CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

20 matches found

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-32023

Malicious code in bioql PyPI...

5.4CVSS6.6AI score0.00031EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-6960

Malicious code in bioql PyPI...

3.8CVSS4.8AI score0.00882EPSS

Exploits0References8

OSV•added 2024/09/14 4:15 a.m.•1 views

CVE-2024-8246

The Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions UGC plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 2.8.11. This is due to plugin not properly restricting what users have access to se...

8.8CVSS5.8AI score

Exploits0References2

Positive Technologies•added 2024/09/13 12:0 a.m.•2 views

PT-2024-38888 · WordPress · The Post Form – Registration Form – Profile Form For User Profiles – Frontend Content Forms For User Submissions

Name of the Vulnerable Software and Affected Versions: The Post Form – Registration Form – Profile Form for User Profiles – Frontend Content Forms for User Submissions UGC plugin for WordPress versions up to, and including, 2.8.11 Description: The vulnerability is due to the plugin not properly...

8.8CVSS6.5AI score0.00423EPSS

Exploits0References11

OSV•added 2024/04/25 6:30 p.m.•1 views

GHSA-25W4-HFQG-4R52 Quarkus: authorization flaw in quarkus resteasy reactive and classic

A flaw was found in Quarkus. When a Quarkus RestEasy Classic or Reactive JAX-RS endpoint has its methods declared in the abstract Java class or customized by Quarkus extensions using the annotation processor, the authorization of these methods will not be enforced if it is enabled by either...

6.9CVSS5.8AI score0.00129EPSS

Exploits0References10

RedHat Linux•added 2022/10/04 4:2 p.m.•3 views

keycloak: improper input validation permits script injection

A Stored Cross-site scripting XSS vulnerability was found in keycloak. This flaw allows a privileged attacker to execute malicious scripts in the admin console, abusing the default roles functionality...

3.8CVSS5.8AI score0.00882EPSS

Exploits0References5

RedHat Linux•added 2022/10/04 3:53 p.m.•2 views

keycloak: improper input validation permits script injection

3.8CVSS5.8AI score0.00882EPSS

Exploits0References5

RedHat Linux•added 2022/10/04 3:35 p.m.•3 views

keycloak: improper input validation permits script injection

3.8CVSS5.8AI score0.00882EPSS

Exploits0References5

OSV•added 2022/09/23 4:32 p.m.•210 views

GHSA-W9MF-83W3-FV49 Keycloak vulnerable to Stored Cross site Scripting (XSS) when loading default roles

A Stored XSS vulnerability was reported in the Keycloak Security mailing list, affecting all the versions of Keycloak, including the latest release 18.0.1. The vulnerability allows a privileged attacker to execute malicious scripts in the admin console, abusing of the default roles functionality...

5.4CVSS5.1AI score0.00882EPSS

Exploits0References5

Github Security Blog•added 2022/09/23 4:32 p.m.•453 views

Keycloak vulnerable to Stored Cross site Scripting (XSS) when loading default roles

3.8CVSS1.7AI score0.00882EPSS

Exploits0References5Affected Software1

OSV•added 2022/09/01 9:15 p.m.•1 views

CVE-2022-2256

A Stored Cross-site scripting XSS vulnerability was found in keycloak as shipped in Red Hat Single Sign-On 7. This flaw allows a privileged attacker to execute malicious scripts in the admin console, abusing the default roles functionality...

3.8CVSS5.8AI score

Exploits0References2

ATTACKERKB•added 2022/09/01 9:15 p.m.•1 views

CVE-2022-2256

3.8CVSS5.9AI score0.00882EPSS

Exploits0References3

NVD•added 2022/09/01 9:15 p.m.•16 views

CVE-2022-2256

3.8CVSS0.00882EPSS

Exploits0References2

Prion•added 2022/09/01 9:15 p.m.•25 views

Cross site scripting

4.7CVSS5.7AI score0.00882EPSS

Exploits0References2Affected Software1

Positive Technologies•added 2022/09/01 12:0 a.m.•1 views

PT-2022-15528 · Red Hat · Keycloak +1

Name of the Vulnerable Software and Affected Versions: Red Hat Single Sign-On 7 Keycloak versions prior to 18.0.1 Description: A Stored Cross-site scripting XSS vulnerability was found in Keycloak as shipped in Red Hat Single Sign-On 7. This flaw allows a privileged attacker to execute malicious...

5.4CVSS4.1AI score0.00882EPSS

Exploits0References9

ATTACKERKB•added 2022/07/25 4:15 p.m.•2 views

CVE-2022-35650

The vulnerability was found in Moodle, occurs due to input validation error when importing lesson questions. This insufficient path checks results in arbitrary file read risk. This vulnerability allows a remote attacker to perform directory traversal attacks. The capability to access this feature...

7.5CVSS6.5AI score0.00441EPSS

Exploits0References8

RedhatCVE•added 2022/06/29 8:5 p.m.•60 views

CVE-2022-2256

3.8CVSS3.3AI score0.00882EPSS

Exploits0References4

CNNVD•added 2022/01/10 12:0 a.m.•4 views

WordPress plugin PublishPress Capabilities 安全漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an open source application plugin for WordPress. The WordPress plugin PublishPress Capabilities suffers from a...

9.8CVSS8.3AI score0.81889EPSS

Exploits2References3

CNNVD•added 2021/11/17 12:0 a.m.•1 views

WordPress 跨站请求伪造漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. An Access Control Error vulnerability exists in the WordPress Simple JWT Login plugin in versions prior to...

8.8CVSS5.7AI score0.00109EPSS

Exploits2References2

Oracle linux•added 2007/11/19 12:0 a.m.•44 views

openssh security and bug fix update

4.3p2-24 - fixed audit log injection problem CVE-2007-3102 248059 4.3p2-23 - document where the nss certificate and token dbs are looked for 4.3p2-22 - experimental support for PKCS11 tokens through libnss3 183423 4.3p2-21 - fix an information leak in Kerberos password authentication CVE-2006-505...

5CVSS1.4AI score0.14969EPSS

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by