CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1883 matches found

Roundcube Webmail - Remote Code Execution

Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated users because the from parameter in a URL is not validated in program/actions/settings/upload.php, leading to PHP Object Deserialization. id: CVE-2025-49113 info: name: Roundcube Webmail - Remote...

9.9CVSS8AI score0.89462EPSS

Exploits29References8

Nuclei•added yesterday•15 views

Ruckus vRioT IoT Controller - Authentication Bypass

Ruckus vRioT through 1.5.1.0.21 contains an API backdoor caused by a hardcoded token in validatetoken.py,letting unauthenticated attackers interact with the API without authentication. id: CVE-2020-26879 info: name: Ruckus vRioT IoT Controller - Authentication Bypass author: DhiyaneshDk severity:...

10CVSS7.3AI score0.42479EPSS

Exploits1References6

RedHat Linux•added 6 days ago•9 views

Critical: Red Hat Security Advisory: OpenShift Container Platform 4.18.44 bug fix and security update

Red Hat OpenShift Container Platform release 4.18.44 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.18. Red Hat Product Security has rated this update as having a...

9.8CVSS5.5AI score0.00514EPSS

Exploits3References7

RedHat Linux•added 6 days ago•8 views

Critical: Red Hat Security Advisory: kernel security, bug fix, and enhancement update

An update for kernel is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability...

9.8CVSS6.8AI score0.00514EPSS

Exploits4References25

Nuclei•added 2026/06/16 7:13 a.m.•133 views

GiveWP - PHP Object Injection

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.14.1 via deserialization of untrusted input from the 'givetitle' parameter. id: CVE-2024-5932 info: name: GiveWP - PHP Object Injection author:...

10CVSS8.8AI score0.74427EPSS

Exploits11References7

RedHat Linux•added 2026/06/10 8:9 p.m.•14 views

Critical: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from...

9.8CVSS6.5AI score0.00542EPSS

Exploits0References14

AlpineLinux•added 2026/05/28 10:25 p.m.•4 views

CVE-2026-9881

Use after free in Bluetooth in Google Chrome on Mac prior to 148.0.7778.216 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. Chromium security severity: Critical...

9CVSS5.5AI score0.00211EPSS

Exploits0

CVE•added 2026/05/28 10:25 p.m.•33 views

CVE-2026-9873

CVE-2026-9873 is a use-after-free vulnerability in Google Chrome's Network component. In Chromium-based Chrome, the flaw could allow a remote attacker to execute arbitrary code inside the sandbox via a crafted HTML page. Affected builds are prior to 148.0.7778.216; a fixed version is 148.0.7778.2...

8.8CVSS6.2AI score0.00301EPSS

Exploits0References2Affected Software1

OSV•added 2026/05/28 3:43 p.m.•7 views

RLSA-2026:19372 Critical: nginx:1.26 security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945 For more details about the security issues, including the impact, a CVSS...

8.1CVSS6.1AI score0.23018EPSS

Exploits39References2

RedHat Linux•added 2026/05/18 1:2 p.m.•10 views

Critical: Red Hat Security Advisory: nginx security update

An update for nginx is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

9.2CVSS6.1AI score0.23018EPSS

Exploits39References2

RedHat Linux•added 2026/05/12 8:58 p.m.•12 views

Important: Red Hat Security Advisory: Kiali 2.11.10 for Red Hat OpenShift Service Mesh 3.1

Kiali 2.11.10 for Red Hat OpenShift Service Mesh 3.1 is now available. An update is now available for Red Hat OpenShift Service Mesh 3.1. This advisory contains the RPM packages for the Kiali component. Red Hat Product Security has rated this update as having a security impact of Critical. A Comm...

10CVSS7.2AI score0.00413EPSS

Exploits6References10

GithubExploit•added 2026/05/04 11:19 a.m.•64 views

Exploit for Missing Authentication for Critical Function in Cpanel

CVE-2026-41940 cPanel & WHM Verification Tool This repository...

9.8CVSS6.1AI score0.90543EPSS

Exploits63

RedHat Linux•added 2026/04/16 1:44 p.m.•7 views

Critical: Red Hat Security Advisory: Kiali 1.73.29 for Red Hat OpenShift Service Mesh 2.6

Kiali 1.73.29 for Red Hat OpenShift Service Mesh 2.6 is now available. An update is now available for Red Hat OpenShift Service Mesh 2.6. This advisory contains the RPM packages for the Kiali component. Red Hat Product Security has rated this update as having a security impact of Critical. A Comm...

10CVSS6.3AI score0.01195EPSS

Exploits11References12

Circl•added 2026/03/05 11:3 a.m.•4 views

CVE-2026-20015

creationtimestamp| type| source ---|---|--- 2026-03-05 11:03:43+00:00| seen| https://www.cert.at/de/warnungen/2026/3/kritische-sicherheitslucken-in-cisco-secure-firewall-produkten-updates-verfugbar 2026-03-05 14:15:08+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mgcyc5zbe22b...

5.8CVSS5.9AI score0.00303EPSS

Exploits0References2

Circl•added 2026/03/05 11:3 a.m.•5 views

CVE-2026-20013

5.8CVSS5.9AI score0.00303EPSS

Exploits0References2

Positive Technologies•added 2026/03/04 12:0 a.m.•7 views

PT-2026-23059

Name of the Vulnerable Software and Affected Versions changedetection.io versions prior to 0.54.4 Description A Zip Slip vulnerability exists in the backup restore functionality, allowing arbitrary file overwrite via path traversal in uploaded ZIP archives. The application uses zipfile.extractall...

9.3CVSS5.9AI score0.00527EPSS

Exploits1References11

RedHat Linux•added 2026/01/08 7:41 p.m.•5 views

Critical: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.5 Container Release Update

An update is now available for Red Hat Ansible Automation Platform 2.5 Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams,...

9.3CVSS7.5AI score0.1383EPSS

Exploits4References4

RedhatCVE•added 2026/01/07 9:54 a.m.•5 views

CVE-2025-1369

A vulnerability classified as critical was found in MicroWord eScan Antivirus 7.0.32 on Linux. Affected by this vulnerability is an unknown functionality of the component USB Password Handler. The manipulation leads to os command injection. The attack needs to be approached locally. The complexit...

4.5CVSS7.1AI score0.03227EPSS

Exploits1References1

RedhatCVE•added 2026/01/07 9:43 a.m.•6 views

CVE-1999-0520

A system-critical NETBIOS/SMB share has inappropriate access control...

6.4CVSS6.9AI score0.01466EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:42 a.m.•5 views

CVE-1999-0522

The permissions for a system-critical NIS+ table e.g. passwd are inappropriate...

7.2CVSS7AI score0.00425EPSS

Exploits0References1