CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2026/01/26 11:29 a.m.•29 views

CVE-2016-15057 Apache Continuum: Command injection leading to RCE

0.03732EPSS

ATTACKERKB•added 2026/01/26 11:29 a.m.•6 views

CVE-2016-15057

9.9CVSS5.9AI score0.03732EPSS

Exploits0References3

OSV•added 2026/01/26 10:16 a.m.•3 views

CVE-2026-24656

Deserialization of Untrusted Data vulnerability in Apache Karaf Decanter. The Decanter log socket collector exposes the port 4560, without authentication. If the collector exposes allowed classes property, this configuration can be bypassed. It means that the log socket collector is vulnerable to...

3.7CVSS5.8AI score

NVD•added 2026/01/26 10:16 a.m.•6 views

CVE-2026-24656

3.7CVSS0.00655EPSS

Cvelist•added 2026/01/26 9:41 a.m.•33 views

CVE-2026-24656 Apache Karaf: Decanter log-socket collector has deserialization vulnerability

0.00655EPSS

ATTACKERKB•added 2026/01/26 9:41 a.m.•3 views

CVE-2026-24656

3.7CVSS5.8AI score0.00655EPSS

Rosalinux•added 2026/01/26 8:35 a.m.•5 views

Advisory ROSA-SA-2026-3115

software: apache 2.4.66 OS: ROSA-CHROME unaffected versions = apache-2.4.66-1 affected versions apache-2.4.66-1 CVE-ID: CVE-2025-66200 BDU-ID: 2025-15638 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the moduserdir module of the Apache HTTP Server web server involves bypassing the authentication...

8.3CVSS6.2AI score0.015EPSS

Exploits0

VulnCheck KEV•added 2026/01/26 12:0 a.m.•5 views

VulnCheck KEV: CVE-2016-15057

9.9CVSS6AI score0.03732EPSS

In wildExploits0References2

Positive Technologies•added 2026/01/26 12:0 a.m.•6 views

PT-2026-4763

5.9AI score0.03732EPSS

CNNVD•added 2026/01/26 12:0 a.m.•5 views

Apache Continuum 安全漏洞

Apache Continuum is a continuous integration server from the Apache Foundation. Apache Continuum suffers from a command injection vulnerability that stems from improper neutralization of special elements in commands, which can be exploited by an attacker to invoke arbitrary commands on the server...

9.9CVSS5.9AI score0.03732EPSS

Exploits0References3

CNNVD•added 2026/01/26 12:0 a.m.•5 views

Apache Karaf Decanter security vulnerability

Apache Karaf Decanter is a monitoring and alerting module of the Apache Foundation. Versions of Apache Karaf Decanter prior to 2.12.0 contained a security vulnerability, which stemmed from the log socket collector’s inability to deserialize trusted data, potentially leading to denial-of-service...

3.7CVSS5.8AI score0.00655EPSS

Exploits0References3

Packet Storm News•added 2026/01/26 12:0 a.m.•4 views

Apache bRPC 1.14.0 Exposure / Misconfiguration Checker

Apache bRPC versions 1.14.0 and below exposure and misconfiguration audit tool that does not exploit CVE-2025-60021 but rather validates unsafe exposure conditions that can lead to it...

9.8CVSS5.9AI score0.26163EPSS

Exploits3

IBM Security Bulletins•added 2026/01/25 11:57 a.m.•8 views

Security Bulletin: Multiple vulnerabilities in IBM® Db2® affect IBM® Db2® Big SQL.

Summary Multiple vulnerabilities in IBM® Db2® affect IBM® Db2® Big SQL 7 on Cloud Pak for Data 4.8 and earlier Vulnerability Details CVEID:CVE-2023-45853 DESCRIPTION: MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip464 via a long...

9.8CVSS8AI score0.02918EPSS

Exploits2Affected Software1

Positive Technologies•added 2026/01/25 12:0 a.m.•6 views

PT-2026-4647

Name of the Vulnerable Software and Affected Versions Apache Karaf Decanter versions prior to 2.12.0 Description The Decanter log socket collector in Apache Karaf has a deserialization issue. The collector operates on port 4560 without authentication. If the allowed classes property is exposed, i...

3.7CVSS5.9AI score0.00655EPSS

Exploits0References14

GithubExploit•added 2026/01/24 4:34 p.m.•212 views

Exploit for Path Traversal in Apache Http_Server

Apache 2.4.50 - Path Traversal or Remote Code Execution CVE-20...

9.8CVSS5.7AI score0.99964EPSS

Exploits60

Positive Technologies•added 2026/01/24 12:0 a.m.•5 views

PT-2026-4762

CVE-2026-24644 - Apache HTTP Server Unvalidated User Input CVE ID : CVE-2026-24644 Published : Jan. 24, 2026, 4:15 a.m. | 1 hour, 8 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Positive Technologies•added 2026/01/24 12:0 a.m.•8 views

PT-2026-4768

CVE-2026-24649 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2026-24649 Published : Jan. 24, 2026, 4:15 a.m. | 1 hour, 8 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...

Positive Technologies•added 2026/01/24 12:0 a.m.•5 views

PT-2026-4761

CVE-2026-24643 - Apache HTTP Server Remote Code Execution CVE ID : CVE-2026-24643 Published : Jan. 24, 2026, 4:15 a.m. | 1 hour, 8 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Positive Technologies•added 2026/01/24 12:0 a.m.•5 views

PT-2026-4766

CVE-2026-24647 - Apache HTTP Server Cross-Site Request Forgery CVE ID : CVE-2026-24647 Published : Jan. 24, 2026, 4:15 a.m. | 1 hour, 8 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and...