CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

93 matches found

CVE•added 2026/01/07 11:10 p.m.•6 views

CVE-2026-21694

Titra (open‑source time tracking) has an Improper Access Control in versions 0.99.49 and earlier, enabling users to view/edit other users’ time entries in private projects. The issue affects the Titra APIs and is fixed in version 0.99.50. No exploitation details are provided in the sources; advis...

8.1CVSS6.3AI score0.00054EPSS

Exploits1References2Affected Software1

Cvelist•added 2026/01/07 11:10 p.m.•26 views

CVE-2026-21694 Titra APIs have Improper Access Control

Titra is open source project time tracking software. Versions 0.99.49 and below have Improper Access Control, allowing users to view and edit other users' time entries in private projects they have not been granted access to. This issue is fixed in version 0.99.50...

6.8CVSS0.00054EPSS

Exploits1References2

OSV•added 2026/01/07 11:10 p.m.•1 views

CVE-2026-21694 Titra APIs have Improper Access Control

6.8CVSS6.5AI score0.00054EPSS

Exploits1References4

CNNVD•added 2025/11/10 12:0 a.m.•2 views

Bugsink 安全漏洞

Bugsink is a self-hosted bug tracking software from Bugsink Open Source. A security vulnerability exists in Bugsink versions prior to 2.0.6, which stems from a specially crafted Brotli compressed envelope that may lead to excessive CPU time consumption, possibly resulting in a denial of service...

7.5CVSS6.3AI score0.00108EPSS

Exploits0References2

Vulnrichment•added 2025/10/27 12:0 a.m.•3 views

CVE-2025-60291

An issue was discovered in eTimeTrackLite Web thru 12.0 20250704. There is a permission control flaw that allows unauthorized attackers to access specific routes and modify database connection configurations...

6.4AI score0.00043EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2006-0698

Malware in sbrugna...

5CVSS6.4AI score0.09894EPSS

Exploits0References8

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2006-0696

Malware in sbrugna...

4.3CVSS6.4AI score0.00527EPSS

Exploits0References7

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2006-0697

Malware in sbrugna...

7.5CVSS6.4AI score0.00816EPSS

Exploits0References7

CNNVD•added 2025/10/06 12:0 a.m.•1 views

SICK AG Baggage Analytics 安全漏洞

SICK AG Baggage Analytics is a visualization and analysis software for airport tracking systems from SICK AG, Germany. A security vulnerability exists in SICK AG Baggage Analytics that stems from a different error message being returned on login failure, which could lead to a username enumeration...

5.3CVSS6.6AI score0.00083EPSS

Exploits0References6

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-54711

Malicious code in bioql PyPI...

9.8CVSS6.6AI score0.00241EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-33571

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00312EPSS

Exploits0References1

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2023-32129

Malicious code in bioql PyPI...

8CVSS7.6AI score0.00197EPSS

Exploits0References1

Circl•added 2025/07/12 7:49 p.m.•3 views

CVE-2025-7487

creationtimestamp| type| source ---|---|--- 2025-07-12 19:49:06+00:00| seen| https://bsky.app/profile/potato.software/post/3lts4w2tptd2b...

6.5CVSS7.3AI score0.00173EPSS

Exploits0References1

ATTACKERKB•added 2025/06/27 5:15 p.m.•2 views

CVE-2024-12364

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Mavi Yeşil Software Guest Tracking Software allows SQL Injection. This issue affects Guest Tracking Software. NOTE: The vendor did not inform about the completion of the fixing process within the...

9.8CVSS5.8AI score0.00241EPSS

Exploits0References3

Cvelist•added 2025/06/27 4:13 p.m.•8 views

CVE-2024-12364 SQLi in Mavi Yeşil Software's Guest Tracking Software

9.8CVSS0.00241EPSS

Exploits0References2

CVE•added 2025/06/27 4:13 p.m.•20 views

CVE-2024-12364

CVE-2024-12364 covers an SQL Injection in Mavi Yeşil Software’s Guest Tracking Software. The vulnerability arises from improper neutralization of special elements in SQL commands within the Guest Tracking Software’s components, enabling remote exploitation with network access and no privileges re...

9.8CVSS5.8AI score0.00241EPSS

Exploits0References2

Vulnrichment•added 2025/06/27 4:13 p.m.•2 views

CVE-2024-12364 SQLi in Mavi Yeşil Software's Guest Tracking Software

9.8CVSS5.8AI score0.00241EPSS

Exploits0References2

Positive Technologies•added 2025/06/27 12:0 a.m.•0 views

PT-2025-27239

Name of the Vulnerable Software and Affected Versions: Mavi Yeşil Software Guest Tracking Software affected versions not specified Description: The issue is related to an SQL Injection vulnerability due to improper neutralization of special elements used in SQL commands. This allows for SQL...

9.8CVSS7.1AI score0.00241EPSS

Exploits0References6

CNNVD•added 2025/06/27 12:0 a.m.•1 views

Mavi Yeşil Software Guest Tracking Software SQL注入漏洞

Mavi Yeşil Software Guest Tracking Software is a software for tracking visitor information from Mavi Yeşil Software, Turkey. Mavi Yeşil Software Guest Tracking Software suffers from a SQL injection vulnerability that stems from improper neutralization of special elements in SQL commands, which...

9.8CVSS7.6AI score0.00241EPSS

Exploits0References2

OSV•added 2025/06/18 2:15 p.m.•0 views

CVE-2025-46157

An issue in EfroTech Time Trax v.1.0 allows a remote attacker to execute arbitrary code via the file attachment function in the leave request form...

9.9CVSS6.2AI score0.00887EPSS

Exploits2References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by