CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/03/27 5:9 p.m.•2 views

CVE-2025-55274

HCL Aftermarket DPC is affected by Cross-Origin Resource Sharing vulnerability. CORS misconfigurations includes the exposure of sensitive user information to attackers, unauthorized access to APIs, and possible data manipulation or leakage. If an attacker to exploit CORS misconfiguration, they...

4.3CVSS5.8AI score0.00014EPSS

Snyk•added 2026/03/03 9:25 p.m.•0 views

Authentication Bypass Using an Alternate Path or Channel

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Authentication Bypass Using an Alternate Path or Channel via the route classification process. An attacker can gain unauthorized access to protected API endpoints by submitting requests...

8.3CVSS5.8AI score0.00074EPSS

Positive Technologies•added 2026/01/20 12:0 a.m.•2 views

PT-2026-3768

Name of the Vulnerable Software and Affected Versions Apache Solr versions 5.3.0 through 9.10.0 Description Deployments of Apache Solr utilizing the Rule Based Authorization Plugin are susceptible to unauthorized access to certain Solr APIs. This occurs due to insufficient input validation within...

8.5CVSS5.9AI score0.00236EPSS

Exploits0References23

RedhatCVE•added 2025/11/12 2:3 p.m.•3 views

CVE-2025-11862

A security issue was discovered within Verve Asset Manager allowing unauthorized read-only users to read, update, and delete users via the API...

8.4CVSS6.7AI score0.00055EPSS

CNNVD•added 2025/10/27 12:0 a.m.•1 views

Liferay Portal和Liferay DXP 安全漏洞

Liferay Portal and Liferay DXP are both products of Liferay, Inc.Liferay Portal is a J2EE based portal solution. The solution uses technologies such as EJB as well as JMS and can be used as a Web publishing and sharing workspace, enterprise collaboration platform, social network, etc. Liferay DXP...

6.9CVSS6.5AI score0.00057EPSS

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2024-46875

Malicious code in bioql PyPI...

4.3CVSS6.5AI score0.00227EPSS

CNNVD•added 2025/08/20 12:0 a.m.•2 views

Radar 安全漏洞

Radar wind control engine is a lightweight real-time wind control engine by feihu.wang individual developers. A security vulnerability exists in Radar v1.0.8, which stems from improper access control and could lead to unauthorized access to sensitive APIs...

9.8CVSS6.5AI score0.00077EPSS

GithubExploit•added 2025/06/10 9:7 p.m.•329 views

Exploit for Deserialization of Untrusted Data in Wazuh

CVE-2025-24016 Wazuh Remote Code Execution RCE - PoC 🚨 De...

9.9CVSS10AI score0.93512EPSS

Exploits10

RedhatCVE•added 2025/05/23 5:15 a.m.•6 views

CVE-2023-47142

IBM Tivoli Application Dependency Discovery Manager 7.3.0.0 through 7.3.0.10 could allow an attacker on the organization's local network to escalate their privileges due to unauthorized API access. IBM X-Force ID: 270267...

8.8CVSS6.4AI score0.0004EPSS

Cvelist•added 2025/04/23 10:43 a.m.•12 views

CVE-2025-42604 Detailed Error Response Vulnerability in Meon KYC solutions

This vulnerability exists in Meon KYC solutions due to debug mode is enabled in certain API endpoints. A remote attacker could exploit this vulnerability by accessing certain unauthorized API endpoints leading to detailed error messages as response leading to disclosure of system related...

6.9CVSS0.0061EPSS

CISA•added 2024/09/20 12:0 p.m.•13 views

Versa Networks Releases Advisory for a Vulnerability in Versa Director, CVE-2024-45229

Versa Networks has released an advisory for a vulnerability CVE-2024-45229link is external affecting Versa Director. A cyber threat actor could exploit this vulnerability to exercise unauthorized REST APIs. CISA urges organizations to apply necessary updates, hunt for any malicious activity, repo...

6.6CVSS6.9AI score0.00248EPSS

Positive Technologies•added 2024/08/22 12:0 a.m.•3 views

PT-2024-26338 · Ibm · Ibm Openpages With Watson

Name of the Vulnerable Software and Affected Versions: IBM OpenPages with Watson versions 8.3 through 9.0 Description: The issue allows authenticated users to access sensitive information due to improper authorization controls on APIs. Recommendations: For versions 8.3 and 9.0, consider restricti...

6.5CVSS6.7AI score0.0013EPSS

Exploits0References7

CNNVD•added 2024/06/14 12:0 a.m.•2 views

Toshiba e-STUDIO Security Vulnerability

Toshiba e-STUDIO is a series of high-end office multifunction printers from Toshiba, Japan. A security vulnerability exists in Toshiba e-STUDIO that originates from the presence of a method of unauthorized access to certain APIs of the multifunction device's internal programs, which could allow...

9.8CVSS7.4AI score0.30575EPSS

Exploits1References4

NVD•added 2024/02/02 2:15 p.m.•6 views

CVE-2023-47142

8.8CVSS7.9AI score0.0004EPSS

Cvelist•added 2024/02/02 1:22 p.m.•16 views

CVE-2023-47142 IBM Tivoli Application Dependency Discovery Manager privilege escalation

7.5CVSS8.3AI score0.0004EPSS

Vulnrichment•added 2024/02/02 1:22 p.m.•13 views

CVE-2023-47142 IBM Tivoli Application Dependency Discovery Manager privilege escalation

7.5CVSS6.4AI score0.0004EPSS

CNNVD•added 2024/02/02 12:0 a.m.•2 views

IBM Tivoli Application Dependency Discovery Manager 权限许可和访问控制问题漏洞

IBM Tivoli Application Dependency Discovery Manager TADDM is a product in the suite of IT service management solutions from International Business Machines IBM. The product provides robust automated application mapping and discovery to help administrators understand the structure, state,...

8.8CVSS7AI score0.0004EPSS