CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ATTACKERKB•added 2026/04/21 8:19 a.m.•1 views

CVE-2025-13826

EUVD•added 2026/04/21 8:19 a.m.•0 views

Exploits0References2

EUVD-2025-209536

CVE•added 2026/04/21 8:19 a.m.•5 views

CVE-2025-13826

Zervit’s portable HTTP/web server is vulnerable to remote DoS due to inadequate validation of user-supplied input during a configuration reset request. The impact can cause the application to stop responding, requiring a manual restart. CVSS v4 metrics in the description show a base score of 8.2 ...

Cvelist•added 2026/04/21 8:19 a.m.•27 views

CVE-2025-13826 Incorrect input validation on the Zervit portable HTTP/Web server

8.2CVSS0.00109EPSS

Vulnrichment•added 2026/04/21 8:19 a.m.•0 views

CVE-2025-13826 Incorrect input validation on the Zervit portable HTTP/Web server

Positive Technologies•added 2026/04/21 12:0 a.m.•0 views

PT-2026-33922

CNNVD•added 2026/04/21 12:0 a.m.•2 views

Exploits0References2

Zervit 输入验证错误漏洞

Zervit is an open-source HTTP/Web server developed by Zervit. Zervit has a vulnerability related to input validation. This vulnerability arises due to insufficient input validation during configuration reset requests, which may lead to a remote denial-of-service attack, causing the application to...

NVD•added 2026/03/21 4:17 a.m.•0 views

CVE-2026-3570

The Smarter Analytics plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 2.0. This is due to missing authentication and capability checks on the configuration reset functionality in the global scope of smarter-analytics.php. This makes it possible for...

5.3CVSS0.00193EPSS

ATTACKERKB•added 2026/03/21 3:26 a.m.•1 views

CVE-2026-3570

5.3CVSS5.8AI score0.00193EPSS

Exploits0References4

Vulnrichment•added 2026/03/21 3:26 a.m.•1 views

CVE-2026-3570 Smarter Analytics <= 2.0 - Missing Authorization to Unauthenticated Plugin Settings Reset via 'reset' Parameter

5.3CVSS5.8AI score0.00193EPSS

CNNVD•added 2026/03/21 12:0 a.m.•2 views

WordPress plugin Smarter Analytics 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

5.3CVSS5.8AI score0.00193EPSS

NVD•added 2026/02/19 11:15 a.m.•3 views

CVE-2025-15563

Any unauthenticated user can reset the WorkTime on-prem database configuration by sending a specific HTTP request to the WorkTime server. No authorization check is applied here...

5.3CVSS0.00059EPSS

Vulnrichment•added 2026/02/19 4:36 a.m.•2 views

CVE-2026-2504 Dealia – Request a quote <= 1.0.7 - Missing Authorization to Authenticated (Contributor+) Plugin Configuration Reset

The Dealia – Request a quote plugin for WordPress is vulnerable to unauthorized modification of data due to missing capability checks on multiple AJAX handlers in all versions up to, and including, 1.0.7. The admin nonce DEALIAADMINNONCE is exposed to all users with editposts capability...

4.3CVSS5.8AI score0.00047EPSS

Exploits0References7

CVE•added 2026/02/19 4:36 a.m.•9 views

CVE-2026-2504

CVE-2026-2504 concerns the Dealia – Request a quote plugin for WordPress. Wordfence reports an unauthorised data modification vulnerability caused by missing capability checks on multiple AJAX handlers, with the DEALIA_ADMIN_NONCE exposed to users with edit_posts capability (Contributor+) via wp_...

4.3CVSS5.9AI score0.00047EPSS

Exploits0References7

Cvelist•added 2026/02/19 4:36 a.m.•28 views

CVE-2026-2504 Dealia – Request a quote <= 1.0.7 - Missing Authorization to Authenticated (Contributor+) Plugin Configuration Reset

4.3CVSS0.00047EPSS

Exploits0References7

Patchstack•added 2026/02/18 11:54 p.m.•6 views

WordPress Dealia - Request a quote plugin <= 1.0.6 - Missing Authorization to Authenticated (Contributor+) Plugin Configuration Reset vulnerability

WordPress Dealia - Request a quote plugin = 1.0.6 - Missing Authorization to Authenticated Contributor+ Plugin Configuration Reset vulnerability discovered by Ronnachai Sretawat Na Ayutaya Simonhaskelly - Reconix Co., Ltd. in WordPress Plugin Dealia versions = 1.0.6...

4.3CVSS5.5AI score0.00047EPSS

Exploits0References1Affected Software1

CNNVD•added 2025/12/22 12:0 a.m.•3 views

SOUND4多款产品访问控制错误漏洞

SOUND4 IMPACT and others are products of SOUND4, a French company.SOUND4 IMPACT is a professional broadcast audio processor.SOUND4 FIRST is a broadcast audio processor.SOUND4 PULSE is an audio processor. An access control error vulnerability exists in various SOUND4 products that originates in th...

9.8CVSS6.6AI score0.00663EPSS

Exploits2References5

CNNVD•added 2025/12/22 12:0 a.m.•2 views

Keyfactor SignServer 安全漏洞

Keyfactor SignServer is a digital signature engine from Keyfactor USA. A security vulnerability exists in Keyfactor SignServer versions prior to 7.2, which stems from an error in the container startup logic and could result in a reset configuration to allowany...

4.7CVSS6.6AI score0.00064EPSS