CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

145 matches found

NVD•added 2026/02/19 9:18 p.m.•1 views

CVE-2025-67305

In RUCKUS Network Director RND 4.5.0.56, the OVA appliance contains hardcoded SSH keys for the postgres user. These keys are identical across all deployments, allowing an attacker with network access to authenticate via SSH without a password. Once authenticated, the attacker can access the...

9.8CVSS0.00084EPSS

Exploits1References2

Positive Technologies•added 2026/02/19 12:0 a.m.•4 views

PT-2026-20926

Name of the Vulnerable Software and Affected Versions RUCKUS Network Director versions prior to 4.5.0.56 Description RUCKUS Network Director RND OVA appliances include hardcoded SSH keys for the postgres user. These keys are consistent across all deployments. An attacker with network access can u...

9.8CVSS5.3AI score0.00084EPSS

Exploits1References5

Broadcom•added 2026/01/27 12:0 a.m.•14 views

Rocky Linux Updates applied to SANnav (CVE-2024-3661, CVE-2024-11187, CVE-2024-12797)

Rocky Linux OS updates RSLA-2025:0377, RSLA-2025:1681, RLSA-2025:1330 applied to Brocade SANnav OVA OS CVE-2024-3661 NetworkManager: DHCP routing options can manipulate interface-based VPN traffic CVE-2024-11187 It is possible to construct a zone such that some queries to it will generate respons...

7.6CVSS7.1AI score0.04177EPSS

Exploits1

RedhatCVE•added 2026/01/07 9:32 a.m.•4 views

CVE-2019-16406

Centreon Web 19.04.4 has weak permissions within the OVA aka VMware virtual machine and OVF aka VirtualBox virtual machine files, allowing attackers to gain privileges via a Trojan horse Centreon-autodisco executable file that is launched by cron...

7.8CVSS7.2AI score0.00038EPSS

Exploits2References1

CNVD•added 2025/10/21 12:0 a.m.•1 views

WordPress Ova Advent plugin cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress Ova Advent plugin, which stems from insufficient input cleanup and output escaping, and can be exploited by an...

6.4CVSS6AI score0.00032EPSS

Exploits0References1

RedhatCVE•added 2025/10/16 5:52 a.m.•3 views

CVE-2025-8561

The Ova Advent plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 1.1.7 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with...

6.4CVSS5AI score0.00032EPSS

Exploits0References1

EUVD•added 2025/10/15 6:31 a.m.•1 views

EUVD-2025-34511

6.4CVSS4.7AI score0.00032EPSS

Exploits0References4

NVD•added 2025/10/15 6:15 a.m.•1 views

CVE-2025-8561

6.4CVSS0.00032EPSS

Exploits0References3

CVE•added 2025/10/15 5:23 a.m.•12 views

CVE-2025-8561

CVE-2025-8561 affects the WordPress Ova Advent plugin (versions

6.4CVSS4.7AI score0.00032EPSS

Exploits0References3

Vulnrichment•added 2025/10/15 5:23 a.m.•1 views

CVE-2025-8561 Ova Advent <= 1.1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

6.4CVSS4.7AI score0.00032EPSS

Exploits0References3

Cvelist•added 2025/10/15 5:23 a.m.•4 views

CVE-2025-8561 Ova Advent <= 1.1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

6.4CVSS0.00032EPSS

Exploits0References3

Patchstack•added 2025/10/15 12:17 a.m.•4 views

WordPress Ova Advent plugin <= 1.1.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode vulnerability discovered by Marco Wotschka in WordPress Plugin Ova Advent versions = 1.1.7...

6.4CVSS5.8AI score0.00032EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2025/10/15 12:0 a.m.•2 views

PT-2025-42237

6.4CVSS5AI score0.00032EPSS

Exploits0References4