CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16 matches found

Positive Technologies•added 2026/04/08 12:0 a.m.•1 views

PT-2026-31077

Name of the Vulnerable Software and Affected Versions LTL Freight Quotes – R+L Carriers Edition plugin for WordPress versions up to and including 3.3.13 Description The LTL Freight Quotes – R+L Carriers Edition plugin for WordPress is susceptible to unauthorized access due to missing...

5.3CVSS5.7AI score0.00266EPSS

Exploits0References19

Vulnrichment•added 2026/01/14 3:6 p.m.•3 views

CVE-2026-22820 Outray cli is vulnerable to race conditions in tunnels creation

Outray openSource ngrok alternative. Prior to 0.1.5, a TOCTOU race condition vulnerability allows a user to exceed the set number of active tunnels in their subscription plan. This vulnerability is fixed in 0.1.5...

6.3CVSS6.3AI score0.00055EPSS

Exploits1References2

Cvelist•added 2026/01/14 3:6 p.m.•25 views

CVE-2026-22820 Outray cli is vulnerable to race conditions in tunnels creation

6.3CVSS0.00055EPSS

Exploits1References2

OSV•added 2026/01/14 3:6 p.m.•2 views

CVE-2026-22820 Outray cli is vulnerable to race conditions in tunnels creation

6.3CVSS6.6AI score0.00055EPSS

Exploits1References4

CNNVD•added 2026/01/14 12:0 a.m.•4 views

Outray 安全漏洞

Outray is a local server building tool from OutRay open source. A security vulnerability exists in Outray versions prior to 0.1.5 that stems from a TOCTOU competitive condition that could cause users to exceed the number of active tunnels set by their subscription plan...

6.3CVSS6.1AI score0.00055EPSS

Exploits1References3

OSV•added 2026/01/13 9:53 p.m.•1 views

GHSA-3PQC-836W-JGR7 Outray cli is vulnerable to race conditions in tunnels creation

Summary A TOCTOU race condition vulnerability allows a user to exceed the set number of active tunnels in their subscription plan. Details Affected conponent: apps/web/src/routes/api/tunnel/register.ts - /tunnel/register endpoint code-: ts // Check if tunnel already exists in database const...

6.3CVSS6.8AI score0.00055EPSS

Exploits1References5

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-1848

Malicious code in bioql PyPI...

7.5CVSS6.6AI score0.00073EPSS

Exploits0References1

NVD•added 2025/01/30 12:15 p.m.•6 views

CVE-2025-0744

an Improper Access Control vulnerability has been found in EmbedAI 2.1 and below. This vulnerability allows an authenticated attacker change his subscription plan without paying by making a POST request changing the parameters of the "/demos/embedai/pmtcashondelivery/pay" endpoint...

7.5CVSS0.00073EPSS

Exploits0References1

OSV•added 2025/01/30 12:15 p.m.•1 views

CVE-2025-0744

6.5CVSS5.7AI score0.00073EPSS

Exploits0References1

Cvelist•added 2025/01/30 11:17 a.m.•7 views

CVE-2025-0744 Improper Access Control vulnerability in EmbedAI

7.5CVSS0.00073EPSS

Exploits0References1

Vulnrichment•added 2025/01/30 11:17 a.m.•4 views

CVE-2025-0744 Improper Access Control vulnerability in EmbedAI

7.5CVSS7.4AI score0.00073EPSS

Exploits0References1

Positive Technologies•added 2025/01/30 12:0 a.m.•3 views

PT-2025-4033 · Embedai · Embedai

Name of the Vulnerable Software and Affected Versions: EmbedAI versions 2.1 and below Description: An Improper Access Control issue has been found, allowing an authenticated attacker to change their subscription plan without paying. This is achieved by making a POST request to the...

7.5CVSS6.4AI score0.00073EPSS

Exploits0References4

The Hacker News•added 2024/07/23 9:37 a.m.•12 views

Meta Given Deadline to Address E.U. Concerns Over 'Pay or Consent' Model

Meta has been given time till September 1, 2024, to respond to concerns raised by the European Commission over its "pay or consent" advertising model or risk-facing enforcement measures, including sanctions. The European Commission said the Consumer Protection Cooperation CPC Network has notified...

6.5AI score

Exploits0

NVD•added 2024/06/06 7:16 p.m.•14 views

CVE-2024-5132

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

Exploits0