CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11190 matches found

OSV•added 2024/03/06 11:7 a.m.•9 views

BIT-SUITECRM-2023-3293 Cross-site Scripting (XSS) - Stored in salesagility/suitecrm-core

Cross-site Scripting XSS - Stored in GitHub repository salesagility/suitecrm-core prior to 8.3.0...

7.6CVSS5AI score0.00478EPSS

Exploits1References3

OSV•added 2024/03/06 11:7 a.m.•12 views

BIT-SUITECRM-2023-3627 Cross-Site Request Forgery (CSRF) in salesagility/suitecrm-core

Cross-Site Request Forgery CSRF in GitHub repository salesagility/suitecrm-core prior to 8.3.1...

8.8CVSS8.5AI score0.00302EPSS

Exploits1References3

OSV•added 2024/03/06 11:7 a.m.•8 views

BIT-SUITECRM-2023-5350 SQL Injection in salesagility/suitecrm

SQL Injection in GitHub repository salesagility/suitecrm prior to 7.14.1...

9.1CVSS8AI score0.0191EPSS

Exploits2References3

OSV•added 2024/03/06 11:6 a.m.•14 views

BIT-SUITECRM-2023-5351 Cross-site Scripting (XSS) - Stored in salesagility/suitecrm

Cross-site Scripting XSS - Stored in GitHub repository salesagility/suitecrm prior to 7.14.1...

8.9CVSS5.5AI score0.00464EPSS

Exploits1References3

OSV•added 2024/03/06 11:6 a.m.•16 views

BIT-DISCOURSE-2022-24782 Secure category names leaked via user activity export in Discourse

Discourse is an open source discussion platform. Versions 2.8.2 and prior in the stable branch, 2.9.0.beta3 and prior in the beta branch, and 2.9.0.beta3 and prior in the tests-passed branch are vulnerable to a data leak. Users can request an export of their own activity. Sometimes, due to catego...

4.3CVSS4.3AI score0.00927EPSS

Exploits0References4

OSV•added 2024/03/06 11:6 a.m.•11 views

BIT-SUITECRM-2023-5353 Improper Access Control in salesagility/suitecrm

Improper Access Control in GitHub repository salesagility/suitecrm prior to 7.14.1...

8.1CVSS6.7AI score0.00562EPSS

Exploits1References3

OSV•added 2024/03/06 11:6 a.m.•16 views

BIT-SUITECRM-2023-6125 Code Injection in salesagility/suitecrm

Code Injection in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2...

8.8CVSS7.1AI score0.00809EPSS

Exploits1References3

OSV•added 2024/03/06 11:6 a.m.•16 views

BIT-SUITECRM-2023-6126 Code Injection in salesagility/suitecrm

Code Injection in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2...

9.8CVSS6.9AI score0.00686EPSS

Exploits1References3

OSV•added 2024/03/06 11:6 a.m.•19 views

BIT-SUITECRM-2023-6127 Unrestricted Upload of File with Dangerous Type in salesagility/suitecrm

Unrestricted Upload of File with Dangerous Type in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2...

5.4CVSS5.4AI score0.00432EPSS

Exploits1References3

OSV•added 2024/03/06 11:5 a.m.•12 views

BIT-SUITECRM-2023-6130 Path Traversal: '\..\filename' in salesagility/suitecrm

Path Traversal: '..\filename' in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2...

8.8CVSS8.1AI score0.00963EPSS

Exploits1References3

OSV•added 2024/03/06 11:5 a.m.•12 views

BIT-SUITECRM-2023-6131 Code Injection in salesagility/suitecrm

Code Injection in GitHub repository salesagility/suitecrm prior to 7.14.2, 7.12.14, 8.4.2...

8.8CVSS8AI score0.01003EPSS

Exploits1References3

OSV•added 2024/03/06 11:4 a.m.•10 views

BIT-PUBLIFY-2022-0574

Improper Access Control in GitHub repository publify/publify prior to 9.2.8...

6.5CVSS6.3AI score0.00787EPSS

Exploits1References2

OSV•added 2024/03/06 11:3 a.m.•18 views

BIT-PUBLIFY-2022-1553

Leaking password protected articles content due to improper access control in GitHub repository publify/publify prior to 9.2.8. Attackers can leverage this vulnerability to view the contents of any password-protected article present on the publify website, compromising confidentiality and integri...

8.8CVSS4.9AI score0.01166EPSS

Exploits1References2

OSV•added 2024/03/06 11:3 a.m.•12 views

BIT-PUBLIFY-2022-1810

Authorization Bypass Through User-Controlled Key in GitHub repository publify/publify prior to 9.2.9...

9.9CVSS4.4AI score0.00786EPSS

Exploits1References2

OSV•added 2024/03/06 11:3 a.m.•9 views

BIT-PUBLIFY-2022-1811

Unrestricted Upload of File with Dangerous Type in GitHub repository publify/publify prior to 9.2.9...

9.1CVSS5.3AI score0.00715EPSS

Exploits1References2

OSV•added 2024/03/06 11:3 a.m.•17 views

BIT-PUBLIFY-2022-2815

Insecure Storage of Sensitive Information in GitHub repository publify/publify prior to 9.2.10...

6.5CVSS5.3AI score0.00562EPSS

Exploits1References2

OSV•added 2024/03/06 11:2 a.m.•12 views

BIT-PUBLIFY-2023-0569

Weak Password Requirements in GitHub repository publify/publify prior to 9.2.10...

8.1CVSS6.6AI score0.007EPSS

Exploits0References2

OSV•added 2024/03/06 11:1 a.m.•9 views

BIT-PIMCORE-2022-0955

Cross-site Scripting XSS - Stored in GitHub repository pimcore/data-hub prior to 1.2.4...

6.5CVSS4.8AI score0.00573EPSS

Exploits1References2

OSV•added 2024/03/06 10:59 a.m.•15 views

BIT-MLFLOW-2022-0736 Insecure Temporary File in mlflow/mlflow

Insecure Temporary File in GitHub repository mlflow/mlflow prior to 1.23.1...

8.2CVSS7.4AI score0.01551EPSS

Exploits1References3

OSV•added 2024/03/06 10:59 a.m.•16 views

BIT-OAUTH2-PROXY-2021-21291 Subdomain checking of whitelisted domains could allow unintended redirects

OAuth2 Proxy is an open-source reverse proxy and static file server that provides authentication using Providers Google, GitHub, and others to validate accounts by email, domain or group. In OAuth2 Proxy before version 7.0.0, for users that use the whitelist domain feature, a domain that ended in...

6.1CVSS6.2AI score0.01353EPSS

Exploits1References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by