CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2022-49972

Malicious code in bioql PyPI...

9CVSS7.4AI score0.01801EPSS

Exploits1References1

Vulnrichment•added 2024/03/06 12:0 a.m.•8 views

CVE-2023-49978

Incorrect access control in Customer Support System v1 allows non-administrator users to access administrative pages and execute actions reserved for administrators...

7.1AI score0.00529EPSS

Exploits1References2

Cvelist•added 2023/08/30 2:22 p.m.•21 views

CVE-2023-4023 All Users Messenger <= 1.24 - Subscriber+ Message Deletion via IDOR

The All Users Messenger WordPress plugin through 1.24 does not prevent non-administrator users from deleting messages from the all-users messenger...

5AI score0.00175EPSS

Exploits2References1

Vulnrichment•added 2023/08/30 2:22 p.m.•5 views

CVE-2023-4023 All Users Messenger <= 1.24 - Subscriber+ Message Deletion via IDOR

The All Users Messenger WordPress plugin through 1.24 does not prevent non-administrator users from deleting messages from the all-users messenger...

6.7AI score0.00175EPSS

Exploits2References1

Vulnrichment•added 2023/01/19 5:2 p.m.•6 views

CVE-2022-47194

An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript in posts, which allow privilege escalation to administrator via XSS. To trigger this...

9CVSS6.1AI score0.00582EPSS

Exploits1References1

Atlassian•added 2020/07/01 6:16 p.m.•38 views

Information disclosure in API and Integrations - CVE-2020-14180

Affected versions of Atlassian Jira Service Desk Server and Data Center allow remote attackers authenticated as a non-administrator user to view Project Request-Types and Descriptions, via an Information Disclosure vulnerability in the editform request-type-fields resource. Affected versions:...

4.3CVSS5.8AI score0.00229EPSS

Exploits0Affected Software1

Cvelist•added 2017/08/24 8:0 p.m.•24 views

CVE-2015-7257

ZTE ADSL ZXV10 W300 modems W300V2.1.0fER7PEO57 and W300V2.1.0hER7PEO57 allow remote authenticated non-administrator users to change the admin password by intercepting an outgoing password change request, and changing the username parameter from "support" to "admin"...

7.5AI score0.16737EPSS

Exploits5References4

OpenVAS•added 2013/07/01 12:0 a.m.•39 views

Magnolia CMS Access Bypass Vulnerability

This host is running Magnolia CMS and is prone to access bypass vulnerability. OpenVAS Vulnerability Test $Id: gbmagnoliaaccessbypassvuln.nasl 6115 2017-05-12 09:03:25Z teissa $ Magnolia CMS Access Bypass Vulnerability Authors: Arun Kallavi Copyright: Copyright c 2013 Greenbone Networks GmbH,...

9.6AI score0.00125EPSS

Exploits1References2

seebug.org•added 2007/07/11 12:0 a.m.•16 views

WinPcap 4.0 NPF.SYS Privilege Elevation Vulnerability PoC Exploit

No description provided by source. / WinPcap NPF.SYS Privilege Elevation Vulnerability PoC exploit ------------------------------------------------------------- Affected software: WinPcap versions affected Confirmed - WinPcap 4.0 and previous WinPcap fixed version stable : WinPcap 4.0.1 ...

7.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by