CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Stack Based Buffer Overflow vulnerability in Tenda AC9 v.3.0 with firmware version v.15.03.06.42multi allows a remote attacker to execute arbitrary code via the formSetDeviceName function...

8.8CVSS8AI score0.00994EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 4:59 a.m.•8 views

CVE-2023-51801

SQL Injection vulnerability in the Simple Student Attendance System v.1.0 allows a remote attacker to execute arbitrary code via a crafted payload to the id parameter in the studentform.php and the classform.php pages...

9.8CVSS8.7AI score0.07195EPSS

Exploits2

RedhatCVE•added 2025/05/23 3:44 a.m.•4 views

CVE-2023-30787

MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the people:id/introductions endpoint and firstmetadditionalinfo parameter...

5.4CVSS7.2AI score0.00234EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 3:18 p.m.•5 views

CVE-2020-21268

Cross Site Scripting vulnerability in EasySoft ZenTao v.11.6.4 allows a remote attacker to execute arbitrary code via the lastComment parameter...

6.1CVSS7.3AI score0.0023EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:17 p.m.•4 views

CVE-2020-20413

SQL injection vulnerability found in WUZHICMS v.4.1.0 allows a remote attacker to execute arbitrary code via the checktitle function in admin/content.php...

9.8CVSS8.6AI score0.00786EPSS

Exploits1

Cvelist•added 2025/05/21 12:0 a.m.•6 views

CVE-2024-57529

Cross Site Scripting vulnerability in Jeppesen JetPlanner Pro v.1.6.2.20 allows a remote attacker to execute arbitrary code...

0.00358EPSS

Exploits1References2

Ubuntu•added 2025/04/23 11:45 a.m.•14 views

USN-7431-2: HAProxy vulnerability

USN-7431-1 fixed a vulnerability in HAProxy. This update provides the corresponding update for Ubuntu 25.04. Original advisory details: Aleandro Prudenzano and Edoardo Geraci discovered that HAProxy incorrectly handled certain uncommon configurations that replace multiple short patterns with a...

6.8CVSS6.5AI score0.02113EPSS

Exploits0

NVD•added 2025/04/16 6:16 p.m.•9 views

CVE-2025-32869

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'ImportCertificate' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from a...

8.8CVSS0.00039EPSS

Exploits0References1

Cvelist•added 2025/04/16 5:38 p.m.•9 views

CVE-2025-32867

A vulnerability has been identified in TeleControl Server Basic All versions V3.1.2.2. The affected application is vulnerable to SQL injection through the internally used 'CreateBackup' method. This could allow an authenticated remote attacker to bypass authorization controls, to read from and...

8.8CVSS0.00045EPSS

Exploits0References1

RedhatCVE•added 2025/04/04 12:38 a.m.•4 views

CVE-2025-29062

An issue in BL-AC2100 =V1.0.4 allows a remote attacker to execute arbitrary code via the time1 and time2 parameters in the setLimitClientcfg of the goahead webservice...

9.8CVSS8.2AI score0.0771EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by