CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

30260 matches found

NVD•added 2025/10/08 6:15 a.m.•2 views

CVE-2025-11436

A vulnerability was detected in JhumanJ OpnForm up to 1.9.3. Affected by this issue is some unknown functionality of the file /answer. The manipulation results in unrestricted upload. The attack can be launched remotely. The exploit is now public and may be used. The patch is identified as...

8.8CVSS0.00071EPSS

Exploits1References5

OSV•added 2025/10/08 12:31 a.m.•4 views

GHSA-XX7H-2WF7-HC7P Liferay Portal is vulnerable to XSS through its Commerce Search Result widget

Cross-site Scripting XSS vulnerability in the Commerce Search Result widget in Liferay Portal 7.4.0 through 7.4.3.111, and Liferay DXP 2023.Q4 before patch 6, 2023.Q3 before patch 9, and 7.4 GA through update 92 allows remote attackers to inject arbitrary web script or HTML via a crafted payload...

4.8CVSS5.7AI score0.00031EPSS

Exploits0References3

Positive Technologies•added 2025/10/08 12:0 a.m.•3 views

PT-2025-41236

Name of the Vulnerable Software and Affected Versions JhumanJ OpnForm versions up to 1.9.3 Description A security issue exists in JhumanJ OpnForm related to improper restriction of excessive authentication attempts. The issue is located within the HTTP Header Handler component and involves...

6.3CVSS4.3AI score0.00172EPSS

Exploits1References10

CVE•added 2025/10/07 10:2 p.m.•20 views

CVE-2025-11412

CVE-2025-11412 affects GNU Binutils 2.45, specifically the function bfd_elf_gc_record_vtentry in bfd/elflink.c of the linker. The issue enables an out-of-bounds read and requires local access. The exploit has been disclosed publicly. A patch identifier is listed: 047435dd988a3975d40c6626a8f739a0b...

5.5CVSS6.4AI score0.0003EPSS

Exploits1References8Affected Software1