CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

39 matches found

Zimbra Collaboration Suite - Memcached Command Injection

Zimbra Collaboration Suite versions 8.8.15 and 9.0 contain a memcached command injection vulnerability that allows an unauthenticated attacker to inject arbitrary memcache commands into a targeted instance, leading to cache poisoning and potential credential theft. id: CVE-2022-27924 info: name:...

7.5CVSS7.5AI score0.84593EPSS

Exploits2References2

RedhatCVE•added 2026/04/07 11:1 p.m.•4 views

CVE-2026-5708

Unsanitized control of user-modifiable attributes in the session creation component in AWS Research and Engineering Studio RES prior to version 2026.03 could allow an authenticated remote user to escalate privileges, assume the virtual desktop host instance profile permissions, and interact with...

8.8CVSS5.9AI score0.00841EPSS

Exploits1References1

Cvelist•added 2026/04/06 9:28 p.m.•15 views

CVE-2026-5708 Improper Control of User-Modifiable Attributes in RES CreateSession API

8.8CVSS0.00841EPSS

Exploits1References3

IBM Security Bulletins•added 2026/03/31 3:5 p.m.•5 views

Security Bulletin: IBM App Connect Enterprise Certified Container is vulnerable to loss of confidentiality (CVE-2025-68121)

Summary IBM App Connect Enterprise Certified Container operator and DesignerAuthoring, IntegrationRuntime and IntegrationServer operands are vulnerable to loss of confidentiality. This bulletin provides patch information to address the reported vulnerability in Golang module crypto/tls...

10CVSS6.7AI score0.00765EPSS

Exploits1Affected Software1

OSV•added 2026/02/25 9:16 p.m.•3 views

CVE-2026-22721

VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with privileges in vCenter to access Aria Operations may leverage this vulnerability to obtain administrative access in VMware Aria Operations. To remediate CVE-2026-22721, apply the patches listed in the 'Fix...

7.2CVSS5.8AI score0.00686EPSS

Exploits0References2

RedhatCVE•added 2025/09/30 8:56 p.m.•11 views

CVE-2025-34229

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 VA/SaaS deployments contain a blind server-side request forgery SSRF vulnerability reachable via the /var/www/app/consolerelease/hp/installApp.php script that can be...

6.9CVSS7.2AI score0.00484EPSS

Exploits1References1

OSV•added 2025/09/29 9:15 p.m.•1 views

CVE-2025-34234

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 VA/SaaS deployments contain two hardcoded private keys that are shipped in the application containers printerlogic/pi, printerlogic/printer-admin-api, and printercloud/pi...

7.5CVSS5.7AI score0.00374EPSS

Exploits1References4

Vulnrichment•added 2025/09/29 8:42 p.m.•3 views

CVE-2025-34220 Vasion Print (formerly PrinterLogic) Unauthenticated API Leaks Group Information

Vasion Print formerly PrinterLogic Virtual Appliance Host prior to version 25.1.102 and Application prior to version 25.1.1413 VA/SaaS deployments contains a /api-gateway/identity/search-groups endpoint that does not require authentication. Requests to...

6.9CVSS6.5AI score0.00658EPSS

Exploits1References4

Openbugbounty•added 2023/12/13 10:0 p.m.•6 views

talleresforo.com Improper Access Control vulnerability OBB-3812714

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score

Exploits0

Openbugbounty•added 2023/10/10 8:36 a.m.•11 views

plantr.nl Cross Site Scripting vulnerability OBB-3738773

6.1AI score

Exploits0

Openbugbounty•added 2023/06/08 5:53 a.m.•6 views

asv-karate.de Cross Site Scripting vulnerability OBB-3404087

6.1AI score

Exploits0

Openbugbounty•added 2023/05/16 8:44 p.m.•8 views

neurozentrum-bern.ch Cross Site Scripting vulnerability OBB-3345788