CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

321 matches found

NVD•added 2026/04/27 9:16 p.m.•1 views

CVE-2026-7191

Improper use of the static-eval npm package in the open source solution qnabot-on-aws versions 7.2.4 and earlier may allow an authenticated administrator to execute arbitrary code within the fulfillment Lambda execution context by injecting a crafted conditional chaining expression via the Conten...

8.6CVSS0.00102EPSS

Exploits0References2

Cvelist•added 2026/04/16 5:29 a.m.•40 views

CVE-2026-5050 Payment Gateway for Redsys & WooCommerce Lite <= 7.0.0 - Improper Verification of Cryptographic Signature to Unauthenticated Payment Status Manipulation

The Payment Gateway for Redsys & WooCommerce Lite plugin for WordPress is vulnerable to Improper Verification of Cryptographic Signature in versions up to, and including, 7.0.0 due to successfulrequest handlers calculating a local signature but not validating DsSignature from the request before...

7.5CVSS0.00017EPSS

Exploits0References2

Positive Technologies•added 2026/02/24 12:0 a.m.•4 views

PT-2026-21674

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. affected versions not specified Description When the "Silent Just-In-Time Provisioning" feature is enabled for a federated identity provider IDP, a local user store user’s information may be replaced duri...

7.7CVSS5.9AI score0.00091EPSS

Exploits0References7

RedhatCVE•added 2026/01/09 9:20 a.m.•2 views

CVE-2021-2155

Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E-Business Suite component: Documents. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle...

4.3CVSS5.2AI score0.00712EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 8:52 a.m.•1 views

CVE-2021-2101

Vulnerability in the Oracle One-to-One Fulfillment product of Oracle E-Business Suite component: Print Server. Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise...

9.1CVSS6.8AI score0.01723EPSS

Exploits0References1