CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2025/09/01 9:18 p.m.•3 views

CVE-2024-28988 SolarWinds Web Help Desk Java Deserialization Remote Code Execution Vulnerability

9.8CVSS7AI score0.36619EPSS

CVE•added 2025/09/01 9:18 p.m.•26 views

CVE-2024-28988

SolarWinds Web Help Desk is affected by a Java deserialization Remote Code Execution flaw that could allow unauthenticated remote commands on the host. Root cause appears to be insecure deserialization in the Web Help Desk component. The vulnerability is addressed by upgrading to 12.8.3 with Hotf...

9.8CVSS7AI score0.36619EPSS

In wildExploits0References2Affected Software1

Cvelist•added 2025/09/01 9:18 p.m.•19 views

CVE-2024-28988 SolarWinds Web Help Desk Java Deserialization Remote Code Execution Vulnerability

9.8CVSS0.36619EPSS

CNNVD•added 2025/09/01 12:0 a.m.•5 views

SolarWinds Web Help Desk 代码问题漏洞

SolarWinds Web Help Desk is a suite of help desk and asset management software from US-based SolarWinds. The software supports centralized knowledge base, IT asset management, project and task management, and other features. A code issue vulnerability exists in SolarWinds Web Help Desk version...

9.8CVSS7.8AI score0.36619EPSS

Tenable Nessus•added 2025/08/30 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2019-1010305

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - libmspack 0.9.1alpha is affected by: Buffer Overflow. The impact is: Information Disclosure. The component is: function chmdreadheaders in libmspackfile...

5.5CVSS6AI score0.01464EPSS

OSV•added 2025/08/28 7:38 a.m.•1 views

MAL-2025-41598 Malicious code in redux-saga-help (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score

OSSF Malicious Packages•added 2025/08/28 7:38 a.m.•2 views

Malicious code in redux-saga-help (npm)

--- -= Per source details. Do not edit below this line.=-...

7AI score

NVD•added 2025/08/25 2:15 p.m.•3 views

CVE-2024-39923

An issue was discovered in Mahara 24.04 before 24.04.2 and 23.04 before 23.04.7. The About, Contact, and Help footer links can be set up to be vulnerable to Cross Site Scripting XSS due to not sanitising the values. These links can only be set up by an admin but are clickable by any logged-in...

6.1CVSS0.00229EPSS

Tenable Nessus•added 2025/08/25 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2015-4469

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The chmdreadheaders function in chmd.c in libmspack before 0.5 does not validate name lengths, which allows remote attackers to cause a denial of service buffer...

4.3CVSS7.3AI score0.01456EPSS

Cvelist•added 2025/08/25 12:0 a.m.•6 views

CVE-2024-39923

0.00229EPSS

Tenable Nessus•added 2025/08/24 12:0 a.m.•1 views

Linux Distros Unpatched Vulnerability : CVE-2015-4467

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The chmdinitdecomp function in chmd.c in libmspack before 0.5 does not properly validate the reset interval, which allows remote attackers to cause a denial of...

4.3CVSS6.3AI score0.01456EPSS

RedhatCVE•added 2025/08/23 8:13 p.m.•4 views

CVE-2010-20109

Barracuda products, confirmed in Spam & Virus Firewall, SSL VPN, and Web Application Firewall versions prior to October 2010, contain a path traversal vulnerability in the viewhelp.cgi endpoint. The locale parameter fails to properly sanitize user input, allowing attackers to inject traversal...

8.7CVSS7.4AI score0.01088EPSS

Exploits0References1

NVD•added 2025/08/21 8:15 p.m.•5 views

CVE-2010-20109

8.7CVSS0.01088EPSS

Vulnrichment•added 2025/08/21 8:9 p.m.•2 views

CVE-2010-20109 Barracuda Spam & Virus Firewall "locale" Path Traversal

8.7CVSS6.7AI score0.01088EPSS

Cvelist•added 2025/08/21 8:9 p.m.•14 views

CVE-2010-20109 Barracuda Spam & Virus Firewall "locale" Path Traversal

8.7CVSS0.01088EPSS

CVE•added 2025/08/21 8:9 p.m.•14 views

CVE-2010-20109

CVE-2010-20109 affects Barracuda Spam & Virus Firewall, SSL VPN, and Web Application Firewall before October 2010. The flaw is a path traversal in the view_help.cgi endpoint caused by improper sanitization of the locale parameter, allowing unauthenticated remote attackers to inject traversal sequ...

8.7CVSS7.3AI score0.01088EPSS

CNNVD•added 2025/08/21 12:0 a.m.•1 views

Barracuda Spam & Virus Firewall 安全漏洞

Barracuda Spam & Virus Firewall is an email security gateway from Barracuda USA. A security vulnerability exists in Barracuda Spam & Virus Firewall, SSL VPN, and Web Application Firewall versions prior to 2010.10, which stems from a path traversal in the viewhelp.cgi endpoint that could lead to...

8.7CVSS6.6AI score0.01088EPSS

Exploits0References6

Positive Technologies•added 2025/08/21 12:0 a.m.•4 views

PT-2025-34285 · Undefined · Undefined

Barracuda products, confirmed in Spam & Virus Firewall, SSL VPN, and Web Application Firewall versions prior to October 2010, contain a path traversal vulnerability in the view help.cgi endpoint. The locale parameter fails to properly sanitize user input, allowing attackers to inject traversal...

8.7CVSS7.3AI score0.01088EPSS

Exploits0References5

Tenable Nessus•added 2025/08/18 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2025-3155

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in Yelp. The Gnome user help application allows the help document to execute arbitrary scripts. This vulnerability allows malicious users to...

7.4CVSS7.1AI score0.10598EPSS