CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

Positive Technologies•added 2026/03/26 12:0 a.m.•5 views

PT-2026-28215

Hi guys! Recently I got this email from [email protected]. I read through the email and spotted a few grammatical errors, as well as a share.google link, which I thought was unusual for Microsoft to do. Even though it was fully delivered and signed by GitHub.com, I realised that what the...

5.8AI score

Exploits0References1

CVE•added 2025/11/18 9:27 a.m.•17 views

CVE-2025-11734

CVE-2025-11734 concerns the Broken Link Checker by AIOSEO for WordPress. The vulnerability stems from insufficient authorization checks on a REST endpoint used to manage posts. Specifically, the plugin exposes DELETE /wp-json/aioseoBrokenLinkChecker/v1/post and grants the aioseo_blc_broken_links_...

5.4CVSS5.1AI score0.00194EPSS

Exploits0References2

RedhatCVE•added 2025/06/19 2:26 a.m.•2 views

CVE-2025-49823

conda Constructor is a tool which allows constructing an installer for a collection of conda packages. Prior to version 3.11.3, shell installer scripts process the installation prefix userprefix using an eval statement, which executes unsanitized user input as shell code. Although the script runs...

4.3AI score0.00141EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 9:32 p.m.•5 views

CVE-2021-21663

A missing permission check in Jenkins XebiaLabs XL Deploy Plugin 7.5.8 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing Username/password credentials stored in...

4.3CVSS6.4AI score0.01001EPSS

Exploits0References1

CVE•added 2025/04/06 12:0 a.m.•74 views

CVE-2025-32369

Kentico Xperience prior to 13.0.181 is affected by a stored XSS vulnerability in the media library file upload feature. An authenticated user can distribute malicious content via interactions with the media library upload, potentially impacting end users. The issue is mitigated by upgrading Kenti...

6.4CVSS6.5AI score0.00219EPSS

Exploits1References2Affected Software1

Circl•added 2025/01/18 11:37 p.m.•6 views

CVE-2025-0561

creationtimestamp| type| source ---|---|--- 2025-01-18 23:37:23+00:00| seen| https://infosec.exchange/users/cve/statuses/113851986303659515 2025-01-18 23:57:45+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/2304 2025-01-19 00:15:47+00:00| seen|...

9.8CVSS6.6AI score0.00655EPSS

Exploits1References5

CVE•added 2024/12/09 11:31 a.m.•46 views

CVE-2023-23887

CVE-2023-23887 maps to WordPress plugin Easy Google Analytics for WordPress (

5.3CVSS8.6AI score0.00558EPSS

Exploits0References1

UbuntuCve•added 2024/11/13 9:15 p.m.•8 views

CVE-2024-28030

NULL pointer dereference in some IntelR VPL software before version 24.1.4 may allow an authenticated user to potentially enable denial of service via local access...

2.2CVSS5.8AI score0.00176EPSS

Exploits0References2

OSV•added 2017/09/28 1:29 a.m.•7 views

CVE-2017-11191

FreeIPA 4.x with API version 2.213 allows a remote authenticated users to bypass intended account-locking restrictions via an unlock action with an old session ID for the same user account that had been created for an earlier session. NOTE: Vendor states that issue does not exist in product and...

8.8CVSS8.4AI score

Exploits0References1