CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

Positive Technologies•added 2026/04/29 12:0 a.m.•3 views

PT-2026-37147

Name of the Vulnerable Software and Affected Versions Admidio versions prior to 5.0.9 Description Several administrative operations within the preferences module are executed via GET requests without CSRF token validation. This allows an attacker to force an authenticated administrator to trigger...

3.5CVSS5.8AI score0.00005EPSS

Exploits0References5

Packet Storm•added 2026/02/24 12:0 a.m.•102 views

📄 Microsoft Event Log Remote Protocol Arbitrary File Write

This Python script demonstrates the abuse of the Microsoft Event Log Remote Protocol MS-EVEN to achieve an arbitrary file write over SMB using low-privileged credentials. By interacting with the Windows \pipe\eventlog named pipe through DCERPC, the script leverages the ElfrOpenBELW and...

5.9AI score

Exploits0

RedhatCVE•added 2026/01/09 9:24 a.m.•1 views

CVE-2023-40716

An improper neutralization of special elements used in an OS command vulnerability CWE-78 in the command line interpreter of FortiTester 2.3.0 through 7.2.3 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments when running execute restore/backup...

7.8CVSS7.3AI score0.00074EPSS

Exploits0References1

Github Security Blog•added 2025/11/13 3:30 p.m.•5 views

pgAdmin 4 has command injection vulnerability on Windows systems

pgAdmin 4 versions up to 9.9 are affected by a command injection vulnerability on Windows systems. This issue is caused by the use of shell=True during backup and restore operations, enabling attackers to execute arbitrary system commands by providing specially crafted file path input...

8.8CVSS8.1AI score0.00036EPSS

Exploits0References4Affected Software1

Positive Technologies•added 2025/11/05 12:0 a.m.•1 views

PT-2025-46820

Name of the Vulnerable Software and Affected Versions pgAdmin 4 versions up to 9.9 Description pgAdmin 4 versions up to 9.9 on Windows systems are susceptible to a command injection issue. The root cause is the use of shell=True during backup and restore operations. This allows attackers to execu...

9.8CVSS7.6AI score0.00174EPSS

Exploits2References17

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2019-13843

Malware in sbrugna...

5.1CVSS5.2AI score0.00042EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•0 views

EUVD-2016-0917

Malware in sbrugna...

8.8CVSS8.8AI score0.00406EPSS

Exploits0References3

Veeam•added 2023/12/05 12:0 a.m.•17 views

Changes to eDirectory May Not Appear in File Level Restore for OES 2023 and later

Challenge When performing a Linux File Level Restore, using a helper appliance, to restore the database for eDirectory on OES 2023 and higher, the most recent state of the database found within the restore point lacks changes made just before the backup job ran. Cause This happens because the...

7.2AI score

Exploits0Affected Software1

Positive Technologies•added 2023/03/15 12:0 a.m.•1 views

PT-2023-4536 · Zoho · Zoho Manageengine Admanager Plus

Name of the Vulnerable Software and Affected Versions: Zoho ManageEngine ADManager Plus versions 7182 and prior Description: The issue is related to insufficient protection of registration data, allowing an attacker to gain unauthorized access to protected information. This can be achieved by...

7.8CVSS6.4AI score0.00198EPSS

Exploits4References11

OSV•added 2021/09/16 4:15 p.m.•0 views

CVE-2021-29825

IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server could disclose sensitive information when using ADMINCMD with LOAD or BACKUP. IBM X-Force ID: 204470...

7.5CVSS6.4AI score

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by