CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

38 matches found

vulnersOsv•added 2025/11/25 12:16 a.m.•1 views

@voiceflow/alexa-types (>=2.0.0 <=2.16.3), @voiceflow/api-sdk (>=3.0.0 <=3.29.3) +11 more potentially affected by unknown CVE via @voiceflow/common (>=8.10.0 <=8.9.0)

@voiceflow/common NPM version =8.10.0, =2.0.0, =3.0.0, =2.50.1, =2.0.0, =3.0.0, =2.0.0, =2.0.0, =1.0.3, =1.3.3, =1.0.0, =2.0.0, =3.2.20, =1.0.3, =1.7.13 Source cves: unknown CVE Source advisory: OSV:MAL-2025-191340...

5.8AI score

Exploits0

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-1999-1090

Malware in sbrugna...

5CVSS6.4AI score0.07749EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-35730

Malicious code in bioql PyPI...

9CVSS7.5AI score0.00395EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-0995

Malicious code in bioql PyPI...

6.5CVSS5.9AI score0.00341EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-0716

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.02171EPSS

Exploits0References4

RedhatCVE•added 2025/05/23 5:28 a.m.•0 views

CVE-2023-25692

Improper Input Validation vulnerability in the Apache Airflow Google Provider. This issue affects Apache Airflow Google Provider versions before 8.10.0...

7.5CVSS6.9AI score0.02171EPSS

Exploits0References1

IBM Security Bulletins•added 2025/02/25 8:34 p.m.•29 views

Security Bulletin: There is a vulnerability in IBM Maximo Manage application that could allow an unauthenticated path-traversal leading to an arbitrary file disclosure (CVE-2024-22328)

Summary There is a vulnerability in IBM Maximo Manage application that could allow an unauthenticated path-traversal leading to an arbitrary file disclosure. Vulnerability Details CVEID:CVE-2024-22328 DESCRIPTION: IBM Maximo Application Suite 8.10 and 8.11 could allow a remote attacker to travers...

7.5CVSS7.6AI score0.00045EPSS

Exploits0Affected Software1

Tenable Nessus•added 2024/09/13 12:0 a.m.•39 views

Curl 7.41.0 < 8.10.0 Security Bypass (CVE-2024-8096)

The version of Curl installed on the remote host is between 7.41.0 prior to 8.10.0. It is, therefore, affected by a security bypass vulnerability. When curl is told to use the Certificate Status Request TLS extension, often referred to as OCSP stapling, to verify that the server certificate is...

6.5CVSS7.2AI score0.00559EPSS

Exploits1References2

IBM Security Bulletins•added 2024/07/12 8:39 a.m.•29 views

Security Bulletin: IBM Maximo Application Suite- Manage component uses Insecure version of netty codec used in mas-data-dictionary-lib which is vulnerable to CVE-2024-29025

Summary IBM Maximo Application Suite- Manage component uses Insecure version of netty codec used in mas-data-dictionary-lib which is vulnerable to CVE-2024-29025. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2024-29025 DESCRIPTION...

5.3CVSS5.7AI score0.00343EPSS

Exploits1Affected Software1

CNNVD•added 2024/06/06 12:0 a.m.•3 views

Elasticsearch Security Vulnerabilities

Elasticsearch is a search engine based on the Lucene library. A security vulnerability exists in Elasticsearch version 8.10.0 prior to version 8.14.0, which stems from an insufficient remote cluster search cross-cluster API key restriction...

6.5CVSS6.8AI score0.00206EPSS

Exploits0References4

IBM Security Bulletins•added 2024/05/07 8:44 p.m.•21 views

Security Bulletin: There is a vulnerability in AntiSamy 1.7.4 used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2024-23635)

Summary There is a vulnerability in AntiSamy 1.7.4 used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2024-23635 DESCRIPTION: AntiSamy is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker...

6.1CVSS6.4AI score0.00211EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/04/09 7:59 p.m.•39 views

Security Bulletin: Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2023-22036, CVE-2023-22006, CVE-2023-22041, CVE-2023-22049 and CVE-2023-22045)

Summary Multiple vulnerabilities may affect IBM® SDK, Java™ Technology Edition used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2023-22036 DESCRIPTION: An unspecified vulnerability in Java SE related to the Utility component could allow a remo...

5.1CVSS5.5AI score0.00143EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/04/05 3:27 p.m.•32 views

Security Bulletin: IBM Maximo Manage application in IBM Maximo Application Suite may be affected by XML External Entity (XXE) attack (CVE-2024-27266)

Summary IBM Maximo Manage application in IBM Maximo Application Suite may be affected by XML External Entity XXE attack. Vulnerability Details CVEID:CVE-2024-27266 DESCRIPTION: IBM Maximo Application Suite is vulnerable to an XML External Entity Injection XXE attack when processing XML data. A...

8.2CVSS8.2AI score0.00026EPSS

Exploits0Affected Software1

Github Security Blog•added 2024/03/27 6:32 p.m.•29 views

Elasticsearch Incorrect Authorization vulnerability

Incorrect Authorization issue exists in the API key based security model for Remote Cluster Security, which is currently in Beta, in Elasticsearch 8.10.0 and before 8.13.0. This allows a malicious user with a valid API key for a remote cluster configured to use the new Remote Cluster Security to...

6.5CVSS7.1AI score0.00341EPSS

Exploits0References3Affected Software1

OSV•added 2024/03/27 6:32 p.m.•25 views

GHSA-R3HX-QFH5-R9M7 Elasticsearch Incorrect Authorization vulnerability

4.4CVSS5.7AI score0.00341EPSS

Exploits0References3

NVD•added 2024/03/27 6:15 p.m.•4 views

CVE-2024-23451

6.5CVSS5.2AI score0.00341EPSS

Exploits0References1

CVE•added 2024/03/27 6:3 p.m.•330 views

CVE-2024-23451

Summary: CVE-2024-23451 affects Elasticsearch 8.10.0 and earlier, with versions before 8.13.0 vulnerable to an incorrect API key–based authorization in Remote Cluster Security. A remote attacker with a valid API key (and using the custom transport protocol) can read arbitrary documents from a rem...

6.5CVSS4.7AI score0.00341EPSS

Exploits0References1Affected Software1

IBM Security Bulletins•added 2024/02/29 1:40 p.m.•41 views

Security Bulletin: There is a vulnerability in Asset Data Dictionary used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2023-34462 and CVE-2023-44487)

Summary There is a vulnerability in Asset Data Dictionary used by IBM Maximo Manage application in IBM Maximo Application Suite Vulnerability Details CVEID:CVE-2023-34462 DESCRIPTION: Netty is vulnerable to a denial of service, caused by a flaw with allocating up to 16MB of heap for each channel...

7.5CVSS7.9AI score0.944EPSS

Exploits20Affected Software1

IBM Security Bulletins•added 2024/01/17 8:11 p.m.•26 views

Security Bulletin: There is a vulnerability in batik-all-1.15.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2022-44730 and CVE-2022-44729)

Summary There is a vulnerability in batik-all-1.15.jar used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2022-44730 DESCRIPTION: Apache Batik is vulnerable to server-side request forgery, caused by improper input validation. By persuading a...

7.1CVSS5.4AI score0.00516EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 2024/01/17 8:8 p.m.•27 views

Security Bulletin: There is a vulnerability in CSRF Token used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2023-47718)

Summary There is a vulnerability in CSRF Token used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2023-47718 DESCRIPTION: IBM Maximo Application Suite is vulnerable to cross-site request forgery which could allow an attacker to execute malicious...

8.8CVSS6.4AI score0.00042EPSS

Exploits0Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by