CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

224 matches found

ManageEngine Desktop Central Java Deserialization

Zoho ManageEngine Desktop Central before 10.0.474 is vulnerable to a deserialization of untrusted data, which permits remote code execution. id: CVE-2020-10189 info: name: ManageEngine Desktop Central Java Deserialization author: king-alexander severity: critical description: | Zoho ManageEngine...

10CVSS7.8AI score0.94248EPSS

Exploits6References5

Nuclei•added 2026/05/12 8:3 a.m.•116 views

D-Link - Remote Command Execution

A Remote Command Execution RCE vulnerability exists in all series H/W revisions D-link DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L, and DIR-836L routers via the DDNS function in ncc2 binary file id: CVE-2021-45382 info: name: D-Link - Remote Command Execution author: king-alexander severity: critic...

10CVSS7.5AI score0.94352EPSS

Exploits1References5

CNNVD•added 2026/02/27 12:0 a.m.•2 views

pillow-heif 输入验证错误漏洞

Pillow-Heif is a Python library and Pillow plugin developed by Alexander Piskun for processing HEIF images. Versions of Pillow-Heif prior to 1.3.0 contained a vulnerability related to input validation errors. This vulnerability stemmed from integer overflows that bypassed boundary checks,...

9.1CVSS5.8AI score0.00029EPSS

Exploits1References4

Positive Technologies•added 2025/12/31 12:0 a.m.•3 views

PT-2025-54397

Missing Authorization vulnerability in Alexander AnyComment allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects AnyComment: from n/a through 0.3.6...

4.3CVSS7AI score0.00014EPSS

Exploits0References2

HackRead•added 2025/11/19 7:2 p.m.•4 views

UK Exposes Bulletproof Hosting Operator Linked to LockBit and Evil Corp

The operator, Alexander Volosovik, also known as “Yalishanda”, “Downlow” and “Stasvl,” ran a long-running bulletproof hosting operation used by top ransomware groups...

7AI score

Exploits0

EUVD•added 2025/11/06 6:32 p.m.•2 views

EUVD-2025-38107

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Alexander AnyComment anycomment allows PHP Local File Inclusion.This issue affects AnyComment: from n/a through = 0.3.6...

6.6AI score0.00113EPSS

Exploits0References2

NVD•added 2025/10/22 3:15 p.m.•1 views

CVE-2025-48091

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Alexander AnyComment anycomment allows SQL Injection.This issue affects AnyComment: from n/a through = 0.3.6...

8.5CVSS0.00037EPSS

Exploits0References1

Positive Technologies•added 2025/10/22 12:0 a.m.•2 views

PT-2025-43154

Name of the Vulnerable Software and Affected Versions Alexander AnyComment versions through 0.3.6 Description A flaw exists in Alexander AnyComment that allows for SQL Injection. The issue is due to improper neutralization of special elements used in an SQL command. This could allow an attacker t...

8.5CVSS7AI score0.00037EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2021-10328

Malware in sbrugna...

8.8CVSS8.5AI score0.00107EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-23443

Malware in sbrugna...

5.4CVSS5.6AI score0.0018EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-52117