CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7 matches found

Malwarebytes•added 2026/03/02 8:59 a.m.•7 views

Purchase order attachment isn’t a PDF. It’s phishing for your password

An attachment named New PO 500PCS.pdf.hTM, posing as a purchase order in PDF form, turned out to be something entirely different: a credential-harvesting web page that quietly sent passwords and IP/location data straight to a Telegram bot controlled by an attacker. Imagine you’re in accounts...

6AI score

Exploits0

Prion•added 2009/12/23 6:30 p.m.•21 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in SQL-Ledger 2.8.24 allow remote authenticated users to inject arbitrary web script or HTML via 1 the DCN Description field in the Accounts Receivables menu item for Add Transaction, 2 the Description field in the Accounts Payable menu item for A...

3.5CVSS5.6AI score0.00861EPSS

Exploits2References4Affected Software1

UbuntuCve•added 2009/12/23 6:30 p.m.•20 views

CVE-2009-3581

3.5CVSS5.9AI score0.00861EPSS

Exploits2References1

OSV•added 2009/12/23 6:30 p.m.•3 views

UBUNTU-CVE-2009-3581

3.5CVSS5.8AI score0.00861EPSS

Exploits2References2

Cvelist•added 2009/12/23 6:0 p.m.•38 views

CVE-2009-3581

5.3AI score0.00861EPSS

Exploits2References4

Debian CVE•added 2009/12/23 6:0 p.m.•28 views

CVE-2009-3581

3.5CVSS2.2AI score0.00861EPSS

Exploits2

OSV•added 2008/09/15 3:14 p.m.•1 views

DEBIAN-CVE-2008-4078

SQL injection vulnerability in the AR/AP transaction report in 1 LedgerSMB LSMB before 1.2.15 and 2 SQL-Ledger 2.8.17 and earlier allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors...

6.5CVSS8.5AI score0.01624EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by