CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

113 matches found

CVE-2025-5090

CVX is not resilient to unexpected messages from a connected switch. This leads to agent crashes on CVX causing instability in the CVX cluster. An attacker could use this behavior to create a denial of service DoS scenario. Note that this would require the attacker to have a high privilege access...

7.1CVSS

Exploits0References1

EUVD•added yesterday•3 views

EUVD-2025-210075

In a CVX cluster, an EOS switch connected to a CVX server is not resilient to certain malformed messages received from the connected CVX server. Similarly, the CVX server is not resilient to certain malformed messages received from the connected EOS switch. This leads to either a Sysdb agent cras...

7.1CVSS5.5AI score

Exploits0References1

CNNVD•added 2026/05/13 12:0 a.m.•5 views

F5 BIG-IP 安全漏洞

F5 BIG-IP is an application delivery platform developed by F5 Technologies in the United States. It integrates functions such as network traffic management, application security management, and load balancing. F5 BIG-IP has a security vulnerability, which stems from the possibility for...

8.6CVSS6AI score0.00089EPSS

Exploits0References1

CNNVD•added 2026/04/21 12:0 a.m.•5 views

Oracle MySQL Server 安全漏洞

Oracle MySQL Server is a relational database management system developed by Oracle Corporation. There are security vulnerabilities in versions 8.0.0 to 8.0.45 of Oracle MySQL Server. These vulnerabilities stem from issues with the Server: DML component, which may allow attackers with high...

4.9CVSS7.2AI score0.00047EPSS

Exploits0References2

RedhatCVE•added 2026/03/26 3:10 p.m.•3 views

CVE-2026-32034

OpenClaw versions prior to 2026.2.21 contain an authentication bypass vulnerability in the Control UI when allowInsecureAuth is explicitly enabled and the gateway is exposed over plaintext HTTP, allowing attackers to bypass device identity and pairing verification. An attacker with leaked or...

8.1CVSS5.8AI score0.00114EPSS

Exploits0References1

OSV•added 2026/03/19 10:16 p.m.•3 views

CVE-2026-32034

6.8CVSS5.9AI score

Exploits0References3

EUVD•added 2026/03/19 10:7 p.m.•1 views

EUVD-2026-13316

6.8CVSS5.8AI score0.00114EPSS

Exploits0References3

Snyk•added 2026/02/18 12:57 a.m.•3 views

Directory Traversal

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Directory Traversal via the handling of module paths in the gateway configuration. An attacker can execute arbitrary code by supplying a crafted module path to the configuration if they...

8.6CVSS6.7AI score0.00101EPSS

Exploits0References2

RedhatCVE•added 2026/01/09 12:41 p.m.•6 views

CVE-2023-25185

An issue was discovered on NOKIA Airscale ASIKA Single RAN devices before 21B. A mobile network solution internal fault was found in Nokia Single RAN software releases. Certain software processes in the BTS internal software design have unnecessarily high privileges to BTS embedded operating syst...

7.8CVSS6.9AI score0.00035EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:46 a.m.•4 views

CVE-2022-0535

The E2Pdf WordPress plugin before 1.16.45 does not sanitise and escape some of its settings, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

4.8CVSS5.9AI score0.0224EPSS

Exploits2References1

RedhatCVE•added 2026/01/09 9:19 a.m.•5 views

CVE-2021-22219

All versions of GitLab CE/EE starting from 9.5 before 13.10.5, all versions starting from 13.11 before 13.11.5, and all versions starting from 13.12 before 13.12.2 allow a high privilege user to obtain sensitive information from log files because the sensitive information was not correctly...

4.9CVSS6.1AI score0.00207EPSS

Exploits0References1

Positive Technologies•added 2026/01/01 12:0 a.m.•4 views

PT-2026-34165

Name of the Vulnerable Software and Affected Versions Oracle VM VirtualBox version 7.2.6 Description An issue in the Core component allows a high privileged attacker with logon access to the infrastructure where the software executes to compromise the system. Successful exploitation can lead to...

5CVSS7.6AI score0.00017EPSS

Exploits0References4

Vulnrichment•added 2025/11/19 9:13 p.m.•3 views

CVE-2025-11884 Cross-site Scripting vulnerability discovered in OpenText™ Universal Discovery and CMDB

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in opentext uCMDB allows Stored XSS. The vulnerability could allow an attacker has high level access to UCMDB to create or update data with malicious scripts This issue affects uCMDB: 24.4...

2.3CVSS5.8AI score0.00041EPSS

Exploits0References1

CVE•added 2025/10/14 12:18 a.m.•5 views

CVE-2025-42909

CVE-2025-42909 (SAP Cloud Appliance Library Appliances) : A high-privilege attacker can exploit an insecure S/4HANA default profile setting in existing SAP CAL appliances to access other appliances. The impact is described as low for confidentiality with no impact on integrity or availability. Th...

3CVSS6.6AI score0.00024EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2021-22281

Malware in sbrugna...

4.9CVSS6.3AI score0.00311EPSS

Exploits0References6

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-16725

Malware in sbrugna...

6CVSS6.5AI score0.00072EPSS

Exploits0References6