CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

19 matches found

Snyk•added 2026/05/06 7:32 p.m.•3 views

Binding to an Unrestricted IP Address

Overview Affected versions of this package are vulnerable to Binding to an Unrestricted IP Address which defaults to 0.0.0.0 when the -port argument is used or the -listen argument is used without specifying a host. An attacker can execute arbitrary code remotely by connecting to the exposed...

8.8CVSS5.9AI score0.00044EPSS

Exploits0References2

ATTACKERKB•added 2026/04/10 4:59 p.m.•2 views

CVE-2026-40160

PraisonAIAgents is a multi-agent teams system. Prior to 1.5.128, webcrawl's httpx fallback path passes user-supplied URLs directly to httpx.AsyncClient.get with followredirects=True and no host validation. An LLM agent tricked into crawling an internal URL can reach cloud metadata endpoints...

7.1CVSS5.8AI score0.0005EPSS

Exploits1References2Affected Software1

NVD•added 2026/04/06 5:17 p.m.•1 views

CVE-2026-35036

Ech0 is an open-source, self-hosted publishing platform for personal idea sharing. Prior to 4.2.8, Ech0 implements link preview editor fetches a page title through GET /api/website/title. That is legitimate product behavior, but the implementation is unsafe: the route is unauthenticated, accepts ...

7.5CVSS0.00065EPSS

Exploits1References1

Positive Technologies•added 2026/04/03 12:0 a.m.•4 views

PT-2026-30014

Summary Ech0 implements link preview editor fetches a page title through GET /api/website/title. That is legitimate product behavior, but the implementation is unsafe: the route is unauthenticated, accepts a fully attacker-controlled URL, performs a server-side GET, reads the entire response body...

7.5CVSS6AI score0.00065EPSS

Exploits1References4

OSV•added 2024/08/12 1:38 p.m.•1 views

UBUNTU-CVE-2024-22114

User with no permission to any of the Hosts can access and view host count & other statistics through System Information Widget in Global View Dashboard...

4.3CVSS5.8AI score0.00265EPSS

Exploits0References3

CNNVD•added 2024/08/12 12:0 a.m.•1 views

Zabbix 安全漏洞

Zabbix is an open source monitoring system from Zabbix. The system supports network monitoring, server monitoring, cloud monitoring and application monitoring. A security vulnerability exists in Zabbix versions 5.0.42, 6.0.30, 6.4.15, and 7.0.0rc2, which originates from the fact that a user witho...

4.3CVSS4.7AI score0.00265EPSS

Exploits0References3

NCSC•added 2022/08/24 12:0 a.m.•5 views

Vulnerability fixed in VMWare Tools

VMWare has fixed a vulnerability in VMWare Tools. A malicious person with user privileges in a virtual machine VM can exploit the vulnerability to grant himself elevated privileges and execute code with local administrator privileges in the vulnerable virtual machine. As far as is known, the...

7.8CVSS7.1AI score0.00067EPSS

Exploits0

Fedora•added 2022/02/25 5:3 p.m.•36 views

[SECURITY] Fedora 34 Update: qemu-5.2.0-9.fc34

QEMU is a generic and open source processor emulator which achieves a good emulation speed by using dynamic translation. QEMU has two operating modes: Full system emulation. In this mode, QEMU emulates a full system for example a PC, including a processor and various peripherials. It can be used ...

7.8CVSS8AI score0.00141EPSS

Exploits2

Microsoft CVE•added 2020/09/25 12:0 a.m.•2 views

The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.

...

5.9CVSS7AI score0.01254EPSS

Exploits2

Fedora•added 2018/08/24 8:6 a.m.•39 views

[SECURITY] Fedora 28 Update: qemu-2.11.2-2.fc28

10CVSS0.5AI score0.46733EPSS

Exploits7

Fedora•added 2018/08/24 7:15 a.m.•56 views

[SECURITY] Fedora 27 Update: qemu-2.10.2-1.fc27

10CVSS0.5AI score0.88482EPSS

Exploits20

Fedora•added 2017/11/11 1:46 p.m.•31 views