CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

139 matches found

WP Helper Lite < 4.3 - Cross-Site Scripting

The WP Helper Lite WordPress plugin, in versions 4.3, returns all GET parameters unsanitized in the response, resulting in a reflected cross-site scripting vulnerability. id: CVE-2023-0448 info: name: WP Helper Lite 4.3 - Cross-Site Scripting author: ritikchaddha severity: medium description: | T...

6.1CVSS6.2AI score0.2765EPSS

Exploits2References4

EUVD•added 3 days ago•9 views

EUVD-2026-33734

OOM error is possible while attempting to add infinite amount of functions to Function Registry. Affected Spring Products and Versions: Spring Cloud Function 3.2.x: versions prior to 3.2.16 Spring Cloud Function 4.1.x: versions prior to 4.1.10 Spring Cloud Function 4.2.x: versions prior to 4.2.6...

5.7CVSS5.8AI score0.00017EPSS

Exploits0References1

Vulnrichment•added 3 days ago•5 views

CVE-2026-40989 Self Routing guard bypassed via function composition

Under infinite recursion in the routing layer, request-handling can cause OOM error. Affected Spring Products and Versions: Spring Cloud Function 3.2.x: versions prior to 3.2.16 Spring Cloud Function 4.1.x: versions prior to 4.1.10 Spring Cloud Function 4.2.x: versions prior to 4.2.6 Spring Cloud...

5.7CVSS5.8AI score0.00017EPSS

Exploits0References1

IBM Security Bulletins•added 2026/04/17 9:54 a.m.•3 views

Security Bulletin: Automation Assets in IBM Cloud Pak for Integration is vulnerable to vulnerability in axios

Summary Automation Assets in IBM Cloud Pak for Integration is vulnerable to vulnerability in axios. CVE-2026-25639 The vulnerability have been addressed. Vulnerability Details CVEID:CVE-2026-25639 DESCRIPTION: Axios is a promise based HTTP client for the browser and Node.js. Prior to versions...

7.5CVSS5.8AI score0.00044EPSS

Exploits1Affected Software1

EUVD•added 2026/04/07 2:45 p.m.•2 views

EUVD-2026-19665

text-generation-webui is an open-source web interface for running Large Language Models. Prior to 4.3, an unauthenticated path traversal vulnerability in loadtemplate allows reading files with .jinja, .jinja2, .yaml, or .yml extensions from anywhere on the server filesystem. For .jinja files the...

5.3CVSS5.9AI score0.00095EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 12:17 p.m.•3 views

CVE-2018-10051

iScripts SupportDesk v4.3 has XSS via the staff/inteligentsearchresult.php txtinteligentsearch parameter...

5.4CVSS5.9AI score0.00281EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 11:12 a.m.•5 views

CVE-2016-10896

The seo-redirection plugin before 4.3 for WordPress has stored XSS...

6.1CVSS6.8AI score0.0019EPSS

Exploits0References1

Vulnrichment•added 2025/10/30 10:50 a.m.•3 views

CVE-2025-53883 spacewalk-java has various XSS issues on search page

A Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability allows attackers to run arbitrary javascript via a reflected XSS issue in the search fields.This issue affects Container suse/manager/5.0/x8664/server:latest: from ? before 5.0.28-150600.3.36.8; SUSE Manag...

9.3CVSS5.6AI score0.00058EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2014-0065

Malware in sbrugna...

5CVSS6.3AI score0.00319EPSS

Exploits0References8

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2019-1060

Malware in sbrugna...

7.6CVSS7.7AI score0.0047EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-6365

Malware in sbrugna...

8.8CVSS8.6AI score0.00674EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2015-7747

Malware in sbrugna...

8.8CVSS7.6AI score0.03728EPSS

Exploits0References8

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2007-1583

Malware in sbrugna...

2.1CVSS6.1AI score0.00058EPSS

Exploits4References5

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-25141

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00155EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-47212

Malicious code in bioql PyPI...

7.8CVSS8.1AI score0.00057EPSS

Exploits0References2

RedhatCVE•added 2025/05/23 8:10 a.m.•3 views

CVE-2024-27967

Cross-Site Request Forgery CSRF vulnerability in Michael Leithold DSGVO All in one for WP.This issue affects DSGVO All in one for WP: from n/a through 4.3...

8.8CVSS8.6AI score0.00155EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 5:13 a.m.•15 views

CVE-2023-41801

Cross-Site Request Forgery CSRF vulnerability in AWP Classifieds Team Ad Directory & Listings by AWP Classifieds plugin = 4.3 versions...

8.8CVSS7AI score0.00051EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 12:5 a.m.•5 views

CVE-2022-44264

Dentsply Sirona Sidexis = 4.3 is vulnerable to Unquoted Service Path...

7.8CVSS6.8AI score0.00057EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 4:9 p.m.•2 views

CVE-2020-20979

An arbitrary file upload vulnerability in the moveuploadedfile function of LJCMS v4.3 allows attackers to execute arbitrary code...

9.8CVSS7.7AI score0.00853EPSS

Exploits1

SUSE CVE•added 2025/04/17 1:33 a.m.•2 views

SUSE CVE-2025-23392

A Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in spacewalk-java allows execution of arbitrary Javascript code on target systems.This issue affects Container suse/manager/5.0/x8664/server:5.0.4.7.19.1: from ? before 5.0.24-150600.3.25.1; Container...

5.2CVSS7AI score0.00082EPSS

Exploits0References8

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by