CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

768 matches found

NVD•added 2026/05/12 10:16 a.m.•6 views

CVE-2026-8072

Insecure generation of credentials in the local SAT Technical Support access functionality of the Ingecon Sun EMS Board. The vulnerability arose because the secret access credentials were not based on a secure cryptographic scheme, but rather on a weak hashing algorithm, which could allow an...

9.2CVSS0.00023EPSS

Exploits0References2

Vulnrichment•added 2026/05/12 9:57 a.m.•4 views

CVE-2026-8072 Insecure generation of SAT access credentials in Ingecon EMS Board

9.2CVSS5.8AI score0.00023EPSS

Exploits0References2

NVD•added 2026/05/10 1:16 p.m.•3 views

CVE-2021-47938

ImpressCMS 1.4.2 contains a remote code execution vulnerability in the autotasks administrative interface that allows authenticated attackers to execute arbitrary PHP code by injecting malicious code into the satcode parameter. Attackers can authenticate, submit a POST request to...

8.8CVSS0.0027EPSS

Exploits0References4

Vulnrichment•added 2026/05/10 12:43 p.m.•1 views

CVE-2021-47938 ImpressCMS 1.4.2 Remote Code Execution via Autotasks

8.8CVSS6.6AI score0.0027EPSS

Exploits0References4

CVE•added 2026/05/10 12:43 p.m.•4 views

CVE-2021-47938

ImpressCMS 1.4.2 suffers a remote code execution (RCE) in the autotasks admin interface. An authenticated attacker can send a crafted sat_code payload via POST to /modules/system/admin.php?fct=autotasks&op=mod, resulting in creation of an executable file that accepts arbitrary commands through GE...

8.8CVSS6.6AI score0.0027EPSS

Exploits0References4

Positive Technologies•added 2026/05/10 12:0 a.m.•5 views

PT-2026-39513

ImpressCMS 1.4.2 contains a remote code execution vulnerability in the autotasks administrative interface that allows authenticated attackers to execute arbitrary PHP code by injecting malicious code into the sat code parameter. Attackers can authenticate, submit a POST request to...

8.8CVSS6.6AI score0.0027EPSS

Exploits0References5

CNNVD•added 2026/05/10 12:0 a.m.•2 views

ImpressCMS 代码注入漏洞

ImpressCMS is a modular content management system CMS based on MySQL, developed by ImpressCMS Inc. This system includes modules for news publishing, forums, and photo albums. Version 1.4.2 of ImpressCMS has a code injection vulnerability. This vulnerability stems from a remote code execution flaw...

8.8CVSS6.7AI score0.0027EPSS

Exploits0References1

Vulnrichment•added 2026/03/26 11:39 a.m.•0 views

CVE-2018-25202 SAT CFDI 3.3 SQL Injection via signIn endpoint

SAT CFDI 3.3 contains an SQL injection vulnerability that allows attackers to manipulate database queries by injecting SQL code through the 'id' parameter in the signIn endpoint. Attackers can submit POST requests with boolean-based blind, stacked queries, or time-based blind SQL injection payloa...

8.8CVSS6AI score0.0005EPSS

Exploits0References3

Cvelist•added 2026/02/11 12:0 a.m.•19 views

CVE-2025-70083

An issue was discovered in OpenSatKit 2.2.1. The DirName field in the telecommand is provided by the ground segment and must be treated as untrusted input. The program copies DirName into the local buffer DirWithSep using strcpy. The size of this buffer is OSMAXPATHLEN. If the length of DirName i...

0.00012EPSS

Exploits0References5

ATTACKERKB•added 2026/02/11 12:0 a.m.•2 views

CVE-2025-70085

An issue was discovered in OpenSatKit 2.2.1. The EventErrStr buffer has a fixed size of 256 bytes. The code uses sprintf to format two filenames Source1Filename and the string returned by FileUtilFileStateStr into this buffer without any length checking and without using bounded format specifiers...

6AI score0.00065EPSS

Exploits0References5

EUVD•added 2025/11/12 7:18 p.m.•0 views

EUVD-2025-136693

Malicious code in sahuar-sat-faguao npm...

6.6AI score

Exploits0

EUVD•added 2025/11/12 7:18 p.m.•2 views

EUVD-2025-136455

Malicious code in sahur-sat-faguao npm...

6.6AI score

Exploits0

EUVD•added 2025/11/12 7:18 p.m.•0 views

EUVD-2025-136515

Malicious code in sahunim-sat-fadu npm...

6.6AI score

Exploits0

EUVD•added 2025/11/12 7:18 p.m.•0 views

EUVD-2025-136521

Malicious code in sahunim-sat-fadabiu npm...

6.6AI score

Exploits0

EUVD•added 2025/11/12 7:18 p.m.•1 views

EUVD-2025-141484

Malicious code in hunim-sat-ananafin npm...

6.6AI score

Exploits0

OSSF Malicious Packages•added 2025/11/12 7:18 p.m.•2 views

Malicious code in hunim-sat-anin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d211e73e7570c9270fda1058c68235ad20b813efa7919c24491e41a4b6b5662e This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score

Exploits0

OSSF Malicious Packages•added 2025/11/12 7:18 p.m.•1 views

Malicious code in hunim-sat-ananafin (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f9ad143ee104d57fb19bc0b4ddf1f81706b5291661769418e33bf72a94beef73 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score

Exploits0

EUVD•added 2025/11/12 7:18 p.m.•1 views

EUVD-2025-141480

Malicious code in hunim-sat-annin npm...

6.6AI score

Exploits0

EUVD•added 2025/11/12 7:18 p.m.•1 views

EUVD-2025-141482

Malicious code in hunim-sat-ananin npm...

6.6AI score

Exploits0