CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

Tenable Nessus•added 2026/04/17 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2026-34232

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the xdrstatusvector function does not handle the...

7.5CVSS5.7AI score0.00165EPSS

Exploits1References3

OSV•added 2026/03/10 8:8 p.m.•3 views

CVE-2026-29793 NoSQL Injection via WebSocket id Parameter in MongoDB Adapter

Feathersjs is a framework for creating web APIs and real-time applications with TypeScript or JavaScript. From 5.0.0 to before 5.0.42, Socket.IO clients can send arbitrary JavaScript objects as the id argument to any service method get, patch, update, remove. The transport layer performs no type...

9.3CVSS6AI score0.00024EPSS

Exploits0References3

CVE•added 2026/02/11 12:19 p.m.•9 views

CVE-2025-52868

CVE-2025-52868 is a buffer overflow in Qsync Central. The issue allows a remote attacker who has a user account to modify memory or crash processes. A fix is available in Qsync Central 5.0.0.4 (2026-01-20) and later; users should upgrade to receive mitigation. The connected sources corroborate th...

8.1CVSS5.9AI score0.00143EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2026/02/11 12:0 a.m.•4 views

PT-2026-7535

A NULL pointer dereference vulnerability has been reported to affect Qsync Central. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: Qsync Central 5.0.0.4...

5.3CVSS5.5AI score0.0005EPSS

Exploits0References2

Vulnrichment•added 2025/11/21 12:29 p.m.•2 views

CVE-2025-66082 WordPress WpEvently plugin <= 5.0.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in magepeopleteam WpEvently mage-eventpress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpEvently: from n/a through = 5.0.4...

5.3CVSS6.6AI score0.00038EPSS

Exploits0References1

Positive Technologies•added 2025/11/17 12:0 a.m.•2 views

PT-2025-47216

Name of the Vulnerable Software and Affected Versions The Classified Listing – Classified ads & Business Directory Plugin versions prior to 5.0.4 Description The Classified Listing – Classified ads & Business Directory Plugin for WordPress is susceptible to arbitrary shortcode execution. This...

5.4CVSS7AI score0.00047EPSS

Exploits0References5

EUVD•added 2025/10/18 6:30 a.m.•3 views

EUVD-2025-34965

The WPC Smart Wishlist for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'wishlistquickview' AJAX action in all versions up to, and including, 5.0.4. This makes it possible for authenticated attackers, with Subscriber-level...

4.3CVSS4.6AI score0.00041EPSS

Exploits0References3

RedhatCVE•added 2025/05/23 7:12 a.m.•3 views

CVE-2024-35748

Missing Authorization vulnerability in OPMC WooCommerce Dropshipping.This issue affects WooCommerce Dropshipping: from n/a through 5.0.4...

5.3CVSS6.9AI score0.00174EPSS

Exploits0References1

OSV•added 2016/01/25 10:27 a.m.•9 views

SUSE-SU-2016:0324-1 Recommended update for LibreOffice

This update brings LibreOffice to version 5.0.4, a major version update. It brings lots of new features, bug fixes and also security fixes. Features as seen on http://www.libreoffice.org/discover/new-features/ LibreOffice 5.0 ships an impressive number of new features for its spreadsheet module,...

7.5CVSS10AI score0.43027EPSS

Exploits4References35

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by