CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1064 matches found

Vulnerability handling in Fortinet FortiSandbox

Fortinet has identified a vulnerability in FortiSandbox versions 4.2 through 5.0.5, including FortiSandbox Cloud and FortiSandbox PaaS. The vulnerability involves OS command injection in the FortiSandbox’s webinterface. As a result, unauthorized attackers can execute arbitrary OS commands by...

9.8CVSS6.3AI score0.02027EPSS

Exploits0References1

Nuclei•added 16 hours ago•65 views

Structurizr on-premises - Cross Site Scripting

Cross-site Scripting XSS - Reflected in GitHub repository structurizr/onpremises prior to 3194. id: CVE-2023-5556 info: name: Structurizr on-premises - Cross Site Scripting author: shankaracharya severity: medium description: | Cross-site Scripting XSS - Reflected in GitHub repository...

6.1CVSS5.9AI score0.27325EPSS

Exploits1References3

RedhatCVE•added yesterday•7 views

CVE-2026-40371

Improper handling of insufficient permissions or privileges in Microsoft Dynamics 365 on-premises allows an authorized attacker to elevate privileges over a network...

8.8CVSS5.4AI score0.00078EPSS

Exploits0References1

RedHat Linux•added yesterday•4 views

Moderate: Red Hat Security Advisory: Red Hat build of Keycloak 26.6.3 Images Update

New images are available for Red Hat build of Keycloak 26.6.3 and Red Hat build of Keycloak 26.6.3 Operator, running on OpenShift Container Platform Red Hat build of Keycloak is an integrated sign-on solution, available as a Red Hat JBoss Middleware for OpenShift containerized image. The Red Hat...

8.8CVSS5.4AI score0.00247EPSS

Exploits0References1

NCSC•added 2 days ago•5 views

Vulnerabilities in Microsoft Exchange

Microsoft has patched vulnerabilities in Exchange, both on-premise and online versions. A malicious individual could exploit these vulnerabilities to impersonate other users and access sensitive data. Additionally, a malicious actor could execute arbitrary code. The most severe vulnerability...

9.1CVSS5.8AI score0.00104EPSS

Exploits0

EUVD•added 2 days ago•6 views

EUVD-2026-35532

Improper handling of insufficient permissions or privileges in Microsoft Dynamics 365 on-premises allows an authorized attacker to elevate privileges over a network...

8.8CVSS5.4AI score0.00078EPSS

Exploits0References2

NVD•added 2 days ago•4 views

CVE-2026-40371

Improper handling of insufficient permissions or privileges in Microsoft Dynamics 365 on-premises allows an authorized attacker to elevate privileges over a network...

8.8CVSS0.00078EPSS

Exploits0References1

Vulnrichment•added 2 days ago•3 views

CVE-2026-40371 Microsoft Dynamics 365 (on-premises) Elevation of Privilege Vulnerability

...

8.8CVSS5.4AI score0.00078EPSS

Exploits0References1

CVE•added 2 days ago•18 views

CVE-2026-40371

Technical details (affected product/component, root cause, and fix) are not publicly available in the provided documents. Monitor for updates.

8.8CVSS5.5AI score0.00078EPSS

Exploits0References1

Microsoft CVE•added 2 days ago•5 views

Microsoft Dynamics 365 (on-premises) Elevation of Privilege Vulnerability

Improper handling of insufficient permissions or privileges in Microsoft Dynamics 365 on-premises allows an authorized attacker to elevate privileges over a network...

8.8CVSS5.4AI score0.00078EPSS

Exploits0

Positive Technologies•added 2 days ago•8 views

PT-2026-47868

Improper handling of insufficient permissions or privileges in Microsoft Dynamics 365 on-premises allows an authorized attacker to elevate privileges over a network...

8.8CVSS5.4AI score0.00078EPSS

Exploits0References2

Positive Technologies•added 2 days ago•6 views

PT-2026-47532

SAP S/4HANAOn-Premise contains SQL injection vulnerability in a remote-enabled function module component that could be exploited by an authenticated attacker to potentially execute unauthorized database queries.This flaw exposes sensitive information to which they should not otherwise have access...

6.5CVSS5.7AI score0.00026EPSS

Exploits0References3

RedhatCVE•added 6 days ago•8 views

CVE-2026-2695

A command injection vulnerability was discovered in TeamViewer DEX Platform On-Premises former 1E DEX Platform On-Premises prior to version 9.2. Improper input validation allows authenticated users with at least questioner privileges to inject commands in specific instructions. Exploitation could...

6.3CVSS5.8AI score0.00092EPSS

Exploits0References1

RedhatCVE•added 6 days ago•7 views

CVE-2026-8381

A broken access control vulnerability exists in the TeamViewer DEX Platform On‑Premises prior version 9.2. Certain backend API endpoints do not correctly enforce authorization checks, allowing an authenticated user with low privileges to perform actions and access resources intended only for...

5.4CVSS5.5AI score0.00033EPSS

Exploits0References1

RedhatCVE•added 6 days ago•4 views

CVE-2026-23708

A improper authentication vulnerability in Fortinet FortiSOAR PaaS 7.6.0 through 7.6.3, FortiSOAR PaaS 7.5.0 through 7.5.2, FortiSOAR on-premise 7.6.0 through 7.6.3, FortiSOAR on-premise 7.5.0 through 7.5.2 may allow an unauthenticated attacker to bypass authentication via replaying captured 2FA...

8.1CVSS5.4AI score0.0011EPSS

Exploits0References1

RedhatCVE•added 6 days ago•6 views

CVE-2026-9614

An Improper Access Control vulnerability in Ivanti Neurons for ITSM cloud and on-premises allows a remote authenticated attacker to gain administrative access...

8.8CVSS5.5AI score0.00407EPSS

Exploits0References1

IBM Security Bulletins•added 6 days ago•9 views

Security Bulletin: Multiple vulnerabilities in IBM Observability with Instana (OnPrem)

Summary Multiple vulnerabilities were remediated in IBM Observability with Instana OnPrem build 1.0.319 Vulnerability Details CVEID:CVE-2025-66418 DESCRIPTION: urllib3 is a user-friendly HTTP client library for Python. Starting in version 1.24 and prior to 2.6.0, the number of links in the...

9.1CVSS7.8AI score0.00081EPSS

Exploits0Affected Software1

NVD•added 2026/06/01 7:16 p.m.•10 views

CVE-2026-9614

An Improper Access Control vulnerability in Ivanti Neurons for ITSM cloud and on-premises allows a remote authenticated attacker to gain administrative access...

8.8CVSS0.00407EPSS

Exploits0References1

EUVD•added 2026/06/01 5:50 p.m.•9 views

EUVD-2026-33736

An Improper Access Control vulnerability in Ivanti Neurons for ITSM cloud and on-premises allows a remote authenticated attacker to gain administrative access...

8.8CVSS5.8AI score0.00407EPSS

Exploits0References1

Vulnrichment•added 2026/06/01 5:50 p.m.•9 views

CVE-2026-9614

An Improper Access Control vulnerability in Ivanti Neurons for ITSM cloud and on-premises allows a remote authenticated attacker to gain administrative access...

8.8CVSS5.8AI score0.00407EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by