CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

261 matches found

SlideDeck 1 Lite Content Slider - Cross-Site Scripting

SlideDeck 1 Lite Content Slider WordPress plugin = 1.4.8 contains a reflected cross-site scripting caused by unsanitized parameter output, letting attackers execute malicious scripts in the context of high privilege users, exploit requires attacker to craft a malicious URL. id: CVE-2024-13224 inf...

6.1CVSS7.2AI score0.01143EPSS

Exploits1References1

AstraLinux•added 2026/05/20 5:53 a.m.•5 views

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/pmc: Added support for Van Gogh SoC. The ROG Xbox Ally non-X SoC features an architecture similar to the Steam Deck. While the Steam Deck supports S3 mode s2idle causes a crash, this feature was removed from the...

5.7AI score0.00035EPSS

Exploits0References1

AstraLinux•added 2026/05/03 11:59 p.m.•1 views

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/fence: Fix oops due to non-matching drmsched init/fini Currently amdgpu calls drmschedfini from the fence driver sw fini routine - such function is expected to be called only after the respective init function -...

5.3CVSS6.4AI score0.00303EPSS

Exploits0References2

RedhatCVE•added 2026/03/06 1:34 a.m.•1 views

CVE-2026-28427

OpenDeck is Linux software for your Elgato Stream Deck. Prior to 2.8.1, the service listening on port 57118 serves static files for installed plugins but does not properly sanitize path components. By including ../ sequences in the request path, an attacker can traverse outside the intended...

5.9CVSS6AI score0.00091EPSS

Exploits1References1

ATTACKERKB•added 2026/03/04 7:30 p.m.•1 views

CVE-2026-28427

5.9CVSS6AI score0.00091EPSS

Exploits1References3Affected Software1

RedhatCVE•added 2026/01/09 11:20 a.m.•5 views

CVE-2021-22913

Nextcloud Deck before 1.2.7, 1.4.1 suffers from an information disclosure vulnerability when searches for sharees utilize the lookup server by default instead of only the local Nextcloud server unless a global search has been explicitly chosen by the user...

6.5CVSS6.3AI score0.00652EPSS

Exploits0References1

SUSE CVE•added 2025/12/23 3:51 a.m.•0 views

SUSE CVE-2025-68334

In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd/pmc: Add support for Van Gogh SoC The ROG Xbox Ally non-X SoC features a similar architecture to the Steam Deck. While the Steam Deck supports S3 s2idle causes a crash, this support was dropped by the Xbox Ally...

6.1AI score0.00035EPSS

Exploits0References3

OSV•added 2025/12/22 5:16 p.m.•1 views

AZL-72898 CVE-2025-68334 affecting package kernel 6.6.126.1-1

5.6AI score0.00035EPSS

Exploits0References1

RedhatCVE•added 2025/12/09 8:27 a.m.•2 views

CVE-2025-66557

Nextcloud Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. Prior to 1.14.6 and 1.15.2, a bug in the permission logic allowed users with "Can share" permission to modify the permissions of other recipients. This...

5.4CVSS6.7AI score0.00019EPSS

Exploits0References1

RedhatCVE•added 2025/12/09 8:27 a.m.•3 views

CVE-2025-66548

Nextcloud Deck is a kanban style organization tool aimed at personal planning and project organization for teams integrated with Nextcloud. Prior to 1.12.7, 1.14.4, and 1.15.1, file extension can be spoofed by using RTLO characters, tricking users into download files with a different extension th...

5.5CVSS6.8AI score0.00012EPSS

Exploits0References1

NVD•added 2025/12/05 6:15 p.m.•2 views

CVE-2025-66557

5.4CVSS0.00019EPSS

Exploits0References4

NVD•added 2025/12/05 6:15 p.m.•2 views

CVE-2025-66548

5.5CVSS0.00012EPSS

Exploits0References4

Cvelist•added 2025/12/05 5:28 p.m.•18 views

CVE-2025-66557 Nextcloud Deck app allowed user with "Can share" permission to modify permissions of other non-owners

5.4CVSS0.00019EPSS

Exploits0References4

OSV•added 2025/12/05 5:28 p.m.•2 views

CVE-2025-66557 Nextcloud Deck app allowed user with "Can share" permission to modify permissions of other non-owners

5.4CVSS6.6AI score0.00019EPSS

Exploits0References6

EUVD•added 2025/12/05 5:28 p.m.•4 views

EUVD-2025-201465

5.4CVSS6.2AI score0.00019EPSS

Exploits0References4

CVE•added 2025/12/05 5:28 p.m.•5 views

CVE-2025-66557

Affected software: Nextcloud Deck plugin/app. Vulnerability: A bug in the permission logic allowed users with the "Can share" permission to modify the permissions of other recipients (non-owners). Versions impacted: Pre-1.14.6 and pre-1.15.2. Impact (as stated): Users could alter recipient permis...

5.4CVSS6.3AI score0.00019EPSS

Exploits0References4Affected Software1

Vulnrichment•added 2025/12/05 5:28 p.m.•2 views

CVE-2025-66557 Nextcloud Deck app allowed user with "Can share" permission to modify permissions of other non-owners

5.4CVSS6.3AI score0.00019EPSS

Exploits0References4

Vulnrichment•added 2025/12/05 5:26 p.m.•1 views

CVE-2025-66548 Nextcloud Deck app allows to spoof file extensions by using RTLO characters

3.3CVSS6.4AI score0.00012EPSS

Exploits0References4

Cvelist•added 2025/12/05 5:26 p.m.•17 views

CVE-2025-66548 Nextcloud Deck app allows to spoof file extensions by using RTLO characters

3.3CVSS0.00012EPSS

Exploits0References4

CVE•added 2025/12/05 5:26 p.m.•6 views

CVE-2025-66548

The Nextcloud Deck app allows spoofing file extensions by using RTLO characters, causing a mismatch between the displayed and actual extension. Affected versions are prior to 1.12.7, 1.14.4, and 1.15.1; fixes are in 1.12.7, 1.14.4, and 1.15.1. Exploitation details are not provided in the supplied...

5.5CVSS6.4AI score0.00012EPSS

Exploits0References4Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by