CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

NVD•added 2026/05/03 11:16 p.m.•5 views

CVE-2026-7707

A vulnerability was found in Open5GS up to 2.7.7. Impacted is the function udrnudrdrhandlesubscriptioncontext of the file /src/udr/nudr-handler.c of the component UDR. The manipulation of the argument pei results in denial of service. The attack can be launched remotely. The exploit has been made...

5.3CVSS0.00021EPSS

Exploits0References7

Positive Technologies•added 2026/03/16 12:0 a.m.•3 views

PT-2026-25854

Summary A critical unrestricted file upload vulnerability exists in the Documents & Files module of Admidio. Due to a design flaw in how CSRF token validation and file extension verification interact within UploadHandlerFile.php, an authenticated user with upload permissions can bypass file...

8.8CVSS6.2AI score0.00051EPSS

Exploits1References7

CNNVD•added 2026/01/28 12:0 a.m.•1 views

Open5GS security vulnerabilities

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for Lte/Nr networks. Versions of Open5GS 2.7.6 and earlier contain security vulnerabilities. These vulnerabilities stem from improper handling of the function...

7.5CVSS6AI score0.0022EPSS

Exploits1References7

Zero Day Initiative•added 2025/11/25 12:0 a.m.•4 views

Arista NG Firewall replace_marker Exposed Dangerous Function Authentication Bypass Vulnerability

This vulnerability allows remote attackers to to bypass authentication on affected installations of Arista NG Firewall. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handler.p...

8.8CVSS6.7AI score0.00046EPSS

Exploits0References1

CNNVD•added 2025/09/02 12:0 a.m.•1 views

Google Android 安全漏洞

Google Android is a Linux-based open source operating system from Google. Google Android suffers from an elevation of privilege vulnerability, which stems from a lack of privilege checking in the onLastAccessedStackLoaded function in ActionHandler.java, which can be exploited by an attacker to...

7.3CVSS5.8AI score0.00007EPSS

Exploits0References5

NVD•added 2025/07/28 3:15 p.m.•2 views

CVE-2025-54418

CodeIgniter is a PHP full-stack web framework. A command injection vulnerability present in versions prior to 4.6.2 affects applications that use the ImageMagick handler for image processing imagick as the image library and either allow file uploads with user-controlled filenames and process...

9.8CVSS0.03881EPSS

Exploits0References4

Snyk•added 2025/07/07 7:45 p.m.•2 views

Regular Expression Denial of Service (ReDoS)

Overview fastapi-guard is a Security library for FastAPI to control IPs and more. Affected versions of this package are vulnerable to Regular Expression Denial of Service ReDoS via the SusPatternsManager class in the suspatternshandler.py file. An attacker can cause excessive resource consumption...

7.5CVSS6.8AI score0.00472EPSS

Exploits1References2

OSV•added 2024/08/25 6:15 a.m.•5 views

CVE-2024-8145

A vulnerability, which was classified as problematic, has been found in ClassCMS 4.8. Affected by this issue is some unknown functionality of the file /index.php/admin of the component Article Handler. The manipulation of the argument Title leads to basic cross site scripting. The attack may be...

4.8CVSS6.1AI score

Exploits0References4

NVD•added 2024/01/09 11:15 p.m.•7 views

CVE-2024-0352

A vulnerability classified as critical was found in Likeshop up to 2.5.7.20210311. This vulnerability affects the function FileServer::userFormImage of the file server/application/api/controller/File.php of the component HTTP POST Request Handler. The manipulation of the argument file leads to...

9.8CVSS8.7AI score0.91891EPSS

Exploits1References3

NVD•added 2023/10/26 6:15 p.m.•8 views

CVE-2023-5796

A vulnerability was found in CodeAstro POS System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /setting of the component Logo Handler. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been...

8.8CVSS7AI score0.00077EPSS

Exploits1References3

CNNVD•added 2022/12/18 12:0 a.m.•2 views

ctrlo lenio 安全漏洞

lenio is an open source facility management system from ctrlo. A security vulnerability exists in ctrlo lenio, which stems from unknown code in the views/task.tt file of its Task Handler component that operates on the parameters site.org.name/check.name/task.tasktype allowing an attacker to...

6.1CVSS5.7AI score0.00307EPSS

Exploits0References3

CNVD•added 2020/04/07 12:0 a.m.•1 views

CIPPlanner CIPAce Code Execution Vulnerability

CIPPlanner CIPAce is a suite of business process automation and application development platforms from the US-based CIPPlanner. A security vulnerability exists in CIPPlanner CIPAce version 9.1 Build 2019092801. A remote attacker can exploit the vulnerability to execute arbitrary code with the hel...

9.8CVSS7.8AI score0.03189EPSS

Exploits1References1

Prion•added 2007/10/26 6:46 p.m.•11 views

Directory traversal

Multiple directory traversal vulnerabilities in TikiWiki 1.9.8.1 and earlier allow remote attackers to include and execute arbitrary files via an absolute pathname in 1 errorhandlerfile and 2 localphp parameters to a tiki-index.php, or 3 encoded "..%2F" sequences in the implanguage parameter to...

7.5CVSS7.7AI score0.01935EPSS

Exploits0References2Affected Software1