CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

51 matches found

RedhatCVE•added 2026/05/28 8:12 a.m.•4 views

CVE-2026-44728

Babel is a compiler for writing next generation JavaScript. From 7.12.0 to before 7.29.4 and 8.0.0-alpha.13, using Babel to compile code that was specifically crafted by an attacker can cause Babel to generate output code that executes arbitrary code. This vulnerability is fixed in 7.29.4 and...

8.2CVSS6AI score0.0002EPSS

Exploits0References1

Vulnrichment•added 2026/05/26 5:48 p.m.•5 views

CVE-2026-44728 Improper Control of Generation of Code when compiling specifically crafted malicious code with @babel/plugin-transform-modules-systemjs

8.2CVSS6AI score0.0002EPSS

Exploits0References1

Cvelist•added 2026/03/26 12:0 a.m.•18 views

CVE-2026-30457

An issue in the /parser/dwoo component of Daylight Studio FuelCMS v1.5.2 allows attackers to execute arbitrary code via crafted PHP code...

0.00144EPSS

Exploits1References4

Redos•added 2025/12/03 12:0 a.m.•1 views

ROS-20251203-01

A vulnerability in the Lens component of Google Chrome browser is related to URL redirection to an untrusted website. Exploitation of the vulnerability could allow an attacker acting remotely to spoof the user interface with a specially crafted QR code. interface using a specially crafted QR code...

6.3CVSS6.5AI score0.00095EPSS

Exploits1

CVE•added 2025/11/14 2:29 a.m.•10 views

CVE-2024-13983

CVE-2024-13983 concerns Google Chrome’s Lens feature on iOS before 136.0.7103.59, where an imperfect validation of QR codes allows a remote attacker to perform a UI masquerade via a crafted QR. The underlying issue is in Lens’ handling of QR input, enabling an interface spoofing attack. Affected ...

6.3CVSS6AI score0.00095EPSS

Exploits1References2Affected Software1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-7064

Malware in sbrugna...

6.5CVSS6.6AI score0.00137EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2013-0992

Malware in sbrugna...

7.2CVSS6.1AI score0.00045EPSS

Exploits1References5

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2016-2512

Malware in sbrugna...

6.5CVSS6.5AI score0.00292EPSS

Exploits0References2

RedhatCVE•added 2025/05/22 8:53 p.m.•0 views

CVE-2021-37786

Certain Federal Office of Information Technology Systems and Telecommunication FOITT products are affected by improper handling of exceptional conditions. This affects COVID Certificate App IOS 2.2.0 and below affected, patch in progress and COVID Certificate Check App IOS 2.2.0 and below affecte...

4.6CVSS5.8AI score0.0003EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 11:9 a.m.•5 views

CVE-2013-0981

The IOUSBDeviceFamily driver in the USB implementation in the kernel in Apple iOS before 6.1.3 and Apple TV before 5.2.1 accesses pipe object pointers that originated in userspace, which allows local users to gain privileges via crafted code...

7.2CVSS6AI score0.00045EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 10:10 a.m.•3 views

CVE-2019-1010169

Jsish 2.4.77 2.0477 is affected by: Out-of-bounds Read. The impact is: denial of service. The component is: function lexergetchar jsiLexer.c:9. The attack vector is: executing crafted javascript code. The fixed version is: 2.4.78...

7.5CVSS7AI score0.00457EPSS

Exploits1References1

OSV•added 2024/12/19 9:15 p.m.•1 views

CVE-2024-12672

A third-party vulnerability exists in the Rockwell Automation Arena® that could allow a threat actor to write beyond the boundaries of allocated memory in a DOE file. If exploited, a threat actor could leverage this vulnerability to execute arbitrary code. To exploit this vulnerability, a...

7.3CVSS6.1AI score

Exploits0References1

CNNVD•added 2024/08/15 12:0 a.m.•1 views

Boa 安全漏洞

Boa is a Boa open source open source code for embedded applications. A security vulnerability exists in Boa versions prior to 0.16 through 0.19.0, which stems from a vulnerability that allows an attacker to trigger a state transition in an AsyncGenerator object via carefully constructed code,...

7.5CVSS6.6AI score0.00283EPSS

Exploits0References4

Positive Technologies•added 2024/06/27 12:0 a.m.•1 views

PT-2024-24212 · Unknown · Designa Abacus

Name of the Vulnerable Software and Affected Versions: DESIGNA ABACUS versions prior to v.19 Description: The issue allows an attacker to bypass the payment process via a crafted QR code. Recommendations: For versions prior to v.19, update to a version that includes a fix for this issue to preven...

6.3CVSS7.4AI score0.00035EPSS

Exploits0References3

OSV•added 2024/06/12 2:15 p.m.•3 views

CVE-2024-1577

Remote Code Execution vulnerability in MegaBIP software allows to execute arbitrary code on the server without requiring authentication by saving crafted by the attacker PHP code to one of the website files. This issue affects MegaBIP software versions through 5.11.2...

9.8CVSS6.2AI score0.02294EPSS

Exploits0References4

Vulnrichment•added 2023/06/29 12:0 a.m.•6 views

CVE-2020-26710

easy-parse v0.1.1 was discovered to contain a XML External Entity Injection XXE vulnerability which allows attackers to execute arbitrary code via a crafted XML file...

8.6AI score0.00068EPSS

Exploits0References1

The Hacker News•added 2023/06/28 7:24 a.m.•57 views

Critical SQL Injection Flaws Expose Gentoo Soko to Remote Code Execution

Multiple SQL injection vulnerabilities have been disclosed in Gentoo Soko that could lead to remote code execution RCE on vulnerable systems. "These SQL injections happened despite the use of an Object-Relational Mapping ORM library and prepared statements," SonarSource researcher Thomas...

9.8CVSS8.3AI score0.01058EPSS

Exploits0