CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

26 matches found

Wolfi•added 2026/05/20 7:55 a.m.•13 views

CVE-2026-8520 vulnerabilities

Vulnerabilities for packages: chromium...

8.3CVSS5.8AI score0.00166EPSS

Exploits0

RedhatCVE•added 2026/05/15 7:22 a.m.•10 views

CVE-2026-8520

A race flaw was found in the Payments component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=503619813...

8.3CVSS5.7AI score0.00166EPSS

Exploits0References5

NVD•added 2026/05/14 8:17 p.m.•8 views

CVE-2026-8520

Race in Payments in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS0.00166EPSS

Exploits0References2

ATTACKERKB•added 2026/05/14 7:52 p.m.•5 views

CVE-2026-8520

Race in Payments in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS5.8AI score0.00166EPSS

Exploits0References3Affected Software1

Circl•added 2026/05/14 6:0 p.m.•8 views

CVE-2026-8520

creationtimestamp| type| source ---|---|--- 2026-05-14 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260515...

8.3CVSS5.7AI score0.00166EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•7 views

EUVD-2019-8520

Malware in sbrugna...

6.1CVSS6.3AI score0.00812EPSS

Exploits1References2

RedhatCVE•added 2025/05/23 7:19 a.m.•12 views

CVE-2024-8520

The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.8.6. This is due to missing or incorrect nonce validation on the admininit or...

5.3CVSS6.3AI score0.00314EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 7:29 a.m.•7 views

CVE-2019-8520

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Mojave 10.14.4. A malicious application may be able to read restricted memory...

5.5CVSS5.7AI score0.00314EPSS

Exploits0References1

Circl•added 2024/10/04 7:40 a.m.•6 views

CVE-2024-8520

creationtimestamp| type| source ---|---|--- 2024-10-04 07:40:27+00:00| seen| https://t.me/cvedetector/6958...

5.3CVSS4.8AI score0.00314EPSS

Exploits0References1

NVD•added 2024/10/04 5:15 a.m.•14 views

CVE-2024-8520

5.3CVSS0.00314EPSS

Exploits0References10

Vulnrichment•added 2024/10/04 2:32 a.m.•10 views

CVE-2024-8520 Ultimate Member <= 2.8.6 - Cross-Site Request Forgery to Membership Status Change

5.3CVSS6.4AI score0.00314EPSS

Exploits0References10

CVE•added 2024/10/04 2:32 a.m.•54 views

CVE-2024-8520

CVE-2024-8520 concerns the WordPress plugin Ultimate Member (versions ≤ 2.8.6). The vulnerability is a Cross-Site Request Forgery (CSRF) due to missing or incorrect nonce validation on admin_init or user_action_hook, enabling unauthenticated attackers to change a user’s membership status by trick...

5.3CVSS4.8AI score0.00314EPSS

Exploits0References10Affected Software1

Patchstack•added 2024/10/04 12:0 a.m.•15 views

WordPress Ultimate Member Plugin <= 2.8.6 is vulnerable to Cross Site Request Forgery (CSRF)

Software Ultimate Member Type Plugin Vulnerable versions = 2.8.6 Fixed in 2.8.7 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-8520 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 7e0506c6b50a Credits Jack Taylor Required...

5.3CVSS6.7AI score0.00314EPSS

Exploits0References3Affected Software1

Check Point Advisories•added 2020/07/16 12:0 a.m.•14 views

Phpzag SQL Injection (CVE-2020-8519; CVE-2020-8520; CVE-2020-8521)

An SQL injection vulnerability exists in Phpzag. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...

7.5CVSS5.1AI score0.01407EPSS

Exploits3

NVD•added 2020/07/07 8:15 p.m.•16 views

CVE-2020-8520

SQL injection in order and column parameters in Records.php for phpzag live add edit delete data tables records with ajax php mysql...

9.8CVSS0.01407EPSS

Exploits1References3

CVE•added 2020/07/07 7:20 p.m.•51 views

CVE-2020-8520

CVE-2020-8520 describes an SQL injection in the Records.php file used by Phpzag Live DataTables (and related SpryMedia DataTables implementations) where the vulnerable code handles the order and column parameters. The underlying flaw permits crafting statements via these parameters, enabling mani...

9.8CVSS9.9AI score0.01407EPSS

Exploits1References3Affected Software1

CVE•added 2019/12/18 5:33 p.m.•72 views

CVE-2019-8520

CVE-2019-8520 is an out-of-bounds read vulnerability in macOS that was addressed by improved bounds checking. The issue could allow a malicious application to read restricted memory and is fixed in macOS Mojave 10.14.4 (Security Update). The available sources consistently describe the fix as part...

5.5CVSS5.7AI score0.00314EPSS

Exploits0References1Affected Software1

Tenable Nessus•added 2019/05/08 12:0 a.m.•14 views

Rockwell Automation 8520-MDDN

Binary data 753794.prm...

7.3AI score

Exploits0

Tenable Nessus•added 2019/05/08 12:0 a.m.•10 views

Rockwell Automation 8520-MTBD

Binary data 753793.prm...

7.3AI score

Exploits0

CVE•added 2018/02/15 10:0 p.m.•46 views

CVE-2016-8520

CVE-2016-8520 affects HPE Helion Eucalyptus (v4.3.0 and earlier). The root cause is improper IAM permission checks when accessing versioned S3 objects and ACLs, enabling in some cases authenticated users with S3 permissions to access versioned data. The NVD entry documents a network-vector, low c...

8.8CVSS8.6AI score0.01383EPSS

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by