CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A tab nabbing vulnerability was discovered in Roundcube webmail. This vulnerability allowed a malicious website opened in a new tab to access the initial tab and change its location. This could be exploited to perform phishing attacks...

6.8AI score

Exploits0

GithubExploit•added 2025/09/19 6:7 a.m.•652 views

Exploit for CVE-2025-49113

CVE-2025-49113 - Roundcube Webmail Remote Code Execution Vulne...

9.9CVSS9AI score0.89163EPSS

Exploits29

GithubExploit•added 2025/09/19 6:7 a.m.•494 views

Exploit for CVE-2025-49113

CVE-2025-49113 - Roundcube Webmail Remote Code Execution Vulne...

9.9CVSS9AI score0.89163EPSS

Exploits29

Tenable Nessus•added 2025/08/30 12:0 a.m.•6 views

Linux Distros Unpatched Vulnerability : CVE-2024-42008

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Cross-Site Scripting vulnerability in rcmailactionmailget-run in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a remote attacker to steal and send...

9.3CVSS6.1AI score0.32265EPSS

Exploits4References2

Tenable Nessus•added 2025/08/30 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2024-37384

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via list columns from user preferences. CVE-2024-37384 Note that Nessus relies on the presence ...

6.1CVSS5.7AI score0.00498EPSS

Exploits0References2

Tenable Nessus•added 2025/08/30 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2024-57004

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Cross-Site Scripting XSS vulnerability in Roundcube Webmail 1.6.9 allows remote authenticated users to upload a malicious file as an email attachment, leading t...

6.1CVSS5.8AI score0.27762EPSS

Exploits1References3

GithubExploit•added 2025/08/29 8:40 p.m.•264 views

Exploit for CVE-2025-49113

Python Script for CVE-2025-49113 Usage: python exploit.py...

9.9CVSS9.3AI score0.89163EPSS

Exploits29

Tenable Nessus•added 2025/08/27 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2024-42009

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A Cross-Site Scripting vulnerability in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a remote attacker to steal and send emails of a victim via a...

9.3CVSS7.5AI score0.82853EPSS

Exploits6References2

Tenable Nessus•added 2025/08/27 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2023-43770

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Roundcube before 1.4.14, 1.5.x before 1.5.4, and 1.6.x before 1.6.3 allows XSS via text/plain e-mail messages with crafted links because of...

6.1CVSS6.4AI score0.56895EPSS

Exploits2References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by