CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

5 matches found

EUVD•added 2026/03/11 12:21 a.m.•5 views

EUVD-2026-10883

Parse Server has role escalation and CLP bypass via direct Join table write...

10CVSS5.8AI score0.00064EPSS

Exploits0References4

NVD•added 2026/03/10 9:16 p.m.•2 views

CVE-2026-30966

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to 9.5.2-alpha.7 and 8.6.20, Parse Server's internal tables, which store Relation field mappings such as role memberships, can be directly accessed via the REST API or GraphQL API by any...

10CVSS0.00064EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2021-12804

Malware in sbrugna...

8.8CVSS8.6AI score0.00305EPSS

Exploits0References3

RedhatCVE•added 2025/05/22 9:36 p.m.•7 views

CVE-2021-25965

In Calibre-web, versions 0.6.0 to 0.6.13 are vulnerable to Cross-Site Request Forgery CSRF. By luring an authenticated user to click on a link, an attacker can create a new user role with admin privileges and attacker-controlled credentials, allowing them to take over the application...

8.8CVSS6.7AI score0.00305EPSS

Exploits0

OSV•added 2021/01/13 10:15 p.m.•2 views

CVE-2021-1311

A vulnerability in the reclaim host role feature of Cisco Webex Meetings and Cisco Webex Meetings Server could allow an authenticated, remote attacker to take over the host role during a meeting. This vulnerability is due to a lack of protection against brute forcing of the host key. An attacker...

5.4CVSS6.2AI score

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by