CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

Cvelist•added 2026/04/03 3:54 a.m.•16 views

CVE-2026-35542

An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. The remote image blocking feature can be bypassed via a crafted background attribute of a BODY element in an e-mail message. This may lead to information disclosure or access-control bypass...

5.3CVSS0.00015EPSS

Exploits0References7

Vulnrichment•added 2026/04/03 3:50 a.m.•3 views

CVE-2026-35541

An issue was discovered in Roundcube Webmail before 1.5.14 and 1.6.14. Incorrect password comparison in the password plugin could lead to type confusion that allows a password change without knowing the old password...

4.2CVSS5.9AI score0.00015EPSS

Exploits0References7

Vulnrichment•added 2026/04/03 3:47 a.m.•0 views

CVE-2026-35540

An issue was discovered in Roundcube Webmail 1.6.0 before 1.6.14. Insufficient Cascading Style Sheets CSS sanitization in HTML e-mail messages may lead to SSRF or Information Disclosure, e.g., if stylesheet links point to local network hosts...

5.4CVSS5.9AI score0.00017EPSS

Exploits0References5

CNNVD•added 2026/04/03 12:0 a.m.•3 views

Roundcube Webmail 跨站脚本漏洞

Roundcube Webmail is an open-source browser-based IMAP client developed by Roundcube. It supports address book management, information search, spelling checking, etc. Versions of Roundcube Webmail prior to 1.5.14 and 1.6.14 had a cross-site scripting vulnerability. This vulnerability stemmed from...

6.1CVSS5.6AI score0.00016EPSS

Exploits0References7

Positive Technologies•added 2024/07/16 12:0 a.m.•4 views

PT-2024-28956

Name of the Vulnerable Software and Affected Versions dbt versions prior to 1.6.14 dbt versions prior to 1.7.14 dbt versions prior to 1.8.0 Description The issue allows a malicious package to override core components of dbt with harmful code when installed. This is due to the design of dbt, which...

7.8CVSS6.7AI score0.00124EPSS

Exploits1References16

CNNVD•added 2022/10/17 12:0 a.m.•0 views

Phoenix framework 安全漏洞

Phoenix framework is Phoenix framework open source a functional programming language Elixir written in the Web development framework. A security vulnerability exists in Phoenix framework versions prior to 1.6.14, which stems from its socket/transport.ex incorrectly handling the checkorigin wildca...

7.5CVSS7.2AI score0.00204EPSS

Exploits0References2

CNNVD•added 2022/08/08 12:0 a.m.•3 views

WordPress plugin weForms 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

4.8CVSS5.1AI score0.00218EPSS

Exploits2References2

OSV•added 2013/03/07 3:55 p.m.•1 views

DEBIAN-CVE-2013-2484

The CIMD dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service application crash via a malformed packet...

3.3CVSS7AI score0.01419EPSS

Exploits0References1

OSV•added 2013/03/07 3:55 p.m.•3 views

DEBIAN-CVE-2013-2480

The RTPS and RTPS2 dissectors in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allow remote attackers to cause a denial of service application crash via a malformed packet...

3.3CVSS7.3AI score0.01419EPSS

Exploits0References1

OSV•added 2013/03/07 3:55 p.m.•1 views

DEBIAN-CVE-2013-2485

The FCSP dissector in Wireshark 1.6.x before 1.6.14 and 1.8.x before 1.8.6 allows remote attackers to cause a denial of service infinite loop via a malformed packet...

6.1CVSS7.3AI score0.00692EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by