CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

22 matches found

Wiz blog•added 2026/02/27 3:33 p.m.•1 views

The Agile FedRAMP Playbook, Part 3: Preventative Risk Management by building Secure by Design

In the third part of our series, we explore Preventative Risk Management. We discuss how shifting security into the development lifecycle helps organizations meet FedRAMP requirements...

5.9AI score

Exploits0

EUVD•added 2025/10/07 12:30 a.m.•0 views

EUVD-2018-14295

Malware in sbrugna...

4.4CVSS4.9AI score0.0005EPSS

Exploits0References3

Fedora•added 2025/04/15 6:2 p.m.•5 views

[SECURITY] Fedora 42 Update: lemonldap-ng-2.21.0-1.fc42

LemonLdap::NG is a modular Web-SSO based on Apache::Session modules. It simplifies the build of a protected area with a few changes in the application. It manages both authentication and authorization and provides headers for accounting. So you can have a full AAA protection for your web space as...

7.6AI score

Exploits0

Fedora•added 2025/01/31 3:8 a.m.•7 views

[SECURITY] Fedora 41 Update: lemonldap-ng-2.20.2-1.fc41

7.3AI score

Exploits0

CNVD•added 2024/09/12 12:0 a.m.•11 views

Siemens SIMATIC RFID Readers Mishandling Vulnerability

SIMATIC RF600 Readers are used for contactless identification of a variety of objects such as shipping containers, pallets, production goods, or often for recording bulk goods.SIMATIC RF1100 is an RFID-based solution for simple and versatile electronic authorization management.SIMATIC RF360R read...

7.5CVSS6.8AI score0.0024EPSS

Exploits0References1

CNNVD•added 2023/10/31 12:0 a.m.•3 views

Atlassian Confluence Data Center and Confluence Server Security Vulnerabilities

Atlassian Confluence Server is the server version of Atlassian Australia's suite of collaboration software with enterprise knowledge management capabilities and support for building enterprise WiKi. A security vulnerability exists in Atlassian Confluence Data Center and Confluence Server that ste...

10CVSS6.8AI score0.94375EPSS

Exploits14References11

CNNVD•added 2023/03/05 12:0 a.m.•2 views

wallabag 授权问题漏洞

wallabag is a web application that allows you to save web pages for later reading. An authorization issue vulnerability exists in versions prior to wallabag 2.5.4 that stems from improper authorization management...

7.3CVSS6.5AI score0.00291EPSS

Exploits1References3

CNNVD•added 2023/01/26 12:0 a.m.•1 views

Open edX 安全漏洞

EDX Open edX is an online learning management system from EDX Corporation, USA. A security vulnerability exists in Open edX XBlock version 7.0.0 to versions prior to 7.2.2, which stems from a lack of authorization management...

5.4CVSS5.6AI score0.00151EPSS

Exploits0References2

Talos•added 2022/10/27 12:0 a.m.•41 views

InHand Networks InRouter302 httpd port 4444 upload.cgi leftover debug code vulnerability

Talos Vulnerability Report TALOS-2022-1522 InHand Networks InRouter302 httpd port 4444 upload.cgi leftover debug code vulnerability October 27, 2022 CVE Number CVE-2022-29888 SUMMARY A leftover debug code vulnerability exists in the httpd port 4444 upload.cgi functionality of InHand Networks...

8.1CVSS7.4AI score0.0154EPSS

Exploits1

CNVD•added 2022/06/20 12:0 a.m.•16 views

WAVLINK WN535 G3 Information Disclosure Vulnerability

WAVLINK WN535 G3 is a wireless router from WAVLINK China.WAVLINK WN535 G3 version M35G3R.V5030.180927 is vulnerable to an information disclosure vulnerability that stems from improper authorization management on the livemfg.shtml page, which could be exploited by an attacker to obtain sensitive...

7.5CVSS3AI score0.28752EPSS

Exploits2References1

CNVD•added 2022/06/20 12:0 a.m.•39 views

WAVLINK WN579 X3 Information Disclosure Vulnerability (CNVD-2022-61036)

The WAVLINK WN579 X3 is a wireless router from the Chinese company WAVLINK. An information disclosure vulnerability exists in WAVLINK WN579 X3 M79X3.V5030.180719 version, which originates from improper authorization management in /cgi-bin/ExportAllSettings.sh. An attacker can exploit this...

7.5CVSS7AI score0.50594EPSS

Exploits1References1

CNVD•added 2022/06/20 12:0 a.m.•29 views

WAVLINK AERIAL X 1200M Information Disclosure Vulnerability

WAVLINK AERIAL X 1200M, a WiFi extender from WAVLINK China, has an information disclosure vulnerability in version M79X3.V5030.191012, which stems from improper authorization management in the livemfg.shtml page, and can be exploited by attackers to The livemfg.shtml page can be used to execute t...

7.5CVSS4.4AI score0.00667EPSS

Exploits1References1

CNVD•added 2022/06/20 12:0 a.m.•23 views

WAVLINK AERIAL X 1200M Information Disclosure Vulnerability (CNVD-2022-61032)

WAVLINK AERIAL X 1200M, a WiFi extender from WAVLINK China, is vulnerable to an information disclosure vulnerability in version M79X3.V5030.180719, which stems from improper authorization management on the livecheck.shtml page, and could be exploited by an attacker to The vulnerability is caused ...

7.5CVSS3.5AI score0.00398EPSS

Exploits1References1

CNVD•added 2022/06/20 12:0 a.m.•23 views

WAVLINK WN535 G3 Information Disclosure Vulnerability (CNVD-2022-61034)

WAVLINK WN535 G3 is a wireless router from WAVLINK China.WAVLINK WN535 G3 version M35G3R.V5030.180927 is vulnerable to an information disclosure vulnerability that stems from improper authorization management on the livecheck.shtml page, which could be exploited by an attacker to obtain sensitive...

7.5CVSS3AI score0.53119EPSS

Exploits2References1

CNVD•added 2022/05/30 12:0 a.m.•113 views

Weak password vulnerability in the virtualization authorization management system of Deepcore Technology Co.

DeepService Technology Co., Ltd. is a product and service provider specializing in enterprise-class network security, cloud computing, IT infrastructure and the Internet of Things IoT. A weak password vulnerability exists in the virtualization authorization management system of DeepSign Technolog...

6.9AI score

Exploits0

CNVD•added 2021/09/11 12:0 a.m.•19 views

Huawei AIS-BW50-00 Authorization Issues Vulnerability

The Huawei AIS-BW50-00 is a portable Bluetooth speaker from Huawei, a Chinese company. The Huawei AIS-BW50-00 suffers from an authorization issue vulnerability that stems from improper authorization management and can be exploited by an attacker with physical access to the device and malicious...

7.2CVSS6.7AI score0.00023EPSS

Exploits0References1

CNNVD•added 2021/09/08 12:0 a.m.•1 views

Huawei AIS-BW50-00 安全漏洞

7.2CVSS6AI score0.00023EPSS

Exploits0References3

The Coalfire Blog•added 2020/04/27 4:44 p.m.•10 views

So your company has decided to do FedRAMP - What does that mean?

The exponential increase in cloud adoption in recent years has led to a dramatic increase in technology companies evolving from software and application companies to Software as a Service SaaS, Platform as a Service PaaS or Infrastructure as a Service IaaS providers. The 2011 release of the Cloud...

3.5AI score

Exploits0

CNVD•added 2019/09/18 12:0 a.m.•1 views

floragunn Search Guard Information Disclosure Vulnerability (CNVD-2019-32494)

floragunn Search Guard is a German floragunn company for Elasticsearch and ELK open source plug-ins , it mainly provides encryption , authentication , authorization management and log auditing and other functions . An information disclosure vulnerability exists in versions prior to floragunn Sear...

7.5CVSS6.3AI score0.00131EPSS

Exploits0References1

NVD•added 2018/07/10 6:29 p.m.•11 views

CVE-2018-2440

Under certain circumstances SAP Dynamic Authorization Management DAM by NextLabs Java Policy Controller versions 7.7 and 8.5 exposes sensitive information in the application logs...

4.4CVSS4.6AI score0.0005EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by