CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

18 matches found

CNNVD•added 2026/01/13 12:0 a.m.•5 views

Microsoft Office 代码问题漏洞

Microsoft Office is an office software suite of products from the U.S. company Microsoft Microsoft. Commonly used components of this product include Word, Excel, Access, Powerpoint, FrontPage, and others. A code issue vulnerability exists in Microsoft Office. An attacker exploiting this...

7CVSS5.9AI score0.00628EPSS

Exploits0References1

CNNVD•added 2025/10/13 12:0 a.m.•3 views

omni 信息泄露漏洞

omni is a Kubernetes deployment tool open-sourced by Sidero Labs, Inc. An information disclosure vulnerability exists in omni versions prior to 1.1.5 and prior to 1.0.2, which stems from an API that may disclose sensitive information...

8.6CVSS5.8AI score0.00284EPSS

Exploits0References2

CNNVD•added 2025/10/13 12:0 a.m.•4 views

Omni 安全漏洞

omni is a Kubernetes deployment tool open-sourced by Sidero Labs, Inc. A security vulnerability exists in Omni versions prior to 1.1.5 and prior to 1.0.2, which stems from the isSensitiveSpec function not checking if the metadata field of resource is null, which could lead to null pointer...

7.5CVSS6.2AI score0.0053EPSS

Exploits1References4

GithubExploit•added 2025/10/02 10:14 a.m.•184 views

extloader

extLoader A small toolkit for managing and deploying unpacked...

6.7AI score

Exploits0

CNNVD•added 2025/07/11 12:0 a.m.•2 views

executorch 安全漏洞

executorch is a PyTorch deployment tool from pytorch open source. A security vulnerability exists in executorch that stems from a heap buffer overflow when loading ExecuTorch methods, which could lead to code execution...

8.1CVSS7.4AI score0.00351EPSS

Exploits0References3

Redos•added 2025/04/24 12:0 a.m.•15 views

ROS-20250424-12

A vulnerability in the eval function of the Cloud Deployment and Query Tool modules of the database management tool pgAdmin 4 is related to incorrect code generation control when processing endpoints /sqleditor/querytool/download and /cloud/deploy with querycommitted and highavailability...

9.9CVSS7.5AI score0.39067EPSS

Exploits7

CNNVD•added 2024/08/21 12:0 a.m.•4 views

Octopus Server 安全漏洞

Octopus Server is a deployment automation and release management tool for continuous delivery from Octopus Australia. A security vulnerability exists in Octopus Server that stems from a cookie using the wrong expiration time...

2.6CVSS6.8AI score0.00234EPSS

Exploits0References2

BDU FSTEC•added 2022/09/05 12:0 a.m.•3 views

The vulnerability of the Command Line Interface (CLI) of the deployment and application management automation tool in Docker-enabled environments allows a attacker to obtain arbitrary credentials.

The vulnerability of the Command Line Interface CLI of the deployment and application management tool in Docker-enabled environments is related to insufficient protection of registration data. Exploiting this vulnerability can allow an attacker, operating remotely, to obtain arbitrary user...

7.8CVSS6.5AI score0.01536EPSS

Exploits0References11Affected Software7

BDU FSTEC•added 2022/06/29 12:0 a.m.•4 views

The vulnerability of the application deployment automation tool in Kubernetes ArgoCD, related to uncontrolled resource consumption, allows a malicious actor to trigger service failures.

The vulnerability of the application deployment automation tool in Kubernetes ArgoCD is related to an uncontrolled resource consumption. Exploiting this vulnerability allows a malicious actor to trigger service failures remotely...

6.8CVSS6.5AI score0.0083EPSS

Exploits0References3Affected Software2

OSV•added 2020/11/16 5:15 p.m.•3 views

CVE-2020-27990

Nagios XI before 5.7.5 is vulnerable to XSS in the Deployment tool add agent...

5.4CVSS6.1AI score0.21749EPSS

Exploits0References1

Prion•added 2020/11/16 5:15 p.m.•19 views

Design/Logic Flaw

Nagios XI before 5.7.5 is vulnerable to XSS in the Deployment tool add agent...

3.5CVSS5.2AI score0.21749EPSS

Exploits0References1Affected Software1

CVE•added 2020/11/16 4:57 p.m.•46 views

CVE-2020-27990

Nagios XI before 5.7.5 is vulnerable to a Cross‑Site Scripting (XSS) vulnerability in the Deployment tool (Add Agent/Proxy). The issue affects Nagios XI deployments prior to 5.7.5 and is described across multiple sources (CVE-2020-27990; CNVD-2020-63972). Root cause and exact exploit details are ...

5.4CVSS5.2AI score0.21749EPSS

Exploits0References1Affected Software1

Cvelist•added 2020/11/16 4:57 p.m.•18 views

CVE-2020-27990

Nagios XI before 5.7.5 is vulnerable to XSS in the Deployment tool add agent...

5.3AI score0.21749EPSS

Exploits0References1

RedHat Linux•added 2018/08/15 11:31 a.m.•2 views

wildfly-core: Path traversal can allow the extraction of .war archives to write arbitrary files (Zip Slip)

It was found that the explode function of the deployment utility in jboss-cli and console that allows extraction of files from an archive does not perform necessary validation for directory traversal. This can lead to remote code execution...

5.5CVSS7.6AI score0.01262EPSS

Exploits0References5

BDU FSTEC•added 2015/09/15 12:0 a.m.•4 views

The vulnerability of the HP Intelligent Provisioning server automatic deployment tool allows a attacker to execute arbitrary code.

The vulnerability of the HP Intelligent Provisioning server automatic deployment tool is related to errors in the code. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS5.9AI score0.08861EPSS

Exploits0References2Affected Software1

RedHat Linux•added 2015/08/17 7:29 a.m.•2 views

ceph-deploy admin command copies keyring file to /etc/ceph which is world readable

It was discovered that ceph-deploy, a utility for deploying Red Hat Ceph Storage, would create the keyring file with world readable permissions, which could possibly allow a local user to obtain authentication credentials from the keyring file...

2.1CVSS5.8AI score0.00383EPSS

Exploits0References4