CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6574 matches found

OSV•added 2023/02/08 12:0 a.m.•15 views

CVE-2023-0744 Improper Access Control in answerdev/answer

Improper Access Control in GitHub repository answerdev/answer prior to 1.0.4...

9.8CVSS9.4AI score0.06368EPSS

Exploits4References5

Vulnrichment•added 2023/02/08 12:0 a.m.•5 views

CVE-2023-0744 Improper Access Control in answerdev/answer

Improper Access Control in GitHub repository answerdev/answer prior to 1.0.4...

9.8CVSS7.1AI score0.06368EPSS

Exploits4References3

OSV•added 2023/02/08 12:0 a.m.•27 views

CVE-2023-0748 Open Redirect in btcpayserver/btcpayserver

Open Redirect in GitHub repository btcpayserver/btcpayserver prior to 1.7.6...

6.4CVSS5.1AI score0.00607EPSS

Exploits1References4

CVE•added 2023/02/08 12:0 a.m.•76 views

CVE-2023-0744

CVE-2023-0744 affects the GitHub repo answerdev/answer prior to version 1.0.4, enabling an Improper Access Control that can lead to account takeover via the password-reset flow. Public references describe an endpoint abuse: an attacker can trigger password reset via answer/api/v1/user/password/re...

9.8CVSS9.5AI score0.06368EPSS

Exploits4References3Affected Software1

OSV•added 2023/02/08 12:0 a.m.•16 views

CVE-2023-0743 Cross-site Scripting (XSS) - Generic in answerdev/answer

Cross-site Scripting XSS - Generic in GitHub repository answerdev/answer prior to 1.0.4...

8.2CVSS8.6AI score0.00745EPSS

Exploits1References4

OSV•added 2023/02/08 12:0 a.m.•18 views

CVE-2023-0742 Cross-site Scripting (XSS) - Stored in answerdev/answer

Cross-site Scripting XSS - Stored in GitHub repository answerdev/answer prior to 1.0.4...

8CVSS8.3AI score0.00871EPSS

Exploits1References4

NVD•added 2023/02/07 11:15 p.m.•34 views

CVE-2023-0736

Cross-site Scripting XSS - Stored in GitHub repository wallabag/wallabag prior to 2.5.4...

5.4CVSS4.7AI score0.00443EPSS

Exploits1References2

Vulnrichment•added 2023/02/07 12:0 a.m.•4 views

CVE-2023-0736 Cross-site Scripting (XSS) - Stored in wallabag/wallabag

Cross-site Scripting XSS - Stored in GitHub repository wallabag/wallabag prior to 2.5.4...

4.6CVSS6.2AI score0.00443EPSS

Exploits1References2

Vulnrichment•added 2023/02/07 12:0 a.m.•6 views

CVE-2023-0735 Cross-Site Request Forgery (CSRF) in wallabag/wallabag

Cross-Site Request Forgery CSRF in GitHub repository wallabag/wallabag prior to 2.5.4...

6.5CVSS7.3AI score0.00301EPSS

Exploits1References2

Cvelist•added 2023/02/07 12:0 a.m.•32 views

CVE-2023-0735 Cross-Site Request Forgery (CSRF) in wallabag/wallabag

Cross-Site Request Forgery CSRF in GitHub repository wallabag/wallabag prior to 2.5.4...

6.5CVSS6.8AI score0.00301EPSS

Exploits1References2

OSV•added 2023/02/07 12:0 a.m.•22 views

CVE-2023-0736 Cross-site Scripting (XSS) - Stored in wallabag/wallabag

Cross-site Scripting XSS - Stored in GitHub repository wallabag/wallabag prior to 2.5.4...

4.6CVSS4.8AI score0.00443EPSS

Exploits1References4

Tenable Nessus•added 2023/02/06 12:0 a.m.•32 views

Amazon Linux AMI : vim-common, vim-data, vim-enhanced (ALAS-2023-1681)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS-2023-1681 advisory. Use After Free in GitHub repository vim/vim prior to 9.0.0882. CVE-2022-4292 Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143. CVE-2023-0049 Tenable has extracted the preceding...

7.8CVSS7.5AI score0.00655EPSS

Exploits2References5

NVD•added 2023/02/04 1:15 p.m.•37 views

CVE-2023-0678

Missing Authorization in GitHub repository phpipam/phpipam prior to v1.5.1...

7.5CVSS5.6AI score0.37304EPSS

Exploits1References2