CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

OSV•added 2025/12/29 3:16 p.m.•1 views

CVE-2025-60458

UxPlay 1.72 contains a double free vulnerability in its RTSP request handling. A specially crafted RTSP TEARDOWN request can trigger multiple calls to free on the same memory address, potentially causing a Denial of Service...

6.5CVSS5.8AI score0.00017EPSS

Exploits1References1

Debian CVE•added 2025/12/29 12:0 a.m.•3 views

CVE-2025-60458

6.5CVSS5.3AI score0.00017EPSS

Exploits1

CVE•added 2024/07/02 11:31 a.m.•39 views

CVE-2024-6441

The CVE-2024-6441 issue affects ORIPA up to v1.72, where deserialization in LoaderXML.java is exposed to remote attack. The vulnerability is caused by an unknown functionality in the LoaderXML.java path and can be triggered remotely. Upgrading to version 1.80 addresses the issue. Active exploitat...

6.5CVSS6.4AI score0.00268EPSS

Exploits0References6

OSV•added 2023/08/24 11:15 p.m.•1 views

AZL-28511 CVE-2023-40030 affecting package rust for versions less than 1.72.0-2

Cargo downloads a Rust project’s dependencies and compiles the project. Starting in Rust 1.60.0 and prior to 1.72, Cargo did not escape Cargo feature names when including them in the report generated by cargo build --timings. A malicious package included as a dependency may inject nearly arbitrar...

6.1CVSS6.5AI score0.00193EPSS

Exploits0References1

OSV•added 2023/05/26 9:15 p.m.•0 views

AZL-26813 CVE-2023-28320 affecting package rust for versions less than 1.72.0-2

A denial of service vulnerability exists in curl v8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time. If it is built to use the synchronous resolver, it allows name resolves to time-out slow operations using alarm and siglongjmp. When doi...

5.9CVSS6.8AI score0.00641EPSS

Exploits1References1

OSV•added 2021/06/18 10:15 a.m.•1 views

CVE-2021-21669

Jenkins Generic Webhook Trigger Plugin 1.72 and earlier does not configure its XML parser to prevent XML external entity XXE attacks...

9.8CVSS7.3AI score

Exploits0References2

CNVD•added 2020/06/04 12:0 a.m.•1 views

CloudBees Jenkins Script Security Plugin Cross-Site Scripting Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Script Security Plugin is used in one of the...

5.4CVSS6.5AI score0.0012EPSS

Exploits0References1

Positive Technologies•added 2020/06/03 12:0 a.m.•2 views

PT-2020-15404 · Jenkins · Jenkins Script Security Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Script Security Plugin versions 1.72 and earlier Description: The issue is related to a stored cross-site scripting vulnerability. It occurs because the Jenkins Script Security Plugin does not correctly escape pending or approved...

5.4CVSS5.1AI score0.0012EPSS

Exploits0References7