CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

18 matches found

GithubExploit•added 2026/02/16 12:58 p.m.•249 views

Exploit for CVE-2025-49132

CVE-2025-49132 - Pterodactyl Panel Exploit ⚠️ Disclaimer...

10CVSS6.9AI score0.13105EPSS

Exploits28

EUVD•added 2025/10/07 12:30 a.m.•10 views

EUVD-2018-9808

Malware in sbrugna...

6.1CVSS6.3AI score0.12763EPSS

Exploits2References2

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-44050

Malicious code in bioql PyPI...

8.8CVSS8.7AI score0.00927EPSS

Exploits0References3

Snyk•added 2025/06/19 7:55 p.m.•8 views

Arbitrary Code Injection

Overview pterodactyl/panel is a game management panel. Affected versions of this package are vulnerable to Arbitrary Code Injection via the /locales/locale.json endpoint when processing the locale and namespace query parameters. An attacker can execute arbitrary code on the server by sending...

10CVSS6.2AI score0.13105EPSS

Exploits28References2

RedhatCVE•added 2025/05/22 11:5 p.m.•11 views

CVE-2022-40784

Unlimited strcpy on user input when setting a locale file leads to stack buffer overflow in mIPC camera firmware 5.3.1.2003161406...

8.8CVSS7.5AI score0.00927EPSS

Exploits0References1

OSV•added 2022/09/26 4:15 p.m.•2 views

CVE-2022-40784

Unlimited strcpy on user input when setting a locale file leads to stack buffer overflow in mIPC camera firmware 5.3.1.2003161406...

8.8CVSS6AI score0.00927EPSS

Exploits0References2

NVD•added 2022/09/26 4:15 p.m.•18 views

CVE-2022-40784

Unlimited strcpy on user input when setting a locale file leads to stack buffer overflow in mIPC camera firmware 5.3.1.2003161406...

8.8CVSS0.00927EPSS

Exploits0References2

Prion•added 2022/09/26 4:15 p.m.•13 views

Stack overflow

Unlimited strcpy on user input when setting a locale file leads to stack buffer overflow in mIPC camera firmware 5.3.1.2003161406...

6.5CVSS8.8AI score0.00927EPSS

Exploits0References1Affected Software1

NVD•added 2022/09/26 3:15 p.m.•7 views

CVE-2022-40785

Unsanitized input when setting a locale file leads to shell injection in mIPC camera firmware 5.3.1.2003161406. This allows an attacker to gain remote code execution on cameras running the firmware when a victim logs into a specially crafted mobile app...

8.8CVSS0.0196EPSS

Exploits0References2

Prion•added 2022/09/26 3:15 p.m.•12 views

Remote code execution

6.5CVSS9.1AI score0.0196EPSS

Exploits0References1Affected Software1

CVE•added 2022/09/26 3:0 p.m.•47 views

CVE-2022-40784

CVE-2022-40784 affects mIPC camera firmware version 5.3.1.2003161406. The issue is an unlimited strcpy on user input when setting a locale file, which leads to a stack buffer overflow. CVSS v3.1 metrics indicate a high severity (8.8) with network attack vector, low attack complexity and low privi...

8.8CVSS8.8AI score0.00927EPSS

Exploits0References2Affected Software1

Tenable Nessus•added 2022/04/18 12:0 a.m.•36 views

EulerOS Virtualization 2.10.1 : babel (EulerOS-SA-2022-1367)

According to the versions of the babel package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Babel.Locale in Babel before 2.9.1 allows attackers to load arbitrary locale .dat files containing serialized Python objects via...

7.8CVSS8AI score0.00722EPSS

Exploits1References2

RedHat Linux•added 2021/08/24 12:50 p.m.•3 views

python-babel: Relative path traversal allows attacker to load arbitrary locale files and execute arbitrary code

A flaw was found in python-babel. A path traversal vulnerability was found in how locale data files are checked and loaded within python-babel, allowing a local attacker to trick an application that uses python-babel to load a file outside of the intended locale directory. The highest threat from...

7.3AI score

Exploits0References5

CNVD•added 2018/10/10 12:0 a.m.•7 views

WordPress WPML plugin cross-site scripting vulnerability

WordPress is the WordPress Software Foundation of a set of PHP language development of the blogging platform, the platform supports PHP and MySQL servers to set up a personal blog site. WPML also known as sitepress-multilingual-cms is used in one of the multi-language support plug-ins. A cross-si...

6.1CVSS5.7AI score0.12763EPSS

Exploits2References1

OSV•added 2018/10/08 10:29 p.m.•3 views

CVE-2018-18069

processforms in the WPML aka sitepress-multilingual-cms plugin through 3.6.3 for WordPress has XSS via any localefilename parameter such as localefilenameen in an authenticated theme-localization.php request to wp-admin/admin.php...

6.1CVSS5.8AI score0.12763EPSS

Exploits2References1

OSV•added 2010/03/05 7:30 p.m.•2 views

DEBIAN-CVE-2010-0393

The cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1, relies on an environment variable to determine the file that provides localized message strings, which allows local users to gain privileges via a file that contains crafted localization data with...

6.9CVSS7AI score0.0032EPSS

Exploits0References1

Packet Storm•added 2007/02/28 12:0 a.m.•31 views

sqllitemanager120-multi.txt

SQLiteManager v1.2.0 Multiple Vulnerabilities ------------------------------------------------------- vendor : http://www.sqlitemanager.org/ Global risk : High ------------------------------------------------------- SQLite is a SQL managed portal like PhpMyAdmin. Multiple Cross Scripting...

7.4AI score

Exploits0

securityvulns•added 2007/02/26 12:0 a.m.•53 views

SQLiteManager v1.2.0 Multiple Vulnerabilities

0.3AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by