CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

195 matches found

Microsoft CVE•added 2026/04/23 8:2 a.m.•1 views

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

...

4.9CVSS7.2AI score0.00047EPSS

Exploits0

NVD•added 2026/04/17 6:16 a.m.•1 views

CVE-2026-34018

An SQL injection vulnerability exists in CubeCart prior to 6.6.0, which may allow an attacker to execute an arbitrary SQL statement on the product...

9.8CVSS0.00034EPSS

Exploits0References2

CNNVD•added 2026/04/14 12:0 a.m.•1 views

Adobe DNG SDK 缓冲区错误漏洞

Adobe DNG SDK is the United States of America Audobee Adobe company's a software development kit to provide the ability to read and write DNG files. An out-of-bounds write vulnerability exists in Adobe DNG SDK, which can be exploited by an attacker to cause a denial of service in an application...

5.5CVSS5.8AI score0.00031EPSS

Exploits0References1

Positive Technologies•added 2026/03/31 12:0 a.m.•1 views

PT-2026-29302

An arbitrary file overwrite vulnerability in PEAKSEL D.O.O. NIS Animal Sounds and Ringtones v1.3.0 allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure...

6.4AI score0.00145EPSS

Exploits0References5

CNNVD•added 2026/03/27 12:0 a.m.•2 views

SourceCodester Online Food Ordering System 安全漏洞

The SourceCodester Online Food Ordering System is an open-source online meal ordering system developed by SourceCodester. Version 1.0 of the SourceCodester Online Food Ordering System contains a security vulnerability. This vulnerability arises from the improper cleaning of the id parameter in th...

9.8CVSS5.8AI score0.00049EPSS

Exploits1References1

Circl•added 2026/03/23 10:37 a.m.•0 views

CVE-2025-62845

creationtimestamp| type| source ---|---|--- 2026-03-23 10:37:14+00:00| seen| https://www.acn.gov.it/portale/w/vulnerabilita-in-prodotti-qnap-7 2026-03-23 14:40:07+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mhqc3gk4px2k...

8.4CVSS5.8AI score0.00018EPSS

Exploits0References2

Positive Technologies•added 2026/03/18 12:0 a.m.•2 views

PT-2026-26106

A stored cross-site scripting XSS vulnerability exists in the NotChatbot WebChat widget thru 1.4.4. User-supplied input is not properly sanitized before being stored and rendered in the chat conversation history. This allows an attacker to inject arbitrary JavaScript code which is executed when t...

5.4CVSS5.8AI score0.00013EPSS

Exploits0References7

Cvelist•added 2026/03/05 11:54 p.m.•23 views

CVE-2026-28720

Unauthorized modification of settings due to insufficient authorization checks. The following products are affected: Acronis Cyber Protect 17 Linux, Windows before build 41186...

4.3CVSS0.00045EPSS

Exploits0References1

EUVD•added 2026/03/03 8:42 p.m.•2 views

EUVD-2025-208262

IBM MQ Appliance 9.4 CD through 9.4.4.0 to 9.4.4.1...

5.9CVSS5.9AI score0.0001EPSS

Exploits0References1

Cvelist•added 2026/03/01 2:2 a.m.•19 views

CVE-2026-3378 Tenda F453 qossetting fromqossetting buffer overflow

A flaw has been found in Tenda F453 1.0.0.3. This affects the function fromqossetting of the file /goform/qossetting. Executing a manipulation of the argument qos can lead to buffer overflow. The attack can be launched remotely. The exploit has been published and may be used...

9CVSS0.00106EPSS

Exploits1References5

EUVD•added 2026/02/03 2:8 p.m.•2 views

EUVD-2026-5233

Cross-Site Request Forgery CSRF vulnerability in Copyscape Copyscape Premium copyscape-premium allows Cross Site Request Forgery.This issue affects Copyscape Premium: from n/a through = 1.4.1...

4.3CVSS5.3AI score0.00026EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:54 a.m.•5 views

CVE-2022-23137

ZTE's ZXCDN product has a reflective XSS vulnerability. The attacker could modify the parameters in the content clearing request url, and when a user clicks the url, an XSS attack will be triggered...

6.1CVSS6AI score0.00317EPSS

Exploits0References1

CVE•added 2025/12/09 10:44 a.m.•12 views

CVE-2025-40801

The CVE-2025-40801 family describes a vulnerability where the SALT (Siemens Advanced Licensing Toolkit) SDK omits server certificate validation when establishing TLS connections to the authorization server. This allows potential man-in-the-middle attacks affecting Siemens products such as COMOS, ...

9.2CVSS7.2AI score0.00025EPSS

Exploits0References2

EUVD•added 2025/12/05 9:2 p.m.•2 views

EUVD-2025-201494

A vulnerability was determined in TOZED ZLT M30S and ZLT M30S PRO 1.47/3.09.06. This impacts an unknown function of the file /reqproc/procpost of the component Web Interface. Executing manipulation of the argument goformId with the input REBOOTDEVICE can lead to denial of service. The attack can...

5.3CVSS5.6AI score0.0002EPSS

Exploits0References5

RedhatCVE•added 2025/11/27 6:2 p.m.•5 views

CVE-2025-64129

Zenitel TCIV-3+ is vulnerable to an out-of-bounds write vulnerability, which could allow a remote attacker to crash the device...

7.6CVSS7.1AI score0.00121EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2019-18936

Malware in sbrugna...

9.1CVSS9.3AI score0.00326EPSS

Exploits1References3