CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

238 matches found

Securelist•added 2026/05/22 9:12 a.m.•5 views

Cloud Atlas activity in the second half of 2025 and early 2026: new tools and a new payload

In 2025, we observed pervasive SSH tunnel activity, which has remained active into 2026, affecting many government organizations and commercial companies in Russia and Belarus. Behind some of this activity is Cloud Atlas, a group we have known since 2014. During our investigation, we identified n...

9.3CVSS6.1AI score0.93888EPSS

Exploits7

Packet Storm News•added 2025/12/28 12:0 a.m.•5 views

EquaCode: A Multi-Strategy Jailbreak Approach for Large Language Models Via Equation Solving and Code Completion

Large language models LLMs, such as ChatGPT, have achieved remarkable success across a wide range of fields. However, their trustworthiness remains a significant concern, as they are still susceptible to jailbreak attacks aimed at eliciting inappropriate or harmful responses. However, existing...

7.1AI score

Exploits0

Securelist•added 2025/12/19 10:0 a.m.•9 views

Cloud Atlas activity in the first half of 2025: what changed

Known since 2014, the Cloud Atlas group targets countries in Eastern Europe and Central Asia. Infections occur via phishing emails containing a malicious document that exploits an old vulnerability in the Microsoft Office Equation Editor process CVE-2018-0802 to download and execute malicious cod...

9.3CVSS8.8AI score0.93888EPSS

Exploits7

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2021-0424

Malware in sbrugna...

7.8CVSS7.5AI score0.00022EPSS

Exploits1References9

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2018-13397

Malware in sbrugna...

6.1CVSS6.3AI score0.00295EPSS

Exploits0References5

Packet Storm News•added 2025/07/08 12:0 a.m.•2 views

Polyadic Encryption

A novel original procedure of encryption/decryption based on the polyadic algebraic structures and on signal processing methods is proposed. First, we use signals with integer amplitudes to send information. Then we use polyadic techniques to transfer the plaintext into series of special integers...

7AI score

Exploits0

Hive Pro Threat Advisories•added 2025/06/30 2:0 p.m.•4 views

The Shift from Vulnerability Management to Exposure Management

Running short on time but still want to stay in the know? Well, we’ve got you covered! We’ve condensed all the key takeaways into a handy audio summary. Our AI-driven podcasts are fit for on the go. Your vulnerability management program is optimized for the wrong war. You're counting patches whil...

7.5AI score

Exploits0

OSV•added 2025/05/31 5:57 a.m.•7 views

BIT-MOODLE-2024-33997 moodle: stored XSS risk when editing another user's equation in equation editor

Additional sanitizing was required when opening the equation editor to prevent a stored XSS risk when editing another user's equation...

6.1CVSS5.6AI score0.00997EPSS

Exploits0References2

RedhatCVE•added 2025/05/22 7:28 a.m.•3 views

CVE-2018-20859

edx-platform before 2018-07-18 allows XSS via a response to a Chemical Equation advanced problem...

6.1CVSS5.8AI score0.00295EPSS

Exploits0References1

NVD•added 2024/10/07 9:15 p.m.•19 views

CVE-2024-45060

PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. One of the sample scripts in PhpSpreadsheet is susceptible to a cross-site scripting XSS vulnerability due to improper handling of input where a number is expected leading to formula injection. The code in in...

7.1CVSS0.01275EPSS

Exploits1References2

CVE•added 2024/10/07 8:15 p.m.•57 views

CVE-2024-45060

Summary (CVE-2024-45060) PhpSpreadsheet (PHPOffice) contains a cross-site scripting (XSS) vulnerability in a sample file. The issue arises when user-supplied input is concatenated directly into spreadsheet formulas in the 45_Quadratic_equation_solver.php script, enabling formula injection and Jav...

7.1CVSS6.4AI score0.01275EPSS

Exploits1References2Affected Software1

Snyk•added 2024/10/07 2:43 p.m.•2 views

Cross-site Scripting (XSS)

Overview phpoffice/phpspreadsheet is a Spreadsheet engine that Read, Create and Write Spreadsheet documents in PHP . Affected versions of this package are vulnerable to Cross-site Scripting XSS through the discriminantFormula and r1Formula processes due to improper user input sanitization. An...

7.1CVSS5.6AI score0.01275EPSS

Exploits1References2

Veracode•added 2024/06/07 6:37 a.m.•17 views

Cross-site Scripting (XSS)

moodle/moodle is vulnerable to Cross-Site Scripting XSS. The vulnerability is due to insufficient sanitization when opening the equation editor, leading to a stored XSS risk when editing another user's equation...

6.1CVSS5AI score0.00997EPSS

Exploits0References3Affected Software1

OSV•added 2024/05/31 9:30 p.m.•17 views

GHSA-9QGQ-93C7-9HM4 Moodle stored Cross-site Scripting (XSS)

Additional sanitizing was required when opening the equation editor to prevent a stored Cross-site Scripting XSS risk when editing another user's equation...

6.1CVSS6AI score0.00997EPSS

Exploits0References5

Github Security Blog•added 2024/05/31 9:30 p.m.•28 views

Moodle stored Cross-site Scripting (XSS)

Additional sanitizing was required when opening the equation editor to prevent a stored Cross-site Scripting XSS risk when editing another user's equation...

6.1CVSS5.5AI score0.00997EPSS

Exploits0References5Affected Software1

NVD•added 2024/05/31 8:15 p.m.•12 views

CVE-2024-33997

Additional sanitizing was required when opening the equation editor to prevent a stored XSS risk when editing another user's equation...

6.1CVSS5.5AI score0.00997EPSS

Exploits0References1

OSV•added 2024/05/31 8:15 p.m.•17 views

CVE-2024-33997

Additional sanitizing was required when opening the equation editor to prevent a stored XSS risk when editing another user's equation...

6.1CVSS5.9AI score

Exploits0References1