CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

73 matches found

Tenable Nessus•added 2026/06/11 12:0 a.m.•10 views

Oracle Linux 7 : firefox (ELSA-2026-8427)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2026-8427 advisory. - Update to 140.9.0 ESR Orabug: 39361657CVE-2026-4684CVE-2026-4685 CVE-2026-4686CVE-2026-4687CVE-2026-4688CVE-2026-4689CVE-2026-4690...

10CVSS6AI score0.00687EPSS

Exploits2References38

OSV•added 2026/04/11 3:17 p.m.•0 views

MINI-8Q67-4697-WV9X

Bulletin has no description...

6.4CVSS5.7AI score0.00292EPSS

Exploits0

Wolfi•added 2026/03/27 7:48 p.m.•9 views

CVE-2026-4697 vulnerabilities

Vulnerabilities for packages: firefox...

7.5CVSS7.2AI score0.00505EPSS

Exploits0

Chainguard•added 2026/03/27 7:17 p.m.•4 views

CVE-2026-4697 vulnerabilities

Vulnerabilities for packages: firefox...

7.5CVSS5.8AI score0.00505EPSS

Exploits0

OPENSUSE Linux•added 2026/03/25 12:0 a.m.•9 views

firefox-esr-140.9.0-1.1 on GA media (moderate)

firefox-esr-140.9.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10413-1 Rating: moderate Cross-References: CVE-2025-59375 CVE-2026-4684 CVE-2026-4685 CVE-2026-4686 CVE-2026-4687 CVE-2026-4688 CVE-2026-4689 CVE-2026-4690 CVE-2026-4691 CVE-2026-4692 CVE-2026-4693 CVE-2026-4694 CVE-2026-4695...

8.8CVSS6.5AI score0.01279EPSS

Exploits1

Tenable Nessus•added 2026/03/25 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2026-4697

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect boundary conditions in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and...

7.5CVSS7.8AI score0.00505EPSS

Exploits0References2

RedhatCVE•added 2026/01/09 8:57 a.m.•6 views

CVE-2023-4697

Improper Privilege Management in GitHub repository usememos/memos prior to 0.13.2...

8.8CVSS6.7AI score0.00701EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 7:36 a.m.•13 views

CVE-2024-4697

The Cowidgets – Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘headingtag’ parameter in all versions up to, and including, 1.1.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS6.1AI score0.00349EPSS

Exploits0References1

Circl•added 2025/05/15 1:33 p.m.•24 views

CVE-2025-4697

creationtimestamp| type| source ---|---|--- 2025-05-15 13:33:30+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/16486 2025-05-15 15:03:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lp7rvhdgis2t...

9.8CVSS7.3AI score0.00424EPSS

Exploits1References2

Vulnrichment•added 2025/05/15 1:0 p.m.•9 views

CVE-2025-4697 PHPGurukul Directory Management System edit-directory.php sql injection

A vulnerability was found in PHPGurukul Directory Management System 2.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/edit-directory.php. The manipulation of the argument editid leads to sql injection. The attack may be launched remotely...

7.5CVSS7.3AI score0.00424EPSS

Exploits1References5

Cvelist•added 2025/05/15 1:0 p.m.•14 views

CVE-2025-4697 PHPGurukul Directory Management System edit-directory.php sql injection

7.5CVSS0.00424EPSS

Exploits1References5

CVE•added 2025/05/15 1:0 p.m.•38 views

CVE-2025-4697

CVE-2025-4697 affects PHPGurukul Directory Management System 2.0. The vulnerability is in the file /admin/edit-directory.php where the argument editid is unsafely used, enabling SQL injection. This could allow an attacker to remotely exploit and potentially exfiltrate data or alter the database, ...

9.8CVSS7.4AI score0.00424EPSS

Exploits1References5Affected Software1

OpenVAS•added 2025/02/05 12:0 a.m.•6 views

WordPress ProfilePress Plugin < 4.5.1 Multiple Vulnerabilities

The WordPress plugin SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:properfraction:profilepress"; if description...

5.5CVSS6.9AI score0.00679EPSS

Exploits0References2

OSV•added 2024/11/27 11:21 a.m.•13 views

CGA-94V8-4697-7F9F

Bulletin has no description...

5.8CVSS7.3AI score0.02286EPSS

Exploits1

OSV•added 2024/11/07 9:6 a.m.•5 views

CGA-JRX7-C5JW-4697

Bulletin has no description...

3.1CVSS4.6AI score0.00521EPSS

Exploits0

CVE•added 2024/06/04 5:32 a.m.•43 views

CVE-2024-4697

CVE-2024-4697 is a WordPress plugin issue in Cowidgets – Elementor Addons. The vulnerability is a Stored Cross‑Site Scripting via the heading_tag parameter in all versions up to 1.1.1, caused by insufficient input sanitization and output escaping. It enables authenticated attackers with contribut...

6.4CVSS6AI score0.00349EPSS

Exploits0References4Affected Software1