CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

544 matches found

Schneier on Security•added last week•9 views

Chilling Effects

Younger Americans have soured on the second Donald Trump presidency, but they are not protesting it. Despite an unpopular Iran war and an even more unpopular Trump administration, college campus protests nationwide have gone silent. And at many schools, student activism is virtually nonexistent...

5.8AI score

Exploits0

OSSF Malicious Packages•added 2026/05/16 9:50 p.m.•8 views

Malicious code in @tc-core/campus-service (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c58f691cfdb7301c271067776e2e3bc260d4cbb8880345d03e840729d849b580 The package @tc-core/campus-service was found to contain malicious code. Source: ossf-package-analysis...

5.8AI score

Exploits0

OSV•added 2026/05/16 9:50 p.m.•3 views

MAL-2026-3809 Malicious code in @tc-core/campus-service (npm)

5.8AI score

Exploits0

RedhatCVE•added 2026/03/26 3:12 p.m.•0 views

CVE-2026-3111

Insecure Direct Object Reference IDOR vulnerability in Campus Educativa specifically at the endpoint '/archivos/usuarios/ID/username/thumbAAxAA.jpg' translated as 80x90 and 40x45. Successful exploitation of this vulnerability could allow an unauthenticated attacker to access the profile photos of...

6.9CVSS5.8AI score0.00099EPSS

Exploits0References1

RedhatCVE•added 2026/03/26 3:4 p.m.•0 views

CVE-2026-3110

Insecure Direct Object Reference IDOR vulnerability in Campus Educativa specifically at the endpoint '/administracion/adminusuarios.cgi?filtroestado=T=listadoxlsx===altausuariocursoActual=ID' where the data of users enrolled in the course is exported. Successful exploitation of this vulnerability...

8.7CVSS5.8AI score0.00099EPSS

Exploits0References1

HackRead•added 2026/03/24 10:54 p.m.•3 views

HackerOne, Mazda, Infinite Campus and Dutch Ministry Hit by Data Breaches

HackerOne, Mazda, Infinite Campus and the Dutch Ministry report data breaches, exposing employee and partner data across multiple sectors worldwide...

5.8AI score

Exploits0

EUVD•added 2026/03/16 3:30 p.m.•0 views

EUVD-2026-12378

Insecure Direct Object Reference IDOR vulnerability in Campus Educativa specifically at the endpoint '/administracion/adminusuarios.cgi?filtroestado=T&wAccion=listadoxlsx&wBuscar=&wFiltrar=&wOrden=altausuario&widcursoActual=ID' where the data of users enrolled in the course is exported. Successfu...

8.7CVSS5.8AI score0.00099EPSS

Exploits0References2

NVD•added 2026/03/16 2:19 p.m.•1 views

CVE-2026-3111

6.9CVSS0.00099EPSS

Exploits0References1

NVD•added 2026/03/16 2:19 p.m.•1 views

CVE-2026-3110

8.7CVSS0.00099EPSS

Exploits0References1

ATTACKERKB•added 2026/03/16 9:37 a.m.•1 views

CVE-2026-3111

6.9CVSS5.8AI score0.00099EPSS

Exploits0References2Affected Software1

CVE•added 2026/03/16 9:37 a.m.•8 views

CVE-2026-3111

CVE-2026-3111 affects Educativa Campus. An Insecure Direct Object Reference permits an unauthenticated attacker to access any user’s profile photo via the manipulated URL /archivos/usuarios/[ID]/[username]/thumb_AAxAA.jpg (80x90 and 40x45). The provided metrics state CVSS v4 base score 6.9 (Netwo...

6.9CVSS5.8AI score0.00099EPSS

Exploits0References1

ATTACKERKB•added 2026/03/16 9:36 a.m.•3 views

CVE-2026-3110

8.7CVSS5.8AI score0.00099EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2026/03/16 9:36 a.m.•1 views

CVE-2026-3110 Multiple vulnerabilities on the Educativa Campus

8.7CVSS5.8AI score0.00099EPSS

Exploits0References1

CVE•added 2026/03/16 9:36 a.m.•9 views

CVE-2026-3110

CVE-2026-3110 describes an insecure direct object reference (IDOR) in Campus Educativa. An unauthenticated attacker can access user data by exploiting the endpoint /administracion/admin_usuarios.cgi?filtro_estado=T&wAccion=listado_xlsx&wBuscar=&wFiltrar=&wOrden=alta_usuario&wid_cursoActual=[ID], ...

8.7CVSS5.8AI score0.00099EPSS

Exploits0References1

Cvelist•added 2026/03/16 9:36 a.m.•25 views

CVE-2026-3110 Multiple vulnerabilities on the Educativa Campus

8.7CVSS0.00099EPSS

Exploits0References1

CNNVD•added 2026/03/16 12:0 a.m.•2 views

educativa Campus Educativa 访问控制错误漏洞

Educativa Campus Educativa is an educational management platform owned by the Spanish company Educativa. Educativa Campus Educativa has a security vulnerability related to access control. This vulnerability stems from insecure direct object references in the...

8.7CVSS5.8AI score0.00099EPSS

Exploits0References1

CNNVD•added 2026/03/16 12:0 a.m.•3 views

educativa Campus Educativa 访问控制错误漏洞

6.9CVSS5.8AI score0.00099EPSS

Exploits0References1

Positive Technologies•added 2026/03/16 12:0 a.m.•5 views

PT-2026-25668

Insecure Direct Object Reference IDOR vulnerability in Campus Educativa specifically at the endpoint '/archivos/usuarios/ID/username/thumb AAxAA.jpg' translated as 80x90 and 40x45. Successful exploitation of this vulnerability could allow an unauthenticated attacker to access the profile photos o...

6.9CVSS5.8AI score0.00099EPSS

Exploits0References1

MSRC•added 2026/02/13 12:0 a.m.•11 views

Submit your research: BlueHat 2026 Call for Papers is open

The next BlueHat Conference will take placeMay 5 - 6, 2026, on Microsoft’s Redmond campus in Washington State, USA. TheCall for Papers CFP is now open and closes February 28, 2026...

5.5AI score

Exploits0

Packet Storm News•added 2026/02/01 12:0 a.m.•3 views

HACK NDSU: A Real-World Event to Promote Student Interest in Cybersecurity

Hack NDSU let students scan, probe, and hack North Dakota State University's campus network, under professionals' supervision, providing an aspirational experience, potentially motivating them to enter the field. This paper provides a blueprint for educational hacking events against production...

5.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by