CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

525 matches found

OSV•added 2026/05/19 12:0 a.m.•3 views

ALSA-2026:18597 Low: NetworkManager security update

NetworkManager is a system network service that manages network devices and connections, attempting to keep active network connectivity when available. Its capabilities include managing Ethernet, wireless, mobile broadband WWAN, and PPPoE devices, as well as providing VPN integration with a varie...

3.3CVSS5.8AI score0.00004EPSS

Exploits0References4

RedhatCVE•added 2026/01/09 12:36 p.m.•3 views

CVE-2023-49898

In streampark, there is a project module that integrates Maven's compilation capability. However, there is no check on the compilation parameters of Maven. allowing attackers to insert commands for remote command execution, The prerequisite for a successful attack is that the user needs to log in...

7.2CVSS7.2AI score0.01896EPSS

Exploits0References1

Positive Technologies•added 2026/01/09 12:0 a.m.•2 views

PT-2026-2166

Name of the Vulnerable Software and Affected Versions wpDiscuz versions prior to 7.6.47 Description The software contains a stored cross-site scripting issue that permits authenticated attackers to inject malicious JavaScript. This is achieved by importing a specially crafted options file...

6.3CVSS5.7AI score0.00059EPSS

Exploits0References8

Patchstack•added 2025/12/31 12:59 p.m.•6 views

WordPress Curator.io plugin <= 1.9.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Jarno Vos jrn5151 in WordPress Plugin Curator.io versions = 1.9.5...

6.5CVSS5.9AI score0.00024EPSS

Exploits0Affected Software1

Patchstack•added 2025/12/23 7:9 p.m.•7 views

WordPress WP JobHunt plugin <= 7.7 - Authenticated (Candidate+) Insecure Direct Object Reference vulnerability

Authenticated Candidate+ Insecure Direct Object Reference vulnerability discovered by meghnine islem - CYBEARS in WordPress Plugin WP JobHunt versions = 7.7...

4.3CVSS6.8AI score0.00036EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/12/06 12:17 a.m.•3 views

WordPress CSS3 Buttons plugin <= 0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode Attributes vulnerability discovered by Gilang - DJ in WordPress Plugin CSS3 Buttons versions = 0.1...

6.4CVSS5.6AI score0.00031EPSS

Exploits0References1Affected Software1

Patchstack•added 2025/10/15 1:6 a.m.•2 views

WordPress Digiseller plugin <= 1.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zaim in WordPress Plugin Digiseller versions = 1.3.0...

6.4CVSS5.5AI score0.0004EPSS

Exploits0References1Affected Software1