CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

15 matches found

ipTIME A2004 - Unauthorized Access

An access control issue in the component /login/hostinfo.cgi of ipTIME A2004 v12.17.0 allows attackers to obtain sensitive information without authentication. id: CVE-2024-54763 info: name: ipTIME A2004 - Unauthorized Access author: ritikchaddha severity: medium description: | An access control...

6.5CVSS5.7AI score0.07306EPSS

Exploits0References2

RedhatCVE•added 2026/01/09 9:31 a.m.•4 views

CVE-2023-25057

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Libsyn Libsyn Publisher Hub.This issue affects Libsyn Publisher Hub: from n/a through 1.3.2...

5.3CVSS6.8AI score0.00317EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-1999-1226

Malware in sbrugna...

5CVSS6.4AI score0.00647EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2008-0870

Malware in sbrugna...

5CVSS6.4AI score0.00284EPSS

Exploits0References4

Kaspersky•added 2025/07/10 12:0 a.m.•10 views

KLA85814 Multiple vulnerabilities in Apache HTTP Server

Multiple vulnerabilities were found in Apache HTTP Server. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, perform cross-site scripting attack, cause denial of service. Below is a complete list of vulnerabilities: 1. Insufficient...

9.1CVSS6.9AI score0.03449EPSS

Exploits2References3

IBM Security Bulletins•added 2025/06/25 6:33 p.m.•7 views

Security Bulletin: IBM Maximo Application Suite - Manage Component uses vite-5.4.12.tgz which is vulnerable to CVE-2025-31486

Summary Security Bulletin: IBM Maximo Application Suite - Manage Component uses vite-5.4.12.tgz which is vulnerable to CVE-2025-31486. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2025-31486 DESCRIPTION: Vite is a frontend tooling...

5.3CVSS6.7AI score0.04736EPSS

Exploits7Affected Software1

Tenable Nessus•added 2025/06/04 12:0 a.m.•2 views

Grafana < 10.4.15 Exposure Of Sensitive Information To An Unauthorized Actor

According to its self-reported version, the Grafana install hosted on the remote host is earlier than 10.4.15, or earlier than 11.0.11, or earlier than 11.1.11, or earlier than 11.2.6, or earlier than 11.3.3, or earlier than 11.4.1. It is, therefore, affected by a exposure of sensitive informatio...

4.3CVSS7AI score0.00103EPSS

Exploits0References2

CNVD•added 2025/05/27 12:0 a.m.•1 views

XML Entity Injection Vulnerability in UFIDA U8Cloud at UFIDA Network Technologies Co.

UFIDA U8Cloud is an enterprise-level ERP used to assist companies in achieving efficient and digitalized business collaboration and process management. An XML entity injection vulnerability exists in UFIDA U8Cloud, which can be exploited by attackers to obtain sensitive information...

7.1AI score

Exploits0

Patchstack•added 2025/05/16 11:56 p.m.•6 views

WordPress ApplyOnline – Application Form Builder and Manager plugin < 2.6.3 - Unauthenticated Application File Access vulnerability

Unauthenticated Application File Access vulnerability discovered by Arian Mosallah in WordPress Plugin ApplyOnline versions 2.6.3...

2.7CVSS5.4AI score0.00271EPSS

Exploits1References1Affected Software1

RedhatCVE•added 2025/03/22 12:23 p.m.•6 views

CVE-2024-12068

A Server-Side Request Forgery SSRF vulnerability was discovered in haotian-liu/llava, affecting version git c121f04. This vulnerability allows an attacker to make the server perform HTTP requests to arbitrary URLs, potentially accessing sensitive data that is only accessible from the server, such...

7.5CVSS6.9AI score0.00413EPSS

Exploits1References1

CNVD•added 2024/07/20 12:0 a.m.•1 views

Information Leakage Vulnerability in ER6300 of Xinhua San Technologies Co.

ER6300 is a high-performance full gigabit router for Internet cafes from H3C. Ltd. ER6300 suffers from an information disclosure vulnerability that can be exploited by attackers to obtain sensitive information...

6.5AI score

Exploits0

Ubuntu•added 2023/03/07 7:35 a.m.•421 views

USN-5928-1: systemd vulnerabilities

It was discovered that systemd did not properly validate the time and accuracy values provided to the formattimespan function. An attacker could possibly use this issue to cause a buffer overrun, leading to a denial of service attack. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM,...

5.5CVSS7AI score0.00042EPSS

Exploits2

Mageia•added 2014/08/18 9:14 a.m.•68 views

Updated kernel-linus package fixes security vulnerabilities

Updated kernel-linus provides upstream 3.12.26 kernel and fixes the following security issues: Array index error in the aioreadeventsring function in fs/aio.c in the Linux kernel through 3.15.1 allows local users to obtain sensitive information from kernel memory via a large head value...

7.8CVSS7.1AI score0.68892EPSS

Exploits22References7

Cvelist•added 2008/09/24 2:0 p.m.•13 views

CVE-2008-4207

Attachmax Dolphin 2.1.0 and earlier does not properly protect info.php in the main folder, which allows remote attackers to obtain sensitive information via a direct request, which invokes the phpinfo function. NOTE: some of these details are obtained from third party information...

6.2AI score0.09819EPSS

Exploits1References7

Symantec•added 1997/11/08 12:0 a.m.•42 views

iCat Carbo Server File Disclosure Vulnerability

Description iCat Electronic Commerce Suite is an application which enables a user to create and manage web based catalogues. A remote user may retrieve known files on a target system running iCat Electronic Commerce Suite. The Carbo Server component of the Electronic Commerce Suite does not...

0.4AI score

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by