CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

Cvelist•added 2026/03/27 10:10 p.m.•16 views

CVE-2026-33991 WeGIA has SQL Injection in deletar_tag.php

WeGIA is a web manager for charitable institutions. Prior to version 3.6.7, the file html/socio/sistema/deletartag.php uses extract$REQUEST on line 14 and directly concatenates the $idtag variable into SQL queries on lines 16-17 without prepared statements or sanitization. Version 3.6.7 patches t...

8.8CVSS0.00077EPSS

Exploits1References1

CVE•added 2025/03/20 10:10 a.m.•53 views

CVE-2024-7776

The CVE-2024-7776 issue affects the ONNX framework (onnx) in the download_model path, vulnerable in versions up to and including 1.16.1. The root cause is inadequate prevention of path traversal in tar files, allowing an attacker to overwrite arbitrary files in the user’s directory, with potentia...

9.1CVSS8.3AI score0.0526EPSS

Exploits1References1Affected Software1

Circl•added 2025/02/05 4:47 a.m.•1 views

CVE-2025-25246

creationtimestamp| type| source ---|---|--- 2025-02-05 04:47:45+00:00| seen| https://infosec.exchange/users/cve/statuses/113949465977567561 2025-02-05 05:15:48+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhfsvyal5g2p 2025-02-05 06:30:19+00:00| seen|...

8.1CVSS7.5AI score0.04978EPSS

Exploits0References12

Circl•added 2025/01/27 10:17 p.m.•6 views

CVE-2025-24093

creationtimestamp| type| source ---|---|--- 2025-01-27 22:17:03+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lgqxrtdf7h2r 2026-04-02 22:13:16+00:00| seen| Telegram/1VY8MpNVA79m69idlg0PlCm-VEfnIGZE83YqkcRJPUJUZg...

9.8CVSS5.7AI score0.00123EPSS

Exploits0References1

Debian CVE•added 2024/11/19 5:22 p.m.•10 views

CVE-2024-53063

In the Linux kernel, the following vulnerability has been resolved: media: dvbdev: prevent the risk of out of memory access The dvbdev contains a static variable used to store dvb minors. The behavior of it depends if CONFIGDVBDYNAMICMINORS is set or not. When not set, dvbregisterdevice won't che...

5.5CVSS5.6AI score0.00016EPSS

Exploits0

Circl•added 2024/01/10 11:26 p.m.•2 views

CVE-2023-41069

creationtimestamp| type| source ---|---|--- 2024-01-10 23:26:56+00:00| seen| https://t.me/ctinow/166227 2024-01-30 09:41:35+00:00| seen| https://t.me/ctinow/175779 2025-06-17 16:41:18+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/18621...

5.5CVSS5.5AI score0.00079EPSS

Exploits0References3

ATTACKERKB•added 2023/12/07 1:15 p.m.•1 views

CVE-2023-49957

An issue was discovered in Dalmann OCPP.Core before 1.3.0 for OCPP Open Charge Point Protocol for electric vehicles. It permits multiple transactions with the same connectorId and idTag, contrary to the expected ConcurrentTx status. This could result in critical transaction management and billing...

7.5CVSS7.1AI score0.00299EPSS

Exploits1References2

OpenVAS•added 2008/10/17 12:0 a.m.•21 views

VLC Media Player XSPF Playlist Memory Corruption Vulnerability (Linux)

This host is installed with VLC Media Player and is prone to Memory Corruption Vulnerability. OpenVAS Vulnerability Test $Id: gbvlcmediaplayermemcrptnvulnlin.nasl 5158 2017-02-01 14:53:04Z mime $ VLC Media Player XSPF Playlist Memory Corruption Vulnerability Linux Authors: Veerendra GG Copyright:...

6.8CVSS0.6AI score0.19574EPSS

Exploits1References3

Prion•added 2008/10/15 12:0 a.m.•12 views

Code injection

Array index error in VLC media player 0.9.2 allows remote attackers to overwrite arbitrary memory and execute arbitrary code via an XSPF playlist file with a negative identifier tag, which passes a signed comparison...

6.8CVSS7.8AI score0.19574EPSS

Exploits1References8Affected Software1