Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
šŸ”„ Daily Hot!
šŸ’ŖšŸ½ CPE Enhanced Advisories
šŸ•¶ Shadow Exploits
šŸ•µšŸ¼ Vulners CPE
šŸ” Security news
šŸ’» Exploit updates
šŸ“‘ Blogs review
šŸ§ Linux vulnerabilities
šŸž Bugbounty
šŸ¤– AI High Score
šŸ“° CVE Feed
show all

11 matches found

RedhatCVE
RedhatCVEā€¢added 2026/01/09 10:18 a.m.ā€¢8 views

CVE-2019-18782

SuiteCRM 7.10.x prior to 7.10.21 and 7.11.x prior to 7.11.9 does not correctly implement the .htaccess protection mechanism...

5.3CVSS6.9AI score0.0087EPSS
Exploits0References1
EUVD
EUVDā€¢added 2025/10/03 8:7 p.m.ā€¢3 views

EUVD-2024-36074

Malicious code in bioql PyPI...

9CVSS6.6AI score0.00407EPSS
Exploits0References1
EUVD
EUVDā€¢added 2025/10/03 8:7 p.m.ā€¢5 views

EUVD-2025-23892

Malicious code in bioql PyPI...

8.8CVSS6.5AI score0.00348EPSS
Exploits0References2
EUVD
EUVDā€¢added 2025/10/03 8:7 p.m.ā€¢3 views

EUVD-2021-32614

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.02187EPSS
Exploits0References2
Vulnrichment
Vulnrichmentā€¢added 2025/08/06 11:15 p.m.ā€¢5 views

CVE-2025-54785 SuiteCRM is Vulnerable to PHP Object Injection in Reports

SuiteCRM is an open-source, enterprise-ready Customer Relationship Management CRM software application. In versions 7.14.6 and 8.8.0, user-supplied input is not validated/sanitized before it is passed to the unserialize function, which could lead to penetration, privilege escalation, sensitive da...

8.8CVSS6.1AI score0.00348EPSS
Exploits0References2
RedhatCVE
RedhatCVEā€¢added 2025/05/23 4:11 a.m.ā€¢12 views

CVE-2023-47643

SuiteCRM is a Customer Relationship Management CRM software application. Prior to version 8.4.2, Graphql Introspection is enabled without authentication, exposing the scheme defining all object types, arguments, and functions. An attacker can obtain the GraphQL schema and understand the entire...

5.3CVSS6.5AI score0.03002EPSS
Exploits1References1
RedhatCVE
RedhatCVEā€¢added 2025/05/22 5:11 p.m.ā€¢6 views

CVE-2020-8787

SuiteCRM 7.10.x versions prior to 7.10.23 and 7.11.x versions prior to 7.11.11 allow for an invalid Bean ID to be submitted...

7.5CVSS6.9AI score0.0088EPSS
Exploits0References1
CVE
CVEā€¢added 2025/01/07 12:0 a.m.ā€¢64 views

CVE-2022-45185

CVE-2022-45185 affects SuiteCRM 7.12.7. Authenticated users can upload malicious files through CRM functions, and Minecraft-likeā€¦ sorry, deserialization can be used to achieve code execution. The Red Hat and OSV entries confirm the same description. The documented impact is high (CVE-3.1 base sco...

8.8CVSS7.1AI score0.01117EPSS
Exploits1References3Affected Software1
Cvelist
Cvelistā€¢added 2024/06/10 5:24 p.m.ā€¢26 views

CVE-2024-36410 SuiteCRM authenticated SQL Injection in EmailUIAjax messages count controller

SuiteCRM is an open-source Customer Relationship Management CRM software application. In versions prior to 7.14.4 and 8.6.1, poor input validation allows for SQL Injection in EmailUIAjax messages count controller. Versions 7.14.4 and 8.6.1 contain a fix for this issue...

9.6CVSS0.00418EPSS
Exploits0References1
CNNVD
CNNVDā€¢added 2024/06/10 12:0 a.m.ā€¢3 views

SuiteCRM Security Breach

SuiteCRM is a customer relationship management system from the SuiteCRM team. A security vulnerability exists in SuiteCRM that stems from allowing unauthenticated IFrames to be added to certain inputs, leading to cross-site scripting attacks...

9CVSS6.2AI score0.00407EPSS
Exploits0References2
OSV
OSVā€¢added 2022/01/28 5:15 p.m.ā€¢13 views

CVE-2021-45899

SuiteCRM before 7.12.3 and 8.x before 8.0.2 allows PHAR deserialization that can lead to remote code execution...

9.8CVSS7.8AI score
Exploits0References2
Rows per page
Query Builder