CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

64 matches found

CVE-2026-11431

A path traversal vulnerability exists in the Projects Service download endpoint shared by Altium Enterprise Server and Altium 365. An authenticated user can supply a crafted path parameter that bypasses validation, allowing arbitrary files including entire directories returned as archives to be...

8.3CVSS5.5AI score0.00037EPSS

Exploits0References1

RedhatCVE•added yesterday•7 views

CVE-2026-11429

A path traversal vulnerability exists in the Git Service component shared by Altium Enterprise Server and Altium 365. The service accepts a sequence of post-clone file-manipulation operations that use user-supplied paths without validation, allowing an authenticated user with basic git access to...

9.4CVSS6.4AI score0.00437EPSS

Exploits0References1

NVD•added 3 days ago•6 views

CVE-2026-11424

A server-side request forgery SSRF vulnerability exists in a GraphQL service component shared by Altium Enterprise Server and Altium 365. An authenticated user can submit a request whose input is treated as a URL by the server and used to issue an outbound HTTP GET request without URL validation ...

8.3CVSS0.00038EPSS

Exploits0References1

AstraLinux•added 2026/05/20 5:53 a.m.•5 views

Astra Linux - уязвимость в pillow

In Pillow before 8.1.2, attackers can cause a denial of service due to excessive memory consumption. This occurs because the reported size of the contained image is not properly checked for an ICNS container. As a result, a memory allocation attempt can be quite large...

7.5CVSS6.9AI score0.00309EPSS

Exploits0References1

RedhatCVE•added 2026/02/21 7:30 p.m.•2 views

CVE-2025-68501

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mollie Mollie Payments for WooCommerce mollie-payments-for-woocommerce allows Reflected XSS.This issue affects Mollie Payments for WooCommerce: from n/a through = 8.1.1...

7.1CVSS5.5AI score0.00045EPSS

Exploits0References1

NVD•added 2026/02/20 4:22 p.m.•3 views

CVE-2025-68501

7.1CVSS0.00045EPSS

Exploits0References1

Vulnrichment•added 2026/02/20 3:46 p.m.•2 views

CVE-2025-68501 WordPress Mollie Payments for WooCommerce plugin <= 8.1.1 - Reflected Cross Site Scripting (XSS) vulnerability

5.3AI score0.00045EPSS

Exploits0References1

RedhatCVE•added 2025/11/07 1:46 p.m.•2 views

CVE-2025-46365

Dell CloudLink, versions prior 8.1.1, contain a Command Injection vulnerability which can be exploited by an Authenticated attacker to cause Command Injection on an affected Dell CloudLink...

6.7CVSS7.1AI score0.0002EPSS

Exploits0References1

CVE•added 2025/11/05 4:40 p.m.•7 views

CVE-2025-46365

Dell CloudLink prior to 8.1.1 contains a command injection vulnerability that can be exploited by an authenticated attacker with local access to execute arbitrary commands on the system. The issue is documented across multiple sources (NVD/CNA RH Red Hat, CNVD, CIRCL, CNNVD, etc.) with consistent...

6.7CVSS6.7AI score0.0002EPSS

Exploits0References1Affected Software1

Cvelist•added 2025/11/05 4:40 p.m.•3 views

CVE-2025-46365

Dell CloudLink, versions prior 8.1.1, contain a Command Injection vulnerability which can be exploited by an Authenticated attacker to cause Command Injection on an affected Dell CloudLink...

5.3CVSS0.0002EPSS

Exploits0References1

Cvelist•added 2025/11/05 4:36 p.m.•2 views

CVE-2025-46364

Dell CloudLink, versions prior to 8.1.1, contain a vulnerability where a privileged user with known password can run CLI Escape Vulnerability to gain control of system...

9.1CVSS0.00061EPSS

Exploits0References1

Positive Technologies•added 2025/11/05 12:0 a.m.•3 views

PT-2025-45143

Name of the Vulnerable Software and Affected Versions Dell CloudLink versions prior to 8.1.1 Description Dell CloudLink versions prior to 8.1.1 have a flaw that allows a user with elevated privileges to potentially escalate their privileges further or access the database, potentially leading to t...

6.7CVSS6.6AI score0.00018EPSS

Exploits0References3

CNNVD•added 2025/11/05 12:0 a.m.•1 views

Dell CloudLink 安全漏洞

Dell CloudLink is a data encryption and key management system from Dell USA. A command execution vulnerability exists in Dell CloudLink, which could be exploited by an attacker to execute arbitrary commands on the system...

9.1CVSS7.4AI score0.00061EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2021-0174

Malware in sbrugna...

7.5CVSS6.9AI score0.00459EPSS

Exploits0References12

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-2354

Malicious code in bioql PyPI...

9.1CVSS9.1AI score0.00996EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2023-2326

Malicious code in bioql PyPI...

9.1CVSS9AI score0.01304EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-2303

Malicious code in bioql PyPI...

8.6CVSS8.6AI score0.00845EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-44881

Malicious code in bioql PyPI...

5.3CVSS6.5AI score0.00242EPSS

Exploits0References1

Cvelist•added 2025/06/02 12:0 a.m.•11 views

CVE-2025-49112

setDeferredReply in networking.c in Valkey through 8.1.1 has an integer underflow for prev-size - prev-used...

3.1CVSS0.00087EPSS

Exploits0References3

RedhatCVE•added 2025/05/23 8:34 a.m.•2 views

CVE-2024-50455

Missing Authorization vulnerability in Benjamin Denis SEOPress wp-seopress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SEOPress: from n/a through = 8.1.1...

8.8CVSS5.9AI score0.00377EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by