CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

109 matches found

RedhatCVE•added 2026/03/26 3:16 p.m.•5 views

CVE-2026-33161

Craft CMS is a content management system CMS. From version 4.0.0-RC1 to before version 4.17.8 and from version 5.0.0-RC1 to before version 5.9.14, a low-privileged authenticated user can call assets/image-editor with the ID of a private asset they cannot view and still receive editor response dat...

5.3CVSS5.7AI score0.00215EPSS

Exploits0References1

ATTACKERKB•added 2026/03/24 5:31 p.m.•3 views

CVE-2026-33161

5.3CVSS5.7AI score0.00215EPSS

Exploits0References5Affected Software1

OSV•added 2026/03/24 5:31 p.m.•4 views

CVE-2026-33161 Craft CMS: Anonymous "assets/image-editor" calls returns private asset editor metadata to unauthorized users

5.3CVSS5.8AI score0.00215EPSS

Exploits0References6

OSV•added 2026/03/24 5:27 p.m.•3 views

GHSA-VGJG-248P-RFM2 Craft CMS' anonymous "assets/image-editor" calls return private asset editor metadata to unauthorized users

Summary A low-privileged authenticated user can call assets/image-editor with the ID of a private asset they cannot view and still receive editor response data, including focalPoint. The endpoint returns private editing metadata without per-asset authorization validation. Root-cause analysis: 1...

5.3CVSS5.8AI score0.00215EPSS

Exploits0References6

Github Security Blog•added 2026/03/24 5:27 p.m.•8 views

Craft CMS' anonymous "assets/image-editor" calls return private asset editor metadata to unauthorized users

5.3CVSS5.8AI score0.00215EPSS

Exploits0References6Affected Software1

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2014-0869

Malware in sbrugna...

4CVSS6.4AI score0.00842EPSS

Exploits1References3

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2013-5237

Malware in sbrugna...

3.3CVSS6.1AI score0.0059EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2013-5238

Malware in sbrugna...

3.3CVSS6.1AI score0.0059EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2014-0883

Malware in sbrugna...

3.5CVSS6.4AI score0.00936EPSS

Exploits1References4

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2020-8188

Malware in sbrugna...

8.8CVSS8.6AI score0.00553EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2013-2964

Malware in sbrugna...

4.3CVSS6.4AI score0.00931EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2014-0870

Malware in sbrugna...

3.5CVSS6.4AI score0.01088EPSS

Exploits1References4

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2014-0871

Malware in sbrugna...

5.3CVSS5.5AI score0.00229EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2014-0872

Malware in sbrugna...

5CVSS6.4AI score0.01173EPSS

Exploits1References3

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2014-0873

Malware in sbrugna...

3.5CVSS6.4AI score0.01088EPSS

Exploits1References4

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-16748

Malicious code in bioql PyPI...

6.1CVSS6.6AI score0.00202EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2025-16749

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.00219EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-16747

Malicious code in bioql PyPI...

4.6CVSS6.6AI score0.0012EPSS

Exploits0References3

RedhatCVE•added 2025/06/05 12:3 a.m.•17 views

CVE-2025-43923

An issue was discovered in ReportController in Unicom Focal Point 7.6.1. A user who has administrative privilege in Focal Point can perform SQL injection via the image parameter during a delete report image operation...

6.5CVSS8.1AI score0.00219EPSS

Exploits0References1

RedhatCVE•added 2025/06/05 12:3 a.m.•12 views

CVE-2025-43925

An issue was discovered in Unicom Focal Point 7.6.1. The database is encrypted with a hardcoded key, making it easier to recover the cleartext data...

4.6CVSS6.8AI score0.0012EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by