CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

524 matches found

Positive Technologies•added 2026/01/22 12:0 a.m.•3 views

PT-2026-3932

Name of the Vulnerable Software and Affected Versions Sangfor Operation and Maintenance Management System versions up to 3.0.12 Description A flaw exists in Sangfor Operation and Maintenance Management System. This issue is related to the SessionController function within the SSH Protocol Handler...

9.8CVSS7.2AI score0.0028EPSS

Exploits1References10

Tenable Nessus•added 2026/01/20 12:0 a.m.•3 views

MiracleLinux 7 : firefox-91.4.0-1.0.1.el7.AXS7 (AXSA:2021-2597:33)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2021-2597:33 advisory. Mozilla: Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4 Mozilla: URL leakage when navigating while executing asynchronous function...

8.8CVSS8.1AI score0.00967EPSS

Exploits0References10

Tenable Nessus•added 2026/01/20 12:0 a.m.•3 views

MiracleLinux 8 : firefox-91.4.0-1.el8.ML.1 (AXSA:2022-2971:02)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2022-2971:02 advisory. Mozilla: Memory safety bugs fixed in Firefox 95 and Firefox ESR 91.4 Mozilla: URL leakage when navigating while executing asynchronous function...

8.8CVSS8.1AI score0.00967EPSS

Exploits0References10

Tenable Nessus•added 2026/01/20 12:0 a.m.•4 views

MiracleLinux 8 : firefox-128.4.0-1.el8_10.ML.1 (AXSA:2024-8962:36)

The remote MiracleLinux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2024-8962:36 advisory. firefox: thunderbird: History interface could have been used to cause a Denial of Service condition in the browser CVE-2024-10464 firefox:...

9.8CVSS7.5AI score0.00944EPSS

Exploits0References11

Tenable Nessus•added 2026/01/16 12:0 a.m.•1 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004779)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004779 advisory. A vulnerability classified as problematic has been found in Linux Kernel. This affects the function fibnhmatch of the file net/ipv4/fibsemantics.c of the component...

4.3CVSS5.4AI score0.00073EPSS

Exploits0References3

Vulnrichment•added 2026/01/09 9:32 p.m.•6 views

CVE-2025-15500 Sangfor Operation and Maintenance Management System HTTP POST Request getHis os command injection

A vulnerability was found in Sangfor Operation and Maintenance Management System up to 3.0.8. This issue affects some unknown processing of the file /isomp-protocol/protocol/getHis of the component HTTP POST Request Handler. The manipulation of the argument sessionPath results in os command...

10CVSS6.6AI score0.00374EPSS

Exploits1References5

RedhatCVE•added 2026/01/09 12:15 p.m.•10 views

CVE-2018-1000118

Github Electron version Electron 1.8.2-beta.4 and earlier contains a Command Injection vulnerability in Protocol Handler that can result in command execute. This attack appear to be exploitable via the victim opening an electron protocol handler in their browser. This vulnerability appears to hav...

9.3CVSS7.4AI score0.92322EPSS

Exploits31References1

Positive Technologies•added 2025/10/10 12:0 a.m.•0 views

PT-2025-41600

Name of the Vulnerable Software and Affected Versions Cherry Studio versions 1.7.0-alpha.4 and earlier Description Cherry Studio is a desktop client supporting multiple LLM providers. It registers a custom protocol, cherrystudio://, and when handling MCP installation URLs, it parses base64-encode...

9.6CVSS7AI score0.00076EPSS

Exploits1References12