CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added 2026/04/03 8:13 p.m.•15 views

CVE-2026-5485 OS command injection in Amazon Athena ODBC driver on Linux

OS command injection in the browser-based authentication component in Amazon Athena ODBC driver before 2.0.5.1 on Linux might allow a threat actor to execute arbitrary code by using specially crafted connection parameters that are loaded by the driver during a local user-initiated connection. To...

7.8CVSS0.00727EPSS

Cvelist•added 2026/04/03 8:10 p.m.•17 views

CVE-2026-35561 Insufficient authentication security controls in browser-based authentication components in Amazon Athena ODBC driver

9.1CVSS0.00473EPSS

Vulnrichment•added 2026/04/03 8:10 p.m.•2 views

CVE-2026-35561 Insufficient authentication security controls in browser-based authentication components in Amazon Athena ODBC driver

9.1CVSS5.9AI score0.00473EPSS

Positive Technologies•added 2026/04/03 12:0 a.m.•4 views

PT-2026-30220

9.1CVSS5.9AI score0.00473EPSS

Exploits0References7

CNNVD•added 2026/04/03 12:0 a.m.•11 views

Amazon Athena ODBC driver 安全漏洞

The Amazon Athena ODBC driver is a database connection driver developed by the American company Amazon. Versions of the Amazon Athena ODBC driver prior to 2.1.0.0 contained security vulnerabilities. These vulnerabilities stemmed from insufficient security controls in the browser-based...

9.8CVSS5.8AI score0.00473EPSS

CNNVD•added 2026/04/02 12:0 a.m.•4 views

cveClient 安全漏洞

cveClient is an open-source browser-based CVE record management client developed by the CERT Coordination Center CERT/CC. cveClient has a security vulnerability that stems from trusting inputs provided by the CVE API service, which may lead to cross-site scripting attacks...

6.1CVSS5.6AI score0.00204EPSS

Exploits0References2

Fedora•added 2026/03/28 1:6 a.m.•6 views

[SECURITY] Fedora 42 Update: roundcubemail-1.6.14-1.fc42

RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in...

5.9AI score

Fedora•added 2026/03/28 12:46 a.m.•4 views

[SECURITY] Fedora 43 Update: roundcubemail-1.6.14-1.fc43

5.9AI score

Fedora•added 2026/03/28 12:19 a.m.•5 views

[SECURITY] Fedora 44 Update: roundcubemail-1.7~rc5-1.fc44

5.9AI score

VulnCheck KEV•added 2026/03/11 12:0 a.m.•9 views

VulnCheck KEV: CVE-2025-62593

Ray is an AI compute engine. Prior to version 2.52.0, developers working with Ray as a development tool can be exploited via a critical RCE vulnerability exploitable via Firefox and Safari. This vulnerability is due to an insufficient guard against browser-based attacks, as the current defense us...

9.4CVSS5.7AI score0.00355EPSS

In wildExploits0References2

CVE•added 2026/03/04 5:51 p.m.•35 views

CVE-2026-20069

The CVE-2026-20069 entry covers a vulnerability in the VPN web services component of Cisco Secure Firewall ASA and FTD software. The issue arises from improper validation of HTTP requests, which could allow an unauthenticated, remote attacker to persuade a user to visit a crafted site that sends ...

4.3CVSS5.8AI score0.00273EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2026/03/04 5:51 p.m.•2 views

CVE-2026-20069 Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software VPN Web Services Client-Side Request Smuggling Vulnerability

A vulnerability in the VPN web services component of Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct browser-based attacks against users of an affected device. This...

4.3CVSS5.8AI score0.00273EPSS

Cisco•added 2026/03/04 4:0 p.m.•10 views

Cisco Secure Firewall Adaptive Security Appliance and Secure Firewall Threat Defense Software VPN Web Services Client-Side Request Smuggling Vulnerability

4.3CVSS5.8AI score0.00273EPSS

Positive Technologies•added 2026/03/04 12:0 a.m.•6 views

PT-2026-23027

Name of the Vulnerable Software and Affected Versions Cisco Secure Firewall Adaptive Security Appliance ASA Software and Cisco Secure Firewall Threat Defense FTD Software affected versions not specified Description A flaw exists in the VPN web services component that may allow a remote attacker t...

4.3CVSS5.7AI score0.00273EPSS

Exploits0References5

CNNVD•added 2026/02/25 12:0 a.m.•6 views

JetBrains YouTrack 安全漏洞

JetBrains YouTrack is a browser-based error tracking and project management software developed by Czech company JetBrains. This software features error tracking, the ability to create workflows, and monitoring of project progress. Versions of JetBrains YouTrack prior to version 2025.3.121962...

8.8CVSS5.8AI score0.00238EPSS

CNNVD•added 2026/02/22 12:0 a.m.•5 views

Inventory Webapp SQL注入漏洞

Inventory Webapp is a browser-based inventory management system developed by Inventory Company. The Inventory Webapp has a SQL injection vulnerability, which stems from SQL injections in GET parameters. This vulnerability could allow unverified attackers to manipulate database queries...

8.8CVSS5.9AI score0.00232EPSS

Exploits0References2

Fedora•added 2026/02/20 1:17 a.m.•6 views

[SECURITY] Fedora 42 Update: roundcubemail-1.6.13-1.fc42

4.7CVSS5.9AI score0.00292EPSS

RedhatCVE•added 2026/01/16 5:26 p.m.•7 views

CVE-2026-20076

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied inpu...

4.8CVSS6AI score0.00238EPSS