CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5954 matches found

EUVD-2021-34847

Dräger Protector Software prior to version 6.4.2 contains a local privilege escalation vulnerability due to insecure file system permissions that allows local attackers to execute arbitrary code with elevated privileges. Attackers can replace binaries or loaded modules on the host system to execu...

8.3CVSS6.2AI score0.00015EPSS

Exploits0References3

Tenable Nessus•added 4 days ago•5 views

Multiple Node.js Modules compromised in npm supply chain attack (Shai-Hulud 'Miasma') (06/01/2026)

The remote host has a version of one or more Node.js modules installed known to be compromised in the Shai-Hulud 'Miasma' npm supply chain attack reported on 06/01/2026. This wave compromised 32 packages 96 versions published under the '@redhat-cloud-services' npm scope. It is tracked separately...

5.7AI score

Exploits0References2

Tenable Nessus•added 4 days ago•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-46104

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - selinux: use sk blob accessor in socket permission helpers SELinux socket state lives in the composite LSM socket blob. sockhasperm and nlmsgsockhasextendedperm...

5.8AI score0.00022EPSS

Exploits0References2

NVD•added 5 days ago•11 views

CVE-2021-4481

8.3CVSS0.00015EPSS

Exploits0References2

RedhatCVE•added 5 days ago•5 views

CVE-2026-46820

Vulnerability in the Oracle Financials Common Modules product of Oracle E-Business Suite component: Common Components. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

8.5CVSS5.8AI score0.00047EPSS

Exploits0References1

ATTACKERKB•added 5 days ago•6 views

CVE-2021-4481

8.3CVSS6.2AI score0.00015EPSS

Exploits0References3

Vulnrichment•added 5 days ago•5 views

CVE-2021-4481 Dräger Protector Software Local Privilege Escalation via Insecure File Permissions

8.3CVSS6.2AI score0.00015EPSS

Exploits0References2

ATTACKERKB•added 5 days ago•6 views

CVE-2021-4480

8.3CVSS6.2AI score0.00015EPSS

Exploits0References3

Cvelist•added 5 days ago•28 views

CVE-2026-9844 Vulnerability in navify® Digital Pathology

Use of default credentials vulnerability in Roche Diagnostics navify Digital Pathology RabbitMQ Management interface modules allows Default Usernames and Passwords. This issue affects navify Digital Pathology: from 2.0.0 before 2.4.1...

8.8CVSS0.00041EPSS

Exploits0References1

Positive Technologies•added 5 days ago•7 views

PT-2026-45861

Name of the Vulnerable Software and Affected Versions Dräger Protector Software versions prior to 6.4.2 Description Insecure file system permissions allow local attackers to execute arbitrary code with elevated privileges. This is achieved by replacing binaries or loaded modules on the host syste...

8.3CVSS6.2AI score0.00015EPSS

Exploits0References7

Positive Technologies•added 5 days ago•8 views

PT-2026-45860

8.3CVSS6AI score0.00015EPSS

Exploits0References7

Positive Technologies•added 5 days ago•6 views

PT-2026-45764

8.8CVSS5.8AI score0.00041EPSS

Exploits0References2

Cvelist•added 6 days ago•36 views

CVE-2026-48191 Wrong Permission Handling in Document Search Article Meta Filters

An incorrect handling of permissions in STORM powered by OTRS and in OTRS 2026.x and above Document Search Article Meta Filters modules allows gaining knowledge about number of affected CIs, SLA and services without gaining access to them. This issue affects OTRS with STORM modules: 7.0.X 8.0.X...

3.5CVSS0.00021EPSS

Exploits0References1

GithubExploit•added 6 days ago•78 views

Exploit-Databases

💥 Exploits Database & PoC Resources Koleksi exploit databas...

5.9AI score

Exploits0

OSSF Malicious Packages•added 2026/05/31 10:18 a.m.•12 views

Malicious code in js-shared-modules (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis adff3edac3c3ba1c04ba273f77d51c95d153b4e027ec4809b3d2f3c74a712a92 The OpenSSF Package Analysis project identified 'js-shared-modules' @ 1.11.7 npm as malicious. It is considered malicious because: - The package...

5.8AI score

Exploits0

OSV•added 2026/05/31 10:18 a.m.•3 views

MAL-2026-5098 Malicious code in js-shared-modules (npm)

5.8AI score

Exploits0

CVE•added 2026/05/30 2:55 p.m.•13 views

CVE-2018-25421

Open STA Manager 2.3 is affected by a path traversal vulnerability that lets authenticated users download arbitrary files by calling modules/backup/actions.php?op=getfile and traversing with ../ sequences to access sensitive system files. Affected component is the Open STA Manager implementation;...

7.1CVSS5.9AI score0.00045EPSS

Exploits0References4

Cvelist•added 2026/05/30 2:55 p.m.•29 views

CVE-2018-25421 Open STA Manager 2.3 Arbitrary File Download via Path Traversal

Open STA Manager 2.3 contains a path traversal vulnerability that allows authenticated users to download arbitrary files by manipulating the file parameter. Attackers can send GET requests to modules/backup/actions.php with op=getfile and traverse directories using ../ sequences to access sensiti...

7.1CVSS0.00045EPSS

Exploits0References4

Positive Technologies•added 2026/05/30 12:0 a.m.•6 views

PT-2026-45121

7.1CVSS5.9AI score0.00045EPSS

Exploits0References5

OSV•added 2026/05/29 6:8 p.m.•6 views

GHSA-R9PM-GXMW-WV6P NodeVM network builtin exclusions bypass via internal _http_client and _http_server

Summary NodeVM supports excluding public network builtins from the wildcard builtin option. With this configuration direct access to http, https, http2, net, dgram, tls, dns, and dns/promises is blocked. However, Node.js also exposes underscored internal HTTP builtins such as httpclient and...

8.6CVSS5.8AI score

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by