CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

63 matches found

CNNVD•added 2026/03/25 12:0 a.m.•2 views

Apple macOS 安全漏洞

Apple macOS is a proprietary operating system developed by the American company Apple for Mac computers. Vulnerabilities exist in versions of Apple macOS such as Sequoia 15.7.5, Sonoma 14.8.5, and Tahoe 26.4. These vulnerabilities stem from insufficient security checks, which may allow applicatio...

5.3CVSS5.8AI score0.00044EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2005-1649

Malware in sbrugna...

7.5CVSS6.4AI score0.01015EPSS

Exploits1References4

EUVD•added 2025/10/07 12:30 a.m.•0 views

EUVD-2020-24871

Malware in sbrugna...

7.8CVSS7.6AI score0.00147EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2017-3936

Malware in sbrugna...

5.3CVSS5.5AI score0.00876EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2021-9595

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00179EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-18128

Malicious code in bioql PyPI...

6.7CVSS6.6AI score0.00044EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2025-10262

Malicious code in bioql PyPI...

7.5CVSS6.3AI score0.00002EPSS

Exploits0References2

Positive Technologies•added 2025/07/22 12:0 a.m.•1 views

PT-2025-30390 · WordPress · Orion Login With Sms

Name of the Vulnerable Software and Affected Versions: Orion Login with SMS plugin for WordPress versions up to and including 1.0.5 Description: The Orion Login with SMS plugin for WordPress is susceptible to authentication bypass due to insufficient security measures in the olws handle verify...

8.1CVSS7AI score0.00357EPSS

Exploits0References6

OSV•added 2025/05/31 5:57 a.m.•4 views

BIT-MOODLE-2024-34009 moodle: ReCAPTCHA can be bypassed on the login page

Insufficient checks whether ReCAPTCHA was enabled made it possible to bypass the checks on the login page. This did not affect other pages where ReCAPTCHA is utilized...

7.5CVSS6.6AI score0.00138EPSS

Exploits0References2

RedhatCVE•added 2025/05/23 10:41 a.m.•6 views

CVE-2024-48926

Umbraco, a free and open source .NET content management system, has an insufficient session expiration issue in versions on the 13.x branch prior to 13.5.2, 10.x prior to 10.8.7, and 8.x prior to 8.18.15. The Backoffice displays the logout page with a session timeout message before the server...

4.2CVSS6.9AI score0.00375EPSS

Exploits0

RedhatCVE•added 2025/05/23 7:48 a.m.•3 views

CVE-2024-20411

A vulnerability in Cisco NX-OS Software could allow an authenticated, local attacker with privileges to access the Bash shell to execute arbitrary code as root on an affected device. This vulnerability is due to insufficient security restrictions when executing commands from the Bash shell. An...

6.7CVSS7.8AI score0.00044EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 3:35 a.m.•5 views

CVE-2023-28113

russh is a Rust SSH client and server library. Starting in version 0.34.0 and prior to versions 0.36.2 and 0.37.1, Diffie-Hellman key validation is insufficient, which can lead to insecure shared secrets and therefore breaks confidentiality. Connections between a russh client and server or those ...

5.9CVSS6.5AI score0.00187EPSS

Exploits1References1

RedhatCVE•added 2025/05/23 2:38 a.m.•1 views

CVE-2023-23468

IBM Robotic Process Automation for Cloud Pak 21.0.1 through 21.0.7.3 and 23.0.0 through 23.0.3 is vulnerable to insufficient security configuration which may allow creation of namespaces within a cluster. IBM X-Force ID: 244500...

5.5CVSS6.5AI score0.00022EPSS

Exploits0References1

CVE•added 2025/04/14 3:32 p.m.•73 views

CVE-2025-22372

CVE-2025-22372 concerns SicommNet BASEC (SaaS). The issue is an insufficiently protected credential design in BASEC that enables password recovery. The underlying problem: passwords are stored in plain text or via reversible encryption, allowing an attacker with sufficient privileges to extract p...

9.3CVSS6.3AI score0.00136EPSS

Exploits0References3

Tenable Nessus•added 2024/12/04 12:0 a.m.•6 views

Cisco NX-OS Exposure of Resource to Wrong Sphere (CVE-2017-12342)

A vulnerability in the Open Agent Container OAC feature of Cisco Nexus Series Switches could allow an unauthenticated, local attacker to read and send packets outside the scope of the OAC. The vulnerability is due to insufficient internal security measures in the OAC feature. An attacker could...

6.8CVSS6.8AI score0.0007EPSS

Exploits0References7

Veracode•added 2024/10/21 9:24 a.m.•4 views

Information Exposure

magento/community-edition is vulnerable to Information Exposure. The vulnerability is due to insufficient security measures that allow an admin attacker to bypass protections intended to safeguard confidential information...

2.7CVSS6.7AI score0.00108EPSS

Exploits0References2Affected Software1

CNVD•added 2024/08/30 12:0 a.m.•4 views

Cisco NX-OS Software Elevation of Privilege Vulnerability (CNVD-2024-37700)

Cisco NX-OS Software is a set of data center-grade operating system software for switches from the U.S. company Cisco Cisco. An elevation of privilege vulnerability exists in Cisco NX-OS Software, which stems from insufficient security restrictions when executing application parameters from a Bas...

6.7CVSS7AI score0.00044EPSS

Exploits0References1

NVD•added 2024/08/28 5:15 p.m.•13 views

CVE-2024-20413

A vulnerability in Cisco NX-OS Software could allow an authenticated, local attacker with privileges to access the Bash shell to elevate privileges to network-admin on an affected device. This vulnerability is due to insufficient security restrictions when executing application arguments from the...

6.7CVSS0.00044EPSS

Exploits0References1