CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8226 matches found

RedhatCVE•added 2025/05/22 4:51 a.m.•10 views

CVE-2019-19411

USG9500 with versions of V500R001C30SPC100, V500R001C30SPC200, V500R001C30SPC600, V500R001C60SPC500, V500R005C00SPC100, V500R005C00SPC200 have an information leakage vulnerability. Due to improper processing of the initialization vector used in a specific encryption algorithm, an attacker who gai...

4.3CVSS6.4AI score0.01238EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:47 a.m.•6 views

CVE-2019-1010016

Dolibarr 6.0.4 is affected by: Cross Site Scripting XSS. The impact is: Cookie stealing. The component is: htdocs/product/stats/card.php. The attack vector is: Victim must click a specially crafted link sent by the attacker...

6.1CVSS6.4AI score0.0098EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 4:47 a.m.•7 views

CVE-2019-1010028

phpscriptsmall.com School College Portal with ERP Script 2.6.1 and earlier is affected by: Cross Site Scripting XSS. The impact is: Attack administrators and teachers, students and more. The component is: /pro-school/index.php?student/message/sendreply/. The attack vector is:...

6.1CVSS6.6AI score0.00675EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 4:31 a.m.•8 views

CVE-2011-3796

PrestaShop 1.4.0.6 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by product-sort.php and certain other files...

5CVSS6.5AI score0.01926EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:13 a.m.•5 views

CVE-2019-1010290

Babel: Multilingual site Babel All is affected by: Open Redirection. The impact is: Redirection to any URL, which is supplied to redirect.php in a "newurl" parameter. The component is: redirect.php. The attack vector is: The victim must open a link created by an attacker. Attacker may use any...

6.1CVSS6.7AI score0.04059EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 3:35 a.m.•8 views

CVE-2014-2313

Directory traversal vulnerability in the Importers plugin in Atlassian JIRA before 6.0.5 allows remote attackers to create arbitrary files via unspecified vectors...

4.3CVSS7.1AI score0.02064EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 3:15 a.m.•6 views

CVE-2015-1784

In nextgen-galery wordpress plugin before 2.0.77.3 there are two vulnerabilities which can allow an attacker to gain full access over the web application. The vulnerabilities lie in how the application validates user uploaded files and lack of security measures preventing unwanted HTTP requests...

8.8CVSS7.4AI score0.01551EPSS

Exploits1References1

OpenVAS•added 2025/05/22 12:0 a.m.•9 views

SUSE: Security Advisory (SUSE-SU-2025:01633-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS8.6AI score0.01944EPSS

Exploits5References21

OpenVAS•added 2025/05/22 12:0 a.m.•6 views

openSUSE Security Advisory (SUSE-SU-2025:01638-1)

4.3CVSS5.9AI score0.00149EPSS

Exploits0References6

OpenVAS•added 2025/05/22 12:0 a.m.•8 views

openSUSE Security Advisory (SUSE-SU-2025:1559-1)

6.5CVSS5.6AI score0.01913EPSS

Exploits2References5

OpenVAS•added 2025/05/22 12:0 a.m.•17 views

SUSE: Security Advisory (SUSE-SU-2025:01620-1)

7.8CVSS8.6AI score0.00253EPSS

Exploits0References50

RedhatCVE•added 2025/05/21 6:22 p.m.•6 views

CVE-1999-0146

The campas CGI program provided with some NCSA web servers allows an attacker to execute arbitrary commands via encoded carriage return characters in the query string, as demonstrated by reading the password file...

7.5CVSS8AI score0.14663EPSS

Exploits0References1

Microsoft Secure•added 2025/05/21 4:0 p.m.•23 views

Lumma Stealer: Breaking down the delivery techniques and capabilities of a prolific infostealer

Over the past year, Microsoft observed the persistent growth and operational sophistication of Lumma Stealer, an infostealer malware used by multiple financially motivated threat actors to target various industries. Our investigation into Lumma Stealer’s distribution infrastructure reveals a...

7.9AI score

Exploits0

RedHat Linux•added 2025/05/21 5:15 a.m.•5 views

kernel: vsock: Keep the binding until socket destruction

A flaw was found in the Linux kernel's virtual socket protocol network driver, where an improperly timed socket unbinding could result in a use-after-free issue. This flaw allows an attacker who can create and destroy arbitrary connections on virtual connections to read or modify system memory,...

7.8CVSS7.3AI score0.00824EPSS

Exploits3References5

OpenVAS•added 2025/05/19 12:0 a.m.•4 views

Huawei EulerOS: Security Advisory for dhcp (EulerOS-SA-2025-1201)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.5AI score0.02114EPSS

Exploits0References2

OpenVAS•added 2025/05/19 12:0 a.m.•8 views

Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2025-1471)

8.8CVSS7.1AI score0.00664EPSS

Exploits0References2

OpenVAS•added 2025/05/19 12:0 a.m.•4 views

Huawei EulerOS: Security Advisory for dhcp (EulerOS-SA-2025-1560)

7.5CVSS7.8AI score0.02114EPSS

Exploits0References2

OpenVAS•added 2025/05/19 12:0 a.m.•11 views

Huawei EulerOS: Security Advisory for edk2 (EulerOS-SA-2025-1470)