CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Creating a "2dspherebucket" index on a non-timeseries bucket collection will succeed, but any subsequent attempt to insert a document which triggers updating that index will crash the server. A similar issue occurs when creating "queryableencryptedrange" indices. This issue affects MongoDB Server...

7.1CVSS5.8AI score0.00235EPSS

Exploits0References1

Vulnrichment•added 2026/05/07 4:12 a.m.•5 views

CVE-2026-8063 Post-auth null pointer dereference when aggregating against a view with empty search pipeline

An authenticated user can crash mongod when running $rankFusion or $scoreFusion with an empty pipeline on a view. When resolving a view, the server inspects the aggregation pipeline to determine whether it begins with an Atlas Search stage. For $rankFusion and $scoreFusion, this inspection reads...

7.1CVSS5.8AI score0.0023EPSS

Exploits0References1

CNNVD•added 2026/05/07 12:0 a.m.•7 views

MongoDB Server 代码问题漏洞

MongoDB Server is an open-source NoSQL database developed by MongoDB, a US-based company. This database offers features such as collection-oriented storage, dynamic querying, data replication, and automatic failover. Versions of MongoDB Server prior to 8.2 and 8.2.7 contained code vulnerabilities...

7.1CVSS5.9AI score0.0023EPSS

Exploits0References1

CVE•added 2026/03/17 11:43 p.m.•4 views

CVE-2026-27811

CVE-2026-27811 affects the Roxy-WI web interface. Prior to version 8.2.6.3, a command injection exists in the /config/compare///show endpoint. The root cause is in app/modules/config/config.py on line 362, where user input is directly formatted into a template string that is eventually executed, ...

8.8CVSS6.1AI score0.02037EPSS

Exploits1References3Affected Software1

CNNVD•added 2026/01/30 12:0 a.m.•33 views

Orval code injection vulnerability

Orval is an open-source interface development tool developed by Orval. Versions of Orval from 7.19.0 to 7.21.0, as well as versions before 8.2.0, have a code injection vulnerability. This vulnerability stems from incomplete escape handling in the jsStringEscape function, which may lead to code...

9.8CVSS5.9AI score0.00603EPSS

Exploits1References6

CVE•added 2025/11/05 4:31 p.m.•7 views

CVE-2025-45379

Dell CloudLink is a data encryption and key management product. CVE-2025-45379 describes a command execution vulnerability where a privileged user with a known password can perform a command injection from the console to gain shell access. Affected versions are prior to 8.2. The issue is describe...

8.4CVSS7.3AI score0.00724EPSS

Exploits0References1Affected Software1

Cvelist•added 2025/11/05 4:27 p.m.•2 views

CVE-2025-30479

Dell CloudLink, versions prior to 8.2, contain a vulnerability where a privileged user with known password can run command injection to gain control of system...

8.4CVSS0.01127EPSS

Exploits0References1

Vulnrichment•added 2025/11/05 4:27 p.m.•1 views

CVE-2025-30479

Dell CloudLink, versions prior to 8.2, contain a vulnerability where a privileged user with known password can run command injection to gain control of system...

8.4CVSS7.3AI score0.01127EPSS

Exploits0References1

Positive Technologies•added 2025/11/05 12:0 a.m.•3 views

PT-2025-45136

Name of the Vulnerable Software and Affected Versions Dell CloudLink versions prior to 8.2 Description Dell CloudLink versions prior to 8.2 have an issue where a user with necessary privileges and knowledge of the password can execute commands through the console, potentially gaining shell access...

8.4CVSS7.1AI score0.00724EPSS

Exploits0References4

CNNVD•added 2025/04/30 12:0 a.m.•3 views

Markdown Syntaxes 跨站脚本漏洞

Markdown Syntaxes is an open source parser and renderer for Markdown syntax from XWiki Contrib. A cross-site scripting vulnerability exists in Markdown Syntaxes versions prior to 8.2 through 8.9, which stems from mishandling of Markdown syntax and could lead to a cross-site scripting attack...

9CVSS5.8AI score0.00377EPSS

Exploits1References4

OSV•added 2024/11/12 1:15 p.m.•2 views

CVE-2024-50572

A vulnerability has been identified in RUGGEDCOM RM1224 LTE4G EU 6GK6108-4AM00-2BA2 All versions V8.2, RUGGEDCOM RM1224 LTE4G NAM 6GK6108-4AM00-2DA2 All versions V8.2, SCALANCE M804PB 6GK5804-0AP00-2AA2 All versions V8.2, SCALANCE M812-1 ADSL-Router 6GK5812-1AA00-2AA2 All versions V8.2, SCALANCE...

8.6CVSS7.2AI score0.00648EPSS

Exploits0References2

SUSE CVE•added 2023/02/15 5:53 a.m.•3 views

SUSE CVE-2011-1574

Stack-based buffer overflow in the ReadS3M method in loads3m.cpp in libmodplug before 0.8.8.2 allows remote attackers to execute arbitrary code via a crafted S3M file...

6.8CVSS8.3AI score0.42941EPSS

Exploits8References4

SUSE CVE•added 2023/02/15 3:33 a.m.•1 views

SUSE CVE-2022-2129

Out-of-bounds Write in GitHub repository vim/vim prior to 8.2...

3.3CVSS9.6AI score0.01107EPSS

Exploits1References16

OSV•added 2022/06/28 8:15 p.m.•0 views

DEBIAN-CVE-2022-2231

NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2...

5.5CVSS6.6AI score0.01011EPSS

Exploits1References1

OSV•added 2022/06/27 12:15 p.m.•0 views

UBUNTU-CVE-2022-2207

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2...

7.8CVSS7.1AI score0.01151EPSS

Exploits1References9

ATTACKERKB•added 2022/06/23 7:15 p.m.•2 views

CVE-2022-2183

Out-of-bounds Read in GitHub repository vim/vim prior to 8.2...

7.8CVSS7.1AI score0.01196EPSS

Exploits1References9

CNNVD•added 2022/06/23 12:0 a.m.•0 views

Vim 安全漏洞

Vim is a cross-platform text editor. A security vulnerability exists in versions prior to Vim 8.2 that stems from a heap-based buffer overflow condition in vim...

7.8CVSS7.6AI score0.01215EPSS

Exploits1References11

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by