CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

OSV•added 2025/08/14 6:52 p.m.•2 views

MAL-2025-36827 Malicious code in thistle-peony-jqv821-project (npm)

The package thistle-peony-jqv821-project was found to contain malicious code...

7.2AI score

Exploits0

RedhatCVE•added 2025/05/23 5:3 a.m.•8 views

CVE-2023-36827

Fides is an open-source privacy engineering platform for managing the fulfillment of data privacy requests in a runtime environment, and the enforcement of privacy regulations in code. A path traversal directory traversal vulnerability affects fides versions lower than version 2.15.1, allowing...

7.5CVSS7.1AI score0.00177EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 5:9 p.m.•2 views

CVE-2020-36827

The XAO::Web module before 1.84 for Perl mishandles characters in JSON output during use of json-embed in Web::Action...

5.4CVSS6.9AI score0.0008EPSS

Exploits0

Circl•added 2025/03/28 7:29 p.m.•2 views

CVE-2024-36827

creationtimestamp| type| source ---|---|--- 2025-03-28 19:29:14+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/9443...

7.5CVSS7.3AI score0.00067EPSS

Exploits0References1

Cvelist•added 2024/06/07 12:0 a.m.•17 views

CVE-2024-36827

An XML External Entity XXE vulnerability in the ebookmeta.getmetadata function of ebookmeta before v1.2.8 allows attackers to access sensitive information or cause a Denial of Service DoS via crafted XML input...

0.00067EPSS

Exploits0References1

CVE•added 2024/06/07 12:0 a.m.•55 views

CVE-2024-36827

The vulnerability CVE-2024-36827 affects the ebookmeta Python library, specifically the ebookmeta.get_metadata function. It is an XML External Entity (XXE) vulnerability present in versions prior to v1.2.8, allowing attackers to access sensitive information or cause a Denial of Service (DoS) via ...

7.5CVSS6.1AI score0.00067EPSS

Exploits0References1Affected Software1

OSV•added 2024/03/24 1:15 a.m.•8 views

CVE-2020-36827

The XAO::Web module before 1.84 for Perl mishandles characters in JSON output during use of json-embed in Web::Action...

5.4CVSS7.1AI score

Exploits0References2

NVD•added 2024/03/24 1:15 a.m.•7 views

CVE-2020-36827

The XAO::Web module before 1.84 for Perl mishandles characters in JSON output during use of json-embed in Web::Action...

5.4CVSS6.5AI score0.0008EPSS

Exploits0References2

CVE•added 2024/03/24 12:0 a.m.•20 views

CVE-2020-36827

The CVE-2020-36827 entry affects XAO::Web (Perl) before version 1.84, where the json-embed path in Web::Action mishandles in JSON output. Impact per the documents is a security vulnerability, with CVSS v3.1 base score 5.4 (Medium) affecting network-exposed vectors, requiring low privileges and n...

5.4CVSS6.8AI score0.0008EPSS

Exploits0References2

NVD•added 2022/06/16 6:15 p.m.•8 views

CVE-2021-36827

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Saturday Drive's Ninja Forms Contact Form plugin = 3.6.9 at WordPress via "label"...

4.8CVSS0.00206EPSS

Exploits0References1

OSV•added 2022/06/16 6:15 p.m.•1 views

CVE-2021-36827

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Saturday Drive's Ninja Forms Contact Form plugin = 3.6.9 at WordPress via "label"...

4.8CVSS5.8AI score

Exploits0References1

CVE•added 2022/06/16 5:11 p.m.•59 views

CVE-2021-36827

CVE-2021-36827 affects the WordPress Ninja Forms Contact Form plugin (versions ≤ 3.6.9). The vulnerability is an authenticated stored XSS via the label field, exploitable by an admin+ user. Impact is documented as a stored XSS; exploitation status is not described in these sources. The recommende...

4.8CVSS4.8AI score0.00206EPSS

Exploits0References1Affected Software1

CVE•added 1976/01/01 12:0 a.m.•47 views

CVE-2022-36827

CVE-2022-36827 entry is rejected/not used per the Initial Description.

6.9AI score

Exploits0

Cvelist•added 1976/01/01 12:0 a.m.•9 views

CVE-2022-36827

...

Exploits0

Rows per page