CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

25736 matches found

Positive Technologies•added 2026/05/26 12:0 a.m.•8 views

PT-2026-43387

A vulnerability was detected in itsourcecode Student Transcript Processing System 1.0. This affects an unknown part of the file /admin/modules/student/index.php?view=view. Performing a manipulation of the argument studentId results in sql injection. The attack can be initiated remotely. The explo...

7.5CVSS7AI score0.00259EPSS

Exploits0References6

Positive Technologies•added 2026/05/26 12:0 a.m.•8 views

PT-2026-43417

A weakness has been identified in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This impacts an unknown function of the file /index.php of the component SQL Handler. Executing a manipulation can lead to information exposure through error message. The attack may be...

5.3CVSS5.5AI score0.00242EPSS

Exploits0References7

CNNVD•added 2026/05/26 12:0 a.m.•5 views

OpenKM SQL注入漏洞

OpenKM is a document management system developed by OpenKM Company in Spain. This system offers features such as version control, file history, and file sharing. Version OpenKM 6.3.12 has a SQL injection vulnerability; this vulnerability stems from an unlimited SQL execution flaw, which could all...

8.6CVSS6.2AI score0.00641EPSS

Exploits0References7

CNNVD•added 2026/05/26 12:0 a.m.•7 views

itsourcecode Student Transcript Processing System SQL注入漏洞

itsourcecode Student Transcript Processing System is an open-source student transcript processing system developed by itsourcecode. Version 1.0 of the itsourcecode Student Transcript Processing System has a SQL injection vulnerability. This vulnerability arises from unknown code in the...

7.5CVSS7.2AI score0.00259EPSS

Exploits0References5

CNNVD•added 2026/05/26 12:0 a.m.•6 views

Code-Projects Project Management System SQL注入漏洞

Code-Projects Project Management System is an open-source project management system developed by Code-Projects. Version 1.0 of the Code-Projects Project Management System contains a SQL injection vulnerability. This vulnerability stems from incorrect operations in the chk.php file of the Login...

7.5CVSS7.2AI score0.00254EPSS

Exploits0References5

CNNVD•added 2026/05/26 12:0 a.m.•7 views

JeecgBoot 访问控制错误漏洞

JeecgBoot is a Java low-code platform developed by Jeecg Corporation, designed for enterprise web applications. Versions of JeecgBoot 3.9.1 and earlier contained a security vulnerability related to access control. This vulnerability stemmed from incorrect operations with the parameter...

5.3CVSS5.8AI score0.00222EPSS

Exploits0References7

CNNVD•added 2026/05/26 12:0 a.m.•9 views

Das Parking Management System SQL注入漏洞

Das Parking Management System is a parking management system developed by Das Real Technology Co., Ltd. Version 6.2.0 of Das Parking Management System has a SQL injection vulnerability. This vulnerability stems from the improper use of the xpcmdshell function in the API Endpoint component’s...

7.5CVSS7.2AI score0.00318EPSS

Exploits0References4

Positive Technologies•added 2026/05/26 12:0 a.m.•8 views

PT-2026-43388

A flaw has been found in itsourcecode Student Transcript Processing System 1.0. This vulnerability affects unknown code of the file /admin/modules/student/trans.php. Executing a manipulation of the argument studentId/cid can lead to sql injection. The attack can be launched remotely. The exploit...

7.5CVSS6.9AI score0.00259EPSS

Exploits0References6

Positive Technologies•added 2026/05/26 12:0 a.m.•10 views

PT-2026-43292

Name of the Vulnerable Software and Affected Versions com finder affected versions not specified Description Improperly built filter clauses lead to a SQL injection in the search query. SQL injection is a type of vulnerability that allows an attacker to interfere with the queries that an...

9.8CVSS5.9AI score0.0031EPSS

Exploits0References5

OSV•added 2026/05/26 12:0 a.m.•3 views

OPENSUSE-SU-2026:10862-1 yq-4.53.2-1.1 on GA media

These are all security issues fixed in the yq-4.53.2-1.1 package on the GA media of openSUSE Tumbleweed...

7.5CVSS6.9AI score0.00565EPSS

Exploits1References4

Tenable Nessus•added 2026/05/26 12:0 a.m.•25 views

Linux Distros Unpatched Vulnerability : CVE-2026-48842

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1 has Pre-authentication SQL injection in the virtuserquery plugin via a pregreplace backslash escape...

8.1CVSS5.9AI score0.0066EPSS

Exploits0References2

Tenable Nessus•added 2026/05/26 12:0 a.m.•13 views

Amazon Linux 2023 : amazon-ecr-credential-helper (ALAS2023-2026-1738)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1738 advisory. When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport...

7.5CVSS7.5AI score0.00577EPSS

Exploits0References16

Amazon•added 2026/05/26 12:0 a.m.•9 views

Important: runc

Issue Overview: When using LookupCNAME with the cgo DNS resolver, a very long CNAME response can trigger a double-free of C memory and a crash. CVE-2026-33811 When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a...

7.5CVSS7.5AI score0.00577EPSS

Exploits0

Amazon•added 2026/05/26 12:0 a.m.•13 views

Important: oci-add-hooks

7.5CVSS7.5AI score0.00577EPSS

Exploits0

Amazon•added 2026/05/26 12:0 a.m.•15 views

Important: amazon-ecr-credential-helper

7.5CVSS7.5AI score0.00577EPSS

Exploits0

Amazon•added 2026/05/26 12:0 a.m.•12 views

Important: containerd