CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

18 matches found

Vulnrichment•added 2026/03/10 12:18 a.m.•2 views

CVE-2026-27688 Missing Authorization check in SAP NetWeaver Application Server for ABAP

Due to a missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated attacker with user privileges could read Database Analyzer Log Files via a specific RFC function module. The attacker with the necessary privileges to execute this function module could potentially...

5CVSS5.9AI score0.0004EPSS

Exploits0References2

CNNVD•added 2026/02/25 12:0 a.m.•5 views

OpenEMR 访问控制错误漏洞

OpenEMR is a set of open-source medical management systems developed by the OpenEMR community. This system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. Prior to OpenEMR 8.0.0, there was an access control...

6.5CVSS5.8AI score0.00045EPSS

Exploits1References2

CNNVD•added 2026/02/10 12:0 a.m.•2 views

Keycloak 安全漏洞

Keycloak is an open-source identity and access management solution developed by Keycloak. Keycloak has a security vulnerability. This vulnerability arises when the log format is configured to include details for users, causing sensitive headers to be disclosed in plain text within the logs. This...

5CVSS5.7AI score0.00006EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2019-13257

Malware in sbrugna...

8.2CVSS7.8AI score0.00085EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-24215

Malicious code in bioql PyPI...

4.1CVSS6.5AI score0.00073EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-4545

Malicious code in bioql PyPI...

7.5CVSS9.2AI score0.00077EPSS

Exploits0References3

NVD•added 2025/07/07 6:15 p.m.•4 views

CVE-2025-20325

In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.103, 9.3.2408.113, and 9.2.2406.119, the software potentially exposes the search head cluster splunk.secret key. This exposure could happen if you have a Search Head cluster and...

5.3CVSS0.00186EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 9:18 p.m.•4 views

CVE-2021-32570

In Ericsson Network Manager ENM releases before 21.2, users belonging to the same AMOS authorization group can retrieve the data from certain log files. All AMOS users are considered to be highly privileged users in ENM system and all must be previously defined and authorized by the Security...

4.9CVSS6.4AI score0.00204EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 3:41 p.m.•5 views

CVE-2020-6938

A sensitive information disclosure vulnerability in Tableau Server 10.5, 2018.x, 2019.x, 2020.x released before June 26, 2020, could allow access to sensitive information in log files...

7.5CVSS6.4AI score0.00316EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 12:41 a.m.•4 views

CVE-2014-2873

PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 does not require authentication for access to log files, which allows remote attackers to obtain sensitive server information by using a predictable name in a request for a file...

5CVSS6.8AI score0.00315EPSS

Exploits0References1

RedhatCVE•added 2025/02/05 6:4 p.m.•7 views

CVE-2019-3622

Files or Directories Accessible to External Parties in McAfee Data Loss Prevention DLPe for Windows 11.x prior to 11.3.0 allows authenticated user to redirect DLPe log files to arbitrary locations via incorrect access control applied to the DLPe log folder allowing privileged users to create...

8.2CVSS6.7AI score0.00085EPSS

Exploits0References1

Positive Technologies•added 2023/01/26 12:0 a.m.•1 views

PT-2023-16280 · Econolite · Econolite Eos

Name of the Vulnerable Software and Affected Versions: Econolite EOS versions prior to 3.2.23 Description: The issue concerns a lack of password requirement for gaining "READONLY" access to log files and certain database and configuration files. One such file contains tables with MD5 hashes and...

7.5CVSS7.6AI score0.0016EPSS

Exploits0References4

OSV•added 2022/08/26 12:15 a.m.•2 views

CVE-2021-32570

4.9CVSS5.8AI score

Exploits0References2

CNNVD•added 2022/08/25 12:0 a.m.•3 views

Ericsson Network Manager 日志信息泄露漏洞

Ericsson Network Manager is a network manager from Ericsson, Sweden. It covers monitoring, troubleshooting, configuration, automation and optimization of networks. A security vulnerability exists in Ericsson Network Manager ENM versions prior to 21.2, which stems from the fact that all users in t...

4.9CVSS5.5AI score0.00204EPSS

Exploits0References4

CNNVD•added 2022/01/11 12:0 a.m.•4 views

Siemens SICAM A8000 CP-8000 日志信息泄露漏洞

The SICAM A8000 is used for automation applications in all areas of remote control and energy supply. An access control error vulnerability exists in the Siemens SICAM A8000, which can be exploited by an attacker to access certain previously created log files...

7.5CVSS5.7AI score0.0063EPSS

Exploits2References8

CNVD•added 2019/10/14 12:0 a.m.•0 views

D-Link DIR-412 Authorization Issues Vulnerability

The D-Link DIR-412 is a wireless router from AUO D-Link of Taiwan, China. An authorization issue vulnerability exists in the D-Link DIR-412 A1-1.14WW version, which stems from a failure to ask for authentication on some web pages, and can be exploited by an attacker to gain access to the router's...

7.5CVSS7.3AI score0.04374EPSS

Exploits1References1

OSV•added 2017/02/13 9:59 p.m.•1 views

CVE-2016-8346

An issue was discovered in Moxa EDR-810 Industrial Secure Router. By accessing a specific uniform resource locator URL on the web server, a malicious user is able to access configuration and log files PRIVILEGE ESCALATION...

7.5CVSS5.8AI score0.00163EPSS

Exploits0References2