CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

610 matches found

Relevanssi (A Better Search) <= 4.22.0 - Query Log Export

The Relevanssi Search plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check in all versions up to, and including, 4.22.0. This makes it possible for unauthenticated attackers to export the query log data. id: CVE-2024-1380 info: name: Relevanssi A...

5.3CVSS6.6AI score0.84527EPSS

Exploits0References3

RedhatCVE•added 3 days ago•5 views

CVE-2026-0814

The Advanced Contact form 7 DB plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'vszcf7exporttoexcel' function in all versions up to, and including, 2.0.9. This makes it possible for authenticated attackers, with Subscriber-level access an...

4.3CVSS5.5AI score0.00032EPSS

Exploits0References1

RedhatCVE•added 3 days ago•5 views

CVE-2026-5395

The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 6.2.0 via the exportEntries function due to missing validation on a user controlled key. This mak...

8.2CVSS5.6AI score0.00039EPSS

Exploits0References1

RedhatCVE•added 3 days ago•4 views

CVE-2026-22315

Incorrect Privilege Assignment vulnerability in Mesalvo Meona Client Launcher Component, Mesalvo Meona Server Component enables the export of user data, including cleartext passwords, via the SQL editor. This issue affects Meona Client Launcher Component: through 19.06.2020 15:11:49; Meona Server...

7.2CVSS5.6AI score0.00047EPSS

Exploits0References1

Veeam•added 5 days ago•9 views

Email item data export from EWS failed

Challenge Exchange Online backup jobs in Veeam Backup for Microsoft 365 and Veeam Data Cloud for Microsoft 365 may fail to process mailboxes, returning one of the following errors: Processing mailbox failed with error: Email item data export from EWS failed item IDs: .... The operation has timed...

5.8AI score

Exploits0

Vulnrichment•added 2026/05/28 6:45 a.m.•5 views

CVE-2026-7621 SMTP2GO for WordPress <= 1.16.0 - Missing Authorization to Authenticated (Subscriber+) Log Read/Truncate

The SMTP2GO for WordPress – Email Made Easy plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 1.16.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers,...

4.3CVSS5.8AI score0.00046EPSS

Exploits0References11

NVD•added 2026/05/20 11:16 a.m.•6 views

CVE-2026-22315

7.2CVSS0.00047EPSS

Exploits0References1

Vulnrichment•added 2026/05/20 10:46 a.m.•6 views

CVE-2026-22315

7.2CVSS5.8AI score0.00047EPSS

Exploits0References1

EUVD•added 2026/05/20 10:46 a.m.•7 views

EUVD-2026-31092

7.2CVSS5.8AI score0.00047EPSS

Exploits0References1

CVE•added 2026/05/20 10:46 a.m.•9 views

CVE-2026-22315

CVE-2026-22315 : An Incorrect Privilege Assignment vulnerability affects the Mesalvo Meona ecosystem, specifically the Meona Client Launcher Component (through 19.06.2020 15:11:49) and the Meona Server Component (through 2025.04 5+323020). The issue enables export of user data, including cleartex...

7.2CVSS5.8AI score0.00047EPSS

Exploits0References1

NVD•added 2026/05/15 3:16 a.m.•6 views

CVE-2023-31309

Improper validation in Power Management Firmware PMFW may allow an attacker with privileges to pass malformed workload arguments when exporting table data from SMU to DRAM potentially resulting in a loss of confidentiality and/or availability...

6.8CVSS0.00017EPSS

Exploits0References1

Cvelist•added 2026/05/15 2:48 a.m.•32 views

CVE-2023-31309

6.8CVSS0.00017EPSS

Exploits0References1

EUVD•added 2026/05/15 2:48 a.m.•11 views

EUVD-2023-35620

6.8CVSS5.8AI score0.00017EPSS

Exploits0References1

CVE•added 2026/05/15 2:48 a.m.•16 views

CVE-2023-31309

CVE-2023-31309 describes an improper validation vulnerability in AMD's Power Management Firmware (PMFW). The issue allows a user with privileges to pass malformed workload arguments when exporting table data from the System Management Unit (SMU) to DRAM, potentially causing loss of confidentialit...

6.8CVSS5.8AI score0.00017EPSS

Exploits0References1

Positive Technologies•added 2026/05/15 12:0 a.m.•7 views

PT-2026-41239

6.8CVSS5.8AI score0.00017EPSS

Exploits0References2

NVD•added 2026/05/14 7:16 a.m.•9 views

CVE-2026-5395

8.2CVSS0.00039EPSS

Exploits0References2

ATTACKERKB•added 2026/05/14 6:44 a.m.•5 views

CVE-2026-5395

8.2CVSS5.9AI score0.00039EPSS

Exploits0References3

CNNVD•added 2026/05/01 12:0 a.m.•5 views

Splunk MCP Integration 路径遍历漏洞

Splunk MCP Integration is a natural language interactive Splunk data analytics integration tool from the individual developer AI-Ninja. Splunk MCP Integration has a path traversal vulnerability that originates in the createcsvexport function in the file...

6.9CVSS5.9AI score0.00062EPSS

Exploits0References1

Tenable Nessus•added 2026/04/13 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2026-2104

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2 before 18.8.9, 18.9 before 18.9.5, and 18.10 before 18.10.3 that could have...

4.3CVSS5.9AI score0.00017EPSS

Exploits0References2

CNNVD•added 2026/04/08 12:0 a.m.•2 views

GitLab 安全漏洞

GitLab is an end-to-end software development platform provided by the American company GitLab. It includes built-in features such as version control, issue tracking, code review, and CI/CD Continuous Integration and Delivery. Vulnerabilities exist in versions of GitLab CE/EE before 18.8.9, 18.9.5...

4.3CVSS5.9AI score0.00017EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by