CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

73 matches found

EnGenius EnShare IoT Gigabit Cloud Service 1.4.11 Root Remote Code Execution

An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and earlier.The usbinteract.cgi script fails to properly sanitize user input passed to the path parameter, allowing unauthenticated remote attackers to inject arbitrary shell commands.The injected comman...

10CVSS6.1AI score0.12334EPSS

Exploits2References4

Talos•added yesterday•3 views

GeoVision GV-VMS V20 GV-Cloud memory corruption vulnerability

Summary A memory corruption vulnerability exists in the GV-Cloud functionality of GV-VMS V20 versions: 20.0.2. A specially crafted network request can lead to a denial of service. An attacker can impersonate the legitimate server to trigger this vulnerability. Confirmed Vulnerable Versions The...

6.2CVSS6.5AI score

Exploits0

IBM Security Bulletins•added 2026/06/12 7:2 p.m.•8 views

Security Bulletin: Security Vulnerability in Spring Cloud Affects IBM Sterling B2B Integrator and IBM Sterling File Gateway (CVE-2025-41235)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed the security vulnerability in Spring Cloud Vulnerability Details CVEID:CVE-2025-41235 DESCRIPTION: Spring Cloud Gateway Server forwards the X-Forwarded-For and Forwarded headers from untrusted proxies. CWE:CWE-444:...

8.6CVSS7.9AI score0.00276EPSS

Exploits0Affected Software1

EUVD•added 2026/05/25 9:40 p.m.•9 views

EUVD-2026-31758

Missing Authorization vulnerability in Patterns in the cloud Autoship Cloud for WooCommerce Subscription Products allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Autoship Cloud for WooCommerce Subscription Products: from n/a through 2.14.0...

4.3CVSS5.8AI score0.002EPSS

Exploits0References1

NVD•added 2026/05/03 5:15 a.m.•14 views

CVE-2026-7679

A security flaw has been discovered in YunaiV yudao-cloud up to 2026.01. This impacts the function getAccessToken of the file yudao-module-system-biz/src/main/java/io/github/ruoyi/common/oauth2/service/impl/OAuth2TokenServiceImpl.java. Performing a manipulation results in improper authentication...

7.5CVSS0.00414EPSS

Exploits0References4

vulnersOsv•added 2026/03/23 12:0 a.m.•10 views

org.apereo.cas:cas-server-support-configuration-cloud-amqp (>=8.0.0-RC1 <=8.0.0-RC2), org.apereo.cas:cas-server-webapp-init-config-server (>=8.0.0-RC1 <=8.0.0-RC2) +3 more potentially affected by CVE-2026-22739 via org.springframework.cloud:spring-cloud-config-server (>=5.0.0-M1 <=5.0.1)

org.springframework.cloud:spring-cloud-config-server MAVEN version =5.0.0-M1, =8.0.0-RC1, =8.0.0-RC1, =5.0.0, =5.0.0, =5.0.1 Source cves: CVE-2026-22739 Source advisory: SNYK:JAVA-ORGSPRINGFRAMEWORKCLOUD-15762281...

8.6CVSS5.8AI score0.0122EPSS

Exploits0

OSV•added 2026/02/25 6:57 p.m.•4 views

GHSA-RVHR-26G4-P2R8 Budibase: Remote Code Execution via Unsafe eval() in View Filter Map Function (Budibase Cloud)

Summary A critical unsafe eval vulnerability in Budibase's view filtering implementation allows any authenticated user including free tier accounts to execute arbitrary JavaScript code on the server. This vulnerability ONLY affects Budibase Cloud SaaS - self-hosted deployments use native CouchDB...

9.9CVSS6.5AI score0.00335EPSS

Exploits1References6

CNNVD•added 2026/02/03 12:0 a.m.•4 views

Rapid7 InsightVM 安全漏洞

Rapid7 InsightVM is a vulnerability scanning and management application developed by Rapid7, Inc. Versions of Rapid7 InsightVM prior to 8.34.0 contain security vulnerabilities. These vulnerabilities stem from issues with signature verification at the cloud point of the consumer service. As a...

9.6CVSS5.8AI score0.00142EPSS

Exploits0References2

RedhatCVE•added 2026/01/09 9:20 a.m.•7 views

CVE-2021-33666

When SAP Commerce Cloud version 100, hosts a JavaScript storefront, it is vulnerable to MIME sniffing, which, in certain circumstances, could be used to facilitate an XSS attack or malware proliferation...

6.1CVSS6AI score0.00543EPSS

Exploits0References1

CVE•added 2025/11/25 7:27 a.m.•72 views

CVE-2025-59366

The CVE-2025-59366 issue affects AiCloud, with a critical authentication bypass caused by an unintended side effect of Samba functionality. PT-2025-48017 lists affected AiCloud versions prior to 3.0.0.4 386/388/0.6 102 and describes the vulnerability as allowing execution of specific router funct...

9.2CVSS6.7AI score0.14549EPSS

Exploits1References1

VulnCheck KEV•added 2025/11/19 12:0 a.m.•3 views

VulnCheck KEV: CVE-2024-12912

An improper input insertion vulnerability in AiCloud on certain router models may lead to arbitrary command execution. Refer to the '01/02/2025 ASUS Router AiCloud vulnerability' section on the ASUS Security Advisory for more information...

7.2CVSS5.9AI score0.01217EPSS

In wildExploits1References2

CNVD•added 2025/10/17 12:0 a.m.•5 views

Unspecified Vulnerability in Microsoft Azure (CNVD-2025-24170)

Microsoft Azure is a set of open, enterprise-grade cloud computing platforms from the U.S.-based Microsoft. Microsoft Azure has a security vulnerability that can be exploited by an attacker who can elevate privileges...

8.2CVSS6.9AI score0.00401EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2016-6871

Malware in sbrugna...

8.8CVSS8.8AI score0.00554EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2020-30454

Malware in sbrugna...

9.8CVSS9AI score0.03555EPSS

Exploits0References2