CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

105 matches found

CNNVD•added 2026/05/14 12:0 a.m.•5 views

SiYuan 安全漏洞

SiYuan is an open-source personal knowledge management system developed by SiYuan. Versions of SiYuan prior to 3.7.0 contained security vulnerabilities. These vulnerabilities were caused by ineffective access control for search APIs under certain deployment scenarios, which could lead to the...

4.3CVSS5.8AI score0.00009EPSS

Exploits0References2

Positive Technologies•added 2026/05/08 12:0 a.m.•8 views

PT-2026-39202

Name of the Vulnerable Software and Affected Versions Emlog versions prior to 2.6.11 Description Missing Cross-Site Request Forgery CSRF protection in critical admin functions allows attackers to trick authenticated administrators into performing unauthorized actions. These actions include system...

8.4CVSS5.8AI score0.00025EPSS

Exploits0References5

CNNVD•added 2026/05/01 12:0 a.m.•2 views

SourceCodester Pharmacy Sales and Inventory System 注入漏洞

SourceCodester Pharmacy Sales and Inventory System is an open-source medication sales and inventory management system developed by SourceCodester. Version 1.0 of the SourceCodester Pharmacy Sales and Inventory System has a SQL injection vulnerability, which arises from incorrect handling of the...

7.5CVSS7.2AI score0.00043EPSS

Exploits0References1

Packet Storm News•added 2026/04/14 12:0 a.m.•5 views

LLM-Guided Prompt Evolution for Password Guessing

Passwords still remain a dominant authentication method, yet their security is routinely subverted by predictable user choices and large-scale credential leaks. Automated password guessing is a key tool for stress-testing password policies and modeling attacker behavior. This paper applies...

5.8AI score

Exploits0

CNNVD•added 2026/04/10 12:0 a.m.•2 views

itsourcecode Online Student Enrollment System 安全漏洞

itsourcecode Online Student Enrollment System is an open-source online enrollment system developed by itsourcecode. Version 1.0 of the itsourcecode Online Student Enrollment System contains a security vulnerability. This vulnerability arises from the classId parameter in the instructorClasses.php...

9.8CVSS5.8AI score0.00047EPSS

Exploits1References2

Packet Storm News•added 2026/04/02 12:0 a.m.•4 views

Street-Legal Physical-World Adversarial Rim for License Plates

Automatic license plate reader ALPR systems are widely deployed to identify and track vehicles. While prior work has demonstrated vulnerabilities in ALPR systems, far less attention has been paid to their legality and physical-world practicality. We investigate whether low-resourced threat actors...

5.8AI score

Exploits0

RedhatCVE•added 2025/12/02 7:22 a.m.•1 views

CVE-2025-51741

An issue was discovered in Veal98 Echo Open-Source Community System 2.2 thru 2.3 allowing an unauthenticated attacker to cause the server to send email verification messages to arbitrary users via the /sendEmailCodeForResetPwd endpoint potentially causing a denial of service to the server or the...

7.5CVSS7.1AI score0.00125EPSS

Exploits0References1

EUVD•added 2025/10/10 8:1 p.m.•2 views

EUVD-2025-33776

Emlog is an open source website building system. Emlog Pro versions 2.5.19 and earlier are vulnerable to Cross‑Site Request Forgery CSRF on the password change endpoint. An attacker can trick a logged‑in administrator into submitting a crafted POST request to change the admin password without...

8.1CVSS6.5AI score0.00027EPSS

Exploits1References1

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2024-39564