CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

112 matches found

GithubExploit•added 2026/05/25 6:54 p.m.•70 views

Exploit for Incorrect Implementation of Authentication Algorithm in Google Android

popping a calc bash am start -n com.sec.android.app.popupcalc...

8.8CVSS5.9AI score0.00541EPSS

Exploits11

NVD•added 2026/04/17 9:16 p.m.•3 views

CVE-2026-35512

xrdp is an open source RDP server. Versions through 0.10.5 have a heap-based buffer overflow in the EGFX graphics dynamic virtual channel implementation due to insufficient validation of client-controlled size parameters, allowing an out-of-bounds write via crafted PDUs. Pre-authentication...

8.8CVSS0.00583EPSS

Exploits0References2

GithubExploit•added 2026/03/04 1:20 a.m.•148 views

Exploit for Improper Authentication in Cisco Catalyst_Sd-Wan_Manager

CVE-2026-20127---Cisco-SD-WAN-Preauth-RCE Cisco SD-WAN Zero-...

10CVSS7.3AI score0.57793EPSS

Exploits9

Packet Storm•added 2026/02/06 12:0 a.m.•166 views

📄 WordPress Tatsu 3.3.11 Shell Upload

WordPress Tatsu plugin version 3.3.11 proof of concept unauthenticated remote shell upload exploit. ============================================================================================================================================= | Title : WordPress Tatsu 3.3.11 Plugin Unauthenticated...

8.1CVSS5.4AI score0.83535EPSS

Exploits9

CNNVD•added 2026/02/03 12:0 a.m.•5 views

Victor CMS 代码问题漏洞

Victor CMS is an open-source content management system developed by Victor Alagwu in Nigeria. Version 1.0 of Victor CMS has code vulnerabilities; these vulnerabilities stem from the userimage parameter, which contains a file upload vulnerability that exploits authentication. This vulnerability...

8.8CVSS6AI score0.00471EPSS

Exploits1References3

RedhatCVE•added 2026/01/09 11:53 a.m.•4 views

CVE-2009-4905

Multiple cross-site request forgery CSRF vulnerabilities in index.php in Acc Statistics 1.1 allow remote attackers to hijack the authentication of administrators for requests that change 1 passwords, 2 usernames, and 3 e-mail addresses...

6.8CVSS7.7AI score0.00943EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 8:54 a.m.•5 views

CVE-2021-41187

DHIS 2 is an information system for data capture, management, validation, analytics and visualization. A SQL injection security vulnerability has been found in specific versions of DHIS2. This vulnerability affects the API endpoints for /api/trackedEntityInstances and api/events in DHIS2. The...

8.8CVSS7.7AI score0.00827EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:34 a.m.•6 views

CVE-2024-34070

Froxlor is open source server administration software. Prior to 2.1.9, a Stored Blind Cross-Site Scripting XSS vulnerability was identified in the Failed Login Attempts Logging Feature of the Froxlor Application. An unauthenticated User can inject malicious scripts in the loginname parameter on t...

9.6CVSS5.7AI score0.00963EPSS

Exploits2References1

RedhatCVE•added 2026/01/07 9:48 a.m.•7 views

CVE-2022-27461

In nopCommerce 4.50.1, an open redirect vulnerability can be triggered by luring a user to authenticate to a nopCommerce page by clicking on a crafted link...

6.1CVSS6.7AI score0.00703EPSS

Exploits1References1