CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

34 matches found

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-48338

Malicious code in bioql PyPI...

5.4CVSS5.6AI score0.01135EPSS

Exploits0References3

Tenable Nessus•added 2025/09/10 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2020-7668

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In all versions of the package github.com/unknwon/cae/tz, the ExtractTo function doesn't securely escape file paths in zip archives which include leading or...

7.5CVSS7.3AI score0.00278EPSS

Exploits1References2

Tenable Nessus•added 2025/09/10 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2020-7664

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In all versions of the package github.com/unknwon/cae/zip, the ExtractTo function doesn't securely escape file paths in zip archives which include leading or...

7.5CVSS7.3AI score0.00278EPSS

Exploits1References2

OSSF Malicious Packages•added 2025/08/14 6:52 p.m.•3 views

Malicious code in @zalastax/nolb-cae (npm)

The package @zalastax/nolb-cae was found to contain malicious code...

7AI score

Exploits0

OSV•added 2025/08/14 6:52 p.m.•3 views

MAL-2025-10853 Malicious code in @zalastax/nolb-cae (npm)

The package @zalastax/nolb-cae was found to contain malicious code...

7.2AI score

Exploits0

RedhatCVE•added 2025/05/22 10:50 p.m.•4 views

CVE-2022-45472

CAE LearningSpace Enterprise with Intuity License image 267r patch 639 allows DOM XSS, related to ontouchmove and onpointerup...

5.4CVSS6.8AI score0.01135EPSS

Exploits0References1

NVD•added 2023/01/30 11:15 p.m.•8 views

CVE-2022-32748

A CWE-295: Improper Certificate Validation vulnerability exists that could cause the CAE software to give wrong data to end users when using CAE to configure devices. Additionally, credentials could leak which would enable an attacker the ability to log into the configuration tool and compromise...

8.3CVSS7.8AI score0.00073EPSS

Exploits0References1

Prion•added 2023/01/30 11:15 p.m.•13 views

Input validation

4.3CVSS8AI score0.00073EPSS

Exploits0References1Affected Software1

Prion•added 2023/01/30 11:15 p.m.•14 views

Spoofing

A CWE-290: Authentication Bypass by Spoofing vulnerability exists that could cause legitimate users to be locked out of devices or facilitate backdoor account creation by spoofing a device on the local network. Affected Products: EcoStruxure™ Cybersecurity Admin Expert CAE Versions prior to 2.2...

4.8CVSS7.8AI score0.00113EPSS

Exploits0References1Affected Software1

Cvelist•added 2023/01/30 12:0 a.m.•8 views

CVE-2022-32748

7.9CVSS8.3AI score0.00073EPSS

Exploits0References1

CVE•added 2023/01/30 12:0 a.m.•40 views

CVE-2022-32748

CVE-2022-32748 affects EcoStruxure™ Cybersecurity Admin Expert (CAE) versions prior to 2.2. Root cause: CWE-295 Improper Certificate Validation, which can cause CAE to present or process incorrect data to end users and may enable credential leakage, allowing an attacker to log into the configurat...

8.3CVSS8AI score0.00073EPSS

Exploits0References1Affected Software1

Cvelist•added 2023/01/30 12:0 a.m.•13 views

CVE-2022-32747

8CVSS8.1AI score0.00113EPSS

Exploits0References1

CNVD•added 2022/11/25 12:0 a.m.•30 views

CAE LearningSpace Enterprise Cross-Site Scripting Vulnerability

CAE LearningSpace Enterprise is a clinical simulation management platform from CAE Canada, Inc. CAE LearningSpace Enterprise with Intuity License image 267r patch 639 contains a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data b...

5.4CVSS1.9AI score0.01135EPSS

Exploits0References1

NVD•added 2022/11/23 6:15 a.m.•7 views

CVE-2022-45472

CAE LearningSpace Enterprise with Intuity License image 267r patch 639 allows DOM XSS, related to ontouchmove and onpointerup...

5.4CVSS0.01135EPSS

Exploits0References2

OSV•added 2022/11/23 6:15 a.m.•1 views

CVE-2022-45472

CAE LearningSpace Enterprise with Intuity License image 267r patch 639 allows DOM XSS, related to ontouchmove and onpointerup...

5.4CVSS5.8AI score0.01135EPSS

Exploits0References2

Prion•added 2022/11/23 6:15 a.m.•10 views

Design/Logic Flaw

CAE LearningSpace Enterprise with Intuity License image 267r patch 639 allows DOM XSS, related to ontouchmove and onpointerup...

4.9CVSS5.4AI score0.01135EPSS

Exploits0References2Affected Software1

CVE•added 2022/11/23 12:0 a.m.•52 views

CVE-2022-45472

CVE-2022-45472 affects CAE LearningSpace Enterprise (with Intuity License) image 267r patch 639. The vulnerability is DOM-based XSS triggered by ontouchmove and onpointerup, allowing injection of script and potential UI/data impact. Root cause relates to insufficient input filtering/escaping of u...

5.4CVSS5.4AI score0.01135EPSS

Exploits0References2Affected Software1

Cvelist•added 2022/11/23 12:0 a.m.•14 views

CVE-2022-45472

CAE LearningSpace Enterprise with Intuity License image 267r patch 639 allows DOM XSS, related to ontouchmove and onpointerup...

5.7AI score0.01135EPSS

Exploits0References2

Vulnrichment•added 2022/11/23 12:0 a.m.•4 views

CVE-2022-45472

CAE LearningSpace Enterprise with Intuity License image 267r patch 639 allows DOM XSS, related to ontouchmove and onpointerup...

5.5AI score0.01135EPSS

Exploits0References2

CNNVD•added 2022/10/11 12:0 a.m.•3 views

Altair HyperView Player 安全漏洞

Altair HyperView Player is a standalone 3D viewer from Altair Japan. It is used to share CAE models and simulation results. A security vulnerability exists in Altair HyperView Player that originates from uninitialized memory...

7.8CVSS7.3AI score0.00068EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by