CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

239 matches found

AstraLinux•added 2026/05/20 5:53 a.m.•1 views

Astra Linux - уязвимость в linux-5.10, linux-5.15, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2 – Clearing the BM pool before initialization. The register values persist after booting the kernel using kexec, which results in a kernel panic. Therefore, it is necessary to clear the BM pool registers before...

5.5CVSS5.9AI score0.00026EPSS

Exploits0References2

Tenable Nessus•added 2026/04/21 12:0 a.m.•4 views

Unity Linux 20.1050a Security Update: kernel (UTSA-2026-007021)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007021 advisory. In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: clear BM pool before initialization Register value persist after booting the kernel...

5.5CVSS6.6AI score0.00026EPSS

Exploits0References4

Tenable Nessus•added 2026/04/08 12:0 a.m.•3 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006790)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006790 advisory. In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: clear BM pool before initialization Register value persist after booting the kernel...

5.5CVSS5.9AI score0.00026EPSS

Exploits0References4

Vulnrichment•added 2026/01/22 4:52 p.m.•2 views

CVE-2025-69055 WordPress BM Content Builder plugin < 3.16.3.3 - Arbitrary File Download vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in SeaTheme BM Content Builder bm-builder allows Path Traversal.This issue affects BM Content Builder: from n/a through 3.16.3.3...

6.5CVSS5.2AI score0.00071EPSS

Exploits0References1

Cvelist•added 2026/01/22 4:52 p.m.•15 views

CVE-2025-69055 WordPress BM Content Builder plugin < 3.16.3.3 - Arbitrary File Download vulnerability

6.5CVSS0.00071EPSS

Exploits0References1

ATTACKERKB•added 2026/01/22 4:52 p.m.•3 views

CVE-2025-69055

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in SeaTheme BM Content Builder allows Path Traversal.This issue affects BM Content Builder: from n/a before 3.16.3.3...

6.5CVSS5.5AI score0.00071EPSS

Exploits0References3

CNNVD•added 2026/01/22 12:0 a.m.•5 views

WordPress plugin BM Content Builder has a path traversal vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

6.5CVSS5.8AI score0.00071EPSS

Exploits0References2

RedhatCVE•added 2026/01/09 9:59 a.m.•4 views

CVE-2020-7589

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions. The vulnerability could lead to an attacker reading and modifying the device configuration and obtain project files from affected devices. The security vulnerability could be exploited by an unauthenticated...

9.1CVSS6.9AI score0.00472EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:58 a.m.•7 views

CVE-2020-7593

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants V1.81.01 - V1.81.03, LOGO! 8 BM incl. SIPLUS variants V1.82.01, LOGO! 8 BM incl. SIPLUS variants V1.82.02. A buffer overflow vulnerability exists in the Web Server functionality of the device. A remote unauthenticated attacke...

9.8CVSS7.9AI score0.17292EPSS

Exploits1References1

Patchstack•added 2025/12/31 9:31 a.m.•8 views

WordPress BM Content Builder plugin < 3.16.3.3 - Arbitrary File Download vulnerability

Arbitrary File Download vulnerability discovered by Bonds in WordPress Plugin BM Content Builder versions 3.16.3.3...

6.5CVSS5.4AI score0.00071EPSS

Exploits0Affected Software1

Patchstack•added 2025/12/31 12:0 a.m.•5 views

WordPress BM Content Builder plugin <= 3.16.2.1 - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting via ux_cb_page_options_save vulnerability

Missing Authorization to Authenticated Subscriber+ Stored Cross-Site Scripting via uxcbpageoptionssave vulnerability discovered by István Márton - Wordfence in WordPress Plugin BM Content Builder versions = 3.16.2.1...

6.4CVSS5.9AI score0.0016EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2025/11/18 12:0 a.m.•2 views

PT-2025-47291

Name of the Vulnerable Software and Affected Versions METZ CONNECT EWIO2-M versions prior to 2.2.0 METZ CONNECT Ethernet-IO EWIO2-BM versions prior to 2.2.0 Description An unauthenticated remote attacker can execute arbitrary PHP files and gain full access of the affected devices. This allows...

9.8CVSS7.5AI score0.00122EPSS

Exploits0References8

CNNVD•added 2025/11/18 12:0 a.m.•1 views

METZ CONNECT多款产品代码问题漏洞

METZ CONNECT Energy-Controlling EWIO2-M and others are products of METZ CONNECT, Germany.METZ CONNECT Energy-Controlling EWIO2-M is a high performance data logger.METZ CONNECT Energy- Controlling EWIO2-M-BM is a high performance data logger.METZ CONNECT Ethernet-IO EWIO2-BM is a sensor and actuat...

8.8CVSS7.2AI score0.00297EPSS

Exploits0References1