CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

610 matches found

IBM Security Bulletins•added 6 days ago•36 views

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Aspera Enterprise Server, IBM Aspera Connect Server, IBM Aspera Point to Point Client, IBM A

Question Security Bulletin: Vulnerabilities in OpenSSL affect IBM Aspera Enterprise Server, IBM Aspera Connect Server, IBM Aspera Point to Point Client, IBM Aspera Desktop Client and IBM Aspera Connect Browser Plugin CVE-2016-2106, CVE-2016-2109, CVE-2016-2176 "Business...

8.2CVSS7.2AI score0.2921EPSS

Exploits1Affected Software1

Fedora•added 2026/05/30 1:8 a.m.•12 views

[SECURITY] Fedora 43 Update: djvulibre-3.5.30-1.fc43

DjVu is a web-centric format and software platform for distributing documents and images. DjVu can advantageously replace PDF, PS, TIFF, JPEG, and GIF for distributing scanned documents, digital documents, or high-resolution picture s. DjVu content downloads faster, displays and renders faster,...

8.4CVSS7AI score0.00741EPSS

Exploits0

Fedora•added 2026/05/30 12:55 a.m.•10 views

[SECURITY] Fedora 44 Update: djvulibre-3.5.30-1.fc44

8.4CVSS7AI score0.00741EPSS

Exploits0

OSV•added 2026/05/12 6:17 p.m.•6 views

UBUNTU-CVE-2026-42177

linux-entra-sso is a browser plugin for Linux to SSO on Microsoft Entra ID. Prior to 1.8.1, platform/chrome/js/platform-chrome.js:69-88 registers a single declarativeNetRequest rule whose urlFilter is Platform.SSOURL + "/", i.e. "https://login.microsoftonline.com/". Chrome's urlFilter without a |...

5.3CVSS5.8AI score0.00234EPSS

Exploits0References3

Fedora•added 2026/04/16 11:42 p.m.•5 views

[SECURITY] Fedora 44 Update: plasma-browser-integration-6.6.4-1.fc44

plasma-browser-integration coupled with a browser plugin provides integration of the browser in the desktop. For more information, see https://community.kde.org/Plasma/BrowserIntegration...

5.8AI score

Exploits0

ATTACKERKB•added 2026/04/02 2:1 p.m.•3 views

CVE-2026-26927

Szafir SDK Web is a browser plug-in that can run SzafirHost application which download the necessary files when launched. In Szafir SDK Web it is possible to change the URL HTTP Origin of the application call location. An unauthenticated attacker can craft a website that is able to launch...

5.1CVSS6.2AI score0.00266EPSS

Exploits0References3

RedhatCVE•added 2026/01/09 11:11 a.m.•9 views

CVE-2016-10897

The sermon-browser plugin before 0.45.16 for WordPress has multiple XSS issues...

6.1CVSS6.2AI score0.00913EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:56 a.m.•7 views

CVE-2023-40194

An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit Reader 12.1.3.15356 due to mistreatment of whitespace characters. A specially crafted malicious file can create files at arbitrary locations, which can lead to arbitrary code execution. An attacker nee...

8.8CVSS7.6AI score0.02001EPSS

Exploits1References1

RedhatCVE•added 2025/10/10 4:20 p.m.•2 views

CVE-2025-9868

Server-Side Request Forgery SSRF in the Remote Browser Plugin in Sonatype Nexus Repository 2.x up to and including 2.15.2 allows unauthenticated remote attackers to exfiltrate proxy repository credentials via crafted HTTP requests...

8.7CVSS7.2AI score0.00462EPSS

Exploits0References1

NVD•added 2025/10/08 6:15 p.m.•5 views

CVE-2025-9868

8.7CVSS0.00462EPSS

Exploits0References1

EUVD•added 2025/10/08 5:7 p.m.•4 views

EUVD-2025-33291

8.7CVSS6.7AI score0.00462EPSS

Exploits0References2

CVE•added 2025/10/08 5:7 p.m.•18 views

CVE-2025-9868

The vulnerability is a Server-Side Request Forgery (SSRF) in the Remote Browser Plugin of Sonatype Nexus Repository 2.x, up to and including 2.15.2. The issue allows unauthenticated remote attackers to exfiltrate proxy repository credentials by crafting HTTP requests. The root cause is SSRF in th...

8.7CVSS6.8AI score0.00462EPSS

Exploits0References1

Cvelist•added 2025/10/08 5:7 p.m.•12 views

CVE-2025-9868 Nexus Repository 2 - SSRF Vulnerability in Remote Browser Plugin

8.7CVSS0.00462EPSS

Exploits0References1

CNNVD•added 2025/10/08 12:0 a.m.•3 views

Sonatype Nexus Repository 安全漏洞

Sonatype Nexus Repository is a repository manager from Sonatype, Inc. that is used to manage, store, and distribute software, among other things. A security vulnerability exists in Sonatype Nexus Repository version 2.15.2 and earlier, which stems from a server-side request forgery in the Remote...

8.7CVSS6.6AI score0.00462EPSS

Exploits0References3

Positive Technologies•added 2025/10/08 12:0 a.m.•6 views

PT-2025-41292

Name of the Vulnerable Software and Affected Versions Sonatype Nexus Repository versions 2.0 through 2.15.2 Description A Server-Side Request Forgery SSRF exists in the Remote Browser Plugin. This allows unauthenticated remote attackers to extract proxy repository credentials via crafted HTTP...

8.7CVSS6.8AI score0.00462EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2010-3728

Malware in sbrugna...

9.3CVSS6.1AI score0.26086EPSS

Exploits1References7

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2018-15743

Malware in sbrugna...

8CVSS7.8AI score0.02895EPSS

Exploits0References3