CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

107 matches found

ATTACKERKB•added 2026/05/18 6:45 p.m.•7 views

CVE-2026-8836

A vulnerability was found in lwIP up to 2.2.1. Affected is the function snmpparseinboundframe of the file src/apps/snmp/snmpmsg.c of the component snmpv3 USM Handler. Performing a manipulation of the argument msgAuthenticationParameters results in stack-based buffer overflow. The attack may be...

10CVSS7.7AI score0.00286EPSS

Exploits1References7

Positive Technologies•added 2026/05/18 12:0 a.m.•8 views

PT-2026-41721

Name of the Vulnerable Software and Affected Versions lwIP versions prior to 2.2.2 Description A stack-based buffer overflow exists in the snmpv3 USM Handler component. A remote attacker can trigger this issue by manipulating the msgAuthenticationParameters argument within the snmp parse inbound...

10CVSS7.7AI score0.00286EPSS

Exploits1References10

EUVD•added 2025/10/07 12:30 a.m.•8 views

EUVD-2017-6432

Malware in sbrugna...

5.7CVSS6.1AI score0.00862EPSS

Exploits6References8

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2017-16008

Malware in sbrugna...

8.4CVSS8.2AI score0.00529EPSS

Exploits4References7

EUVD•added 2025/10/07 12:30 a.m.•8 views

EUVD-2016-7798

Malware in sbrugna...

5.4CVSS6AI score0.00203EPSS

Exploits3References5

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-19013

Malware in sbrugna...

9.8CVSS9.5AI score0.02396EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2016-9430

Malware in sbrugna...

6.1CVSS6.3AI score0.00301EPSS

Exploits1References4

EUVD•added 2025/10/07 12:30 a.m.•0 views

EUVD-2015-5627

Malware in sbrugna...

5.5CVSS5.5AI score0.00088EPSS

Exploits2References5

Tenable Nessus•added 2025/08/06 12:0 a.m.•1 views

Linux Distros Unpatched Vulnerability : CVE-2024-37026

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/xe: Only use reserved BCS instances for usm migrate exec queue The GuC context schedulin...

5.5CVSS5.5AI score0.00031EPSS

Exploits0References2

RedhatCVE•added 2025/05/23 2:58 a.m.•1 views

CVE-2023-1166

The USM-Premium WordPress plugin before 16.3 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example, in multisite setup...

4.8CVSS6.5AI score0.00095EPSS

Exploits3References1

OSV•added 2025/02/28 12:16 a.m.•3 views

OSV-2025-178 Heap-buffer-overflow in usm_set_user_password

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=399458050 Crash type: Heap-buffer-overflow WRITE 9 Crash state: usmsetuserpassword usmsetpassword runconfighandler...

7.2AI score

Exploits0References1

NVD•added 2023/06/27 2:15 p.m.•13 views

CVE-2023-1166

4.8CVSS4.8AI score0.00095EPSS

Exploits3References1

Prion•added 2023/06/27 2:15 p.m.•12 views

Cross site scripting

4.3CVSS4.8AI score0.00095EPSS

Exploits3References1Affected Software1

Cvelist•added 2023/06/27 1:17 p.m.•17 views

CVE-2023-1166 USM Premium < 16.3 - Admin+ Stored XSS

5AI score0.00095EPSS

Exploits3References1

CVE•added 2023/06/27 1:17 p.m.•43 views

CVE-2023-1166

The CVE-2023-1166 issue affects the USM-Premium WordPress plugin prior to version 16.3. The root cause is inadequate sanitization/escaping of certain plugin settings, enabling Stored XSS by high-privilege users (e.g., administrators) even when unfiltered_html is disallowed (e.g., in multisite set...

4.8CVSS4.7AI score0.00095EPSS

Exploits3References1Affected Software1

Vulnrichment•added 2023/06/27 1:17 p.m.•25 views

CVE-2023-1166 USM Premium < 16.3 - Admin+ Stored XSS

5.7AI score0.00095EPSS

Exploits3References1

Positive Technologies•added 2023/06/27 12:0 a.m.•1 views

PT-2023-16794 · WordPress · Usm-Premium

Name of the Vulnerable Software and Affected Versions: USM-Premium WordPress plugin versions prior to 16.3 Description: The issue allows high-privilege users, such as admins, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html capability is disallowed, for example, in...

4.8CVSS5.4AI score0.00095EPSS

Exploits3References5

Patchstack•added 2023/06/22 12:0 a.m.•13 views

WordPress USM Premium Plugin < 16.3 is vulnerable to Cross Site Scripting (XSS)

Software USM Premium Type Plugin Vulnerable versions 16.3 Fixed in 16.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1166 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 2fffba6c645d Credits Mohamed Selim Required privilege...

4.8CVSS5.7AI score0.00095EPSS

Exploits3References3Affected Software1

WPVulnDB•added 2023/06/05 12:0 a.m.•23 views

USM Premium < 16.3 - Admin+ Stored XSS

The plugin does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example, in multisite setup. PoC Put the payload in any text field of the "8 ...

4.8CVSS8AI score0.00095EPSS

Exploits3Affected Software1

wpexploit•added 2023/06/05 12:0 a.m.•162 views

USM Premium < 16.3 - Admin+ Stored XSS

4.8CVSS8.5AI score0.00095EPSS

Exploits3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by