CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

347 matches found

CVE•added 2026/05/19 12:0 a.m.•7 views

CVE-2026-36828

CVE-2026-36828 describes a command-injection in Panabit PAP-XM320 up to v7.7. The vulnerable CGI is /cgi-bin/tools/ajax_cmd; when authenticated users supply action=runcmd, they can execute arbitrary shell commands with root privileges. Impact aligns with high-severity, full control over the host ...

8.8CVSS6AI score0.00138EPSS

Exploits0References2

Cvelist•added 2026/04/20 3:51 p.m.•25 views

CVE-2026-26944

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.6, LTS2025 release version 8.3.1.0 through 8.3.1.20, LTS2024 release versions 7.13.1.0 through 7.13.1.60 contain a missing authentication for critical function vulnerability. An unauthenticated attacker with remote access could potentially...

8.8CVSS0.00196EPSS

Exploits0References1

NVD•added 2026/04/13 4:16 p.m.•1 views

CVE-2026-30811

Missing Authorization vulnerability allows Exposure of Sensitive Information via configuration endpoint. This issue affects Pandora FMS: from 777 through 800...

8.4CVSS0.00038EPSS

Exploits0References1

GithubExploit•added 2026/03/25 8:0 p.m.•155 views

Exploit for Race Condition in Openbsd Openssh

CVE-2018-15473 — SSH Username Enumeration Tool A Python 3 r...

5.9CVSS6.8AI score0.90356EPSS

Exploits23

RedhatCVE•added 2026/01/09 11:57 a.m.•4 views

CVE-2018-4312

A use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7...

8.8CVSS6.2AI score0.20038EPSS

Exploits2References1

RedhatCVE•added 2026/01/09 11:54 a.m.•6 views

CVE-2018-4319

A cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue affected versions prior to iOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7...

8.1CVSS6.1AI score0.00315EPSS

Exploits0References1

CVE•added 2025/12/18 7:22 a.m.•4 views

CVE-2025-64260

CVE-2025-64260 concerns the WordPress plugin ANAC XML Bandi di Gara (AVCP) ≤7.7, with a reflected XSS vulnerability in web page generation. Affected software is the ANAC XML Bandi di Gara plugin for WordPress (versions up to 7.7). The issue arises from improper input neutralization during page re...

7.1CVSS6AI score0.00029EPSS

Exploits0References1

Positive Technologies•added 2025/11/13 12:0 a.m.•2 views

PT-2025-46788

Name of the Vulnerable Software and Affected Versions GitLab versions 3.1 through 7.7 Description Multiple vulnerabilities exist in GitLab CE and EE, including Cross-Site Scripting XSS, Information Disclosure, and Prompt Injection. These issues could potentially lead to a compromise of systems. A...

7.7CVSS6.1AI score0.00042EPSS

Exploits0References19