CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

118 matches found

CNNVD•added 2026/01/30 12:0 a.m.•1 views

SourceCodester Pet Grooming Management Software Authorization Issues Vulnerabilities

SourceCodester Pet Grooming Management Software is an open-source pet grooming management system developed by SourceCodester. Version 1.0 of SourceCodester Pet Grooming Management Software has a licensing issue vulnerability. This vulnerability stems from incorrect handling of the groupid paramet...

8.8CVSS6.6AI score0.0002EPSS

Exploits1References6

RedhatCVE•added 2026/01/14 3:31 p.m.•4 views

CVE-2025-13444

OS Command Injection Remote Code Execution Vulnerability in API in Progress LoadMaster allows an authenticated attacker with “User Administration” permissions to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in the API input parameters...

8.4CVSS8.2AI score0.0005EPSS

Exploits0References1

RedhatCVE•added 2026/01/14 3:30 p.m.•1 views

CVE-2025-13447

8.4CVSS8.2AI score0.00156EPSS

Exploits0References1

NVD•added 2026/01/13 3:15 p.m.•2 views

CVE-2025-13444

8.4CVSS0.0005EPSS

Exploits0References4

Cvelist•added 2026/01/13 2:31 p.m.•15 views

CVE-2025-13447 OS Command Injection Remote Code Execution Vulnerability in Progress LoadMaster

8.4CVSS0.00156EPSS

Exploits0References4

EUVD•added 2026/01/13 2:31 p.m.•2 views

EUVD-2026-2346

8.4CVSS7.6AI score0.00156EPSS

Exploits0References5

CVE•added 2026/01/13 2:31 p.m.•11 views

CVE-2025-13447

CVE-2025-13447 corresponds to a remote code execution via OS Command Injection in Progress LoadMaster API. The connected ZDI advisories detail multiple command-injection flaws (delapikey, delcert, listapikeys, addapikey, getcipherset) that allow authenticated network-adjacent attackers to execute...

8.4CVSS7.7AI score0.00156EPSS

Exploits0References4Affected Software5

Vulnrichment•added 2026/01/13 2:26 p.m.•1 views

CVE-2025-13444 OS Command Injection Remote Code Execution Vulnerability in Progress LoadMaster

8.4CVSS7.7AI score0.0005EPSS

Exploits0References4

CVE•added 2026/01/13 2:26 p.m.•8 views

CVE-2025-13444

The CVE-2025-13444 family concerns OS Command Injection / Remote Code Execution in Progress Software Kemp LoadMaster. Connected ZDI advisories detail multiple command-injection flaws in LoadMaster commands (delapikey, getcipherset, listapikeys, delcert, addapikey) where unsanitized user data is p...

8.4CVSS7.7AI score0.0005EPSS

Exploits0References4Affected Software5

EUVD•added 2026/01/13 2:26 p.m.•3 views

EUVD-2026-2343

8.4CVSS7.6AI score0.00156EPSS

Exploits0References5

Positive Technologies•added 2026/01/13 12:0 a.m.•3 views

PT-2026-2443

Name of the Vulnerable Software and Affected Versions Progress LoadMaster affected versions not specified Description An authenticated attacker with “User Administration” permissions can execute arbitrary commands on the LoadMaster appliance. This is due to unsanitized input in the API input...

8.4CVSS5.8AI score0.00156EPSS

Exploits0References12

Positive Technologies•added 2026/01/13 12:0 a.m.•2 views

PT-2026-2442

8.4CVSS5.8AI score0.00156EPSS

Exploits0References8

RedhatCVE•added 2026/01/07 9:32 a.m.•5 views

CVE-2019-16268

Zoho ManageEngine Remote Access Plus 10.0.259 allows HTML injection via the Description field on the Admin - User Administration userMgmt.do?actionToCall=ShowUser screen...

4.8CVSS7.2AI score0.12442EPSS

Exploits1References1

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2011-2299

Malware in sbrugna...

7.5CVSS6.4AI score0.00685EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2021-19477

Malware in sbrugna...

4.3CVSS4.5AI score0.00489EPSS

Exploits0References5