CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

33 matches found

UBUNTU-CVE-2026-42253

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Apache ActiveMQ, Apache ActiveMQ Web. The MessageServlet in the ActiveMQ web console API copies every JMS message property into an HTTP response header without any validation. This can allow...

6.1CVSS5.8AI score0.00169EPSS

Exploits0References5

ATTACKERKB•added 3 days ago•7 views

CVE-2026-42253

5.8AI score0.00169EPSS

Exploits0References2Affected Software2

Vulnrichment•added 3 days ago•5 views

CVE-2026-42253 Apache ActiveMQ, Apache ActiveMQ Web: HTTP Response Header Injection via JMS Message Properties

5.8AI score0.00169EPSS

Exploits0References1

CVE•added 3 days ago•15 views

CVE-2026-46605

CVE-2026-46605 affects Apache ActiveMQ brokers. Insecure authorization allows authenticated users to remove existing destinations when permissions exist, before versions 6.2.6 (and 5.19.7) were released. Affected ranges include: Apache ActiveMQ Broker: before 5.19.7; from 6.0.0 before 6.2.6; Apac...

4.3CVSS5.8AI score0.00058EPSS

Exploits0References2Affected Software2

Tenable Nessus•added 2026/05/11 12:0 a.m.•3 views

Unity Linux 20.1070e Security Update: redis6 (UTSA-2026-017799)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017799 advisory. Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debuggers...

5.3CVSS5.8AI score0.00284EPSS

Exploits0References4

OSV•added 2024/08/22 7:46 p.m.•16 views

BIT-VALKEY-2021-32627 Integer overflow issue with Streams in Redis

Redis is an open source, in-memory database that persists on disk. In affected versions an integer overflow bug in Redis can be exploited to corrupt the heap and potentially result with remote code execution. The vulnerability involves changing the default proto-max-bulk-len and...

7.5CVSS8.3AI score0.00795EPSS

Exploits0References10

OSV•added 2024/08/22 7:45 p.m.•22 views

BIT-VALKEY-2021-32675 DoS vulnerability in Redis

Redis is an open source, in-memory database that persists on disk. When parsing an incoming Redis Standard Protocol RESP request, Redis allocates memory according to user-specified values which determine the number of elements in the multi-bulk header and size of each element in the bulk header. ...

7.5CVSS8.1AI score0.02855EPSS

Exploits0References11

SUSE CVE•added 2024/06/04 12:57 p.m.•1 views

SUSE CVE-2021-32672

Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debugger's protocol parser to read data beyond the actual buffer. This issue affects all versions of Redis with Lua debugging support 3.2 or newer...

3.1CVSS6.2AI score0.00284EPSS

Exploits0References5

OSV•added 2024/03/06 11:8 a.m.•28 views

BIT-REDIS-2021-32626 Lua scripts can overflow the heap-based Lua stack in Redis

Redis is an open source, in-memory database that persists on disk. In affected versions specially crafted Lua scripts executing in Redis can cause the heap-based Lua stack to be overflowed, due to incomplete checks for this condition. This can result with heap corruption and potentially remote co...

8.8CVSS8.9AI score0.01172EPSS

Exploits0References11

OSV•added 2024/03/06 11:7 a.m.•25 views

BIT-REDIS-2021-32687 Integer overflow issue with intsets in Redis

Redis is an open source, in-memory database that persists on disk. An integer overflow bug affecting all versions of Redis can be exploited to corrupt the heap and potentially be used to leak arbitrary contents of the heap or trigger remote code execution. The vulnerability involves changing the...

7.5CVSS8.4AI score0.01154EPSS

Exploits0References10

Patchstack•added 2023/10/13 12:0 a.m.•16 views

WordPress RumbleTalk Live Group Chat Plugin <= 6.2.5 is vulnerable to Broken Access Control

Software RumbleTalk Live Group Chat Type Plugin Vulnerable versions = 6.2.5 Fixed in 6.2.6 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-45828 Patch priority Medium CVSS severity Medium 5.4 Developer Claim ownership PSID 142311804af3 Credits Mika Require...

6.5AI score0.04681EPSS

Exploits1References2Affected Software1

Positive Technologies•added 2022/09/12 12:0 a.m.•3 views

PT-2022-12118 · Anydesk · Anydesk

Name of the Vulnerable Software and Affected Versions: AnyDesk versions prior to 6.2.6 AnyDesk versions 6.3.x prior to 6.3.3 Description: An issue was discovered in the AnyDesk software, where an unnecessarily open listening port is created on a machine in the LAN of an attacker when the tunnelin...

6.5CVSS6.4AI score0.00113EPSS

Exploits1References6

CBLMariner•added 2022/04/09 6:51 a.m.•26 views

CVE-2021-32672 affecting package redis for versions less than 6.2.6-1

CVE-2021-32672 affecting package redis for versions less than 6.2.6-1. An upgraded version of the package is available that resolves this issue...

5.3CVSS6.6AI score0.00284EPSS

Exploits0

CBLMariner•added 2022/04/09 6:51 a.m.•19 views

CVE-2021-32762 affecting package redis for versions less than 6.2.6-1

CVE-2021-32762 affecting package redis for versions less than 6.2.6-1. An upgraded version of the package is available that resolves this issue...

9CVSS6.5AI score0.00869EPSS

Exploits0

CBLMariner•added 2022/04/09 6:51 a.m.•12 views

CVE-2021-41099 affecting package redis for versions less than 6.2.6-1

CVE-2021-41099 affecting package redis for versions less than 6.2.6-1. An upgraded version of the package is available that resolves this issue...

7.5CVSS6.7AI score0.00403EPSS

Exploits0

NVD•added 2021/12/09 10:15 a.m.•9 views

CVE-2021-43071

A heap-based buffer overflow in Fortinet FortiWeb version 6.4.1 and 6.4.0, version 6.3.15 and below, version 6.2.6 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests to the LogReport API controller...

8.8CVSS0.00481EPSS

Exploits0References1

Vulnrichment•added 2021/12/08 12:33 p.m.•8 views

CVE-2021-43064

A url redirection to untrusted site 'open redirect' in Fortinet FortiWeb version 6.4.1 and 6.4.0, version 6.3.15 and below, version 6.2.6 and below allows attacker to use the device as a proxy and reach external or protected hosts via redirection handlers...

4.3CVSS6.7AI score0.00242EPSS

Exploits0References1

Prion•added 2021/10/04 6:15 p.m.•37 views

Design/Logic Flaw

6.5CVSS8.7AI score0.01172EPSS

Exploits0References10Affected Software4

Prion•added 2021/10/04 6:15 p.m.•36 views

Design/Logic Flaw

Redis is an open source, in-memory database that persists on disk. When using the Redis Lua Debugger, users can send malformed requests that cause the debugger’s protocol parser to read data beyond the actual buffer. This issue affects all versions of Redis with Lua debugging support 3.2 or newer...

4CVSS5.9AI score0.00284EPSS

Exploits0References9Affected Software5

UbuntuCve•added 2021/10/04 6:15 p.m.•45 views

CVE-2021-32626

8.8CVSS6.8AI score0.01172EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by