CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

15 matches found

vulnersOsv•added 2025/12/15 2:39 p.m.•2 views

django-daiquiri (>=1.3.0 <=1.3.1), django-jwt-allauth (>=1.0.3 <=1.2.0) +6 more potentially affected by CVE-2025-65431 via django-allauth (>=65.0.1 <=65.12.1)

django-allauth PYPI version =65.0.1, =1.3.0, =1.0.3, =0.3.8, =4.0.0, =3.11.3, =2.0.0, =1.1.1, =1.1.2 Source cves: CVE-2025-65431 Source advisory: SNYK:PYTHON-DJANGOALLAUTH-14425069...

5.4CVSS5.8AI score0.00039EPSS

Exploits0

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-0074

Malware in sbrugna...

9.1CVSS9AI score0.00368EPSS

Exploits0References8

RedhatCVE•added 2025/05/22 4:6 p.m.•4 views

CVE-2020-10594

An issue was discovered in drf-jwt 1.15.x before 1.15.1. It allows attackers with access to a notionally invalidated token to obtain a new, working token via the refresh endpoint, because the blacklist protection mechanism is incompatible with the token-refresh feature. NOTE: drf-jwt is a fork of...

9.1CVSS6.6AI score0.00368EPSS

Exploits0References1

vulnersOsv•added 2024/10/08 6:33 p.m.•2 views

bittytax (=0.5.2), creme-crm (>=2.3.1 <=2.6.20) +22 more potentially affected by CVE-2024-25885 via xhtml2pdf (>=0.0.6 <=0.2.16)

xhtml2pdf PYPI version =0.0.6, =2.3.1, =0.3.0, =1.0.0, =1.0.3, =1.0.2, =1.0.3, =0.1.132, =1.6.0, =3.0.0, =0.1.11, =0.1.10, =0.1.11 and more Source cves: CVE-2024-25885 Source advisory: OSV:GHSA-JJ5C-HHRG-VV5H...

7.5CVSS5.8AI score0.00139EPSS

Exploits0

OSV•added 2020/03/15 10:15 p.m.•10 views

CVE-2020-10594

9.1CVSS9AI score

Exploits0References3

NVD•added 2020/03/15 10:15 p.m.•5 views

CVE-2020-10594

9.1CVSS9AI score0.00368EPSS

Exploits0References3

PyPA•added 2020/03/15 10:15 p.m.•5 views

PYSEC-2020-40

9.1CVSS6.9AI score0.00368EPSS

Exploits0References4Affected Software1

OSV•added 2020/03/15 10:15 p.m.•14 views

PYSEC-2020-40

9.1CVSS4.9AI score0.00368EPSS

Exploits0References4

Prion•added 2020/03/15 10:15 p.m.•14 views

Design/Logic Flaw

5.8CVSS8.9AI score0.00368EPSS

Exploits0References3Affected Software1

CVE•added 2020/03/15 9:22 p.m.•66 views

CVE-2020-10594

CVE-2020-10594 affects drf-jwt 1.15.x before 1.15.1. The issue stems from an incompatibility between the blacklist protection mechanism and the token-refresh feature, allowing an attacker who has access to a notionally invalidated token to obtain a new, valid token via the refresh endpoint. The d...

9.1CVSS8.9AI score0.00368EPSS

Exploits0References3Affected Software1

Cvelist•added 2020/03/15 9:22 p.m.•11 views

CVE-2020-10594

9.1AI score0.00368EPSS

Exploits0References3

Openbugbounty•added 2017/09/07 2:21 p.m.•7 views

drf.com XSS vulnerability

Vulnerable URL: http://www.drf.com/search/%22;alert%22OPENBUGBOUNTY Details: Description| Value ---|--- Patched:| No Latest check for patch:| 06.12.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 58432 VIP website status:| No Coordinated Disclosure Timeline:...

6.3AI score

Exploits0

Prion•added 2008/04/04 7:44 p.m.•19 views

Authentication flaw

The Disaster Recovery Framework DRF master server in Cisco Unified Communications products, including Unified Communications Manager CUCM 5.x and 6.x, Unified Presence 1.x and 6.x, Emergency Responder 2.x, and Mobility Manager 2.x, does not require authentication for requests received from the...

10CVSS8.5AI score0.05566EPSS

Exploits1References6Affected Software4

NVD•added 2008/04/04 7:44 p.m.•15 views

CVE-2008-1154

10CVSS7.9AI score0.05566EPSS

Exploits1References6

CVE•added 2008/04/04 7:0 p.m.•62 views

CVE-2008-1154

The CVE-2008-1154 issue affects Cisco Unified Communications products featuring Disaster Recovery Framework (DRF). The DRF Master server accepts network requests without authentication, allowing a remote, unauthenticated attacker to perform DRF tasks and, per the sources, potentially execute arbi...

10CVSS7.9AI score0.05566EPSS

Exploits1References6Affected Software4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by