CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

471 matches found

Patchstack•added 2026/05/05 9:22 a.m.•7 views

WordPress Import and export users and customers plugin <= 2.0.8 - Authenticated (Subscriber+) Privilege Escalation vulnerability

Authenticated Subscriber+ Privilege Escalation vulnerability discovered by kiemtiendinhau in WordPress Plugin Import and export users and customers versions = 2.0.8...

8.8CVSS5.8AI score0.00476EPSS

Exploits0References1Affected Software1

OSV•added 2026/04/20 8:34 a.m.•4 views

SUSE-SU-2026:1468-1 Security update for the Linux Kernel (Live Patch 4 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.16 fixes various security issues The following security issues were fixed: - CVE-2025-40309: Bluetooth: SCO: Fix UAF on scoconnfree bsc1255066. - CVE-2026-23268: apparmor: fix unprivileged local user can do privileged policy...

7.8CVSS6.1AI score0.00145EPSS

Exploits0References5

NVD•added 2026/03/18 4:16 p.m.•3 views

CVE-2025-55041

MuraCMS through 10.1.10 contains a CSRF vulnerability in the Add To Group functionality for user management cUsers.cfc addToGroup method that allows attackers to escalate privileges by adding any user to any group without proper authorization checks. The vulnerable function lacks CSRF token...

8CVSS0.00128EPSS

Exploits0References2

RedhatCVE•added 2026/01/09 11:29 a.m.•7 views

CVE-2021-27479

ZOLL Defibrillator Dashboard, v prior to 2.2,The affected product’s web application could allow a low privilege user to inject parameters to contain malicious scripts to be executed by higher privilege users...

5.4CVSS6.9AI score0.00539EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:51 a.m.•4 views

CVE-2022-42455

ASUS EC Tool driver aka d.sys 1beb15c90dcf7a5234ed077833a0a3e900969b60be1d04fcebce0a9f8994bdbb, as signed by ASUS and shipped with multiple ASUS software products, contains multiple IOCTL handlers that provide raw read and write access to port I/O and MSRs via unprivileged IOCTL calls. Local user...

7.8CVSS7AI score0.00161EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:52 a.m.•3 views

CVE-2020-10057

GeniXCMS 1.1.7 is vulnerable to user privilege escalation due to broken access control. This issue exists because of an incomplete fix for CVE-2015-2680, in which "token" is used as a CSRF protection mechanism, but without validation that "token" is associated with an administrative user...

8.8CVSS7.2AI score0.03935EPSS

Exploits3References1

RedhatCVE•added 2026/01/09 8:33 a.m.•5 views

CVE-2024-39870

A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2 SP1. The affected applications can be configured to allow users to manage own users. A local authenticated user with this privilege could use this modify users outside of their own scope as well as to escalate...

7.8CVSS6.7AI score0.00248EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:41 a.m.•7 views

CVE-1999-0337

AIX batch queue bsh allows local and remote users to gain additional privileges when network printing is enabled...

7.5CVSS7.1AI score0.02032EPSS

Exploits0References1