CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

85593 matches found

MicroStrategy Library <11.1.3 - Cross-Site Scripting

MicroStrategy Library before 11.1.3 contains a cross-site scripting vulnerability. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other...

6.1CVSS6.1AI score0.05053EPSS

Exploits0References5

Nuclei•added 7 hours ago•35 views

Php-mod/curl Library <2.3.2 - Cross-Site Scripting

Php-mod/curl library before 2.3.2 contains a cross-site scripting vulnerability via the postfilepathupload.php key parameter and the POST data to postmultidimensional.php. An attacker can inject arbitrary script, which can allow theft of cookie-based authentication credentials and launch of other...

6.1CVSS6.1AI score0.01803EPSS

Exploits2References3

OSV•added yesterday•4 views

DEBIAN-CVE-2026-11527

Config::IniFiles versions before 3.001000 for Perl allow OS command injection and file overwrite via a 2-arg open of the -file argument in makefilehandle. Config::IniFiles::makefilehandle opens a filename argument with Perl's 2-arg open, so a filename that begins or ends with a pipe "| cmd", "cmd...

5.5AI score0.00264EPSS

Exploits0References1

OSV•added yesterday•7 views

ROOT-APP-MAVEN-CVE-2026-33558 CVE-2026-33558 in io.root.org.apache.kafka:kafka-clients - Patched by Root

Root has patched CVE-2026-33558 in the io.root.org.apache.kafka:kafka-clients package for Root:Maven. Multiple fixed versions available...

5.3CVSS5.8AI score0.00124EPSS

Exploits0

OSV•added yesterday•8 views

ROOT-APP-MAVEN-CVE-2024-38827 CVE-2024-38827 in io.root.org.springframework.security:spring-security-core - Patched by Root

Root has patched CVE-2024-38827 in the io.root.org.springframework.security:spring-security-core package for Root:Maven. Multiple fixed versions available...

4.8CVSS6.7AI score0.00399EPSS

Exploits0

OSV•added yesterday•5 views

ROOT-APP-PYPI-CVE-2026-0994 CVE-2026-0994 in rootio-protobuf - Patched by Root

Root has patched CVE-2026-0994 in the rootio-protobuf package for Root:PyPI. Multiple fixed versions available...

7.5CVSS5.4AI score0.00013EPSS

Exploits0

OSV•added yesterday•10 views

ECHO-ACFD-CCAB-2F14

Bulletin has no description...

8.5CVSS4.8AI score0.00018EPSS

Exploits0References2

OSV•added yesterday•6 views

ECHO-3BE4-5309-FE51

Bulletin has no description...

8.5CVSS4.8AI score0.00018EPSS

Exploits0References2

OSV•added yesterday•2 views

DEBIAN-CVE-2026-54421

In OpenStack Ironic through 35.0.1, when applying a PATCH to update fields in volume properties the user is authorized for, Ironic can return unredacted sensitive information such as iSCSI credentials. The PATCH outcome is a security issue; the POST outcome is not a security issue...

6.8CVSS5.3AI score0.00028EPSS

Exploits0References1

OSV•added 2 days ago•7 views

DEBIAN-CVE-2025-55641

Bulletin has no description...

5AI score

Exploits0References1

OSV•added 2 days ago•7 views

DEBIAN-CVE-2025-55662

Bulletin has no description...

5AI score

Exploits0References1