CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

17 matches found

OSV•added 2026/06/12 1:27 p.m.•6 views

ROOT-APP-NPM-CVE-2026-47139 CVE-2026-47139 in @rootio/vm2 - Patched by Root

Root has patched CVE-2026-47139 in the @rootio/vm2 package for Root:npm. Multiple fixed versions available...

8.6CVSS5.4AI score0.00282EPSS

Exploits0

vulnersOsv•added 2026/05/29 6:8 p.m.•6 views

@aiconnect/codelets-runner (>=0.1.0 <=0.2.0), @cairncms/api (>=1.0.0-beta.1 <=1.0.0-beta.4) +21 more potentially affected by CVE-2026-47139 via vm2 (>=3.0.0 <=3.11.3)

vm2 NPM version =3.0.0, =0.1.0, =1.0.0-beta.1, =3.0.46, =0.1.0, =1.1.15, =1.27.8, =1.0.0-beta.1, =1.1.0, =0.2.0, =0.1.64, =0.1.61, =1.66.16, =1.66.16, =1.72.4 and more Source cves: CVE-2026-47139 Source advisory: SNYK:JS-VM2-17111337...

5.5AI score0.00282EPSS

Exploits0

vulnersOsv•added 2026/05/29 6:8 p.m.•5 views

org.webjars.npm:degenerator (=4.0.4), org.webjars.npm:pac-resolver (=6.0.2) +1 more potentially affected by CVE-2026-47139 via org.webjars.npm:vm2 (=3.9.19)

org.webjars.npm:vm2 MAVEN version =3.9.19 is affected by a known vulnerability. The following packages have a transitive dependency on org.webjars.npm:vm2 and may be impacted: - org.webjars.npm:degenerator =4.0.4 - org.webjars.npm:pac-resolver =6.0.2 - org.webjars.npm:rocket.chatapps-engine =1.35...

5.5AI score0.00282EPSS

Exploits0

EUVD•added 2025/11/10 5:21 p.m.•3 views

EUVD-2025-47139

Malicious code in indah-saguer28-sukiwir npm...

6.6AI score

Exploits0

RedhatCVE•added 2025/05/23 12:46 a.m.•6 views

CVE-2022-47139

Cross-Site Request Forgery CSRF vulnerability in Damir Calusic WP Basic Elements plugin = 5.2.15 versions...

8.8CVSS7.1AI score0.00253EPSS

Exploits0

Tenable Nessus•added 2025/03/05 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2021-47139

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: hns3: put off calling registernetdev until client initialize complete Currently, the netdevice is registered before client initializing complete. So there ...

5.5CVSS6.8AI score0.00225EPSS

Exploits0References2

Vulnrichment•added 2024/10/16 2:12 p.m.•18 views

CVE-2024-47139 F5 BIG-IQ Vulnerability

A stored cross-site scripting XSS vulnerability exists in an undisclosed page of the BIG-IQ Configuration utility that allows an attacker with the Administrator role to run JavaScript in the context of the currently logged-in user. Note: Software versions which have reached End of Technical...

6.8CVSS5.6AI score0.0055EPSS

Exploits0References1

Cvelist•added 2024/10/16 2:12 p.m.•19 views

CVE-2024-47139 F5 BIG-IQ Vulnerability

6.8CVSS0.0055EPSS

Exploits0References1

CVE•added 2024/10/16 2:12 p.m.•52 views

CVE-2024-47139

A stored XSS in BIG-IQ is present on an undisclosed page of the BIG-IQ Configuration utility that can be exploited by an Administrator to run JavaScript in the user’s context. Connected sources specify affected targets as BIG-IQ Centralized Management (BIG-IQ UI) and BIG-IP BIG-IQ components, wit...

6.8CVSS6.2AI score0.0055EPSS

Exploits0References1Affected Software1

F5 Networks•added 2024/10/16 1:27 p.m.•12 views

K000141080: BIG-IQ vulnerability CVE-2024-47139

Security Advisory Description A stored cross-site scripting XSS vulnerability exists in an undisclosed page of the BIG-IQ user interface that allows an attacker with the Administrator role to run JavaScript in the context of the currently logged-in user. CVE-2024-47139 Impact An authenticated...

6.8CVSS5.7AI score0.0055EPSS

Exploits0Affected Software1

SUSE CVE•added 2024/03/26 3:49 a.m.•2 views

SUSE CVE-2021-47139

In the Linux kernel, the following vulnerability has been resolved: net: hns3: put off calling registernetdev until client initialize complete Currently, the netdevice is registered before client initializing complete. So there is a timewindow between netdevice available and usable. In this case,...

4.7CVSS7.7AI score0.00225EPSS

Exploits0References6

OSV•added 2024/03/25 9:15 a.m.•2 views

DEBIAN-CVE-2021-47139

5.5CVSS5.6AI score0.00225EPSS

Exploits0References1

Vulnrichment•added 2024/03/25 9:7 a.m.•17 views

CVE-2021-47139 net: hns3: put off calling register_netdev() until client initialize complete

6.7AI score0.00225EPSS

Exploits0References3

OSV•added 2023/05/25 9:15 a.m.•3 views

CVE-2022-47139

Cross-Site Request Forgery CSRF vulnerability in Damir Calusic WP Basic Elements plugin = 5.2.15 versions...

8.8CVSS5.8AI score0.00253EPSS

Exploits0References1

Vulnrichment•added 2023/05/25 8:10 a.m.•5 views

CVE-2022-47139 WordPress WP Basic Elements Plugin <= 5.2.15 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Damir Calusic WP Basic Elements plugin = 5.2.15 versions...

5.4CVSS7AI score0.00253EPSS

Exploits0References1

CVE•added 2023/05/25 8:10 a.m.•48 views

CVE-2022-47139

CVE-2022-47139 is a Cross-Site Request Forgery (CSRF) vulnerability in WordPress plugin WP Basic Elements (

8.8CVSS7.1AI score0.00253EPSS

Exploits0References1Affected Software1

Cvelist•added 2023/05/25 8:10 a.m.•15 views

CVE-2022-47139 WordPress WP Basic Elements Plugin <= 5.2.15 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Damir Calusic WP Basic Elements plugin = 5.2.15 versions...

5.4CVSS9AI score0.00253EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by