CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2026/04/02 12:31 p.m.•2 views

EUVD-2026-18173

Due to the improper neutralisation of special elements used in an OS command, a remote attacker can exploit an RCE vulnerability in the generateSrpArray function, resulting in full system compromise. This vulnerability can only be attacked if the attacker has some other way to write arbitrary dat...

ATTACKERKB•added 2026/04/02 8:59 a.m.•2 views

Exploits0References3

CVE-2026-33613

CVE•added 2026/04/02 8:59 a.m.•5 views

Exploits0References3

CVE-2026-33613

CVE-2026-33613 concerns MB Connect Line mbCONNECT24 with a remote code execution in the generateSrpArray function caused by improper neutralisation of special elements in an OS command. The vulnerability allows an attacker to achieve full system compromise, but only if there is another path to wr...

8.8CVSS6AI score0.00052EPSS

Exploits0References2Affected Software2

Vulnrichment•added 2026/04/02 8:59 a.m.•0 views

CVE-2026-33613 MB connect line mbCONNECT24 vulnerable to RCE in generateSrpArray

Cvelist•added 2026/04/02 8:59 a.m.•22 views

CVE-2026-33613 MB connect line mbCONNECT24 vulnerable to RCE in generateSrpArray

7.2CVSS0.00052EPSS

Positive Technologies•added 2026/04/02 12:0 a.m.•1 views

PT-2026-29710

RedhatCVE•added 2026/01/09 9:54 a.m.•6 views

Exploits0References3

CVE-2020-10240

An issue was discovered in Joomla! before 3.9.16. Missing length checks in the user table can lead to the creation of users with duplicate usernames and/or email addresses...

5.3CVSS6.7AI score0.00211EPSS

EUVD•added 2025/10/07 12:30 a.m.•5 views

EUVD-2007-0375

Malware in sbrugna...

6.8CVSS6.4AI score0.00633EPSS

Exploits2References13

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-2695

Malware in sbrugna...

5.3CVSS5.4AI score0.00211EPSS

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-0665

Malicious code in bioql PyPI...

6.5CVSS6.5AI score0.00294EPSS

Exploits0References4

NVD•added 2025/07/08 1:15 a.m.•2 views

CVE-2025-42960

SAP Business Warehouse and SAP BW/4HANA BEx Tools allow an authenticated attacker to gain higher access levels than intended by exploiting improper authorization checks. This could potentially impact data integrity by allowing deletion of user table entries.�It has no impact on the confidentialit...

4.3CVSS0.00168EPSS

Positive Technologies•added 2025/07/08 12:0 a.m.•1 views

PT-2025-28279 · Sap · Sap Business Warehouse +1

Name of the Vulnerable Software and Affected Versions: SAP Business Warehouse and SAP BW/4HANA BEx Tools affected versions not specified Description: The issue allows an authenticated attacker to gain higher access levels than intended by exploiting improper authorization checks. This could...

4.3CVSS6.2AI score0.00168EPSS

Exploits0References5

RedhatCVE•added 2025/05/22 11:56 p.m.•2 views

CVE-2022-23857

model/criteria/criteria.go in Navidrome before 0.47.5 is vulnerable to SQL injection attacks when processing crafted Smart Playlists. An authenticated user could abuse this to extract arbitrary data from the database, including the user table which contains sensitive information such as the users...

6.5CVSS7.1AI score0.00294EPSS

RedhatCVE•added 2025/05/22 10:50 p.m.•5 views

CVE-2022-30765

Calibre-Web before 0.6.18 allows user table SQL Injection...

9.8CVSS7.5AI score0.00264EPSS

RedhatCVE•added 2025/05/22 3:49 p.m.•4 views

CVE-2020-15697

An issue was discovered in Joomla! through 3.9.19. Internal read-only fields in the User table class could be modified by users...

4.3CVSS6.8AI score0.00009EPSS

Exploits0

OSV•added 2025/04/03 2:10 p.m.•7 views

BIT-JOOMLA-2020-15697

An issue was discovered in Joomla! through 3.9.19. Internal read-only fields in the User table class could be modified by users...

4.3CVSS7.1AI score0.00009EPSS

RedhatCVE•added 2025/02/14 10:37 a.m.•5 views

CVE-2023-30465

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.4.0 through 1.5.0. By manipulating the "orderType" parameter and the ordering of the returned content using an SQL...

5.3CVSS7.7AI score0.00608EPSS