CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21 matches found

NVD•added 2026/03/31 9:16 p.m.•2 views

CVE-2026-3470

A vulnerability exists in the SonicWall Email Security appliance due to improper input sanitization that may lead to data corruption, allowing a remote authenticated attacker as admin user could exploit this issue by providing crafted input that corrupts application database...

3.8CVSS0.00321EPSS

Exploits0References1

CNNVD•added 2025/10/31 12:0 a.m.•4 views

SonicWall SMA100 Series 安全漏洞

SonicWall SMA100 Series is a security gateway appliance from SonicWall, Inc. A security vulnerability exists in the SonicWall SMA100 Series that stems from the potential exposure of sensitive information in log files, which could result in a remote authenticated administrator viewing some user...

4.5CVSS4.7AI score0.00381EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2018-10293

Malware in sbrugna...

7.2CVSS7AI score0.02535EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•3 views

EUVD-2024-54937

Malicious code in bioql PyPI...

5.9CVSS6.6AI score0.00262EPSS

Exploits0References1

NVD•added 2025/09/29 7:15 p.m.•4 views

CVE-2025-57875

There is a reflected cross site scripting vulnerability in Esri Portal for ArcGIS 11.4 and below that may allow a remote authenticated attacker with administrative access to supply a crafted string which would execute arbitrary JavaScript code in the browser...

4.8CVSS0.00204EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 1:19 a.m.•10 views

CVE-2022-3340

XML External Entity XXE vulnerability in Trellix IPS Manager prior to 10.1 M8 allows a remote authenticated administrator to perform XXE attack in the administrator interface part of the interface, which allows a saved XML configuration file to be imported...

7.2CVSS6.6AI score0.00536EPSS

Exploits0References1

NVD•added 2022/11/04 12:15 p.m.•20 views

CVE-2022-3340

7.2CVSS0.00536EPSS

Exploits0References1

Cvelist•added 2022/11/04 12:0 a.m.•19 views

CVE-2022-3340 Trellix IPS Manager vulnerable to XXE

5.9CVSS6.9AI score0.00536EPSS

Exploits0References1

NVD•added 2022/03/04 7:15 p.m.•25 views

CVE-2022-26484

An issue was discovered in Veritas InfoScale Operations Manager VIOM before 7.4.2 Patch 600 and 8.x before 8.0.0 Patch 100. The web server fails to sanitize admin/cgi-bin/rulemgr.pl/getfile/ input data, allowing a remote authenticated administrator to read arbitrary files on the system via...

6.8CVSS0.02564EPSS

Exploits0References1

ATTACKERKB•added 2021/12/09 4:15 p.m.•4 views

CVE-2021-4038

Cross Site Scripting XSS vulnerability in McAfee Network Security Manager NSM prior to 10.1 Minor 7 allows a remote authenticated administrator to embed a XSS in the administrator interface via specially crafted custom rules containing HTML. NSM did not correctly sanitize custom rule content in a...

4.8CVSS5.6AI score0.00575EPSS

Exploits0References2

NVD•added 2021/12/09 4:15 p.m.•11 views

CVE-2021-4038

4.8CVSS0.00575EPSS

Exploits0References1

Cvelist•added 2021/12/09 3:55 p.m.•21 views

CVE-2021-4038 NSM vulnerable to XSS

4.8CVSS4.7AI score0.00575EPSS

Exploits0References1

OSV•added 2021/12/08 11:15 a.m.•1 views

CVE-2021-31850

A denial-of-service vulnerability in Database Security DBS prior to 4.8.4 allows a remote authenticated administrator to trigger a denial-of-service attack against the DBS server. The configuration of Archiving through the User interface incorrectly allowed the creation of directories and files i...

6.1CVSS5.8AI score

Exploits0References2

NVD•added 2021/12/08 11:15 a.m.•17 views

CVE-2021-31850

6.1CVSS0.00967EPSS

Exploits0References2

Cvelist•added 2021/12/08 11:0 a.m.•21 views

CVE-2021-31850 Denial of Service in Database Security on Windows

6.1CVSS6.2AI score0.00967EPSS

Exploits0References2

OSV•added 2018/01/11 4:29 p.m.•2 views

CVE-2017-15614

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-outif variable in the pptpclient.lua file...

7.2CVSS6AI score0.04367EPSS

Exploits4References2

Prion•added 2017/08/29 3:29 p.m.•19 views

Code injection

Aruba Networks ClearPass Policy Manager before 6.4.7 and 6.5.x before 6.5.2 allows remote authenticated lower-level administrators to gain "Super Admin" privileges via unspecified vectors...

6.5CVSS7.1AI score0.01134EPSS

Exploits0References2Affected Software1

OpenVAS•added 2016/01/13 12:0 a.m.•30 views

Debian Security Advisory DSA 3444-1 (wordpress - security update)

Crtc4L discovered a cross-site scripting vulnerability in wordpress, a web blogging tool, allowing a remote authenticated administrator to compromise the site. OpenVAS Vulnerability Test $Id: deb3444.nasl 6608 2017-07-07 12:05:05Z cfischer $ Auto-generated from advisory DSA 3444-1 using nvtgen 1....

4.3CVSS0.02694EPSS

Exploits2References1

BDU FSTEC•added 2015/04/28 12:0 a.m.•7 views

The vulnerability of Cisco ACS’s microprogramming software allows a remote attacker to execute arbitrary code.

The vulnerability of the ACS View interface allows a remote authenticated user with administrator privileges to execute arbitrary SQL commands using specially crafted HTTPS requests...

9CVSS6.1AI score0.00916EPSS

Exploits0References4Affected Software1

htbridge•added 2012/12/05 12:0 a.m.•47 views

SQL Injection Vulnerability in ImageCMS

High-Tech Bridge Security Research Lab discovered vulnerability in ImageCMS, which can be exploited to perform SQL injection attacks. 1 SQL injection vulnerability in ImageCMS: CVE-2012-6290 The vulnerability exists due to insufficient filtration of the "q" HTTP GET parameter passed to...

6.5CVSS1.2AI score0.042EPSS

Exploits7Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by