CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/03/26 5:16 p.m.•1 views

CVE-2026-27815

9.1CVSS0.00015EPSS

EUVD•added 2026/03/26 4:30 p.m.•3 views

EUVD-2026-16224

6.9CVSS5.8AI score0.00015EPSS

CVE•added 2026/03/26 4:30 p.m.•6 views

CVE-2026-27815

EVerest CVE-2026-27815 affects the EV charging software stack prior to version 2026.02.0. The flaw occurs in ISO15118_chargerImpl::handle_session_setup where a variable-length payment_options list is copied into a fixed-size array of length 2 without bounds checking. When schema validation is dis...

9.1CVSS5.8AI score0.00015EPSS

Exploits0References1Affected Software1

Cvelist•added 2026/03/26 4:30 p.m.•21 views

CVE-2026-27815 EVerest: ISO15118 session_setup payment options overflow can corrupt EVSE state

6.9CVSS0.00015EPSS

ATTACKERKB•added 2026/03/26 4:30 p.m.•2 views

CVE-2026-27815

6.9CVSS5.8AI score0.00015EPSS

Exploits0References2Affected Software1

OSV•added 2026/03/26 4:30 p.m.•0 views

CVE-2026-27815 EVerest: ISO15118 session_setup payment options overflow can corrupt EVSE state

6.9CVSS5.9AI score0.00015EPSS

Exploits0References3

Vulnrichment•added 2026/03/26 4:30 p.m.•1 views

CVE-2026-27815 EVerest: ISO15118 session_setup payment options overflow can corrupt EVSE state

6.9CVSS5.9AI score0.00015EPSS

Positive Technologies•added 2026/03/26 12:0 a.m.•3 views

PT-2026-28360

Name of the Vulnerable Software and Affected Versions EVerest versions prior to 2026.02.0 Description EVerest is an EV charging software stack. Before version 2026.02.0, the ISO15118 chargerImpl::handle session setup function copies a variable-length payment options list into a fixed-size array o...

6.9CVSS5.9AI score0.00015EPSS

Exploits0References4

CVE•added 2025/12/12 10:17 a.m.•7 views

CVE-2025-12841

CVE-2025-12841 affects the WordPress plugin Bookit . Prior to version 2.5.1, it exposes a publicly accessible REST endpoint that allows unauthenticated updates to the plugin’s Stripe payment options. Exposure stems from missing authorization on REST endpoints. The vulnerability is documented acro...

5.3CVSS6.7AI score0.01129EPSS

CNNVD•added 2025/12/12 12:0 a.m.•2 views

WordPress plugin Bookit 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

5.3CVSS6.5AI score0.01129EPSS

Positive Technologies•added 2025/12/12 12:0 a.m.•2 views

PT-2025-50919

The Bookit WordPress plugin before 2.5.1 has a publicly accessible REST endpoint that allows unauthenticated update of the plugins Stripe payment options...

7AI score0.01129EPSS

OSV•added 2024/12/06 11:15 a.m.•1 views

CVE-2024-11729

The KiviCare – Clinic & Patient Management System EHR plugin for WordPress is vulnerable to SQL Injection via the 'servicelist0serviceid' parameter of the getwidgetpaymentoptions AJAX action in all versions up to, and including, 3.6.4 due to insufficient escaping on the user supplied parameter an...

6.5CVSS7.3AI score0.00702EPSS

CNNVD•added 2023/05/11 12:0 a.m.•1 views

编号撤回

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, short message alerts and product image scaling. This CVE number has been withdrawn...

5.5AI score

Krebs on Security•added 2018/06/26 5:59 p.m.•22 views

How to Avoid Card Skimmers at the Pump

Previous stories here on the proliferation of card-skimming devices hidden inside fuel pumps have offered a multitude of security tips for readers looking to minimize their chances of becoming the next victim, such as favoring filling stations that use security cameras and tamper-evident tape on...

6.7AI score

Malwarebytes•added 2018/02/05 5:57 p.m.•10 views

Boomerang spam bombs Malwarebytes forum—not a smart move

Tech support scammers are generally not the best and brightest. As such, they will occasionally post ads for their fake companies in the comment sections here or on the Malwarebytes forums. Last week, however, scammers struggled with configuring their spambots, resulting in spam bombs on the foru...

6.7AI score

ThreatPost•added 2017/01/18 7:0 a.m.•12 views

Spora Ransomware Offers Unique Payment Options

Researchers are keeping close tabs on a new ransomware strain called Spora that offers victims unique payment options and comes with top-notch encryption. Spora was spotted last week by ransomware experts at BleepingComputer, who said after Spora encrypts files on your computer, it offers four...

0.1AI score

ThreatPost•added 2014/07/15 11:30 a.m.•11 views

New Kronos Banking Malware Advertised On Russian Forums

Criminals are advertising a new banking Trojan on Russian forums, one going for a hefty price and being marketed as a method of evading detection and analysis. To date, however, security researchers have yet to obtain a sample of Kronos, which is available on a few forums for pre-order at a cost ...

0.4AI score

seebug.org•added 2014/07/01 12:0 a.m.•19 views

Bs Business_Directory Script SQL Injection/Auth Bypass Vulnerability

No description provided by source. 1 1 0 I'm Sid3^effects member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 Name : Bs BusinessDirectory Script Sqli Vulnerability Date : july 5,2010 Critical Level : HIGH vendor URL...

7.1AI score

seebug.org•added 2014/07/01 12:0 a.m.•27 views

SAS Hotel Management System user_login.asp SQL Injection Vulnerability

No description provided by source. 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ /'\ \ /\ \ \ \ /'\ 0 0 \ \ /\ /\ \ \ \ /\ \ \ /\ /\ \ \ \ \ \ \ / 1 1 \ \ \ \\ \ \ /\ \...

7.1AI score