CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

83 matches found

RedhatCVE•added 2026/06/09 2:59 p.m.•7 views

CVE-2026-8078

Stored cross-site scripting in the global settings change log in Checkmk 2.5.0p5, 2.4.0p31, 2.3.0p48, and all 2.2.0 versions allows an administrator who can change global settings to store malicious HTML or JavaScript in changelog messages that executes in other users' browsers when they view the...

4.8CVSS5.2AI score0.00143EPSS

Exploits0References1

OSV•added 2026/06/08 1:16 p.m.•5 views

UBUNTU-CVE-2026-8078

4.8CVSS5.2AI score0.00143EPSS

Exploits0References3

Vulnrichment•added 2026/06/08 12:6 p.m.•8 views

CVE-2026-8078 Fix stored XSS in global settings change log

4.8CVSS5.2AI score0.00143EPSS

Exploits0References1

Cvelist•added 2026/06/08 12:6 p.m.•41 views

CVE-2026-8078 Fix stored XSS in global settings change log

4.8CVSS0.00143EPSS

Exploits0References1

Positive Technologies•added 2026/06/08 12:0 a.m.•9 views

PT-2026-47286

4.8CVSS5.2AI score0.00143EPSS

Exploits0References2

NVD•added 2026/05/25 11:16 a.m.•13 views

CVE-2026-40127

OutSystems Lifetime is vulnerable to Authorization Bypass Through User-Controlled Key vulnerability in ApplicationID parameter. Any authenticated user, can read the Change Log containing actions performed by other users as well as application name of any application. This issue was fixed in...

5.3CVSS0.00319EPSS

Exploits0References2

Cvelist•added 2026/05/25 10:18 a.m.•34 views

CVE-2026-40127 Authorization Bypass Through User-Controlled Key in OutSystems Lifetime

5.3CVSS0.00319EPSS

Exploits0References2

EUVD•added 2026/05/25 10:18 a.m.•9 views

EUVD-2026-31662

5.3CVSS5.8AI score0.00319EPSS

Exploits0References2

CNNVD•added 2026/02/20 12:0 a.m.•4 views

openITCOCKPIT 代码问题漏洞

openITCOCKPIT is an open-source system monitoring software. Versions of openITCOCKPIT 5.3.1 and earlier have code vulnerabilities. These vulnerabilities stem from unsafe PHP deserialization patterns when processing change log entries, which may lead to potential PHP object injection vulnerabiliti...

8.8CVSS5.9AI score0.00813EPSS

Exploits1References3

Google Chrome Security Advisories•added 2026/01/20 12:0 a.m.•24 views

Stable Channel Update for Desktop

The Stable channel has been updated to 144.0.7559.96/.97 for Windows/Mac and 144.0.7559.96 for Linux, which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log. Security Fixes and Rewards Note: Access to bug details and links may be kept restrict...

7.5CVSS5.5AI score0.00297EPSS

Exploits1Affected Software1

Microsoft KB•added 2025/10/28 12:0 a.m.•7 views

October 28, 2025—KB5067036 (OS Builds 26200.7019 and 26100.7019) Preview

October 28, 2025—KB5067036 OS Builds 26200.7019 and 26100.7019 Preview This non-security update for Windows 11, version 25H2 and 24H2 KB5067036, improves functionality, performance, and reliability. To learn more about differences between security updates, optional non-security preview...

5.5AI score

Exploits0

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2011-1820

Malware in sbrugna...

2.1CVSS6.4AI score0.00287EPSS

Exploits0References3

CNVD•added 2025/09/16 12:0 a.m.•1 views

Gazelle Cross-Site Scripting Vulnerability

Gazelle is a web framework for private BitTorrent trackers. Gazelle suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter Message in the file /sections/tools/managers/changelog.php, which can be...

5.1CVSS4.4AI score0.00233EPSS

Exploits0References1

RedhatCVE•added 2025/09/15 2:32 a.m.•10 views

CVE-2025-10340

A vulnerability was determined in WhatCD Gazelle up to 63b337026d49b5cf63ce4be20fdabdc880112fa3. The affected element is an unknown function of the file /sections/tools/managers/changelog.php of the component Commit Message Handler. Executing manipulation of the argument Message can lead to cross...

5.1CVSS5.2AI score0.00233EPSS

Exploits0References1

NVD•added 2025/09/13 3:15 a.m.•3 views

CVE-2025-10340

5.1CVSS0.00233EPSS

Exploits0References5

CVE•added 2025/09/13 2:32 a.m.•15 views

CVE-2025-10340

Summary (MODE C): CVE-2025-10340 affects WhatCD Gazelle, specifically the Change Log utility in the Commit Message Handler. The vulnerability is a cross-site scripting flaw triggered by manipulating the Message argument in /sections/tools/managers/change_log.php. Exploitation can be performed rem...

5.1CVSS5AI score0.00233EPSS

Exploits0References5

Vulnrichment•added 2025/09/13 2:32 a.m.•1 views

CVE-2025-10340 WhatCD Gazelle Commit Message change_log.php cross site scripting

5.1CVSS3.4AI score0.00233EPSS

Exploits0References5

Positive Technologies•added 2025/09/13 12:0 a.m.•6 views

PT-2025-37365

Name of the Vulnerable Software and Affected Versions: WhatCD Gazelle versions prior to 63b337026d49b5cf63ce4be20fdabdc880112fa3 Description: A vulnerability exists in WhatCD Gazelle that allows for cross-site scripting. The issue is located in an unknown function within the...

5.1CVSS3.8AI score0.00233EPSS

Exploits0References9

CNNVD•added 2025/09/13 12:0 a.m.•1 views

Gazelle 代码注入漏洞

5.1CVSS5.9AI score0.00233EPSS

Exploits0References6

OpenVAS•added 2025/05/26 12:0 a.m.•3 views

Fedora: Security Advisory (FEDORA-2024-0cf8baac55)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.7CVSS7.8AI score0.01275EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by