CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2049 matches found

Positive Technologies•added 2026/05/06 12:0 a.m.•4 views

PT-2026-37439

HCL DFXAnalytics is affected by a Using Components with Known Vulnerabilities flaw where the application utilizes unpatched libraries or sub-components, which could allow an attacker to identify and exploit publicly known security vulnerabilities to gain unauthorized access or compromise the...

3.7CVSS5.8AI score0.0005EPSS

Exploits0References2

OSV•added 2026/04/01 10:5 p.m.•1 views

GHSA-XGH5-W62M-8MPR CI4MS: Menu Management (Posts) Full Account Takeover for All-Roles & Privilege-Escalation via Stored DOM XSS

Summary Vulnerability: Stored DOM XSS via Posts Added to Menu Persistent Payload Injection - Stored Cross-Site Scripting via Unsafe Rendering of Post Entries in Menu Management Description The application fails to properly sanitize user-controlled input when adding Posts to navigation menus throu...

9.1CVSS6.2AI score0.0005EPSS

Exploits1References4

CNVD•added 2026/03/31 12:0 a.m.•1 views

Unspecified Vulnerability in HCL Aftermarket DPC (CNVD-2026-15833)

HCL Aftermarket DPC is a digital spare parts and aftermarket management platform for HCL India. HCL Aftermarket DPC has a security vulnerability that can be exploited by attackers to compromise the application using vulnerabilities available on the Internet...

6.5CVSS5.9AI score0.00023EPSS

Exploits0

EUVD•added 2026/03/26 3:30 p.m.•1 views

EUVD-2025-209079

HCL Aftermarket DPC is affected by Missing Functional Level Access Control which will allow attacker to escalate his privileges and may compromise the application and may steal and manipulate the data...

9.8CVSS5.8AI score0.00021EPSS

Exploits0References2

CVE•added 2026/03/26 1:10 p.m.•2 views

CVE-2025-55261

CVE-2025-55261 affects HCL Aftermarket DPC and is associated with a Missing Functional Level Access Control vulnerability that can enable privilege escalation and data manipulation within the application. The CVE is referenced across multiple sources (NVD, Red Hat, CNVD, EUVD, CIRCL, CVE List, vu...

9.8CVSS5.8AI score0.00021EPSS

Exploits0References1Affected Software1

EUVD•added 2026/03/26 12:30 p.m.•2 views

EUVD-2018-21663

SAT CFDI 3.3 contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the 'id' parameter in the signIn endpoint. Attackers can submit POST requests with boolean-based blind, stacked queries, or time-based blind SQL injection payloa...

8.8CVSS6AI score0.0005EPSS

Exploits0References4

OSV•added 2025/10/24 2:57 a.m.•1 views

MAL-2025-48592 Malicious code in discord-utils-enhanced (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 678d1a77a40407ca303a4cb46ec3bafa609ffa4d3e354eac59e799a499fb4b68 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score

Exploits0References3

EUVD•added 2025/10/13 6:32 a.m.•2 views

EUVD-2025-33960

HCL Unica Platform is affected by unprotected files due to improper access controls. These files may contain sensitive information such as private or system information that can be exploited by attackers to compromise the application, infrastructure, or users...

5.3CVSS6.1AI score0.00035EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-17108

Malware in sbrugna...

8.8CVSS8.8AI score0.00246EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-18620

Malware in sbrugna...

9.8CVSS9.3AI score0.00394EPSS

Exploits3References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-46451