CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVIDIA License System contains a vulnerability in the installation scripts for the DLS virtual appliance, where a user on a network after signing in to the portal can access other users’ credentials, allowing them to gain escalated privileges, resulting in limited impact to both confidentiality a...

5.5CVSS7.1AI score0.00079EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 10:11 p.m.•3 views

CVE-2022-36642

A local file disclosure vulnerability in /appConfig/userDB.json of Telos Alliance Omnia MPX Node through 1.0.0-1.4.9 allows attackers to access users credentials which makes him able to gain initial access to the control panel with high privilege because the cleartext storage of sensitive...

9.8CVSS6.5AI score0.70723EPSS

Exploits1References1

OpenVAS•added 2025/05/13 12:0 a.m.•9 views

Huawei EulerOS: Security Advisory for wget (EulerOS-SA-2025-1545)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7.5AI score0.00592EPSS

Exploits0References2

RedhatCVE•added 2025/02/05 5:56 p.m.•7 views

CVE-2019-5112

Exploitable SQL injection vulnerability exists in the authenticated portion of Forma LMS 2.2.1. The /appLms/ajax.server.php URL and parameter filterstatus was confirmed to suffer from SQL injections and could be exploited by authenticated attackers. An attacker can send a web request with...

8.8CVSS7.4AI score0.00507EPSS

Exploits1References1

RedhatCVE•added 2025/02/05 5:52 p.m.•7 views

CVE-2019-5120

An exploitable SQL injection vulnerability exists in the authenticated part of YouPHPTube 7.6. Specially crafted web requests can cause SQL injections. An attacker can send a web request with parameters containing SQL injection attacks to trigger this vulnerability, potentially allowing...

8.8CVSS7.5AI score0.0049EPSS

Exploits1References1

CNVD•added 2021/07/09 12:0 a.m.•7 views

Unspecified Vulnerability in QSAN Storage Manager

QSAN Storage Manager is a NAS operating system from Quantium Technologies Incorporated QSAN. A security vulnerability exists in QSAN Storage Manager that stems from the use of a hard-coded encryption key vulnerability that could be exploited by an attacker to gain access to user credentials and...

9.8CVSS7AI score0.00206EPSS

Exploits0References1

Exploit DB•added 2007/06/26 12:0 a.m.•51 views

Elkagroup Image Gallery 1.0 - SQL Injection

--==+================================================================================+==-- --==+ Image Gallery 1.0 SQL Injection Vulnerbilitys +==-- --==+================================================================================+==-- AUTHOR: t0pP8uZz & xprog SCRIPT DOWNLOAD: N/A SITE:...

7.4AI score

Exploits0

NVD•added 2004/12/31 5:0 a.m.•7 views

CVE-2004-2337

The /.inlook/.crypt file for inlook 0.7.3 and earlier is installed with world readable permissions, which allows local users to obtain user POP3 credentials...

2.1CVSS6.3AI score0.00059EPSS

Exploits0References5

Exploit DB•added 2004/01/04 12:0 a.m.•14 views

ASPApp PortalApp - Remote User Database Access

source: https://www.securityfocus.com/bid/9354/info A problem has been identified in ASPapp PortalApp when user credentials are stored on a system. Because of this, an attacker may be able to gain unauthorized access to sensitive information. http://www.example.com/APP Portall/data/8275.mdb...

7.4AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by