CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

43 matches found

RedhatCVE•added 2026/05/11 8:26 p.m.•6 views

CVE-2025-69599

RayVentory Scan Engine through 12.6 Update 8 allows attackers to gain privileges if they control the value of the PATH environment variable. NOTE: this is disputed because ability of an attacker to control the environment is a site-specific misconfiguration...

9.8CVSS5.8AI score0.00056EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:28 a.m.•7 views

CVE-2021-33558

Boa 0.94.13 allows remote attackers to obtain sensitive information via a misconfiguration involving backup.html, preview.html, js/log.js, log.html, email.html, online-users.html, and config.js. NOTE: multiple third parties report that this is a site-specific issue because those files are not par...

7.5CVSS6.5AI score0.82894EPSS

Exploits2References1

Packet Storm News•added 2026/01/07 12:0 a.m.•3 views

Python Site-Specific Hook Persistence

This Metasploit module leverages Python's startup mechanism, where some files can be automatically processed during the initialization of the Python interpreter. One of those files are startup hooks site-specific, dist-packages. If these files are present in site-specific or dist-packages...

6.9AI score

Exploits0

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2006-2813

Malware in sbrugna...

4.3CVSS6.4AI score0.00346EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2008-4334

Malware in sbrugna...

7.5CVSS6.4AI score0.00362EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2008-1869

Malware in sbrugna...

7.5CVSS6.4AI score0.0055EPSS

Exploits0References6

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2006-0837

Malware in sbrugna...

7.5CVSS6.4AI score0.00636EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2008-1936

Malware in sbrugna...

7.5CVSS6.4AI score0.00486EPSS

Exploits1References6

RedhatCVE•added 2025/05/22 8:32 p.m.•1 views

CVE-2021-26939

An information disclosure issue exists in henriquedornas 5.2.17 because an attacker can dump phpMyAdmin SQL content. NOTE: third parties report that this is a site-specific problem...

7.5CVSS7.1AI score0.00316EPSS

Exploits1References1

RedhatCVE•added 2025/05/22 5:30 p.m.•2 views

CVE-2020-6939

Tableau Server installations configured with Site-Specific SAML that allows the APIs to be used by unauthenticated users. If exploited, this could allow a malicious user to configure Site-Specific SAML settings and could lead to account takeover for users of that site. Tableau Server versions...

10CVSS6.8AI score0.01355EPSS

Exploits0References1

SUSE CVE•added 2023/02/15 3:44 a.m.•1 views

SUSE CVE-2021-26939

An information disclosure issue exists in henriquedornas 5.2.17 because an attacker can dump phpMyAdmin SQL content. NOTE: third parties report that this is a site-specific problem...

7.5CVSS7AI score0.00316EPSS

Exploits1References3

VulnCheck KEV•added 2023/02/14 12:0 a.m.•2 views

VulnCheck KEV: CVE-2021-33558

7.5CVSS7.3AI score0.82894EPSS

Exploits2References1

ATTACKERKB•added 2022/09/06 8:15 p.m.•2 views

CVE-2022-32277

Squiz Matrix CMS 6.20 is vulnerable to an Insecure Direct Object Reference caused by failure to correctly validate authorization when submitting a request to change a user's contact details. NOTE: this is disputed by both the vendor and the original discoverer because it is a site-specific findin...

5.3CVSS5.4AI score0.00315EPSS

Exploits0References3

Positive Technologies•added 2022/09/06 12:0 a.m.•2 views

PT-2022-21201 · Squiz · Squiz Matrix Cms

Name of the Vulnerable Software and Affected Versions: Squiz Matrix CMS version 6.20 Description: The issue is caused by a failure to correctly validate authorization when submitting a request to change a user's contact details, leading to an Insecure Direct Object Reference. This allows...

5.3CVSS7.1AI score0.00315EPSS

Exploits0References7

IBM Security Bulletins•added 2022/07/29 8:3 p.m.•45 views

Security Bulletin: IBM DataPower Gateway affected by vulnerabilities in Redis

Summary IBM has addressed the following CVEs, which may affect Gateway Peering and Quota Enforcement. Vulnerability Details CVEID:CVE-2022-24736 DESCRIPTION: Redis is vulnerable to a denial of service, caused by a NULL pointer dereference. By loading a specially crafted Lua script, a local...

7.8CVSS7AI score0.01725EPSS

Exploits2Affected Software4

OSV•added 2022/02/21 12:15 p.m.•2 views

CVE-2021-45008

Plesk CMS 18.0.37 is affected by an insecure permissions vulnerability that allows privilege Escalation from user to admin rights. OTE: the vendor states that this is only a site-specific problem on websites of one or more Plesk users...

8.8CVSS5.8AI score0.0128EPSS

Exploits1References1

Vulnrichment•added 2022/02/21 11:12 a.m.•14 views

CVE-2021-45008

6.8AI score0.0128EPSS

Exploits1References1

Cvelist•added 2022/02/21 11:12 a.m.•12 views

CVE-2021-45008

8.8AI score0.0128EPSS

Exploits1References1

CVE•added 2022/02/21 11:12 a.m.•103 views

CVE-2021-45008

CVE-2021-45008 affects Plesk CMS 18.0.37 with an insecure permissions vulnerability that enables privilege escalation from user to admin. The vendor notes this is site-specific to certain Plesk user websites. Public sources provided do not detail root cause specifics beyond access-control weaknes...

8.8CVSS8.6AI score0.0128EPSS

Exploits1References1Affected Software1

Positive Technologies•added 2022/02/21 12:0 a.m.•4 views

PT-2022-12288 · Plesk · Plesk Cms

Name of the Vulnerable Software and Affected Versions: Plesk CMS version 18.0.37 Description: The issue is related to an insecure permissions vulnerability that allows privilege escalation from user to admin rights. According to the vendor, this is a site-specific problem affecting websites of on...

8.8CVSS7.2AI score0.0128EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by