CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

arcane 安全漏洞

Arcan is an open-source Docker management software developed by Arcane. Versions of Arcan prior to 1.19.0 contained security vulnerabilities. These vulnerabilities stemmed from multiple endpoints in the Huma-based REST API that did not call the checkAdmin helper function. Additionally, the...

9.9CVSS5.8AI score0.0005EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2019-6879

Malware in sbrugna...

9CVSS7.2AI score0.02107EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2020-24523

Malware in sbrugna...

9.8CVSS7.9AI score0.09025EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2019-0846

Malware in sbrugna...

8.1CVSS5.8AI score0.00288EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2021-6722

Malicious code in bioql PyPI...

5.5CVSS5.6AI score0.00167EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2021-6600

Malicious code in bioql PyPI...

8.5CVSS7.5AI score0.00345EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2021-6602

Malicious code in bioql PyPI...

4.6CVSS4.9AI score0.00167EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 10:30 a.m.•4 views

CVE-2024-20417

Multiple vulnerabilities in the REST API of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to conduct blind SQL injection attacks. These vulnerabilities are due to insufficient validation of user-supplied input in REST API calls. An attacker could exploit these...

8.1CVSS7.9AI score0.00185EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 8:20 a.m.•6 views

CVE-2024-10325

The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API SVG File uploads in all versions up to, and including, 1.6.45 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.8AI score0.00233EPSS

Exploits0References1

Cvelist•added 2024/12/31 6:0 a.m.•24 views

CVE-2024-11972 Hunk Companion < 1.9.0 - Unauthenticated Plugin Installation

The Hunk Companion WordPress plugin before 1.9.0 does not correctly authorize some REST API endpoints, allowing unauthenticated requests to install and activate arbitrary Hunk Companion WordPress plugin before 1.9.0 from the WordPress.org repo, including vulnerable Hunk Companion WordPress plugin...

0.9188EPSS

Exploits5References1

OSV•added 2024/08/21 8:15 p.m.•0 views

CVE-2024-20417

8.1CVSS5.9AI score

Exploits0References1

OSV•added 2021/01/20 9:15 p.m.•1 views

CVE-2021-1248

Multiple vulnerabilities in certain REST API endpoints of Cisco Data Center Network Manager DCNM could allow an authenticated, remote attacker to execute arbitrary SQL commands on an affected device. For more information about these vulnerabilities, see the Details section of this advisory...

7.2CVSS7.4AI score

Exploits0References1

Cvelist•added 2019/10/31 4:25 p.m.•12 views

CVE-2019-18464

In Progress MOVEit Transfer 10.2 before 10.2.6 2018.3, 11.0 before 11.0.4 2019.0.4, and 11.1 before 11.1.3 2019.1.3, multiple SQL Injection vulnerabilities have been found in the REST API that could allow an unauthenticated attacker to gain unauthorized access to the database. Depending on the...

10AI score0.00163EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by