CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

113 matches found

Tenable Nessus•added 2026/05/26 12:0 a.m.•18 views

Amazon Linux 2023 : httpd, httpd-core, httpd-devel (ALAS2023-2026-1720)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1720 advisory. An escalation of privilege bug in various modules in Apache HTTP 2.4.66 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. Users are recommended to...

9.8CVSS5.9AI score0.00717EPSS

Exploits2References22

CVE•added 2026/05/01 4:45 a.m.•6 views

CVE-2026-7554

CVE-2026-7554 affects D-Link M60 firmware up to 1.20B02. The issue involves an unknown functionality in /usr/bin/httpd, which enables weak password recovery. It can be exploited remotely with high attack complexity, and public disclosures indicate the exploit may be used. The CVSS indications in ...

8.1CVSS5.2AI score0.01097EPSS

Exploits1References5Affected Software1

EUVD•added 2026/05/01 4:45 a.m.•2 views

EUVD-2026-26480

A vulnerability was determined in D-Link M60 up to 1.20B02. Affected by this issue is some unknown functionality of the file /usr/bin/httpd. This manipulation causes weak password recovery. The attack can be initiated remotely. A high degree of complexity is needed for the attack. The exploitatio...

6.3CVSS4.6AI score0.01097EPSS

Exploits1References5

CVE•added 2026/04/09 2:0 a.m.•12 views

CVE-2026-5832

Affects atototo api-lab-mcp up to 0.2.1. The vulnerability resides in src/mcp/http-server.ts (function analyze_api_spec/generate_test_scenarios/test_http_endpoint) and stems from manipulating the argument source/url, enabling server-side request forgery. Exploitation is possible remotely, and the...

7.5CVSS5.5AI score0.00288EPSS

Exploits0References6

Tenable Nessus•added 2026/01/23 12:0 a.m.•10 views

RockyLinux 8 : java-21-openjdk (RLSA-2026:0928)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:0928 advisory. JDK: Improve JMX connections CVE-2026-21925 JDK: Improve HttpServer Request handling CVE-2026-21933 JDK: Enhance Certificate Checking CVE-2026-21945...

7.5CVSS6AI score0.00547EPSS

Exploits6References11

Tenable Nessus•added 2026/01/19 12:0 a.m.•5 views

MiracleLinux 3 : apr-1.2.7-11.AXS3.4 (AXSA:2011-195:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2011-195:01 advisory. The mission of the Apache Portable Runtime APR is to provide a free library of C data structures and routines, forming a system portability layer to as many...

4.3CVSS5.7AI score0.30406EPSS

Exploits5References2

Snyk•added 2025/12/02 7:43 p.m.•4 views

Use of Hard-coded Cryptographic Key

Overview arcade-mcp-server is a Model Context Protocol MCP server framework for Arcade.dev Affected versions of this package are vulnerable to Use of Hard-coded Cryptographic Key via the HTTP server uses a hardcoded default worker secret "dev" that is never validated or overridden during normal...

6.9CVSS6.9AI score0.00271EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2019-4250

Malware in sbrugna...

7.5CVSS5.7AI score0.01824EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2003-1075

Malware in sbrugna...

5CVSS6.4AI score0.04941EPSS

Exploits1References11