CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

614 matches found

Vulnrichment•added 2025/11/08 3:27 a.m.•8 views

CVE-2025-12042 Course Booking System <= 6.1.5 - Missing Authorization to Unauthenticated Booking Data Export

The Course Booking System plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check in the csv-export.php file in all versions up to, and including, 6.1.5. This makes it possible for unauthenticated attackers to directly access the file and obtain an expo...

5.3CVSS5AI score0.00208EPSS

Exploits0References2

CNNVD•added 2025/10/28 12:0 a.m.•2 views

IBM DB2 High Performance Unload 安全漏洞

IBM DB2 High Performance Unload is a database data export program from International Business Machines IBM. A security vulnerability exists in IBM DB2 High Performance Unload that originates from an overwritten buffer allocated on the stack, which could cause the program to crash. The following...

6.5CVSS6.7AI score0.00255EPSS

Exploits0References2

OSV•added 2025/10/21 6:3 p.m.•4 views

GHSA-27C9-VP3W-6WW8 Shopware exposes sensitive user information via CSV export mapping

Impact Malicious actors can exploit this finding to export sensitive customer information from a Shopware application, including password hashes and password reset tokens. In SaaS deployments, this primarily affects customer accounts. In on-premise deployments, however, it also includes the hashe...

4.9CVSS6.5AI score

Exploits0References3

Cvelist•added 2025/10/18 3:33 a.m.•10 views

CVE-2025-11378 ShortPixel Image Optimizer <= 6.3.4 - Authenticated (Contributor+) Settings Import/Export

The ShortPixel Image Optimizer – Optimize Images, Convert WebP & AVIF plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'shortpixelajaxRequest' AJAX action in all versions up to, and including, 6.3.4. This makes it possible for...

5.4CVSS0.00284EPSS

Exploits0References4