CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

160571 matches found

OSV•added yesterday•3 views

ROOT-OS-DEBIAN-11-CVE-2025-38103 CVE-2025-38103 in rootio-linux - Patched by Root

Root has patched CVE-2025-38103 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

7.1CVSS7.8AI score0.00175EPSS

Exploits0

OSV•added yesterday•3 views

ROOT-OS-DEBIAN-11-CVE-2022-49579 CVE-2022-49579 in rootio-linux - Patched by Root

Root has patched CVE-2022-49579 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

4.7CVSS6.7AI score0.00176EPSS

Exploits0

OSV•added yesterday•4 views

ROOT-OS-DEBIAN-11-CVE-2026-31416 CVE-2026-31416 in rootio-linux - Patched by Root

Root has patched CVE-2026-31416 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

5.5CVSS6.2AI score0.00115EPSS

Exploits0

OSV•added yesterday•3 views

ROOT-OS-DEBIAN-11-CVE-2026-31600 CVE-2026-31600 in rootio-linux - Patched by Root

Root has patched CVE-2026-31600 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

5.5CVSS5.2AI score0.0029EPSS

Exploits0

OSV•added yesterday•8 views

ROOT-OS-DEBIAN-11-CVE-2026-43072 CVE-2026-43072 in rootio-linux - Patched by Root

Root has patched CVE-2026-43072 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

5.5CVSS5.8AI score0.00114EPSS

Exploits0

OSV•added yesterday•4 views

ROOT-OS-DEBIAN-11-CVE-2025-21690 CVE-2025-21690 in rootio-linux - Patched by Root

Root has patched CVE-2025-21690 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

5.5CVSS6.9AI score0.00202EPSS

Exploits0

OSV•added yesterday•11 views

ROOT-OS-DEBIAN-11-CVE-2026-43328 CVE-2026-43328 in rootio-linux - Patched by Root

Root has patched CVE-2026-43328 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

7.8CVSS5.8AI score0.00129EPSS

Exploits0

OSV•added yesterday•4 views

ROOT-OS-DEBIAN-11-CVE-2022-49980 CVE-2022-49980 in rootio-linux - Patched by Root

Root has patched CVE-2022-49980 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

7.8CVSS7.9AI score0.00203EPSS

Exploits0

OSV•added yesterday•3 views

ROOT-OS-DEBIAN-11-CVE-2026-31597 CVE-2026-31597 in rootio-linux - Patched by Root

Root has patched CVE-2026-31597 in the rootio-linux package for Root:Debian:11. Multiple fixed versions available...

7.8CVSS5.8AI score0.00128EPSS

Exploits0

Nuclei•added yesterday•33 views

DedeCMS 5.7.109 - Server-Side Request Forgery

Manipulation of the rssurl parameter in codo.php leads to server-side request forgery in DedeCMS version 5.7.109. id: CVE-2023-3578 info: name: DedeCMS 5.7.109 - Server-Side Request Forgery author: ritikchaddha severity: critical description: | Manipulation of the rssurl parameter in codo.php lea...

9.8CVSS6.3AI score0.03409EPSS

Exploits1References2

Nuclei•added yesterday•31 views

ServiceNow - Cross-Site Scripting

ServiceNow through San Diego Patch 4b and Patch 6 contains a cross-site scripting vulnerability in the logout functionality, which can enable an unauthenticated remote attacker to execute arbitrary JavaScript. id: CVE-2022-38463 info: name: ServiceNow - Cross-Site Scripting author: amanrawat...

6.1CVSS6.5AI score0.02258EPSS

Exploits0References5

Nuclei•added yesterday•34 views

Zitadel - User Registration Bypass

The open-source identity infrastructure software Zitadel allows administrators to disable the user self-registration. Due to a missing security check in versions prior to 2.64.0, 2.63.5, 2.62.7, 2.61.4, 2.60.4, 2.59.5, and 2.58.7, disabling the "User Registration allowed" option only hid the...

7.5CVSS7.1AI score0.02572EPSS

Exploits0References2

Nuclei•added yesterday•34 views

Jolokia 1.3.7 - Cross-Site Scripting

Jolokia 1.3.7 is vulnerable to cross-site scripting in the HTTP servlet and allows an attacker to execute malicious JavaScript in the victim's browser. id: CVE-2018-1000129 info: name: Jolokia 1.3.7 - Cross-Site Scripting author: mavericknerd,0h1in9e,daffainfo severity: medium description: |...

6.1CVSS6.5AI score0.25459EPSS

Exploits1References5

Nuclei•added yesterday•215 views

Oracle WebLogic Server - Remote Code Execution

The Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: WLS - Web Services is susceptible to a remote code execution vulnerability that is easily exploitable and could allow unauthenticated attackers with network access via HTTP to compromise the server. Supported versions...

9.8CVSS7.8AI score0.50224EPSS

Exploits7References5

Nuclei•added yesterday•25 views

DomainMOD 4.11.01 - Cross-Site Scripting

DomainMOD 4.11.01 contains a cross-site scripting vulnerability via /admin/ssl-fields/add.php Display Name, Description & Notes field parameters. id: CVE-2018-19751 info: name: DomainMOD 4.11.01 - Cross-Site Scripting author: arafatansari severity: medium description: | DomainMOD 4.11.01 contains...

4.8CVSS5.9AI score0.03316EPSS

Exploits6References4

Nuclei•added yesterday•65 views

WSO2 Carbon Management Console <=5.10 - Cross-Site Scripting

WSO2 Management Console through 5.10 is susceptible to reflected cross-site scripting which can be exploited by tampering a request parameter in Management Console. This can be performed in both authenticated and unauthenticated requests. id: CVE-2020-17453 info: name: WSO2 Carbon Management...

6.1CVSS6.2AI score0.26118EPSS

Exploits2References5

Nuclei•added yesterday•22 views

DomainMOD 4.11.01 - Cross-Site Scripting

DomainMOD 4.11.01 contains a cross-site scripting vulnerability via assets/add/account-owner.php Owner name field. id: CVE-2018-19749 info: name: DomainMOD 4.11.01 - Cross-Site Scripting author: arafatansari severity: medium description: | DomainMOD 4.11.01 contains a cross-site scripting...

4.8CVSS5.9AI score0.03331EPSS

Exploits6References5

Nuclei•added yesterday•51 views

Atlassian Jira Confluence - Cross-Site Scripting

Atlassian Jira Confluence before version 7.6.6, from version 7.7.0 before version 7.7.4, from version 7.8.0 before version 7.8.4, and from version 7.9.0 before version 7.9.2, allows remote attackers to inject arbitrary HTML or JavaScript via a cross-site scripting vulnerability in the error messa...

6.1CVSS6.7AI score0.37611EPSS

Exploits0References5

Nuclei•added yesterday•40 views

Adobe Experience Manager - XML External Entity Injection

Adobe Experience Manager 6.5, 6.4, 6.3 and 6.2 are susceptible to XML external entity injection. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. id: CVE-2019-8086 info: name: Adobe...

7.5CVSS7.2AI score0.24257EPSS

Exploits0References5

Nuclei•added yesterday•31 views

MetInfo 7.0.0 beta - SQL Injection

MetInfo 7.0.0 beta is susceptible to SQL injection via the admin/?n=language&c=languagegeneral&a=doSearchParameter appno parameter a different issue than CVE-2019-16997. id: CVE-2019-17418 info: name: MetInfo 7.0.0 beta - SQL Injection author: ritikchaddha severity: high description: | MetInfo...

7.2CVSS7.1AI score0.49299EPSS

Exploits1References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by