CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

NVD•added 2026/05/29 7:16 p.m.•12 views

CVE-2026-47742

Shopper is a Headless e-commerce Admin Panel. Prior to 2.8.0, Sub-form Livewire components used in the product editor Edit, Inventory, Seo, Shipping, Files had no authorization on their store method. Any authenticated panel user, regardless of role, could mutate any product's pricing, stock, SEO...

6.5CVSS0.00029EPSS

Exploits0References2

CVE•added 2026/04/14 1:18 a.m.•12 views

CVE-2026-39425

CVE-2026-39425 affects MaxKB (enterprise AI assistant). Versions 2.7.1 and earlier allow Stored XSS via unsanitized tags in the Application prologue, stored through /admin/api/workspace/{workspace_id}/application and rendered by the frontend via innerHTML, enabling persistent XSS and potential s...

5.4CVSS6AI score0.0004EPSS

Exploits0References2Affected Software1

EUVD•added 2025/10/03 8:7 p.m.•12 views

EUVD-2025-25199

Malicious code in bioql PyPI...

5.4CVSS6.6AI score0.00049EPSS

Exploits1References1

Positive Technologies•added 2025/08/19 12:0 a.m.•4 views

PT-2025-33855 · Flaskblog · Flaskblog

Name of the Vulnerable Software and Affected Versions: flaskBlog versions prior to 2.8.0 Description: flaskBlog is a blog application built with Flask. A flaw exists where there is no validation of comment ownership during deletion. This allows any user to delete comments belonging to other users...

6.9CVSS7.1AI score0.00118EPSS

Exploits1References4

CNNVD•added 2025/03/17 12:0 a.m.•1 views

NASK PIB BotSense 安全漏洞

NASK PIB BotSense is a financial sector protection system from NASK. A security vulnerability exists in NASK PIB BotSense versions prior to 2.8.0, which stems from a string encoding error that could result in the injection of additional field separators in some fields of a generated event...

6.3CVSS7AI score0.00163EPSS

Exploits0References4

Positive Technologies•added 2022/02/04 12:0 a.m.•2 views

PT-2022-16094 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1, 2.6.3, and 2.5.3 are also affected Description: The implementation of GetInitOp is vulnerable to a crash caused by dereferencing a null pointer. This issue can be exploited by a...

7.1CVSS6.3AI score0.00221EPSS

Exploits1References13

Positive Technologies•added 2022/02/03 12:0 a.m.•3 views

PT-2022-15081 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.8.0 TensorFlow versions 2.7.1, 2.6.3, and 2.5.3 are also affected Description: The implementation of SparseCountSparseOutput in TensorFlow is vulnerable to a heap overflow. This issue can be exploited using the...

8.8CVSS8.5AI score0.00313EPSS

Exploits1References14

CNVD•added 2018/06/08 12:0 a.m.•2 views

Cloud Foundry Diego Privilege Gain Vulnerability

Cloud Foundry Diego is a container management system used in the Cloud Foundry cloud computing platform from the Cloud Foundry Foundation in the United States. A security vulnerability exists in Cloud Foundry Diego versions prior to 2.8.0, which stems from the program's failure to properly filter...

7.2CVSS7.2AI score0.00647EPSS

Exploits0References1

Positive Technologies•added 2015/12/04 12:0 a.m.•2 views

PT-2018-19151

Name of the Vulnerable Software and Affected Versions mbed TLS versions prior to 2.1.11 mbed TLS versions prior to 2.7.2 mbed TLS versions prior to 2.8.0 Description The issue is related to a buffer over-read in the ssl parse server key exchange function, which could cause a crash when handling...

7.5CVSS6.8AI score0.00652EPSS

Exploits0References25

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by