CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2483 matches found

ATTACKERKB•added 2026/03/07 1:21 a.m.•3 views

CVE-2026-2429

The Community Events plugin for WordPress is vulnerable to SQL Injection via the 'cevenuename' CSV field in the onsavechangesvenues function in all versions up to, and including, 1.5.8. This is due to insufficient escaping on the user-supplied CSV data and lack of sufficient preparation on the...

4.9CVSS5.8AI score0.00325EPSS

Exploits0References5

Positive Technologies•added 2026/03/07 12:0 a.m.•3 views

PT-2026-23814

The Community Events plugin for WordPress is vulnerable to SQL Injection via the 'ce venue name' CSV field in the on save changes venues function in all versions up to, and including, 1.5.8. This is due to insufficient escaping on the user-supplied CSV data and lack of sufficient preparation on t...

4.9CVSS5.8AI score0.00325EPSS

Exploits0References5

Redos•added 2026/03/06 12:0 a.m.•5 views

ROS-20260306-73-0011

A vulnerability in the sun8icecipherprepare function of the drivers/crypto/allwinner/sun8i-ce/sun8i-ce-cipher.c module of the Linux kernel is related to incorrect resource release. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

5.5CVSS5.8AI score0.00147EPSS

Exploits0

NVD•added 2026/02/25 4:23 p.m.•4 views

CVE-2026-3206

Improper Resource Shutdown or Release vulnerability in KrakenD, SLU KrakenD-CE CircuitBreaker modules, KrakenD, SLU KrakenD-EE CircuitBreaker modules. This issue affects KrakenD-CE: before 2.13.1; KrakenD-EE: before 2.12.5...

5.3CVSS0.00256EPSS

Exploits0References2

RedhatCVE•added 2026/02/19 1:28 p.m.•4 views

CVE-2026-1649

The Community Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'cevenuename' parameter in all versions up to, and including, 1.5.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-lev...

4.4CVSS5.7AI score0.00244EPSS

Exploits0References1

NVD•added 2026/02/18 9:15 a.m.•4 views

CVE-2026-1649

4.4CVSS0.00244EPSS

Exploits0References5

Cvelist•added 2026/02/18 8:26 a.m.•32 views

CVE-2026-1649 Community Events <= 1.5.7 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'ce_venue_name' Parameter

4.4CVSS0.00244EPSS

Exploits0References5

Vulnrichment•added 2026/02/18 8:26 a.m.•4 views

CVE-2026-1649 Community Events <= 1.5.7 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'ce_venue_name' Parameter

4.4CVSS5.7AI score0.00244EPSS

Exploits0References5

Chainguard•added 2026/02/16 7:17 p.m.•3 views

GHSA-CF2V-M456-7QJF vulnerabilities

Vulnerabilities for packages: gitlab-runner, gitlab-pages-fips, gitlab-workhorse-ce, gitlab-rails-ce, gitlab-rails-ce-fips, gitlab-runner-fips, gitlab-workhorse-ce-fips...

5.8AI score

Exploits0

Chainguard•added 2026/02/16 7:17 p.m.•3 views

GHSA-95P8-CCJW-3G7F vulnerabilities

Vulnerabilities for packages: gitlab-runner-fips, gitlab-pages-fips, gitlab-runner, gitlab-rails-ce-fips...

5.8AI score

Exploits0

Chainguard•added 2026/02/16 7:17 p.m.•7 views

CVE-2026-1458 vulnerabilities

Vulnerabilities for packages: gitlab-runner, gitlab-pages-fips, gitlab-workhorse-ce, gitlab-rails-ce, gitlab-rails-ce-fips, gitlab-runner-fips, gitlab-workhorse-ce-fips...

7.5CVSS5.8AI score0.00364EPSS

Exploits0

Chainguard•added 2026/02/16 7:17 p.m.•7 views

CVE-2026-1456 vulnerabilities

Vulnerabilities for packages: gitlab-runner-fips, gitlab-pages-fips, gitlab-runner, gitlab-rails-ce-fips...

7.5CVSS5.8AI score0.00364EPSS

Exploits0

Circl•added 2026/02/16 12:0 a.m.•2 views

CVE-2026-2458

creationtimestamp| type| source ---|---|--- 2026-02-16 00:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0173/...

4.3CVSS5.7AI score0.00165EPSS

Exploits0References1

Positive Technologies•added 2026/02/11 12:0 a.m.•10 views

PT-2026-7516

Name of the Vulnerable Software and Affected Versions GitLab CE/EE versions 18.7 through 18.7.3 GitLab CE/EE versions 18.8 through 18.8.3 Description An unauthenticated user could cause a denial of service through CPU exhaustion by submitting specially crafted markdown files. These files trigger...

7.5CVSS5.3AI score0.00364EPSS

Exploits0References9

Tenable Nessus•added 2026/02/03 12:0 a.m.•9 views

Linux Distros Unpatched Vulnerability : CVE-2025-13978

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.5 before 18.4.6, 18.5 before 18.5.4, and 18.6 before 18.6.2 that could have allowe...

4.3CVSS5.6AI score0.00259EPSS

Exploits0References2

Chainguard•added 2026/02/02 1:17 p.m.•8 views

CVE-2025-24293 vulnerabilities

Vulnerabilities for packages: gitlab-rails-ce...

9.2CVSS5.2AI score0.02078EPSS

Exploits0

Chainguard•added 2026/01/28 7:17 p.m.•3 views

GHSA-2V4G-65GF-W58F vulnerabilities

Vulnerabilities for packages: gitlab-workhorse-ce, gitlab-rails-ce, gitlab-rails-ce-fips...

5.8AI score

Exploits0