CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

5059 matches found

Packet Storm•added 2025/11/18 12:0 a.m.•136 views

📄 Snipe-IT 8.3.4 Cross Site Scripting

Snipe-IT version 8.3.4 suffers from a cross site scripting vulnerability. Product Info Snipe-IT is a free and open-source IT asset management system FOSS built on Laravel. It provides hardware asset tracking, software license management, accessories, and consumables inventory features for IT...

7.1CVSS6.4AI score0.00044EPSS

Positive Technologies•added 2025/11/18 12:0 a.m.•1 views

PT-2025-47286

Name of the Vulnerable Software and Affected Versions Simple User Import Export plugin for WordPress versions up to and including 1.1.7 Description The Simple User Import Export plugin for WordPress is susceptible to CSV Injection through the 'Import/export users' function. This allows...

6.6CVSS6.4AI score0.00072EPSS

Exploits0References5

Patchstack•added 2025/11/17 11:55 p.m.•5 views

WordPress Simple User Import Export plugin <= 1.1.7 - Authenticated (Admin+) CSV Injection vulnerability

Authenticated Admin+ CSV Injection vulnerability discovered by Ivan Cese in WordPress Plugin Simple User Import Export versions = 1.1.7...

6.6CVSS7.2AI score0.00072EPSS

Exploits0References1Affected Software1

EUVD•added 2025/11/13 3:23 a.m.•3 views

EUVD-2025-176627

Malicious code in rimraf-quantum-csv-javascript npm...

OSSF Malicious Packages•added 2025/11/13 3:23 a.m.•4 views

Malicious code in csv-helmet-dione-canopus (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector c13660b1e5cd8242126ed9b1d8d9e9fd3a9430c6c23281cb67541a8d90eb0873 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD•added 2025/11/13 3:23 a.m.•1 views

EUVD-2025-175558

Malicious code in whitedwarf-inquirer-csv-blitz npm...

EUVD•added 2025/11/13 3:23 a.m.•0 views

EUVD-2025-179810

Malicious code in ceres-perseus-csv-nconf npm...

EUVD•added 2025/11/13 3:23 a.m.•2 views

EUVD-2025-175503

Malicious code in xenon-prettier-plugin-markdown-csv-barnard npm...

EUVD•added 2025/11/13 3:23 a.m.•2 views

EUVD-2025-175675

Malicious code in vuetify-thermochronology-csv-cryovolcano npm...

OSV•added 2025/11/13 3:23 a.m.•1 views

MAL-2025-189248 Malicious code in rimraf-quantum-csv-javascript (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 9909070a68830c6d663c79812a272f46e552253bfb360b94ab3ec3234e687778 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD•added 2025/11/13 3:23 a.m.•1 views

EUVD-2025-179450

Malicious code in csv-mongodb-rehype-less-loader npm...

EUVD•added 2025/11/13 3:23 a.m.•1 views

EUVD-2025-177899

Malicious code in mensa-subscription-antares-csv npm...

EUVD•added 2025/11/13 3:23 a.m.•1 views

EUVD-2025-179449

Malicious code in csv-puppeteer-phoenix-event npm...

OSSF Malicious Packages•added 2025/11/13 3:23 a.m.•4 views

Malicious code in csv-mongodb-rehype-less-loader (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 07f821738c4cf7c99d8107896b24f9a81bd00506c105a6aca07ef8a729d5d444 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD•added 2025/11/13 3:23 a.m.•2 views

EUVD-2025-176557

Malicious code in sagitta-protractor-taurus-csv npm...

EUVD•added 2025/11/13 3:23 a.m.•2 views

EUVD-2025-176269

Malicious code in spectron-csv-dynamo-bunyan npm...

OSSF Malicious Packages•added 2025/11/13 3:23 a.m.•3 views

Malicious code in csv-steganography-sadr-buffer (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 576c9c5300d33eedfca84952fa6d232cca75ad84dbeb63ccde6da8ff03408c5e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

EUVD•added 2025/11/13 3:23 a.m.•1 views

EUVD-2025-179454

Malicious code in csv-dysonswarm-aether-optimize-css-assets-webpack-plugin npm...

EUVD•added 2025/11/13 3:23 a.m.•2 views

EUVD-2025-175861

Malicious code in typeorm-csv-troposphere-socketio npm...

EUVD•added 2025/11/13 3:23 a.m.•1 views

EUVD-2025-178626

Malicious code in gulp-rollup-plugin-carina-csv npm...

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by