CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

93 matches found

OSV•added 2026/05/06 2:44 p.m.•1 views

BIT-JAVA-2024-21131

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0....

3.7CVSS6.8AI score0.00953EPSS

Exploits0References4

AstraLinux•added 2026/05/03 11:59 p.m.•5 views

Astra Linux – Vulnerability in openjdk-11

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, and Oracle GraalVM Enterprise Edition products of Oracle Java SE component: Security. The supported versions affected by this vulnerability are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9,...

4.7CVSS6.1AI score0.00411EPSS

Exploits0References2

EUVD•added 2026/04/07 6:52 p.m.•2 views

EUVD-2026-19861

Frappe is a full-stack web application framework. Prior to 16.14.0 and 15.104.0, Frappe allows unrestricted Doctype access via API exploit...

6.9CVSS5.9AI score0.00258EPSS

Exploits0References1

Cvelist•added 2026/04/07 6:52 p.m.•14 views

CVE-2026-39351 Frappe allows unrestricted Doctype access via API exploit

Frappe is a full-stack web application framework. Prior to 16.14.0 and 15.104.0, Frappe allows unrestricted Doctype access via API exploit...

6.9CVSS0.00258EPSS

Exploits0References1

CVE•added 2026/04/07 6:52 p.m.•36 views

CVE-2026-39351

Summary (CVE-2026-39351) : The Red Hat, NVD, CIRCL, and related feeds describe a vulnerability in the Frappe framework where an API-based attack grants unrestricted access to Doctypes. Affected versions are listed as prior to 16.14.0 and 15.104.0 . The impact is described as the ability to access...

9.1CVSS5.9AI score0.00258EPSS

Exploits0References1Affected Software1

RedhatCVE•added 2026/01/09 11:22 a.m.•7 views

CVE-2021-22202

An issue has been discovered in GitLab CE/EE affecting all previous versions. If the victim is an admin, it was possible to issue a CSRF in System hooks through the API...

4.3CVSS6.5AI score0.00479EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:13 a.m.•13 views

CVE-2016-10843

cPanel before 11.54.0.4 allows code execution in the context of shared users via JSON-API SEC-76...

8.1CVSS7.5AI score0.01444EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:9 a.m.•15 views

CVE-2019-11185

The WP Live Chat Support Pro plugin through 8.0.26 for WordPress contains an arbitrary file upload vulnerability. This results from an incomplete patch for CVE-2018-12426. Arbitrary file upload is achieved by using a non-blacklisted executable file extension in conjunction with a whitelisted file...

9.8CVSS7.2AI score0.05062EPSS

Exploits2References1

RedhatCVE•added 2026/01/07 9:9 a.m.•9 views

CVE-2024-2771

The Contact Form Plugin by Fluent Forms for Quiz, Survey, and Drag & Drop WP Form Builder plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the /wp-json/fluentform/v1/managers REST API endpoint in all versions up to, and including, 5.1.16. This makes ...

9.8CVSS6.9AI score0.02333EPSS

Exploits1References1

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2017-3697

Malware in sbrugna...

8.1CVSS4.8AI score0.01514EPSS

Exploits2References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-18708

Malware in sbrugna...

6.5CVSS5.2AI score0.01434EPSS

Exploits0References2