CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-8652

Malicious code in bioql PyPI...

9.8CVSS6.5AI score0.01406EPSS

Exploits1References4

RedhatCVE•added 2025/03/30 12:59 a.m.•18 views

CVE-2025-22953

A SQL injection vulnerability exists in Epicor HCM 2021 1.9, with patches available: 5.16.0.1033/HCM2022, 5.17.0.1146/HCM2023, and 5.18.0.573/HCM2024. The injection is specifically in the filter parameter of the JsonFetcher.svc endpoint. An attacker can exploit this vulnerability by injecting...

9.8CVSS9.9AI score0.01406EPSS

Exploits1References1

NVD•added 2025/03/28 9:15 p.m.•13 views

CVE-2025-22953

9.8CVSS0.01406EPSS

Exploits1References3

OSV•added 2025/03/28 9:15 p.m.•6 views

CVE-2025-22953

9.8CVSS6.3AI score0.01406EPSS

Exploits1References3

Vulnrichment•added 2025/03/28 12:0 a.m.•8 views

CVE-2025-22953

9.9AI score0.01406EPSS

Exploits1References3

Cvelist•added 2025/03/28 12:0 a.m.•23 views

CVE-2025-22953

0.01406EPSS

Exploits1References3

Positive Technologies•added 2025/03/28 12:0 a.m.•4 views

PT-2025-13576 · Epicor · Epicor Hcm

Name of the Vulnerable Software and Affected Versions: Epicor HCM version 2021 1.9 Description: A SQL injection vulnerability exists in the Epicor HCM, specifically in the filter parameter of the "JsonFetcher.svc" endpoint. An attacker can exploit this vulnerability by injecting malicious SQL...

9.8CVSS8.7AI score0.01406EPSS

Exploits1References9

CVE•added 2025/03/28 12:0 a.m.•82 views

CVE-2025-22953

Epicor HCM 2021 version 1.9 is vulnerable to unauthenticated SQL injection in the filter parameter of the JsonFetcher.svc endpoint. The underlying cause is improper handling of the filter parameter, allowing arbitrary SQL commands to be executed on the backend database; if xp_cmdshell or similar ...

9.8CVSS9.9AI score0.01406EPSS

Exploits1References3Affected Software1