CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

782 matches found

GithubExploit•added 2026/05/03 2:54 a.m.•57 views

Exploit for Time-of-check Time-of-use (TOCTOU) Race Condition in Packagekit_Project Packagekit

No d...

8.8CVSS5.8AI score0.00153EPSS

Exploits10

EUVD•added 2026/02/05 12:2 p.m.•2 views

EUVD-2026-5535

A vulnerability was identified in iomad up to 5.0. Affected is an unknown function of the component Company Admin Block. Such manipulation leads to sql injection. The attack can be executed remotely. It is best practice to apply a patch to resolve this issue...

5.8CVSS5.1AI score0.00013EPSS

Exploits0References5

Cvelist•added 2026/01/26 3:32 a.m.•32 views

CVE-2026-1417 GPAC filedump.c dump_isom_rtp null pointer dereference

A weakness has been identified in GPAC up to 2.4.0. Affected by this issue is the function dumpisomrtp of the file applications/mp4box/filedump.c. This manipulation causes null pointer dereference. The attack needs to be launched locally. The exploit has been made available to the public and coul...

4.8CVSS0.00015EPSS

Exploits1References7

RedhatCVE•added 2026/01/09 9:30 a.m.•4 views

CVE-2023-43798

BigBlueButton is an open-source virtual classroom. BigBlueButton prior to versions 2.6.12 and 2.7.0-rc.1 is vulnerable to Server-Side Request Forgery SSRF. This issue is a bypass of CVE-2023-33176. A patch in versions 2.6.12 and 2.7.0-rc.1 disabled follow redirect at httpclient.execute since the...

6.5CVSS6.7AI score0.0012EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:54 a.m.•4 views

CVE-2021-41187

DHIS 2 is an information system for data capture, management, validation, analytics and visualization. A SQL injection security vulnerability has been found in specific versions of DHIS2. This vulnerability affects the API endpoints for /api/trackedEntityInstances and api/events in DHIS2. The...

8.8CVSS7.7AI score0.00234EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:13 a.m.•2 views

CVE-2024-2828

A vulnerability, which was classified as critical, was found in lakernote EasyAdmin up to 20240315. Affected is the function thumbnail of the file src/main/java/com/laker/admin/module/sys/controller/IndexController.java. The manipulation of the argument url leads to server-side request forgery. I...

8.8CVSS7AI score0.00057EPSS

Exploits1References1

RedhatCVE•added 2026/01/07 9:12 a.m.•3 views

CVE-2024-2352

A vulnerability, which was classified as critical, has been found in 1Panel up to 1.10.1-lts. Affected by this issue is the function baseApi.UpdateDeviceSwap of the file /api/v1/toolbox/device/update/swap. The manipulation of the argument Path with the input 123123123\nopen -a Calculator leads to...

9.8CVSS9.8AI score0.02668EPSS

Exploits1References1

Positive Technologies•added 2025/12/30 12:0 a.m.•4 views

PT-2025-53829

Name of the Vulnerable Software and Affected Versions Refugee Food Management System version 1.0 Description A flaw exists in Refugee Food Management System 1.0 that allows for SQL injection. Manipulation of the arguments refNo, Fname, Lname, sex, age, contact, and nationality nid can lead to a...

9.8CVSS7.4AI score0.00019EPSS

Exploits1References9

Positive Technologies•added 2025/12/29 12:0 a.m.•0 views

PT-2025-53787

Name of the Vulnerable Software and Affected Versions SohuTV CacheCloud versions up to 3.2.0 Description A flaw exists in SohuTV CacheCloud that allows for cross site scripting. This issue is related to the taskQueueList function within the file...

4.8CVSS5.5AI score0.00022EPSS

Exploits1References9

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2014-1234

Malware in sbrugna...

9.8CVSS6AI score0.00297EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2014-1236

Malware in sbrugna...

9.8CVSS6AI score0.00291EPSS

Exploits0References4