CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

478 matches found

FortiWeb - Cross Site Scripting

FortiWeb 6.3.0 through 6.3.7 and versions before 6.2.4 contain an unauthenticated cross-site scripting vulnerability. Improper neutralization of input during web page generation can allow a remote attacker to inject malicious payload in vulnerable API end-points. id: CVE-2021-22122 info: name:...

6.1CVSS6.3AI score0.1052EPSS

Exploits0References5

EUVD•added 2026/05/04 6:0 a.m.•9 views

EUVD-2026-26906

The Magic Export & Import WordPress plugin before 1.2.0 stores exported CSV files at a publicly accessible location, making it possible for any visitors to leak sensitive user information...

5.3CVSS5.8AI score0.0027EPSS

Exploits0References1

CVE•added 2026/03/25 12:32 a.m.•15 views

CVE-2026-28856

The CVE-2026-28856 issue is addressed with improved authentication and is fixed in iOS 26.4, iPadOS 26.4, visionOS 26.4, and watchOS 26.4. The description notes that an attacker with physical access to a locked device may view sensitive user information. The connected documents provide these vers...

4.6CVSS5.8AI score0.00277EPSS

Exploits0References3Affected Software4

CNVD•added 2026/03/09 12:0 a.m.•2 views

Apache Superset Information Disclosure Vulnerability

Apache Superset is a data visualization and data exploration platform from the Apache USA Foundation. Apache Superset has an information disclosure vulnerability that can be exploited by an attacker to retrieve sensitive user information...

6.5CVSS5.8AI score0.004EPSS

Exploits0References1

CNVD•added 2026/03/02 12:0 a.m.•2 views

Multiple Apple Products Information Disclosure Vulnerability (CNVD-2026-14485)

Apple iOS is an operating system developed for mobile devices. apple tvOS is a smart TV operating system. apple watchOS is a smart watch operating system. An information disclosure vulnerability exists in multiple Apple products and is caused due to a logging issue in the Game Center component wh...

7.5CVSS5.9AI score0.00228EPSS

Exploits0References1

NVD•added 2026/02/11 11:16 p.m.•5 views

CVE-2026-20655

An authorization issue was addressed with improved state management. This issue is fixed in iOS 18.7.5 and iPadOS 18.7.5, iOS 26.3 and iPadOS 26.3. An attacker with physical access to a locked device may be able to view sensitive user information...

5.5CVSS0.00114EPSS

Exploits0References2

Cvelist•added 2026/02/11 10:58 p.m.•25 views

CVE-2026-20674

A privacy issue was addressed by removing sensitive data. This issue is fixed in iOS 26.3 and iPadOS 26.3. An attacker with physical access to a locked device may be able to view sensitive user information...

0.00148EPSS

Exploits0References1

RedhatCVE•added 2026/02/06 7:34 p.m.•5 views

CVE-2025-14150

IBM webMethods Integration on prem - Integration Server 10.15 through IS10.15CoreFix2411.1 to IS11.1CoreFix8 IBM webMethods Integration could disclose sensitive user information in server responses...

6.5CVSS5.3AI score0.00323EPSS

Exploits0References1

CNNVD•added 2025/10/09 12:0 a.m.•3 views

IBM Aspera 安全漏洞

IBM Aspera is a set of fast file transfer and streaming solutions built on the IBM FASP protocol from International Business Machines IBM. An information disclosure vulnerability exists in IBM Aspera that stems from an observable difference in the returned data, which can be exploited by an...

4.3CVSS5.8AI score0.00209EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2019-17905

Malware in sbrugna...

6.5CVSS6.2AI score0.01225EPSS

Exploits0References8

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2018-17777

Malware in sbrugna...

6.5CVSS6.6AI score0.01268EPSS

Exploits3References3