CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

154 matches found

CNNVD•added 2026/04/21 12:0 a.m.•6 views

Oracle多款产品安全漏洞

Oracle Java SE, among others, are products of Oracle Corporation in the United States. Oracle Java SE is used for developing and deploying Java applications for desktops, servers, embedded devices, and real-time environments. Oracle GraalVM for JDK is a high-performance, multi-language runtime an...

3.7CVSS7.2AI score0.00258EPSS

Exploits0References2

RedhatCVE•added 2026/03/26 3:17 p.m.•2 views

CVE-2026-32405

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in xtemos WoodMart woodmart allows Retrieve Embedded Sensitive Data.This issue affects WoodMart: from n/a through = 8.3.9...

5.3CVSS5.8AI score0.0024EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:21 a.m.•7 views

CVE-2021-22309

There is insecure algorithm vulnerability in Huawei products. A module uses less random input in a secure mechanism. Attackers can exploit this vulnerability by brute forcing to obtain sensitive message. This can lead to information leak. Affected product versions include:USG9500 versions...

7.5CVSS6.3AI score0.00767EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:19 a.m.•8 views

CVE-2021-22342

There is an information leak vulnerability in Huawei products. A module does not deal with specific input sufficiently. High privilege attackers can exploit this vulnerability by performing some operations. This can lead to information leak. Affected product versions include: IPS Module versions...

4.9CVSS6.5AI score0.00563EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:41 a.m.•13 views

CVE-2022-35258

An unauthenticated attacker can cause a denial-of-service to the following products: Ivanti Connect Secure ICS in versions prior to 9.1R14.3, 9.1R15.2, 9.1R16.2, and 22.2R4, Ivanti Policy Secure IPS in versions prior to 9.1R17 and 22.3R1, and Ivanti Neurons for Zero-Trust Access in versions prior...

7.5CVSS6.9AI score0.02515EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:59 a.m.•7 views

CVE-2020-7473

In certain situations, all versions of Citrix ShareFile StorageZones aka storage zones Controller, including the most recent 5.10.x releases as of May 2020, allow unauthenticated attackers to access the documents and folders of ShareFile users. NOTE: unlike most CVEs, exploitability depends on th...

7.5CVSS6.9AI score0.27149EPSS

Exploits0References1

Cvelist•added 2026/01/06 3:52 p.m.•32 views

CVE-2020-36915 Adtec Digital SignEdje Digital Signage Player v2.08.28 Default Credentials

Adtec Digital SignEdje Digital Signage Player v2.08.28 contains multiple hardcoded default credentials that allow unauthenticated remote access to web, telnet, and SSH interfaces. Attackers can exploit these credentials to gain root-level access and execute system commands across multiple Adtec...

8.7CVSS0.0033EPSS

Exploits1References6

Positive Technologies•added 2026/01/06 12:0 a.m.•18 views

PT-2026-1449

8.7CVSS7.8AI score0.0033EPSS

Exploits1References7

NVD•added 2025/12/05 2:15 p.m.•3 views

CVE-2025-14085

A vulnerability has been found in youlaitech youlai-mall 1.0.0/2.0.0. This impacts an unknown function of the file /app-api/v1/orders/. The manipulation of the argument orderId leads to improper control of dynamically-identified variables. Remote exploitation of the attack is possible. The exploi...

8.8CVSS0.00337EPSS

Exploits1References4

Positive Technologies•added 2025/11/17 12:0 a.m.•3 views

PT-2025-47182

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. affected versions not specified Description The software suffers from improper input validation. This can lead to potential security risks. Recommendations At the moment, there is no information about a...

4.5CVSS6.4AI score0.0022EPSS

Exploits0References4