CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added last week•30 views

CVE-2017-20264 Joomla! Component Sponsor Wall 8.0 SQL Injection

Joomla! Component Sponsor Wall 8.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the wallid parameter. Attackers can send GET requests to index.php with the option=comsponsorwall&task=click&wallid...

7.1CVSS0.00241EPSS

CVE•added last week•14 views

CVE-2017-20264

Summary: CVE-2017-20264 affects Joomla! Component Sponsor Wall 8.0. An SQL injection vulnerability exists in the wallid parameter via GET requests to index.php with option=com_sponsorwall&task=click&wallid, allowing unauthenticated attackers to execute arbitrary SQL and potentially exfiltrate cre...

7.1CVSS6.2AI score0.00241EPSS

EUVD•added last week•4 views

EUVD-2017-18989

Joomla! Component Ajax Quiz 1.8 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the cid parameter. Attackers can send GET requests to index.php with the option=comajaxquiz and view=ajaxquiz paramete...

CVE•added last week•14 views

CVE-2017-20262

CVE-2017-20262 affects the Joomla! extension Ajax Quiz (version 1.8). The vulnerability is an SQL injection in the cid parameter, exploitable via GET requests to index.php with option=com_ajaxquiz and view=ajaxquiz. An unauthenticated attacker can execute arbitrary SQL and retrieve sensitive data...

CVE•added last week•15 views

CVE-2017-20261

CVE-2017-20261 affects Joomla! Component Bargain Product VM3 1.0. It is an SQL injection vulnerability in the product_id parameter that allows unauthenticated attackers to execute arbitrary SQL queries by injecting code via GET requests to the brainy and alice views, enabling extraction of sensit...

Cvelist•added 2026/06/19 3:37 p.m.•24 views

CVE-2017-20258 Joomla! Component RPC Responsive Portfolio 1.6.1 SQL Injection

Joomla! Component RPC Responsive Portfolio 1.6.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers can send GET requests to index.php with option=compofos&view=pofo&id=SQL ...

8.8CVSS0.00334EPSS

CVE•added 2026/06/19 3:37 p.m.•12 views

CVE-2017-20258

CVE-2017-20258 concerns the Joomla! extension RPC Responsive Portfolio 1.6.1 . The vulnerability is an SQL injection in the affected component, exploitable by unauthenticated attackers via a crafted HTTP GET request to index.php with the query string option=com_pofos&view=pofo&id=[SQL]. The under...

CVE•added 2026/06/19 3:34 p.m.•12 views

CVE-2017-20257

Joomla! Component Quiz Deluxe 3.7.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL commands via the ajaxaction.flag_question task. Exploitation can occur by injecting malicious SQL through the stu_quiz_id or flag_quest parameters to manipula...

8.8CVSS6.3AI score0.00334EPSS

Cvelist•added 2026/06/19 3:27 p.m.•26 views

CVE-2017-20255 Joomla! Component JB Visa 1.0 SQL Injection via visatype

Joomla! Component JB Visa 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the visatype parameter. Attackers can send GET requests to index.php with the option=combookpro and view=popup parameter...

8.8CVSS0.00334EPSS

EUVD•added 2026/06/19 3:27 p.m.•3 views

EUVD-2017-18982

8.8CVSS6.3AI score0.00334EPSS

CVE•added 2026/06/19 3:24 p.m.•9 views

CVE-2017-20254

The CVE-2017-20254 entry concerns the Joomla! Component User Bench 1.0, which is vulnerable to SQL injection via the userid parameter in index.php? option=com_userbench&view=detail&userid. The underlying flaw allows unauthenticated attackers to execute arbitrary SQL and exfiltrate sensitive data ...

AstraLinux•added 2026/06/19 11:10 a.m.•5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: bnxten: The backing store type is set based on the query type. The bnxthwrmfuncbackingstoreqcapsv2 function stores resp-type from the firmware response in ctxm-type, and then uses that value to index fixed backing-store metadata...

5.5CVSS5.7AI score0.00121EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•5 views

Astra Linux – Vulnerabilities in Linux, Linux-5.15, Linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ACPI: EC: Fixed an oops error when removing custom query handlers. When removing custom query handlers, the handler may still be used within the EC query workqueue. This could lead to a kernel oops if the module that holds the...

5.6AI score0.00177EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•3 views

Astra Linux – Vulnerability in pgpool2

In Pgpool-II, there is a risk of exposing sensitive information due to incompatible policy issues. If a database user accesses the query cache, unauthorized table data may be retrieved for that user...

7.5CVSS6.7AI score0.00528EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•4 views

Astra Linux – Vulnerability in NTP

In the file libntp/mstolfp.c, within the NTP version 4.2.8p15, there is a buffer overflow vulnerability when copying the trailing number. An attacker may be able to exploit this vulnerability against a client’s NTPQ process, but they cannot exploit it against ntpd...

5.6CVSS7.1AI score0.00703EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•7 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: RDMA/ionic: Fixed a potential NULL pointer dereferencing in ionicqueryport. The function ionicqueryport calls ibdevicegetnetdev without checking the return value, which could lead to NULL pointer dereferencing. This issue has bee...

5.5CVSS5.6AI score0.00112EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•5 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been fixed: ksmbd: Fixed an out-of-bounds write issue in smb2getea. smb2getea applies a 4-byte alignment padding using memset after writing each EA entry. The bounds check on buffreelen is performed before the memcpy operation, but the...

9.8CVSS6AI score0.00394EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•6 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fixed the OOB write issue in QUERYINFO for compound requests. When a compound request such as READ + QUERYINFOSecurity is received, and the first command READ consumes most of the response buffer, ksmbd might write beyond...

8.8CVSS5.5AI score0.00507EPSS

AstraLinux•added 2026/06/19 11:10 a.m.•4 views

Astra Linux – Vulnerability in uriparser

A issue was discovered in uriparser through 0.9.7. The ComposeQueryEngine in UriQuery.c has an integer overflow due to long keys or values, resulting in a buffer overflow...

8.6CVSS7.4AI score0.01233EPSS