CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

252 matches found

CNNVD•added 2026/01/26 12:0 a.m.•2 views

Dassault Systèmes SOLIDWORKS eDrawings security vulnerabilities

Dassault Systèmes SOLIDWORKS eDrawings is a collaboration tool developed by Dassault Systèmes, a French company, for viewing, sharing, and annotating 2D/3D design files. Dassault Systèmes SOLIDWORKS eDrawings has a security vulnerability that stems from a heap buffer overflow during the EPRT file...

7.8CVSS7.5AI score0.00015EPSS

Exploits0References2

CNNVD•added 2026/01/15 12:0 a.m.•3 views

Omnispace Agora Project security vulnerabilities

Omnispace Agora Project is a satellite IoT verification project developed by the American company Omnispace. Versions of Omnispace Agora Project prior to 25.10 contained security vulnerabilities. These vulnerabilities were caused by directory traversal vulnerabilities in the misc controller and...

7.5CVSS5.9AI score0.00217EPSS

Exploits0References3

RedhatCVE•added 2026/01/09 12:41 p.m.•6 views

CVE-2023-25341

A Directory Traversal vulnerability in ladle dev server 2.5.1 and earlier allows an attacker on the same network to read files accessible to the user via GET requests...

6.5CVSS6.8AI score0.00156EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:48 a.m.•9 views

CVE-2022-31793

dorequest in request.c in muhttpd before 1.1.7 allows remote attackers to read arbitrary files by constructing a URL with a single character before a desired path on the filesystem. This occurs because the code skips over the first character when serving files. Arris NVG443, NVG599, NVG589, and...

7.5CVSS7.2AI score0.93819EPSS

Exploits2References1

RedhatCVE•added 2026/01/09 10:0 a.m.•7 views

CVE-2020-7008

VISAM VBASE Editor version 11.5.0.2 and VBASE Web-Remote Module may allow input passed in the URL that is not properly verified before use, which may allow an attacker to read arbitrary files from local resources...

7.5CVSS6.7AI score0.00378EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:10 a.m.•5 views

CVE-2017-18704

Certain NETGEAR devices are affected by an attacker's ability to read arbitrary files. This affects D6220 before 1.0.0.32, D6400 before 1.0.0.60, D8500 before 1.0.3.29, R6250 before 1.0.4.16, R6300v2 before 1.0.4.18, R6400 before 1.01.32, R6400v2 before 1.0.2.44, R6700 before 1.0.1.36, R6900 befo...

6.5CVSS6.9AI score0.00181EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:49 a.m.•10 views

CVE-2021-22203

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.7.9 before 13.8.7, all versions starting from 13.9 before 13.9.5, and all versions starting from 13.10 before 13.10.1. A specially crafted Wiki page allowed attackers to read arbitrary files on the server...

9.8CVSS6.4AI score0.00241EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 8:37 a.m.•6 views

CVE-2019-11510

In Pulse Secure Pulse Connect Secure PCS 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an unauthenticated remote attacker can send a specially crafted URI to perform an arbitrary file reading vulnerability...

10CVSS7.4AI score0.94462EPSS

Exploits22References1

RedhatCVE•added 2026/01/07 9:43 a.m.•9 views

CVE-1999-0887

FTGate web interface server allows remote attackers to read files via a .. dot dot attack...

5CVSS6.9AI score0.03624EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:43 a.m.•5 views

CVE-1999-0386

Microsoft Personal Web Server and FrontPage Personal Web Server in some Windows systems allows a remote attacker to read files on the server by using a nonstandard URL...

5CVSS6.8AI score0.61206EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:41 a.m.•6 views

CVE-1999-0346

CGI PHP mlog script allows an attacker to read any file on the target server...

5CVSS6.8AI score0.00518EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:39 a.m.•10 views

CVE-1999-0068

CGI PHP mylog script allows an attacker to read any file on the target server...

7.5CVSS6.8AI score0.02715EPSS

Exploits0References1