CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

RedHat Linux•added 2025/12/15 3:40 p.m.•2 views

Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.16.5 security update

Important: Red Hat OpenShift GitOps v1.16.5 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-8116 CVE-2024-45338 openshift-gitops-dex-container: Non-linear parsing of case-insensitive content in golang.org/x/net/html gitops-1.17 GITOPS-80...

9.9CVSS7.2AI score0.32338EPSS

Exploits15References7

RedHat Linux•added 2025/12/15 3:39 p.m.•5 views

Important: Red Hat Security Advisory: Red Hat OpenShift GitOps v1.17.3 security update

Important: Red Hat OpenShift GitOps v1.17.3 security update An update is now available for Red Hat OpenShift GitOps. Bug Fixes and Enhancements: GITOPS-8116 CVE-2024-45338 openshift-gitops-dex-container: Non-linear parsing of case-insensitive content in golang.org/x/net/html gitops-1.17 GITOPS-76...

9.9CVSS7.2AI score0.32338EPSS

Exploits15References7

CNVD•added 2025/11/11 12:0 a.m.•2 views

Advantech WebAccess/VPN Command Injection Vulnerability

Advantech WebAccess/VPN is a virtual private network feature integrated in Advantech WebAccess/SCADA software, designed to provide a secure and reliable network connectivity solution for industrial automation and remote monitoring systems. Advantech WebAccess/VPN suffers from a command injection...

8.6CVSS7.9AI score0.00175EPSS

Exploits0References1

RedhatCVE•added 2025/11/07 7:58 p.m.•2 views

CVE-2025-34240

Advantech WebAccess/VPN versions prior to 1.1.5 contain a SQL injection vulnerability in AppManagementController.appUpgradeAction that allows an authenticated low-privileged observer user to inject SQL via datatable search parameters, leading to disclosure of database information...

8.6CVSS7.6AI score0.0003EPSS

Exploits0References1

RedhatCVE•added 2025/11/07 7:58 p.m.•2 views

CVE-2025-34239

Advantech WebAccess/VPN versions prior to 1.1.5 contain a command injection vulnerability in AppManagementController.appUpgradeAction that allows an authenticated system administrator to execute arbitrary commands as the web server user www-data by supplying a crafted uploaded filename...

8.6CVSS8AI score0.00175EPSS

Exploits0References1

NVD•added 2025/11/06 8:15 p.m.•2 views

CVE-2025-34239

8.6CVSS0.00175EPSS

Exploits0References3

NVD•added 2025/11/06 8:15 p.m.•1 views

CVE-2025-34240

8.6CVSS0.0003EPSS

Exploits0References3

Vulnrichment•added 2025/11/06 7:45 p.m.•1 views

CVE-2025-34240 Advantech WebAccess/VPN < 1.1.5 SQL Injection via AppManagementController.appUpgradeAction()

8.6CVSS7.2AI score0.0003EPSS

Exploits0References3

Microsoft KB•added 2024/03/12 7:0 a.m.•46 views

Description of the security update for SharePoint Server Subscription Edition: March 12, 2024 (KB5002564)

Description of the security update for SharePoint Server Subscription Edition: March 12, 2024 KB5002564 Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability. To learn more about the vulnerability, see Microsoft Common Vulnerabilities and Exposure...

7.8CVSS8.1AI score0.00931EPSS

Exploits0

CNNVD•added 2022/03/28 12:0 a.m.•1 views

diyhi bbs 路径遍历漏洞

diyhi bbs patrol cloud light forum system is a Chinese open source project , using JAVA + MYSQL architecture , adaptive mobile and computer , simple interface , high performance . diyhi bbs 5.3 version of a security vulnerability , the vulnerability stems from the UpgradeManageAction.java file...

4.9CVSS5.5AI score0.00608EPSS

Exploits1References2

NVD•added 2009/08/10 8:30 p.m.•16 views

CVE-2008-6927

Multiple cross-site scripting XSS vulnerabilities in autoinstall4imagesgalleryupgrade.php in the Fantastico De Luxe Module for cPanel allow remote attackers to inject arbitrary web script or HTML via the 1 localapp, 2 updatedir, 3 scriptpathshow, 4 domainshow, 5 thispage, 6 thisapp, and 7...

4.3CVSS5.8AI score0.04182EPSS

Exploits1References8