CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

51499 matches found

Duplicator < 1.4.7.1 - Information Disclosure

The Duplicator WordPress plugin before 1.4.7 does not authenticate or authorize visitors before displaying information about the system such as server software, php version and full file system path to the site. id: CVE-2022-2552 info: name: Duplicator 1.4.7.1 - Information Disclosure author:...

5.3CVSS6.1AI score0.08415EPSS

Exploits5References2

Nuclei•added yesterday•232 views

OwnCloud - Phpinfo Configuration

An issue was discovered in ownCloud owncloud/graphapi 0.2.x before 0.2.1 and 0.3.x before 0.3.1. The graphapi app relies on a third-party GetPhpInfo.php library that provides a URL. When this URL is accessed, it reveals the configuration details of the PHP environment phpinfo. This information...

10CVSS7.4AI score0.78428EPSS

Exploits5References6

Nuclei•added yesterday•30 views

Brother MFC-L9570CDW - Information Disclosure

An unauthenticated attacker who can access either the HTTP service TCP port 80, the HTTPS service TCP port 443, or the IPP service TCP port 631, can leak several pieces of sensitive information from a vulnerable device. The URI path /etc/mntinfo.csv can be accessed via a GET request and no...

5.3CVSS7.3AI score0.7656EPSS

Exploits0References1

Nuclei•added yesterday•23 views

ArgoCD Project API Token Repository Credentials Exposure

Argo CD API tokens with project-level permissions are able to retrieve sensitive repository credentials usernames, passwords through the project details API endpoint, even when the token only has standard application management permissions and no explicit access to secrets. This vulnerability...

9.9CVSS6.2AI score0.04518EPSS

Exploits1References3

OSV•added yesterday•2 views

UBUNTU-CVE-2026-53489

Unknown description...

5.8AI score

Exploits0References3

NVD•added 4 days ago•4 views

CVE-2019-25748

Joomla JHotelReservation 6.0.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the rooms parameter. Attackers can send POST requests to the search-hotels endpoint with crafted SQL payloads in the...

8.8CVSS

Exploits0References4

ATTACKERKB•added 4 days ago•4 views

CVE-2019-25748

8.8CVSS6.3AI score

Exploits0References4Affected Software1

NVD•added 4 days ago•7 views

CVE-2026-56142

In JetBrains Hub before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 privilege escalation by attaching authentication details to accounts was possible...

9.9CVSS

Exploits0References1

EUVD•added 4 days ago•8 views

EUVD-2026-38007

In JetBrains Hub before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 privilege escalation by attaching authentication details to accounts was possible...

9.9CVSS5.8AI score

Exploits0References1

CVE•added 4 days ago•12 views

CVE-2026-56142

In JetBrains Hub, prior to 2026.1.13757, and across versions 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429, there is a privilege escalation vulnerability described as: attaching authentication details to accounts enables elevation of privileges. The sources (NVD, CVE l...

9.9CVSS5.8AI score

Exploits0References1

Cvelist•added 4 days ago•28 views

CVE-2026-56142

In JetBrains Hub before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 privilege escalation by attaching authentication details to accounts was possible...

9.9CVSS

Exploits0References1

Positive Technologies•added 4 days ago•9 views

PT-2026-50876

Name of the Vulnerable Software and Affected Versions JetBrains Hub versions prior to 2026.1.13757 JetBrains Hub versions prior to 2025.3.148033 JetBrains Hub versions prior to 2025.2.148048 JetBrains Hub versions prior to 2025.1.148120 JetBrains Hub versions prior to 2024.3.148430 JetBrains Hub...

9.9CVSS5.9AI score

Exploits0References3

RedhatCVE•added 5 days ago•4 views

CVE-2026-42488

Some shadow paging errors paths will switch the page-tables without updating the currently running vCPU reference. This causes a mismatch between the loaded page-tables and the mapcache metadata which can lead to corruption of the mapcache...

8.1CVSS5.8AI score

Exploits0References2

IBM Security Bulletins•added 5 days ago•26 views

Security Bulletin: Aspera Applications are affected by an OpenSSL vulnerability (CVE-2016-8610)

Question Security Bulletin: Aspera Applications are affected by an OpenSSL vulnerability CVE-2016-8610 "Business Unit":"code":"BU059","label":"IBM Software w/o TPS","Product":"code":"SS8NDZ","label":"IBM Aspera","Component":"","Platform":"code":"PF025","label":"Platform Independent","Version":"Al...

7.5CVSS6.8AI score0.39657EPSS

Exploits1Affected Software1

CVE•added 6 days ago•29 views

CVE-2024-35690

CVE-2024-35690 – WordPress Widget Options plugin up to version 4.0.1 is vulnerable to sensitive data exposure (Subscriber+). The Patchstack entries (and WPVulnDB reference) indicate vulnerable versions are

6.5CVSS5.2AI score0.00294EPSS

Exploits0References1

Cvelist•added last week•19 views

CVE-2026-46969

...

7.2CVSS0.00453EPSS

Exploits0References1

CVE•added last week•10 views

CVE-2026-46904

Technical details are not publicly available in the provided documents. Monitor for updates.

9.8CVSS5.2AI score0.00473EPSS

Exploits0References1Affected Software1