CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

31 matches found

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-1585

Malware in sbrugna...

7.6CVSS6.1AI score0.01368EPSS

Exploits0References14

CNNVD•added 2025/08/09 12:0 a.m.•2 views

Craft CMS 代码注入漏洞

Craft CMS is an open source content management system CMS from Craft CMS. A code injection vulnerability exists in Craft CMS versions 4.13.8 through 4.16.2 and 5.5.8 through 5.8.3, which stems from a security key compromise that could allow remote code execution...

8.8CVSS8AI score0.00219EPSS

Exploits0References4

Positive Technologies•added 2025/08/08 12:0 a.m.•4 views

PT-2025-32419 · Craft · Craft

Name of the Vulnerable Software and Affected Versions: Craft versions 4.13.8 through 4.16.2 Craft versions 5.5.8 through 5.8.3 Description: Craft is a platform for creating digital experiences. A vulnerability exists that allows bypassing security measures, potentially leading to remote code...

8.1CVSS10AI score0.1639EPSS

Exploits1References11

RedhatCVE•added 2025/05/22 8:21 a.m.•5 views

CVE-2019-14794

The Meta Box plugin before 4.16.2 for WordPress mishandles the uploading of files to custom folders...

7.5CVSS7AI score0.00455EPSS

Exploits0References1

RedHat Linux•added 2024/07/09 10:50 a.m.•23 views

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.16.2 bug fix and security update

Red Hat OpenShift Container Platform release 4.16.2 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.16. Red Hat Product Security has rated this update as having a...

6CVSS6.7AI score0.00045EPSS

Exploits0References53

OSV•added 2022/10/25 1:38 p.m.•4 views

SUSE-SU-2022:3727-1 Security update for xen

This update for xen fixes the following issues: Updated to version 4.16.2 bsc1027519: - CVE-2022-33746: Fixed DoS due to excessively long P2M pool freeing bsc1203806. - CVE-2022-33748: Fixed DoS due to race in locking bsc1203807. Bugfixes: - Fixed Xen DomU unable to emulate audio device bsc120199...

6.5CVSS6.8AI score0.00039EPSS

Exploits0References9

OpenVAS•added 2022/08/10 12:0 a.m.•19 views

CKEditor < 4.16.2 XSS Vulnerability - Windows

CKEditor is prone to a cross-site scripting XSS vulnerability. Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software...

7.3CVSS5.8AI score0.0074EPSS

Exploits0References1

OpenVAS•added 2022/08/10 12:0 a.m.•29 views

CKEditor 4.13.0 < 4.16.2 XSS Vulnerability - Linux

7.6CVSS5.8AI score0.01368EPSS

Exploits0References1

RedhatCVE•added 2022/05/20 11:58 p.m.•34 views

CVE-2021-37695

ckeditor is an open source WYSIWYG HTML editor with rich content support. A potential vulnerability has been discovered in CKEditor 4 Fake Objects package. The vulnerability allowed to inject malformed Fake Objects HTML, which could result in executing JavaScript code. It affects all users using...

7.3CVSS1.7AI score0.0074EPSS

Exploits0References1

Patchstack•added 2022/02/14 12:0 a.m.•23 views

WordPress File Upload plugin <= 4.16.2 - Contributor+ Stored Cross-Site Scripting (XSS) via Shortcode vulnerability

Contributor+ Stored Cross-Site Scripting XSS via Shortcode vulnerability discovered by apple502j in WordPress File Upload plugin versions = 4.16.2. Solution Update the WordPress File Upload plugin to the latest available version at least 4.16.3...

5.4CVSS2.9AI score0.00277EPSS

Exploits2References3Affected Software1

RubySec•added 2021/08/23 12:0 a.m.•3 views

Fake objects feature vulnerability allowing to execute JavaScript code using malformed HTML.

Affected packages The vulnerability has been discovered in Fake Objects plugin. All plugins with Fake Objects plugin dependency are affected: Fake Objects Link Flash Iframe Forms Page Break Impact A potential vulnerability has been discovered in CKEditor 4 Fake Objects package. The vulnerability...

7.3CVSS7AI score0.0074EPSS

Exploits0References1Affected Software1

RubySec•added 2021/08/23 12:0 a.m.•3 views

Clipboard feature vulnerability allowing to inject arbitrary HTML into the editor using paste functionality

Affected packages The vulnerability has been discovered in clipboard plugin. All plugins with clipboard plugin dependency are affected: clipboard pastetext pastetools widget uploadwidget autolink tableselection Impact A potential vulnerability has been discovered in CKEditor 4 Clipboard package...

5.4CVSS7AI score0.00236EPSS

Exploits0References1Affected Software1

OSV•added 2021/08/13 12:15 a.m.•27 views

CVE-2021-37695

5.4CVSS6.1AI score

Exploits0References8

OSV•added 2021/08/13 12:15 a.m.•1 views

DEBIAN-CVE-2021-37695

5.4CVSS6.2AI score0.0074EPSS

Exploits0References1

NVD•added 2021/08/13 12:15 a.m.•15 views

CVE-2021-37695

7.3CVSS0.0074EPSS

Exploits0References8

OSV•added 2021/08/13 12:15 a.m.•0 views

UBUNTU-CVE-2021-37695

7.3CVSS6.5AI score0.0074EPSS

Exploits0References6

UbuntuCve•added 2021/08/13 12:15 a.m.•35 views

CVE-2021-37695

7.3CVSS6.5AI score0.0074EPSS

Exploits0References5

Debian CVE•added 2021/08/12 11:10 p.m.•26 views

CVE-2021-37695

7.3CVSS6.1AI score0.0074EPSS

Exploits0

NVD•added 2021/08/12 5:15 p.m.•24 views

CVE-2021-32809

ckeditor is an open source WYSIWYG HTML editor with rich content support. A potential vulnerability has been discovered in CKEditor 4 Clipboard package. The vulnerability allowed to abuse paste functionality using malformed HTML, which could result in injecting arbitrary HTML into the editor. It...

5.4CVSS0.00236EPSS

Exploits0References6

OSV•added 2021/08/12 5:15 p.m.•30 views

CVE-2021-32809

5.4CVSS6.4AI score

Exploits0References6

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by