CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

59088 matches found

Positive Technologies•added 2026/01/01 12:0 a.m.•6 views

PT-2026-27414

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 149 Firefox ESR versions prior to 140.9 Thunderbird versions prior to 149 Thunderbird versions prior to 140.9 Description The software contains issues related to incorrect boundary conditions and uninitialized memory...

10CVSS6.4AI score0.00676EPSS

Exploits0References261

Positive Technologies•added 2026/01/01 12:0 a.m.•6 views

PT-2026-27401

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 149 Firefox ESR versions prior to 140.9 Thunderbird versions prior to 149 Thunderbird versions prior to 140.9 Description The JavaScript Engine component contains a JIT miscompilation issue. Recommendations Update...

10CVSS5.8AI score0.00676EPSS

Exploits0References260

Positive Technologies•added 2026/01/01 12:0 a.m.•3 views

PT-2026-21691

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 148 Firefox ESR versions prior to 115.33 Firefox ESR versions prior to 140.8 Thunderbird versions prior to 148 Thunderbird versions prior to 140.8 Description A use-after-free issue exists in the JavaScript: GC...

10CVSS5.1AI score0.00622EPSS

Exploits0References219

Positive Technologies•added 2026/01/01 12:0 a.m.•2 views

PT-2026-21695

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 148 Firefox ESR versions prior to 140.8 Thunderbird versions prior to 148 Thunderbird versions prior to 140.8 Description An integer overflow exists in the JavaScript: Standard Library component. This issue may allow...

10CVSS5.2AI score0.00757EPSS

Exploits2References262

Positive Technologies•added 2026/01/01 12:0 a.m.•6 views

PT-2026-21696

10CVSS5.5AI score0.00757EPSS

Exploits2References263

Positive Technologies•added 2026/01/01 12:0 a.m.•4 views

PT-2026-21698

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 148 Firefox ESR versions prior to 140.8 Thunderbird versions prior to 148 Thunderbird versions prior to 140.8 Description A use-after-free issue exists in the JavaScript Engine component. Recommendations Update Firefo...

10CVSS5.1AI score0.00757EPSS

Exploits2References262

Positive Technologies•added 2026/01/01 12:0 a.m.•4 views

PT-2026-21699

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 148 Firefox ESR versions prior to 140.8 Thunderbird versions prior to 148 Thunderbird versions prior to 140.8 Description A use-after-free issue exists in the JavaScript Engine’s JIT component. This can potentially...

10CVSS5.1AI score0.00757EPSS

Exploits2References262

Positive Technologies•added 2026/01/01 12:0 a.m.•4 views

PT-2026-21700

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 148 Firefox ESR versions prior to 140.8 Thunderbird versions prior to 148 Thunderbird versions prior to 140.8 Description A use-after-free issue exists in the JavaScript: WebAssembly component. This can potentially le...

10CVSS5.1AI score0.00757EPSS

Exploits2References262

Positive Technologies•added 2026/01/01 12:0 a.m.•5 views

PT-2026-21718

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 148 Firefox ESR versions prior to 140.8 Thunderbird versions prior to 148 Thunderbird versions prior to 140.8 Description The JavaScript Engine component contains an invalid pointer issue. Recommendations Update Firef...

10CVSS5.1AI score0.00622EPSS

Exploits0References218

Positive Technologies•added 2026/01/01 12:0 a.m.•4 views

PT-2026-21697

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 148 Firefox ESR versions prior to 115.33 Firefox ESR versions prior to 140.8 Thunderbird versions prior to 148 Thunderbird versions prior to 140.8 Description The software contains a flaw related to JIT miscompilation...

10CVSS5.2AI score0.00757EPSS

Exploits2References264

Positive Technologies•added 2026/01/01 12:0 a.m.•3 views

PT-2026-21716

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 148 Firefox ESR versions prior to 140.8 Thunderbird versions prior to 148 Thunderbird versions prior to 140.8 Description An information disclosure issue exists due to Just-In-Time JIT miscompilation within the...

10CVSS5.1AI score0.00622EPSS

Exploits0References217

Positive Technologies•added 2026/01/01 12:0 a.m.•7 views

PT-2026-20325

Name of the Vulnerable Software and Affected Versions Rack versions prior to 2.2.22 Rack versions prior to 3.1.20 Rack versions prior to 3.2.5 Description Rack’s Rack::Directory component generates HTML directory indexes with clickable links for each file entry. If a file exists with a basename...

10CVSS5.2AI score0.35376EPSS

Exploits9References120

Positive Technologies•added 2026/01/01 12:0 a.m.•5 views

PT-2026-27400

Name of the Vulnerable Software and Affected Versions Firefox versions prior to 149 Firefox ESR versions prior to 140.9 Thunderbird versions prior to 149 Thunderbird versions prior to 140.9 Description A use-after-free issue exists in the JavaScript Engine component. This condition occurs when...

10CVSS6AI score0.01279EPSS

Exploits1References236

RedhatCVE•added 2025/12/31 8:0 p.m.•6 views

CVE-2025-69210

FacturaScripts is open-source enterprise resource planning and accounting software. Prior to version 2025.7, a stored cross-site scripting XSS vulnerability exists in the product file upload functionality. Authenticated users can upload crafted XML files containing executable JavaScript. These...

5.1CVSS6.2AI score0.00981EPSS

Exploits2References1

GithubExploit•added 2025/12/31 8:42 a.m.•196 views

ASLR-bypass-simulation

ASLR Bypass Simulator An interactive educational web applicat...

7.2AI score

Exploits0

RedhatCVE•added 2025/12/31 8:10 a.m.•4 views

CVE-2025-15355

ISOinsight developed by NetVision Information has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks...

6.1CVSS7.1AI score0.00205EPSS

Exploits0References1

Patchstack•added 2025/12/31 12:0 a.m.•7 views

WordPress NextGEN Gallery plugin <= 3.59.11 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via ThickBox JavaScript Library vulnerability

Authenticated Contributor+ Stored DOM-Based Cross-Site Scripting via ThickBox JavaScript Library vulnerability discovered by Webbernaut in WordPress Plugin NextGEN Gallery versions = 3.59.11...

6.4CVSS5.9AI score0.00225EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/12/31 12:0 a.m.•6 views

WordPress JS Archive List plugin <= 6.1.5 - Unauthenticated SQL Injection via build_sql_where Function vulnerability

Unauthenticated SQL Injection via buildsqlwhere Function vulnerability discovered by mikemyers in WordPress Plugin JS Archive List versions = 6.1.5...

7.5CVSS6AI score0.00465EPSS

Exploits0References1Affected Software1

IBM Security Bulletins•added 2025/12/30 5:56 p.m.•8 views

Security Bulletin: IBM Storage Ceph is vulnerable to Cross-site Scripting in npm-serialize-javascript (CVE-2024-11831)

Summary npm-serialize-javascript is used by IBM Storage Ceph in assorted components. CVE-2024-11831 Vulnerability Details CVEID:CVE-2024-11831 DESCRIPTION: A flaw was found in npm-serialize-javascript. The vulnerability occurs because the serialize-javascript module does not properly sanitize...

5.4CVSS5.9AI score0.01006EPSS

Exploits0Affected Software1

Cvelist•added 2025/12/30 7:33 a.m.•20 views

CVE-2025-15355 NetVision Information｜ISOinsight - Reflected Cross-site Scripting

6.1CVSS0.00205EPSS

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by