CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16 matches found

Cvelist•added 2026/04/17 7:52 p.m.•13 views

CVE-2026-32650 Anviz CrossChex Standard Algorithm Downgrade

Anviz CrossChex Standard is vulnerable when an attacker manipulates the TDS7 PreLogin to disable encryption, causing database credentials to be sent in plaintext and enabling unauthorized database access...

7.5CVSS0.00028EPSS

Exploits0References3

Github Security Blog•added 2026/03/24 7:48 p.m.•2 views

Parse Server: MFA recovery code single-use bypass via concurrent requests

Impact An attacker who obtains a user's password and a single MFA recovery code can reuse that recovery code an unlimited number of times by sending concurrent login requests. This defeats the single-use design of recovery codes. The attack requires the user's password, a valid recovery code, and...

2.7CVSS5.9AI score0.00032EPSS

Exploits0References7Affected Software1

CVE•added 2026/01/19 8:37 p.m.•20 views

CVE-2026-23849

CVE-2026-23849 – File Browser (github.com/filebrowser/filebrowser) shows a timing-based username enumeration flaw in the /api/login flow. The JSONAuth.Auth logic short-circuits when a user is not found, returning quickly, while a valid user triggers bcrypt password verification (users.CheckPwd) w...

5.3CVSS5.7AI score0.00237EPSS

Exploits1References2Affected Software1

RedhatCVE•added 2026/01/09 11:20 a.m.•1 views

CVE-2021-22410

There is a XSS injection vulnerability in iMaster NCE-Fabric V100R019C10. A module of the client does not verify the input sufficiently. Attackers can exploit this vulnerability by modifying input after logging onto the client. This may compromise the normal service of the client...

5.4CVSS6.7AI score0.00141EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2017-13000

Malware in sbrugna...

8.6CVSS8.7AI score0.01497EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2006-1051

Malware in sbrugna...

10CVSS6.4AI score0.00042EPSS

Exploits0References2

RedhatCVE•added 2025/05/22 10:10 p.m.•5 views

CVE-2022-39070

There is an access control vulnerability in some ZTE PON OLT products. Due to improper access control settings, remote attackers could use the vulnerability to log in to the device and execute any operation...

9.8CVSS7.2AI score0.00752EPSS

Exploits0References1

Positive Technologies•added 2025/04/18 12:0 a.m.•2 views

PT-2025-17337 · Seclore · Seclore

Name of the Vulnerable Software and Affected Versions: Seclore version 3.27.5.0 Description: An issue in the login page of Seclore allows attackers to bypass authentication via a brute force attack. Recommendations: For version 3.27.5.0, consider temporarily restricting access to the login page...

9.8CVSS6.4AI score0.00036EPSS

Exploits1References6

CNVD•added 2018/09/13 12:0 a.m.•3 views

Microsoft Windows Information Disclosure Vulnerability (CNVD-2018-18624)

Microsoft Windows Server 2016 and others are operating systems released by Microsoft Corporation in the U.S. Microsoft Windows Server 2016 is a set of server operating systems.Windows 8.1 is a set of operating systems for personal computers. An information disclosure vulnerability exists in...

5.5CVSS6.6AI score0.02807EPSS

Exploits0References1

CNVD•added 2018/04/11 12:0 a.m.•0 views

Microsoft Windows Kernel Information Disclosure Vulnerability (CNVD-2018-08571)

Microsoft Windows 10 and others are a series of operating systems released by Microsoft Corporation in the U.S. Windows kernel is one of the Windows system kernels. An information disclosure vulnerability exists in Microsoft Windows kernel. An attacker can exploit this vulnerability by logging on...

5.5CVSS6.1AI score0.12804EPSS

Exploits1References1

Cvelist•added 2017/10/19 8:0 a.m.•17 views

CVE-2017-3883

A vulnerability in the authentication, authorization, and accounting AAA implementation of Cisco Firepower Extensible Operating System FXOS and NX-OS System Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability occurs because AAA process...

8.6AI score0.01497EPSS

Exploits0References4

CNVD•added 2015/09/11 12:0 a.m.•1 views

Weak Password Vulnerability in Rico's NetShare VPN Security Gateway

Ruike NetShare Virtual Private Network Security Gateway is a product of Ruike Electronic Technology Co., Ltd. that establishes a private network on a public network. A weak password vulnerability exists in the Rico NetShare VPN Security Gateway. It allows an attacker to log in to the system and...

6.8AI score

Exploits0References1

securityvulns•added 2011/05/30 12:0 a.m.•44 views

Vulnerabilities in ADSL modem Callisto 821+

Hello 3APA3A! I want to warn you about security vulnerabilities in ADSL modem Callisto 821+ SI2000 Callisto821+ Router. These are Predictable Resource Location and Brute Force vulnerabilities. Predictable Resource Location WASC-34: http://192.168.1.1 web server on 80 and 8008 ports. The control...

1.2AI score

Exploits0

OSV•added 2010/05/03 12:0 a.m.•9 views

DSA-2041-1 mediawiki - cross-site request forgery

Bulletin has no description...

6CVSS6.3AI score0.00411EPSS

Exploits1

OSV•added 2008/12/09 12:30 a.m.•0 views

DEBIAN-CVE-2008-5394

/bin/login in shadow 4.0.18.1 in Debian GNU/Linux, and probably other Linux distributions, allows local users in the utmp group to overwrite arbitrary files via a symlink attack on a temporary file referenced in a line aka utline field in a utmp entry...

7.2CVSS6.7AI score0.00083EPSS

Exploits1References1