CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2026/02/24 1:2 a.m.•8 views

CVE-2026-3050

CVE-2026-3050 affects horilla-opensource horilla CRM up to version 1.0.2, specifically the Leads Module’s static/assets/js/global.js. A flaw in an unknown function allows manipulation of the Notes argument to trigger cross-site scripting (XSS) via a remote attack. An exploit has been published. R...

5.4CVSS3.7AI score0.00047EPSS

Exploits1References6Affected Software1

Cvelist•added 2026/02/24 1:2 a.m.•22 views

CVE-2026-3050 horilla-opensource horilla Leads global.js cross site scripting

5.1CVSS0.00047EPSS

EUVD•added 2026/02/24 1:2 a.m.•3 views

EUVD-2026-7444

5.1CVSS3.5AI score0.00047EPSS

CVE•added 2026/02/24 12:32 a.m.•9 views

CVE-2026-3049

Affected software: horilla-opensource horilla (up to 1.0.2). Vulnerable component/file: Query Parameter Handler, specifically the function get in horilla_generics/global_search.py. Root cause: manipulation of the argument prev_url leads to an open redirect. Impact: remote exploitation possibility...

6.1CVSS4.9AI score0.00059EPSS

Exploits1References6Affected Software1

ATTACKERKB•added 2026/02/24 12:32 a.m.•3 views

CVE-2026-3049

A vulnerability was detected in horilla-opensource horilla up to 1.0.2. This issue affects the function get of the file horillagenerics/globalsearch.py of the component Query Parameter Handler. The manipulation of the argument prevurl results in open redirect. The attack can be executed remotely...

5.3CVSS5AI score0.00059EPSS

Exploits1References6Affected Software1

EUVD•added 2026/02/24 12:32 a.m.•2 views

EUVD-2026-7457

5.3CVSS4.7AI score0.00059EPSS

Vulnrichment•added 2026/02/24 12:32 a.m.•2 views

CVE-2026-3049 horilla-opensource horilla Query Parameter global_search.py get redirect

5.3CVSS5AI score0.00059EPSS

Cvelist•added 2026/02/24 12:32 a.m.•17 views

CVE-2026-3049 horilla-opensource horilla Query Parameter global_search.py get redirect

5.3CVSS0.00059EPSS

Positive Technologies•added 2026/02/24 12:0 a.m.•4 views

PT-2026-21612

5.1CVSS3.6AI score0.00047EPSS

Exploits1References7

CNNVD•added 2026/02/12 12:0 a.m.•3 views

farm 安全漏洞

Farm is a web building tool developed by Farm OpenSource. Versions of Farm prior to 1.7.6 contained security vulnerabilities. These vulnerabilities stemmed from a lack of source verification in WebSocket, which could allow attackers to monitor developers and steal source code...

6.5CVSS5.8AI score0.00007EPSS

Exploits0References3

OSV•added 2026/01/27 9:15 a.m.•2 views

CVE-2026-1465

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in anyrtcIO-Community anyRTC-RTMP-OpenSource thirdparty/faad2-2.7/libfaad modules. This vulnerability is associated with program files bits.C, syntax.C. This issue affects anyRTC-RTMP-OpenSource: before 1.0...

8.7CVSS5.9AI score

Exploits0References1

ATTACKERKB•added 2026/01/27 8:15 a.m.•2 views

CVE-2026-1465

EUVD•added 2026/01/27 8:15 a.m.•3 views

EUVD-2026-4715

Positive Technologies•added 2026/01/27 12:0 a.m.•3 views

Exploits0References1

PT-2026-4861

Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in anyrtcIO-Community anyRTC-RTMP-OpenSource third party/faad2-2.7/libfaad modules. This vulnerability is associated with program files bits.C, syntax.C. This issue affects anyRTC-RTMP-OpenSource: before 1.0...

CNNVD•added 2026/01/27 12:0 a.m.•3 views

anyRTC-RTMP-OpenSource security vulnerabilities

anyRTC-RTMP-OpenSource is an open-source RTMP push/pull streaming tool developed by the anyrtc.io community. Versions of anyRTC-RTMP-OpenSource prior to version 1.0 contained security vulnerabilities, which were caused by improper memory buffer operation restrictions in the bits.C and syntax.C...

OpenVAS•added 2025/12/12 12:0 a.m.•1 views

Exploits0References1

Ubuntu: Security Advisory (USN-7923-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.2CVSS6.8AI score0.00068EPSS

OSV•added 2025/12/11 4:18 a.m.•1 views

USN-7923-1 qtbase-opensource-src vulnerability

It was discovered that Qt did not correctly handle certain memory operations. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code...

6.2CVSS6AI score0.00068EPSS

Tenable Nessus•added 2025/12/03 12:0 a.m.•2 views

Debian dla-4387 : libqt5concurrent5 - security update

The remote Debian 11 host has packages installed that are affected by a vulnerability as referenced in the dla-4387 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4387-1 [email protected] https://www.debian.org/lts/security/...

8.6CVSS7.8AI score0.00205EPSS

Exploits0References4

OpenVAS•added 2025/12/01 12:0 a.m.•2 views

Debian: Security Advisory (DLA-4387-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.6CVSS6.8AI score0.00205EPSS