CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

87 matches found

OSV•added 2026/05/14 3:47 p.m.•0 views

MINI-H5CG-27MG-25MH

Bulletin has no description...

6.5CVSS5.7AI score0.00042EPSS

Exploits0

CNNVD•added 2026/04/25 12:0 a.m.•6 views

Cesanta Mongoose 数据伪造问题漏洞

Cesanta Mongoose is a set of embedded server libraries developed by the Irish company Cesanta. It includes functions for TCP and HTTP clients and servers, as well as WenSocket clients and servers. Versions of Cesanta Mongoose 7.20 and earlier contained a data manipulation vulnerability. This...

6.3CVSS5.7AI score0.0001EPSS

Exploits1References1

Debian CVE•added 2026/04/02 8:0 a.m.•2 views

CVE-2026-5244

A vulnerability has been found in Cesanta Mongoose up to 7.20. This affects the function mgtlsrecvcert of the file mongoose.c of the component TLS 1.3 Handler. Such manipulation of the argument pubkey leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been...

9.8CVSS7.6AI score0.00099EPSS

Exploits1

Vulnrichment•added 2026/02/23 2:2 a.m.•4 views

CVE-2026-2966 Cesanta Mongoose DNS Transaction ID dns.c mg_sendnsreq random values

A weakness has been identified in Cesanta Mongoose up to 7.20. The impacted element is the function mgsendnsreq of the file /src/dns.c of the component DNS Transaction ID Handler. Executing a manipulation of the argument random can lead to insufficiently random values. The attack can be launched...

6.3CVSS4.6AI score0.00168EPSS

Exploits1References5

CVE•added 2026/02/23 2:2 a.m.•10 views

CVE-2026-2966

Cesanta Mongoose

6.3CVSS4.8AI score0.00168EPSS

Exploits1References5Affected Software1

Cvelist•added 2026/01/09 11:15 a.m.•27 views

CVE-2025-13892 MG AdvancedOptions <= 1.2 - Reflected Cross-Site Scripting

The MG AdvancedOptions plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the $SERVER'PHPSELF' variable in all versions up to, and including, 1.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

6.1CVSS0.00022EPSS

Exploits0References3

Patchstack•added 2026/01/09 9:1 a.m.•4 views

WordPress MG AdvancedOptions plugin <= 1.2 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Abdulsamad Yusuf 0xVenus - Envorasec in WordPress Plugin MG AdvancedOptions versions = 1.2...

6.1CVSS6.3AI score0.00022EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2026/01/09 12:0 a.m.•3 views

PT-2026-1720

Name of the Vulnerable Software and Affected Versions MG AdvancedOptions versions prior to 1.3 Description The MG AdvancedOptions plugin for WordPress is susceptible to Reflected Cross-Site Scripting due to inadequate input sanitization and output escaping. This allows unauthenticated attackers t...

6.1CVSS6AI score0.00022EPSS

Exploits0References7

CNNVD•added 2026/01/09 12:0 a.m.•2 views

WordPress plugin MG AdvancedOptions 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

6.1CVSS5.9AI score0.00022EPSS

Exploits0References3

EUVD•added 2025/12/12 10:24 p.m.•2 views

EUVD-2025-203177

PCSX2 is a free and open-source PlayStation 2 PS2 emulator. In versions 2.5.377 and below, an unchecked offset and size used in a memcpy operation inside PCSX2's CDVD SCMD 0x91 and SCMD 0x8F handlers allow a specially crafted disc image or ELF to cause an out-of-bounds read from emulator memory...

5.3CVSS6.2AI score0.00057EPSS

Exploits0References3

Debian CVE•added 2025/12/12 10:24 p.m.•3 views

CVE-2025-67749

5.3CVSS5.4AI score0.00057EPSS

Exploits0

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2010-4756

Malware in sbrugna...

7.5CVSS6.4AI score0.01135EPSS

Exploits1References7

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2014-0396

Malware in sbrugna...

7.8CVSS6.4AI score0.15531EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-2730

Malicious code in bioql PyPI...

7.1CVSS8.7AI score0.00152EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-45500

Malicious code in bioql PyPI...

7.1CVSS8.7AI score0.00242EPSS

Exploits0References1

OSSF Malicious Packages•added 2025/08/14 6:52 p.m.•2 views

Malicious code in mg-graph (npm)

The package mg-graph was found to contain malicious code...

7AI score

Exploits0

OSV•added 2025/08/14 6:52 p.m.•1 views

MAL-2025-26277 Malicious code in mg-graph (npm)

The package mg-graph was found to contain malicious code...

7.2AI score

Exploits0

RedhatCVE•added 2025/02/06 2:27 a.m.•4 views

CVE-2025-22330

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mahesh Waghmare MG Parallax Slider mg-parallax-slider allows Reflected XSS.This issue affects MG Parallax Slider: from n/a through = 1.0...

7.1CVSS7.2AI score0.00152EPSS

Exploits0References1

RedhatCVE•added 2025/02/05 3:18 a.m.•3 views

CVE-2024-51701

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Mahesh Waghmare MG Post Contributors mg-post-contributors allows Reflected XSS.This issue affects MG Post Contributors: from n/a through = 1.3...

7.1CVSS7.2AI score0.00242EPSS

Exploits0References1

NVD•added 2025/01/09 4:16 p.m.•3 views

CVE-2025-22330

7.1CVSS0.00152EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by