CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

Positive Technologies•added 2026/05/27 12:0 a.m.•3 views

PT-2026-43990

IBM Guardium Data Protection 12.2.1, and 12.2.2 's add-on feature of Guardium Data Protection named "Long Term Retention" LTR can expose sensitive credentials in debug mode...

6.5CVSS5.8AI score0.00032EPSS

Exploits0References2

ATTACKERKB•added 2026/04/17 7:52 p.m.•0 views

CVE-2026-32650

Anviz CrossChex Standard is vulnerable when an attacker manipulates the TDS7 PreLogin to disable encryption, causing database credentials to be sent in plaintext and enabling unauthorized database access...

7.5CVSS5.7AI score0.00028EPSS

Exploits0References4

ATTACKERKB•added 2026/04/12 12:28 p.m.•3 views

CVE-2019-25697

CMSsite 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the catid parameter. Attackers can send GET requests to category.php with malicious catid values to extract sensitive database information includi...

8.8CVSS5.9AI score0.00304EPSS

Exploits1References3Affected Software1

CVE•added 2026/03/03 12:0 a.m.•7 views

CVE-2025-63912

CVE-2025-63912 affects Cohesity TranZman Migration Appliance Release 4.0 Build 14614. The issue is a weak cryptography algorithm used for data encryption (static XOR in some disclosures), allowing an attacker to reverse encryption and expose credentials. Impact is credential exposure as described...

7.5CVSS5.9AI score0.00006EPSS

Exploits2References2Affected Software1

NVD•added 2025/02/03 7:15 p.m.•4 views

CVE-2024-12510

If LDAP settings are accessed, authentication could be redirected to another server, potentially exposing credentials. This requires admin access and an active LDAP setup...

6.7CVSS0.00102EPSS

Exploits0References1

CNNVD•added 2024/12/10 12:0 a.m.•2 views

SAP NetWeaver Application Server 安全漏洞

SAP NetWeaver Application Server is an application server from SAP, Germany. A security vulnerability exists in SAP NetWeaver Application Server that originates from allowing an authenticated attacker to craft a Remote Function Call RFC request to a restricted destination, which could be used to...

8.5CVSS6.4AI score0.00249EPSS

Exploits0References2

OSV•added 2023/11/03 8:15 p.m.•1 views

DEBIAN-CVE-2022-3172

A security issue was discovered in kube-apiserver that allows an aggregated API server to redirect client traffic to any URL. This could lead to the client performing unexpected actions as well as forwarding the client's API server credentials to third parties...

8.2CVSS6.6AI score0.03414EPSS

Exploits1References1

Redos•added 2022/05/24 12:0 a.m.•57 views

ROS-20220524-03

The cURL command-line utility vulnerability is related to the -no-clobber toolkit, which is used in conjunction with --remove-on-error. Exploitation of the vulnerability could allow an attacker acting remotely, trick the victim into connecting to a malicious server and forcing the command-line to...

8.1CVSS7AI score0.01181EPSS

Exploits5

CNNVD•added 2022/05/17 12:0 a.m.•2 views

Jenkins SSH Plugin 访问控制错误漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.Jenkins SSH Plugin 2.6.1 and earlier...

6.5CVSS6.5AI score0.0007EPSS

Exploits0References3

CNVD•added 2021/06/17 12:0 a.m.•5 views

IBM Financial Transaction Manager Cross-Site Scripting Vulnerability

IBM Financial Transaction Manager for Check Services FTM CHK is a financial transaction manager from IBM, USA. The product is primarily used to monitor, track and report on financial payments and transactions. IBM Financial Transaction Manager suffers from a cross-site scripting vulnerability tha...

5.4CVSS6AI score0.00214EPSS

Exploits0References1