CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CNNVD•added 2026/04/30 12:0 a.m.•5 views

IBM Watsonx.data 安全漏洞

IBM Watsonx.data is an open data lake platform developed by IBM. Versions 2.2 to 2.3 of IBM Watsonx.data contain security vulnerabilities. These vulnerabilities stem from insufficient restrictions on communication between Pods, allowing attackers to transfer data between Pods without any...

7.5CVSS5.8AI score0.00056EPSS

Exploits0References1

Snyk•added 2026/04/29 11:11 p.m.•4 views

SQL Injection

Overview ckan is a world’s leading Open Source data portal platform. It powers dozens of Open Data portals around the world, including data.gov, open.canada.ca and europeandataportal.eu but also regional, research and community organizations. It makes easy to publish, share and find data online a...

9.8CVSS5.9AI score0.13784EPSS

Positive Technologies•added 2026/04/29 12:0 a.m.•3 views

PT-2026-37112

Name of the Vulnerable Software and Affected Versions CKAN versions prior to 2.10.10 CKAN versions prior to 2.11.5 Description Accessing views via tokens or unauthenticated requests can mark an endpoint as not requiring Cross-Site Request Forgery CSRF protection. This occurs because the marking i...

6.1CVSS5.8AI score0.00005EPSS

Exploits0References7

GithubExploit•added 2026/04/20 12:42 p.m.•76 views

autopoc

AutoPoC Automated proof-of-concept deployments on OpenShift...

6AI score

NVD•added 2026/04/14 12:16 a.m.•0 views

CVE-2026-27676

Due to missing authorization checks in the SAP S/4HANA OData Service Manage Technical Object Structures, an attacker could update and delete child entities via exposed OData services without proper authorization. This vulnerability results in a low impact on integrity, while confidentiality and...

4.3CVSS0.00034EPSS

CVE•added 2026/04/14 12:7 a.m.•5 views

CVE-2026-27679

CVE-2026-27679 affects the SAP S/4HANA frontend OData Service (Manage Reference Structures). Missing authorization checks allow an attacker to update and delete child entities via exposed OData services, impacting integrity (I: High) with no confidentiality or availability impact stated. CVSS v3....

6.5CVSS5.8AI score0.00045EPSS

Exploits0References2Affected Software1

ATTACKERKB•added 2026/04/14 12:7 a.m.•0 views

CVE-2026-27679

Due to missing authorization checks in the SAP S/4HANA frontend OData Service Manage Reference Structures, an attacker could update and delete child entities via exposed OData services without proper authorization. This vulnerability has a high impact on integrity, while confidentiality and...

6.5CVSS5.8AI score0.00045EPSS

Exploits0References3

EUVD•added 2026/04/14 12:7 a.m.•1 views

EUVD-2026-22150

Due to missing authorization checks in the SAP S/4HANA backend OData Service Manage Reference Structures, an attacker could update and delete child entities via exposed OData services without proper authorization. This vulnerability has a high impact on integrity, while confidentiality and...

Vulnrichment•added 2026/04/14 12:7 a.m.•1 views

CVE-2026-27678 Missing Authorization check in SAP S/4HANA Backend OData Service (Manage Reference Structures)

Positive Technologies•added 2026/04/14 12:0 a.m.•3 views

PT-2026-32557

Positive Technologies•added 2026/04/14 12:0 a.m.•1 views

Exploits0References3

PT-2026-32558

Packet Storm News•added 2026/03/07 12:0 a.m.•0 views

Exploits0References3

Reality Check for Tor Website Fingerprinting in the Open World

Website fingerprinting WF attacks on Tor can infer user destinations from encrypted traffic metadata. However, their real-world effectiveness remains debated due to laboratory settings that fail to capture network fluctuations, evaluate noise, and create a representative open world. In this work,...

5.8AI score

Vulnrichment•added 2025/12/23 12:0 a.m.•2 views

CVE-2025-67111

An integer overflow in the RTPS protocol implementation of OpenDDS DDS before v3.33.0 allows attackers to cause a Denial of Service DoS via a crafted message...

6.6AI score0.00108EPSS

Packet Storm News•added 2025/08/12 12:0 a.m.•2 views

Load-Altering Attacks against Power Grids: a Case Study Using the GB-36 Bus System Open Dataset

The growing digitalization and the rapid adoption of high-powered Internet-of-Things IoT-enabled devices e.g., EV charging stations have increased the vulnerability of power grids to cyber threats. In particular, the so-called Load Altering Attacks LAAs can trigger rapid frequency fluctuations an...

7.1AI score

Gitee•added 2025/07/27 4:2 a.m.•168 views

Exploit for CVE-2014-7911

Security-Data-Analysis-and-Visualization 2018-2020青年安全圈-活跃技术博主/博客声明所有数据均来自且仅来自公开信息，未加入个人先验知识，如有疑义，请及时联系[email protected]。公开这批数据是为了大家一起更快更好地学习，请不要滥用这批数据，由此引发的问题，本人将概不负责。对这批数据的分析文章首发在个人微信公众号，原文为：我分析了2018-2020年青年安全圈450个活跃技术博客和博主，转载请联系作者。 Why - 最初目的：个人日常安全阅读资源不足，需要从博客、Github、Twitter等多个数据源补充。 -...

9.8CVSS9AI score0.94468EPSS

Exploits75

OSSF Malicious Packages•added 2025/07/16 1:15 a.m.•2 views

Malicious code in yxt-open-data (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

6.9AI score

OSV•added 2025/07/16 1:15 a.m.•0 views

MAL-2025-6138 Malicious code in yxt-open-data (npm)

The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...

7.1AI score

Packet Storm News•added 2025/06/22 12:0 a.m.•2 views

Pushing the Limits of Safety: a Technical Report on the ATLAS Challenge 2025

Multimodal Large Language Models MLLMs have enabled transformative advancements across diverse applications but remain susceptible to safety threats, especially jailbreak attacks that induce harmful outputs. To systematically evaluate and improve their safety, we organized the Adversarial Testing...

7.6AI score