CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

139 matches found

NVD•added 2026/03/25 5:16 p.m.•2 views

CVE-2026-2745

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 7.11 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an unauthenticated user to bypass WebAuthn two-factor authentication and gain unauthorized access to user accounts due to inconsisten...

8.1CVSS0.00097EPSS

Exploits0References3

CNNVD•added 2025/12/05 12:0 a.m.•2 views

RARLAB RAR App 路径遍历漏洞

RARLAB RAR App is a compression, decompression and file management software from RARLAB, Inc. A path traversal vulnerability exists in Rarlab RAR App 7.11 Build 127 and earlier versions, which stems from a path traversal issue in the component com.rarlab.rar, and could lead to a remote attack...

8.1CVSS5.3AI score0.00276EPSS

Exploits1References5

OpenVAS•added 2025/11/17 12:0 a.m.•1 views

RARLabs WinRAR XSS Vulnerability (Nov 2025) - Windows

WinRAR is prone to a cross-site scripting vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:rarlab:winrar";...

6.1CVSS6.8AI score0.00024EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2019-15803

Malware in sbrugna...

7.6CVSS7.4AI score0.00466EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-17245

Malware in sbrugna...

9.8CVSS9.2AI score0.04449EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2019-4195

Malware in sbrugna...

9.8CVSS9.4AI score0.00348EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2021-9305

Malicious code in bioql PyPI...

7.2CVSS7.1AI score0.00207EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2021-28867

Malicious code in bioql PyPI...

8.8CVSS8.5AI score0.00883EPSS

Exploits0References5

RedhatCVE•added 2025/05/22 8:44 a.m.•6 views

CVE-2019-6232

A race condition existed during the installation of iTunes for Windows. This was addressed with improved state handling. This issue is fixed in iCloud for Windows 7.11. Running the iTunes installer in an untrusted directory may result in arbitrary code execution...

7.6CVSS7AI score0.00466EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 8:21 a.m.•4 views

CVE-2019-14752

SuiteCRM 7.10.x and 7.11.x before 7.10.20 and 7.11.8 has XSS...

6.1CVSS7AI score0.00262EPSS

Exploits0References1

Kaspersky•added 2025/04/03 12:0 a.m.•13 views

KLA82387 ACE vulnerability in WinRAR

Arbitrary code execution vulnerability was found in WinRAR. Malicious users can exploit this vulnerability to execute arbitrary code, spoof user interface. Original advisories JVN59547048 WinRAR vulnerable to the symbolic link based “Mark of the Web” check bypass CVE-2025-31334 Related products...

6.8CVSS7.6AI score0.00089EPSS

Exploits0References4

SUSE CVE•added 2024/08/06 2:0 a.m.•3 views

SUSE CVE-2024-41817

ImageMagick is a free and open-source software suite, used for editing and manipulating digital images. The AppImage version ImageMagick might use an empty path when setting MAGICKCONFIGUREPATH and LDLIBRARYPATH environment variables while executing, which might lead to arbitrary code execution b...

7.8CVSS8.1AI score0.18593EPSS

Exploits2References3

Tenable Nessus•added 2024/08/02 12:0 a.m.•161 views

ImageMagick < 7.1.1-36 Arbitrary Code Execution

The remote Windows host has a version of ImageMagick installed that is prior to 7.1.1-36. It is, therefore, affected by an arbitrary code execution vulnerability. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number...

7.8CVSS7.4AI score0.18593EPSS

Exploits2References2

RedhatCVE•added 2024/07/31 8:19 a.m.•89 views

CVE-2024-41817

A flaw was found in ImageMagick. The 'AppImage' version of ImageMagick, when executed with an empty path in the MAGICKCONFIGUREPATH and LDLIBRARYPATH environment variables, can load malicious configuration files or shared libraries in the current directory, resulting in arbitrary code execution...

7.3CVSS7AI score0.18593EPSS

Exploits2References4