CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

Positive Technologies•added 2025/07/23 12:0 a.m.•1 views

PT-2025-30585 · Unknown · Oscommerce Online Merchant

Name of the Vulnerable Software and Affected Versions: osCommerce Online Merchant version 2.3.4.1 Description: A remote code execution issue exists due to insecure default configuration and missing authentication in the installer workflow. The /install/ directory remains accessible after...

9.3CVSS7.8AI score0.78786EPSS

Exploits0References6

Positive Technologies•added 2025/06/10 12:0 a.m.•1 views

PT-2025-24828 · Microsoft · Windows Installer +1

Name of the Vulnerable Software and Affected Versions: Windows Installer affected versions not specified Description: The issue is related to improper access control in Windows Installer, allowing an authorized attacker to elevate privileges locally. Recommendations: At the moment, there is no...

7.8CVSS5.7AI score0.00599EPSS

Exploits0References9

RedhatCVE•added 2025/05/22 8:38 a.m.•4 views

CVE-2019-3652

Code Injection vulnerability in EPSetup.exe in McAfee Endpoint Security ENS Prior to 10.6.1 October 2019 Update allows local user to get their malicious code installed by the ENS installer via code injection into EPSetup.exe by an attacker with access to the installer...

5.3CVSS7.4AI score0.00121EPSS

Exploits0References1

Positive Technologies•added 2024/07/24 12:0 a.m.•2 views

PT-2024-9205 · Mcafee · Mcafee Total Protection

Name of the Vulnerable Software and Affected Versions: McAfee Total Protection versions 16.0.53 Description: The issue is related to an Uncontrolled Search Path Element in the McAfee Direct Stub Installer, which can allow an attacker to elevate their privileges and execute arbitrary code. This ca...

6.7CVSS7.6AI score0.00051EPSS

Exploits0References9

Positive Technologies•added 2024/04/09 12:0 a.m.•1 views

PT-2024-21773 · Zoom · Zoom Desktop Client For Macos

Name of the Vulnerable Software and Affected Versions: Zoom Desktop Client for macOS versions prior to 5.17.10 Description: The issue is related to improper privilege management in the installer, which may allow a privileged user to conduct an escalation of privilege via local access...

6.7CVSS6.6AI score0.00017EPSS

Exploits0References6

CNNVD•added 2024/03/13 12:0 a.m.•2 views

Zoom Rooms Security Breach

Zoom Rooms is a software-based conferencing system from Zoom USA. A system that allows web conferencing on fixed endpoints, similar to traditional video conferencing systems. A security vulnerability exists in Zoom Rooms Client versions prior to 5.17.5 that stems from improper access control in t...

7.2CVSS6.6AI score0.00052EPSS

Exploits0References2

Positive Technologies•added 2024/02/22 12:0 a.m.•0 views

PT-2024-1852 · Basercms · Basercms

Name of the Vulnerable Software and Affected Versions: baserCMS versions prior to 5.0.9 Description: The issue is related to an OS Command Injection vulnerability in the site search feature of baserCMS. This vulnerability can be exploited by a remote attacker to execute arbitrary commands. The...

8.1CVSS8.1AI score0.00755EPSS

Exploits0References10

Positive Technologies•added 2022/08/30 12:0 a.m.•1 views

PT-2022-23854 · Vim · Gvim

Name of the Vulnerable Software and Affected Versions: gvim version 9.0.0000 Description: An issue in the installer of gvim allows authenticated attackers to execute arbitrary code via a binary hijacking attack on C:Program.exe. Recommendations: For gvim version 9.0.0000, consider restricting...

7.8CVSS7.8AI score0.0005EPSS

Exploits0References4

Positive Technologies•added 2022/06/15 12:0 a.m.•3 views

PT-2022-20614 · Abb · Abb Automation Builder +1

Name of the Vulnerable Software and Affected Versions: ABB Automation Builder Drive Composer affected versions not specified Description: The issue allows a low-privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content, provided the file does n...

7.8CVSS7AI score0.00137EPSS

Exploits0References3

Positive Technologies•added 2021/06/08 12:0 a.m.•2 views

PT-2021-6633 · Adobe · Photoshop Elements

Name of the Vulnerable Software and Affected Versions: Adobe Photoshop Elements versions 5.2 and earlier Description: The issue is related to the creation of temporary files with insecure permissions in Adobe Photoshop Elements. An unauthenticated attacker could exploit this to call functions...

6.2CVSS5.8AI score0.00121EPSS

Exploits0References4

Positive Technologies•added 2021/04/20 12:0 a.m.•2 views

PT-2021-11749 · Wondercms · Wondercms

Name of the Vulnerable Software and Affected Versions: WonderCMS version 3.1.3 Description: A server-side request forgery SSRF vulnerability in the addCustomThemePluginRepository function in index.php allows remote attackers to execute arbitrary code via a crafted URL to the theme/plugin installe...

9.8CVSS9.6AI score0.06608EPSS

Exploits2References9

Positive Technologies•added 2020/05/29 12:0 a.m.•3 views

PT-2020-6405 · Unknown +2 · Roundcubemail +2

Name of the Vulnerable Software and Affected Versions: Roundcube Mail versions prior to 1.4.5 Description: The issue is related to a Cross Site Scripting XSS vulnerability. It is associated with the smtp config in the installer. The vulnerability may allow a remote attacker to impact data...

9.8CVSS6.3AI score0.93275EPSS

Exploits9References63

OSV•added 2019/10/09 4:15 p.m.•1 views

CVE-2019-3652

5.3CVSS6.2AI score0.00121EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by