CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

413 matches found

CVE-2026-35082

The ugw-logread method allows a remote attacker with user privileges to access arbitrary local files due to insufficient validation of user-supplied input...

8.8CVSS6AI score0.00136EPSS

Exploits0References2

ATTACKERKB•added 2 days ago•5 views

CVE-2026-35080

The ugw-restoreinfo method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...

8.1CVSS6AI score0.00105EPSS

Exploits0References2

Positive Technologies•added 2026/02/11 12:0 a.m.•5 views

PT-2026-7557

An improper neutralization of directives in statically saved code 'Static Code Injection' vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to access restricted data / files. We have already fixed the...

4.8CVSS5.7AI score0.00066EPSS

Exploits0References2

RedhatCVE•added 2026/01/09 10:55 a.m.•3 views

CVE-2022-23684

A vulnerability in the web-based management interface of AOS-CX could allow a remote authenticated user with read-only privileges to escalate their permissions to those of an administrative user. Successful exploitation of this vulnerability allows an attacker to escalate privileges beyond their...

8.8CVSS7AI score0.00396EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:9 a.m.•5 views

CVE-2019-11784

Improper access control in mail module notifications in Odoo Community 14.0 and earlier and Odoo Enterprise 14.0 and earlier, allows remote authenticated users to obtain access to arbitrary messages in conversations they were not a party to...

6.5CVSS6.6AI score0.00208EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:9 a.m.•3 views

CVE-2019-11785

Improper access control in mail module followers in Odoo Community 13.0 and earlier and Odoo Enterprise 13.0 and earlier, allows remote authenticated users to obtain access to messages posted on business records there were not given access to, and subscribe to receive future messages...

6.5CVSS6.5AI score0.00198EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:41 a.m.•1 views

CVE-1999-0678

A default configuration of Apache on Debian GNU/Linux sets the ServerRoot to /usr/doc, which allows remote users to read documentation files for the entire server...

5CVSS6.9AI score0.19858EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:38 a.m.•7 views

CVE-1999-0088

IRIX and AIX automountd services autofsd allow remote users to execute root commands...

10CVSS7.4AI score0.04464EPSS

Exploits0References1

Tenable Nessus•added 2025/10/14 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2025-9825

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 13.7 to 18.2.8, 18.3 before 18.3.4, and 18.4 before 18.4.2 that could have allowed...

6.5CVSS5.5AI score0.00008EPSS

Exploits1References2