CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 3 days ago•18 views

CVE-2026-56314 Capgo - Deleted Bundle Selection via Missing Deletion Filter in /updates Endpoint

7.1CVSS0.00302EPSS

ATTACKERKB•added 3 days ago•4 views

CVE-2026-56314

7.1CVSS5.8AI score0.00302EPSS

Exploits0References3

EUVD•added 3 days ago•5 views

EUVD-2026-38371

7.1CVSS5.8AI score0.00302EPSS

vulnersOsv•added 2026/04/16 10:51 p.m.•5 views

@saltcorn/cli (>=1.6.0-alpha.0 <=1.6.0-beta.12), @saltcorn/mobile-builder (>=1.6.0-alpha.0 <=1.6.0-beta.12) potentially affected by CVE-2026-41478 via @saltcorn/mobile-app (>=1.6.0-alpha.0 <=1.6.0-beta.4)

@saltcorn/mobile-app NPM version =1.6.0-alpha.0, =1.6.0-alpha.0, =1.6.0-alpha.0, =1.6.0-beta.12 Source cves: CVE-2026-41478 Source advisory: SNYK:JS-SALTCORNMOBILEAPP-16110990...

9.9CVSS5.4AI score0.00264EPSS

OSV•added 2026/01/12 10:16 p.m.•3 views

CVE-2025-12420

A vulnerability has been identified in the ServiceNow AI Platform that could enable an unauthenticated user to impersonate another user and perform the operations that the impersonated user is entitled to perform. ServiceNow has addressed this vulnerability by deploying a relevant security update...

9.8CVSS5.7AI score0.4549EPSS

NVD•added 2026/01/12 10:16 p.m.•13 views

CVE-2025-12420

10CVSS0.4549EPSS

Vulnrichment•added 2026/01/12 9:29 p.m.•4 views

CVE-2025-12420 Unauthenticated Privilege Escalation in ServiceNow AI Platform

10CVSS6.6AI score0.4549EPSS

CNNVD•added 2025/10/30 12:0 a.m.•3 views

ABC Fine Wine & Spirits Android App 安全漏洞

ABC Fine Wine & Spirits Android App is a wine shopping app by ABC Fine Wine & Spirits. A security vulnerability exists in ABC Fine Wine & Spirits Android App v.11.27.5 and earlier versions, which stems from improper access control of the login mechanism and could lead to bypassing login checks an...

7.5CVSS6.6AI score0.00318EPSS

RedhatCVE•added 2025/08/16 9:26 a.m.•13 views

CVE-2025-48861

A vulnerability in the Task API endpoint of the ctrlX OS setup mechanism allowed a remote, unauthenticated attacker to access and extract internal application data, including potential debug logs and the version of installed apps...

5.3CVSS7.1AI score0.00279EPSS

vulnersOsv•added 2025/08/14 6:52 p.m.•4 views

@deck/app (>=1.0.1 <=1.4.11), octophant (=0.1.0) potentially affected by unknown CVE via rimraf-glob (=0.0.0)

rimraf-glob NPM version =0.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on rimraf-glob and may be impacted: - @deck/app =1.0.1, =1.4.11 - octophant =0.1.0 Source cves: unknown CVE Source advisory: OSV:MAL-2025-32233...

5.8AI score

NVD•added 2025/08/14 9:15 a.m.•8 views

CVE-2025-48861

5.3CVSS0.00279EPSS

CVE•added 2025/08/14 9:7 a.m.•16 views

CVE-2025-48861

CVE-2025-48861 describes a vulnerability in the Task API endpoint of the ctrlX OS setup mechanism, where an unauthenticated, remote attacker could access and exfiltrate internal application data (e.g., debug logs and the version of installed apps). Public sources consistently tie the issue to ina...

5.3CVSS7.2AI score0.00279EPSS

Cvelist•added 2025/08/14 9:7 a.m.•13 views

CVE-2025-48861

5.3CVSS0.00279EPSS

Vulnrichment•added 2025/08/14 9:7 a.m.•4 views

CVE-2025-48861

5.3CVSS7.2AI score0.00279EPSS

OSV•added 2023/07/26 6:15 a.m.•3 views

CVE-2023-20891

The VMware Tanzu Application Service for VMs and Isolation Segment contain an information disclosure vulnerability due to the logging of credentials in hex encoding in platform system audit logs. A malicious non-admin user who has access to the platform system audit logs can access hex encoded CF...

6.5CVSS5.8AI score0.00528EPSS

CNNVD•added 2023/05/08 12:0 a.m.•5 views

Western Digital My Cloud 安全漏洞

Western Digital My Cloud is a personal cloud storage device from Western Digital. A security vulnerability exists in Western Digital My Cloud that stems from a lack of authentication checks on private IPs. An attacker could exploit this vulnerability to obtain information about the device. The...

4.3CVSS5.2AI score0.00455EPSS

OSV•added 2023/05/06 2:15 a.m.•1 views

CVE-2022-22313

IBM QRadar Data Synchronization App 1.0 through 3.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 217370...

7.5CVSS5.8AI score0.00436EPSS

vulnersOsv•added 2022/05/14 3:41 a.m.•2 views

org.cloudfoundry.identity:cloudfoundry-identity-api (>=3.0.0 <=4.11.0), org.cloudfoundry.identity:cloudfoundry-identity-app (>=3.0.0 <=4.11.0) +1 more potentially affected by CVE-2018-1192 via org.cloudfoundry.identity:cloudfoundry-identity-server (>=3.0.0 <=4.5.0)

org.cloudfoundry.identity:cloudfoundry-identity-server MAVEN version =3.0.0, =3.0.0, =3.0.0, =3.0.0, =4.30.0 Source cves: CVE-2018-1192 Source advisory: OSV:GHSA-XG5V-696H-C3VR...

8.8CVSS7.2AI score0.01035EPSS

vulnersOsv•added 2022/05/13 1:10 a.m.•4 views

org.cloudfoundry.identity:cloudfoundry-identity-api (>=4.1.0 <=4.11.0), org.cloudfoundry.identity:cloudfoundry-identity-app (>=4.1.0 <=4.11.0) +1 more potentially affected by CVE-2017-8031 via org.cloudfoundry.identity:cloudfoundry-identity-server (>=4.10.0 <=4.5.0)

org.cloudfoundry.identity:cloudfoundry-identity-server MAVEN version =4.10.0, =4.1.0, =4.1.0, =3.3.0.6, =4.30.0 Source cves: CVE-2017-8031 Source advisory: OSV:GHSA-J4P3-2M2H-CV5F...

5.3CVSS6AI score0.01086EPSS