CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

218 matches found

netty-handler: netty-handler: IPv6 subnet rule bypass due to incorrect masking operation

A flaw was found in netty-handler, a component of the Netty network application framework. A remote attacker can exploit an incorrect masking operation in the IpSubnetFilterRule.compareTo function to bypass configured IPv6 subnet rules. This allows valid public IP addresses to circumvent intended...

8.1CVSS5.3AI score0.00407EPSS

Exploits0References7

CNNVD•added 2026/05/04 12:0 a.m.•6 views

MCP Server for ArangoDB 路径遍历漏洞

MCP Server for ArangoDB is a database interaction tool based on ArangoDB, developed by Alp Sarıyer. Versions of MCP Server for ArangoDB 0.4.7 and earlier had a path traversal vulnerability. This vulnerability stemmed from the function arangobackup in the MCP Interface component, which allowed for...

6.5CVSS6.6AI score0.00288EPSS

Exploits0References1

CVE•added 2026/04/06 5:45 p.m.•9 views

CVE-2026-5672

The CVE concerns code-projects Simple IT Discussion Forum 1.0. The issue resides in the Parameter Handler’s /edit-category.php, where manipulating the category ID (cat_id) enables SQL injection. This can be triggered remotely, and the exploit has been publicly disclosed. No remediation details ar...

7.5CVSS6.8AI score0.00254EPSS

Exploits0References5

IBM Security Bulletins•added 2026/03/18 4:7 p.m.•9 views

Security Bulletin: IBM Sterling Control Center is affected by vulnerabilities in IBM Semeru Runtime Quarterly CPU - Jan 2026

Summary IBM Sterling Control Center is affected by a vulnerability CVE-2026-21945, CVE-2026-21932, CVE-2026-21933, CVE-2026-21925, CVE-2026-1188 of IBM Semeru Runtime Quarterly CPU - Jan 2026 Vulnerability Details CVEID:CVE-2026-21945 DESCRIPTION: Java SE is vulnerable to a denial of service,...

9.8CVSS7.1AI score0.00547EPSS

Exploits1Affected Software1