CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

An issue was discovered on Espressif ESP32 3.0 ESP32rev300 ROM devices. An EMFI attack on ECO3 provides the attacker with a capability to influence the PC value at the CPU context level, regardless of Secure Boot and Flash Encryption status. By using this capability, the attacker can exploit...

6.8CVSS5.5AI score0.00118EPSS

Exploits0References3

CNVD•added 2022/05/13 12:0 a.m.•27 views

AMD BIOS Denial of Service Vulnerability

AMD BIOS is the base input and output system for AMD. A denial of service vulnerability exists in AMD BIOS, which stems from improper validation of the BIOS directory. An attacker could exploit this vulnerability to read content outside of a copy of the directory table in RAM, resulting in a...

4.9CVSS3.2AI score0.0004EPSS

Exploits0

CNVD•added 2022/02/03 12:0 a.m.•18 views

Palo Alto Networks Cortex XDR Information Disclosure Vulnerability

Palo Alto Networks Cortex XDR is a security operations platform for remote endpoint-based detection from Palo Alto Networks Malaysia. A security vulnerability exists in the Palo Alto Networks Cortex XDR agent that can be exploited by an attacker to read the contents of any file on the system with...

5.5CVSS5.4AI score0.00053EPSS

Exploits0References1

OSV•added 2021/01/28 8:15 p.m.•0 views

CVE-2021-3337

The Hide-Thread-Content plugin through 2021-01-27 for MyBB allows remote attackers to bypass intended content-reading restrictions by clicking on reply or quote in the postbit...

7.5CVSS7.2AI score

Exploits0References2

Cvelist•added 2021/01/28 7:32 p.m.•16 views

CVE-2021-3337

The Hide-Thread-Content plugin through 2021-01-27 for MyBB allows remote attackers to bypass intended content-reading restrictions by clicking on reply or quote in the postbit...

7.8AI score0.21298EPSS

Exploits3References2

CNNVD•added 2021/01/28 12:0 a.m.•1 views

MyBB Hide-Thread-Content plugin security vulnerability

MyBB MyBulletinBoard is a free and web-based forum software developed by MyBB MYBB team using PHP and MySQL. The software is easy to use, supports multiple languages, scalable and so on. A security vulnerability exists in the MyBB Hide-Thread-Content plugin through 2021-01-27, which originates fr...

7.5CVSS7.2AI score0.21298EPSS

Exploits3References5

Positive Technologies•added 2019/01/08 12:0 a.m.•1 views

PT-2019-1135 · Microsoft · Sharepoint Server

Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint Server affected versions not specified Description: The issue exists due to inadequate protection of the web page structure. An attacker could exploit this by sending a specially crafted request to the vulnerable SharePoi...

5.4CVSS8.3AI score0.01289EPSS

Exploits0References9

Microsoft CVE•added 2018/06/12 7:0 a.m.•39 views

Microsoft SharePoint Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint...

5.4CVSS1.2AI score0.01401EPSS

Exploits0

NVD•added 2014/03/06 11:55 a.m.•12 views

CVE-2014-0624

EMC RSA Data Loss Prevention DLP 9.x before 9.6-SP2 does not properly manage sessions, which allows remote authenticated users to gain privileges and bypass intended content-reading restrictions via unspecified vectors...

2.7CVSS6.5AI score0.00077EPSS

Exploits1References1

Cvelist•added 2014/03/06 11:0 a.m.•19 views

CVE-2014-0624

6.5AI score0.00077EPSS

Exploits1References1

UbuntuCve•added 2012/08/21 11:55 p.m.•18 views

CVE-2012-4168

Adobe Flash Player before 10.3.183.23 and 11.x before 11.4.402.265 on Windows and Mac OS X, before 10.3.183.23 and 11.x before 11.2.202.238 on Linux, before 11.1.111.16 on Android 2.x and 3.x, and before 11.1.115.17 on Android 4.x; Adobe AIR before 3.4.0.2540; and Adobe AIR SDK before 3.4.0.2540...

4.3CVSS5.9AI score0.00786EPSS

Exploits0References2

NVD•added 2011/12/14 12:55 a.m.•10 views

CVE-2011-1992

The XSS Filter in Microsoft Internet Explorer 8 allows remote attackers to read content from a different 1 domain or 2 zone via a "trial and error" attack, aka "XSS Filter Information Disclosure Vulnerability."...

4.3CVSS5.6AI score0.18149EPSS

Exploits0References3

myhack58•added 2008/11/17 12:0 a.m.•22 views

DZ! sodb-2 0 0 8-1 3 EXP published-vulnerability warning-the black bar safety net

!/ usr/bin/php ? php / Discuz! 6. x/7. x SODB-2 0 0 8-1 3 Exp By www.80vul.com Notes the value of the variable, add your own modifications / $host = ‘www.80vul.com’; // Server domain or IP $path = ‘/discuz/’; // Where the program path $key = 0; // The above variable is edited, make will the value...

7.1AI score

Exploits0