CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16 matches found

ATTACKERKB•added 2026/03/25 12:0 a.m.•2 views

CVE-2025-59706

In N2W before 4.3.2 and 4.4.0 before 4.4.1, improper validation of API request parameters enables remote code execution...

6.1AI score0.00321EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-26202

Malware in sbrugna...

8CVSS7.9AI score0.01244EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2019-2078

Malware in sbrugna...

6.5CVSS6.6AI score0.00108EPSS

Exploits1References2

Veracode•added 2024/05/02 6:27 a.m.•15 views

HTTP Parameter Tampering

github.com/navidrome/navidrome is vulnerable to HTTP Parameter Tampering. The vulnerability is due to improper parameter validation within HTTP requests. An attacker can impersonate other users and perform unauthorized actions such as creating playlists, adding songs, posting comments, and changi...

4.2CVSS6.8AI score0.00347EPSS

Exploits1References2Affected Software1

OSV•added 2022/10/17 4:15 p.m.•0 views

CVE-2022-23770

This vulnerability could allow a remote attacker to execute remote commands with improper validation of parameters of certain API constructors. Remote attackers could use this vulnerability to execute malicious commands such as directory traversal...

9.8CVSS5.9AI score

Exploits0References1

Cvelist•added 2022/04/05 1:5 a.m.•9 views

CVE-2021-42324

An issue was discovered on DCN Digital China Networks S4600-10P-SI devices before R0241.0470. Due to improper parameter validation in the console interface, it is possible for a low-privileged authenticated attacker to escape the sandbox environment and execute system commands as root via shell...

7.9AI score0.00141EPSS

Exploits1References2

CVE•added 2022/04/05 1:5 a.m.•59 views

CVE-2021-42324

The CVE-2021-42324 issue affects DCN S4600-10P-SI switches (pre-R0241.0470). Root cause: improper parameter validation in the console interface. An authenticated, low-privilege attacker can escape the sandbox and execute system commands as root via shell metacharacters in the capture command para...

7.4CVSS7.7AI score0.00141EPSS

Exploits1References2Affected Software1

NVD•added 2021/08/30 7:15 p.m.•14 views

CVE-2021-37417

Zoho ManageEngine ADSelfService Plus version 6103 and prior allows CAPTCHA bypass due to improper parameter validation...

9.8CVSS0.17099EPSS

Exploits0References1

OSV•added 2021/05/22 7:15 a.m.•0 views

CVE-2021-1358

A vulnerability in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to redirect a user to an undesired web page. This vulnerability is due to improper input validation of the URL parameters in an HTTP request that is sent to an affected system. A...

6.1CVSS6.4AI score

Exploits0References1

CVE•added 2021/02/15 3:5 p.m.•39 views

CVE-2020-4955

CVE-2020-4955 concerns IBM Spectrum Protect Operations Center. The IBM bulletin documents that versions 7.1.0.000–7.1.12.x and 8.1.0.000–8.1.10.100 (and 8.1.11.000) are affected by an improper parameter validation flaw. A remote attacker could exploit this by crafting an unspecified servlet reque...

8CVSS8AI score0.01244EPSS

Exploits0References2Affected Software1

OSV•added 2021/01/20 9:15 p.m.•0 views

CVE-2021-1218

A vulnerability in the web management interface of Cisco Smart Software Manager satellite could allow an authenticated, remote attacker to redirect a user to an undesired web page. The vulnerability is due to improper input validation of the URL parameters in an HTTP request that is sent to an...

5.4CVSS5.9AI score

Exploits0References1

CNNVD•added 2020/12/18 12:0 a.m.•2 views

Xinuos Openserver 跨站脚本漏洞

Xinuos Openserver is a FreeBSD-based operating system from the American company Xinuos. Xinuo suffers from a cross-site scripting vulnerability that stems from the lack of proper validation of client data in the application parameter section. A remote attacker can exploit this vulnerability by...

6.1CVSS6.4AI score0.01051EPSS

Exploits3References5

CNVD•added 2020/08/14 12:0 a.m.•3 views

Huawei FusionCompute Command Injection Vulnerability

Huawei FusionCompute is a computer virtualization engine from Huawei China. The product provides Virtual Resource Manager VRM and Compute Node Agent CNA, among others. A command injection vulnerability exists in Huawei FusionCompute version 8.0.0, which stems from the device not adequately...

8.8CVSS7.7AI score0.02058EPSS

Exploits0References1

CNVD•added 2019/07/23 12:0 a.m.•25 views

SweetScape 010 Editor Arbitrary Memory Overwrite Vulnerability

010 Editor is a professional text editor and hexadecimal editor for quickly and easily editing the contents of any file on your computer. An arbitrary memory overwrite vulnerability exists in SweetScape 010 Editor 9.0.1. The vulnerability stems from improper validation of parameters in the intern...

5.8CVSS5.7AI score0.00579EPSS

Exploits1References1

CNVD•added 2017/06/27 12:0 a.m.•2 views

ntopng cross-site scripting vulnerability (CNVD-2017-16033)

NTOPNG is the next generation version of NTOP, computer software for monitoring traffic on a computer network. A cross-site scripting vulnerability exists in ntopng. The vulnerability stems from improper validation of GET and POST parameters and can be exploited by an attacker to inject arbitrary...

6.1CVSS6.3AI score0.00227EPSS

Exploits0References1

securityvulns•added 2001/07/31 12:0 a.m.•44 views

Multiple Remote DoS vulnerabilities in Microsoft DCE/RPC deamons

BindView Security Advisory -------- Multiple Remote DoS vulnerabilities in Microsoft DCE/RPC deamons Issue Date: July 30, 2001 Contact: [email protected] Topic: Many Microsoft DCE/RPC servers are vulnerable to remote DoS attacks Overview: Many DCE/RPC servers don't do proper parameter...

7.5AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by