CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

210 matches found

OSV•added 2026/02/16 12:0 a.m.•3 views

MAL-2026-911 Malicious code in malpkgv2-0 (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: oracle-using-macaron 1f614e8ee6cce92be8b98394967c253336c0145808962bfda5032f085ece4eef This package executes arbitrary commands, steals sensitive data, exfiltrates credentials, and uses obfuscation techniques...

5.6AI score

Exploits0

NVD•added 2025/12/18 8:15 p.m.•3 views

CVE-2024-58322

A stored cross-site scripting vulnerability in Kentico Xperience allows attackers to inject malicious code into shipping options configuration. This could lead to potential theft of sensitive data by executing malicious scripts in users' browsers...

5.4CVSS0.00024EPSS

Exploits0References2

GithubExploit•added 2025/12/10 4:58 p.m.•112 views

INF113-SQLINJECTION-CHALLENGE

INF113-SQLINJECTION-CHALLENGE You are a junior software engine...

8.1AI score

Exploits0

Snyk•added 2025/11/24 8:33 p.m.•1 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score

Exploits0References3

CNVD•added 2025/11/11 12:0 a.m.•1 views

Advantech WebAccess/VPN AjaxStandaloneVpnClientsController.ajaxAction function SQL injection vulnerability

Advantech WebAccess/VPN is a virtual private network feature integrated in Advantech WebAccess/SCADA software, designed to provide a secure and reliable network connectivity solution for industrial automation and remote monitoring systems. Advantech WebAccess/VPN suffers from a SQL injection...

6.5CVSS8.4AI score0.0003EPSS

Exploits0References1

RedhatCVE•added 2025/11/05 2:11 p.m.•3 views

CVE-2025-12695

The overly permissive sandbox configuration in DSPy allows attackers to steal sensitive files in cases when users build an AI agent which consumes user input and uses the “PythonInterpreter” class...

5.9CVSS6.9AI score0.00012EPSS

Exploits0References1

CNVD•added 2025/10/17 12:0 a.m.•2 views

Ivanti Endpoint Manager SQL Injection Vulnerability (CNVD-2025-24269)

Ivanti Endpoint Manager is a unified endpoint management solution for the enterprise that is designed to centrally manage all types of devices including Windows, macOS, Linux, ChromeOS and IoT devices within an organization, covering OS deployment, software distribution, remote control and more. ...

6.5CVSS8.4AI score0.00338EPSS

Exploits0References1