CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CastleNet CBV38Z4EC 125.553mp1.39219mp1.899.007, CBV38Z4ECNIT 125.553mp1.39219mp1.899.005ITT, CBW383G4J 37.556mp5.008, and CBW38G4J 37.553mp1.008 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests...

9.8CVSS7.3AI score0.00644EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 12:59 p.m.•7 views

CVE-2018-20384

iNovo Broadband IB-8120-W21 139.4410mp1.004200.002 and IB-8120-W21E1 139.4410mp1.3921132mp1.899.004404.004 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests...

9.8CVSS7.3AI score0.00644EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 11:13 a.m.•10 views

CVE-2013-4790

Open-Xchange AppSuite before 7.0.2 rev14, 7.2.0 before rev11, 7.2.1 before rev10, and 7.2.2 before rev9 relies on user-supplied data to predict the IMAP server hostname for an external domain name, which allows remote authenticated users to discover e-mail credentials of other users in...

3.5CVSS6.5AI score0.00284EPSS

Exploits2References1

RedhatCVE•added 2025/05/22 3:32 a.m.•2 views

CVE-2018-20400

Ubee DVW2108 6.28.1017 and DVW2110 6.28.2012 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests...

9.8CVSS7.3AI score0.00644EPSS

Exploits1References1

OSV•added 2025/01/20 2:15 p.m.•1 views

CVE-2025-24337

WriteFreely through 0.15.1, when MySQL is used, allows local users to discover credentials by reading config.ini...

8.4CVSS8AI score

Exploits0References3

Vulnrichment•added 2025/01/20 12:0 a.m.•6 views

CVE-2025-24337

WriteFreely through 0.15.1, when MySQL is used, allows local users to discover credentials by reading config.ini...

8.4CVSS6.6AI score0.00041EPSS

Exploits0References3

AlpineLinux•added 2024/01/22 12:0 a.m.•24 views

CVE-2024-23770

darkhttpd through 1.15 allows local users to discover credentials for --auth by listing processes and their arguments...

5.5CVSS6.9AI score0.00027EPSS

Exploits0References3

Prion•added 2023/10/22 10:15 p.m.•11 views

Authentication flaw

The zanllp sd-webui-infinite-image-browsing aka Infinite Image Browsing extension before 977815a for stable-diffusion-webui aka Stable Diffusion web UI, if Gradio authentication is enabled without secret key configuration, allows remote attackers to read any local file via /file?path= in the URL,...

5CVSS7.6AI score0.00164EPSS

Exploits0References2Affected Software1

Cvelist•added 2023/04/25 12:0 a.m.•11 views

CVE-2023-26560

Northern.tech CFEngine Enterprise before 3.21.1 allows a subset of authenticated users to leverage the Scheduled Reports feature to read arbitrary files and potentially discover credentials...

6.3AI score0.00395EPSS

Exploits0References2

Positive Technologies•added 2023/03/28 12:0 a.m.•4 views

PT-2023-20274 · Veracode · Veracode Azure Devops Extension +2

Name of the Vulnerable Software and Affected Versions: Veracode Scan Jenkins Plugin versions prior to 23.3.19.0 Veracode Azure DevOps Extension versions prior to 3.20.0 Description: A credential-leak issue was discovered in related Veracode products. The Veracode Scan Jenkins Plugin, when...

5.5CVSS5.3AI score0.00051EPSS

Exploits0References7

CNVD•added 2021/09/26 12:0 a.m.•13 views

Gradle Enterprise server-side request forgery vulnerability

Gradle Enterprise improves developer productivity by accelerating builds, improving build reliability, and speeding up build debugging.A server-side request forgery vulnerability exists in versions of Gradle Enterprise prior to 2021.1.3. An attacker could use this vulnerability to discover...

7.5CVSS3.5AI score0.00276EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by