CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

126 matches found

Tenable Nessus•added 2026/04/23 12:0 a.m.•1 views

SATO CL4/6NX and CL4/6NX-J OS Command Injection (CVE-2025-22469)

A remote attacker may execute an arbitrary OS command on the system with a certain non-administrative user privilege. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

7.3CVSS8AI score0.01264EPSS

Exploits0References3

EUVD•added 2026/03/30 12:31 a.m.•2 views

EUVD-2026-17046

A non-administrative user can upload malicious files. When an administrator or the product accesses that file, an arbitrary script may be executed on the administrator's browser. Note that Movable Type 7 series and 8.4 series, which are End-of-Life EOL, are affected by the vulnerability as well...

8.8CVSS6.6AI score0.00015EPSS

Exploits0References7

EUVD•added 2026/03/10 6:31 p.m.•2 views

EUVD-2026-10404

Multiple i-フィルター products are configured with improper file access permission settings. Files may be created or overwritten in the system directory or backup directory by a non-administrative user...

6.8CVSS6AI score0.00018EPSS

Exploits0References7

NVD•added 2026/02/26 6:17 a.m.•3 views

CVE-2026-23703

The installer of FinalCode Client provided by Digital Arts Inc. contains an incorrect default permissions vulnerability. A non-administrative user may execute arbitrary code with SYSTEM privilege...

8.5CVSS0.00017EPSS

Exploits0References2

RedhatCVE•added 2026/02/05 7:26 a.m.•2 views

CVE-2026-23704

6.5CVSS6.6AI score0.00015EPSS

Exploits0References1

Vulnrichment•added 2026/02/04 7:3 a.m.•3 views

CVE-2026-23704

6.5CVSS5.5AI score0.00015EPSS

Exploits0References3

RedhatCVE•added 2026/01/09 9:32 a.m.•5 views

CVE-2023-25618

SAP NetWeaver Application Server for ABAP and ABAP Platform - versions 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 756, 757, 791, has multiple vulnerabilities in an unused class for error handling in which an attacker authenticated as a non-administrative user can craft a request with...

6.5CVSS6.9AI score0.00543EPSS

Exploits0References1

CNVD•added 2025/12/03 12:0 a.m.•5 views

Unspecified Vulnerability in Devolutions Server (CNVD-2025-30126)

Devolutions Server is a security solution for managing privileged accounts and sessions, designed to help organizations centrally store and manage sensitive information such as passwords and credentials. An unspecified vulnerability exists in Devolutions Server that stems from a non-administrativ...

4.3CVSS6.5AI score0.00039EPSS

Exploits0References1

CNNVD•added 2025/11/27 12:0 a.m.•2 views

Devolutions Server 安全漏洞

4.3CVSS6.2AI score0.00039EPSS

Exploits0References2

CNVD•added 2025/11/24 12:0 a.m.•1 views

Revive Adserver Information Disclosure Vulnerability

Revive Adserver is an open source ad serving system that allows advertisers, publishers, and networks to place ads on multiple platforms e.g., websites, apps, video players and supports ad effectiveness tracking, campaign management, and placement rule definition. Revive Adserver suffers from an...

4.3CVSS7.1AI score0.00024EPSS

Exploits1References1

OSV•added 2025/11/21 7:15 a.m.•1 views

CVE-2025-58097

The installation directory of LogStare Collector is configured with incorrect access permissions. A non-administrative user may manipulate files within the installation directory and execute arbitrary code with the administrative privilege...

7.8CVSS5.9AI score0.00009EPSS

Exploits0References2

CNNVD•added 2025/11/21 12:0 a.m.•1 views

LogStare Collector 安全漏洞

LogStare Collector is a data collector from LogStare Japan. A security vulnerability exists in LogStare Collector that stems from improper authorization in UserRegistration, which could result in a non-administrative user creating a new account...

5.3CVSS5AI score0.00028EPSS

Exploits0References3

Positive Technologies•added 2025/11/21 12:0 a.m.•2 views

PT-2025-47668

Name of the Vulnerable Software and Affected Versions LogStare Collector affected versions not specified Description LogStare Collector has an authorization issue within the UserRegistration component. A user without administrative privileges can create new user accounts by submitting a specially...

5.3CVSS5AI score0.00028EPSS

Exploits0References6

CNNVD•added 2025/11/21 12:0 a.m.•1 views

LogStare Collector 安全漏洞

LogStare Collector is a data collector from LogStare Japan. A security vulnerability exists in LogStare Collector that stems from an improperly configured installation directory permissions, which could lead to the execution of arbitrary code by a non-administrative user...

7.8CVSS6.2AI score0.00009EPSS

Exploits0References3

CNNVD•added 2025/11/14 12:0 a.m.•2 views

Palo Alto Prisma Browser 安全漏洞

Palo Alto Prisma Browser is a secure enterprise browser from Palo Alto USA. A security vulnerability exists in Palo Alto Prisma Browser that stems from improper handling of sensitive information and could lead to the retrieval of sensitive data by a locally authenticated, non-administrative user...

6.9CVSS6.3AI score0.00011EPSS

Exploits0References1

CNNVD•added 2025/10/30 12:0 a.m.•1 views

Nagios Log Server 安全漏洞

Nagios Log Server is a suite of centralized log management, monitoring, and analysis software from Nagios, Inc. A security vulnerability exists in Nagios Log Server versions prior to 2024R2.0.3, which stems from an incorrect authorization check that could result in a non-administrative user...

7.1CVSS6.5AI score0.00177EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2019-8752

Malware in sbrugna...

5.5CVSS5.6AI score0.00127EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-27462

Malware in sbrugna...

5.4CVSS6AI score0.00343EPSS

Exploits0References3