CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

46 matches found

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2017-3703

Malware in sbrugna...

7.5CVSS7.6AI score0.0055EPSS

Exploits2References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2019-0044

Malware in sbrugna...

9.8CVSS9.1AI score0.01166EPSS

Exploits0References17

SUSE CVE•added 2025/10/03 11:37 p.m.•1 views

SUSE CVE-2025-11230

Inefficient algorithm complexity in mjson in HAProxy allows remote attackers to cause a denial of service via specially crafted JSON requests...

5.3CVSS6.7AI score0.00468EPSS

Exploits0References13

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-45343

Malicious code in bioql PyPI...

8.5CVSS6.6AI score0.00204EPSS

Exploits1References3

Packet Storm•added 2025/08/01 12:0 a.m.•87 views

📄 FullControl: Remote for Mac 4.0.5 Directory Traversal / Enumeration

FullControl Remote for Mac version 4.0.5 is vulnerable to an unauthenticated directory traversal flaw. An attacker can remotely enumerate and traverse arbitrary directories on the target system by sending crafted JSON requests to TCP port 2846. This vulnerability arises from insufficient input...

7.6AI score

Exploits0

OSSF Malicious Packages•added 2024/11/29 1:27 a.m.•2 views

Malicious code in discord-json-requests (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware f4e36715204598c156e07aa9b146c861f5481df2d94c91e92f85569f217fa4d1 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score

Exploits0References1

OSV•added 2024/11/29 1:27 a.m.•4 views

MAL-2024-11136 Malicious code in discord-json-requests (npm)

7AI score

Exploits0References1

OSV•added 2024/11/04 2:15 p.m.•6 views

CVE-2024-51408

AppSmith Community 1.8.3 before 1.46 allows SSRF via New DataSource for application/json requests to 169.254.169.254 to retrieve AWS metadata credentials...

6.5CVSS6.8AI score0.00204EPSS

Exploits1References3

Tenable Nessus•added 2023/01/25 12:0 a.m.•15 views

Phoenix Contact PLCnext Improper Input Validation (CVE-2021-34570)

Multiple Phoenix Contact PLCnext control devices in versions prior to 2021.0.5 LTS are prone to a DoS attack through special crafted JSON requests. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable,...

7.5AI score0.00296EPSS

Exploits0References2

CNNVD•added 2022/06/02 12:0 a.m.•3 views

Lightbend Play Framework 资源管理错误漏洞

Lightbend Play Framework is a web application framework written in the Scala language from Lightbend, Inc. A resource management error vulnerability exists in Lightbend Play Framework versions 2.8.3 through 2.8.15, which results in a denial of service when using the FormbindFromRequest method on...

7.5CVSS7.3AI score0.00506EPSS

Exploits0References5

OSV•added 2022/05/05 12:29 a.m.•20 views

GHSA-58H8-44MG-R43X ReviewBoard and Djblets library are vulnerable to code execution

An eval vulnerability exists in Python Software Foundation Djblets version before 0.6.30 and 0.7.0 before 0.7.19 and Beanbag Review Board before 1.7.15 when parsing JSON requests allowing an attacker to execute arbitrary Python code...

9.8CVSS9.5AI score0.01166EPSS

Exploits0References15

GitLab Advisory Database•added 2022/05/05 12:0 a.m.•21 views

ReviewBoard and Djblets library are vulnerable to code execution

9.8CVSS9.5AI score0.01166EPSS

Exploits0References11Affected Software1

NVD•added 2021/09/27 9:15 a.m.•9 views

CVE-2021-34570

Multiple Phoenix Contact PLCnext control devices in versions prior to 2021.0.5 LTS are prone to a DoS attack through special crafted JSON requests...

7.8CVSS0.00296EPSS

Exploits0References1

Prion•added 2021/09/27 9:15 a.m.•10 views

Code injection

Multiple Phoenix Contact PLCnext control devices in versions prior to 2021.0.5 LTS are prone to a DoS attack through special crafted JSON requests...

7.8CVSS7.5AI score0.00296EPSS

Exploits0References1Affected Software6

CVE•added 2021/09/27 8:25 a.m.•45 views

CVE-2021-34570

Phoenix Contact PLCnext Control devices (versions prior to 2021.0.5 LTS) are affected by CVE-2021-34570. The issue is a DoS caused by specially crafted JSON requests, reducing availability. The NVD/CVSS reports a HIGH impact with network attack vector and low complexity. Remediation in the provid...

7.8CVSS7.5AI score0.00296EPSS

Exploits0References1Affected Software1

Prion•added 2019/11/04 9:15 p.m.•16 views

Code injection

An eval vulnerability exists in Python Software Foundation Djblets 0.7.21 and Beanbag Review Board before 1.7.15 when parsing JSON requests...

7.5CVSS6.8AI score0.01166EPSS

Exploits0References10Affected Software4

NVD•added 2019/10/17 1:15 p.m.•21 views

CVE-2019-17673

WordPress before 5.2.4 is vulnerable to poisoning of the cache of JSON GET requests because certain requests lack a Vary: Origin header...

7.5CVSS8.5AI score0.03574EPSS

Exploits0References8