CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Nuclei•added yesterday•35 views

Imgproxy < 3.14.0 - Cross-site Scripting (XSS)

Cross-site Scripting XSS - Reflected in GitHub repository imgproxy/imgproxy prior to 3.14.0. id: CVE-2023-1496 info: name: Imgproxy 3.14.0 - Cross-site Scripting XSS author: pdteam severity: medium description: Cross-site Scripting XSS - Reflected in GitHub repository imgproxy/imgproxy prior to...

6.5CVSS6.4AI score0.39772EPSS

Exploits1References2

Nuclei•added yesterday•63 views

Structurizr on-premises - Cross Site Scripting

Cross-site Scripting XSS - Reflected in GitHub repository structurizr/onpremises prior to 3194. id: CVE-2023-5556 info: name: Structurizr on-premises - Cross Site Scripting author: shankaracharya severity: medium description: | Cross-site Scripting XSS - Reflected in GitHub repository...

6.1CVSS6.1AI score0.27325EPSS

Nuclei•added yesterday•25 views

OpenEMR < 7.0.1 - Cross-Site Scripting

Cross-site Scripting XSS - Reflected in GitHub repository openemr/openemr prior to 7.0.1. id: CVE-2023-2948 info: name: OpenEMR 7.0.1 - Cross-Site Scripting author: ritikchaddha,princechaddha severity: medium description: | Cross-site Scripting XSS - Reflected in GitHub repository openemr/openemr...

8.3CVSS6.9AI score0.86507EPSS

Nuclei•added yesterday•24 views

nitely/spirit 0.12.3 - Open Redirect

Multiple Open Redirect in GitHub repository nitely/spirit prior to 0.12.3. id: CVE-2022-0869 info: name: nitely/spirit 0.12.3 - Open Redirect author: ctflearner severity: medium description: | Multiple Open Redirect in GitHub repository nitely/spirit prior to 0.12.3. impact: | An attacker can...

6.1CVSS5.8AI score0.07594EPSS

Nuclei•added yesterday•30 views

Reposilite >= 3.3.0, < 3.5.12 - Arbitrary File Read

Reposilite is an open source, lightweight and easy-to-use repository manager for Maven based artifacts in JVM ecosystem. Reposilite v3.5.10 is affected by an Arbitrary File Read vulnerability via path traversal while serving expanded javadoc files. Reposilite has addressed this issue in version...

8.6CVSS7.3AI score0.74649EPSS

Exploits1References5

Nuclei•added yesterday•17 views

Zoho manageengine - Cross-Site Scripting

Zoho manageengine is vulnerable to reflected cross-site scripting. This impacts Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils before build 123161, and Firewall Analyzer before build 123147 via the...

6.1CVSS6AI score0.54113EPSS

Exploits3References4

OSV•added yesterday•0 views

ROOT-APP-PYPI-GHSA-X284-J5P8-9C5P GHSA-x284-j5p8-9c5p in rootio-pypdf - Patched by Root

Root has patched GHSA-x284-j5p8-9c5p in the rootio-pypdf package for Root:PyPI. Multiple fixed versions available...

5.3AI score

ATTACKERKB•added yesterday•2 views

CVE-2026-36574

A DLL hijacking vulnerability in Wassimulator GitHub CactusViewer v2.3.0 allows attackers to escalate privileges and execute arbitrary code via a crafted DLL...

6.2AI score

Exploits0References5

EUVD•added yesterday•3 views

EUVD-2026-34098

A DLL hijacking vulnerability in Wassimulator GitHub CactusViewer v2.3.0 allows attackers to escalate privileges and execute arbitrary code via a crafted DLL...

6.2AI score

Exploits0References4

Wolfi•added 2 days ago•6 views

GHSA-29H4-R29X-HCHV vulnerabilities

Vulnerabilities for packages: airflow...

Chainguard•added 2 days ago•4 views

GHSA-Q94G-3GCF-66X7 vulnerabilities

Vulnerabilities for packages: uutils...

Chainguard•added 2 days ago•5 views

GHSA-M976-87WM-48FM vulnerabilities

Vulnerabilities for packages: uutils...

Chainguard•added 2 days ago•2 views

GHSA-897W-FCG9-F6XJ vulnerabilities

Vulnerabilities for packages: kserve, py3-cassandra-medusa...

Nuclei•added 2 days ago•92 views

Github Enterprise Authenticated Remote Code Execution

An unsafe reflection vulnerability was identified in GitHub Enterprise Server that could lead to reflection injection. This vulnerability could lead to the execution of user-controlled methods and remote code execution. To exploit this bug, an actor would need to be logged into an account on the...

9.8CVSS7.8AI score0.69506EPSS

Exploits1References5

Chainguard•added 2 days ago•3 views

GHSA-HPFW-MQM3-33JH vulnerabilities

Vulnerabilities for packages: uutils...