CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

Tenable Nessus•added 2026/05/11 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2025-51495

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An integer overflow vulnerability exists in the WebSocket component of Mongoose 7.5 thru 7.17. By sending a specially crafted WebSocket request, an attacker can...

7.5CVSS6.2AI score0.00395EPSS

Exploits1References3

Positive Technologies•added 2025/08/22 12:0 a.m.•5 views

PT-2025-34371 · Ibm · Ibm Qradar Siem

Name of the Vulnerable Software and Affected Versions: IBM QRadar SIEM versions 7.5 through 7.5.0 Description: IBM QRadar SIEM Dashboard is susceptible to cross-site scripting. An authenticated user can embed arbitrary JavaScript code into the Web UI, potentially altering functionality and leadin...

5.4CVSS6.3AI score0.00166EPSS

Exploits0References5

RedhatCVE•added 2025/05/22 8:8 p.m.•4 views

CVE-2021-38126

Potential vulnerabilities have been identified in Micro Focus ArcSight Enterprise Security Manager, affecting versions 7.4.x and 7.5.x. The vulnerabilities could be remotely exploited resulting in Cross-Site Scripting XSS...

6.1CVSS6.8AI score0.00569EPSS

Exploits0References1

IBM Security Bulletins•added 2024/06/15 1:0 a.m.•30 views

Security Bulletin: IBM i is vulnerable to user profile enumeration due to a supplied table function in Db2 for i. [CVE-2024-31870]

Summary IBM i is vulnerable to a local user enumerating user profile names without authority to the user profile objects as described in the vulnerability details section. This bulletin identifies the steps to take to address the vulnerability as described in the remediation/fixes section...

3.3CVSS3.6AI score0.00171EPSS

Exploits0Affected Software5

Positive Technologies•added 2024/06/14 12:0 a.m.•4 views

PT-2024-5315 · Ibm · Ibm I

Name of the Vulnerable Software and Affected Versions: IBM i versions 7.2 through 7.5 Description: The issue is related to insufficient authority requirements, allowing a local user without administrator privileges to configure a physical file trigger. This can lead to the execution of the trigge...

7.8CVSS6.7AI score0.00155EPSS

Exploits0References9

Positive Technologies•added 2023/07/03 12:0 a.m.•4 views

PT-2023-23101

Name of the Vulnerable Software and Affected Versions: IBM i versions 7.2 through 7.5 Description: The issue allows a remote attacker to execute CL commands as QUSER, caused by an exploitation of DDM architecture. Approximately 856 devices are potentially affected. Recommendations: For IBM i...

9.8CVSS9.1AI score0.00789EPSS

Exploits0References14

OSV•added 2023/05/25 8:15 p.m.•3 views

DEBIAN-CVE-2023-0950

Improper Validation of Array Index vulnerability in the spreadsheet component of The Document Foundation LibreOffice allows an attacker to craft a spreadsheet document that will cause an array index underflow when loaded. In the affected versions of LibreOffice certain malformed spreadsheet...

7.8CVSS7.8AI score0.003EPSS

Exploits0References1

SUSE CVE•added 2023/02/15 3:29 a.m.•1 views

SUSE CVE-2022-21284

Vulnerability in the MySQL Cluster product of Oracle MySQL component: Cluster: General. Supported versions that are affected are 7.4.34 and prior, 7.5.24 and prior, 7.6.20 and prior and 8.0.27 and prior. Difficult to exploit vulnerability allows high privileged attacker with access to the physica...

6.3CVSS5.8AI score0.02686EPSS

Exploits0References3

Positive Technologies•added 2022/09/09 12:0 a.m.•5 views

PT-2022-22952 · Hans Matzen · Wp-Forecast

Name of the Vulnerable Software and Affected Versions: Hans Matzen's wp-forecast plugin versions = 7.5 Description: The issue is an Authenticated Stored Cross-Site Scripting XSS vulnerability. This means that an attacker with admin or higher privileges can inject malicious scripts into the...

4.8CVSS4.8AI score0.00437EPSS

Exploits0References5

NVD•added 2019/07/10 7:15 p.m.•16 views

CVE-2019-0319

The SAP Gateway, versions 7.5, 7.51, 7.52 and 7.53, allows an attacker to inject content which is displayed in the form of an error message. An attacker could thus mislead a user to believe this information is from the legitimate service when it's not...

7.5CVSS7.3AI score0.02511EPSS

Exploits1References7

OSV•added 2019/07/10 7:15 p.m.•2 views

CVE-2019-0321

ABAP Server and ABAP Platform SAP Basis, versions, 7.31, 7.4, 7.5, do not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability...

6.1CVSS6.3AI score0.01337EPSS

Exploits0References3

Positive Technologies•added 2019/04/02 12:0 a.m.•3 views

PT-2019-16888 · Ibm · Ibm Websphere Application Server Admin Console

Name of the Vulnerable Software and Affected Versions: IBM WebSphere Application Server Admin Console versions 7.5 through 9.0 Description: The issue is caused by improper parameter parsing, which could allow a remote attacker to consume all available CPU resources, resulting in a potential denia...

6.8CVSS6.5AI score0.03125EPSS

Exploits0References5

Prion•added 2018/04/10 3:29 p.m.•14 views

Design/Logic Flaw

IBM WebSphere MQ 7.5.x before 7.5.0.6 and 8.0.x before 8.0.0.3 allows remote authenticated users to obtain sensitive information via a man-in-the-middle attack, related to duplication of message data in cleartext outside the protected payload. IBM X-Force ID: 103482...

3.5CVSS5.6AI score0.00939EPSS

Exploits0References2Affected Software1

Prion•added 2013/12/17 3:21 p.m.•18 views

Cross site scripting

Cross-site scripting XSS vulnerability in IBM WebSphere Service Registry and Repository WSRR 7.5.x before 7.5.0.4 and 8.x through 8.0.0.2 allows remote authenticated users to inject arbitrary web script or HTML via vectors involving widgets...

3.5CVSS5.5AI score0.011EPSS

Exploits1References5Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by