CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

RedhatCVE•added 2025/12/13 8:2 p.m.•1 views

CVE-2024-58305

WonderCMS 4.3.2 contains a cross-site scripting vulnerability that allows attackers to inject malicious JavaScript through the module installation endpoint. Attackers can craft a specially designed XSS payload to install a reverse shell module and execute remote commands by tricking an...

8.8CVSS6.1AI score0.0007EPSS

Exploits0References1

Positive Technologies•added 2025/09/15 12:0 a.m.•1 views

PT-2025-37571

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak was identified in the vkms init function within the kernel's drm/vkms module. This leak occurs when the vkms create function fails, but the memory allocated for config...

6.1AI score0.00022EPSS

Exploits0References6

SUSE CVE•added 2023/02/15 4:53 a.m.•1 views

SUSE CVE-2016-10345

In Phusion Passenger before 5.1.0, a known /tmp filename was used during passenger-install-nginx-module execution, which could allow local attackers to gain the privileges of the passenger user...

7.8CVSS6.8AI score0.00064EPSS

Exploits0References4

SUSE CVE•added 2023/02/15 4:43 a.m.•2 views

SUSE CVE-2017-10689

In previous versions of Puppet Agent it was possible to install a module with world writable permissions. Puppet Agent 5.3.4 and 1.10.10 included a fix to this vulnerability...

5CVSS8.9AI score0.00092EPSS

Exploits0References5

Veracode•added 2021/06/08 4:12 a.m.•22 views

Arbitrary File Write

calipso is vulnerable to arbitrary file write. A malicious module can overwrite files on an arbitrary file system through the module install functionality...

7.5CVSS2.9AI score0.00182EPSS

Exploits0References2Affected Software1

OSV•added 2021/06/07 9:15 p.m.•1 views

CVE-2021-23391

This affects all versions of package calipso. It is possible for a malicious module to overwrite files on an arbitrary file system through the module install functionality...

7.1CVSS5.9AI score0.00088EPSS

Exploits1References2

Prion•added 2021/06/07 9:15 p.m.•9 views

Design/Logic Flaw

This affects all versions of package calipso. It is possible for a malicious module to overwrite files on an arbitrary file system through the module install functionality...

3.6CVSS6.9AI score0.00088EPSS

Exploits1References2

ATTACKERKB•added 2021/06/07 8:37 p.m.•1 views

CVE-2021-23391

This affects all versions of package calipso. It is possible for a malicious module to overwrite files on an arbitrary file system through the module install functionality...

7.3CVSS5.5AI score0.00088EPSS

Exploits1References3

RedHat Linux•added 2020/09/01 7:32 p.m.•92 views

Important: Red Hat Security Advisory: Ansible security and bug fix update (2.8.15)

An update for ansible is now available for Ansible Engine 2.8 Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE...

7.1CVSS6.9AI score0.00243EPSS

Exploits2References2

NVD•added 2018/02/09 8:29 p.m.•19 views

CVE-2017-10689

In previous versions of Puppet Agent it was possible to install a module with world writable permissions. Puppet Agent 5.3.4 and 1.10.10 included a fix to this vulnerability...

5.5CVSS5.8AI score0.00092EPSS

Exploits0References3

CVE•added 2018/02/09 8:0 p.m.•123 views

CVE-2017-10689

CVE-2017-10689 affects Puppet-related tarball handling. According to connected advisories, Puppet could install modules with insecure permissions when unpacking tarballs, potentially enabling local code execution. Root cause: tar/mini.rb unpacking may preserve or impose unsafe permissions from th...

5.5CVSS5.5AI score0.00092EPSS

Exploits0References3Affected Software2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by