CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

594 matches found

Gryphon Tower - Cross-Site Scripting

Gryphon Tower router web interface contains a reflected cross-site scripting vulnerability in the url parameter of the /cgi-bin/luci/siteaccess/ page. An attacker can exploit this issue by tricking a user into following a specially crafted link, granting the attacker JavaScript execution in the...

6.1CVSS6.4AI score0.02557EPSS

Exploits1References4

RedhatCVE•added 6 days ago•6 views

CVE-2026-12726

A flaw was found in the AWX GitHub webhook integration. When processing GitHub pullrequest webhooks, the controller stores the pullrequest.statusesurl value from the webhook payload without validating that it points to a trusted GitHub API endpoint. If a job template is configured with a GitHub...

6.3CVSS5.8AI score0.00204EPSS

Exploits0References3

AstraLinux•added 2026/05/20 5:53 a.m.•7 views

Astra Linux - уязвимость в ansible

A flaw was discovered in Ansible’s amazon.aws collection when using the towercallback parameter from the amazon.aws.ec2instance module. This flaw allows an attacker to exploit the issue, as the module handles the parameter insecurely, resulting in the password being leaked in the logs...

7.5CVSS6.9AI score0.00712EPSS

Exploits0References2

The Hacker News•added 2026/04/30 1:55 p.m.•20 views

ThreatsDay Bulletin: SMS Blaster Busts, OpenEMR Flaws, 600K Roblox Hacks and 25 More Stories

The internet is noisy this week. We are seeing some wild new tactics, like people using fake cell towers to send scam texts, while some developers are accidentally downloading tools that peek into their private files during a simple install. It is definitely a busy time to be online. Security is...

10CVSS8AI score0.99999EPSS

Exploits125

Tenable Nessus•added 2026/01/16 12:0 a.m.•4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000551)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000551 advisory. The towerprobe function in drivers/usb/misc/legousbtower.c in the Linux kernel before 4.8.1 allows local users who are physically proximate for inserting a crafted U...

6.9CVSS6.7AI score0.00391EPSS

Exploits0References10

Tenable Nessus•added 2026/01/15 12:0 a.m.•3 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002822)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002822 advisory. The towerprobe function in drivers/usb/misc/legousbtower.c in the Linux kernel before 4.8.1 allows local users who are physically proximate for inserting a crafted U...

6.9CVSS6.7AI score0.00391EPSS

Exploits0References10

Chainguard•added 2026/01/07 7:17 p.m.•6 views

CVE-2025-69223 vulnerabilities

Vulnerabilities for packages: kubeflow-pipelines-visualization-server, apache-beam-python-3.11-sdk, kserve, request-1276, airflow, py3-cassandra-medusa, checkov, py3-vllm-cuda-12.4, open-webui, dask-kubernetes, gitlab-cng, authentik, awx...

7.5CVSS6.6AI score0.00299EPSS

Exploits0