CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

CNNVD•added 2026/03/31 12:0 a.m.•3 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.28 contained security vulnerabilities. These vulnerabilities stemmed from the failure to disconnect active WebSocket sessions when removing devices or tokens, allowing attackers...

8.6CVSS5.8AI score0.00014EPSS

Exploits0References3

OSV•added 2026/03/27 10:28 p.m.•1 views

GHSA-9P93-7J67-5PC2 OpenClaw: Gateway HTTP /sessions/:sessionKey/kill Reaches Admin Kill Path Without Caller Scope Binding

Summary Gateway HTTP /sessions/:sessionKey/kill Reaches Admin Kill Path Without Caller Scope Binding. Details The HTTP route previously treated any bearer-authenticated request as admin-eligible and could call without binding the action to requester ownership or caller-granted operator scopes. Th...

7.1CVSS6AI score

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-16228

Malicious code in bioql PyPI...

4.3CVSS6.1AI score0.00124EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-26246

Malicious code in bioql PyPI...

4.3CVSS6.5AI score0.00044EPSS

Exploits0References3

RedhatCVE•added 2025/05/22 7:26 p.m.•4 views

CVE-2021-25777

In JetBrains TeamCity before 2020.2.1, permissions during token removal were checked improperly...

5.3CVSS7AI score0.00003EPSS

Exploits0References1

OSV•added 2022/10/07 9:15 p.m.•0 views

UBUNTU-CVE-2022-39290

ZoneMinder is a free, open source Closed-circuit television software application. In affected versions authenticated users can bypass CSRF keys by modifying the request supplied to the Zoneminder web application. These modifications include replacing HTTP POST with an HTTP GET and removing the CS...

8CVSS7AI score0.05209EPSS

Exploits4References3

OSV•added 2022/04/11 2:29 p.m.•5 views

SUSE-SU-2022:1149-1 Security update for mozilla-nss

This update for mozilla-nss fixes the following issues: Mozilla NSS 3.68.3 bsc1197903: - CVE-2022-1097: Fixed memory safety violations that could occur when PKCS11 tokens are removed while in use...

6.5CVSS7.6AI score0.00197EPSS

Exploits1References3

OSV•added 2022/04/05 2:36 p.m.•6 views

SUSE-SU-2022:14936-1 Security update for mozilla-nss

This update for mozilla-nss fixes the following issues: Mozilla NSS 3.68.3 bsc1197903: - CVE-2022-1097: Fixed memory safety violations that could occur when PKCS11 tokens are removed while in use...

6.5CVSS7.6AI score0.00197EPSS

Exploits1References3

CNNVD•added 2022/04/05 12:0 a.m.•0 views

fribidi 代码问题漏洞

fribidi is an open source implementation of a bi-directional Unicode algorithm. A code issue vulnerability exists in fribidi that stems from a crash caused by incorrectly handling null input when removing tokens from a unicode string. An attacker exploiting this vulnerability could cause FriBidi ...

5.5CVSS7.2AI score0.00037EPSS

Exploits1References23

Code423n4•added 2021/12/19 12:0 a.m.•6 views

Owner can lock any of basket tokens

Handle Czar102 Vulnerability details Impact Owner can remove any tokens, and since lock all funds that the contract has in a specific token. The owner may engineer the deletion in such way that afraid people will fear next locks and quit the basket, then the owner may add the token back, gaining...

6.8AI score

Exploits0