CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

Positive Technologies•added 2025/09/04 12:0 a.m.•2 views

PT-2025-36044

Name of the Vulnerable Software and Affected Versions: ContentProtectionTogglePreferenceController.java affected versions not specified Description: A logic error in the updateState function within ContentProtectionTogglePreferenceController.java may allow a secondary user to disable the deceptiv...

7.8CVSS6.4AI score0.00012EPSS

Exploits0References4

CNNVD•added 2025/07/09 12:0 a.m.•2 views

Palo Alto Networks GlobalProtect app 安全漏洞

Palo Alto Networks GlobalProtect app is a network protection software from Palo Alto Networks. A security vulnerability exists in the Palo Alto Networks GlobalProtect app, which stems from an improperly assigned privilege that could result in a locally authenticated non-administrative user...

6.8CVSS6.6AI score0.00073EPSS

Exploits0References2

RedhatCVE•added 2025/05/23 3:19 a.m.•2 views

CVE-2023-23943

Nextcloud mail is an email app for the nextcloud home server platform. In affected versions the SMTP, IMAP and Sieve host fields allowed to scan for internal services and servers reachable from within the local network of the Nextcloud Server. It is recommended that the Nextcloud Maill app is...

5CVSS6.5AI score0.00779EPSS

Exploits1References1

Debian CVE•added 2024/02/26 3:35 p.m.•16 views

CVE-2024-23835

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine. Prior to version 7.0.3, excessive memory use during pgsql parsing could lead to OOM-related crashes. This vulnerability is patched in 7.0.3. As workaround, users can disable the...

7.5CVSS7.3AI score0.00256EPSS

Exploits0

Prion•added 2023/11/21 10:15 p.m.•13 views

Code injection

Nextcloud Server provides data storage for Nextcloud, an open source cloud platform. Starting in version 25.0.0 and prior to versions 25.0.13, 26.0.8, and 27.1.3 of Nextcloud Server and Nextcloud Enterprise Server, an attacker could insert links into circles name that would be opened when clickin...

4.9CVSS6.9AI score0.00386EPSS

Exploits1References3Affected Software1

Nextcloud•added 2023/11/21 5:24 a.m.•28 views

Self XSS when pasting HTML into Text app with Ctrl+Shift+V

None...

5.4CVSS5.4AI score0.00386EPSS

Exploits0References2Affected Software1

SUSE CVE•added 2023/10/18 1:2 a.m.•1 views

SUSE CVE-2023-45150

Nextcloud calendar is a calendar app for the Nextcloud server platform. Due to missing precondition checks the server was trying to validate strings of any length as email addresses even when megabytes of data were provided, eventually making the server busy and unresponsive. It is recommended th...

4.3CVSS6.8AI score0.00118EPSS

Exploits1References3

Nextcloud•added 2023/05/25 9:25 a.m.•579 views

Contacts - PHOTO svg only sanitized if mime type is all lower case

None...

4.3CVSS4.8AI score0.00343EPSS

Exploits0References2Affected Software1

SUSE CVE•added 2023/02/15 3:21 a.m.•0 views

SUSE CVE-2023-23943

5CVSS4.8AI score0.00779EPSS

Exploits1References3

Positive Technologies•added 2022/12/21 12:0 a.m.•1 views

PT-2022-6377 · Nextcloud · Nextcloud Mail

Name of the Vulnerable Software and Affected Versions: Nextcloud mail versions prior to 1.15.0 Nextcloud mail versions prior to 2.2.2 Description: The issue is related to insufficient validation of incoming requests in the Nextcloud mail client, allowing a remote attacker to scan internal service...

5CVSS4.5AI score0.00779EPSS

Exploits1References10

OSV•added 2022/10/17 12:15 p.m.•0 views

CVE-2022-3082

The miniOrange Discord Integration WordPress plugin before 2.1.6 does not have authorisation and CSRF in some of its AJAX actions, allowing any logged in users, such as subscriber to call them, and disable the app for example...

6.5CVSS5.8AI score

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by