CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/01/09 10:41 a.m.•3 views

CVE-2022-35508

Proxmox Virtual Environment PVE and Proxmox Mail Gateway PMG are vulnerable to SSRF when proxying HTTP requests between pvepmgproxy and pvepmgdaemon. An attacker with an unprivileged account can craft an HTTP request to achieve SSRF and file disclosure of any files on the server. Also, in Proxmox...

9.8CVSS7AI score0.00688EPSS

RedhatCVE•added 2026/01/09 10:39 a.m.•5 views

CVE-2022-35507

A response-header CRLF injection vulnerability in the Proxmox Virtual Environment PVE and Proxmox Mail Gateway PMG web interface allows a remote attacker to set cookies for a victim's browser that are longer than the server expects, causing a client-side DoS. This affects Chromium-based browsers...

7.1CVSS7AI score0.35371EPSS

GithubExploit•added 2025/11/30 10:23 p.m.•155 views

Exploit for CVE-2024-21545

CVE-2024-21545-PoC Pro...

8.2CVSS7.1AI score0.00134EPSS

Exploits1

5.4CVSS6.6AI score0.00052EPSS

EUVD-2025-27406

Malicious code in bioql PyPI...

5.4CVSS6.6AI score0.00052EPSS

EUVD-2025-27389

Malicious code in bioql PyPI...

9CVSS9AI score0.00874EPSS

EUVD-2022-52892

Malicious code in bioql PyPI...

Exploits1References6

8.2CVSS6.6AI score0.00134EPSS

EUVD-2024-19198

Malicious code in bioql PyPI...

Exploits1References2

Veeam•added 2025/09/22 12:0 a.m.•121 views

Release Information for Veeam Plug-in for Proxmox VE v12.1.5.17

Requirements This update to the Veeam Plug-in for Proxmox VE requires: Veeam Backup & Replication build 12.3.2.3617 You can check the build number in the Veeam Backup & Replication Console's Main Menu ≡ under Help About. Veeam Plug-in for Proxmox VE build 12.1.3.217 You can check the current buil...

6.8AI score

Exploits0Affected Software1

RedhatCVE•added 2025/09/11 12:16 a.m.•4 views

CVE-2025-57538

A stored cross-site scripting XSS vulnerability in the HTTP Proxy field within the Datacenter configuration panel of Proxmox Virtual Environment PVE 8.4 allows an authenticated user to inject malicious input. The input is stored and executed in the context of other users' browsers when they view...

5.4CVSS5.6AI score0.00085EPSS

RedhatCVE•added 2025/09/11 12:16 a.m.•5 views

CVE-2025-57539

A stored cross-site scripting XSS vulnerability in the U2F Origin field of the Datacenter configuration in Proxmox Virtual Environment PVE 8.4 allows authenticated users to store malicious input. The payload is rendered unsafely in the Web UI and executed when viewed by other users, potentially...

5.4CVSS5.7AI score0.00052EPSS

NVD•added 2025/09/09 5:16 p.m.•3 views

CVE-2025-57538

5.4CVSS0.00085EPSS

NVD•added 2025/09/09 5:16 p.m.•7 views

CVE-2025-57540

A stored cross-site scripting XSS vulnerability exists in the WebAuthn Relying Party field within the Datacenter configuration of Proxmox Virtual Environment PVE 8.4. Authenticated users can inject JavaScript code that is later executed in the browsers of users who view the configuration page,...

5.4CVSS0.00052EPSS

OSV•added 2025/09/09 5:16 p.m.•0 views

CVE-2025-57538

5.4CVSS5.7AI score

Exploits0References3

CVE•added 2025/09/09 12:0 a.m.•14 views

CVE-2025-57539

Vulnerability summary (CVE-2025-57539) : Proxmox Virtual Environment 8.4 is affected by a stored XSS in the U2F Origin field of the Datacenter configuration. Authenticated users can store input that is rendered unsafely in the Web UI and executed when viewed by others, potentially enabling sessio...

5.4CVSS5.1AI score0.00052EPSS

Exploits1References3Affected Software1

Cvelist•added 2025/09/09 12:0 a.m.•6 views

CVE-2025-57540

0.00052EPSS