CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-2978

Malicious code in bioql PyPI...

4.3CVSS6.3AI score0.01616EPSS

Exploits0References4

RedhatCVE•added 2025/05/23 8:29 a.m.•4 views

CVE-2024-47836

Admidio is an open-source user management solution. Prior to version 4.3.12, an unsafe deserialization vulnerability allows any unauthenticated user to execute arbitrary code on the server. Version 4.3.12 fixes this issue...

4.3CVSS7.9AI score0.01616EPSS

Exploits0References1

Snyk•added 2025/04/25 3:31 p.m.•3 views

Incorrect Authorization

Overview moodle/moodle is a learning platform. Affected versions of this package are vulnerable to Incorrect Authorization due to insufficient capability checks in the messaging web service. An attacker can view other users' names and online statuses by exploiting this flaw. Remediation Upgrade...

5.3CVSS6.8AI score0.00096EPSS

Exploits0References2

Snyk•added 2025/04/25 3:31 p.m.•1 views

Improper Authentication

Overview moodle/moodle is a learning platform. Affected versions of this package are vulnerable to Improper Authentication due to improper handling of user session states during the multi-factor authentication process. An attacker can access sensitive information about other users by exploiting t...

5.3CVSS6.8AI score0.00098EPSS

Exploits0References2

Cvelist•added 2024/10/16 7:43 p.m.•18 views

CVE-2024-47836 Admidio vulnerable to HTML Injection In The Messages Section

3.5CVSS0.01616EPSS

Exploits0References1

CVE•added 2024/10/16 7:43 p.m.•62 views

CVE-2024-47836

Admidio CVE-2024-47836 affects versions prior to 4.3.12. The vulnerability is an unsafe deserialization flaw that allows any unauthenticated user to execute arbitrary code on the server. The issue is fixed in version 4.3.12. Public references describe potential impacts (data theft, session hijack...

4.3CVSS4.8AI score0.01616EPSS

Exploits0References1Affected Software1

CNNVD•added 2024/08/06 12:0 a.m.•2 views

GL.iNet多款产品安全漏洞

GL.iNet MT300N-V2 and others are products of China's GL.iNet GL.iNet.GL.iNet MT300N-V2 is a mini router.GL.iNet AR750S is a router.GL.iNet AR750 is a router.GL.iNet AR750 is a router. A security vulnerability exists in various GL.iNet products. The vulnerability stems from the fact that an attack...

6.5CVSS6.7AI score0.00092EPSS

Exploits1References3

Positive Technologies•added 2023/12/15 12:0 a.m.•2 views

PT-2023-31106 · Getsocial.Io · Social Share Buttons & Analytics Plugin

Name of the Vulnerable Software and Affected Versions: Social Share Buttons & Analytics Plugin – GetSocial.Io versions n/a through 4.3.12 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stored XS...

5.9CVSS5.8AI score0.00135EPSS

Exploits0References5

OSV•added 2022/10/13 5:34 a.m.•5 views

SUSE-SU-2022:3571-1 Security update for rubygem-puma

This update for rubygem-puma fixes the following issues: Updated to version 4.3.12: - CVE-2022-24790: Fixed HTTP request smuggling if proxy is not RFC7230 compliant bsc1197818...

9.1CVSS9.2AI score0.00417EPSS

Exploits0References3

OpenVAS•added 2021/07/07 12:0 a.m.•26 views

NTPd < 4.2.8p2, 4.3.x < 4.3.12 Keygen Vulnerability

NTPd is prone to a vulnerability in ntp-keygen. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ntp:ntp"; ifdescription...

7.5CVSS7.4AI score0.16556EPSS

Exploits0References2

OSV•added 2019/12/02 5:15 p.m.•2 views

CVE-2019-12518

Anviz CrossChex access control management software 4.3.8.0 and 4.3.12 is vulnerable to a buffer overflow vulnerability...

9.8CVSS7.6AI score

Exploits0References2