CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

94 matches found

Important: Red Hat Security Advisory: Red Hat Web Terminal Operator 1.15.0 release.

Red Hat Web Terminal Operator 1.15.0 has been released. The Web Terminal provides a way to access a fully in-browser terminal emulator within the OpenShift Console. Command-line tools for interacting with the OpenShift cluster are pre-installed...

9.1CVSS7.2AI score0.00021EPSS

Exploits1References7

RedHat Linux•added yesterday•5 views

Important: Red Hat Security Advisory: Red Hat Web Terminal Operator 1.11.1 release.

Red Hat Web Terminal Operator 1.11.1 has been released. The Web Terminal provides a way to access a fully in-browser terminal emulator within the OpenShift Console. Command-line tools for interacting with the OpenShift cluster are pre-installed...

8.2CVSS7AI score0.00021EPSS

Exploits0References5

RedHat Linux•added yesterday•6 views

Important: Red Hat Security Advisory: Red Hat Web Terminal Operator 1.12.1 release.

Red Hat Web Terminal Operator 1.12.1 has been released. The Web Terminal provides a way to access a fully in-browser terminal emulator within the OpenShift Console. Command-line tools for interacting with the OpenShift cluster are pre-installed...

8.2CVSS5.7AI score0.00021EPSS

Exploits0References5

EUVD•added 2026/05/12 9:31 p.m.•5 views

EUVD-2026-29734

A vulnerability in the web-based management interface of Access Points running AOS-10 and AOS-8 Instant could allow an unauthenticated remote attacker to execute arbitrary JavaScript code in a victim's browser within the same local network. Successful exploitation could allow an attacker to...

8.8CVSS6.2AI score0.00155EPSS

Exploits0References2

Vulnrichment•added 2026/05/10 12:44 p.m.•3 views

CVE-2021-47948 WordPress GetPaid Plugin 2.4.6 HTML Injection via Help Text

WordPress GetPaid Plugin 2.4.6 contains an HTML injection vulnerability that allows authenticated attackers to inject arbitrary HTML code by exploiting the Help Text field in payment forms. Attackers can inject malicious HTML including image tags and scripts into the Help Text field during paymen...

5.4CVSS6AI score0.00029EPSS

Exploits0References3

Github Security Blog•added 2026/05/08 7:0 p.m.•4 views

open-webui Vulnerable to Stored XSS via Model Description

!IMPORTANT Relationship to CVE-2024-7990 CVE-2024-7990 issued by huntr.dev, March 2025 describes a stored XSS in the same field — the model description — but exploits a different bypass mechanism: a second-order injection through the sanitizeResponseContent function's video-tag placeholder...

8.4CVSS6AI score0.00293EPSS

Exploits2References3Affected Software1

RedHat Linux•added 2026/04/23 8:17 p.m.•4 views

Important: Red Hat Security Advisory: Red Hat Web Terminal Operator 1.11.0 release.

Red Hat Web Terminal Operator 1.11.0 has been released. The Web Terminal provides a way to access a fully in-browser terminal emulator within the OpenShift Console. Command-line tools for interacting with the OpenShift cluster are pre-installed...

10CVSS5.7AI score0.00045EPSS

Exploits3References12

RedHat Linux•added 2026/04/14 6:58 p.m.•4 views

Important: Red Hat Security Advisory: Red Hat Web Terminal Operator 1.15.0 release.

10CVSS7.1AI score0.00045EPSS

Exploits3References12

GithubExploit•added 2026/04/14 5:17 a.m.•62 views

avsig

⚡ AVSIG JWT Inspector & Security Auditor - decode, anal...

5.8AI score

Exploits0

RedhatCVE•added 2026/03/26 3:8 p.m.•0 views

CVE-2026-20162

In Splunk Enterprise versions below 10.2.0, 10.0.3, 9.4.9, and 9.3.9, and Splunk Cloud Platform versions below 10.2.2510.4, 10.1.2507.15, 10.0.2503.11, and 9.3.2411.123, a low-privileged user who does not hold the "admin" or "power" Splunk roles could craft a malicious payload when creating a Vie...

6.3CVSS6.1AI score0.00052EPSS

Exploits0References1

Cvelist•added 2026/03/26 12:0 a.m.•20 views

CVE-2026-29933

A reflected cross-site scripting XSS vulnerability in the /index/login.html component of YZMCMS v7.4 allows attackers to execute arbitrary Javascript in the context of the user's browser via modifying the referrer value in the request header...

0.00018EPSS

Exploits1References1

ATTACKERKB•added 2026/03/25 11:37 p.m.•5 views

CVE-2026-33932

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, a stored cross-site scripting vulnerability in the CCDA document preview allows an attacker who can upload or send a CCDA document to execute arbitrary JavaScript in ...

7.6CVSS5.9AI score0.0004EPSS

Exploits0References4Affected Software1

Tenable Nessus•added 2026/03/25 12:0 a.m.•1 views

GitLab 17.7 < 18.8.7 / 18.9 < 18.9.3 / 18.10 < 18.10.1 (CVE-2026-2973)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.7 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an authenticated user to execute...

5.4CVSS6AI score0.00042EPSS

Exploits0References5

ATTACKERKB•added 2026/03/03 10:20 p.m.•4 views

CVE-2026-26272

HomeBox is a home inventory and organization system. Prior to 0.24.0-rc.1, a stored cross-site scripting XSS vulnerability exists in the item attachment upload functionality. The application does not properly validate or restrict uploaded file types, allowing an authenticated user to upload...

4.6CVSS5.8AI score0.00041EPSS

Exploits0References3Affected Software1

RedhatCVE•added 2026/02/11 7:30 a.m.•3 views

CVE-2026-24323

The BSP applications allow an unauthenticated user to inject malicious script content via user-controlled URL parameters that are not sufficiently sanitized. When a victim accesses a crafted URL, the injected script is executed in the victim�s browser, leading to a low impact on confidentiality a...

6.1CVSS5.5AI score0.00029EPSS

Exploits0References1

RedHat Linux•added 2026/02/09 11:40 p.m.•8 views

Important: Red Hat Security Advisory: Red Hat Web Terminal Operator 1.14.0 release.

Red Hat Web Terminal Operator 1.14.0 has been released. The Web Terminal provides a way to access a fully in-browser terminal emulator within the OpenShift Console. Command-line tools for interacting with the OpenShift cluster are pre-installed...

7.5CVSS6.6AI score0.00019EPSS

Exploits2References2

RedHat Linux•added 2026/02/09 9:56 p.m.•4 views

Important: Red Hat Security Advisory: Red Hat Web Terminal Operator 1.13.0 release.

Red Hat Web Terminal Operator 1.13.0 has been released. The Web Terminal provides a way to access a fully in-browser terminal emulator within the OpenShift Console. Command-line tools for interacting with the OpenShift cluster are pre-installed...

7.5CVSS6.6AI score0.00019EPSS

Exploits2References2

RedHat Linux•added 2026/02/09 8:49 p.m.•3 views

Important: Red Hat Security Advisory: Red Hat Web Terminal Operator 1.12.1 release.

7.5CVSS6.6AI score0.00019EPSS

Exploits2References2

Wiz blog•added 2026/01/21 1:56 p.m.•2 views

WizExtend is Here: AI and Cloud Security Insights in Your Daily Workflow

Get risk insights and take remediation actions right from your in-browser CSP portal, VCS console, or as you’re reading up on the latest threat research...

5.4AI score

Exploits0

Cvelist•added 2026/01/15 11:8 p.m.•22 views

CVE-2026-1011 Stored Cross-Site Scripting in Altium Live Support Center Comment Endpoint

A stored cross-site scripting XSS vulnerability exists in the Altium Support Center AddComment endpoint due to missing server-side input sanitization. Although the client interface applies HTML escaping, the backend accepts and stores arbitrary HTML and JavaScript supplied via modified POST...

6.1CVSS0.0002EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by