CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

99 matches found

CVE•added 2026/02/03 6:7 p.m.•10 views

CVE-2026-25489

Craft Commerce (Craft CMS) has a stored XSS vulnerability in the Tax Zones Name and Description fields that can execute injected JavaScript in an administrator’s browser. Affected versions are 4.0.0-RC1 through 4.10.0 and 5.0.0 through 5.5.1; the issue arises because sanitization is insufficient ...

6.1CVSS5.4AI score0.00021EPSS

Exploits1References4Affected Software1

EUVD•added 2026/01/21 12:31 a.m.•3 views

EUVD-2026-3566

Vulnerability in the Oracle Scripting product of Oracle E-Business Suite component: Scripting Admin. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Scripting. Successful...

6.1CVSS5.5AI score0.00044EPSS

Exploits0References2

OSV•added 2026/01/20 10:15 p.m.•1 views

CVE-2026-21943

6.1CVSS5.8AI score

Exploits0References1

Positive Technologies•added 2026/01/20 12:0 a.m.•2 views

PT-2026-3693

Name of the Vulnerable Software and Affected Versions Oracle E-Business Suite versions 12.2.3 through 12.2.15 Description An easily exploitable issue exists in the Oracle Scripting product of Oracle E-Business Suite component: Scripting Admin. An unauthenticated attacker with network access via...

6.1CVSS7.3AI score0.00044EPSS

Exploits0References3

OSV•added 2025/12/18 8:15 p.m.•0 views

CVE-2023-53736

A reflected cross-site scripting vulnerability in Kentico Xperience allows authenticated users to inject malicious scripts in the administration interface. Attackers can exploit this vulnerability to execute arbitrary scripts within the administrative context...

5.4CVSS6AI score

Exploits0References2

EUVD•added 2025/12/15 10:55 p.m.•1 views

EUVD-2025-38243

ClipBucket v5 is an open source video sharing platform. In versions 5.5.2 - 156 and below, an authenticated regular user can create a photo collection whose Collection Name contains HTML/JavaScript payloads, which making ClipBucket’s Manage Photos feature vulnerable to Stored XSS. The payload is...

5.1CVSS6.1AI score0.00052EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-13782

Malware in sbrugna...

4.8CVSS5.1AI score0.00269EPSS

Exploits1References2

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-48616

Malicious code in bioql PyPI...

5.4CVSS5.8AI score0.00295EPSS

Exploits1References1