CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

Positive Technologies•added 2026/04/08 12:0 a.m.•1 views

PT-2026-31594

Name of the Vulnerable Software and Affected Versions Marimo versions prior to 0.23.0 Description A pre-authentication remote code execution issue exists in the terminal WebSocket endpoint "/terminal/ws". Unlike other endpoints such as "/ws", this specific endpoint fails to call the validate auth...

10CVSS8.1AI score0.8071EPSS

Exploits11References196

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2000-0248

Malware in sbrugna...

7.2CVSS6.4AI score0.00064EPSS

Exploits0References3

Tenable Nessus•added 2019/05/08 12:0 a.m.•11 views

Rockwell Automation 16 Point Fast Response DC Sourcing Input Module 1746-ITV16 Discrete I/O

Binary data 753996.prm...

7.3AI score

Exploits0References1

Hacker One•added 2017/07/28 10:25 a.m.•41 views

Unikrn: Escaping images directory in S3 bucket when saving new avatar, using Path Traversal in filename

Thanks again @sp1d3rs, also for the summary. Nothing to add from our side except maybe for the wish for more reports having this quality. Final comment: nothing from that bucket was ever exposed to any user except the uploader, also nothing in the bucket is there for real archiving purposes. I wa...

0.1AI score

Exploits0

seebug.org•added 2017/04/25 12:0 a.m.•32 views

WordPress Plugin Podlove Podcast Publisher Cross Site Scripting and SQL Injection Vulnerabilities

The second plugin that will be dissected is called Podlove Publisher, a Wordpress plugin to manage podcasts. It suffered from multiple SQL injections and cross-site scripting vulnerabilities funnily enough also in a parameter named tab that are fixed by now. The SQL injections were all caused by...

6.8AI score

Exploits0

seebug.org•added 2014/07/01 12:0 a.m.•29 views

eEye Digital Security IRIS 1.0.1 GET Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/2278/info A maliciously-formed packet sent to Iris by a remote attacker, upon opening in the program for analysis by a user, will cause Iris to terminate. The crash is caused by an inability of Iris to handle packets with...

7.1AI score

Exploits0

0day.today•added 2009/08/26 12:0 a.m.•48 views

Open Auto Classifieds <= 1.5.9 Multiple Remote Vulnerabilities

Exploit for unknown platform in category web applications ============================================================== Open Auto Classifieds = 1.5.9 Multiple Remote Vulnerabilities ============================================================== MorningStar Security - Advisory...

7.1AI score

Exploits0

Cvelist•added 2002/03/09 5:0 a.m.•17 views

CVE-2001-0122

Kernel leak in AfpaCache module of the Fast Response Cache Accelerator FRCA component of IBM HTTP Server 1.3.x and Websphere 3.52 allows remote attackers to cause a denial of service via a series of malformed HTTP requests that generate a "bad request" error...

6.4AI score0.05481EPSS

Exploits1References5

Cvelist•added 2000/07/12 4:0 a.m.•23 views

CVE-2000-0249

The AIX Fast Response Cache Accelerator FRCA allows local users to modify arbitrary files via the configuration capability in the frcactrl program...

6.3AI score0.00064EPSS

Exploits0References2

CVE•added 2000/07/12 4:0 a.m.•53 views

CVE-2000-0249

The FRCA vulnerability in AIX allows local users to modify arbitrary files via the frcactrl configuration capability when the FRCA kernel module is loaded. A root-privilege escalation is possible because the setuid frcactrl enables non-root users to manipulate FRCA configuration and log files. Af...

7.2CVSS6.4AI score0.00064EPSS

Exploits0References2Affected Software1