CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-3421

Malware in sbrugna...

7.6CVSS6AI score0.00789EPSS

Exploits1References5

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-3439

Malware in sbrugna...

6CVSS5.5AI score0.00195EPSS

Exploits0References3

CVE•added 2025/07/30 2:15 p.m.•18 views

CVE-2025-53112

GLPI (versions 9.1.0–10.0.18) has a permission-checking weakness that can allow unauthorized removal of specific resources. The root cause is lack of permission checks on certain deletion actions. The issue is fixed in version 10.0.19. Mitigation is to upgrade to 10.0.19 or apply vendor-provided ...

4.3CVSS6.4AI score0.00177EPSS

Exploits0References1Affected Software1

Redos•added 2025/07/22 12:0 a.m.•4 views

ROS-20250722-02

Vulnerabilities in GLPI's asset management and data center software are related to an excessive amount of data output by the application. Exploitation of the vulnerability could allow an attacker, acting remotely, to gain access to potentially sensitive information...

7.5CVSS7.5AI score0.24448EPSS

Exploits1

RedhatCVE•added 2025/05/23 8:8 a.m.•6 views

CVE-2024-37147

GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An authenticated user can attach a document to any item, even if the user has no write access on it. Upgrade to 10.0.16...

4.3CVSS6.7AI score0.13049EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 3:10 p.m.•5 views

CVE-2020-11062

In GLPI after 0.68.1 and before 9.4.6, multiple reflexive XSS occur in Dropdown endpoints due to an invalid Content-Type. This has been fixed in version 9.4.6...

6CVSS6AI score0.00195EPSS

Exploits0References1

Redos•added 2025/04/02 12:0 a.m.•9 views

ROS-20250402-04

Vulnerability of the GLPI system of requests, incidents and inventory of computer equipment is related to improperly restricting access to the "install/update.php" file. Exploitation of the vulnerability could allow An attacker acting remotely could gain access to confidential information A...

7.5CVSS6.7AI score0.0051EPSS

Exploits0

FreeBSD•added 2025/02/25 12:0 a.m.•12 views

glpi-project -- GLPI multiple vulnerabilities

[email protected] reports: CVE-2024-11955: A vulnerability was found in GLPI up to 10.0.17. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument redirect leads to open redirect. The...

9.8CVSS6.5AI score0.28839EPSS

Exploits8References9

Redos•added 2025/01/09 12:0 a.m.•16 views

ROS-20250109-03

Vulnerability of GLPI system of requests, incidents and inventory of computer equipment is related to Failure to take measures to protect the SQL query structure. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary code Vulnerability of the GLPI system...

9.3CVSS7.5AI score0.19755EPSS

Exploits0

FreeBSD•added 2023/12/13 12:0 a.m.•29 views

GLPI -- multiple vulnerabilities

GLPI team reports: GLPI 10.0.11 Changelog SECURITY - moderate Authenticated SQL Injection CVE-2023-43813 SECURITY - high SQL injection through inventory agent request CVE-2023-46727 SECURITY - high Remote code execution from LDAP server configuration form on PHP 7.4 CVE-2023-46726...

9.8CVSS9.5AI score0.23296EPSS

Exploits0References1

OSV•added 2015/01/09 4:44 p.m.•4 views

MGASA-2015-0017 Updated glpi package fixes security vulnerabilities

Updated glpi package fixes security vulnerabilities: Due to a bug in GLPI before 0.84.7, a user without access to cost information can in fact see the information when selecting cost as a search criteria CVE-2014-5032. An issue in GLPI before 0.84.8 may allow arbitrary local files to be included ...

7.5CVSS7.3AI score0.09123EPSS

Exploits4References7

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by