CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix duplicated reported IWCMEVENTCONNECTREPLY event If siwrecvmparr returns -EAGAIN, it means that the MPA reply hasn't been received completely, and should not report IWCMEVENTCONNECTREPLY in this case. This may trigge...

5.5CVSS0.00063EPSS

Exploits0References6

RedhatCVE•added 2025/04/26 4:54 a.m.•11 views

CVE-2022-47111

7-Zip 22.01 does not report an error for certain invalid xz files, involving block flags and reserved bits. Some later versions are unaffected...

2.5CVSS6.9AI score0.00087EPSS

Exploits1

RedhatCVE•added 2025/01/21 5:28 p.m.•8 views

CVE-2025-21656

In the Linux kernel, the following vulnerability has been resolved: hwmon: drivetemp Fix driver producing garbage data when SCSI errors occur scsiexecutecmd function can return both negative linux codes and positive scsicmnd result field error codes. Currently the driver just passes error codes o...

5.5CVSS7AI score0.00021EPSS

Exploits0References4

Github Security Blog•added 2024/04/17 5:33 p.m.•32 views

Keycloak Authorization Bypass vulnerability

Due to a permissive regular expression hardcoded for filtering allowed hosts to register a dynamic client, a malicious user with enough information about the environment could benefit and jeopardize an environment with this specific Dynamic Client Registration with TrustedDomain configuration...

5.4CVSS6.7AI score0.01309EPSS

Exploits0References12Affected Software1

Positive Technologies•added 2024/04/12 12:0 a.m.•2 views

PT-2024-19347 · Ibm · Ibm Urbancode Deploy +1

Name of the Vulnerable Software and Affected Versions: IBM UrbanCode Deploy versions 7.0 through 7.0.5.20 IBM UrbanCode Deploy versions 7.1 through 7.1.2.16 IBM UrbanCode Deploy versions 7.2 through 7.2.3.9 IBM UrbanCode Deploy versions 7.3 through 7.3.2.4 IBM DevOps Deploy versions 8.0 through...

4.4CVSS7AI score0.00029EPSS

Exploits0References3

Citrix•added 2023/09/26 12:0 a.m.•35 views

Reporting: "Error retrieving data source. Return code=257. Error message=Operation not permitted."

The message "Error retrieving data source. Return code = 257. Error message = Operation not permitted" is displayed when clicking Reporting on NetScaler:...

7.3AI score

Exploits0

OSV•added 2023/02/23 7:39 p.m.•40 views

GHSA-HF4X-6H87-HM79 MantisBT may expose private issues' summaries to unauthorized users

Impact Due to insufficient access-level checks, any logged-in user allowed to perform Group Actions can get access to the Summary field of private Issues i.e. having Private view status, or belonging to a private Project via a crafted bugarr parameter in bugactiongroupext.php. Patches The...

4.3CVSS4.6AI score0.00201EPSS

Exploits1References3

OSV•added 2021/03/11 5:42 p.m.•10 views

GHSA-7VWG-39H8-8QP8 /user/sessions endpoint allows detecting valid accounts

This Security Advisory is about a vulnerability in eZ Platform v1.13, v2.5, and v3.2, and in Ibexa DXP and Ibexa Open Source v3.3. The /user/sessions endpoint can let an attacker detect if a given username or email refers to a valid account. This can be detected through differences in the respons...

7.1AI score

Exploits0References3

NVD•added 2020/07/14 6:15 p.m.•16 views

CVE-2020-13846

Sylabs Singularity 3.5.0 through 3.5.3 fails to report an error in a Status Code...

7.5CVSS0.00368EPSS

Exploits0References5

Citrix•added 2020/04/16 12:0 a.m.•4 views

Citrix Service Provider license server not reporting due to SSL error

After an extended maintenance period in March 2020, some Citrix License Servers that were successfully reporting into theLicense Usage Insights ServiceLUI were impacted, and are now failing to report. When admins access theLicense Usage Insights service in Citrix Cloud, an impacted license server...

7.3AI score

Exploits0

NVD•added 2020/01/30 6:15 p.m.•19 views

CVE-2020-1931

A command execution issue was found in Apache SpamAssassin prior to 3.4.3. Carefully crafted nefarious Configuration .cf files can be configured to run system commands similar to CVE-2018-11805. This issue is less stealthy and attempts to exploit the issue will throw warnings. Thanks to Damian...

9.3CVSS7.2AI score0.01095EPSS

Exploits0References9

OSV•added 2017/08/18 12:29 p.m.•5 views

CVE-2017-12936

The ReadWMFImage function in coders/wmf.c in GraphicsMagick 1.3.26 has a use-after-free issue for data associated with exception reporting...

8.8CVSS9.2AI score

Exploits0References7

securityvulns•added 2015/04/13 12:0 a.m.•55 views

ESA-2015-056: EMC PowerPath Virtual Appliance Undocumented User Accounts Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-056: EMC PowerPath Virtual Appliance Undocumented User Accounts Vulnerability EMC Identifier: ESA-2015-056 CVE Identifier: CVE-2015-0529 Severity Rating: CVSS v2 Base Score: 5.0 AV:N/AC:L/Au:N/C:P/I:N/A:N Affected products: • EMC PowerPath...

5CVSS0.8AI score0.00601EPSS

Exploits0

Tenable Nessus•added 2004/07/06 12:0 a.m.•40 views

RHEL 2.1 : rxvt (RHSA-2003:055)

Updated rxvt packages are available which fix a number of vulnerabilities in the handling of escape sequences. Updated 12 March 2003 Added packages for Red Hat Enterprise Linux ES and Red Hat Enterprise Linux WS Rxvt is a color VT102 terminal emulator for the X Window System. A number of issues...

7.5CVSS5.5AI score0.01085EPSS

Exploits0References7

securityvulns•added 2002/09/28 12:0 a.m.•16 views

PHPNUKE 6 XSS Vulnerabilities

http://www.phpnuke.org/modules.php?name=Search Enter: scriptalertdocument.cookie;/script in form, click Search. Needless to say these bugs won't go away. The vendor WOULD HAVE been contacted if they just gave an email address without having to subscribe to nukesupport/phpnuke - maybe I don't use...

6.2AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by