CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6056 matches found

Arcserve Unified Data Protection - Authentication Bypass

An authentication bypass vulnerability exists in Arcserve Unified Data Protection 9.2 and 8.1 in the edge-app-base-webui.jar!com.ca.arcserve.edge.app.base.ui.server.EdgeLoginServiceImpl.doLogin function within wizardLogin. id: CVE-2024-0799 info: name: Arcserve Unified Data Protection -...

9.8CVSS7.5AI score0.04342EPSS

Exploits1References2

Nuclei•added 17 hours ago•57 views

Cisco Unified Communications Manager 7/8/9 - Directory Traversal

A directory traversal vulnerability in the Tomcat administrative web interface in Cisco Unified Communications Manager allows remote authenticated users to read arbitrary files via directory traversal sequences in an unspecified input string, aka Bug ID CSCui78815 id: CVE-2013-5528 info: name:...

8.1CVSS7.4AI score0.88559EPSS

Exploits22References4

EUVD•added yesterday•4 views

EUVD-2026-39378

Customer Broken Access Control in UPI QR Code Payment Gateway for WooCommerce = 1.6.2 versions...

5.4CVSS5.9AI score

Exploits0References1

CVE•added yesterday•10 views

CVE-2026-56023

The CVE concerns the WordPress plugin “UPI QR Code Payment Gateway for WooCommerce” (versions ≤ 1.6.2). The root cause is Broken Access Control, allowing unauthorized access with low privileges over a network. Metrics indicate a CVSS v3.1 base score of 5.4 (Medium) with Privileges Required: Low, ...

5.4CVSS5.9AI score

Exploits0References1

Nuclei•added yesterday•47 views

Mitel MiCollab - Authentication Bypass

A vulnerability in the NuPoint Unified Messaging NPM component of Mitel MiCollab through 9.8 SP1 FP2 9.8.1.201 could allow an unauthenticated attacker to conduct a path traversal attack, due to insufficient input validation. A successful exploit could allow unauthorized access, enabling the...

9.8CVSS7.4AI score0.98067EPSS

Exploits3References3

CISA KEV Catalog•added yesterday•5 views

Cisco Unified Communications Manager Server-Side Request Forgery (SSRF) Vulnerability

Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME contain a server-side request forgery SSRF Vulnerability that could allow an unauthenticated, remote attacker to write files to the underlying operating system that...

8.6CVSS5.9AI score0.34157EPSS

In wildExploits3

EUVD•added 2 days ago•3 views

EUVD-2026-38981

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix memory leaks in beacon template setup The functions ath11kmacsetupbcntmplema and ath11kmacsetupbcntmplmbssid allocate memory for beacon templates but fail to free it when parameter setup returns an error. Since...

5.8AI score0.00159EPSS

Exploits0References2

The Hacker News•added 2 days ago•9 views

Cisco Unified CM Flaw Exploited After PoC Reveals File-Write Path to Root

Threat actors have begun to exploit a recently disclosed critical security flaw impacting Cisco Unified Communications Manager Unified CM and Unified Communications Manager Session Management Edition Unified CM SME. The vulnerability, tracked as CVE-2026-20230 CVSS score: 8.6, is a case of improp...

8.6CVSS6.4AI score0.34157EPSS

Exploits3

VulnCheck KEV•added 4 days ago•10 views

VulnCheck KEV: CVE-2026-20230

A vulnerability in Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, remote attacker to conduct server-side request forgery SSRF attacks through an affected device. This vulnerability ...

8.6CVSS6.2AI score0.34157EPSS

In wildExploits3References4

AstraLinux•added 2026/06/19 11:10 a.m.•4 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: powerpc/secvar: A refcount leak has been fixed in formatshow. A refcount leak occurs when formatshow returns an error in multiple cases. Unified management of ofnodeput can fix this issue...

5.5CVSS6AI score0.00243EPSS

Exploits0References2

AstraLinux•added 2026/06/19 11:10 a.m.•6 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: cgroup: Split cgroupdestroywq into 3 workqueues A hang can occur during 1 LTP cgroup testing when repeatedly mounting/unmounting perfevent and netprio controllers with systemd.unifiedcgrouphierarchy=1. The hang manifests in...

5.5CVSS6.8AI score0.00134EPSS

Exploits0References2

NVD•added 2026/06/19 10:16 a.m.•10 views

CVE-2026-11576

The security fix for CVE-2025-0728 in eclipse-threadx NetX Duo refactors error handling in the HTTP server PUT process to use a shared cleanup label, but this unified cleanup path unconditionally calls fxfileclose even when the file was never successfully opened. Multiple error branches jump to t...

7.5CVSS0.00263EPSS

Exploits0References1

Microsoft Secure•added 2026/06/18 7:36 p.m.•11 views

New Forrester Total Economic Impact™ study projects a 124% ROI from unifying with Microsoft Security

Across many industries, organizations are unifying security and putting AI agents to work. Security teams are utilizing agents that reason, decide, and act on their behalf, under their governance. At Microsoft, we see this firsthand—more than 80% of the Fortune 500 are already using AI.1 The...

5.9AI score

Exploits0

NVD•added 2026/06/17 10:53 a.m.•7 views

CVE-2026-46776

Vulnerability in the Oracle Unified Directory product of Oracle Fusion Middleware component: OUD Core. Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via LDAP to compromise Oracle Unified...

8.6CVSS0.00371EPSS

Exploits0References1

NVD•added 2026/06/17 10:53 a.m.•8 views

CVE-2026-46773

9.8CVSS0.00518EPSS

Exploits0References1

NVD•added 2026/06/17 10:53 a.m.•6 views

CVE-2026-46774

9.8CVSS0.00518EPSS

Exploits0References1

Positive Technologies•added 2026/06/16 12:0 a.m.•14 views

PT-2026-49907

Name of the Vulnerable Software and Affected Versions Oracle Unified Directory versions 12.2.1.4.0 Oracle Unified Directory versions 14.1.2.1.0 Description An issue in the OUD Core component of Oracle Fusion Middleware allows an unauthenticated attacker with network access via LDAP Lightweight...

9.8CVSS5.8AI score0.00518EPSS

Exploits0References5

Positive Technologies•added 2026/06/16 12:0 a.m.•11 views

PT-2026-49908

Name of the Vulnerable Software and Affected Versions Oracle Unified Directory version 12.2.1.4.0 Oracle Unified Directory version 14.1.2.1.0 Description An issue exists in the OUD Core component of the Oracle Unified Directory product of Oracle Fusion Middleware. An unauthenticated attacker with...

9.8CVSS5.8AI score0.00518EPSS

Exploits0References5

Positive Technologies•added 2026/06/16 12:0 a.m.•9 views

PT-2026-49909

Name of the Vulnerable Software and Affected Versions Oracle Unified Directory version 12.2.1.4.0 Oracle Unified Directory version 14.1.2.1.0 Description An issue in the OUD Core component of Oracle Fusion Middleware allows an unauthenticated attacker with network access via LDAP to compromise th...

8.6CVSS5.9AI score0.00371EPSS

Exploits0References4