CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

RedhatCVE•added 2026/04/08 7:34 p.m.•1 views

CVE-2026-35581

Emissary is a P2P based data-driven workflow engine. Prior to 8.39.0, the Executrix utility class constructed shell commands by concatenating configuration-derived values — including the PLACENAME parameter — with insufficient sanitization. Only spaces were replaced with underscores, allowing she...

7.2CVSS5.9AI score0.00129EPSS

Exploits1References1

Circl•added 2026/04/07 7:33 p.m.•2 views

CVE-2026-35581

creationtimestamp| type| source ---|---|--- 2026-04-07 19:33:54+00:00| seen| Telegram/2sVgvXJxKnqdd0t3ix7z2PFFoP4qMIqNMJ7HHwXtd94aJL4 2026-04-17 14:07:07+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mjp3vgyzwy2v...

7.2CVSS4.8AI score0.00129EPSS

Exploits1References1

OSV•added 2025/08/14 6:52 p.m.•1 views

MAL-2025-35581 Malicious code in test-mlw2-jives-yonks (npm)

The package test-mlw2-jives-yonks was found to contain malicious code...

7.2AI score

Exploits0

RedhatCVE•added 2025/05/22 6:38 p.m.•7 views

CVE-2021-35581

Vulnerability in the Oracle Applications Manager product of Oracle E-Business Suite component: View Reports. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

4.7CVSS5.7AI score0.00712EPSS

Exploits0References1

OSV•added 2024/05/28 8:16 p.m.•0 views

CVE-2024-35581

A cross-site scripting XSS vulnerability in Sourcecodester Laboratory Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Borrower Name input field...

6.1CVSS5.9AI score0.00483EPSS

Exploits1References3

Vulnrichment•added 2024/05/28 7:47 p.m.•11 views

CVE-2024-35581

5.8AI score0.00483EPSS

Exploits1References3

CVE•added 2024/05/28 7:47 p.m.•22 views

CVE-2024-35581

CVE-2024-35581 corresponds to a stored cross-site scripting (XSS) vulnerability in Sourcecodester Laboratory Management System v1.0, where a crafted payload in the Borrower Name input field can run arbitrary web scripts/HTML. Connected sources (e.g., PT-2024-26558) confirm the affected software/v...

6.1CVSS5.8AI score0.00483EPSS

Exploits1References3Affected Software1

CVE•added 2021/10/20 10:50 a.m.•58 views

CVE-2021-35581

CVE-2021-35581 affects Oracle Applications Manager (View Reports) in Oracle E-Business Suite. Affects 12.1.3 and 12.2.3–12.2.10; vulnerability allows unauthenticated network access via HTTP to compromise Oracle Applications Manager. Attacks require user interaction and may impact other products; ...

4.7CVSS4.3AI score0.00712EPSS

Exploits0References1Affected Software1

Circl•added 2021/01/15 12:50 p.m.•1 views

CVE-2020-35581

creationtimestamp| type| source ---|---|--- 2021-01-15 12:50:37+00:00| seen| https://t.me/cibsecurity/22194...

5.4CVSS5.5AI score0.00471EPSS

Exploits2References1

CVE•added 2021/01/15 6:23 a.m.•74 views

CVE-2020-35581

CVE-2020-35581 details (Envira Gallery Lite) : A stored XSS vulnerability in Envira Gallery Lite versions before 1.8.3.3 allows remote attackers to inject arbitrary JavaScript/HTML via a POST to /wp-admin/admin-ajax.php with the meta[title] parameter. Impact is user-side script execution. Remedia...

5.4CVSS5.2AI score0.00471EPSS

Exploits2References4Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by