CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

Positive Technologies•added 2025/12/09 12:0 a.m.•1 views

PT-2025-50086

Name of the Vulnerable Software and Affected Versions Ivanti Endpoint Manager versions prior to 2024 SU4 SR1 Description A flaw exists in Ivanti Endpoint Manager due to improper control of dynamically managed code resources. A remote, unauthenticated attacker can write arbitrary files on the...

8.8CVSS8.1AI score0.01169EPSS

Exploits0References6

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-45520

Malicious code in bioql PyPI...

6.4CVSS6.6AI score0.00072EPSS

Exploits0References1

CVE•added 2025/08/14 10:34 a.m.•15 views

CVE-2025-49887

CVE-2025-49887 is a WordPress plugin vulnerability: WPFactory Product XML Feed Manager for WooCommerce

9.9CVSS5.9AI score0.00103EPSS

Exploits0References1

CNNVD•added 2024/12/18 12:0 a.m.•2 views

WordPress plugin WPLMS 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code injection...

8.8CVSS8.7AI score0.00703EPSS

Exploits0References1

ICS•added 2024/03/26 11:32 a.m.•33 views

Hitachi Energy MACH SCM (Update A)

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 8.9 ATTENTION : Exploitable remotely Vendor : Hitachi Energy Equipment : MACH SCM Vulnerabilities : Improper Control of Generation of Code, Improper Neutralization of Directives in Dynamically Evaluated Code 2. RISK EVALUATION Successful exploitation of...

7.5CVSS7.7AI score0.00281EPSS

Exploits0References9

Vulnrichment•added 2023/09/22 1:31 p.m.•18 views

CVE-2023-5002 Pgadmin4: remote code execution by an authenticated user

A flaw was found in pgAdmin. This issue occurs when the pgAdmin server HTTP API validates the path a user selects to external PostgreSQL utilities such as pgdump and pgrestore. Versions of pgAdmin prior to 7.6 failed to properly control the server code executed on this API, allowing an...

6CVSS6.9AI score0.2376EPSS

Exploits0References4

CVE•added 2022/05/16 5:5 p.m.•74 views

CVE-2021-23267

CVE-2021-23267 affects Crafter CMS, specifically Crafter Studio. The issue is an improper control of dynamically-managed code resources that enables authenticated developers to execute operating-system commands via FreeMarker static methods. The primary impact described across sources is high sev...

9CVSS8.4AI score0.00462EPSS

Exploits0References1Affected Software1

Rapid7 Blog•added 2021/02/25 3:14 p.m.•85 views

Multiple Unauthenticated Remote Code Control and Execution Vulnerabilities in Multiple Cisco Products

What’s up? On Feb. 24, 2021, Cisco released many patches for multiple products, three of which require immediate attention by organizations if they are running affected systems and operating system/software configurations. They are detailed below: Cisco ACI Multi-Site Orchestrator Application...

10CVSS1.2AI score0.02062EPSS

Exploits0

0day.today•added 2017/07/16 12:0 a.m.•27 views

FTPGetter 5.89.0.85 - Buffer Overflow (SEH) Exploit

Exploit for windows platform in category remote exploits !/usr/bin/python Exploit Title: FTPGetter 5.89.0.85 Remote SEH Buffer Overflow Date: 07/14/2017 Exploit Author: Paul Purcell Vendor Homepage: https://www.ftpgetter.com/ Vulnerable Version Download: Available for 30 days here:...

7.5AI score

Exploits0

OpenVAS•added 2011/06/01 12:0 a.m.•15 views

Nmap NSE net: svn-brute

Performs brute force password auditing against Subversion source code control servers. SYNTAX: brute.firstonly: stop guessing after first password is found default: false brute.unique: make sure that each password is only guessed once default: true brute.retries: the number of times to retry if...

7.6AI score

Exploits0