CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

23 matches found

RedhatCVE•added 2026/01/09 11:24 a.m.•10 views

CVE-2021-31864

Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows attackers to bypass the addissuenotes permission requirement by leveraging the incoming mail handler...

5.3CVSS6.7AI score0.00217EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:24 a.m.•4 views

CVE-2021-31866

Redmine before 4.0.9 and 4.1.x before 4.1.3 allows an attacker to learn the values of internal authentication keys by observing timing differences in string comparison operations within SysController and MailHandlerController...

5.3CVSS6.9AI score0.00442EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:18 a.m.•3 views

CVE-2019-18890

A SQL injection vulnerability in Redmine through 3.2.9 and 3.3.x before 3.3.10 allows Redmine users to access protected information via a crafted object query...

6.5CVSS7.4AI score0.27968EPSS

Exploits2References1

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2017-7024

Malware in sbrugna...

7.5CVSS7.6AI score0.00583EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-17100

Malware in sbrugna...

9.8CVSS9.2AI score0.00209EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•0 views

EUVD-2015-8356

Malware in sbrugna...

7.4CVSS7.3AI score0.00365EPSS

Exploits0References7

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-18740

Malware in sbrugna...

5.3CVSS5.2AI score0.00391EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2009-4049

Malware in sbrugna...

4.3CVSS6.2AI score0.00705EPSS

Exploits0References10

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2017-7025

Malware in sbrugna...

6.1CVSS6.5AI score0.00381EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2017-7022

Malware in sbrugna...

6.1CVSS6.5AI score0.00517EPSS

Exploits0References6

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-15911

Malware in sbrugna...

6.1CVSS6.1AI score0.00323EPSS

Exploits1References4

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2021-29300

Malicious code in bioql PyPI...

5.3CVSS5.4AI score0.00506EPSS

Exploits0References6

RedhatCVE•added 2025/05/22 8:3 p.m.•6 views

CVE-2021-37156

Redmine 4.2.0 and 4.2.1 allow existing user sessions to continue upon enabling two-factor authentication for the user's account, but the intended behavior is for those sessions to be terminated...

7.5CVSS7AI score0.00248EPSS

Exploits0References1

OSV•added 2024/03/06 11:5 a.m.•21 views

BIT-REDMINE-2021-30163

Redmine before 4.0.8 and 4.1.x before 4.1.2 allows attackers to discover the names of private projects if issue-journal details exist that have changes to projectid values...

7.5CVSS7.4AI score0.00495EPSS

Exploits0References3

Vulnrichment•added 2023/11/05 12:0 a.m.•12 views

CVE-2023-47260

Redmine before 4.2.11 and 5.0.x before 5.0.6 allows XSS via thumbnails...

6.1AI score0.00542EPSS

Exploits0References1

Vulnrichment•added 2022/12/12 12:0 a.m.•3 views

CVE-2022-44637

Redmine before 4.2.9 and 5.0.x before 5.0.4 allows persistent XSS in its Textile formatter due to improper sanitization in Redcloth3 Textile-formatted fields. Depending on the configuration, this may require login as a registered user...

6AI score0.00669EPSS

Exploits0References1

Debian CVE•added 2022/12/06 12:0 a.m.•44 views

CVE-2022-44030

Redmine 5.x before 5.0.4 allows downloading of file attachments of any Issue or any Wiki page due to insufficient permission checks. Depending on the configuration, this may require login as a registered user...

7.5CVSS7.4AI score0.0035EPSS

Exploits0

NVD•added 2021/04/28 7:15 a.m.•13 views

CVE-2021-31864

Redmine before 4.0.9, 4.1.x before 4.1.3, and 4.2.x before 4.2.1 allows attackers to bypass the addissuenotes permission requirement by leveraging the incoming mail handler...

5.3CVSS0.00217EPSS

Exploits0References3

Debian CVE•added 2021/03/29 3:46 a.m.•22 views

CVE-2021-29274

Redmine 4.1.x before 4.1.2 allows XSS because an issue's subject is mishandled in the auto complete tip...

6.1CVSS6AI score0.00323EPSS

Exploits1

Prion•added 2017/10/18 2:29 a.m.•13 views

Code injection

In Redmine before 3.2.8, 3.3.x before 3.3.5, and 3.4.x before 3.4.3, XSS exists in app/helpers/querieshelper.rb via a multi-value field with a crafted value that is mishandled during rendering of an issue list...

4.3CVSS6AI score0.00432EPSS

Exploits0References4Affected Software2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by