CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

ATTACKERKB•added 2026/03/12 2:22 a.m.•2 views

CVE-2026-3226

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to unauthorized email notification triggering due to missing capability checks on all 10 functions in the SendEmailAjax class in all versions up to, and including, 4.3.2.8. The AbstractAjax::catchlpajax dispatcher verifies a...

4.3CVSS5.9AI score0.00042EPSS

Exploits0References6

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-0149

Malware in sbrugna...

7.5CVSS7.6AI score0.0011EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-7637

Malicious code in bioql PyPI...

9.8CVSS9.3AI score0.00437EPSS

Exploits0References7

Tenable Nessus•added 2025/08/30 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2021-33027

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Sylabs Singularity Enterprise through 1.6.2 has Insufficient Entropy in a nonce. CVE-2021-33027 Note that Nessus relies on the presence of the package as report...

9.8CVSS8.2AI score0.00607EPSS

Exploits0References2

RedhatCVE•added 2025/05/22 7:46 p.m.•4 views

CVE-2021-33027

Sylabs Singularity Enterprise through 1.6.2 has Insufficient Entropy in a nonce...

9.8CVSS6.8AI score0.00607EPSS

Exploits0References1

RedhatCVE•added 2025/05/17 9:1 p.m.•6 views

CVE-2024-4665

The EventPrime WordPress plugin before 3.5.0 does not properly validate permissions when updating bookings, allowing users to change/cancel bookings for other users. Additionally, the feature is lacking a nonce...

5.3CVSS6.8AI score0.00166EPSS

Exploits1References1

RedhatCVE•added 2025/02/05 8:35 p.m.•4 views

CVE-2022-31157

LTI 1.3 Tool Library is a library used for building IMS-certified LTI 1.3 tool providers in PHP. Prior to version 5.0, the function used to generate random nonces was not sufficiently cryptographically complex. Users should upgrade to version 5.0 to receive a patch. There are currently no known...

7.5CVSS6.6AI score0.00175EPSS

Exploits0References1

Vulnrichment•added 2022/12/31 12:0 a.m.•6 views

CVE-2022-48195

An issue was discovered in Mellium mellium.im/sasl before 0.3.1. When performing SCRAM-based SASL authentication, if the remote end advertises support for channel binding, no random nonce is generated instead, the nonce is empty. This causes authentication to fail in the best case, but if paired...

7AI score0.00437EPSS

Exploits0References1

OSV•added 2021/07/26 5:15 p.m.•0 views

UBUNTU-CVE-2021-32791

modauthopenidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In modauthopenidc before version 2.4.9, the AES GCM encryption in modauthopenidc uses a static IV and...

5.9CVSS6.5AI score0.00513EPSS

Exploits0References5

OSV•added 2021/06/21 3:25 p.m.•1 views

USN-4994-2 apache2 vulnerabilities

USN-4994-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Antonio Morales discovered that the Apache modauthdigest module incorrectly handled certain Digest nonces. A remote attacker coul...

9.8CVSS7AI score0.60353EPSS

Exploits0References5

OSV•added 2020/03/16 10:46 p.m.•1 views

GHSA-PQ4W-QM9G-QX68 Insufficient Nonce Validation in Eclipse Milo Client

Impact Credential replay affecting those connected to a server when all 3 of the following conditions are met: - SecurityPolicy is None - using username/password or X509-based authentication - the server has a defect causing it to send null/empty or zeroed nonces Patches The problem has been...

7.4CVSS5.8AI score0.00264EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by