CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Self Cross-Site Scripting XSS vulnerability in ChatPlayground.ai through 2025-05-24, allows attackers to execute arbitrary code and gain sensitive information via a crafted SVG file contents sent through the chat component...

0.00269EPSS

Exploits0References1

The Hacker News•added 2025/06/25 11:0 a.m.•6 views

Pro-Iranian Hacktivist Group Leaks Personal Records from the 2024 Saudi Games

Thousands of personal records allegedly linked to athletes and visitors of the Saudi Games have been published online by a pro-Iranian hacktivist group called Cyber Fattah. Cybersecurity company Resecurity said the breach was announced on Telegram on June 22, 2025, in the form of SQL database...

7.5AI score

Exploits0

RedhatCVE•added 2025/05/23 8:5 a.m.•4 views

CVE-2024-51399

Altai Technologies Ltd Altai IX500 Indoor 22 802.11ac Wave 2 AP After login, there are file reads in the background, and attackers can obtain sensitive information such as user credentials, system configuration, and database connection strings, which can lead to data breaches and identity theft...

5.7CVSS6.5AI score0.00221EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 6:37 a.m.•5 views

CVE-2017-16900

Incorrect Access Control in Hunesion i-oneNet 3.0.6042.1200 allows the local user to access other user's information which is unauthorized via brute force...

5.5CVSS6.5AI score0.00302EPSS

Exploits0References1

Cvelist•added 2025/02/27 12:0 a.m.•10 views

CVE-2025-25323

An issue in Qianjin Network Information Technology Shanghai Co., Ltd 51Job iOS 14.22.0 allows attackers to access sensitive user information via supplying a crafted link...

0.00176EPSS

Exploits0References1

Cvelist•added 2025/02/12 12:0 a.m.•11 views

CVE-2024-51123

An issue in Zertificon Z1 SecureMail Z1 SecureMail Gateway 4.44.2-7240-debian12 allows a remote attacker to obtain sensitive information via the /compose-pdf.xhtml?convid=id component...

0.00596EPSS

Exploits0References1

OSV•added 2024/07/22 10:15 a.m.•10 views

CVE-2024-34457

On versions before 2.1.4, after a regular user successfully logs in, they can manually make a request using the authorization token to view everyone's user flink information, including executeSQL and config. Mitigation: all users should upgrade to 2.1.4...

6.5CVSS6.7AI score

Exploits0References3

Vulnrichment•added 2023/03/28 12:0 a.m.•7 views

CVE-2020-8889

The ShipStation.com plugin 1.0 for CS-Cart allows remote attackers to obtain sensitive information via action=export because a typo results in a successful comparison of a blank password and NULL...

7.4AI score0.01004EPSS

Exploits1References2

CNVD•added 2023/02/14 12:0 a.m.•24 views

Wyse Management Suite has an unspecified vulnerability (CNVD-2023-09782)

Wyse Management Suite is a scalable solution for managing and optimizing Wyse endpoints from Dell, Inc. The product includes centralized Wyse endpoint management, asset tracking, and automated device discovery.A security vulnerability exists in Wyse Management Suite version 3.8. An attacker could...

5.3CVSS2.2AI score0.0047EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by