CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2000-0926

Malware in sbrugna...

5CVSS6.4AI score0.01505EPSS

Exploits1References3

EUVD•added 2025/10/03 8:7 p.m.•7 views

EUVD-2023-53104

Malicious code in bioql PyPI...

4.3CVSS5.1AI score0.00705EPSS

Exploits0References4

NVD•added 2023/11/17 6:15 a.m.•7 views

CVE-2023-38315

An issue was discovered in OpenNDS Captive Portal before version 10.1.2. It has a trytoauthenticate NULL pointer dereference that can be triggered with a crafted GET HTTP with a missing client token query string parameter. Triggering this issue results in crashing OpenNDS a Denial-of-Service...

7.5CVSS0.00964EPSS

Exploits0References3

UbuntuCve•added 2023/11/17 6:15 a.m.•21 views

CVE-2023-38314

An issue was discovered in OpenNDS Captive Portal before version 10.1.2. It has a NULL pointer dereference in preauthenticated that can be triggered with a crafted GET HTTP request with a missing redirect query string parameter. Triggering this issue results in crashing OpenNDS a Denial-of-Servic...

6.5CVSS6.6AI score0.00935EPSS

Exploits0References3

Cvelist•added 2023/11/17 12:0 a.m.•21 views

CVE-2023-38313

An issue was discovered in OpenNDS Captive Portal before 10.1.2. it has a dobinauth NULL pointer dereference that can be triggered with a crafted GET HTTP request with a missing client redirect query string parameter. Triggering this issue results in crashing openNDS a Denial-of-Service condition...

7.6AI score0.00956EPSS

Exploits0References3

Huntr•added 2021/07/25 8:43 a.m.•7 views

Cross-Site Request Forgery (CSRF) in pimcore/pimcore

✍️ Description Your application have not any CSRF protection and also You set the SameSite attribute to Lax, this means if you want to alter some data with GET HTTP requests, then your site should be vulnerable to CSRF attacks with no doubt. First you run this Html payload and then you should see...

0.3AI score

Exploits0

Atlassian•added 2015/07/02 3:27 a.m.•31 views

xss by swf file

In confluence comment module user can embed swf file in their comment, confluence are using a atltoken parameter on GET HTTP request, if the attacker send the link of .swf file the value of src on embed tag to his victim the malicious .SWF won't execute on the victim's browser . We can bypass thi...

0.1AI score

Exploits0

OSV•added 2014/09/23 4:0 p.m.•4 views

UBUNTU-CVE-2014-6273

Buffer overflow in the HTTP transport code in apt-get in APT 1.0.1 and earlier allows man-in-the-middle attackers to cause a denial of service crash or possibly execute arbitrary code via a crafted URL...

6.8CVSS7.6AI score0.02437EPSS

Exploits0References3

OSV•added 2014/09/11 6:55 p.m.•2 views

DEBIAN-CVE-2014-3985

The getHTTPResponse function in miniwget.c in MiniUPnP 1.9 allows remote attackers to cause a denial of service crash via crafted headers that trigger an out-of-bounds read...

5CVSS6.5AI score0.03312EPSS

Exploits1References1

CVE•added 2001/01/22 5:0 a.m.•102 views

CVE-2000-0920

Boa Web Server prior to 0.94.8.3 is affected by a directory traversal vulnerability (CVE-2000-0920) that lets remote attackers read arbitrary files by using a modified .. path with encoded dot characters (%2E) in GET requests. Root cause: improper handling of path traversal in Boa’s file access. ...

5CVSS6.6AI score0.08358EPSS

Exploits2References5Affected Software1

CVE•added 2000/11/29 5:0 a.m.•56 views

CVE-2000-0939

CVE-2000-0939 affects Samba’s Web Administration Tool (SWAT) shipped with Samba 2.0.7. The issue allows a remote attacker over the network to trigger a denial-of-service by repeatedly sending a nonstandard URL in the GET HTTP request, forcing SWAT to restart. Connected sources corroborate SWAT ex...

5CVSS6.6AI score0.01505EPSS

Exploits1References2Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by