CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2026/05/29 12:0 a.m.•9 views

PT-2026-45073

Name of the Vulnerable Software and Affected Versions Apache Solr versions 9.4.0 through 9.10.1 Apache Solr version 10.0.0 Description The Basic Authentication setup tool bin/solr auth enable contains hardcoded credentials. This allows a remote attacker to gain full administrative access to the...

9.8CVSS5.9AI score0.00529EPSS

Exploits0References16

NVD•added 2026/03/16 2:20 p.m.•3 views

CVE-2026-4192

A vulnerability has been found in AvinashBole quip-mcp-server 1.0.0. Affected by this vulnerability is the function setupToolHandlers of the file src/index.ts. Such manipulation leads to command injection. The attack may be performed from remote. The exploit has been disclosed to the public and m...

6.5CVSS0.01301EPSS

CNNVD•added 2026/03/16 12:0 a.m.•4 views

Quip MCP Server 命令注入漏洞

Quip MCP Server is a documentation-based server developed by AvinashBole. Version 1.0.0 of Quip MCP Server has a command injection vulnerability, which stems from incorrect operations on the function setupToolHandlers in the file src/index.ts, potentially leading to command injection...

6.5CVSS6.6AI score0.01301EPSS

Cvelist•added 2026/03/15 8:32 p.m.•38 views

CVE-2026-4192 AvinashBole quip-mcp-server index.ts setupToolHandlers command injection

6.5CVSS0.01301EPSS

CVE•added 2026/03/15 8:32 p.m.•12 views

CVE-2026-4192

The CVE-2026-4192 entry concerns AvinashBole quip-mcp-server 1.0.0, where the function setupToolHandlers in src/index.ts is vulnerable to command injection. The vulnerability is described as exploitable remotely, with the exploit publicly disclosed and the project reportedly not responding to the...

6.5CVSS6.2AI score0.01301EPSS

Vulnrichment•added 2026/03/15 8:32 p.m.•2 views

CVE-2026-4192 AvinashBole quip-mcp-server index.ts setupToolHandlers command injection

6.5CVSS6.2AI score0.01301EPSS

Positive Technologies•added 2026/03/15 12:0 a.m.•2 views

PT-2026-25567

6.5CVSS5.4AI score0.01301EPSS

EUVD•added 2025/10/07 12:30 a.m.•6 views

EUVD-2016-8033

Malware in sbrugna...

6.9CVSS6.8AI score0.00378EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2017-2469

Malware in sbrugna...

7.8CVSS7.7AI score0.00911EPSS

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2017-2474

Malware in sbrugna...

9.3CVSS7.7AI score0.01059EPSS

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2021-14182

Malware in sbrugna...

9.8CVSS6.9AI score0.01163EPSS

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2005-0595

Malware in sbrugna...

7.2CVSS6.4AI score0.00902EPSS

Exploits0References4

BDU FSTEC•added 2025/01/22 12:0 a.m.•3 views

Vulnerability of the SAP setup tool for simplified installation and configuration. The SAP setup involves an uncontrolled search element, which allows attackers to increase their privileges.

The vulnerability of the SAP setup tool is related to an uncontrollable element in the search process. Exploiting this vulnerability can allow attackers to enhance their privileges...

7.8CVSS5.5AI score0.00175EPSS

BDU FSTEC•added 2024/01/12 12:0 a.m.•4 views

The vulnerability of the BMP Logo Handler component in the BIOS AMI AptioV configuration tool allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the BMP Logo Handler component in the BIOS AMI AptioV setup tool involves the unlimited loading of dangerous files. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...

7.8CVSS7.2AI score0.00623EPSS

Exploits0References4

SUSE CVE•added 2023/02/15 6:16 a.m.•6 views

SUSE CVE-2005-4772

liby2util in Yet another Setup Tool YaST in SUSE Linux before 20051007 preserves permissions and ownerships when copying a remote repository, which might allow local users to read or modify sensitive files, possibly giving local users the ability to exploit CVE-2005-3013...

6.4CVSS6.6AI score0.01194EPSS

CNNVD•added 2022/06/02 12:0 a.m.•4 views

Schneider Electric PowerLogic ION Setup 安全漏洞

Schneider Electric PowerLogic ION Setup is a free, user-friendly configuration tool from Schneider Electric France. It provides an intuitive environment for setting up and verifying the settings of PowerLogic meters and other devices. A security vulnerability exists in Schneider Electric that ste...

9.8CVSS8.2AI score0.00928EPSS

OSV•added 2022/03/23 8:15 p.m.•4 views

CVE-2021-27428

GE UR IED firmware versions prior to version 8.1x supports upgrading firmware using UR Setup configuration tool – Enervista UR Setup. This UR Setup tool validates the authenticity and integrity of firmware file before uploading the UR IED. An illegitimate user could upgrade firmware without...

9.8CVSS5.8AI score0.01163EPSS