CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

67 matches found

Github Security Blog•added 2026/02/06 10:34 p.m.•7 views

Keylime Missing Authentication for Critical Function and Improper Authentication

Impact The Keylime registrar does not enforce mutual TLS mTLS client certificate authentication since version 7.12.0. The registrar's TLS context is configured with ssl.CERTOPTIONAL instead of ssl.CERTREQUIRED, allowing any client to connect to protected API endpoints without presenting a valid...

9.8CVSS5.5AI score0.00026EPSS

Exploits0References5Affected Software1

The Hacker News•added 2025/08/11 5:54 a.m.•19 views

WinRAR Zero-Day Under Active Exploitation – Update to Latest Version Immediately

The maintainers of the WinRAR file archiving utility have released an update to address an actively exploited zero-day vulnerability. Tracked as CVE-2025-8088 CVSS score: 8.8, the issue has been described as a case of path traversal affecting the Windows version of the tool that could be exploite...

9.8CVSS8.3AI score0.93878EPSS

Exploits98

CNNVD•added 2025/08/04 12:0 a.m.•2 views

Dell PowerProtect Data Domain 安全漏洞

Dell PowerProtect Data Domain Dell PowerProtect DD is a suite of hardware appliances for data protection, backup, storage, and deduplication from Dell USA. A security vulnerability exists in Dell PowerProtect Data Domain that stems from an authentication bypass that could lead to a protection...

9.8CVSS6.6AI score0.00887EPSS

Exploits0References1

Tenable Nessus•added 2024/01/19 12:0 a.m.•7 views

Atlassian Confluence 7.13.x < 7.19.17 Remote Code Execution

According to its self-reported version number, the Atlassian Confluence application running on the remote host is 7.13.x prior to 7.19.17, 8.x prior to 8.5.5 or 8.6.x prior to 8.7.2. It is, therefore, affected by a remote code execution vulnerability. Note that the scanner has not tested for thes...

8.8CVSS8.2AI score0.00519EPSS

Exploits0References2

Positive Technologies•added 2022/10/25 12:0 a.m.•2 views

PT-2022-5346 · Atlassian +6 · Confluence +8

Name of the Vulnerable Software and Affected Versions: Apache XML Graphics versions prior to 1.16 Confluence Data Center and Server versions 7.13.0 through 7.19.0, specifically versions prior to 7.19.16 Description: A vulnerability in the Apache Batik library for working with SVG images is relate...

8.2CVSS6.9AI score0.47784EPSS

Exploits1References95

Atlassian•added 2021/09/10 4:35 a.m.•92 views

XStream upgrade to 1.4.18

h3. Problem XStream is vulnerable to security exploits such as highlighted in the image attached. i The list of CVEs can be found in https://x-stream.github.io/security.html This ticket tracks its upgrade to 1.4.18. h3. Environment Confluence v7.13 h3. Workaround Set...

0.1AI score

Exploits0

0day.today•added 2021/07/30 12:0 a.m.•125 views

ObjectPlanet Opinio 7.13 Expression Language Injection Vulnerability

Exploit Authors: Timothy Tan , Daniel Tan, Yu EnHui, Khor Yong Heng CVE: CVE-2020-26565 Exploit Title: ObjectPlanet Opinio version 7.13 allows expression language injection Vendor Homepage: https://www.objectplanet.com/opinio/ Software Link: https://www.objectplanet.com/opinio/ Exploit Authors:...

7.5CVSS0.1AI score0.00399EPSS

Exploits3

RedhatCVE•added 2020/09/07 8:19 p.m.•25 views

CVE-2019-8687

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may lead to...

8.8CVSS2.8AI score0.00811EPSS

Exploits0References4

RedhatCVE•added 2020/09/07 8:19 p.m.•24 views

CVE-2019-8690

A logic issue existed in the handling of document loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously...

6.1CVSS2.9AI score0.0807EPSS

Exploits2References4

RedhatCVE•added 2020/09/07 7:49 p.m.•27 views

CVE-2019-8681

8.8CVSS2.8AI score0.00811EPSS

Exploits0References4

RedhatCVE•added 2020/09/07 7:48 p.m.•15 views

CVE-2019-8683

Multiple memory corruption issues were addressed with improved memory handling. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, watchOS 5.3, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing maliciously crafted web content may...

8.8CVSS2.6AI score0.0082EPSS

Exploits0References4

RedhatCVE•added 2020/09/07 6:48 p.m.•28 views

CVE-2019-8649

A logic issue existed in the handling of synchronous page loads. This issue was addressed with improved state management. This issue is fixed in iOS 12.4, macOS Mojave 10.14.6, tvOS 12.4, Safari 12.1.2, iTunes for Windows 12.9.6, iCloud for Windows 7.13, iCloud for Windows 10.6. Processing...

6.1CVSS2.6AI score0.08534EPSS

Exploits1References4

Tenable Nessus•added 2020/03/27 12:0 a.m.•22 views

Atlassian Jira 7.13.x < 8.6.0 JMX monitoring flag CSRF Vulnerability (JRASERVER-70570)

According to its self-reported version number, the instance of Atlassian Jira hosted on the remote web server is version 7.13.x prior to 8.6.0. It is, therefore, affected by a flaw in the JMX monitoring component. An unauthenticated, remote attacker can exploit this by tricking a user into visiti...

4.3CVSS5.3AI score0.0018EPSS

Exploits0References3