CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

306 matches found

NVD•added 2026/05/08 7:16 a.m.•7 views

CVE-2023-46453

Certain GL.iNet devices with 4.x firmware allow authentication bypass resulting in administrative control of the device via a username that is both a valid SQL statement and a valid regular expression. For example, this affects version 4.3.7 on GL-MT3000 GL-AR300M GL-B1300 GL-AX1800 GL-AR750S...

9.8CVSS0.00764EPSS

Exploits3References1

Cvelist•added 2026/05/08 12:0 a.m.•34 views

CVE-2023-46453

0.00764EPSS

Exploits3References1

RedhatCVE•added 2026/01/09 10:44 a.m.•7 views

CVE-2022-0349

The NotificationX WordPress plugin before 2.3.9 does not sanitise and escape the nxid parameter before using it in a SQL statement, leading to an Unauthenticated Blind SQL Injection...

9.8CVSS7AI score0.34359EPSS

Exploits2References1

RedhatCVE•added 2026/01/09 9:24 a.m.•10 views

CVE-2023-40610

Improper authorization check and possible privilege escalation on Apache Superset up to but excluding 2.1.2. Using the default examples database connection that allows access to both the examples schema and Apache Superset's metadata database, an attacker using a specially crafted CTE SQL stateme...

8.8CVSS7.5AI score0.01335EPSS

Exploits0References1

IBM Security Bulletins•added 2025/12/09 10:36 p.m.•13 views

Security Bulletin: IBM® Db2® is vulnerable to a denial of service using a specially crafted SQL statement (CVE-2025-33143).

Summary IBM Db2 for Linux, UNIX and Windows includes Db2 Connect Server could allow an authenticated user to cause a denial of service using a specially crafted SQL statement that performs uncontrolled recursion. Vulnerability Details CVEID:CVE-2025-33143 DESCRIPTION: IBM Db2 for Linux, UNIX and...

6.5AI score

Exploits0Affected Software1