CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Software: httpd 2.4.37 OS: ROSA Virtualization 3.0 packageevrstring: httpd-2.4.37-62.rv30 CVE-ID: CVE-2024-38472 BDU-ID: 2024-05354 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the Apache HTTP Server web server is related to insufficient validation of incoming requests. Exploitation of the...

9.1CVSS7.6AI score0.9067EPSS

Exploits6

RedhatCVE•added 2025/05/22 8:59 a.m.•7 views

CVE-2019-9958

CSRF within the admin panel in Quadbase EspressReport ES ERES v7.0 update 7 allows remote attackers to escalate privileges, or create new admin accounts by crafting a malicious web page that issues specific requests, using a target admin's session to process their requests...

8.8CVSS7.4AI score0.00206EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 6:34 a.m.•2 views

CVE-2018-14062

The COSPAS-SARSAT protocol allows remote attackers to forge messages, replay encrypted messages, conduct denial of service attacks, and send private messages unrelated to distress alerts via a crafted 406 MHz digital signal...

9.4CVSS6.9AI score0.00757EPSS

Exploits0References1

Tenable Nessus•added 2025/03/04 12:0 a.m.•8 views

Linux Distros Unpatched Vulnerability : CVE-2015-3405

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest...

7.5CVSS7.2AI score0.16556EPSS

Exploits0References2

Tenable Nessus•added 2025/03/04 12:0 a.m.•11 views

Linux Distros Unpatched Vulnerability : CVE-2018-9133

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ImageMagick 7.0.7-26 Q16 has excessive iteration in the DecodeLabImage and EncodeLabImage functions coders/tiff.c, which results in a hang tens of minutes with ...

6.5CVSS7.2AI score0.00265EPSS

Exploits1References2

Tenable Nessus•added 2025/03/04 12:0 a.m.•11 views

Linux Distros Unpatched Vulnerability : CVE-2015-4148

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The dosoapcall function in ext/soap/soap.c in PHP before 5.4.39, 5.5.x before 5.5.23, and 5.6.x before 5.6.7 does not verify that the uri property is a string,...

5CVSS6.8AI score0.11836EPSS

Exploits1References2

Positive Technologies•added 2024/08/20 12:0 a.m.•1 views

PT-2024-21720 · Unknown · Joomla! Cms

Name of the Vulnerable Software and Affected Versions: Joomla CMS versions 3.10.16, 4.4.6, 5.1.2 Description: The pagination class includes arbitrary parameters in links, leading to cache poisoning attack vectors. This issue poses undisclosed risks via remote attack. Recommendations: For Joomla C...

9.1CVSS9AI score0.0001EPSS

Exploits0References12

BDU FSTEC•added 2015/04/28 12:0 a.m.•2 views

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the qt4-dev-tools package of the Debian GNU/Linux operating system may lead to breaches of the confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

9.3CVSS7.1AI score0.15332EPSS

Exploits9References21Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by