CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

138 matches found

BIT-JENKINS-2026-53436

Jenkins 2.567 and earlier, LTS 2.555.2 and earlier improperly determines that a redirect URL after login is legitimately pointing to Jenkins when it contains relative path segments ./ or ../, allowing attackers to perform phishing attacks...

4.3CVSS5.3AI score0.00272EPSS

Exploits0References2

CVE•added 2026/06/10 1:5 p.m.•17 views

CVE-2026-53437

Jenkins 2.567 and earlier, and LTS 2.555.2 and earlier, are affected by a vulnerability where the redirect URL after login is improperly determined to point to Jenkins if it contains tab or newline characters between //, enabling phishing attacks. The root cause is improper handling/validation of...

4.3CVSS5.5AI score0.00272EPSS

Exploits0References1Affected Software1

CNNVD•added 2026/05/19 12:0 a.m.•6 views

Nozomi Networks Guardian和Nozomi Networks CMC 跨站脚本漏洞

Nozomi Networks Guardian and Nozomi Networks CMC are both products of the American company Nozomi Networks. Nozomi Networks Guardian is an IoT device and software inspection system. Nozomi Networks CMC is an application software that provides centralized OT and IoT security management. Both Nozom...

5.9CVSS5.7AI score0.00194EPSS

Exploits0References1

Cvelist•added 2026/04/08 8:30 a.m.•21 views

CVE-2026-39484 WordPress Hide My WP Ghost plugin < 7.0.00 - Open Redirection vulnerability

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in John Darrel Hide My WP Ghost hide-my-wp allows Phishing.This issue affects Hide My WP Ghost: from n/a through 7.0.00...

4.7CVSS0.00201EPSS

Exploits0References1

EUVD•added 2026/02/16 12:30 p.m.•3 views

EUVD-2025-206982

URL Redirection to Untrusted Site 'Open Redirect' vulnerability in TR7 Cyber Defense Inc. Web Application Firewall allows Phishing.This issue affects Web Application Firewall: from 4.30 through 16022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way...

4.3CVSS5.5AI score0.00239EPSS

Exploits0References2

NVD•added 2026/02/16 12:16 p.m.•5 views

CVE-2025-2418

4.3CVSS0.00239EPSS

Exploits0References2

Cvelist•added 2025/11/17 3:30 a.m.•6 views

CVE-2025-13283 Chunghwa Telecom｜TenderDocTransfer - Arbitrary File Copy and Paste

TenderDocTransfer developed by Chunghwa Telecom has a Arbitrary File Copy and Paste vulnerability. The application sets up a simple local web server and provides APIs for communication with the target website. Due to the lack of CSRF protection in the APIs, unauthenticated remote attackers could...

7.1CVSS0.00203EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2020-6593

Malware in sbrugna...

6.5CVSS6.5AI score0.01168EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2007-1756

Malware in sbrugna...

5CVSS6.4AI score0.01033EPSS

Exploits0References4