CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

12 matches found

GithubExploit•added 2026/05/18 5:14 p.m.•46 views

db-security-ctf

Database Security – CTF Vulnerability Lab SEC304 / CN5134...

5.8AI score

Exploits0

CNNVD•added 2026/04/17 12:0 a.m.•5 views

FastGPT 安全漏洞

FastGPT is an open-source knowledge base question-answering system based on large language models developed by Labring. Versions of FastGPT prior to 4.14.9.5 contained a security vulnerability. This vulnerability stemmed from the password-changing endpoint, which was vulnerable to NoSQL injection...

8.8CVSS5.8AI score0.00035EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-0407

Malware in sbrugna...

9.8CVSS9.3AI score0.03332EPSS

Exploits1References5

CNNVD•added 2022/09/23 12:0 a.m.•1 views

Rocket.Chat 安全漏洞

Rocket.Chat is an open source team chat software. Chat 5.0 before the version of the information leakage vulnerability, the vulnerability stems from /api/v1/chat.getThreadsList lack of user input cleanup, an attacker can exploit the vulnerability through the Mongo DB injection will be private...

4.3CVSS6.9AI score0.00452EPSS

Exploits1References2

Positive Technologies•added 2022/09/23 12:0 a.m.•1 views

PT-2022-21163 · Unknown · Rocket.Chat

Name of the Vulnerable Software and Affected Versions: Rockert.Chat versions prior to 5 Description: A information disclosure issue exists due to the lack of sanitization of user inputs in the /api/v1/chat.getThreadsList endpoint, which can leak private thread messages to unauthorized users via...

4.3CVSS4.2AI score0.00452EPSS

Exploits1References5

Hacker One•added 2021/11/22 10:33 a.m.•18 views

Rocket.Chat: Message ID Enumeration with Action Link Handler

Summary The actionLinkHandler method was found to allow Message ID Enumeration with Regex MongoDB queries. Releases Affected: The Meteor method actionLinkHandler calls an actionLinks wrapper getMessage to find affected messages: javascript Meteor.methods actionLinkHandlername, messageId if...

4CVSS1AI score0.0042EPSS

Exploits1

Hacker One•added 2020/09/17 1:5 a.m.•98 views

GitHub Security Lab: Java : add MongoDB injection sinks

This bug was reported directly to GitHub Security Lab...

1.2AI score

Exploits0