CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16 matches found

EUVD•added 2025/11/03 9:3 p.m.•3 views

EUVD-2025-37518

The KMIP response parser built into mongo binaries is overly tolerant of certain malformed packets, and may parse them into invalid objects. Later reads of this object can result in read access violations...

5.9CVSS6.3AI score0.00065EPSS

Exploits0References2

OSV•added 2025/08/14 6:52 p.m.•1 views

MAL-2025-37518 Malicious code in ugather (npm)

The package ugather was found to contain malicious code...

7.2AI score

Exploits0

RedhatCVE•added 2025/05/23 7:42 a.m.•2 views

CVE-2024-37518

Cross-Site Request Forgery CSRF vulnerability in StellarWP The Events Calendar the-events-calendar allows Cross Site Request Forgery.This issue affects The Events Calendar: from n/a through = 6.5.1.4...

4.3CVSS5.9AI score0.00169EPSS

Exploits0References1

Circl•added 2025/03/26 6:25 p.m.•0 views

CVE-2021-37518

creationtimestamp| type| source ---|---|--- 2025-03-26 18:25:21+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8915...

6.1CVSS6.1AI score0.00212EPSS

Exploits1References1

Circl•added 2025/01/02 12:19 p.m.•4 views

CVE-2024-37518

creationtimestamp| type| source ---|---|--- 2025-01-02 12:19:38+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3ler2qkge732i 2025-01-02 18:08:27+00:00| seen| https://infosec.exchange/users/cve/statuses/113760095804141325...

4.3CVSS6.9AI score0.00169EPSS

Exploits0References2

NVD•added 2025/01/02 12:15 p.m.•2 views

CVE-2024-37518

4.3CVSS0.00169EPSS

Exploits0References1

Cvelist•added 2025/01/02 12:1 p.m.•11 views

CVE-2024-37518 WordPress The Events Calendar plugin <= 6.5.1.4 - Cross Site Request Forgery (CSRF) vulnerability

4.3CVSS0.00169EPSS

Exploits0References1

Vulnrichment•added 2025/01/02 12:1 p.m.•6 views

CVE-2024-37518 WordPress The Events Calendar plugin <= 6.5.1.4 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in The Events Calendar The Events Calendar allows Cross Site Request Forgery.This issue affects The Events Calendar: from n/a through 6.5.1.4...

4.3CVSS7.2AI score0.00169EPSS

Exploits0References1

CVE•added 2025/01/02 12:1 p.m.•36 views

CVE-2024-37518

CVE-2024-37518 is a CSRF vulnerability in The Events Calendar plugin for WordPress, affecting The Events Calendar versions up to 6.5.1.4. The issue is mitigated by upgrading to version 6.5.1.4 or later (the patched release). The connected sources confirm the vulnerability class as Cross-Site Requ...

4.3CVSS5.9AI score0.00169EPSS

Exploits0References1

Patchstack•added 2024/07/05 12:0 a.m.•9 views

WordPress The Events Calendar Plugin <= 6.5.1.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software The Events Calendar Type Plugin Vulnerable versions = 6.5.1.4 Fixed in 6.5.1.5 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-37518 Patch priority Low CVSS severity Low 4.3 Developer Liquid Web / StellarWP PSID b351df137690 Credits Rafi...

6.4AI score0.00169EPSS

Exploits0References2Affected Software1

Circl•added 2024/01/30 5:21 p.m.•1 views

CVE-2023-37518

creationtimestamp| type| source ---|---|--- 2024-01-30 17:21:53+00:00| seen| https://t.me/ctinow/176098 2024-02-22 08:37:20+00:00| seen| https://t.me/ctinow/190530...

8.8CVSS8.1AI score0.00117EPSS

Exploits0References2

OSV•added 2024/01/30 4:15 p.m.•0 views

CVE-2023-37518

HCL BigFix ServiceNow is vulnerable to arbitrary code injection. A malicious authorized attacker could inject arbitrary code and execute within the context of the running user...

8.8CVSS6AI score

Exploits0References1

CVE•added 2024/01/30 3:30 p.m.•54 views

CVE-2023-37518

CVE-2023-37518 affects HCL BigFix ServiceNow Data Flow. The vulnerability allows an authorized attacker to inject and execute arbitrary code within the running user’s context due to an arbitrary code injection in the ServiceNow Data Flow pathway. CVSS metrics in the primary entry indicate network...

8.8CVSS8.8AI score0.00117EPSS

Exploits0References1Affected Software1

OSV•added 2023/02/03 6:15 p.m.•12 views

CVE-2021-37518

Universal Cross Site Scripting UXSS vulnerability in Vimium Extension 1.66 and earlier allows remote attackers to run arbitrary code via omnibar feature...

6.1CVSS6.4AI score

Exploits0References2

CVE•added 2023/02/03 12:0 a.m.•57 views

CVE-2021-37518

CVE-2021-37518 (Vimium Extension) : A Universal Cross Site Scripting (UXSS) flaw affects Vimium Extension versions 1.66 and earlier, permitting a remote attacker to run arbitrary code via the omnibar feature. The CVSSv3.1 base score is 6.1 (Medium) with Network attack vector, Low integrity/low co...

6.1CVSS6.3AI score0.00212EPSS

Exploits1References2Affected Software1

Vulnrichment•added 2023/02/03 12:0 a.m.•4 views

CVE-2021-37518

Universal Cross Site Scripting UXSS vulnerability in Vimium Extension 1.66 and earlier allows remote attackers to run arbitrary code via omnibar feature...

7.3AI score0.00212EPSS

Exploits1References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by