CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

178 matches found

SUSE CVE•added 2026/05/13 3:54 p.m.•5 views

SUSE CVE-2017-1000065

Multiple Cross-site scripting XSS vulnerabilities in rpc.php in OpenMediaVault release 2.1 in Access Rights ManagementUsers functionality allows attackers to inject arbitrary web scripts and execute malicious scripts within an authenticated client's browser...

6.1CVSS6.5AI score0.00346EPSS

Exploits0References3

CNNVD•added 2026/03/29 12:0 a.m.•3 views

OpenClaw 安全漏洞

OpenClaw is a command line tool for rights management. A security vulnerability exists in versions of OpenClaw prior to 2026.3.11 that stems from insufficient authorization checking of subagent control requests, resulting in a leaf child agent being able to access the subagent control plane and...

9.3CVSS6AI score0.00006EPSS

Exploits0References2

CNVD•added 2026/03/12 12:0 a.m.•1 views

OpenClaw Identity Forgery Vulnerability

OpenClaw is an open source framework for Telegram bot rights management. OpenClaw suffers from an identity forgery vulnerability. An attacker can exploit this vulnerability to illegally manipulate bots by recycling usernames to disguise their identities and bypass privilege restrictions...

6.9CVSS5.8AI score0.00044EPSS

Exploits0References1

RedhatCVE•added 2026/03/04 1:57 a.m.•3 views

CVE-2026-0010

In onTransact of IDrmManagerService.cpp, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8.4CVSS6.1AI score0.00003EPSS

Exploits0References1

CVE•added 2026/03/02 6:42 p.m.•9 views

CVE-2026-0010

CVE-2026-0010 involves the IDrmManagerService.cpp onTransact function, where a missing bounds check allows an out-of-bounds write that could enable local escalation of privileges without user interaction. The vulnerability is reported across multiple feeds (Android-related CVE entry, Red Hat, CIR...

8.4CVSS6.1AI score0.00003EPSS

Exploits0References1Affected Software1

Cvelist•added 2026/03/02 6:42 p.m.•16 views

CVE-2026-0010

0.00003EPSS

Exploits0References1

CNNVD•added 2026/02/26 12:0 a.m.•4 views

Digital Arts FinalCode Client 代码问题漏洞

Digital Arts FinalCode Client is an enterprise-level information rights management client software developed by Digital Arts in Japan. The Digital Arts FinalCode Client has a code vulnerability that stems from issues with the DLL search path in the installer, which may allow arbitrary code to be...

8.4CVSS7.3AI score0.00021EPSS

Exploits0References2

Malwarebytes•added 2025/12/23 12:28 p.m.•4 views

Hacktivists claim near-total Spotify music scrape

Hacktivist group Anna’s Archive claims to have scraped almost all of Spotify’s catalog and is now seeding it via BitTorrent, effectively turning a streaming platform into a roughly 300 TB pirate “preservation archive.” On its blog, the group states: “A while ago, we discovered a way to scrape...

7.2AI score

Exploits0