CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2483 matches found

Tenable Nessus•added 2025/10/28 12:0 a.m.•4 views

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Ruby vulnerabilities (USN-7840-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7840-1 advisory. It was discovered that the REXML module bunded into Ruby incorrectly handled parsing XML documents with repeated instances of...

7.5CVSS6.8AI score0.02064EPSS

Exploits1References7

OSV•added 2025/10/27 7:16 p.m.•1 views

CVE-2025-12365

Error Messages Wrapped In HTTP Header.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5...

5.3CVSS5.8AI score

Exploits0References1

EUVD•added 2025/10/25 5:31 a.m.•5 views

EUVD-2025-35905

The Password Protected plugin for WordPress is vulnerable to authorization bypass via IP address spoofing in all versions up to, and including, 2.7.11. This is due to the plugin trusting client-controlled HTTP headers such as X-Forwarded-For, HTTPCLIENTIP, and similar headers to determine user IP...

3.7CVSS5.3AI score0.00255EPSS

Exploits0References5

Positive Technologies•added 2025/10/25 12:0 a.m.•5 views

PT-2025-43704

Name of the Vulnerable Software and Affected Versions Password Protected plugin for WordPress versions prior to 2.7.12 Description The Password Protected plugin for WordPress is susceptible to authorization bypass through IP address spoofing. This occurs because the plugin relies on...

3.7CVSS6.2AI score0.00255EPSS

Exploits0References8

OSV•added 2025/10/23 12:15 p.m.•3 views

UBUNTU-CVE-2025-62396

An error-handling issue in the Moodle router r.php could cause the application to display internal directory listings when specific HTTP headers were not properly configured...

5.3CVSS5.8AI score0.00249EPSS

Exploits0References4

Cvelist•added 2025/10/23 11:28 a.m.•6 views

CVE-2025-62396 Moodle: router (r.php) could expose application directories

An error-handling issue in the Moodle router r.php could cause the application to display internal directory listings when specific HTTP headers were not properly configured...

5.3CVSS0.00249EPSS

Exploits0References2

Tenable Nessus•added 2025/10/08 12:0 a.m.•3 views

RockyLinux 9 : golang (RLSA-2025:10676)

The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2025:10676 advisory. net/http: Sensitive headers not cleared on cross-origin redirect in net/http CVE-2025-4673 Tenable has extracted the preceding description block directly from th...

6.8CVSS6.4AI score0.0056EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2016-8872

Malware in sbrugna...

8.1CVSS8AI score0.08673EPSS

Exploits4References7

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2017-14713

Malware in sbrugna...

6.1CVSS6.3AI score0.01136EPSS

Exploits1References5