CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1086 matches found

Tenable Nessus•added 2026/01/13 12:0 a.m.•3 views

MiracleLinux 9 : kernel-5.14.0-570.32.1.el9_6 (AXSA:2025-10781:59)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10781:59 advisory. kernel: padata: fix UAF in padatareorder CVE-2025-21727 kernel: HID: intel-ish-hid: Fix use-after-free issue in ishtphidremove CVE-2025-21928 kerne...

7.8CVSS7.2AI score0.00082EPSS

Exploits0References10

RedhatCVE•added 2026/01/09 10:34 a.m.•5 views

CVE-2017-18576

The event-notifier plugin before 1.2.1 for WordPress has XSS via the loading animation...

6.1CVSS6AI score0.0021EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:59 a.m.•6 views

CVE-2020-7581

A vulnerability has been identified in Opcenter Execution Discrete All versions V3.2, Opcenter Execution Foundation All versions V3.2, Opcenter Execution Process All versions V3.2, Opcenter Intelligence All versions V3.3, Opcenter Quality All versions V11.3, Opcenter RD V8.0, SIMATIC Notifier...

7.2CVSS7.1AI score0.00048EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:16 a.m.•3 views

CVE-2025-13521

The WP Status Notifier plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the settings update functionality. This makes it possible for unauthenticated attackers to update the plugin...

4.3CVSS5.3AI score0.00011EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:32 a.m.•8 views

CVE-2019-16060

The Airbrake Ruby notifier 4.2.3 for Airbrake mishandles the blacklistkeys configuration option and consequently may disclose passwords to unauthorized actors. This is fixed in 4.2.4 also, 4.2.2 and earlier are unaffected...

9.8CVSS6.6AI score0.00312EPSS

Exploits0References1

CVE•added 2026/01/07 8:21 a.m.•8 views

CVE-2025-13521

WP Status Notifier is vulnerable to CSRF due to missing/incorrect nonce validation on the settings update function, enabling unauthenticated attackers to change plugin settings by deceptively prompting an admin (e.g., via forged link). The CVE entry lists a CVSS v3.1 base score of 4.3 (Medium) w...

4.3CVSS5AI score0.00011EPSS

Exploits0References3

Vulnrichment•added 2026/01/07 8:21 a.m.•4 views

CVE-2025-13521 WP Status Notifier <= 1.0 - Cross-Site Request Forgery to Settings Update

4.3CVSS5AI score0.00011EPSS

Exploits0References3

CNNVD•added 2026/01/07 12:0 a.m.•3 views

WordPress plugin WP Status Notifier 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site request...

4.3CVSS6.6AI score0.00011EPSS

Exploits0References3

Positive Technologies•added 2026/01/07 12:0 a.m.•4 views

PT-2026-1593

Name of the Vulnerable Software and Affected Versions WP Status Notifier plugin for WordPress versions prior to 1.1 Description The WP Status Notifier plugin for WordPress is susceptible to Cross-Site Request Forgery CSRF. This is caused by insufficient or incorrect nonce validation when updating...

4.3CVSS6.2AI score0.00011EPSS

Exploits0References5

Patchstack•added 2026/01/06 10:36 p.m.•4 views

WordPress WP Status Notifier plugin <= 1.0 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin WP Status Notifier versions = 1.0...

4.3CVSS7AI score0.00011EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2026/01/01 12:0 a.m.•4 views

PT-2026-8109

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the imx8m-blk-ctrl driver related to the handling of reset and clock control for the VPUMIX domain on i.MX8MQ platforms. Specifically, the ADB in the...

5.5CVSS6.5AI score0.00018EPSS

Exploits0

SUSE CVE•added 2025/12/31 12:31 a.m.•1 views

SUSE CVE-2022-50850

In the Linux kernel, the following vulnerability has been resolved: scsi: ipr: Fix WARNING in iprinit iprinit will not call unregisterrebootnotifier when pciregisterdriver fails, which causes a WARNING. Call unregisterrebootnotifier when pciregisterdriver fails. notifier callback iprhalt ipr...

5.5CVSS6.5AI score0.00061EPSS

Exploits0References10

SUSE CVE•added 2025/12/31 12:28 a.m.•2 views

SUSE CVE-2023-54200

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: always release netdev hooks from notifier This reverts "netfilter: nftables: skip netdev events generated on netns removal". The problem is that when a veth device is released, the veth release callback will...

6.3CVSS6.5AI score0.00028EPSS

Exploits0References3

Tenable Nessus•added 2025/12/31 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2022-50850

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - scsi: ipr: Fix WARNING in iprinit iprinit will not call unregisterrebootnotifier when pciregisterdriver fails, which causes a WARNING. Call...

6.1AI score0.00061EPSS

Exploits0References3