CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

81 matches found

Cvelist•added 2026/06/05 7:31 p.m.•27 views

CVE-2026-25623 Arista Edge Threat Management NGFW UI Arbitrary Command Execution

An input validation command execution vulnerability exists in the browser management pipeline of Arista Edge Threat Management - Arista Next Generation Firewall NGFW. Authenticated administrators can leverage this exposure to obtain underlying terminal script code processing execution permissions...

7CVSS0.06174EPSS

Exploits0References1

Cvelist•added 2026/05/27 3:7 p.m.•39 views

CVE-2026-44839 RabbitMQ: Unsanitized vhost names allow for XSS in management UI

RabbitMQ is a messaging and streaming broker. From 3.7.0 to before 4.1.2 and 4.0.13, This vulnerability is fixed in 4.1.2 and 4.0.13...

5.6CVSS0.0018EPSS

Exploits0References2

NVD•added 2026/05/13 10:16 p.m.•12 views

CVE-2026-44194

OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.8, an authenticated Remote Code Execution RCE vulnerability in the OPNsense core allows a user with user-management privileges to execute arbitrary system commands as root. An attacker can bypass input validation by formatti...

9.1CVSS0.06355EPSS

Exploits1References1

RedhatCVE•added 2026/03/26 5:0 p.m.•4 views

CVE-2026-20114

A vulnerability in the Lobby Ambassador web-based management API of Cisco IOS XE Software could allow an authenticated, remote attacker to elevate their privileges and access management APIs that would not normally be available for Lobby Ambassador users. This vulnerability exists because...

5.4CVSS5.9AI score0.00284EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:21 a.m.•8 views

CVE-2021-22987

On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, 12.1.x before 12.1.5.3, and 11.6.x before 11.6.5.3 when running in Appliance mode, the Traffic Management User Interface TMUI, also referred to as the Configuration utility, has an...

9.9CVSS7AI score0.13672EPSS

Exploits1References1

NVD•added 2026/01/07 5:16 p.m.•4 views

CVE-2026-22537

The lack of hardening of the system allows the user used to manage and maintain the charger to consult different files containing clear-text credentials or valuable information for an attacker...

6.8CVSS0.00114EPSS

Exploits0References1