CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

Jinher OA - SQL Injection

jinher jinheroa is an office automation software that facilitates workflow management and collaboration within organizations. It sits in the enterprise layer of the tech stack, is typically deployed as selfhosted, and—within the informationtechnology industry—serves the businessapps domain. id:...

9.8CVSS6.7AI score0.03559EPSS

Exploits2References3

Rosalinux•added 2026/03/22 6:55 p.m.•9 views

Advisory ROSA-SA-2026-3226

software: grub2 2.06 WASP: ROSA-CHROME unaffected versions = grub2-2.06-26 affected versions grub2-2.06-26 CVE-ID: CVE-2025-61662 BDU-ID: 2025-14786 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the gettext module of the Grub2 operating systems boot loader is related to the ability to use memory...

7.8CVSS5.8AI score0.0019EPSS

Exploits0

Nuclei•added 2026/02/04 7:0 a.m.•55 views

The Events Calendar <= 6.15.2 - Information Disclosure

The Events Calendar WordPress plugin = 6.15.2 contains an information disclosure vulnerability caused by REST endpoint exposure, letting unauthenticated attackers extract data about password-protected vendors or venues, exploit requires no authentication. id: CVE-2025-9808 info: name: The Events...

5.3CVSS6.2AI score0.00771EPSS

Exploits0References5

EUVD•added 2025/10/14 6:43 p.m.•6 views

EUVD-2025-34250

Argo Workflow may expose artifact repository credentials...

8.5CVSS6.5AI score0.00441EPSS

Exploits0References4

Rosalinux•added 2025/09/11 9:57 a.m.•4 views

Advisory ROSA-SA-2025-2991

software: ghostscript 9.56.1 OS: ROSA-CHROME unaffected versions = ghostscript-9.56.1-7 affected versions ghostscript-9.56.1-7 CVE-ID: CVE-2025-48708 BDU-ID: 2025-06028 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the gslibctxctxstashsanitizedarg function of the base/gslibctx.c file of the...

4CVSS6.5AI score0.00274EPSS

Exploits0

Positive Technologies•added 2024/12/14 12:0 a.m.•3 views

PT-2024-17597 · WordPress · Posts/Products Views For Woocommerce

Name of the Vulnerable Software and Affected Versions: Posts and Products Views for WooCommerce plugin for WordPress versions up to, and including, 2.1 Description: The issue is related to Stored Cross-Site Scripting via the plugin's 'papvfwc views' shortcode due to insufficient input sanitizatio...

6.4CVSS6.1AI score0.00287EPSS

Exploits0References7

Positive Technologies•added 2024/09/24 12:0 a.m.•6 views

PT-2024-37742 · WordPress · Spreadsheet Integration Plugin For Wordpress

Name of the Vulnerable Software and Affected Versions: The Spreadsheet Integration plugin for WordPress versions up to, and including, 3.7.9 Description: The issue is related to a missing capability check on several functions, allowing authenticated attackers with Subscriber-level access and abov...

6.3CVSS6.9AI score0.00311EPSS

Exploits0References9

Positive Technologies•added 2023/07/05 12:0 a.m.•1 views

PT-2023-22587

Name of the Vulnerable Software and Affected Versions Kodi Home Theater Software versions 19.5 and earlier Description A divide by zero issue in Kodi Home Theater Software allows attackers to cause a denial of service via the use of a crafted mp3 file. Recommendations For versions 19.5 and earlie...

7.5CVSS6.5AI score0.7763EPSS

Exploits8References30

Positive Technologies•added 2019/09/11 12:0 a.m.•9 views

PT-2019-5215 · WordPress · Wordpress

Name of the Vulnerable Software and Affected Versions: WordPress versions prior to 5.3.1 Description: The issue is related to a Cross-Site Scripting XSS error in the block editor of the WordPress content management system. This error can be exploited by authenticated users with lower privileges,...

9.8CVSS6.5AI score0.4375EPSS

Exploits16References75

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by