CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

20 matches found

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2009-1800

Malware in sbrugna...

4CVSS6.1AI score0.00331EPSS

Exploits1References8

EUVD•added 2025/10/03 8:7 p.m.•5 views

EUVD-2021-8716

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.00603EPSS

Exploits0References2

RedhatCVE•added 2025/05/23 7:56 a.m.•12 views

CVE-2024-33666

An issue was discovered in Zammad before 6.3.0. Users with customer access to a ticket could have accessed time accounting details of this ticket via the API. This data should be available only to agents...

8.6CVSS6.8AI score0.00511EPSS

Exploits0References1

OSV•added 2025/05/09 7:16 a.m.•2 views

DEBIAN-CVE-2025-37880

In the Linux kernel, the following vulnerability has been resolved: um: work around schedyield not yielding in time-travel mode schedyield by a userspace may not actually cause scheduling in time-travel mode as no time has passed. In the case seen it appears to be a badly implemented userspace...

5.5CVSS5.5AI score0.00147EPSS

Exploits0References1

OSV•added 2025/05/09 7:16 a.m.•2 views

UBUNTU-CVE-2025-37880

5.5CVSS6.2AI score0.00147EPSS

Exploits0References9

Cvelist•added 2024/04/26 12:0 a.m.•15 views

CVE-2024-33666

6.6AI score0.00511EPSS

Exploits0References1

Vulnrichment•added 2024/04/26 12:0 a.m.•10 views

CVE-2024-33666

6.8AI score0.00511EPSS

Exploits0References1

CVE•added 2024/04/26 12:0 a.m.•84 views

CVE-2024-33666

Zammad prior to 6.3.0 is affected: users with customer access to a ticket could access time accounting details via the API, which should be restricted to agents. The issue is fixed in version 6.3.0 and later. If upgrading is not feasible, a temporary workaround is to restrict API access for custo...

8.6CVSS6.7AI score0.00511EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2024/04/26 12:0 a.m.•5 views

PT-2024-25423 · Zammad · Zammad

Name of the Vulnerable Software and Affected Versions: Zammad versions prior to 6.3.0 Description: An issue allows users with customer access to a ticket to access time accounting details of the ticket via the API, which should be available only to agents. Recommendations: For versions prior to...

8.6CVSS7.2AI score0.00511EPSS

Exploits0References4

SUSE CVE•added 2023/02/15 3:46 a.m.•3 views

SUSE CVE-2021-21442

In the project create screen it's possible to inject malicious JS code to the certain fields. The code might be executed in the Reporting screen. This issue affects: OTRS AG Time Accounting: 7.0.x versions prior to 7.0.19...

5.4CVSS5.8AI score0.00603EPSS

Exploits0References3

CNVD•added 2021/07/28 12:0 a.m.•23 views

OTRS Cross-Site Scripting Vulnerability (CNVD-2021-57225)

OTRS is an application of the German company OTRS. A cross-site scripting vulnerability exists in OTRS AG Time Accounting, which stems from the ability to inject malicious JS code into specific fields during the project creation screen. No details of the vulnerability are currently available...

5.4CVSS2.4AI score0.00603EPSS

Exploits0References1

OSV•added 2021/07/26 5:15 a.m.•2 views

CVE-2021-21442

5.4CVSS5.8AI score0.00603EPSS

Exploits0References1

NVD•added 2021/07/26 5:15 a.m.•15 views

CVE-2021-21442

5.4CVSS0.00603EPSS

Exploits0References1

Prion•added 2021/07/26 5:15 a.m.•22 views

Code injection

4.3CVSS5.5AI score0.00603EPSS

Exploits0References1Affected Software1

CVE•added 2021/07/26 4:25 a.m.•81 views

CVE-2021-21442

CVE-2021-21442 describes a cross-site scripting (XSS) vulnerability in OTRS Time Accounting. The issue allows injecting malicious JavaScript into fields on the project creation screen, with potential execution in the Reporting screen. Affected product: OTRS Time Accounting 7.0.x prior to 7.0.19. ...

5.4CVSS5AI score0.00603EPSS

Exploits0References1Affected Software1

Cvelist•added 2021/07/26 4:25 a.m.•18 views

CVE-2021-21442 XSS vulnerability in Time Accounting

4.5CVSS5.8AI score0.00603EPSS

Exploits0References1

Tenable Nessus•added 2016/03/03 12:0 a.m.•29 views

VMware ESX / ESXi Descheduled Time Accounting DoS (VMSA-2009-0007) (remote check)

The remote ESX / ESXi host is missing a security-related patch. It is, therefore, affected by an unspecified flaw in the Descheduled Time Accounting driver that allows a guest Windows user to cause a denial of service. Note that this issue can be exploited only if the feature is installed and the...

4CVSS5.5AI score0.00331EPSS

Exploits1References2

seebug.org•added 2009/06/02 12:0 a.m.•123 views

VMware产品Descheduled Time Accounting Driver拒绝服务漏洞

Bugraq ID: 35141 CVE ID：CVE-2009-1805 CNCVE ID：CNCVE-20091805 VMware提供包含多个虚拟主机和服务器的解决方案。 VMware Descheduled Time Accounting driver存在一个未明的安全问题，本地攻击者可以利用漏洞对虚拟机进行拒绝服务攻击。符合如下条件的虚拟机受此漏洞影响： -虚拟机运行在windows操作系统下。 -VMware Descheduled Time Accounting driver安装在虚拟机上。 -VMware Descheduled Time...

4CVSS6.4AI score0.00331EPSS

Exploits1

CVE•added 2009/06/01 7:0 p.m.•79 views

CVE-2009-1805

CVE-2009-1805 concerns the VMware Descheduled Time Accounting DoS vulnerability. The issue affects multiple VMware products where the Descheduled Time Accounting Service is not running inside a Windows guest, allowing a guest OS user to cause a denial of service via unknown vectors. Affected prod...

4CVSS6.2AI score0.00331EPSS

Exploits1References7Affected Software7