CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

126 matches found

Positive Technologies•added 2026/05/28 12:0 a.m.•5 views

PT-2026-44783

These are all security issues fixed in the libsuricata8 0 5-8.0.5-1.1 package on the GA media of openSUSE Tumbleweed...

5.8AI score

Exploits0References16

RedhatCVE•added 2026/03/26 3:10 p.m.•0 views

CVE-2026-1780

The CRPaid Link Manager plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the URL path in all versions up to, and including, 0.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts ...

6.1CVSS6AI score0.001EPSS

Exploits0References1

CNNVD•added 2026/03/24 12:0 a.m.•3 views

pyLoad 安全漏洞

pyLoad is an open-source download manager written in Python. Versions of pyLoad from 0.4.0 to 0.5.0b3.dev97 contained security vulnerabilities. These vulnerabilities stemmed from the setconfigvalue API endpoint, which allowed users with non-administrator SETTINGS privileges to modify any...

8.8CVSS6.2AI score0.00113EPSS

Exploits1References1

EUVD•added 2026/03/18 6:31 a.m.•0 views

EUVD-2026-12763

6.1CVSS6AI score0.001EPSS

Exploits0References3

NVD•added 2026/03/18 4:17 a.m.•1 views

CVE-2026-1780

6.1CVSS0.001EPSS

Exploits0References2

Rosalinux•added 2026/01/26 12:16 p.m.•6 views

Advisory ROSA-SA-2026-3120

software: qpdfview 0.5 WASP: ROSA-CHROME unaffected versions = qpdfview-0.5-4 affected versions qpdfview-0.5-4 CVE-ID: CVE-2025-46206 BDU-ID: 2025-11246 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the mutool clean utility of the MuPDF PDF viewer is related to infinite recursion. Exploitation of...

6.5CVSS5.8AI score0.00719EPSS

Exploits1

RedhatCVE•added 2026/01/09 11:50 a.m.•5 views

CVE-2009-4137

The loadContentFromCookie function in core/Cookie.php in Piwik before 0.5 does not validate strings obtained from cookies before calling the unserialize function, which allows remote attackers to execute arbitrary code or upload arbitrary files via vectors related to the destruct function in the...

7.5CVSS8AI score0.04884EPSS

Exploits2References1

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2013-4213

Malware in sbrugna...

4.6CVSS6AI score0.00062EPSS

Exploits0References10

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2002-1548

Malware in sbrugna...

5CVSS6.4AI score0.077EPSS

Exploits1References4

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2024-41427

Malicious code in bioql PyPI...

6.1CVSS6.6AI score0.00801EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2025-31696

Malicious code in bioql PyPI...

6.4CVSS6.6AI score0.0004EPSS

Exploits0References4

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2025-28459

Malicious code in bioql PyPI...

7.1CVSS6.5AI score0.0008EPSS

Exploits0References1

NVD•added 2025/09/30 11:37 a.m.•2 views

CVE-2025-10130

The Layers plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'webcam' shortcode in all versions up to, and including, 0.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, wi...

6.4CVSS0.0004EPSS

Exploits0References4

CNNVD•added 2025/09/30 12:0 a.m.•1 views

WordPress plugin Layers 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

6.4CVSS5.8AI score0.0004EPSS

Exploits0References3

Positive Technologies•added 2025/09/30 12:0 a.m.•3 views

PT-2025-39930

Name of the Vulnerable Software and Affected Versions Layers plugin for WordPress versions prior to 0.6 Description The Layers plugin for WordPress is susceptible to Stored Cross-Site Scripting through the 'webcam' shortcode. This is due to inadequate input sanitization and output escaping of...

6.4CVSS5.4AI score0.0004EPSS

Exploits0References6

RedhatCVE•added 2025/09/24 6:30 p.m.•1 views

CVE-2025-58255

Cross-Site Request Forgery CSRF vulnerability in yonisink Custom Post Type Images custom-post-types-image allows Code Injection.This issue affects Custom Post Type Images: from n/a through = 0.5...

9.6CVSS5.9AI score0.0002EPSS

Exploits0References1

NVD•added 2025/09/22 7:16 p.m.•3 views

CVE-2025-58255

Cross-Site Request Forgery CSRF vulnerability in yonisink Custom Post Type Images custom-post-types-image allows Code Injection.This issue affects Custom Post Type Images: from n/a through = 0.5...

9.6CVSS0.0002EPSS

Exploits0References1

CVE•added 2025/09/22 6:23 p.m.•5 views

CVE-2025-58236

CVE-2025-58236 is a CSRF vulnerability in the WordPress plugin Force Update Translations. The vulnerability affects the plugin version range up to 0.5. According to the Wordfence vulnerability report, the issue is currently Unpatched, with no published fix at the time of that entry. The connected...

4.3CVSS5.9AI score0.00016EPSS

Exploits0References1

Vulnrichment•added 2025/09/22 6:23 p.m.•2 views

CVE-2025-58236 WordPress Force Update Translations plugin <= 0.5 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Mayo Moriyama Force Update Translations force-update-translations allows Cross Site Request Forgery.This issue affects Force Update Translations: from n/a through = 0.5...

4.3CVSS5.9AI score0.00016EPSS

Exploits0References1

Vulnrichment•added 2025/09/22 6:23 p.m.•1 views

CVE-2025-58255 WordPress Custom Post Type Images Plugin <= 0.5 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in yonisink Custom Post Type Images custom-post-types-image allows Code Injection.This issue affects Custom Post Type Images: from n/a through = 0.5...

9.6CVSS5.9AI score0.0002EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by