CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

141 matches found

IBM Security Bulletins•added 2026/05/14 4:56 p.m.•7 views

Security Bulletin: This Power System update is being released to address CVE-2026-7254

Summary The BMC's HTTPS interface is vulnerable to denial of service attacks by unauthenticated network users. Vulnerability Details CVEID:CVE-2026-7254 DESCRIPTION: OpenBMC HTTPS service is vulnerable to attacks by unauthenticated network users which can result in denial of service. CWE:CWE-1284...

5.3CVSS5.8AI score0.00099EPSS

Exploits0

RedhatCVE•added 2026/03/26 3:13 p.m.•3 views

CVE-2025-15554

Browser caching of LAPS passwords in Truesec’s LAPSWebUI before version 2.4 allows an attacker with access to a workstation to escalate their privileges via disclosure of local admin passwords...

6CVSS5.8AI score0.00019EPSS

Exploits0References1

Vulnrichment•added 2026/03/25 11:23 p.m.•2 views

CVE-2026-33915 OpenEMR Missing ACL Checks on Insurance Company API Routes

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, five insurance company REST API routes are missing the RestConfig::requestauthorizationcheck call that every other data-modifying route in the standard API uses. This...

5.4CVSS5.8AI score0.00016EPSS

Exploits0References3

CNNVD•added 2026/02/20 12:0 a.m.•4 views

Jinan USR IOT USR-W610 安全漏洞

Jinan USR IOT USR-W610 is a serial-to-Ethernet converter developed by Jinan USR IOT. There is a security vulnerability in the Jinan USR IOT USR-W610. This vulnerability stems from the fact that the embedded Web interface of the device does not support HTTPS/TLS authentication and uses HTTP basic...

7.5CVSS5.8AI score0.00033EPSS

Exploits0References2

RedhatCVE•added 2026/02/04 7:27 p.m.•3 views

CVE-2026-24434

Shenzhen Tenda AC7 firmware version V03.03.03.01cn and prior does not implement CSRF protections for administrative functions in the web management interface. The interface does not enforce anti-CSRF tokens or robust origin validation, which can allow an attacker to induce a logged-in administrat...

6.5CVSS5.5AI score0.00008EPSS

Exploits0References1