CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

19135 matches found

Knowage Suite 7.3 - Cross-Site Scripting

Knowage Suite 7.3 contains an unauthenticated reflected cross-site scripting vulnerability. An attacker can inject arbitrary web script in '/servlet/AdapterHTTP' via the 'targetService' parameter. id: CVE-2021-30213 info: name: Knowage Suite 7.3 - Cross-Site Scripting author: alph4byt3 severity:...

6.1CVSS6.4AI score0.04334EPSS

Exploits1References5

Nuclei•added 17 hours ago•49 views

Oracle E-Business Suite 12.1.3/12.2.x - Open Redirect

The Oracle Applications Framework component of Oracle E-Business Suite subcomponent: Popup windows lists of values, datepicker, etc. is impacted by open redirect issues in versions 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. These easily exploitable vulnerabilities allow unauthenticated attackers...

5.8CVSS6.4AI score0.43239EPSS

Exploits4References5

IBM Security Bulletins•added yesterday•9 views

Security Bulletin: IBM Maximo Application Suite uses once-2.0.0.tgz which is vulnerable to CVE-2026-3449

Summary IBM Maximo Application Suite uses once-2.0.0.tgz which is vulnerable to CVE-2026-3449. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details CVEID:CVE-2026-3449 DESCRIPTION: Versions of the package @tootallnate/once before 3.0.1 are vulnerab...

4.8CVSS5.8AI score0.00018EPSS

Exploits0Affected Software1

Nuclei•added yesterday•255 views

Oracle E-Business Suite <=12.2 - Authentication Bypass

Oracle E-Business Suite component: Manage Proxies 12.1 and 12.2 are susceptible to an easily exploitable vulnerability that allows an unauthenticated attacker with network access via HTTP to compromise it by self-registering for an account. Successful attacks of this vulnerability can result in...

7.5CVSS7.2AI score0.93739EPSS

Exploits1References5

RedhatCVE•added 2 days ago•3 views

CVE-2026-46820

Vulnerability in the Oracle Financials Common Modules product of Oracle E-Business Suite component: Common Components. Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle...

8.5CVSS5.8AI score0.00047EPSS

Exploits0References1

IBM Security Bulletins•added 2 days ago•4 views

Security Bulletin: IBM WebSphere Application Server Liberty is affected by a prototype pollution vulnerability used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2026-29063)

Summary There is a vulnerability in IBM WebSphere Application Server Liberty i used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2026-29063 DESCRIPTION: Immutable.js provides many Persistent Immutable data structures. Prior to versions 3.8.3,...

9.8CVSS5.7AI score0.0008EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 2 days ago•7 views

Security Bulletin: IBM Maximo Application Suite uses multiple third party dependencies which is vulnerable to multiple CVEs.

Summary IBM Maximo Application Suite uses cryptography-46.0.5-cp311-abi3-manylinux234x8664.whl, axios-1.13.5.tgz, protobufjs-7.3.2.tgz and axios-1.15.0.tgz which are vulnerable to CVE-2026-34073, CVE-2026-39892, CVE-2025-62718, CVE-2026-40175, PSIRT-WS-2026-0004, CVE-2026-41242, CVE-2026-42033,...

7.5CVSS6.2AI score0.00085EPSS

Exploits8Affected Software1

Nuclei•added 2 days ago•34 views

Barco Control Room Management Suite <=2.9 Build 0275 - Local File Inclusion

Barco Control Room Management through Suite 2.9 Build 0275 is vulnerable to local file inclusion that could allow attackers to access sensitive information and components. Requests must begin with the "GET /...." substring. id: CVE-2022-26233 info: name: Barco Control Room Management Suite =2.9...

7.5CVSS7.2AI score0.70035EPSS

Exploits3References5

Fedora•added 2 days ago•10 views

[SECURITY] Fedora 44 Update: samba-4.24.3-1.fc44

Samba is the standard Windows interoperability suite of programs for Linux and Unix...

9.8CVSS5.8AI score0.00392EPSS

Exploits1

GithubExploit•added 3 days ago•46 views

portswigger-labs

PortSwigger Web Security Academy — Lab Notes Notes from compl...

5.8AI score

Exploits0

IBM Security Bulletins•added 3 days ago•6 views

Security Bulletin: There is a vulnerability in uuid-9.0.1.tgz used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2026-41988)

Summary There is a vulnerability in uuid-9.0.1.tgz used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2026-41988 DESCRIPTION: uuid before 14.0.0 can make unexpected writes when external output buffers are used, and the UUID version is 3, 5, or 6...

3.2CVSS5.8AI score0.00018EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 3 days ago•6 views

Security Bulletin: There is a vulnerability in postcss-8.4.38.tgz used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2026-41305)

Summary There is a vulnerability in postcss-8.4.38.tgz used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2026-41305 DESCRIPTION: PostCSS takes a CSS file and provides an API to analyze and modify its rules by transforming the rules into an...

6.1CVSS5.8AI score0.00011EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 3 days ago•5 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses dompurify-3.3.2.tgz which is vulnerable to CVE-2026-41238, CVE-2026-41239, CVE-2026-41240

Summary IBM Maximo Application Suite - Visual Inspection component uses dompurify-3.3.2.tgz which is vulnerable to CVE-2026-41238, CVE-2026-41239, CVE-2026-41240 , This bulletin contains information regarding the vulnerability and its remediation. Vulnerability Details CVEID:CVE-2026-41238...

6.9CVSS5.8AI score0.00059EPSS

Exploits1Affected Software1

IBM Security Bulletins•added 3 days ago•6 views

Security Bulletin: IBM Maximo Application Suite - Visual Inspection component uses axios-1.15.0.tgz which is vulnerable to multiple CVEs.

Summary IBM Maximo Application Suite - Visual Inspection component uses axios-1.15.0.tgz which is vulnerable to multiple CVEs CVE-2026-42033, CVE-2026-42034, CVE-2026-42035, CVE-2026-42036, CVE-2026-42037, CVE-2026-42038, CVE-2026-42039, CVE-2026-42040, CVE-2026-42041, CVE-2026-42042,...

10CVSS5.9AI score0.00148EPSS

Exploits12Affected Software1

IBM Security Bulletins•added 3 days ago•5 views

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses cryptography-46.0.5-cp311-abi3-manylinux_2_34_x86_64.whl, cryptography-46.0.6-cp311-abi3-manylinux_2_34_x86_64.whl which is vulnerable to CVE-2026-34073, CVE-2026-39892

Summary Security Bulletin: IBM Maximo Application Suite - Monitor Component uses cryptography-46.0.5-cp311-abi3-manylinux234x8664.whl, cryptography-46.0.6-cp311-abi3-manylinux234x8664.whl which is vulnerable to CVE-2026-34073, CVE-2026-39892. This bulletin contains information addressing the...

9.8CVSS5.9AI score0.00023EPSS

Exploits0Affected Software1

Nuclei•added 3 days ago•17 views

Zimbra Collaboration Suite - Memcached Command Injection

Zimbra Collaboration Suite versions 8.8.15 and 9.0 contain a memcached command injection vulnerability that allows an unauthenticated attacker to inject arbitrary memcache commands into a targeted instance, leading to cache poisoning and potential credential theft. id: CVE-2022-27924 info: name:...

7.5CVSS7.5AI score0.90438EPSS

Exploits2References2

NCSC•added 6 days ago•8 views

Vulnerabilities in Oracle E-Business Suite components

Oracle has discovered vulnerabilities in various components of the Oracle E-Business Suite, including Oracle Payments, Oracle Internet Procurement Connector, Oracle Financials Common Modules, Oracle iAssets, Oracle Public Sector Financials International, Oracle Universal Work Queue, Oracle Payrol...

9.9CVSS5.8AI score0.00091EPSS

Exploits0References1

IBM Security Bulletins•added 6 days ago•11 views

Security Bulletin: There is a vulnerability in brace-expansion-2.0.2.tgz used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2026-33750)

Summary There is a vulnerability in brace-expansion-2.0.2.tgz used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2026-33750 DESCRIPTION: The brace-expansion library generates arbitrary strings containing a common prefix and suffix. Prior to...

7.5CVSS6.4AI score0.00028EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 6 days ago•8 views

Security Bulletin: There is a vulnerability in bcprov-jdk18on-1.81.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2026-0636)

Summary There is a vulnerability in bcprov-jdk18on-1.81.jar used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2026-0636 DESCRIPTION: Improper neutralization of special elements used in an LDAP query 'LDAP injection' vulnerability in Legion of t...

6.9CVSS5.8AI score0.00022EPSS

Exploits0Affected Software1

IBM Security Bulletins•added 6 days ago•8 views

Security Bulletin: There is a vulnerability in bcpkix-jdk18on-1.81.jar used by IBM Maximo Manage application in IBM Maximo Application Suite (CVE-2026-5588)

Summary There is a vulnerability in bcpkix-jdk18on-1.81.jar used by IBM Maximo Manage application in IBM Maximo Application Suite. Vulnerability Details CVEID:CVE-2026-5588 DESCRIPTION: Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of the Bouncy Castle Inc. BC-JAVA bcpk...

6.3CVSS7.1AI score0.00013EPSS

Exploits0Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by