CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

87 matches found

CVE-2026-10046

Bitdefender Napoca bare-metal hypervisor contains an out-of-bounds write in the BIOS INT 0x15 / E820 memory map handler (napoca/guests/bios_handlers.c). The handler derives a destination offset into the guest RealModeMemory from guest-controlled ES and EDI without validating the address against t...

8.5CVSS5.8AI score0.00014EPSS

Exploits0References1

ATTACKERKB•added 2 days ago•3 views

CVE-2026-10046

Bitdefender Napoca bare-metal hypervisor contains an out-of-bounds write vulnerability in the BIOS INT 0x15 / E820 memory map handler, implemented in napoca/guests/bioshandlers.c. The handler computes a destination offset into the guest RealModeMemory buffer from guest-controlled ES and EDI...

8.5CVSS5.8AI score0.00014EPSS

Exploits0References2

NVD•added 2026/05/13 10:16 p.m.•6 views

CVE-2026-44445

ERPNext is a free and open source Enterprise Resource Planning tool. Prior to 15.104.3 and 16.12.0, an improper restriction of XML external entity XXE reference vulnerability in the EDI Module enables an authenticated attacker to read files from the local file system, including sensitive...

6.5CVSS0.0005EPSS

Exploits0References1

ATTACKERKB•added 2026/05/13 9:17 p.m.•2 views

CVE-2026-44445

5.3CVSS5.8AI score0.0005EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2026/05/13 9:17 p.m.•3 views

CVE-2026-44445 ERPNext: XML External Entity (XEE) Reference Vulnerability in the EDI Module

5.3CVSS5.8AI score0.0005EPSS

Exploits0References1

Cvelist•added 2026/05/13 9:17 p.m.•25 views

CVE-2026-44445 ERPNext: XML External Entity (XEE) Reference Vulnerability in the EDI Module

5.3CVSS0.0005EPSS

Exploits0References1

CVE•added 2026/05/13 9:17 p.m.•8 views

CVE-2026-44445

ERPNext contains an XXE (XML External Entity) vulnerability in the EDI Module that affects versions prior to 15.104.3 and 16.12.0. An authenticated attacker could read local filesystem files, including sensitive configuration files. The issue is fixed in 15.104.3 and 16.12.0. Impact is limited to...

6.5CVSS5.8AI score0.0005EPSS

Exploits0References1Affected Software1

CNNVD•added 2026/05/13 12:0 a.m.•3 views

ERPNext 代码问题漏洞

ERPNext is a set of open-source enterprise resource planning solutions developed by the Indian company ERPNext. Versions of ERPNext prior to 15.104.3 and 16.12.0 contained code vulnerabilities. These vulnerabilities stemmed from improper restrictions on XML external entity references in the EDI...

6.5CVSS5.9AI score0.0005EPSS

Exploits0References1

Positive Technologies•added 2026/05/13 12:0 a.m.•4 views

PT-2026-40822

Name of the Vulnerable Software and Affected Versions ERPNext versions prior to 15.104.3 ERPNext versions prior to 16.12.0 Description An improper restriction of XML external entity XXE reference in the EDI Module allows an authenticated attacker to read files from the local file system, includin...

5.3CVSS5.8AI score0.0005EPSS

Exploits0References4

RedhatCVE•added 2026/02/26 4:15 a.m.•2 views

CVE-2026-24896

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, a Broken Access Control vulnerability exists in OpenEMR’s edihmain.php endpoint, which allows any authenticated user—including low-privilege roles like Receptionist—to...

6.5CVSS5.4AI score0.00045EPSS

Exploits1References1

NVD•added 2026/02/25 2:16 a.m.•2 views

CVE-2026-24896

6.5CVSS0.00045EPSS

Exploits1References2

CVE•added 2026/02/25 1:47 a.m.•4 views

CVE-2026-24896

OpenEMR prior to version 8.0.0 contains a Broken Access Control vulnerability in the edih_main.php endpoint. An authenticated user, including low-privilege roles (e.g., Receptionist), can access EDI log files by manipulating the log_select parameter in a GET request. The backend does not enforce ...

6.5CVSS5.4AI score0.00045EPSS

Exploits1References2Affected Software1

Vulnrichment•added 2026/02/25 1:47 a.m.•3 views

CVE-2026-24896 OpenEMR has Broken Access Control that allows unauthorized access to EDI Logs

6.5CVSS5.4AI score0.00045EPSS

Exploits1References2

Cvelist•added 2026/02/25 1:47 a.m.•20 views

CVE-2026-24896 OpenEMR has Broken Access Control that allows unauthorized access to EDI Logs

6.5CVSS0.00045EPSS

Exploits1References2

OSSF Malicious Packages•added 2025/08/14 6:52 p.m.•2 views

Malicious code in pml-edi-parser (npm)

The package pml-edi-parser was found to contain malicious code...

7AI score

Exploits0

OSV•added 2025/08/14 6:52 p.m.•1 views

MAL-2025-29446 Malicious code in pml-edi-parser (npm)

The package pml-edi-parser was found to contain malicious code...

7.2AI score

Exploits0

Openbugbounty•added 2023/07/24 12:57 a.m.•18 views

edi-line.de Cross Site Scripting vulnerability OBB-3545023

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

6.1AI score

Exploits0

Openbugbounty•added 2023/06/08 7:4 a.m.•14 views

edi-line.de Cross Site Scripting vulnerability OBB-3404209

6.1AI score

Exploits0

0day.today•added 2023/01/22 12:0 a.m.•276 views

NetChess 2.1 Buffer Overflow Exploit

Exploit Title: NetChess2.1 Buffer Overflow SEH Exploit Author: Ugur Eminli Vendor Homepage: https://sourceforge.net/projects/avmnetchess/ Software Link: https://sourceforge.net/projects/avmnetchess/ Version: 2.1 Tested on: WinXP SP2 Build 2600 !/usr/bin/perl my $file= "exploit.pgn"; my $junk=...

0.4AI score

Exploits0

Openbugbounty•added 2022/11/02 4:45 a.m.•12 views

edi-line.de Cross Site Scripting vulnerability OBB-3031622

6.2AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by