CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

27 matches found

Vulnrichment•added 2022/12/08 5:37 p.m.•5 views

CVE-2022-46827

In JetBrains IntelliJ IDEA before 2022.3 an XXE attack leading to SSRF via requests to custom plugin repositories was possible...

3.9CVSS7.1AI score0.00002EPSS

Exploits0References1

Cvelist•added 2022/12/08 5:37 p.m.•16 views

CVE-2022-46827

In JetBrains IntelliJ IDEA before 2022.3 an XXE attack leading to SSRF via requests to custom plugin repositories was possible...

3.9CVSS5.8AI score0.00002EPSS

Exploits0References1

ATTACKERKB•added 2022/07/12 2:18 p.m.•2 views

CVE-2022-31475

Authenticated custom plugin role Arbitrary File Read via Export function vulnerability in GiveWP's GiveWP plugin = 2.20.2 at WordPress...

5.5CVSS5.2AI score0.00596EPSS

Exploits0References3Affected Software1

OSV•added 2021/11/22 9:15 a.m.•23 views

CVE-2021-43557

The uri-block plugin in Apache APISIX before 2.10.2 uses $requesturi without verification. The $requesturi is the full original request URI without normalization. This makes it possible to construct a URI to bypass the block list on some occasions. For instance, when the block list contains...

7.5CVSS6.6AI score

Exploits0References4

NVD•added 2021/11/22 9:15 a.m.•12 views

CVE-2021-43557

7.5CVSS0.55262EPSS

Exploits1References4

Prion•added 2021/11/22 9:15 a.m.•20 views

Authentication flaw

5CVSS7.4AI score0.55262EPSS

Exploits1References4Affected Software1

Patchstack•added 2021/06/08 12:0 a.m.•30 views

WordPress Custom css-js-php plugin <= 2.0.7 - Cross-Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability discovered by NinTechNet WordPress Custom css-js-php plugin versions = 2.0.7. Solution This plugin has been closed as of February 11, 2021 and is not available for download. Reason: Security Issue...

3.8AI score

Exploits0References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by