CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

SUSE CVE•added 2025/08/26 11:22 p.m.•3 views

SUSE CVE-2025-55212

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-28 and 7.1.2-2, passing a geometry string containing only a colon ":" to montage -geometry leads GetGeometry to set width/height to 0. Later, ThumbnailImage divides by these zer...

4.7CVSS6.7AI score0.00392EPSS

Exploits1References9

RedhatCVE•added 2025/05/22 5:10 p.m.•6 views

CVE-2020-35206

Reflected XSS in Web Compliance Manager in Quest Policy Authority version 8.1.2.200 allows attackers to inject malicious code into the browser via a specially crafted link to the cConn.jsp file via the ur parameter. NOTE: This vulnerability only affects products that are no longer supported by th...

6.1CVSS6.1AI score0.0024EPSS

Exploits1

RedhatCVE•added 2025/05/22 5:35 a.m.•4 views

CVE-2017-11197

In CyberArk Viewfinity 5.5.10.95 and 6.x before 6.1.1.220, a low privilege user can escalate to an administrative user via a bug within the "add printer" option...

7.8CVSS7.4AI score0.00332EPSS

Exploits3References1

RedhatCVE•added 2025/02/06 4:18 a.m.•7 views

CVE-2021-22275

Buffer Overflow vulnerability in B Automation Runtime webserver allows an unauthenticated network-based attacker to stop the cyclic program on the device and cause a denial of service...

8.6CVSS6.9AI score0.00438EPSS

Exploits0References1

Positive Technologies•added 2024/03/15 12:0 a.m.•2 views

PT-2024-19658 · WordPress · Elementinvader Addons For Elementor

Name of the Vulnerable Software and Affected Versions: ElementInvader Addons for Elementor plugin for WordPress versions up to, and including, 1.2.2 Description: The issue is related to Stored Cross-Site Scripting via the button link in the EliSlider. This is due to insufficient input sanitizatio...

6.4CVSS8AI score0.00134EPSS

Exploits0References5

Positive Technologies•added 2024/02/12 12:0 a.m.•2 views

PT-2024-20640 · Unknown · Ari Soft Contact Form 7 Connector

Name of the Vulnerable Software and Affected Versions: ARI Soft Contact Form 7 Connector versions 1.2.2 and earlier Description: A Cross-Site Request Forgery CSRF issue affects the ARI Soft Contact Form 7 Connector. This type of issue allows an attacker to trick a user into performing unintended...

8.8CVSS9.3AI score0.0006EPSS

Exploits0References6

OSV•added 2023/07/21 9:15 p.m.•4 views

AZL-27675 CVE-2023-3611 affecting package kernel for versions less than 5.15.122.1-2

An out-of-bounds write vulnerability in the Linux kernel's net/sched: schqfq component can be exploited to achieve local privilege escalation. The qfqchangeagg function in net/sched/schqfq.c allows an out-of-bounds write because lmax is updated according to packet sizes without bounds checks. We...

7.8CVSS6.7AI score0.00015EPSS

Exploits0References1

OSV•added 2022/05/05 5:15 p.m.•2 views

CVE-2022-28708

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2 and 15.1.x versions prior to 15.1.5.1, when a BIG-IP DNS resolver-enabled, HTTP-Explicit or SOCKS profile is configured on a virtual server, an undisclosed DNS response can cause the Traffic Management Microkernel TMM process to terminate. Note:...

5.9CVSS6.2AI score

Exploits0References1

OSV•added 2016/06/28 1:59 a.m.•0 views

CVE-2016-0229

Cross-site scripting XSS vulnerability in IBM Marketing Platform 8.6.x and 9.x before 9.1.2.2 allows remote attackers to inject arbitrary web script or HTML via a crafted URL...

6.1CVSS5.9AI score

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by