CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21 matches found

Snyk•added 2026/05/11 7:35 p.m.•4 views

Cross-site Scripting (XSS)

Overview mantisbt/mantisbt is a mantis bug tracker. Affected versions of this package are vulnerable to Cross-site Scripting XSS via improper escaping in the owner column of saved filters when the configuration option $gshowuserrealname is enabled. An attacker can execute arbitrary HTML or...

7.5CVSS5.8AI score0.00493EPSS

Exploits0References2

Vulnrichment•added 2026/02/11 2:56 p.m.•4 views

CVE-2019-25311 thesystem Persistent XSS

thesystem version 1.0 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts through multiple server data input fields. Attackers can submit crafted script payloads in operatingsystem, systemowner, systemusername, systempassword,...

6.4CVSS5.5AI score0.00204EPSS

Exploits1References3

CVE•added 2026/02/11 2:56 p.m.•9 views

CVE-2019-25311

The CVE concerns thesystem version 1.0, which contains a persistent cross-site scripting (XSS) vulnerability. Attackers can inject malicious scripts via multiple server input fields, specifically operating_system, system_owner, system_username, system_password, system_description, and server_name...

6.4CVSS5.5AI score0.00204EPSS

Exploits1References3Affected Software1

EUVD•added 2025/12/19 12:0 a.m.•3 views

EUVD-2025-204426

The GitHub Integration API in Mintlify Platform before 2025-11-15 allows remote attackers to obtain sensitive repository metadata via the repository owner and name fields. It fails to validate that the repository owner and name fields provided during configuration belong to the specific GitHub Ap...

5CVSS6.3AI score0.00368EPSS

Exploits1References5

Vulnrichment•added 2025/12/19 12:0 a.m.•2 views

CVE-2025-67844

5CVSS6.4AI score0.00368EPSS

Exploits1References4

Tenable Nessus•added 2025/08/15 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2025-21769

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: ptp: vmclock: Add .owner to vmclockmiscdevfops Without the .owner field, the module can be...

5.5CVSS4.9AI score0.00173EPSS

Exploits0References2

SUSE CVE•added 2025/02/28 2:21 a.m.•2 views

SUSE CVE-2025-21769

In the Linux kernel, the following vulnerability has been resolved: ptp: vmclock: Add .owner to vmclockmiscdevfops Without the .owner field, the module can be unloaded while /dev/vmclock0 is open, leading to an oops...

5.5CVSS6.5AI score0.00173EPSS

Exploits0References3

OSV•added 2025/02/27 3:15 a.m.•1 views

UBUNTU-CVE-2025-21769

5.5CVSS5.7AI score0.00173EPSS

Exploits0References5

Vulnrichment•added 2025/02/27 2:18 a.m.•2 views

CVE-2025-21769 ptp: vmclock: Add .owner to vmclock_miscdev_fops

6.1AI score0.00173EPSS

Exploits0References2

OSV•added 2025/02/27 2:18 a.m.•3 views

CVE-2025-21769 ptp: vmclock: Add .owner to vmclock_miscdev_fops

5.5CVSS6.5AI score0.00173EPSS

Exploits0References5

CNNVD•added 2025/02/27 12:0 a.m.•3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from vmclockmiscdevfops not setting the .owner field, which could lead to a crash when the module is uninstalled...

5.5CVSS4.6AI score0.00173EPSS

Exploits0References4

OSV•added 2024/11/08 6:15 p.m.•3 views

CVE-2024-51032

A Cross-site Scripting XSS vulnerability in managerecipient.php of Sourcecodester Toll Tax Management System 1.0 allows remote authenticated users to inject arbitrary web scripts via the "owner" input field...

5.4CVSS5.9AI score0.00396EPSS

Exploits0References2

Positive Technologies•added 2024/11/08 12:0 a.m.•5 views

PT-2024-34498 · Sourcecodester · Toll Tax Management System

Name of the Vulnerable Software and Affected Versions: Sourcecodester Toll Tax Management System version 1.0 Description: A Cross-site Scripting XSS issue in the manage recipient.php file allows remote authenticated users to inject arbitrary web scripts via the owner input field. Recommendations:...

5.4CVSS6AI score0.00396EPSS

Exploits0References7

OSV•added 2024/05/01 6:15 a.m.•9 views

AZL-54578 CVE-2024-27010 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: net/sched: Fix mirred deadlock on device recursion When the mirred action is used on a classful egress qdisc and a packet is mirrored or redirected to self we hit a qdisc lock deadlock. See trace below. ..... other info removed f...

5.5CVSS6.3AI score0.00175EPSS

Exploits0References1

OSV•added 2024/05/01 6:15 a.m.•3 views

AZL-54569 CVE-2024-27010 affecting package kernel 5.15.200.1-1

5.5CVSS6.3AI score0.00175EPSS

Exploits0References1

SUSE CVE•added 2023/02/15 3:59 a.m.•1 views

SUSE CVE-2020-11725

sndctlelemadd in sound/core/control.c in the Linux kernel through 5.6.3 has a count=info-owner line, which later affects a privatesizecount multiplication for unspecified "interesting side effects." NOTE: kernel engineers dispute this finding, because it could be relevant only if new callers were...

7.8CVSS6.8AI score0.00511EPSS

Exploits1References3