 and prior to version 3.3.1, Dasel's YAML reader allows an attacker who can supply YAML for processing to trigger extreme CPU and memory consumption. The issue is in the...

6.2CVSS5.8AI score0.00008EPSS

Exploits1References1

Chainguard•added 2026/03/20 7:25 p.m.•3 views

CVE-2026-33320 vulnerabilities

Vulnerabilities for packages: vale...

6.2CVSS5.8AI score0.00008EPSS

Exploits1

Circl•added 2026/03/18 7:16 p.m.•1 views

CVE-2026-33320

creationtimestamp| type| source ---|---|--- 2026-03-18 19:16:52+00:00| published-proof-of-concept| https://github.com/TomWright/dasel/security/advisories/GHSA-4fcp-jxh7-23x8 2026-05-04 21:00:04+00:00| seen| Telegram/rPnY3cDOMvKcPFRcx6QsxUGiZwWHKwUb91xptawBtUQTSW0 2026-06-01 21:00:04+00:00| seen|...

6.2CVSS6.3AI score0.00008EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 8:43 a.m.•7 views

CVE-2022-33320

Deserialization of Untrusted Data vulnerability in Mitsubishi Electric GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions GENESIS64 versions 10.97 to 10.97.1, Mitsubishi Electric ICONICS Suite versions 10.97 to 10.97.1, Mitsubishi Electric Iconics Digital Solutions...

7.8CVSS7.7AI score0.00145EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 2:2 a.m.•5 views

CVE-2023-33320

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Mohammad I. Okfie WP-Hijri plugin = 1.5.1 versions...

7.1CVSS5.9AI score0.00088EPSS

Exploits0References1

Circl•added 2023/08/30 4:12 p.m.•1 views

CVE-2023-33320

creationtimestamp| type| source ---|---|--- 2023-08-30 16:12:34+00:00| seen| https://t.me/cibsecurity/69431...

7.1CVSS7.1AI score0.00088EPSS

Exploits0References1

OSV•added 2023/08/30 1:15 p.m.•0 views

CVE-2023-33320

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Mohammad I. Okfie WP-Hijri plugin = 1.5.1 versions...

6.1CVSS7.3AI score

Exploits0References1

CVE•added 2023/08/30 12:39 p.m.•35 views

CVE-2023-33320

CVE-2023-33320 is an unauthenticated Reflected Cross-Site Scripting (XSS) in the WordPress plugin WP-Hijri, affecting versions ≤ 1.5.1. Public sources (NVD/Red Hat/Patchstack/Wordfence) confirm this XSS. The vulnerability is addressed by upgrading to a version newer than 1.5.1; Patchstack notes t...

7.1CVSS6AI score0.00088EPSS

Exploits0References1Affected Software1

Cvelist•added 2023/08/30 12:39 p.m.•14 views

CVE-2023-33320 WordPress WP-Hijri Plugin <= 1.5.1 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Mohammad I. Okfie WP-Hijri plugin = 1.5.1 versions...

7.1CVSS6.3AI score0.00088EPSS

Exploits0References1

Patchstack•added 2023/05/22 12:0 a.m.•10 views

WordPress WP-Hijri Plugin <= 1.5.1 is vulnerable to Cross Site Scripting (XSS)

Software WP-Hijri Type Plugin Vulnerable versions = 1.5.1 Fixed in 1.5.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-33320 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 103e8ad73e30 Credits Le Ngoc Anh Required...

7.1CVSS5.7AI score0.00088EPSS

Exploits0References2Affected Software1

Circl•added 2022/07/20 8:12 p.m.•1 views

CVE-2022-33320

creationtimestamp| type| source ---|---|--- 2022-07-20 20:12:21+00:00| seen| https://t.me/cibsecurity/46695...

7.8CVSS7.5AI score0.00145EPSS

Exploits0References1

NVD•added 2022/07/20 5:15 p.m.•14 views

CVE-2022-33320

7.8CVSS0.00145EPSS

Exploits0References3

CVE•added 2022/07/20 4:56 p.m.•53 views

CVE-2022-33320

ICONICS GENESIS64 family and related MC Works64 products are affected by a Deserialization of Untrusted Data vulnerability (CVE-2022-33320). The issue exists when a user loads a project configuration file containing malicious XML, enabling an unauthenticated attacker to execute arbitrary code via...

7.8CVSS7.6AI score0.00145EPSS

Exploits0References3Affected Software1

vulnersOsv•added 2022/05/24 7:9 p.m.•2 views

com.liferay:com.liferay.asset.publisher.web (>=1.0.0 <=1.8.11), com.liferay:com.liferay.blogs.web (>=1.0.0 <=2.0.4) +3 more potentially affected by CVE-2021-33320 via com.liferay:com.liferay.flags.taglib (=2.0.0)

com.liferay:com.liferay.flags.taglib MAVEN version =2.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on com.liferay:com.liferay.flags.taglib and may be impacted: - com.liferay:com.liferay.asset.publisher.web =1.0.0, =1.0.0, =2.0.0, =1.0.0, =1.3.0...

4.3CVSS5.8AI score0.00392EPSS

Exploits0

CVE•added 2021/08/03 6:9 p.m.•69 views

CVE-2021-33320

The CVE concerns the Flags module in Liferay Portal (7.3.1 and earlier) and Liferay DXP (7.0 before fix pack 96, 7.1 before fix pack 20, 7.2 before fix pack 5) where there is no rate limit on flag submissions, allowing remote authenticated users to spam site administrators via emails. Concrete de...

4.3CVSS4.3AI score0.00392EPSS

Exploits0References2Affected Software2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by