CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21 matches found

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2022-29036

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.0909EPSS

Exploits2References2

RedhatCVE•added 2025/05/23 4:58 a.m.•3 views

CVE-2023-6868

In some instances, the user-agent would allow push requests which lacked a valid VAPID even though the push manager subscription defined one. This could allow empty messages to be sent from unauthorized parties. This bug only affects Firefox on Android. This vulnerability affects Firefox 121...

4.3CVSS6AI score0.00128EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 11:57 p.m.•4 views

CVE-2022-24125

The matchmaking servers of Bandai Namco FromSoftware Dark Souls III through 2022-03-19 allow remote attackers to send arbitrary push requests to clients via a RequestSendMessageToPlayers request. For example, ability to send a push message to hundreds of thousands of machines is only restricted o...

8.8CVSS7.1AI score0.0909EPSS

Exploits2References1

AlpineLinux•added 2023/12/19 2:15 p.m.•27 views

CVE-2023-6868

4.3CVSS6.3AI score0.00128EPSS

Exploits0

NVD•added 2023/12/19 2:15 p.m.•15 views

CVE-2023-6868

4.3CVSS0.00128EPSS

Exploits0References3

UbuntuCve•added 2023/12/19 2:15 p.m.•31 views

CVE-2023-6868

4.3CVSS6.8AI score0.00128EPSS

Exploits0References4

Prion•added 2023/12/19 2:15 p.m.•16 views

Design/Logic Flaw

4.3CVSS6.2AI score0.00128EPSS

Exploits0References3Affected Software1

OSV•added 2023/12/19 2:15 p.m.•0 views

UBUNTU-CVE-2023-6868

4.3CVSS6.5AI score0.00128EPSS

Exploits0References5

Cvelist•added 2023/12/19 1:38 p.m.•25 views

CVE-2023-6868

5.7AI score0.00128EPSS

Exploits0References3

Debian CVE•added 2023/12/19 1:38 p.m.•25 views

CVE-2023-6868

4.3CVSS6.9AI score0.00128EPSS

Exploits0

Github Security Blog•added 2022/05/17 12:13 a.m.•17 views

JBoss RichFaces Improper Input Validation vulnerability

The doFilter function in webapp/PushHandlerFilter.java in JBoss RichFaces 4.3.4, 4.3.5, and 5.x allows remote attackers to cause a denial of service memory consumption and out-of-memory error via a large number of malformed atmosphere push requests...

4.3CVSS8.5AI score0.0064EPSS

Exploits3References7Affected Software1

NVD•added 2022/03/20 1:15 a.m.•8 views

CVE-2022-24125

8.8CVSS0.0909EPSS

Exploits2References2

OSV•added 2022/03/20 1:15 a.m.•1 views

CVE-2022-24125

8.8CVSS7.4AI score0.0909EPSS

Exploits2References2

Prion•added 2022/03/20 1:15 a.m.•9 views

Authentication flaw

6.5CVSS8.6AI score0.0909EPSS

Exploits2References2Affected Software1

CVE•added 2022/03/20 12:3 a.m.•115 views

CVE-2022-24125

Dark Souls III’s matchmaking server vulnerability CVE-2022-24125 allows remote attackers to send arbitrary push messages to clients via RequestSendMessageToPlayers, bypassing client-side restrictions. The issue affects DS3 versions up to 2022-03-19 and can enable large-scale pushes to hundreds of...

8.8CVSS8.5AI score0.0909EPSS

Exploits2References2Affected Software1

Cvelist•added 2022/03/20 12:3 a.m.•14 views

CVE-2022-24125

8.8AI score0.0909EPSS

Exploits2References2

Github Security Blog•added 2021/02/26 5:28 p.m.•209 views

Open redirects on some federation and push requests

Impact Requests to user provided domains were not restricted to external IP addresses when calculating the key validity for third-party invite events and sending push notifications. This could cause Synapse to make requests to internal infrastructure. The type of request was not controlled by the...

6.1CVSS1.4AI score0.00322EPSS

Exploits0References8Affected Software1

OSV•added 2021/02/26 5:28 p.m.•16 views

GHSA-V936-J8GP-9Q3P Open redirects on some federation and push requests

6.3CVSS6.3AI score0.00322EPSS

Exploits0References8

NVD•added 2014/03/31 2:58 p.m.•13 views

CVE-2014-0086

4.3CVSS6.5AI score0.0064EPSS

Exploits3References5

Prion•added 2014/03/31 2:58 p.m.•19 views

Design/Logic Flaw