CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-38782

Malicious code in bioql PyPI...

8.8CVSS6.5AI score0.00784EPSS

Exploits2References3

RedhatCVE•added 2025/05/22 11:8 p.m.•7 views

CVE-2022-35910

In Jellyfin before 10.8, stored XSS allows theft of an admin access token...

5.4CVSS5.8AI score0.0029EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 4:52 p.m.•8 views

CVE-2020-8657

An issue was discovered in EyesOfNetwork 5.3. The installation uses the same API key hardcoded as EONAPIKEY in include/apifunctions.php for API version 2.4.2 by default for all installations, hence allowing an attacker to calculate/guess the admin access token...

9.8CVSS6.7AI score0.88863EPSS

Exploits4References1

NVD•added 2022/08/19 1:15 p.m.•14 views

CVE-2022-35910

In Jellyfin before 10.8, stored XSS allows theft of an admin access token...

5.4CVSS0.0029EPSS

Exploits1References3

OSV•added 2022/08/19 1:15 p.m.•19 views

CVE-2022-35910

In Jellyfin before 10.8, stored XSS allows theft of an admin access token...

5.4CVSS8.4AI score0.00784EPSS

Exploits2References3

Prion•added 2022/08/19 1:15 p.m.•14 views

Cross site scripting

In Jellyfin before 10.8, stored XSS allows theft of an admin access token...

4.9CVSS5.2AI score0.00784EPSS

Exploits2References3Affected Software1

CVE•added 2022/08/19 11:52 a.m.•67 views

CVE-2022-35910

CVE-2022-35910 : The provided documents describe a stored XSS vulnerability in Jellyfin before version 10.8 that enables theft of an admin access token. The description does not specify the exact component, file, or version other than the product and pre-10.8 range, nor does it include explicit r...

5.4CVSS5.2AI score0.0029EPSS

Exploits1References3Affected Software1

CISA KEV Catalog•added 2021/11/03 12:0 a.m.•13 views

EyesOfNetwork Use of Hard-Coded Credentials Vulnerability

EyesOfNetwork contains a use of hard-coded credentials vulnerability, as it uses the same API key by default. Exploitation allows an attacker to calculate or guess the admin access token...

9.8CVSS8.9AI score0.88863EPSS

In wildExploits4

NVD•added 2020/02/06 6:15 p.m.•12 views

CVE-2020-8657

9.8CVSS9.4AI score0.88863EPSS

Exploits4References3

OSV•added 2020/02/06 6:15 p.m.•20 views

CVE-2020-8657

9.8CVSS6.7AI score0.88863EPSS

Exploits4References3

Prion•added 2020/02/06 6:15 p.m.•23 views

Hardcoded credentials

5CVSS9.3AI score0.88863EPSS

Exploits4References2Affected Software1

CVE•added 2020/02/06 5:48 p.m.•1072 views

CVE-2020-8657

Incident summary (CVE-2020-8657): EyesOfNetwork 5.3 is affected by a hardcoded API key vulnerability. The default API key (EONAPI_KEY) is stored in include/api_functions.php for API version 2.4.2, enabling an attacker to calculate/guess the admin access token and potentially gain administrative a...

9.8CVSS9.2AI score0.88863EPSS

In wildExploits4References3Affected Software1

ATTACKERKB•added 2020/02/06 12:0 a.m.•17 views

CVE-2020-8657

9.8CVSS4.5AI score0.88863EPSS

In wildExploits4References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by