CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

665 matches found

Java-springboot-codebase 1.1 - Arbitrary File Read

OsamaTaher/Java-springboot-codebase is a collection of Java and Spring Boot code snippets, applications, and projects. Prior to commit c835c6f7799eacada4c0fc77e0816f250af01ad2, insufficient path traversal mechanisms make absolute path traversal possible. This vulnerability allows unauthorized...

8.7CVSS7.4AI score0.06841EPSS

Exploits4References5

Nuclei•added 2 days ago•14 views

RWS WorldServer - Authentication Bypass

An issue was discovered in RWS WorldServer before 11.7.3. Adding a token parameter with the value of 02 bypasses all authentication requirements. Arbitrary Java code can be uploaded and executed via a .jar archive to the ws-api/v2/customizations/api endpoint. id: CVE-2022-34267 info: name: RWS...

9.8CVSS7.4AI score0.78809EPSS

Exploits1References3

Vulnrichment•added 2026/05/27 12:0 a.m.•3 views

CVE-2026-38945

Command injection in Raynet rvia version 12.6 Update 8 and previous versions allows adversaries to execute arbitrary code via a crafted path that matches the improperly terminated search criteria of rvia's Java search using the find command...

6.2AI score0.00045EPSS

Exploits0References3

Cvelist•added 2026/05/27 12:0 a.m.•30 views

CVE-2026-38945

0.00045EPSS

Exploits0References3

CNNVD•added 2026/05/27 12:0 a.m.•4 views

RayVentory Scan Engine 安全漏洞

RayVentory Scan Engine is a network scanning engine developed by the German company RayVentory, designed for automatically discovering and collecting IT asset information. Version 12.6.4392.49 of the RayVentory Scan Engine contains a security vulnerability. This vulnerability stems from parameter...

7.8CVSS6.1AI score0.00074EPSS

Exploits2References4

AstraLinux•added 2026/05/20 5:53 a.m.•2 views

Astra Linux - уязвимость в batik

A vulnerability in Batik of Apache XML Graphics allows an attacker to execute untrusted Java code from an SVG. This issue affects Apache XML Graphics versions prior to 1.16. It is recommended to update to version 1.16...

7.5CVSS7.2AI score0.00526EPSS

Exploits0References1

EUVD•added 2026/05/05 12:31 p.m.•4 views

EUVD-2023-60563

Eclipse Equinox OSGi versions 3.8 through 3.18 contain a remote code execution vulnerability in the console interface that allows unauthenticated attackers to execute arbitrary code by exploiting the fork command functionality. Attackers can establish a telnet connection to the OSGi console,...

9.8CVSS6.7AI score0.00253EPSS

Exploits0References3

CVE•added 2026/05/05 11:24 a.m.•7 views

CVE-2023-54342

CVE-2023-54342 affects Eclipse Equinox OSGi versions 3.8–3.18. It is a remote code execution vulnerability in the OSGi console interface that allows unauthenticated attackers to execute arbitrary Java code by abusing the fork command. Exploitation involves establishing a telnet connection to the ...

9.8CVSS6.7AI score0.00253EPSS

Exploits0References2

Vulnrichment•added 2026/05/05 11:24 a.m.•2 views

CVE-2023-54342 Eclipse Equinox OSGi 3.8-3.18 Console Remote Code Execution

9.8CVSS6.7AI score0.00253EPSS

Exploits0References2

Veracode•added 2026/05/04 9:41 a.m.•8 views

Improper Input Validation

org.apache.activemq, activemq-broker is vulnerable to Improper Input Validation. The vulnerability is due to insufficient validation in HTTP Discovery transport handling, which allows an authenticated attacker to bypass previous fixes and exploit broker configuration loading to execute arbitrary...

8.8CVSS7.7AI score0.83461EPSS

Exploits11References3Affected Software3

CISA KEV Catalog•added 2026/03/19 12:0 a.m.•8 views

Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management Deserialization of Untrusted Data Vulnerability

Cisco Secure Firewall Management Center FMC Software and Cisco Security Cloud Control SCC Firewall Management contain a deserialization of untrusted data vulnerability in the web-based management interface that could allow an unauthenticated, remote attacker to execute arbitrary Java code as root...

10CVSS6.5AI score0.01403EPSS

In wildExploits4

Packet Storm News•added 2026/03/11 12:0 a.m.•0 views

TOSSS: A CVE-Based Software Security Benchmark for Large Language Models

With their increasing capabilities, Large Language Models LLMs are now used across many industries. They have become useful tools for software engineers and support a wide range of development tasks. As LLMs are increasingly used in software development workflows, a critical question arises: are...

5.9AI score

Exploits0

RedhatCVE•added 2026/03/05 7:30 p.m.•3 views

CVE-2026-20131

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center FMC Software could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected device. This vulnerability is due to insecure deserialization of a user-supplied Java...

10CVSS6.4AI score0.01403EPSS

Exploits4References1

CVE•added 2026/03/04 5:17 p.m.•85 views

CVE-2026-20131

CVE-2026-20131 affects Cisco Secure Firewall Management Center (FMC) Software via the web-based management interface. The root cause is insecure deserialization of untrusted Java byte streams, enabling an unauthenticated, remote attacker to execute arbitrary Java code as root. Affected artifacts ...

10CVSS6.6AI score0.01403EPSS

In wildExploits4References3Affected Software1