CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

44951 matches found

Vulnrichment•added 2026/01/29 12:0 a.m.•3 views

CVE-2025-69516

A Server-Side Template Injection SSTI vulnerability in the /reporting/templates/preview/ endpoint of Amidaware Tactical RMM, affecting versions equal to or earlier than v1.3.1, allows low-privileged users with Report Viewer or Report Manager permissions to achieve remote command execution on the...

6.1AI score0.021EPSS

Exploits4References3

CNNVD•added 2026/01/29 12:0 a.m.•4 views

TeamViewer DEX Client 安全漏洞

TeamViewer DEX Client is a digital employee experience and endpoint management software from TeamViewer Germany. TeamViewer DEX Client suffers from a command injection vulnerability that can be exploited by an attacker to execute arbitrary commands on the system...

6.8CVSS6.1AI score0.00659EPSS

Exploits0References1

EUVD•added 2026/01/29 12:0 a.m.•6 views

EUVD-2025-206512

8.8CVSS6.1AI score0.021EPSS

Exploits4References3

Packet Storm•added 2026/01/29 12:0 a.m.•135 views

📄 Zimbra Collaboration Suite Postjournal 10.0.x Remote Code Execution

A critical vulnerability exists in the Zimbra Collaboration Suite ZCS PostJournal service that allows attackers to execute arbitrary system commands without authentication. The vulnerability is triggered through SMTP injection using a malicious RCPT TO parameter. This exploit provides full remote...

6.3AI score

Exploits0

Positive Technologies•added 2026/01/29 12:0 a.m.•9 views

PT-2026-5278

Ajenti 2.1.36 contains an authentication bypass vulnerability that allows remote attackers to execute arbitrary commands after successful login. Attackers can leverage the /api/terminal/create endpoint to send a netcat reverse shell payload targeting a specified IP and port...

9.8CVSS6.2AI score0.00653EPSS

Exploits0References4

Github Security Blog•added 2026/01/28 6:30 p.m.•6 views

Tendenci is Vulnerable to CSV Formula Injection through its Contact Form Message Field

Tendenci 12.3.1 contains a CSV formula injection vulnerability in the contact form message field that allows attackers to inject malicious formulas during export. Attackers can submit crafted payloads like '=10+20+cmd|' /C calc'!A0' in the message field to trigger arbitrary command execution when...

9.8CVSS5.8AI score0.10683EPSS

Exploits1References8Affected Software1

OSV•added 2026/01/28 6:30 p.m.•6 views

GHSA-4Q3W-JGFX-4792 Tendenci is Vulnerable to CSV Formula Injection through its Contact Form Message Field

9.8CVSS5.8AI score0.10683EPSS

Exploits1References7

NVD•added 2026/01/28 6:16 p.m.•8 views

CVE-2020-36962

9.8CVSS0.10683EPSS

Exploits1References4

OSV•added 2026/01/28 6:16 p.m.•8 views

PYSEC-2026-136

5.3CVSS6AI score0.10683EPSS

Exploits1References5

OSV•added 2026/01/28 6:16 p.m.•4 views

CVE-2020-36962

5.3CVSS5.8AI score

Exploits0References4

EUVD•added 2026/01/28 5:35 p.m.•5 views

EUVD-2020-30887

9.8CVSS6.1AI score0.10683EPSS

Exploits1References4

ATTACKERKB•added 2026/01/28 5:35 p.m.•4 views

CVE-2020-36962

9.8CVSS6.1AI score0.10683EPSS

Exploits1References4Affected Software1

Vulnrichment•added 2026/01/28 5:35 p.m.•3 views

CVE-2020-36962 Tendenci 12.3.1 - CSV/ Formula Injection

9.8CVSS6.1AI score0.10683EPSS

Exploits1References4

Cvelist•added 2026/01/28 5:35 p.m.•41 views

CVE-2020-36962 Tendenci 12.3.1 - CSV/ Formula Injection

9.8CVSS0.10683EPSS

Exploits1References4

OSSF Malicious Packages•added 2026/01/28 8:21 a.m.•6 views

Malicious code in react-toast-cold (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 10dcf80d6b6e15bcfb18c2f1a4211efd1c79f6f66e8aa34bbab7107a90d1da86 The package react-toast-cold was found to contain malicious code. Source: ghsa-malware dc67550f336ea3c52946bb6d0ab4f031eee7a60cc562b0fd4220750c72f086...

5.5AI score

Exploits0References1

OSV•added 2026/01/28 8:21 a.m.•7 views

MAL-2026-626 Malicious code in react-toast-cold (npm)

5.7AI score

Exploits0References1

CNNVD•added 2026/01/28 12:0 a.m.•6 views

Tendenci security vulnerabilities

Tendenci is a membership management software developed by Tendenci Inc. in the United States, primarily used by non-profit organizations and associations. This software supports functions such as member management, content management, event management, and online donation management. Version 12.3...

9.8CVSS6AI score0.10683EPSS

Exploits1References4

Positive Technologies•added 2026/01/28 12:0 a.m.•8 views

PT-2026-5154

Name of the Vulnerable Software and Affected Versions Tendenci version 12.3.1 Description The software contains a CSV formula injection issue in the contact form message field. This allows attackers to inject malicious formulas when a CSV file is exported. By submitting crafted payloads, such as...

9.8CVSS5.9AI score0.10683EPSS

Exploits1References7

OSV•added 2026/01/27 6:26 p.m.•9 views

MAL-2026-548 Malicious code in tabletas (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 27d102f1cf4d0e6b08e5e77aa57a2a436a49f782fe6571b2a8e8d114e10d968d Packages contain hidden code that is effectively run during importing or using the library, and downloads second stage code. Then, a process running in...

6.1AI score

Exploits0References3

CVE•added 2026/01/27 5:57 p.m.•13 views

CVE-2026-23592

CVE-2026-23592 affects HPE Aruba Networking Fabric Composer. Insecure file operations in the backup functionality could allow authenticated attackers to achieve remote code execution and run arbitrary commands on the underlying OS. No remediation details are provided in the supplied documents.

7.2CVSS6.5AI score0.00777EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by