CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21393 matches found

Positive Technologies•added 2026/03/13 12:0 a.m.•3 views

PT-2026-25278

Missing Authorization vulnerability in codepeople WP Time Slots Booking Form wp-time-slots-booking-form allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Time Slots Booking Form: from n/a through = 1.2.42...

5.3CVSS5.8AI score0.00224EPSS

Exploits0References3

Positive Technologies•added 2026/03/13 12:0 a.m.•4 views

PT-2026-25193

Missing Authorization vulnerability in raratheme Travel Agency travel-agency allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Travel Agency: from n/a through = 1.5.5...

5.3CVSS5.8AI score0.00214EPSS

Exploits0References3

Positive Technologies•added 2026/03/13 12:0 a.m.•2 views

PT-2026-25171

Missing Authorization vulnerability in Iulia Cazan Latest Post Shortcode latest-post-shortcode allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Latest Post Shortcode: from n/a through = 14.2.1...

5.3CVSS5.8AI score0.0019EPSS

Exploits0References3

Positive Technologies•added 2026/03/13 12:0 a.m.•6 views

PT-2026-25234

Missing Authorization vulnerability in Noor Alam Checkout for PayPal checkout-for-paypal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Checkout for PayPal: from n/a through = 1.0.46...

5.3CVSS5.8AI score0.00219EPSS

Exploits0References4

Positive Technologies•added 2026/03/13 12:0 a.m.•5 views

PT-2026-25237

CVE-2026-32391 Missing Authorization vulnerability in linethemes SmartFix smartfix allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SmartFi… https://t.co/hbSN1SkTIO...

5.4CVSS5.8AI score0.00172EPSS

Exploits0References4

Positive Technologies•added 2026/03/13 12:0 a.m.•6 views

PT-2026-25297

CVE-2026-32453 Missing Authorization vulnerability in ThemeFusion Avada Core fusion-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Avada Core https://t.co/MrcqBgWlcR...

5.3CVSS5.8AI score0.00174EPSS

Exploits0References3

Positive Technologies•added 2026/03/13 12:0 a.m.•6 views

PT-2026-25280

CVE-2026-32434 Missing Authorization vulnerability in vowelweb VW Fitness vw-fitness allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VW Fi… https://t.co/gTrVyxN5zl...

5.3CVSS5.8AI score0.00233EPSS

Exploits0References3

Positive Technologies•added 2026/03/13 12:0 a.m.•7 views

PT-2026-25226

Missing Authorization vulnerability in raratheme Rara Academic rara-academic allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Rara Academic: from n/a through = 1.2.2...

5.3CVSS5.8AI score0.00214EPSS

Exploits0References3

Positive Technologies•added 2026/03/13 12:0 a.m.•3 views

PT-2026-25295

CVE-2026-32451 Missing Authorization vulnerability in ThemeFusion Fusion Builder fusion-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fusion Builder https://t.co/VVYvVRkuUr...

6.3CVSS5.8AI score0.00154EPSS

Exploits0References3

Positive Technologies•added 2026/03/13 12:0 a.m.•7 views

PT-2026-25271

Missing Authorization vulnerability in linknacional Payment Gateway Pix For GiveWP payment-gateway-pix-for-givewp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Payment Gateway Pix For GiveWP: from n/a through = 2.2.3...

5.3CVSS5.8AI score0.00214EPSS

Exploits0References3

Positive Technologies•added 2026/03/13 12:0 a.m.•6 views

PT-2026-25217

CVE-2026-32370 Missing Authorization vulnerability in raratheme Influencer influencer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Infl… https://t.co/deC4ZssEef...

5.3CVSS5.8AI score0.00224EPSS

Exploits0References3

Positive Technologies•added 2026/03/13 12:0 a.m.•5 views

PT-2026-25221

CVE-2026-32374 Missing Authorization vulnerability in raratheme The Minimal the-minimal allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Th… https://t.co/mwCtxwvW1v...

5.3CVSS5.8AI score0.00224EPSS

Exploits0References3

Positive Technologies•added 2026/03/13 12:0 a.m.•6 views

PT-2026-25283

CVE-2026-32437 Missing Authorization vulnerability in vowelweb VW Portfolio vw-portfolio allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects V… https://t.co/9JFCItlzb8...

5.3CVSS5.8AI score0.00243EPSS

Exploits0References3

Positive Technologies•added 2026/03/13 12:0 a.m.•6 views

PT-2026-25236

CVE-2026-32390 Missing Authorization vulnerability in linethemes Nanosoft nanosoft allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Nanosof… https://t.co/ZNLYYenynm...

5.8AI score0.00218EPSS

Exploits0References3

Tenable Nessus•added 2026/03/13 12:0 a.m.•4 views

SAP NetWeaver AS ABAP Missing Authorization Check (3704740)

The version of SAP NetWeaver AS ABAP and ABAP Platform detected on the remote host is affected by a missing authorization check vulnerability as referenced in the SAP Security Patch Day March 2026: - Due to a missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticat...

5CVSS6AI score0.0023EPSS

Exploits0References3

Tenable Nessus•added 2026/03/13 12:0 a.m.•4 views

SAP NetWeaver AS ABAP Missing Authorization Check (3694383)

The version of SAP NetWeaver AS ABAP and ABAP Platform detected on the remote host is affected by a missing authorization check vulnerability as referenced in the SAP Security Patch Day March 2026: - Due to missing authorization check in SAP NetWeaver Application Server for ABAP, an authenticated...

4.3CVSS5.9AI score0.00193EPSS

Exploits0References3

EUVD•added 2026/03/12 6:30 p.m.•7 views

EUVD-2026-11633

A Missing Authorization vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an unauthenticated attacker to access sensitive information through unprotected APIs...

6.9CVSS5.8AI score0.00268EPSS

Exploits0References2

NVD•added 2026/03/12 6:16 p.m.•11 views

CVE-2026-28254

A Missing Authorization vulnerability in Trane Tracer SC, Tracer SC+, and Tracer Concierge could allow an unauthenticated attacker to access sensitive information through unprotected APIs...

7.5CVSS0.00268EPSS

Exploits0References1

Cvelist•added 2026/03/12 6:13 p.m.•25 views

CVE-2026-32230 Uptime Kuma is Missing Authorization Checks on Ping Badge Endpoint, Leaks Ping times of monitors without needing to be on a status page

Uptime Kuma is an open source, self-hosted monitoring tool. From 2.0.0 to 2.1.3 , the GET /api/badge/:id/ping/:duration? endpoint in server/routers/api-router.js does not verify that the requested monitor belongs to a public group. All other badge endpoints check AND public = 1 in their SQL query...

5.3CVSS0.00905EPSS

Exploits1References5

CVE•added 2026/03/12 5:29 p.m.•11 views

CVE-2026-28254

CVE-2026-28254 affects Trane Tracer SC, Tracer SC+, and Tracer Concierge. The connected sources describe a Missing Authorization vulnerability that could allow an unauthenticated attacker to access sensitive information via unprotected APIs. The NVD/NVD-derived metrics indicate network-based acce...

7.5CVSS5.8AI score0.00268EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by