CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

105 matches found

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux - уязвимость в ffmpeg5

A flaw was discovered in FFmpeg. This vulnerability allows for unexpected additional CPU load and storage consumption, potentially leading to reduced performance or denial of service due to the demuxing of arbitrary data as XBIN-format data without proper format validation...

5.3CVSS6.7AI score0.00113EPSS

Exploits1References2

Positive Technologies•added 2026/03/02 12:0 a.m.•3 views

PT-2026-23001

Name of the Vulnerable Software and Affected Versions OpenChatBI versions prior to 0.2.2 Description OpenChatBI is a chat-based BI tool that allows users to query and analyze data using natural language. The save report tool within the openchatbi/tool/save report.py component is susceptible to a...

9.8CVSS6AI score0.00089EPSS

Exploits0References13

Tenable Nessus•added 2026/01/16 12:0 a.m.•3 views

MiracleLinux 4 : java-1.7.0-openjdk-1.7.0.231-2.6.19.1.AXS4 (AXSA:2019-3940:03)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2019-3940:03 advisory. OpenJDK: Side-channel attack risks in Elliptic Curve EC cryptography Security, 8208698 CVE-2019-2745 OpenJDK: Insufficient checks of suppressed...

5.8CVSS6.7AI score0.00639EPSS

Exploits0References7

SUSE CVE•added 2026/01/15 12:25 a.m.•2 views

SUSE CVE-2025-68816

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: fwtracer, Validate format string parameters Add validation for format string parameters in the firmware tracer to prevent potential security vulnerabilities and crashes from malformed format strings received from...

5.5CVSS6.7AI score0.00068EPSS

Exploits0References21

Positive Technologies•added 2026/01/15 12:0 a.m.•3 views

PT-2026-3003

Name of the Vulnerable Software and Affected Versions Supreme Modules Lite versions prior to 2.5.63 Description The Supreme Modules Lite plugin for WordPress is susceptible to arbitrary file upload due to inadequate file type validation. The plugin incorrectly identifies JSON files, permitting...

8.8CVSS6AI score0.00191EPSS

Exploits0References7

RedhatCVE•added 2026/01/14 1:22 a.m.•2 views

CVE-2026-0496

SAP Fiori App Intercompany Balance Reconciliation allows an attacker with high privileges to upload any file including script files without proper file format validation. This has low impact on confidentiality, integrity and availability of the application...

6.6CVSS7AI score0.00066EPSS

Exploits0References1

NVD•added 2026/01/13 2:15 a.m.•5 views

CVE-2026-0496

6.6CVSS0.00066EPSS

Exploits0References2

CVE•added 2026/01/13 1:13 a.m.•7 views

CVE-2026-0496

SAP Fiori App Intercompany Balance Reconciliation is affected. The issue allows an attacker with high privileges to upload arbitrary files (including scripts) due to improper file format validation in the upload mechanism. Impact is described as low for confidentiality, integrity, and availabilit...

6.6CVSS6.6AI score0.00066EPSS

Exploits0References2

Vulnrichment•added 2026/01/13 1:13 a.m.•1 views

CVE-2026-0496 Multiple vulnerabilities in SAP Fiori App (Intercompany Balance Reconciliation)

6.6CVSS6.6AI score0.00066EPSS

Exploits0References2

OSV•added 2025/12/26 5:16 a.m.•1 views

CVE-2025-8075

Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems ICS and OT/IoT security, has discovered that validation of incoming XML format request messages is inadequate. This vulnerability could allow an attacker to XSS on the user's browser. The...

5.4CVSS5.8AI score

Exploits0References1

Tenable Nessus•added 2025/10/26 12:0 a.m.•7 views

GitLab 11.7 < 18.3.5 / 18.4 < 18.4.3 / 18.5 < 18.5.1 (CVE-2025-11974)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Gitlab reports: Improper access control issue in runner API impacts GitLab EE Denial of service issue in event collection impacts GitLab CE/EE Denial of service issue in JSON validation impacts GitLab...

6.5CVSS5.5AI score0.00069EPSS

Exploits0References4

OSV•added 2025/10/19 10:31 p.m.•3 views

JLSEC-2025-160 A flaw was found in GLib

A flaw was found in GLib. GVariant deserialization fails to validate that the input conforms to the expected format, leading to denial of service...

7.5CVSS6.6AI score0.00111EPSS

Exploits0References6

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-6522

Malware in sbrugna...

7.8CVSS7.7AI score0.00282EPSS

Exploits0References11

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2019-1100

Malware in sbrugna...

7.2CVSS7AI score0.00704EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-20375

Malware in sbrugna...

9.9CVSS9.1AI score0.00303EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-14259

Malware in sbrugna...

9.8CVSS7.2AI score0.00263EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2024-0528

Malicious code in bioql PyPI...

5.4CVSS5.1AI score0.00781EPSS

Exploits0References5

NVD•added 2025/09/22 4:15 p.m.•3 views

CVE-2025-36202

IBM webMethods Integration 10.15 and 11.1 could allow an authenticated user with required execute Services to execute commands on the system due to the improper validation of format string strings passed as an argument from an external source...

8.8CVSS0.00035EPSS

Exploits0References1

Cvelist•added 2025/09/22 3:14 p.m.•3 views

CVE-2025-36202 IBM webMethods Integration code execution

7.5CVSS0.00035EPSS

Exploits0References1

OSV•added 2025/08/15 11:15 p.m.•0 views

CVE-2025-52620

HCL BigFix SaaS Authentication Service is affected by a Cross-Site Scripting XSS vulnerability. The image upload functionality inadequately validated the submitted image format...

5.4CVSS5.8AI score0.0005EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by