CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

131 matches found

CNNVD•added 2026/06/01 12:0 a.m.•6 views

Apache Airflow 信息泄露漏洞

Apache Airflow is an open-source platform developed by the Apache Foundation in the United States. It allows for the creation, management, and monitoring of workflows. Versions of Apache Airflow prior to 3.2.2 contained security vulnerabilities. These vulnerabilities stemmed from REST API endpoin...

6.5CVSS5.8AI score0.0041EPSS

Exploits0References3

CNNVD•added 2026/05/29 12:0 a.m.•8 views

arcane 安全漏洞

Arcan is an open-source Docker management software developed by Arcane. Versions of Arcan prior to 1.19.0 contained security vulnerabilities. These vulnerabilities stemmed from multiple endpoints in the Huma-based REST API that did not call the checkAdmin helper function. Additionally, the...

9.9CVSS5.8AI score0.00387EPSS

Exploits0References2

Wolfi•added 2026/05/09 2:21 a.m.•15 views

GHSA-2283-WF8C-RW8R vulnerabilities

Vulnerabilities for packages: containerd, helm, secrets-store-csi-driver-provider-gcp, secrets-store-csi-driver, lvm-driver, tetragon, kyverno, aws-flb-firehose, kubernetes-csi-driver-nfs, istio, vault-benchmark, grafana-pyroscope, redka, buildah, terraform-provider-acme, cluster-autoscaler, mc,...

5.8AI score

Exploits0

CNNVD•added 2026/05/08 12:0 a.m.•7 views

New API 代码问题漏洞

The New API is an interface software developed by QuantumNous. Versions of the New API prior to 0.11.9-alpha.1 contained code vulnerabilities. These vulnerabilities stemmed from the lack of SSRF protection for the unspecified address 0.0.0.0, which could allow users with valid API tokens to bypas...

7.1CVSS5.9AI score0.00258EPSS

Exploits1References1

Positive Technologies•added 2026/05/08 12:0 a.m.•8 views

PT-2026-38868

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Libraries. Supported versions that are affected are Oracle Java SE: 21.0.8 and 25; Oracle GraalVM for JDK: 21.0.8; Oracle GraalVM Enterprise Edition: 21.3.15...

3.7CVSS5.8AI score0.00355EPSS

Exploits0References3

CNNVD•added 2026/04/15 12:0 a.m.•9 views

XWiki Platform 安全漏洞

The XWiki Platform is an open-source wiki platform designed for creating web collaboration applications. Versions of the XWiki Platform such as 1.8-rc-1, 17.0.0-rc-1, and 17.5.0-rc-1 and earlier contain security vulnerabilities. These vulnerabilities stem from resource exhaustion issues with the...

8.2CVSS5.8AI score0.00405EPSS

Exploits0References2

OSV•added 2026/04/14 12:7 a.m.•2 views

USN-8148-6 linux-azure, linux-azure-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Netfilter; - Network traffic control; CVE-2026-23060, CVE-2026-23074, CVE-2026-23111...

7.8CVSS5.9AI score0.00236EPSS

Exploits5References4

ATTACKERKB•added 2026/03/03 12:0 a.m.•5 views

CVE-2025-67840

Multiple authenticated OS command injection vulnerabilities exist in the Cohesity formerly Stone Ram TranZman 4.0 Build 14614 through TZM1757588060SEP2025FULL.depot web application API endpoints including Scheduler and Actions pages. The appliance directly concatenates user-controlled parameters...

7.2CVSS6.8AI score0.03686EPSS

Exploits2References4

Tenable Nessus•added 2026/01/20 12:0 a.m.•6 views

MiracleLinux 7 : rh-mariadb102-galera-25.3.29-1.el7, rh-mariadb102-mariadb-10.2.33-1.el7 (AXSA:2020-685:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-685:03 advisory. mysql: Server: Replication unspecified vulnerability CPU Apr 2019 CVE-2019-2614 mysql: Server: Security: Privileges unspecified vulnerability CPU Apr...

8.8CVSS7.5AI score0.03972EPSS

Exploits0References19

Tenable Nessus•added 2026/01/20 12:0 a.m.•6 views

MiracleLinux 8 : mysql:8.0 (AXSA:2020-844:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-844:01 advisory. mysql: Server: Security: Privileges multiple unspecified vulnerabilities CVE-2020-14663, CVE-2020-14678, CVE-2020-14697, CVE-2020-2761, CVE-2020-2774...

7.2CVSS7.7AI score0.03829EPSS

Exploits1References16

IBM Security Bulletins•added 2026/01/07 7:35 p.m.•6 views

Security Bulletin: multiple vulerability in IBM Spectrum Symphony with Bouncy Castle Java API

Summary multiple vulerability in IBM Spectrum Symphony with Bouncy Castle Java TLS API Vulnerability Details CVEID:CVE-2025-8916 DESCRIPTION: Allocation of Resources Without Limits or Throttling vulnerability in Legion of the Bouncy Castle Inc. BC Java bcpkix on All API modules, Legion of the...

6.3CVSS6.6AI score0.00505EPSS

Exploits0Affected Software1

Wallarm Lab•added 2025/10/31 11:0 a.m.•6 views

When APIs Become Attack Paths: What the Q3 2025 ThreatStats Report Tells Us

Wallarm’s latest Q3 2025 API ThreatStats report link placeholder reveals that API vulnerabilities, exploits, and breaches are not just increasing; they’re evolving. Malicious actors are shifting from code-level weaknesses to business logic flaws, from web apps to partner integrations, and from RE...

8.9AI score

Exploits0