CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

15 matches found

RedhatCVE•added 2026/01/09 9:50 a.m.•6 views

CVE-2020-24623

A potential security vulnerability has been identified in Hewlett Packard Enterprise Universal API Framework. The vulnerability could be remotely exploited to allow SQL injection in HPE Universal API Framework for VMware Esxi v2.5.2 and HPE Universal API Framework for Microsoft Hyper-V VHD...

6.5CVSS7.9AI score0.00148EPSS

Exploits0References1

Vulnrichment•added 2025/12/04 2:16 p.m.•5 views

CVE-2024-45538

Cross-Site Request Forgery CSRF vulnerability in WebAPI Framework in Synology DiskStation Manager DSM before 7.2.1-69057-2 and 7.2.2-72806 and Synology Unified Controller DSMUC before 3.1.4-23079 allows remote attackers to execute arbitrary code via unspecified vectors...

9.6CVSS7.6AI score0.00062EPSS

Exploits0References1

Positive Technologies•added 2025/12/04 12:0 a.m.•2 views

PT-2025-49024

Name of the Vulnerable Software and Affected Versions Synology DiskStation Manager DSM versions prior to 7.2.1-69057-2 Synology DiskStation Manager DSM versions 7.2.1-69057-2 through 7.2.2-72806 Synology Unified Controller DSMUC versions prior to 3.1.4-23079 Description A Cross-Site Request Forge...

9.6CVSS7.5AI score0.00062EPSS

Exploits0References8

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-17339

Malware in sbrugna...

6.5CVSS6.5AI score0.00148EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-24388

Malware in sbrugna...

4.7CVSS5.2AI score0.00069EPSS

Exploits0References2

Akamai Blog•added 2024/09/30 1:0 p.m.•10 views

Our New Carbon Calculator Report Supports 400 Days of Data

The new Carbon Calculator is supported by the latest reporting API framework, improves performance, and allows customers to monitor up to 400 days of data...

7.3AI score

Exploits0

NVD•added 2020/09/23 1:15 a.m.•8 views

CVE-2020-3117

A vulnerability in the API Framework of Cisco AsyncOS for Cisco Web Security Appliance WSA and Cisco Content Security Management Appliance SMA could allow an unauthenticated, remote attacker to inject crafted HTTP headers in the web server's response. The vulnerability is due to insufficient...

4.7CVSS0.00069EPSS

Exploits0References1

Prion•added 2020/09/23 1:15 a.m.•14 views

Input validation

4.3CVSS4.8AI score0.00069EPSS

Exploits0References1Affected Software2

Vulnrichment•added 2020/09/23 12:25 a.m.•10 views

CVE-2020-3117 Cisco Web Security Appliance and Cisco Content Security Management Appliance HTTP Header Injection Vulnerability

4.7CVSS6.8AI score0.00069EPSS

Exploits0References1

Zero Day Initiative•added 2020/09/21 12:0 a.m.•47 views

Hewlett Packard Enterprise Universal API Framework uaf_token SQL Injection Information Disclosure Vulnerability

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Hewlett Packard Enterprise Universal API Framework. Authentication is not required to exploit this vulnerability. The specific flaw exists within the connections resource. A crafted...

5.3CVSS1.7AI score0.00148EPSS

Exploits0References1

OSV•added 2020/09/18 5:15 p.m.•0 views

CVE-2020-24623

6.5CVSS6.5AI score

Exploits0References2

ATTACKERKB•added 2020/09/18 5:15 p.m.•1 views

CVE-2020-24623

6.5CVSS5.6AI score0.00148EPSS

Exploits0References4

CVE•added 2020/09/18 4:11 p.m.•43 views

CVE-2020-24623

CVE-2020-24623 affects Hewlett Packard Enterprise Universal API Framework (UAF) components for VMware ESXi v2.5.2 and HPE UAF for Microsoft Hyper-V (VHD). The reported issue is a SQL injection in the uaf_token header within the connections resource, exploitable by network-adjacent attackers. ZDI ...

6.5CVSS6.8AI score0.00148EPSS

Exploits0References2Affected Software1

Cisco•added 2020/01/22 4:0 p.m.•20 views

Cisco Web Security Appliance and Cisco Content Security Management Appliance HTTP Header Injection Vulnerability

4.7CVSS2.6AI score0.00069EPSS

Exploits0References1

CNVD•added 2018/07/24 12:0 a.m.•1 views

Unspecified Vulnerability in Oracle Sun Systems Products Suite Sun ZFS Storage Appliance Kit Component (CNVD-2019-36184)

Oracle Sun Systems Products Suite is a suite of Sun systems products from Oracle Corporation.Sun ZFS Storage Appliance Kit AK is one of the ZFS storage appliance kits. A security vulnerability exists in the API frameworks subcomponent of the Sun ZFS Storage AK prior to version 8.7.18 component of...

4CVSS4.4AI score0.00426EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by