CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

RedhatCVE•added 2026/01/07 9:34 a.m.•6 views

CVE-2019-7865

A cross-site request forgery CSRF vulnerability exists in the checkout cart item of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited at the time of editing or configuration...

8.8CVSS6.8AI score0.00059EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-2833

Malicious code in bioql PyPI...

6CVSS6.2AI score0.00072EPSS

Exploits0References6

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-8204

Malicious code in bioql PyPI...

5.5CVSS6.3AI score0.00055EPSS

Exploits0References3

Cvelist•added 2025/03/26 1:44 p.m.•9 views

CVE-2025-23203 Icinga has rest API endpoints accessible to restricted users

Icinga Director is an Icinga config deployment tool. A Security vulnerability has been found starting in version 1.0.0 and prior to 1.10.4 and 1.11.4 on several director endpoints of REST API. To reproduce this vulnerability an authenticated user with permission to access the Director is required...

5.5CVSS0.00055EPSS

Exploits0References5

CVE•added 2025/03/26 1:44 p.m.•87 views

CVE-2025-23203

CVE-2025-23203 affects Icinga Director (REST API) prior to versions 1.10.4 and 1.11.4. An authenticated Director user with API access can retrieve or modify information for objects they should not fully access, via endpoints such as icingaweb2/director/service (host omitted), icingaweb2/director/...

5.5CVSS5.5AI score0.00055EPSS

Exploits0References5

Positive Technologies•added 2024/04/04 12:0 a.m.•2 views

PT-2024-22667 · Apache · Cloudstack

Name of the Vulnerable Software and Affected Versions: CloudStack versions prior to 4.18.1.1 CloudStack versions prior to 4.19.0.1 Description: A problem has been identified in the CloudStack additional VM configuration extraconfig feature which can be misused by anyone who has privilege to deplo...

6.4CVSS6.6AI score0.00133EPSS

Exploits0References9

Positive Technologies•added 2023/09/21 12:0 a.m.•1 views

PT-2023-28889

Name of the Vulnerable Software and Affected Versions Pillar eve container versions 9.0.0 and later, prior to the inclusion of the config partition measurement in PCR13 Description The Pillar eve container checks for the existence and content of /config/GlobalConfig/global.json on boot. If the fi...

8.8CVSS7.8AI score0.00023EPSS

Exploits0References17

Arista•added 2023/05/31 12:0 a.m.•51 views

Security Advisory 0087

Security Advisory 0087 . CSAF PDF Date: May 31, 2023 Revision | Date | Changes ---|---|--- 1.0 | May 31, 2023 | Initial release 1.1 | September 24, 2024 | Update fixed release info The CVE-ID tracking this issue: CVE-2023-24510 CVSSv3.1 Base Score: 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H...

7.5CVSS7.6AI score0.00389EPSS

Exploits0Affected Software1

Vulnrichment•added 2022/08/05 9:14 p.m.•5 views

CVE-2022-24011

A buffer overflow vulnerability exists in the GetValue functionality of TCL LinkHub Mesh Wi-Fi MS1G0001.0014. A specially-crafted configuration value can lead to a buffer overflow. An attacker can modify a configuration value to trigger this vulnerability.This vulnerability represents all...

9.6CVSS9.6AI score0.0057EPSS

Exploits1References1

ThreatPost•added 2012/11/28 5:19 p.m.•13 views

Researcher Owns Internal Network after Victim Opens Email

Security researcher Bogdan Calin found that he could remotely compromise the internal networks of users with default or weak router passwords merely by compelling them to open a legitimate looking email on their iPhone, iPad, or Mac. Writing for the Acunetix blog, Calin explains that he has found...

1.5AI score

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by