CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

38 matches found

CVE•added 2026/04/22 7:32 p.m.•4 views

CVE-2026-3673

CVE-2026-3673 affects Frappe Framework 16.10.10. An authenticated attacker can store a crafted value in _user_tags and trigger JavaScript execution when a victim opens the list/report view where tags are rendered. The vulnerable renderer interpolates tag content into HTML attributes and element c...

5.4CVSS5.9AI score0.00038EPSS

Exploits1References2Affected Software1

OSV•added 2026/01/24 12:46 a.m.•6 views

CVE-2026-24403 iccDEV Undefined Behavior in CIccProfile::CheckHeader() Leads to Integer Overflow

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. In versions 2.3.1.1 and below, an integer overflow vulnerability exists in icValidateStatus CIccProfile::CheckHeader when user-controllable input is incorporated into profile data...

7.1CVSS5.8AI score0.00267EPSS

Exploits1References5

RedhatCVE•added 2026/01/09 10:19 a.m.•6 views

CVE-2019-18275

OSIsoft PI Vision, All versions of PI Vision prior to 2019. The affected product is vulnerable to an improper access control, which may return unauthorized tag data when viewing analysis data reference attributes...

6.5CVSS6.8AI score0.00125EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:19 a.m.•7 views

CVE-2021-22172

Improper authorization in GitLab 12.8+ allows a guest user in a private project to view tag data that should be inaccessible on the releases page...

4.3CVSS6.3AI score0.00255EPSS

Exploits1References1

Vulnrichment•added 2026/01/07 9:50 p.m.•2 views

CVE-2026-21690 iccDEV has Type Confusion in CIccTagXmlTagData::ToXml()

iccDEV provides a set of libraries and tools that allow for the interaction, manipulation, and application of International Color Consortium ICC color management profiles. Versions prior to 2.3.1.2 have a Type Confusion vulnerability in CIccTagXmlTagData::ToXml. This vulnerability affects users o...

6.3CVSS6.4AI score0.00103EPSS

Exploits1References3

CNNVD•added 2026/01/07 12:0 a.m.•3 views

iccDEV 安全漏洞

iccDEV is an open source color configuration code base from the International Color Consortium. A security vulnerability exists in iccDEV versions prior to 2.3.1.2, which stems from a type confusion in the CIccTagXmlTagData::ToXml function...

6.3CVSS6.8AI score0.00103EPSS

Exploits1References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-1983

Malware in sbrugna...

10CVSS8.9AI score0.00232EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2019-8064

Malware in sbrugna...

6.5CVSS6.5AI score0.00125EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-25351

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00046EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2021-9318

Malicious code in bioql PyPI...

4.3CVSS4.7AI score0.00255EPSS

Exploits1References4

NVD•added 2025/09/29 9:15 p.m.•2 views

CVE-2025-54591

FreshRSS is a free, self-hostable RSS aggregator. Versions 1.26.3 and below expose information about feeds and tags of default admin users, due to lack of access checking in the FreshRSSAuth::hasAccess function used by some of the tag/feed related endpoints. FreshRSS controllers usually have a...

7.5CVSS0.00069EPSS

Exploits1References3

Tenable Nessus•added 2025/08/30 12:0 a.m.•3 views

Linux Distros Unpatched Vulnerability : CVE-2021-22172

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper authorization in GitLab 12.8+ allows a guest user in a private project to view tag data that should be inaccessible on the releases page CVE-2021-22172...

4.3CVSS5AI score0.00255EPSS

Exploits1References2

RedhatCVE•added 2025/05/23 3:0 a.m.•2 views

CVE-2023-21183

In ForegroundUtils of ForegroundUtils.java, there is a possible way to read NFC tag data while the app is still in the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8CVSS6.6AI score0.00046EPSS

Exploits0References1

ICS•added 2025/03/25 6:0 a.m.•13 views

Inaba Denki Sangyo CHOCO TEI WATCHER mini

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to obtain the product's login password, gain unauthorized access, tamper with product's data, and/or modify product settings. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to...

7.5CVSS8AI score0.00605EPSS

Exploits0References10

OSV•added 2024/03/06 11:20 a.m.•15 views

BIT-GITLAB-2021-22172

Improper authorization in GitLab 12.8+ allows a guest user in a private project to view tag data that should be inaccessible on the releases page...

4.3CVSS4AI score0.00255EPSS

Exploits1References4

OSV•added 2023/06/28 6:15 p.m.•1 views

CVE-2023-21183

7.8CVSS5.9AI score

Exploits0References1

Prion•added 2023/06/28 6:15 p.m.•13 views

Design/Logic Flaw

4.3CVSS7.5AI score0.00046EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2023/06/28 12:0 a.m.•2 views

PT-2023-17971 · Google · Android

Name of the Vulnerable Software and Affected Versions: Android versions Android-13 Description: A logic error in the ForegroundUtils.java code allows for the potential reading of NFC tag data even when the app is in the background. This issue could lead to local escalation of privilege without...

7.8CVSS7.6AI score0.00046EPSS

Exploits0References2

Vulnrichment•added 2023/06/28 12:0 a.m.•11 views

CVE-2023-21183

7.2AI score0.00046EPSS

Exploits0References1

OSV•added 2023/06/01 12:0 a.m.•5 views

PUB-A-235863754

7.8CVSS6.9AI score0.00046EPSS

Exploits0References1

Rows per page