CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A vulnerability was found in Antabot White-Jotter 0.22. It has been declared as critical. This vulnerability affects the function CookieRememberMeManager of the file ShiroConfiguration.java of the component com.gm.wj.config.ShiroConfiguration. The manipulation with the input EVANNIGHTLYWAOU leads...

7.5CVSS0.00237EPSS

Exploits1References5

Cvelist•added 2025/07/26 3:35 a.m.•5 views

CVE-2025-54366 FreeScout's deserialization of untrusted data leads to Remote Code Execution

FreeScout is a lightweight free open source help desk and shared inbox built with PHP Laravel framework. In versions 1.8.185 and below, there is a critical deserialization vulnerability in the /conversation/ajax endpoint that allows authenticated users with knowledge of the APPKEY to achieve remo...

8.6CVSS0.06597EPSS

Exploits1References2

Cvelist•added 2025/07/08 12:38 a.m.•5 views

CVE-2025-42980 Insecure Deserialization in SAP NetWeaver Enterprise Portal Federated Portal Network

SAP NetWeaver Enterprise Portal Federated Portal Network is vulnerable when a privileged user can upload untrusted or malicious content which, when deserialized, could potentially lead to a compromise of confidentiality, integrity, and availability of the host system...

9.1CVSS0.00645EPSS

Exploits0References2

RedhatCVE•added 2025/05/23 12:11 a.m.•5 views

CVE-2022-44351

Skycaiji v2.5.1 was discovered to contain a deserialization vulnerability via /SkycaijiApp/admin/controller/Mystore.php...

9.8CVSS7.4AI score0.00386EPSS

Exploits1References1

CVE•added 2025/05/13 12:17 a.m.•303 views

CVE-2025-42999

CVE-2025-42999 affects SAP NetWeaver Visual Composer Metadata Uploader. It is a deserialization vulnerability that can allow a privileged attacker to compromise confidentiality, integrity, and availability of the host system. Connected documents corroborate a broader context: CVE-2025-31324 (unre...

9.1CVSS9.2AI score0.38569EPSS

In wildExploits3References4Affected Software1

Cvelist•added 2025/05/13 12:17 a.m.•98 views

CVE-2025-42999 Insecure Deserialization in SAP NetWeaver (Visual Composer development server)

SAP NetWeaver Visual Composer Metadata Uploader is vulnerable when a privileged user can upload untrusted or malicious content which, when deserialized, could potentially lead to a compromise of confidentiality, integrity, and availability of the host system...

9.1CVSS0.38569EPSS

Exploits3References2

OpenVAS•added 2018/02/04 12:0 a.m.•21 views

Debian: Security Advisory (DLA-1012-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.2CVSS8.3AI score0.01449EPSS

Exploits0References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by