CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

15 matches found

RedhatCVE•added 2026/01/09 8:43 a.m.•8 views

CVE-2022-42415

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of...

7.8CVSS6.9AI score0.00621EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-28090

Malware in sbrugna...

8.8CVSS8.6AI score0.00284EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2017-17065

Malware in sbrugna...

5.4CVSS5.5AI score0.00185EPSS

Exploits1References3

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2021-11654

Malware in sbrugna...

6.5CVSS6.5AI score0.0019EPSS

Exploits2References2

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-57444

Malicious code in bioql PyPI...

6.5CVSS7.3AI score0.00475EPSS

Exploits2References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-39999

Malicious code in bioql PyPI...

7.8CVSS7.7AI score0.00457EPSS

Exploits0References2

RedhatCVE•added 2025/05/22 5:29 p.m.•2 views

CVE-2020-6949

A privilege escalation issue was discovered in the postUser function in HashBrown CMS through 1.3.3. An editor user can change the password hash of an admin user's account, or otherwise reconfigure that account...

8.8CVSS7.3AI score0.00284EPSS

Exploits1References1

Prion•added 2023/12/04 10:15 p.m.•18 views

Design/Logic Flaw

The Frontend File Manager Plugin WordPress plugin before 22.6 has a vulnerability that allows an Editor+ user to bypass the file download logic and download files such as wp-config.php...

4CVSS6.9AI score0.00475EPSS

Exploits2References1Affected Software1

Cvelist•added 2023/12/04 9:27 p.m.•18 views

CVE-2023-5105 Frontend File Manager < 22.6 - Editor+ Arbitrary File Download

The Frontend File Manager Plugin WordPress plugin before 22.6 has a vulnerability that allows an Editor+ user to bypass the file download logic and download files such as wp-config.php...

6.7AI score0.00475EPSS

Exploits2References1

WPVulnDB•added 2023/11/13 12:0 a.m.•14 views

Frontend File Manager < 22.7 - Editor+ Arbitrary File Download

Description The plugin has a vulnerability that allows an Editor+ user to bypass the file download logic and download files such as wp-config.php PoC 1 Create new post with this shortcode - ffmwp 2 Go to new post and upload any file 3 After that go to main page of plugin for users...

6.5CVSS9.7AI score0.00475EPSS

Exploits2References1Affected Software1

SUSE CVE•added 2023/02/15 5:35 a.m.•2 views

SUSE CVE-2013-5618

Use-after-free vulnerability in the nsNodeUtils::LastRelease function in the table-editing user interface in the editor component in Mozilla Firefox before 26.0, Firefox ESR 24.x before 24.2, Thunderbird before 24.2, and SeaMonkey before 2.23 allows remote attackers to execute arbitrary code by...

9.8CVSS9.2AI score0.10378EPSS

Exploits2References7

Vulnrichment•added 2023/01/26 12:0 a.m.•6 views

CVE-2022-41150

7.8CVSS7.1AI score0.00285EPSS

Exploits0References2

Vulnrichment•added 2023/01/26 12:0 a.m.•3 views

CVE-2022-42399

7.8CVSS7.1AI score0.00285EPSS

Exploits0References2

Cvelist•added 2020/01/13 6:58 p.m.•13 views

CVE-2020-6949

9AI score0.00284EPSS

Exploits1References1

Prion•added 2017/04/24 6:59 p.m.•16 views

Cross site scripting

Stored XSS in Serendipity v2.1-rc1 allows an attacker to steal an admin's cookie and other information by composing a new entry as an editor user. This is related to lack of the serendipityeventxsstrust plugin and a setconfig error in that plugin...

3.5CVSS5.1AI score0.00185EPSS

Exploits1References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by