CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

2255 matches found

NVD•added 2026/05/27 8:16 p.m.•5 views

CVE-2026-8360

Function calls to WOSCommonUtil.dll!WOSSysInfoGetDeviceInterface in various DLLs i.e., WOSProfileMgrModule.dll, WOSWebDavModule.dll can return a NULL pointer i.e., when no user is logged into the Triofox Server Agent Management Console. The returned NULL pointer is not checked before being...

7.5CVSS0.00053EPSS

Exploits0References1

ATTACKERKB•added 2026/05/27 7:47 p.m.•4 views

CVE-2026-8360

7.5CVSS5.8AI score0.00053EPSS

Exploits0References2

NVD•added 2026/05/21 2:16 p.m.•7 views

CVE-2025-71210

A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations. Please note: although this vulnerability carries a technical critical CVSS rating, this was reported via responsible disclosure via...

9.8CVSS0.00552EPSS

Exploits0References2

CVE•added 2026/05/21 1:2 p.m.•9 views

CVE-2025-71211

CVE-2025-71211 concerns Trend Micro Apex One Console; a directory traversal vulnerability enables remote code execution on affected installations. The ZDI advisory notes that the Apex One Console, listening on ports 8080 and 4343, allows remote attackers to execute arbitrary code without authenti...

9.8CVSS7.6AI score0.00566EPSS

Exploits0References2Affected Software1

EUVD•added 2026/05/21 1:2 p.m.•6 views

EUVD-2025-209911

A vulnerability in the Trend Micro Apex One management console could allow a remote attacker to upload malicious code and execute commands on affected installations. This vulnerability is similar in scope to CVE-2025-71210 but affects a different executable. Please note: although this vulnerabili...

9.8CVSS7.7AI score0.00566EPSS

Exploits0References2

Vulnrichment•added 2026/05/21 1:2 p.m.•4 views

CVE-2025-71211

9.8CVSS7.6AI score0.00566EPSS

Exploits0References2

ATTACKERKB•added 2026/05/21 1:1 p.m.•3 views

CVE-2025-71210

9.8CVSS7.7AI score0.00552EPSS

Exploits0References3

Vulnrichment•added 2026/05/21 1:1 p.m.•1 views

CVE-2025-71210

9.8CVSS7.7AI score0.00552EPSS

Exploits0References2

CVE•added 2026/05/21 1:1 p.m.•12 views

CVE-2025-71210

CVE-2025-71210 affects the Trend Micro Apex One management console. The connected sources describe a path traversal vulnerability in the console that could allow a remote attacker to upload and execute code, with exploitation possible when an attacker has access to the console. Affected products ...

9.8CVSS7.6AI score0.00552EPSS

Exploits0References2Affected Software1

Cvelist•added 2026/05/21 1:1 p.m.•36 views

CVE-2025-71210

9.8CVSS0.00552EPSS

Exploits0References2

EUVD•added 2026/05/21 1:1 p.m.•4 views

EUVD-2025-209909

9.8CVSS7.7AI score0.00552EPSS

Exploits0References2

CNNVD•added 2026/05/21 12:0 a.m.•4 views

Trend Micro Apex One 路径遍历漏洞

Trend Micro Apex One is a terminal protection software developed by Trend Micro, a US-based company. Trend Micro Apex One has a path traversal vulnerability, which originates from the management console. This vulnerability could allow remote attackers to upload malicious code and execute commands...

9.8CVSS7.6AI score0.00566EPSS

Exploits0References1

CNNVD•added 2026/05/21 12:0 a.m.•5 views

Trend Micro Apex One 路径遍历漏洞

9.8CVSS7.6AI score0.00552EPSS

Exploits0References1

CNNVD•added 2026/05/09 12:0 a.m.•5 views

PgBouncer 安全漏洞

PgBouncer is an open-source, lightweight connection pool for PostgreSQL developed by the PgBouncer community. Prior to version 1.25.2, PgBouncer had a security vulnerability. This vulnerability stemmed from insufficient authorization checks for the KILLCLIENT management command. As long as users...

4.3CVSS5.9AI score0.00013EPSS

Exploits0References2

NVD•added 2026/05/07 10:16 p.m.•7 views

CVE-2026-8106

A reflected HTML injection vulnerability was identified in the GitHub Enterprise Server Management Console login page that could allow credential theft. The redirectto query parameter on the /setup/unlock endpoint was reflected into an HTML attribute without proper sanitization, enabling an...

6.1CVSS0.00028EPSS

Exploits0References2

CVE•added 2026/05/07 9:18 p.m.•7 views

CVE-2026-8106

CVE-2026-8106 describes a reflected HTML injection in the GitHub Enterprise Server Management Console login page. The vulnerability lies in the redirect_to query parameter on the /setup/unlock endpoint, which is reflected into an HTML attribute without proper sanitization. An attacker could entic...

6.1CVSS5.8AI score0.00028EPSS

Exploits0References2Affected Software1

ATTACKERKB•added 2026/05/07 9:18 p.m.•4 views

CVE-2026-8106

5.9CVSS5.8AI score0.00028EPSS

Exploits0References3Affected Software1

Cvelist•added 2026/05/07 9:18 p.m.•32 views

CVE-2026-8106 Reflected HTML injection vulnerability in GitHub Enterprise Server Management Console login page allowed credential theft

5.9CVSS0.00028EPSS

Exploits0References2

Vulnrichment•added 2026/05/07 9:18 p.m.•7 views

CVE-2026-8106 Reflected HTML injection vulnerability in GitHub Enterprise Server Management Console login page allowed credential theft

5.9CVSS5.8AI score0.00028EPSS

Exploits0References2

Positive Technologies•added 2026/05/07 12:0 a.m.•5 views

PT-2026-38595

Name of the Vulnerable Software and Affected Versions GitHub Enterprise Server versions 3.19.1 through 3.19.5 GitHub Enterprise Server versions 3.20.0 through 3.20.1 Description A reflected HTML injection issue exists in the Management Console login page. The redirect to query parameter on the...

5.9CVSS5.8AI score0.00028EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by