CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/03/26 3:10 p.m.•4 views

CVE-2026-1870

The Thim Kit for Elementor – Pre-built Templates & Widgets for Elementor plugin for WordPress is vulnerable to unauthorized access of data due to a missing validation checks on the 'thim-ekit/archive-course/get-courses' REST endpoint callback function in all versions up to, and including, 1.3.7...

5.3CVSS5.8AI score0.00262EPSS

RedhatCVE•added 2026/03/26 3:9 p.m.•4 views

CVE-2026-27281

DNG SDK versions 1.7.1 2471 and earlier are affected by an Integer Overflow or Wraparound vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to cause the application to crash or become unresponsive. Exploitation of this issue requires user...

5.5CVSS5.8AI score0.00179EPSS

Exploits1References1

IBM Security Bulletins•added 2026/03/26 12:43 p.m.•5 views

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects App Connect Professional

Summary There are multiple vulnerabilities in the IBM SDK Java Technology used by App Connect Professional. App Connect Professional has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTION: Java SE is vulnerable to a denial of service, caused by an easily...

7.5CVSS6.4AI score0.00547EPSS

Exploits1Affected Software1

EUVD•added 2026/03/26 12:30 p.m.•4 views

EUVD-2018-21669

ASP.NET jVideo Kit 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to inject SQL commands through the 'query' parameter in the search functionality. Attackers can submit malicious SQL payloads via GET or POST requests to the /search endpoint to extract sensitive...

Vulnrichment•added 2026/03/26 11:39 a.m.•4 views

Exploits0References4

CVE-2018-25205 ASP.NET jVideo Kit 1.0 SQL Injection via query Parameter

CVE•added 2026/03/26 11:39 a.m.•7 views

CVE-2018-25205

CVE-2018-25205 concerns ASP.NET jVideo Kit 1.0, where a vulnerability in the search functionality allows unauthenticated SQL injection via the query parameter in the /search endpoint. Attackers can submit malicious payloads through GET or POST requests to extract sensitive database information us...

Fedora•added 2026/03/26 2:31 a.m.•8 views

[SECURITY] Fedora 44 Update: dotnet8.0-8.0.125-1.fc44

.NET is a fast, lightweight and modular platform for creating cross platform applications that work on Linux, macOS and Windows. It particularly focuses on creating console applications, web applications and micro-services. .NET contains a runtime conforming to .NET Standards a set of framework...

5.7AI score

Exploits0

Fedora•added 2026/03/26 2:31 a.m.•4 views

[SECURITY] Fedora 44 Update: dotnet9.0-9.0.115-1.fc44

5.7AI score

Exploits0

Fedora•added 2026/03/26 2:31 a.m.•4 views

[SECURITY] Fedora 44 Update: dotnet10.0-10.0.104-1.fc44

5.7AI score

Exploits0

CNNVD•added 2026/03/26 12:0 a.m.•5 views

Mediasoftpro ASP.NET jVideo Kit SQL注入漏洞

Mediasoftpro ASP.NET jVideo Kit is a video management and publishing component suite developed by Mediasoftpro. Version 1.0 of Mediasoftpro ASP.NET jVideo Kit contains a SQL injection vulnerability, which stems from insufficient validation of query parameter inputs, potentially allowing SQL...

CNNVD•added 2026/03/26 12:0 a.m.•7 views

P11-glue P11-kit 安全漏洞

P11-glue P11-kit is a tool developed by the P11-glue individual developer, used for loading and enumerating PKCS modules. P11-glue P11-kit has security vulnerabilities; these vulnerabilities arise from the CDeriveKey function potentially returning uninitialized values when processing certain...

7.5CVSS5.8AI score0.01129EPSS

CNNVD•added 2026/03/26 12:0 a.m.•7 views

ClearanceKit 安全漏洞

ClearanceKit is a macOS file system access control tool developed by Craig J. Bass. Versions of ClearanceKit 4.1 and earlier contained security vulnerabilities; these vulnerabilities stemmed from the failure to intercept seven types of file operation events, which could lead to bypassing file...

8.7CVSS5.8AI score0.00101EPSS

Exploits0References2

EUVD•added 2026/03/25 6:31 p.m.•2 views

EUVD-2026-15557

Missing Authorization vulnerability in bdthemes Ultimate Post Kit ultimate-post-kit allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Post Kit: from n/a through = 4.0.21...

5.8AI score0.00245EPSS

Exploits0References2

NVD•added 2026/03/25 5:16 p.m.•2 views

CVE-2026-24362

6.4CVSS0.00245EPSS

Cvelist•added 2026/03/25 4:14 p.m.•26 views

CVE-2026-24362 WordPress Ultimate Post Kit plugin <= 4.0.21 - Broken Access Control vulnerability

6.4CVSS0.00245EPSS

Vulnrichment•added 2026/03/25 4:14 p.m.•1 views

CVE-2026-24362 WordPress Ultimate Post Kit plugin <= 4.0.21 - Broken Access Control vulnerability

6.4CVSS5.9AI score0.00245EPSS

CVE•added 2026/03/25 4:14 p.m.•7 views

CVE-2026-24362

CVE-2026-24362 is a concrete, vendor-confirmed vulnerability affecting Ultimate Post Kit Addons for Elementor (bdthemes Ultimate Post Kit)

6.4CVSS5.8AI score0.00245EPSS