CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

609 matches found

[SECURITY] Fedora 43 Update: djvulibre-3.5.30-1.fc43

DjVu is a web-centric format and software platform for distributing documents and images. DjVu can advantageously replace PDF, PS, TIFF, JPEG, and GIF for distributing scanned documents, digital documents, or high-resolution picture s. DjVu content downloads faster, displays and renders faster,...

8.4CVSS7AI score0.00074EPSS

Exploits0

Fedora•added 4 days ago•8 views

[SECURITY] Fedora 44 Update: djvulibre-3.5.30-1.fc44

8.4CVSS7AI score0.00074EPSS

Exploits0

OSV•added 2026/05/12 6:17 p.m.•4 views

UBUNTU-CVE-2026-42177

linux-entra-sso is a browser plugin for Linux to SSO on Microsoft Entra ID. Prior to 1.8.1, platform/chrome/js/platform-chrome.js:69-88 registers a single declarativeNetRequest rule whose urlFilter is Platform.SSOURL + "/", i.e. "https://login.microsoftonline.com/". Chrome's urlFilter without a |...

5.3CVSS5.8AI score0.00035EPSS

Exploits0References3

Fedora•added 2026/04/16 11:42 p.m.•3 views

[SECURITY] Fedora 44 Update: plasma-browser-integration-6.6.4-1.fc44

plasma-browser-integration coupled with a browser plugin provides integration of the browser in the desktop. For more information, see https://community.kde.org/Plasma/BrowserIntegration...

5.8AI score

Exploits0

ATTACKERKB•added 2026/04/02 2:1 p.m.•3 views

CVE-2026-26927

Szafir SDK Web is a browser plug-in that can run SzafirHost application which download the necessary files when launched. In Szafir SDK Web it is possible to change the URL HTTP Origin of the application call location. An unauthenticated attacker can craft a website that is able to launch...

5.1CVSS6.2AI score0.00016EPSS

Exploits0References3

RedhatCVE•added 2026/01/09 11:11 a.m.•6 views

CVE-2016-10897

The sermon-browser plugin before 0.45.16 for WordPress has multiple XSS issues...

6.1CVSS6.2AI score0.0019EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:56 a.m.•4 views

CVE-2023-40194

An arbitrary file creation vulnerability exists in the Javascript exportDataObject API of Foxit Reader 12.1.3.15356 due to mistreatment of whitespace characters. A specially crafted malicious file can create files at arbitrary locations, which can lead to arbitrary code execution. An attacker nee...

8.8CVSS7.6AI score0.00022EPSS

Exploits1References1

RedhatCVE•added 2025/10/10 4:20 p.m.•0 views

CVE-2025-9868

Server-Side Request Forgery SSRF in the Remote Browser Plugin in Sonatype Nexus Repository 2.x up to and including 2.15.2 allows unauthenticated remote attackers to exfiltrate proxy repository credentials via crafted HTTP requests...

8.7CVSS7.2AI score0.00228EPSS

Exploits0References1

NVD•added 2025/10/08 6:15 p.m.•1 views

CVE-2025-9868

8.7CVSS0.00228EPSS

Exploits0References1

CVE•added 2025/10/08 5:7 p.m.•12 views

CVE-2025-9868

The vulnerability is a Server-Side Request Forgery (SSRF) in the Remote Browser Plugin of Sonatype Nexus Repository 2.x, up to and including 2.15.2. The issue allows unauthenticated remote attackers to exfiltrate proxy repository credentials by crafting HTTP requests. The root cause is SSRF in th...

8.7CVSS6.8AI score0.00228EPSS

Exploits0References1

EUVD•added 2025/10/08 5:7 p.m.•2 views

EUVD-2025-33291

8.7CVSS6.7AI score0.00228EPSS

Exploits0References2

Cvelist•added 2025/10/08 5:7 p.m.•7 views

CVE-2025-9868 Nexus Repository 2 - SSRF Vulnerability in Remote Browser Plugin

8.7CVSS0.00228EPSS

Exploits0References1

Positive Technologies•added 2025/10/08 12:0 a.m.•2 views

PT-2025-41292

Name of the Vulnerable Software and Affected Versions Sonatype Nexus Repository versions 2.0 through 2.15.2 Description A Server-Side Request Forgery SSRF exists in the Remote Browser Plugin. This allows unauthenticated remote attackers to extract proxy repository credentials via crafted HTTP...

8.7CVSS6.8AI score0.00228EPSS

Exploits0References5

CNNVD•added 2025/10/08 12:0 a.m.•1 views

Sonatype Nexus Repository 安全漏洞

Sonatype Nexus Repository is a repository manager from Sonatype, Inc. that is used to manage, store, and distribute software, among other things. A security vulnerability exists in Sonatype Nexus Repository version 2.15.2 and earlier, which stems from a server-side request forgery in the Remote...

8.7CVSS6.6AI score0.00228EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2015-6408

Malware in sbrugna...

9.3CVSS8.2AI score0.00768EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2011-2921

Malware in sbrugna...

10CVSS6.2AI score0.03873EPSS

Exploits1References4