CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

102 matches found

Positive Technologies•added 2026/05/20 12:0 a.m.•8 views

PT-2026-42119

Name of the Vulnerable Software and Affected Versions FreePBX affected versions not specified Description Hardcoded credentials in the Userman module allow unauthenticated access to the portal, potentially exposing business phone systems. Recommendations Update the installed modules to the latest...

9.8CVSS5.8AI score0.00084EPSS

Exploits1References11

ATTACKERKB•added 2026/05/05 6:22 a.m.•1 views

CVE-2026-7824

An issue was discovered in the PaperCut Hive Ricoh embedded application. When the "Deep Logging" diagnostic mode is enabled, the application inadvertently records administrative credentials in plain text within the log files. An attacker with administrative access to the PaperCut Hive management...

5.9CVSS5.8AI score0.00066EPSS

Exploits0References2

NVD•added 2026/03/30 1:16 p.m.•2 views

CVE-2026-4266

An Insecure Deserialization vulnerability in WatchGuard Fireware OS allows an attacker that has obtained write access to the local filesystem through another vulnerability to execute arbitrary code in the context of the portald user.This issue affects Fireware OS: 12.1 through 12.11.8 and 2025.1...

8.4CVSS0.0002EPSS

Exploits0References1

CVE•added 2026/03/25 11:41 p.m.•6 views

CVE-2026-33934

OpenEMR prior to version 8.0.0.3 suffers a lack of authorization in portal/sign/lib/show-signature.php, permitting any authenticated patient portal user to read a staff member's drawn signature by posting an arbitrary user value. The companion write endpoint (save-signature.php) was hardened, but...

4.3CVSS6AI score0.00056EPSS

Exploits1References3Affected Software1

RedhatCVE•added 2026/02/28 7:45 p.m.•5 views

CVE-2026-25147

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, in portal/portalpayment.php, the patient id used for the page is taken from the request $pid = $REQUEST'pid' ?? $pid and $pid = $REQUEST'hiddenpatientcode' ?? null 0 ?...

7.1CVSS5.9AI score0.00132EPSS

Exploits1References1

Positive Technologies•added 2026/02/27 12:0 a.m.•3 views

PT-2026-22350

Name of the Vulnerable Software and Affected Versions OpenEMR versions prior to 8.0.0 Description OpenEMR is an electronic health records and medical practice management application. Prior to version 8.0.0, the patient ID used in portal/portal payment.php is obtained from the request $pid = $...

7.1CVSS5.9AI score0.00132EPSS

Exploits1References8

CNNVD•added 2026/02/02 12:0 a.m.•5 views

Cybozu Garoon 安全漏洞

Cybozu Garoon is a portal-based OA office system developed by Cybozu Corporation. This system provides functions such as portals, email, bookmarks, calendar management, bulletin boards, and file management. Versions of Cybozu Garoon from 5.0.0 to 6.0.3 have security vulnerabilities. These...

7.5CVSS6AI score0.00022EPSS

Exploits0References3

EUVD•added 2025/10/15 3:30 p.m.•4 views

EUVD-2025-34626

When a per-request policy is configured on a BIG-IP APM portal access virtual server, undisclosed traffic can cause the Traffic Management Microkernel TMM to terminate. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.7CVSS6.2AI score0.00102EPSS

Exploits0References2

OSV•added 2025/10/15 2:15 p.m.•1 views

CVE-2025-61960

8.7CVSS5.8AI score

Exploits0References1

NVD•added 2025/10/15 2:15 p.m.•4 views

CVE-2025-61960

8.7CVSS0.00102EPSS

Exploits0References1

Cvelist•added 2025/10/15 1:55 p.m.•8 views

CVE-2025-61960 BIG-IP APM portal access vulnerability

8.7CVSS0.00102EPSS

Exploits0References1

CVE•added 2025/10/15 1:55 p.m.•10 views

CVE-2025-61960

CVE-2025-61960 affects BIG-IP APM portal access. When a per-request policy is configured on a BIG-IP APM portal access virtual server, undisclosed traffic can trigger a NULL-pointer/related issue in TMM, causing the Traffic Management Microkernel (TMM) to terminate. This is a data-plane DoS risk ...

8.7CVSS6.4AI score0.00102EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2025/10/15 1:55 p.m.•2 views

CVE-2025-61960 BIG-IP APM portal access vulnerability

8.7CVSS6.4AI score0.00102EPSS

Exploits0References1

Tenable Nessus•added 2025/10/15 12:0 a.m.•2 views

F5 Networks BIG-IP : BIG-IP APM portal access vulnerability (K000156597)

The version of F5 Networks BIG-IP installed on the remote host is prior to 16.1.6.1 / 17.1.3 / 17.5.1.3. It is, therefore, affected by a vulnerability as referenced in the K000156597 advisory. When a per-request policy is configured on a BIG-IP APM portal access virtual server, undisclosed traffi...

8.7CVSS5.6AI score0.00102EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2014-7864

Malware in sbrugna...

4CVSS6.4AI score0.00171EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2016-9409

Malware in sbrugna...

6.6CVSS6.6AI score0.00745EPSS

Exploits0References5