CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2025/12/10 9:59 p.m.•5 views

EUVD-2025-202429

XWiki Rendering is a generic rendering system that converts textual input in a given syntax wiki syntax, HTML, etc into another syntax XHTML, etc. Versions 16.10.9 and below, 17.0.0-rc-1 through 17.4.2 and 17.5.0-rc-1 through 17.5.0 have insufficient protection against /html injection, which...

8.7CVSS7.9AI score0.0086EPSS

Exploits1References8

CNVD•added 2025/12/10 12:0 a.m.•3 views

WordPress Plugin SSP Debug Information Disclosure Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. An information disclosure vulnerability exists in WordPress plugin SSP Debug, which stems from...

5.3CVSS6AI score0.00247EPSS

CNVD•added 2025/12/10 12:0 a.m.•1 views

WordPress Plugin MxChat Information Disclosure Vulnerability

5.3CVSS6AI score0.00273EPSS

CNVD•added 2025/11/25 12:0 a.m.•2 views

WordPress Plugin Seriously Simple Podcasting Information Disclosure Vulnerability

5.3CVSS6AI score0.00242EPSS

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2021-26621

Malware in sbrugna...

9.8CVSS9.3AI score0.01035EPSS

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2012-5705

Malware in sbrugna...

4.3CVSS6.4AI score0.01305EPSS

Exploits0References7

EUVD•added 2025/10/07 12:30 a.m.•9 views

EUVD-2018-5785

Malware in sbrugna...

6.1CVSS6.2AI score0.02273EPSS

Exploits5References4

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2021-14144

Malware in sbrugna...

9.8CVSS9.4AI score0.0103EPSS

CNNVD•added 2025/08/20 12:0 a.m.•5 views

Liferay Portal和Liferay DXP 跨站请求伪造漏洞

Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE-based portal solution. The solution uses technologies such as EJB as well as JMS, and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DX...

7.1CVSS6.4AI score0.00131EPSS

CNVD•added 2025/08/10 12:0 a.m.•4 views

WordPress IDonate plugin unauthorized access vulnerability

WordPress IDonate plugin is a WordPress plugin designed for blood donation management, mainly used to create blood donation related website features. An unauthorized access vulnerability exists in WordPress IDonate plugin, which stems from the application's inadequate protection of sensitive...

6.5CVSS6.5AI score0.0029EPSS

CNNVD•added 2025/07/11 12:0 a.m.•1 views

Emerson ValveLink Products 安全漏洞

Emerson ValveLink Products is a diagnostic software from Emerson USA. A security vulnerability exists in Emerson ValveLink Products, which stems from an inadequate protection mechanism that makes it susceptible to targeted attacks...

8.5CVSS6.4AI score0.00173EPSS

RedhatCVE•added 2025/05/22 6:35 p.m.•8 views

CVE-2021-3286

SQL injection exists in Spotweb 1.4.9 because the notAllowedCommands protection mechanism is inadequate, e.g., a variation of the payload may be used. NOTE: this issue exists because of an incomplete fix for CVE-2020-35545...

9.8CVSS7.9AI score0.03803EPSS

Exploits2References1

CNNVD•added 2025/03/10 12:0 a.m.•1 views

IBM Sterling File Gateway 安全漏洞

IBM Sterling File Gateway is a suite of file transfer software from International Business Machines IBM. The software integrates different centers of file transfer activity and facilitates the secure exchange of file-based data over the Internet. An information leakage vulnerability exists in IBM...

5.3CVSS6.3AI score0.00263EPSS

Exploits0References3

BDU FSTEC•added 2024/06/26 12:0 a.m.•6 views

The vulnerability of the Brocade SANnav network management software lies in the insufficient protection of operational data, allowing attackers to gain access to the database structure and its contents.

The vulnerability of the Brocade SANnav network management software is related to insufficient protection for operational data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain access to the database structure and its contents...

7.7CVSS5.5AI score0.00463EPSS

Exploits0References4Affected Software1

BDU FSTEC•added 2024/04/30 12:0 a.m.•4 views

The vulnerability of the Cornerstone plugin in the WordPress content management system allows attackers to perform cross-site scripting attacks.

The vulnerability of the Cornerstone plugin in the WordPress content management system is related to the lack of measures taken to protect the website’s structure. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks...

7.5CVSS5.2AI score0.00375EPSS

Exploits0References4Affected Software1

NVD•added 2024/03/23 10:15 p.m.•10 views

CVE-2024-23755

ClickUp Desktop before 3.3.77 on macOS and Windows allows code injection because of specific Electron Fuses. There is inadequate protection against code injection through settings such as RunAsNode...

8.8CVSS7AI score0.01051EPSS

Cvelist•added 2024/03/23 12:0 a.m.•17 views

CVE-2024-23755

7.3AI score0.01051EPSS

Vulnrichment•added 2024/03/23 12:0 a.m.•9 views

CVE-2024-23755

8.8AI score0.01051EPSS

CNNVD•added 2024/03/05 12:0 a.m.•4 views

Gallagher Command Centre security breach

Gallagher Command Centre is a centralized control tool for Gallagher access control systems from Gallagher New Zealand. A security vulnerability exists in Gallagher Command Centre that stems from inadequate protection of credentials...

9.1CVSS6.9AI score0.00334EPSS