CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

167 matches found

Packet Storm News•added 2026/04/10 12:0 a.m.•1 views

DSpace 5.x / 6.x Full Repository Extractor

This Python script is an automated extraction tool targeting a DSpace-based repository. It leverages an open Solr search query to enumerate repository item handles, then audits each item to discover and download associated bitstream files typically PDFs. The script also attempts sequence-based...

5.8AI score

Exploits0

RedhatCVE•added 2026/03/28 4:57 a.m.•0 views

CVE-2025-61190

A Reflected Cross-Site Scripting XSS vulnerability has been identified in DSpace JSPUI 6.5 within the search/discover filtering functionality. The vulnerability exists due to improper sanitization of user-supplied input via the filtertype1 parameter...

6.1CVSS5.7AI score0.00068EPSS

Exploits1References1

NVD•added 2026/03/27 3:16 p.m.•1 views

CVE-2025-61190

6.1CVSS0.00068EPSS

Exploits1References3

Vulnrichment•added 2026/03/27 12:0 a.m.•0 views

CVE-2025-61190

5.7AI score0.00068EPSS

Exploits1References3

Cvelist•added 2026/03/27 12:0 a.m.•18 views

CVE-2025-61190

0.00068EPSS

Exploits1References3

CVE•added 2026/03/27 12:0 a.m.•3 views

CVE-2025-61190

CVE-2025-61190 affects DSpace JSPUI 6.5, specifically the search/discover filtering flow. The vulnerability arises from improper sanitization of user input supplied via the filter_type_1 parameter, enabling a Reflected Cross-Site Scripting (XSS) condition. This is documented across multiple sourc...

6.1CVSS5.7AI score0.00068EPSS

Exploits1References3Affected Software1

Positive Technologies•added 2026/03/27 12:0 a.m.•0 views

PT-2026-28303

5.7AI score0.00068EPSS

Exploits1References4

ATTACKERKB•added 2026/03/27 12:0 a.m.•0 views

CVE-2025-61190

5.7AI score0.00068EPSS

Exploits1References4

Packet Storm News•added 2026/03/23 12:0 a.m.•0 views

DSpace 9.2 REST API Automated Document Discovery and Download

This is a framework for collecting data from DSpace systems. Built using Selenium, it is designed to automatically discover and download documents from web repositories and public portals...

5.8AI score

Exploits0

Packet Storm•added 2026/03/23 12:0 a.m.•99 views

📄 DSpace 7.6.6-next Cross Site Scripting

The Discovery Search REST API in DSpace version 7.6.6-next suffers from a cross site scripting vulnerability. ============================================================================================================================================= | Title : DSpace 7.6.6-next Discovery API...

5.2AI score

Exploits0

RedhatCVE•added 2026/01/09 9:13 a.m.•3 views

CVE-2022-31189

DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. When an "Internal System Error" occurs in the JSPUI, then entire exception including stack trace is available. Information in this stacktrace may ...

5.3CVSS6.7AI score0.00232EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:54 a.m.•2 views

CVE-2021-41189

DSpace is an open source turnkey repository application. In version 7.0, any community or collection administrator can escalate their permission up to become system administrator. This vulnerability only exists in 7.0 and does not impact 6.x or below. This issue is patched in version 7.1. As a...

9CVSS6.8AI score0.00627EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 8:42 a.m.•5 views

CVE-2022-31191

DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI spellcheck "Did you mean" HTML escapes the data-spell attribute in the link, but not the actual displayed text. Similarly, the JSPUI...

7.1CVSS6.4AI score0.00442EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:42 a.m.•6 views

CVE-2022-31195

DSpace open source software is a repository application which provides durable access to digital resources. In affected versions the ItemImportServiceImpl is vulnerable to a path traversal vulnerability. This means a malicious SAF simple archive format package could cause a file/directory to be...

7.2CVSS6.5AI score0.0083EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:42 a.m.•7 views

CVE-2022-31192

DSpace open source software is a repository application which provides durable access to digital resources. dspace-jspui is a UI component for DSpace. The JSPUI "Request a Copy" feature does not properly escape values submitted and stored from the "Request a Copy" form. This means that item...

7.1CVSS5.6AI score0.00316EPSS

Exploits0References1