CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7884 matches found

WPVulnDB•added 2023/04/28 12:0 a.m.•24 views

WP-CORS <= 0.2.1 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS5.7AI score0.00369EPSS

Exploits0Affected Software1

Positive Technologies•added 2023/04/28 12:0 a.m.•7 views

PT-2023-22676 · Aigital · Aigital Wireless-N Repeater Mini Router

Name of the Vulnerable Software and Affected Versions: Aigital Wireless-N Repeater Mini Router version 0.131229 Description: A cross-site scripting XSS issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the wl ssid parameter at...

5.4CVSS5.9AI score0.2928EPSS

Exploits1References5

Cvelist•added 2023/04/27 5:55 p.m.•36 views

CVE-2023-2335 Plaintext Password in Registry

Plaintext Password in Registry vulnerability in 42gears surelock windows surelockwinsetupv2.40.0.Exe on Windows Registery modules allows Retrieve Admin user credentials This issue affects surelock windows: from 2.3.12 through 2.40.0...

6.5CVSS7.8AI score0.00308EPSS

Exploits0References1

Positive Technologies•added 2023/04/27 12:0 a.m.•3 views

PT-2023-2822 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: The issue is related to incorrect resource release in the ksmbd module of the Linux kernel, which can be exploited by a remote attacker to cause a denial-of-service using the SMB2...

5.3CVSS6.2AI score0.00453EPSS

Exploits0References25

Positive Technologies•added 2023/04/27 12:0 a.m.•9 views

PT-2023-2816 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The issue results from the lack of proper locking when performing operations on an object,...

10CVSS7AI score0.71737EPSS

Exploits54References342

Positive Technologies•added 2023/04/27 12:0 a.m.•6 views

PT-2023-2824 · Linux +5 · Linux Kernel +5

Name of the Vulnerable Software and Affected Versions: Linux Kernel affected versions not specified Description: A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The issue results from the lack of control of resource consumption when handling SMB2 SESSION SET...

10CVSS6.8AI score0.71737EPSS

Exploits52References339

WPVulnDB•added 2023/04/25 12:0 a.m.•15 views

Ko-fi Button < 1.3.3 - Admin+ Stored XSS

The plugin does not properly some of its settings, which could allow high-privilege users to perform Stored Cross-Site Scripting XSS attacks even when the unfilteredhtml capability is disallowed for example in multisite setup, and we consider it a low risk. PoC 1. In the Kofi plugin settings,...

5.1AI score0.00442EPSS

Exploits2Affected Software1

WPVulnDB•added 2023/04/24 12:0 a.m.•21 views

CRM Memberships <= 1.6 - Admin+ Stored XSS

5.9CVSS5.7AI score0.00369EPSS

Exploits0Affected Software1

WPVulnDB•added 2023/04/23 12:0 a.m.•42 views

AI Contact Us Form <= 1.0 - Admin+ Stored XSS

5.9CVSS4.8AI score0.00392EPSS

Exploits0Affected Software1

CNNVD•added 2023/04/22 12:0 a.m.•5 views

NVIDIA DGX-2 安全漏洞

The NVIDIA DGX-2 is a high-performance workstation for deep learning from NVIDIA, Inc. The NVIDIA DGX-2™ is NVIDIA's first 2 petaFLOPS appliance to integrate 16 NVIDIA V100 Tensor core GPUs, making it an excellent platform for tackling complex AI challenges. A security vulnerability exists in...

7.5CVSS5.2AI score0.0015EPSS

Exploits0References2

WPVulnDB•added 2023/04/21 12:0 a.m.•14 views

Live Chat by Formilla < 1.3.1 - Admin+ Stored XSS

5.9CVSS5.7AI score0.00369EPSS

Exploits0Affected Software1

WPVulnDB•added 2023/04/20 12:0 a.m.•21 views

Verified Reviews < 2.3.15 - Admin+ Stored XSS

5.9CVSS5.5AI score0.00369EPSS

Exploits0Affected Software1

WPVulnDB•added 2023/04/19 12:0 a.m.•19 views

Easy Ad Manager <= 1.0.0 - Admin+ Stored XSS

5.9CVSS5.7AI score0.00392EPSS

Exploits0Affected Software1

WPVulnDB•added 2023/04/19 12:0 a.m.•19 views

EZP Maintenance Mode <= 1.0.1 - Admin+ Stored XSS

5.9CVSS5.7AI score0.00461EPSS

Exploits1Affected Software1

WPVulnDB•added 2023/04/19 12:0 a.m.•16 views

White Label Branding for Elementor Page Builder <= 1.0.2 - Admin+ Stored XSS

5.9CVSS5.7AI score0.00392EPSS

Exploits0Affected Software1

WPVulnDB•added 2023/04/19 12:0 a.m.•24 views

SparkPost <= 3.2.5 - Admin+ Stored XSS

5.9CVSS5.7AI score0.00392EPSS

Exploits0Affected Software1

WPVulnDB•added 2023/04/19 12:0 a.m.•19 views

Continuous announcement scroller <= 13.0 - Admin+ Stored XSS

5.9CVSS5.7AI score0.00392EPSS

Exploits0Affected Software1

WPVulnDB•added 2023/04/19 12:0 a.m.•13 views

Yatra < 2.1.15 - Admin+ Stored XSS

5.9CVSS5.5AI score0.00369EPSS

Exploits0Affected Software1

Kitploit•added 2023/04/18 12:30 p.m.•38 views

Wa-Tunnel - Tunneling Internet Traffic Over Whatsapp

This is a Baileys based piece of code that lets you tunnel TCP data through two Whatsapp accounts. This can be usable in different situations, for example network carriers that give unlimited whatsapp data or airplanes where you also get unlimited social network data. It's using Baileys since it'...

7.5AI score

Exploits0References3

WPVulnDB•added 2023/04/18 12:0 a.m.•14 views

Semalt Blocker <= 1.1.3 - Admin+ Stored XSS

5.9CVSS5.7AI score0.00369EPSS

Exploits0Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by