CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

83899 matches found

CNNVD•added 2026/03/21 12:0 a.m.•3 views

WordPress plugin Redirect countdown 跨站请求伪造漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

4.3CVSS5.7AI score0.00016EPSS

Exploits0References3

GithubExploit•added 2026/03/18 4:29 p.m.•104 views

Exploit for Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Openssl

🔐 SSH Exploit Tool Educational Use Only 📌 Description Th...

7.8CVSS7AI score0.04353EPSS

Exploits6

Tenable Nessus•added 2026/03/18 12:0 a.m.•1 views

EulerOS Virtualization 2.13.1 : bind (EulerOS-SA-2026-1633)

According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : In specific circumstances, due to a weakness in the Pseudo Random Number Generator PRNG that is used, it is possible for an attacker ...

8.6CVSS6.9AI score0.00025EPSS

Exploits1References3

Packet Storm News•added 2026/03/18 12:0 a.m.•2 views

A New Approach to Code Smoothing Bounds

To analyze the security of code-based cryptosystems, the smoothing parameter, which is closely related to the total variation distance of codes, has been investigated. While previous studies have bounded this distance using the Fourier transform on locally compact abelian groups, we take an...

5.8AI score

Exploits0

Tenable Nessus•added 2026/03/17 12:0 a.m.•2 views

EulerOS Virtualization 2.12.0 : bind (EulerOS-SA-2026-1474)

8.6CVSS5.9AI score0.00025EPSS

Exploits1References3

Tenable Nessus•added 2026/03/17 12:0 a.m.•4 views

EulerOS Virtualization 2.12.1 : bind (EulerOS-SA-2026-1417)

8.6CVSS5.9AI score0.00025EPSS

Exploits1References3

OSV•added 2026/03/16 2:3 p.m.•6 views

USN-8095-1 linux, linux-aws, linux-gcp, linux-gcp-6.8, linux-gke, linux-gkeop, linux-hwe-6.8, linux-ibm, linux-ibm-6.8, linux-lowlatency, linux-lowlatency-hwe-6.8, linux-oracle, linux-oracle-6.8 vulnerabilities

Qualys discovered that several vulnerabilities existed in the AppArmor Linux kernel Security Module LSM. An unprivileged local attacker could use these issues to load, replace, and remove arbitrary AppArmor profiles causing denial of service, exposure of sensitive information kernel memory, local...

7.8CVSS6.8AI score0.03752EPSS

Exploits6References425

Tenable Nessus•added 2026/03/16 12:0 a.m.•2 views

EulerOS 2.0 SP11 : bind (EulerOS-SA-2026-1570)

According to the versions of the bind packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : In specific circumstances, due to a weakness in the Pseudo Random Number Generator PRNG that is used, it is possible for an attacker to predict the...

8.6CVSS5.9AI score0.00025EPSS

Exploits1References3

CNNVD•added 2026/03/16 12:0 a.m.•4 views

Philips Hue Bridge 安全漏洞

The Philips Hue Bridge is a smart lighting gateway device developed by the Japanese company Philips Hue. There is a security vulnerability in the Philips Hue Bridge, which stems from the use of static random numbers in the SRP authentication mechanism, potentially allowing authentication bypass...

8.1CVSS7.2AI score0.00159EPSS

Exploits0References1

CNNVD•added 2026/03/13 12:0 a.m.•4 views

WordPress plugin wpDiscuz 跨站请求伪造漏洞

5.4CVSS5.7AI score0.00025EPSS

Exploits0References3

CNNVD•added 2026/03/13 12:0 a.m.•3 views

WordPress plugin wpDiscuz 安全漏洞

8.7CVSS5.8AI score0.00048EPSS

Exploits1References3

CNNVD•added 2026/03/13 12:0 a.m.•2 views

WordPress plugin wpDiscuz 安全漏洞

8.7CVSS5.8AI score0.00172EPSS

Exploits0References3

IBM Security Bulletins•added 2026/03/11 10:24 p.m.•4 views

Security Bulletin: IBM Sterling B2B Integrator and IBM Sterling File Gateway are Vulnerable due to Cryptographic Weakness in IBM Liberty Server ( CVE-2020-36732)

Summary IBM Sterling B2B Integrator and IBM Sterling File Gateway have addressed the cryptographic weakness vulnerability Vulnerability Details CVEID:CVE-2020-36732 DESCRIPTION: The crypto-js package before 3.2.1 for Node.js generates random numbers by concatenating the string "0." with an intege...

5.3CVSS5.8AI score0.00876EPSS

Exploits0Affected Software1

Fedora•added 2026/03/11 12:49 a.m.•3 views

[SECURITY] Fedora 43 Update: perl-Crypt-SysRandom-XS-0.011-1.fc43

This module uses whatever C interface is available to procure cryptographically random data from the system...

7.5CVSS5.8AI score0.00062EPSS

Exploits0

CNNVD•added 2026/03/10 12:0 a.m.•2 views

generatedata 安全漏洞

Generatedata is a random data generation engine developed by Ben Keen as an individual developer. Version 4.0.14 of Generatedata contains a security vulnerability, which stems from improper input during web page generation...

6.1CVSS5.8AI score0.00053EPSS

Exploits0References4

Packet Storm•added 2026/03/09 12:0 a.m.•94 views

📄 Jinja 2 1.4.0 Tactical RMM SSTI Detection

This proof of concept script detects potential server-side template injection vulnerabilities in web applications using template engines such as Jinja. The script sends a dynamically generated mathematical expression within a template payload to a target URL parameter. If the server evaluates the...

5.8AI score

Exploits0

OSV•added 2026/03/07 2:31 a.m.•3 views

GHSA-C8M8-3JCR-6RJ5 FUXA has a hardcoded fallback JWT signing secret

FUXA used a static fallback JWT signing secret frangoteam751 when no secretCode was configured. If authentication was enabled without explicitly setting a custom secret, an attacker who knew the default value could forge valid JWT tokens and bypass authentication. This issue has been addressed in...

9.3CVSS5.7AI score0.04529EPSS

Exploits0References4