CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

Cvelist•added 2026/05/27 2:43 p.m.•34 views

CVE-2026-44971 GuardDog: Blind GitHub URL rewrite in remote project scanning causes SSRF and `GH_TOKEN` exfiltration

GuardDog is a CLI tool to identify malicious PyPI packages. From 1.0.0 to 2.9.0, the programmatic remote project scanning path rewrites attacker-controlled repository URLs using a blind string replacement and then sends the caller's GitHub credentials with the resulting request. This allows an...

8.2CVSS0.00039EPSS

Exploits0References1

NVD•added 2026/05/25 3:16 p.m.•8 views

CVE-2018-25371

mooSocial Store Plugin 2.6 contains a blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries through the product parameter in URL rewrite functionality. Attackers can inject SQL code using boolean-based blind, time-based blind, or stacked query...

8.8CVSS0.0009EPSS

Exploits0References4

SUSE CVE•added 2026/04/13 11:26 p.m.•7 views

SUSE CVE-2026-31427

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntracksip: fix use of uninitialized rtpaddr in processsdp processsdp declares union nfinetaddr rtpaddr on the stack and passes it to the nfnatsip sdpsession hook after walking the SDP media descriptions. However...

4.5CVSS5.7AI score0.00027EPSS

Exploits0References17

NVD•added 2026/04/13 2:16 p.m.•0 views

CVE-2026-31427

5.5CVSS0.00027EPSS

Exploits0References8

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-23996

Malware in sbrugna...

4.9CVSS5.3AI score0.00232EPSS

Exploits1References2

RedhatCVE•added 2025/05/22 5:37 p.m.•6 views

CVE-2020-36519

Mimecast Email Security before 2020-01-10 allows any admin to spoof any domain, and pass DMARC alignment via SPF. This occurs through misuse of the address rewrite feature. The domain being spoofed must be a customer in the Mimecast grid from which the spoofing occurs...

4.9CVSS6.8AI score0.00232EPSS

Exploits1