CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2025/12/17 4:6 a.m.•25 views

CVE-2025-64700

Cross-site request forgery vulnerability exists in GROWI v7.3.3 and earlier. If a user views a malicious page while logged in, the user may be tricked to do unintended operations...

5.1CVSS0.00016EPSS

CVE•added 2025/11/13 12:0 a.m.•6 views

CVE-2025-47220

Keyfactor SignServer (versions prior to 7.3.2) contains a local file enumeration vulnerability in the VISIBLE_SIGNATURE_CUSTOM_IMAGE_PATH used by PDFSigner and PAdESSigner. An admin user can set this path without restrictions; if the path points to an existing file readable by the application ser...

5.3CVSS6AI score0.0004EPSS

Exploits0References3Affected Software1

EUVD•added 2025/10/14 6:30 p.m.•2 views

EUVD-2024-55035

An Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability CWE-78 in FortiSOAR 7.6.0 through 7.6.1, 7.5.0 through 7.5.1, 7.4 all versions, 7.3 all versions may allow an attacker who has already obtained a non-login low privileged shell access via...

7CVSS6.5AI score0.00023EPSS

RedhatCVE•added 2025/09/24 6:31 p.m.•2 views

CVE-2025-58253

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Rameez Iqbal Real Estate Manager real-estate-manager allows DOM-Based XSS.This issue affects Real Estate Manager: from n/a through = 7.3...

6.5CVSS5.9AI score0.00042EPSS

NVD•added 2025/09/23 5:15 p.m.•4 views

CVE-2025-56304

Cross-site scripting XSS vulnerability in YzmCMS thru 7.3 via the referer header in the register page...

6.1CVSS0.00051EPSS

CNNVD•added 2025/01/09 12:0 a.m.•1 views

WordPress plugin WP Database Backup 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

7.5CVSS7.9AI score0.01362EPSS

CNNVD•added 2024/12/02 12:0 a.m.•3 views

Snap One OvrC 安全漏洞

Snap One OvrC is a free cloud-based remote management and monitoring platform from US-based Snap One. A security vulnerability exists in Snap One OvrC versions prior to 7.3, which stems from the ability to impersonate a Hub device and send requests to claim and unclaim the device.The attacker can...

8.8CVSS9.1AI score0.00295EPSS

CNNVD•added 2024/03/01 12:0 a.m.•2 views

OpenBSD Security Vulnerabilities

OpenBSD is a cross-platform, BSD-based, UNIX-like operating system from the Canadian OpenBSD project group. A security vulnerability exists in versions prior to OpenBSD 7.3 errata 016, which stems from an l2tp message containing an AVP of incorrect length that causes a crash...

7.5CVSS6.7AI score0.00065EPSS

Positive Technologies•added 2023/06/12 12:0 a.m.•5 views

PT-2023-24102 · WordPress · Katie Seaborn Zotpress

Name of the Vulnerable Software and Affected Versions: Katie Seaborn Zotpress plugin versions = 7.3.3 Description: The issue is related to an Unauth. Reflected Cross-Site Scripting XSS vulnerability. No information is provided about the estimated number of potentially affected devices worldwide o...

7.1CVSS6.2AI score0.06235EPSS

Exploits1References5

CNNVD•added 2023/03/10 12:0 a.m.•3 views

IBM Spectrum Symphony 输入验证错误漏洞

IBM Spectrum Symphony is a high performance computing software system from International Business Machines IBM. A security vulnerability exists in IBM Spectrum Symphony version 7.3, which stems from incorrect validation of user input in the HOST header...

6.1CVSS6.2AI score0.00165EPSS

CNNVD•added 2023/02/03 12:0 a.m.•4 views

Teradek Cube 跨站脚本漏洞

Teradek Cube is a video decoder from Teradek. A security vulnerability exists in Teradek Cube version 7.3.x and prior versions. An attacker could exploit the vulnerability to execute arbitrary code via the Friendly Name field in System Information Settings...

5.4CVSS6.3AI score0.00289EPSS

Exploits1References2

Redos•added 2021/12/24 12:0 a.m.•5 views

ROS-2-2452

2.2452 Notification on the update of the Red OS OPERATION SYSTEM MIS Due to quality improvement and bug fixing, an updated version of the "RED OS" Operating System "RED OS" 7.3 antimalware protection system has been released. You can contact the technical support service within the framework of...

7AI score

Exploits0

OSV•added 2021/05/05 4:15 p.m.•1 views

CVE-2021-20397

IBM QRadar SIEM 7.3 and 7.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 196017...

6.1CVSS6AI score0.00149EPSS

CNVD•added 2020/10/20 12:0 a.m.•2 views

HPE Intelligent Management Center (iMC) operationSelect Expression Language Injection Remote Code Execution Vulnerability

HPE Intelligent Management Center iMC is a suite of network intelligent management center solutions from Hewlett Packard Enterprise HPE. The solution provides network-wide visibility and enables comprehensive management of resources, services and users. A security vulnerability exists in HPE...

10CVSS7.1AI score0.06729EPSS

CNVD•added 2020/10/20 12:0 a.m.•1 views

HPE Intelligent Management Center (iMC) navigationTo Expression Language Injection Remote Code Execution Vulnerability

10CVSS7.1AI score0.06729EPSS

CNVD•added 2020/10/20 12:0 a.m.•2 views

HPE Intelligent Management Center (iMC) deployselectbootrom Expression Language Injection Remote Code Execution Vulnerability

10CVSS7.1AI score0.06729EPSS

CNVD•added 2020/10/20 12:0 a.m.•3 views

HPE Intelligent Management Center (iMC) eventinfo_content Expression Language Injection Remote Code Execution Vulnerability

10CVSS7.1AI score0.07205EPSS