CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

222 matches found

NVD•added 2026/06/04 11:16 a.m.•12 views

CVE-2026-49077

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Tips and Tricks HQ WP eMember allows Retrieve Embedded Sensitive Data. This issue affects WP eMember: from n/a through v10.2.2...

5.3CVSS0.00192EPSS

Exploits0References1

Positive Technologies•added 2026/06/04 12:0 a.m.•13 views

PT-2026-46181

Name of the Vulnerable Software and Affected Versions WP eMember versions prior to 10.2.3 Description An issue in the software allows the retrieval of embedded sensitive system information by an unauthorized control sphere. Recommendations Update to a version later than 10.2.2...

5.3CVSS5.5AI score0.00192EPSS

Exploits0References5

NVD•added 2026/05/04 3:16 a.m.•21 views

CVE-2026-7723

A flaw has been found in PrefectHQ prefect up to 3.6.13. Affected is an unknown function of the file /api/events/in of the component WebSocket Endpoint. Executing a manipulation can lead to missing authentication. The attack may be performed from remote. The exploit has been published and may be...

7.5CVSS0.00421EPSS

Exploits0References8

IBM Security Bulletins•added 2026/04/27 6:31 a.m.•6 views

Security Bulletin: Multiple security vulnerabilities related to Angular and JJWT have been fixed in IBM Informix HQ 3.2.2.

Summary IBM Informix HQ versions before 3.2.2 are affected by several security flaws in third-party components Angular and JJWT. These vulnerabilities have been fixed in IBM Informix HQ 3.2.2. Vulnerability Details CVEID:CVE-2026-27970 DESCRIPTION: Angular is a development platform for building...

8.5CVSS6.7AI score0.00776EPSS

Exploits2Affected Software1

CVE•added 2026/04/20 9:45 a.m.•9 views

CVE-2026-6626

Technical details are not publicly provided in the supplied documents. The CVE affects Cockpit-HQ Cockpit up to 2.13.5 (Asset Handler/Aggregate Handler data query logic); remote exploit claimed. Monitor for updates.

6.5CVSS6.2AI score0.00232EPSS

Exploits0References4

Vulnrichment•added 2026/04/20 9:45 a.m.•2 views

CVE-2026-6626 Cockpit-HQ Cockpit Asset Handler/Aggregate data query logic injection

A vulnerability was detected in Cockpit-HQ Cockpit up to 2.13.5. Affected by this issue is some unknown functionality of the component Asset Handler/Aggregate Handler. The manipulation results in improper neutralization of special elements in data query logic. It is possible to launch the attack...

6.5CVSS5.4AI score0.00232EPSS

Exploits0References4

Cvelist•added 2026/04/20 9:45 a.m.•32 views

CVE-2026-6626 Cockpit-HQ Cockpit Asset Handler/Aggregate data query logic injection

6.5CVSS0.00232EPSS

Exploits0References4

OSV•added 2026/04/08 3:8 p.m.•3 views

MINI-R5R6-92HQ-2R3R

Bulletin has no description...

5.7AI score

Exploits0

RedhatCVE•added 2026/03/26 3:7 p.m.•2 views

CVE-2026-28070

Missing Authorization vulnerability in Tips and Tricks HQ WP eMember allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP eMember: from n/a through v10.2.2...

5.3CVSS5.2AI score0.00261EPSS

Exploits0References1

EUVD•added 2026/03/19 6:30 a.m.•4 views

EUVD-2026-13049

Missing Authorization vulnerability in Tips and Tricks HQ WP eMember allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP eMember: from n/a through v10.2.2...

5.3CVSS5.8AI score0.00261EPSS

Exploits0References2

NVD•added 2026/03/19 6:16 a.m.•2 views

CVE-2026-28070

Missing Authorization vulnerability in Tips and Tricks HQ WP eMember allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP eMember: from n/a through v10.2.2...

5.3CVSS0.00261EPSS

Exploits0References1

Vulnrichment•added 2026/03/19 5:20 a.m.•2 views

CVE-2026-28070 WordPress WP eMember plugin <= v10.2.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Tips and Tricks HQ WP eMember allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP eMember: from n/a through v10.2.2...

5.3CVSS5.8AI score0.00261EPSS

Exploits0References1

ATTACKERKB•added 2026/03/19 5:18 a.m.•3 views

CVE-2026-28073

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tips and Tricks HQ WP eMember allows Reflected XSS.This issue affects WP eMember: from n/a through v10.2.2...

7.1CVSS5.8AI score0.00149EPSS

Exploits0References2

OSV•added 2026/01/29 12:42 a.m.•1 views

CGA-3R43-HQ4X-HV47

Bulletin has no description...

4.9CVSS6.6AI score0.0256EPSS

Exploits0

Positive Technologies•added 2026/01/21 12:0 a.m.•4 views

PT-2026-3800

Digital Crime Report Management System 1.0 contains a critical SQL injection vulnerability affecting multiple login pages that allows unauthenticated attackers to bypass authentication. Attackers can exploit the vulnerability by sending crafted SQL injection payloads in email and password...

8.8CVSS5.9AI score0.00387EPSS

Exploits0References5

RedhatCVE•added 2026/01/09 9:26 a.m.•3 views

CVE-2023-4422

Cross-site Scripting XSS - Stored in GitHub repository cockpit-hq/cockpit prior to 2.6.3...

6.8CVSS5.9AI score0.00556EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 8:57 a.m.•7 views

CVE-2023-4433

Cross-site Scripting XSS - Stored in GitHub repository cockpit-hq/cockpit prior to 2.6.4...

8.3CVSS5.9AI score0.00484EPSS

Exploits1References1