CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1215 matches found

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в sqlite3

In SQLite, from version 3.30.1 onwards, alter.c allows attackers to trigger infinite recursion through certain types of self-referential views in conjunction with ALTER TABLE statements...

5.5CVSS6.6AI score0.00401EPSS

Exploits0References2

OSV•added 2026/03/20 3:27 a.m.•0 views

CVE-2026-32939 DataEase is Vulnerable to H2 JDBC RCE Bypass

DataEase is an open source data visualization analysis tool. Versions 2.10.19 and below have inconsistent Locale handling between the JDBC URL validation logic and the H2 JDBC engine's internal parsing. DataEase uses String.toUpperCase without specifying an explicit Locale, causing its security...

7.7CVSS5.8AI score0.00082EPSS

Exploits1References5

Vulnrichment•added 2026/01/19 8:36 a.m.•1 views

CVE-2025-29847 Apache Linkis: Arbitrary File Read via Double URL Encoding Bypass

A vulnerability in Apache Linkis. Problem Description When using the JDBC engine and da When using the JDBC engine and data source functionality, if the URL parameter configured on the frontend has undergone multiple rounds of URL encoding, it may bypass the system's checks. This bypass can trigg...

5.5AI score0.00158EPSS

Exploits0References1

Cvelist•added 2026/01/19 8:36 a.m.•17 views

CVE-2025-29847 Apache Linkis: Arbitrary File Read via Double URL Encoding Bypass

0.00158EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:31 a.m.•5 views

CVE-2019-16383

MOVEit.DMZ.WebApi.dll in Progress MOVEit Transfer 2018 SP2 before 10.2.4, 2019 before 11.0.2, and 2019.1 before 11.1.1 allows an unauthenticated attacker to gain unauthorized access to the database. Depending on the database engine being used MySQL, Microsoft SQL Server, or Azure SQL, an attacker...

9.4CVSS7.3AI score0.01091EPSS

Exploits4References1