CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

165 matches found

NVD•added 2026/05/24 12:16 p.m.•10 views

CVE-2026-9379

A weakness has been identified in Edimax BR-6675nD 1.12. This impacts the function formWpsStart of the file /goform/formWpsStart of the component POST Request Handler. This manipulation of the argument pinCode causes command injection. The attack can be initiated remotely. The exploit has been ma...

6.5CVSS0.01364EPSS

Exploits0References5

EUVD•added 2026/05/10 3:33 a.m.•6 views

EUVD-2026-28953

A security flaw has been discovered in Industrial Application Software IAS Canias ERP 8.03. Impacted is the function Runtime.getRuntime.exec of the component RMI Interface. Performing a manipulation of the argument troiaCode results in os command injection. The attack may be initiated remotely. T...

6.5CVSS6.3AI score0.01201EPSS

Exploits0References5

RedhatCVE•added 2026/01/09 10:48 a.m.•9 views

CVE-2022-31207

The Omron SYSMAC Cx product family PLCs CS series, CJ series, and CP series through 2022-05-18 lack cryptographic authentication. They utilize the Omron FINS 9600/TCP protocol for engineering purposes, including downloading projects and control logic to the PLC. This protocol has authentication...

9.8CVSS8.1AI score0.00733EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:46 a.m.•9 views

CVE-2022-31206

The Omron SYSMAC Nx product family PLCs NJ series, NY series, NX series, and PMAC series through 2022-005-18 lack cryptographic authentication. These PLCs are programmed using the SYMAC Studio engineering software which compiles IEC 61131-3 conformant POU code to native machine code for execution...

9.8CVSS7.9AI score0.0082EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:30 a.m.•4 views

CVE-2019-16414

A DOM based XSS in GFI Kerio Control v9.3.0 allows embedding of malicious code and manipulating the login page to send back a victim's cleartext credentials to an attacker via a login/?reason=failure= URI...

6.1CVSS6.2AI score0.01566EPSS

Exploits2References1

CNNVD•added 2025/12/31 12:0 a.m.•4 views

Full Stack Bank SQL注入漏洞

Full Stack Bank is a banking system by the individual developer Krystian Pińczak. Full Stack Bank suffers from a SQL injection vulnerability that stems from unknown code manipulation of the component User Handler, which could lead to a SQL injection attack...

5.8CVSS5.8AI score0.00202EPSS

Exploits0References4

Positive Technologies•added 2025/10/12 12:0 a.m.•4 views

PT-2025-41706

Name of the Vulnerable Software and Affected Versions jimit105 Project-Online-Shopping-Website versions up to 7d892f442bd8a96dd242dbe2b9bd5ed641e13e64 Description A flaw exists in the Product Inventory Handler component of jimit105 Project-Online-Shopping-Website. The issue involves a SQL injecti...

5.8CVSS4.8AI score0.00235EPSS

Exploits0References9

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2021-24900

Malware in sbrugna...

7.6CVSS7.5AI score0.00272EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-53746

Malicious code in bioql PyPI...

8.8CVSS6.6AI score0.00516EPSS

Exploits0References2