CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

CNNVD•added 2026/02/06 12:0 a.m.•2 views

WordPress plugin WaveSurfer-WP 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.4CVSS5.7AI score0.00015EPSS

Exploits0References4

CVE•added 2026/01/05 8:45 p.m.•11 views

CVE-2025-64424

CVE-2025-64424 affects Coolify up to v4.0.0-beta.434, enabling a low-privileged user to run commands as root via a command-injection in the git source input fields of a resource. Several connected sources corroborate the vulnerability class and affected components; remediation notes indicate fixe...

9.4CVSS7.3AI score0.00339EPSS

Exploits2References2Affected Software1

OSV•added 2025/09/22 4:15 p.m.•1 views

CVE-2025-36202

IBM webMethods Integration 10.15 and 11.1 could allow an authenticated user with required execute Services to execute commands on the system due to the improper validation of format string strings passed as an argument from an external source...

8.8CVSS5.9AI score0.00035EPSS

Exploits0References1

SUSE CVE•added 2023/03/15 3:34 a.m.•3 views

SUSE CVE-2023-1350

A vulnerability was found in liferea. It has been rated as critical. Affected by this issue is the function updatejobrun of the file src/update.c of the component Feed Enrichment. The manipulation of the argument source with the input |date /tmp/bad-item-link.txt leads to os command injection. Th...

8.8CVSS6.7AI score0.00551EPSS

Exploits0References4

CNNVD•added 2022/12/25 12:0 a.m.•2 views

Hedgehog SQL注入漏洞

Hedgehog is an open source dns-stats visualization tool for DNS statistics. Hedgehog has a SQL injection vulnerability , the vulnerability stems from a problem in the function DSCIOManager::dscimportinputfromsource in file src/DSCIOManager.cpp, which can lead to sql injection...

8.8CVSS6AI score0.00453EPSS

Exploits0References3

ATTACKERKB•added 2022/04/12 5:15 p.m.•2 views

CVE-2022-26108

When a user opens a manipulated Picture Exchange .pcx, 2d.x3d received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application...

6.5CVSS6.9AI score0.00379EPSS

Exploits0References3Affected Software1

CNNVD•added 2021/05/25 12:0 a.m.•1 views

Opennms Group OpenNMS 跨站脚本漏洞

Opennms Group OpenNMS is an open source, enterprise-grade network monitoring and network management platform from the US-based OpenNMS Group Opennms Group. A cross-site scripting vulnerability exists in OpenNMS Horizon and OpenNMS Meridian, which stems from the function add performing incorrect...

5.4CVSS5.7AI score0.00263EPSS

Exploits1References3