CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

405 matches found

The Hacker News•added 2026/04/21 6:18 p.m.•7 views

SystemBC C2 Server Reveals 1,570+ Victims in The Gentlemen Ransomware Operation

Threat actors associated with The Gentlemen ransomware‑as‑a‑service RaaS operation have been observed attempting to deploy a known proxy malware called SystemBC. According to new research published by Check Point, the command-and-control C2 or C&C server linked to SystemBC has led to the discover...

5.8AI score

Exploits0

RedhatCVE•added 2026/03/26 3:18 p.m.•0 views

CVE-2026-3951

A security flaw has been discovered in LockerProject Locker 0.0.0/0.0.1/0.1.0. Affected is the function authIsAwesome of the file source-code/Locker-master/Ops/registry.js of the component Error Response Handler. The manipulation of the argument ID results in cross site scripting. The attack can ...

5.3CVSS4.1AI score0.0005EPSS

Exploits0References1

NVD•added 2026/03/11 8:16 p.m.•3 views

CVE-2026-3951

5.3CVSS0.0005EPSS

Exploits0References6

OSV•added 2026/03/11 8:16 p.m.•2 views

CVE-2026-3951

4.3CVSS4.1AI score0.0005EPSS

Exploits0References6

CVE•added 2026/03/11 7:32 p.m.•16 views

CVE-2026-3951

CVE-2026-3951 pertains to LockerProject Locker versions 0.0.0/0.0.1/0.1.0. The vulnerability lies in the function authIsAwesome in file source-code/Locker-master/Ops/registry.js (component: Error Response Handler), where manipulation of the argument ID enables cross-site scripting. The issue is e...

5.3CVSS4.3AI score0.0005EPSS

Exploits0References6

Cvelist•added 2026/03/11 7:32 p.m.•24 views

CVE-2026-3951 LockerProject Locker Error Response registry.js authIsAwesome cross site scripting

5.3CVSS0.0005EPSS

Exploits0References6

Vulnrichment•added 2026/03/11 7:32 p.m.•0 views

CVE-2026-3951 LockerProject Locker Error Response registry.js authIsAwesome cross site scripting

5.3CVSS4.3AI score0.0005EPSS

Exploits0References6

CNNVD•added 2026/03/11 12:0 a.m.•3 views

Locker 代码注入漏洞

Locker is an open-source personal data aggregation and management platform developed by The Locker Project. Versions 0.0.0, 0.0.1, and 0.1.0 of Locker contain code injection vulnerabilities. These vulnerabilities stem from incorrect operations on the authIsAwesome parameter ID in the file...

5.3CVSS5.7AI score0.0005EPSS

Exploits0References6

RedhatCVE•added 2026/01/07 9:10 a.m.•6 views

CVE-2019-12834

In HT2 Labs Learning Locker 3.15.1, it's possible to inject malicious HTML and JavaScript code into the DOM of the website via the PATHINFO to the dashboards/ URI...

7.3CVSS6.8AI score0.00227EPSS

Exploits1References1

CNVD•added 2025/11/27 12:0 a.m.•3 views

WordPress Locker Content plugin Information Disclosure Vulnerability

The WordPress Locker Content plugin is a tool for locking content in WordPress websites, usually by restricting access through email subscriptions, user permissions, etc. An information disclosure vulnerability exists in WordPress Locker Content plugin, which originates from the lockercosubmitpos...

5.3CVSS6.2AI score0.00046EPSS

Exploits0References1

RedhatCVE•added 2025/11/26 7:58 a.m.•6 views

CVE-2025-12525

The Locker Content plugin for WordPress is vulnerable to Sensitive Information Exposure in version 1.0.0 via the 'lockercosubmitpost' AJAX endpoint. This makes it possible for unauthenticated attackers to extract content from posts that has been protected by the plugin...

5.3CVSS6.4AI score0.00046EPSS

Exploits0References1

NVD•added 2025/11/25 8:15 a.m.•3 views

CVE-2025-12525

5.3CVSS0.00046EPSS

Exploits0References3

CVE•added 2025/11/25 7:28 a.m.•14 views

CVE-2025-12525

CVE-2025-12525 affects the WordPress plugin Locker Content (version 1.0.0 and earlier). The vulnerability arises from the lockerco_submit_post AJAX endpoint, which allows unauthenticated attackers to perform an information disclosure by extracting content from posts protected by the plugin. Accor...

5.3CVSS6AI score0.00046EPSS

Exploits0References3

EUVD•added 2025/11/25 7:28 a.m.•1 views

EUVD-2025-199575

5.3CVSS5.9AI score0.00046EPSS

Exploits0References3

Vulnrichment•added 2025/11/25 7:28 a.m.•4 views

CVE-2025-12525 Locker Content <= 1.0.0 - Unauthenticated Information Exposure

5.3CVSS6AI score0.00046EPSS

Exploits0References3

Cvelist•added 2025/11/25 7:28 a.m.•12 views

CVE-2025-12525 Locker Content <= 1.0.0 - Unauthenticated Information Exposure

5.3CVSS0.00046EPSS

Exploits0References3

Patchstack•added 2025/11/25 12:26 a.m.•4 views

WordPress Locker Content plugin <= 1.0.0 - Unauthenticated Information Exposure vulnerability

Unauthenticated Information Exposure vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin Locker Content versions = 1.0.0...

5.3CVSS6.9AI score0.00046EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2025/11/25 12:0 a.m.•4 views

PT-2025-47998

The Locker Content plugin for WordPress is vulnerable to Sensitive Information Exposure in version 1.0.0 via the 'lockerco submit post' AJAX endpoint. This makes it possible for unauthenticated attackers to extract content from posts that has been protected by the plugin...

5.3CVSS6.4AI score0.00046EPSS

Exploits0References3

CNNVD•added 2025/11/25 12:0 a.m.•1 views

WordPress plugin Locker Content 信息泄露漏洞

5.3CVSS6AI score0.00046EPSS

Exploits0References3

CNNVD•added 2025/11/19 12:0 a.m.•3 views

FileCodeBox 安全漏洞

FileCodeBox is a file courier locker for vastsa personal developers. Files can be shared with an anonymous password. A security vulnerability exists in FileCodeBox 2.2 and earlier versions, which stems from path traversal and could lead to arbitrary file writes...

7.5CVSS6.7AI score0.00077EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by