CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1503 matches found

RedhatCVE•added 2026/01/09 9:50 a.m.•6 views

CVE-2020-24384

A10 Networks ACOS and aGalaxy management Graphical User Interfaces GUIs have an unauthenticated Remote Code Execution RCE vulnerability that could be used to compromise affected ACOS systems. ACOS versions 3.2.x including and after 3.2.2, 4.x, and 5.1.x are affected. aGalaxy versions 3.0.x, 3.2.x...

10CVSS7.7AI score0.05638EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:11 a.m.•8 views

CVE-2022-35847

An improper neutralization of special elements used in a template engine vulnerability CWE-1336 in FortiSOAR management interface 7.2.0, 7.0.0 through 7.0.3, 6.4.0 through 6.4.4 may allow a remote and authenticated attacker to execute arbitrary code via a crafted payload...

8.8CVSS7.7AI score0.01429EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:1 a.m.•16 views

CVE-2023-43651

JumpServer is an open source bastion host. An authenticated user can exploit a vulnerability in MongoDB sessions to execute arbitrary commands, leading to remote code execution. This vulnerability may further be leveraged to gain root privileges on the system. Through the WEB CLI interface provid...

9.9CVSS8.6AI score0.05879EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 8:50 a.m.•7 views

CVE-2021-31500

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop 16.6.3.84. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

7.8CVSS6.8AI score0.00345EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:43 a.m.•11 views

CVE-2022-42395

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS6.9AI score0.00285EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:43 a.m.•15 views

CVE-2022-42415

7.8CVSS6.9AI score0.00621EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:43 a.m.•9 views

CVE-2022-42378

7.8CVSS6.9AI score0.00285EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:42 a.m.•8 views

CVE-2022-31137

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Versions prior to 6.1.1.0 are subject to a remote code execution vulnerability. System commands can be run remotely via the subprocessexecute function without processing the inputs received from the user in the...

10CVSS7.6AI score0.93971EPSS

Exploits15References1

RedhatCVE•added 2026/01/09 8:37 a.m.•6 views

CVE-2020-7820

Nexacro14/17 ExtCommonApiV13 Library under 2019.9.6 version contain a vulnerability that could allow remote attacker to execute arbitrary code by setting the arguments to the vulnerable API. This can be leveraged for code execution by rebooting the victim’s PC...

9.8CVSS8.1AI score0.00965EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:35 a.m.•14 views

CVE-2020-10881

This vulnerability allows remote attackers to execute arbitrary code on affected installations of TP-Link Archer A7 Firmware Ver: 190726 AC1750 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of DNS responses. A crafted DNS messa...

10CVSS7.5AI score0.23991EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 8:35 a.m.•6 views

CVE-2020-10896

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

7.8CVSS6.7AI score0.02165EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:48 a.m.•7 views

CVE-2022-27272

InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain a remote code execution RCE vulnerability via the function sub1791C. This vulnerability is triggered via a crafted packet...

9.8CVSS8.3AI score0.01345EPSS

Exploits1References1

RedhatCVE•added 2026/01/07 9:32 a.m.•5 views

CVE-2019-16114

In ATutor 2.2.4, an unauthenticated attacker can change the application settings and force it to use his crafted database, which allows him to gain access to the application. Next, he can change the directory that the application uploads files to, which allows him to achieve remote code execution...

9.8CVSS8.1AI score0.18282EPSS

Exploits1References1

RedhatCVE•added 2026/01/07 9:26 a.m.•4 views

CVE-2019-12733

SiteVision 4 allows Remote Code Execution...

9CVSS7.3AI score0.16675EPSS

Exploits5References1