CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

EUVD•added 2025/11/10 4:40 a.m.•1 views

EUVD-2025-43794

Malicious code in jaja-moci15-sukiwir npm...

6.6AI score

Exploits0

Circl•added 2025/09/15 2:14 p.m.•3 views

CVE-2025-43794

creationtimestamp| type| source ---|---|--- 2025-09-15 14:14:51+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lyuykbaz5b2g...

4.8CVSS5.8AI score0.00219EPSS

Exploits0References1

Circl•added 2024/08/23 7:38 p.m.•1 views

CVE-2024-43794

creationtimestamp| type| source ---|---|--- 2024-08-23 19:38:37+00:00| seen| https://t.me/cvedetector/4017...

6.1CVSS4.8AI score0.00243EPSS

Exploits0References1

Vulnrichment•added 2024/08/23 4:15 p.m.•12 views

CVE-2024-43794 OpenSearch Dashboards Security Plugin improper validation of nextUrl can lead to external redirect

OpenSearch Dashboards Security Plugin adds a configuration management UI for the OpenSearch Security features to OpenSearch Dashboards. Improper validation of the nextUrl parameter can lead to external redirect on login to OpenSearch-Dashboards for specially crafted parameters. A patch is availab...

6.1CVSS6.3AI score0.00243EPSS

Exploits0References2

Cvelist•added 2024/08/23 4:15 p.m.•22 views

CVE-2024-43794 OpenSearch Dashboards Security Plugin improper validation of nextUrl can lead to external redirect

6.1CVSS0.00243EPSS

Exploits0References2

CVE•added 2024/08/23 4:15 p.m.•57 views

CVE-2024-43794

CVE-2024-43794 affects the OpenSearch Dashboards Security Plugin, which adds a configuration management UI for OpenSearch Security features. The issue is improper validation of the nextUrl parameter, allowing external redirects on login for specially crafted inputs. A patch is available and recom...

6.1CVSS6.3AI score0.00243EPSS

Exploits0References2

OpenVAS•added 2021/12/02 12:0 a.m.•21 views

Discourse 2.8.x < 2.8.0.beta9 Multiple Vulnerabilities

Discourse is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:discourse:discourse"; ifdescripti...

5.3CVSS4.7AI score0.01016EPSS

Exploits0References3

Circl•added 2021/12/01 10:35 p.m.•3 views

CVE-2021-43794

creationtimestamp| type| source ---|---|--- 2021-12-01 22:35:41+00:00| seen| https://t.me/cibsecurity/33227...

5.3CVSS5.5AI score0.01016EPSS

Exploits0References1

Cvelist•added 2021/12/01 7:40 p.m.•17 views

CVE-2021-43794 Anonymous user cache poisoning via development-mode header in Discourse

Discourse is an open source discussion platform. In affected versions an attacker can poison the cache for anonymous i.e. not logged in users, such that the users are shown a JSON blob instead of the HTML page. This can lead to a partial denial-of-service. This issue is patched in the latest...

5.3CVSS5.1AI score0.01016EPSS

Exploits0References2

CVE•added 2021/12/01 7:40 p.m.•61 views

CVE-2021-43794

CVE-2021-43794 affects Discourse. An attacker can poison the cache for anonymous users, causing a JSON blob to be shown instead of HTML and enabling a partial DoS. Some sources attribute this to cache-poisoning via the development-mode header. The vulnerability is mitigated in the latest stable, ...

5.3CVSS4.8AI score0.01016EPSS

Exploits0References2Affected Software1

CVE•added 1976/01/01 12:0 a.m.•49 views

CVE-2022-43794

CVE-2022-43794 entry is rejected/not used and does not represent an active vulnerability entry.

6.9AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by