CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3356 matches found

EUVD•added 2025/10/15 8:29 p.m.•3 views

EUVD-2025-34678

happy-dom's --disallow-code-generation-from-strings is not sufficient for isolating untrusted JavaScript...

9.4CVSS6.1AI score0.00318EPSS

Exploits0References4

RedhatCVE•added 2025/10/13 5:29 a.m.•6 views

CVE-2025-60868

The Alt Redirect 1.6.3 addon for Statamic fails to consistently strip query string parameters when the "Query String Strip" feature is enabled. Case variations, encoded keys, and duplicates are not removed, allowing attackers to bypass sanitization. This may lead to cache poisoning, parameter...

6.5CVSS6.8AI score0.00209EPSS

Exploits0References1

CNNVD•added 2025/10/13 12:0 a.m.•3 views

Elastic Cloud Enterprise 安全漏洞

Elastic Cloud Enterprise is a cloud platform from the Dutch company Elastic. It makes it easy to deploy, operate and scale Elastic Stack in the cloud. A security vulnerability exists in Elastic Cloud Enterprise that stems from improper neutralization of special elements in the template engine,...

9.1CVSS6.7AI score0.00565EPSS

Exploits0References2

EUVD•added 2025/10/10 3:31 p.m.•2 views

EUVD-2025-33723

6.5CVSS6.3AI score0.00209EPSS

Exploits0References3

GitLab Advisory Database•added 2025/10/10 12:0 a.m.•8 views

Alt Redirect: Potential Authentication Bypass by Spoofing through query-string stripping logic flaw

6.5CVSS6.9AI score0.00209EPSS

Exploits0References7Affected Software1

Cvelist•added 2025/10/10 12:0 a.m.•8 views

CVE-2025-60868

0.00209EPSS

Exploits0References2

Positive Technologies•added 2025/10/10 12:0 a.m.•4 views

PT-2025-41562

Name of the Vulnerable Software and Affected Versions Statamic Alt Redirect version 1.6.3 Description The Alt Redirect 1.6.3 addon for Statamic does not consistently remove query string parameters when the "Query String Strip" feature is enabled. Variations in case, encoded keys, and duplicate...

6.5CVSS6.4AI score0.00209EPSS

Exploits0References7