CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12349 matches found

OSV•added 2026/06/01 9:16 a.m.•7 views

UBUNTU-CVE-2026-45505

Improper Input Validation, Improper Control of Generation of Code 'Code Injection' vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. Non-parenthesized discovery wrappers such as masterslave:vm://...,... and static:vm://... incorrectly pass validation allowing bypass o...

8.8CVSS6.6AI score0.87048EPSS

Exploits12References5

OSV•added 2026/06/01 9:16 a.m.•6 views

UBUNTU-CVE-2026-42253

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Apache ActiveMQ, Apache ActiveMQ Web. The MessageServlet in the ActiveMQ web console API copies every JMS message property into an HTTP response header without any validation. This can allow...

6.1CVSS5.8AI score0.00423EPSS

Exploits0References5

Rosalinux•added 2026/06/01 8:37 a.m.•9 views

Advisory ROSA-SA-2026-3297

CVE-ID: CVE-2024-41817 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: The vulnerability in the AppImage version of ImageMagick relates to the use of an empty path during the installation of environment variables MAGICKCONFIGUREPATH and LDLIBRARYPATH. This allows attackers to execute arbitrary code by...

9.8CVSS6.5AI score0.04098EPSS

Exploits14

OSSF Malicious Packages•added 2026/06/01 7:40 a.m.•8 views

Malicious code in nrwl.angular-console (VSCode)

--- -= Per source details. Do not edit below this line.=- Source: google-open-source-security 12636eadc931d19fc68ca6d30f5397404c6b782a67537c770c944ed9337a4125 The compromised version of the Nx Console VS Code extension contains malicious code injected into its main execution file. When a develope...

6.1AI score

Exploits0References4

OSSF Malicious Packages•added 2026/06/01 7:40 a.m.•11 views

Malicious code in nrwl.angular-console (VSCode:https://open-vsx.org)

6.1AI score

Exploits0References4

OSV•added 2026/06/01 7:40 a.m.•5 views

MAL-2026-5162 Malicious code in nrwl.angular-console (VSCode:https://open-vsx.org)

6.1AI score

Exploits0References4

OSV•added 2026/06/01 7:40 a.m.•4 views

MAL-2026-5161 Malicious code in nrwl.angular-console (VSCode)

6.1AI score

Exploits0References4

EUVD•added 2026/06/01 7:23 a.m.•9 views

EUVD-2026-33578

6.1CVSS5.8AI score0.00423EPSS

Exploits0References1

Vulnrichment•added 2026/06/01 7:23 a.m.•7 views

CVE-2026-42253 Apache ActiveMQ, Apache ActiveMQ Web: HTTP Response Header Injection via JMS Message Properties

5.8AI score0.00423EPSS

Exploits0References1

CNNVD•added 2026/06/01 12:0 a.m.•6 views

Apache ActiveMQ 安全漏洞

Apache ActiveMQ is an open-source messaging middleware developed by the Apache Foundation in the United States. It supports Java Message Service, clustering, Spring Framework, etc. There is a security vulnerability in Apache ActiveMQ. This vulnerability stems from the MessageServlet in the web...

6.1CVSS5.3AI score0.00423EPSS

Exploits0References2

OSV•added 2026/05/29 4:3 p.m.•7 views

RLSA-2026:18537 Important: tomcat security update

Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages JSP technologies. Security Fixes: tomcat: Apache Tomcat: Security constraint bypass for CGI scripts CVE-2025-46701 org.apache.tomcat/tomcat-catalina: tomcat: Apache Tomcat: session fixation via rewrite valve...

6.5CVSS7AI score0.09244EPSS

Exploits1References4

Rockylinux•added 2026/05/29 4:3 p.m.•12 views

tomcat security update

An update is available for tomcat. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Apache Tomcat is a servlet container for the Java Servlet and JavaServer Page...

9.6CVSS7.2AI score0.09244EPSS

Exploits1

NVD•added 2026/05/29 12:16 p.m.•15 views

CVE-2025-41276

Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to execute arbitrary operating...

9.8CVSS0.0138EPSS

Exploits0References1

NVD•added 2026/05/29 12:16 p.m.•12 views

CVE-2025-41277

9.8CVSS0.0138EPSS

Exploits0References1

NVD•added 2026/05/29 12:16 p.m.•12 views

CVE-2025-41270

9.8CVSS0.0138EPSS

Exploits0References1

NVD•added 2026/05/29 12:16 p.m.•10 views

CVE-2025-41271

Nozomi Networks Labs identified a CWE-23: Relative Path Traversal in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to read arbitrary files from the device...

8.7CVSS0.00434EPSS

Exploits0References1

NVD•added 2026/05/29 12:16 p.m.•16 views

CVE-2025-41272

9.8CVSS0.0138EPSS

Exploits0References1

NVD•added 2026/05/29 12:16 p.m.•14 views

CVE-2025-41274

9.8CVSS0.0138EPSS

Exploits0References1

NVD•added 2026/05/29 12:16 p.m.•11 views

CVE-2025-41273

Nozomi Networks Labs identified a CWE-288: Authentication Bypass Using an Alternate Path or Channel in the Console WebUI in Waterfall WF-500 TX and RX Hosts in version 7.9.1.0 R2502171040 that allows remote unauthenticated attackers to bypass authentication of the Console web application and...

9.8CVSS0.00407EPSS

Exploits0References1

NVD•added 2026/05/29 12:16 p.m.•11 views

CVE-2025-41275

9.8CVSS0.0138EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by