CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

276 matches found

ROOT-APP-PYPI-CVE-2024-25128 CVE-2024-25128 in rootio-Flask-AppBuilder - Patched by Root

Root has patched CVE-2024-25128 in the rootio-Flask-AppBuilder package for Root:PyPI. Multiple fixed versions available...

9.1CVSS5.4AI score0.0096EPSS

Exploits0

OSV•added 3 days ago•4 views

ROOT-APP-PYPI-CVE-2025-58065 CVE-2025-58065 in rootio-Flask-AppBuilder - Patched by Root

Root has patched CVE-2025-58065 in the rootio-Flask-AppBuilder package for Root:PyPI. Multiple fixed versions available...

6.5CVSS5.4AI score0.00028EPSS

Exploits0

OSV•added 3 days ago•4 views

ROOT-APP-PYPI-CVE-2023-34110 CVE-2023-34110 in rootio-Flask-AppBuilder - Patched by Root

Root has patched CVE-2023-34110 in the rootio-Flask-AppBuilder package for Root:PyPI. Multiple fixed versions available...

2.7CVSS5.4AI score0.00472EPSS

Exploits0

OSV•added 3 days ago•3 views

ROOT-APP-PYPI-CVE-2025-32962 CVE-2025-32962 in rootio-Flask-AppBuilder - Patched by Root

Root has patched CVE-2025-32962 in the rootio-Flask-AppBuilder package for Root:PyPI. Multiple fixed versions available...

4.3CVSS5.4AI score0.00198EPSS

Exploits0

RedhatCVE•added 2026/01/09 10:47 a.m.•8 views

CVE-2022-31177

Flask-AppBuilder is an application development framework built on top of Flask python framework. In versions prior to 4.1.3 an authenticated Admin user could query other users by their salted and hashed passwords strings. These filters could be made by using partial hashed password strings. The...

2.7CVSS6.5AI score0.00344EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:26 a.m.•3 views

CVE-2023-4554

Improper Restriction of XML External Entity Reference vulnerability in OpenText AppBuilder on Windows, Linux allows Server Side Request Forgery, Probe System Files. AppBuilder's XML processor is vulnerable to XML External Entity Processing XXE, allowing an authenticated user to upload specially...

6.5CVSS6.8AI score0.00033EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:57 a.m.•2 views

CVE-2023-4550

Improper Input Validation, Files or Directories Accessible to External Parties vulnerability in OpenText AppBuilder on Windows, Linux allows Probe System Files. An unauthenticated or authenticated user can abuse a page of AppBuilder to read arbitrary files on the server on which it is hosted. Thi...

7.5CVSS6.8AI score0.00074EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:57 a.m.•4 views

CVE-2023-4551

Improper Input Validation vulnerability in OpenText AppBuilder on Windows, Linux allows OS Command Injection. The AppBuilder's Scheduler functionality that facilitates creation of scheduled tasks is vulnerable to command injection. This allows authenticated users to inject arbitrary operating...

8.8CVSS7.5AI score0.00128EPSS

Exploits0References1

RedhatCVE•added 2025/12/22 1:35 p.m.•1 views

CVE-2025-67712

There is an HTML injection issue in Esri ArcGIS Web AppBuilder developer edition versions prior to 2.30 that allows a remote, unauthenticated attacker to potentially entice a user to click a link that causes arbitrary HTML to render in a victim's browser. There is no evidence of JavaScript...

4.7CVSS7.2AI score0.0006EPSS

Exploits0References1

EUVD•added 2025/12/19 9:30 p.m.•1 views

EUVD-2025-204604

4.7CVSS6.7AI score0.0006EPSS

Exploits0References2

NVD•added 2025/12/19 8:15 p.m.•0 views

CVE-2025-67712

4.7CVSS0.0006EPSS

Exploits0References2

CVE•added 2025/12/19 8:5 p.m.•11 views

CVE-2025-67712

CVE-2025-67712 is an HTML injection issue affecting Esri ArcGIS Web AppBuilder developer edition before 2.30. The vulnerability could allow a remote, unauthenticated attacker to entice a user to click a link that causes arbitrary HTML to render in the victim’s browser; there is no evidence of Jav...

4.7CVSS6.8AI score0.0006EPSS

Exploits0References2

Vulnrichment•added 2025/12/19 8:5 p.m.•4 views

CVE-2025-67712 HTML injection issue in ArcGIS Web App Builder

4.7CVSS6.8AI score0.0006EPSS

Exploits0References1

Positive Technologies•added 2025/12/19 12:0 a.m.•2 views

PT-2025-52514

Name of the Vulnerable Software and Affected Versions Esri ArcGIS Web AppBuilder developer edition versions prior to 2.30 Description An HTML injection issue exists in Esri ArcGIS Web AppBuilder developer edition that could allow a remote, unauthenticated attacker to cause arbitrary HTML to rende...

4.7CVSS7AI score0.0006EPSS

Exploits0References4

CNNVD•added 2025/12/19 12:0 a.m.•1 views

Esri ArcGIS Web AppBuilder 跨站脚本漏洞

Esri ArcGIS Web AppBuilder is a web application builder tool from Esri Corporation, USA. A cross-site scripting vulnerability exists in Esri ArcGIS Web AppBuilder developer edition prior to version 2.30, which originates from HTML injection and could lead to arbitrary HTML rendering...

4.7CVSS6.3AI score0.0006EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2021-0083

Malware in sbrugna...

5.3CVSS5.2AI score0.00429EPSS

Exploits0References12

EUVD•added 2025/10/07 12:30 a.m.•11 views

EUVD-2021-0081

Malware in sbrugna...

7.2CVSS6.4AI score0.00189EPSS

Exploits0References7