CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1369 matches found

RedhatCVE•added 2026/01/09 12:44 p.m.•10 views

CVE-2005-1909

The web server control panel in 602LAN SUITE 2004 allows remote attackers to make it more difficult for the administrator to read portions of log files via a "...

4.3CVSS6.8AI score0.00992EPSS

Exploits1References1

OSV•added 2026/01/08 1:20 a.m.•5 views

CVE-2026-21883 Bokeh server applications have Incomplete Origin Validation in WebSockets

Bokeh is an interactive visualization library written in Python. In versions 3.8.1 and below, if a server is configured with an allowlist e.g., dashboard.corp, an attacker can register a domain like dashboard.corp.attacker.com or use a subdomain if applicable and lure a victim to visit it. The...

7.4CVSS6.3AI score0.00159EPSS

Exploits1References5

RedhatCVE•added 2026/01/07 9:41 a.m.•5 views

CVE-1999-0756

ColdFusion Administrator with Advanced Security enabled allows remote users to stop the ColdFusion server via the Start/Stop utility...

5CVSS7AI score0.01258EPSS

Exploits0References1

Positive Technologies•added 2025/10/20 12:0 a.m.•8 views

PT-2025-42747

Name of the Vulnerable Software and Affected Versions Excellent Infotek Document Management System affected versions not specified Description The Document Management System developed by Excellent Infotek is subject to an Arbitrary File Upload issue. This allows unauthenticated remote attackers t...

9.8CVSS8.2AI score0.00922EPSS

Exploits0References14

Snyk•added 2025/10/09 3:21 p.m.•3 views

Directory Traversal

Overview flowise is a Flowiseai Server Affected versions of this package are vulnerable to Directory Traversal via the WriteFile and ReadFile tools. An attacker can gain full control over the server, including executing arbitrary commands, by supplying crafted file paths that allow writing files ...

9.9CVSS7.6AI score0.11853EPSS

Exploits1References2