CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

CNNVD•added 2026/04/01 12:0 a.m.•5 views

gougucms 安全漏洞

Gougucms is an open-source backend management framework developed by Gougu in China, based on ThinkPHP6, Layui, and MySql. Version 4.08.18 of Gougucms contains a security vulnerability. This vulnerability stems from incorrect handling of the parameter “level” in the file...

6.5CVSS6.6AI score0.0006EPSS

Exploits0References4

RedhatCVE•added 2026/02/08 1:21 a.m.•5 views

CVE-2026-25533

Enclave is a secure JavaScript sandbox designed for safe AI agent code execution. Prior to 2.10.1, the existing layers of security in enclave-vm are insufficient: The AST sanitization can be bypassed with dynamic property accesses, the hardening of the error objects does not cover the peculiar...

8.8CVSS5.6AI score0.00006EPSS

Exploits1References1

OSV•added 2026/02/06 9:16 p.m.•4 views

CVE-2026-25533 Enclave has a sandbox escape via infinite recursion and error objects

6.4CVSS5.7AI score0.00006EPSS

Exploits1References5

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-12726

Malware in sbrugna...

9.8CVSS9.2AI score0.00806EPSS

Exploits0References3

Tenable Nessus•added 2025/09/10 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2020-1900

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When unserializing an object with dynamic properties HHVM needs to pre-reserve the full size of the dynamic property array before inserting anything into it...

9.8CVSS8.2AI score0.00806EPSS

Exploits0References2

VulnCheck KEV•added 2023/01/12 12:0 a.m.•0 views

VulnCheck KEV: CVE-2022-42889

Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "$prefix:name", where "prefix" is used to locate an instance of org.apache.commons.text.lookup.StringLookup that performs the...

9.8CVSS6.9AI score0.94251EPSS

Exploits41References1

CVE•added 2022/10/13 12:0 a.m.•1048 views

CVE-2022-42889

CVE-2022-42889 affects Apache Commons Text 1.5–1.9 where default interpolation lookups (script, dns, url) can trigger arbitrary code execution or remote access when untrusted values are used. The vulnerability can lead to remote code execution or unintended contact with remote servers via the Str...

9.8CVSS10AI score0.94251EPSS

Exploits41References9Affected Software1

NVD•added 2021/03/11 1:15 a.m.•14 views

CVE-2020-1900

When unserializing an object with dynamic properties HHVM needs to pre-reserve the full size of the dynamic property array before inserting anything into it. Otherwise the array might resize, invalidating previously stored references. This pre-reservation was not occurring in HHVM prior to v4.32....

9.8CVSS0.00806EPSS

Exploits0References2