CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

964 matches found

PRTG Network Monitor - Local File Inclusion

PRTG Network Monitor before 18.2.40.1683 allows remote unauthenticated attackers to create users with read-write privileges including administrator. A remote unauthenticated user can craft an HTTP request and override attributes of the 'include' directive in /public/login.htm and perform a Local...

9.8CVSS7.5AI score0.93002EPSS

Exploits0References2

RedhatCVE•added 2026/01/09 12:36 p.m.•4 views

CVE-2023-49099

Discourse is a platform for community discussion. Under very specific circumstances, secure upload URLs associated with posts can be accessed by guest users even when login is required. This vulnerability has been patched in 3.2.0.beta4 and 3.1.4...

4.3CVSS6.8AI score0.00286EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 12:36 p.m.•3 views

CVE-2023-49002

An issue in Xenom Technologies sinous Phone Dialer-voice Call Dialer v.1.2.5 allows an attacker to bypass intended access restrictions via interaction with com.funprime.calldialer.ui.activities.OutgoingActivity...

7.5CVSS6.8AI score0.00224EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 12:10 p.m.•5 views

CVE-2018-18819

A vulnerability in the web conference chat component of MiCollab, versions 7.3 PR6 7.3.0.601 and earlier, and 8.0 8.0.0.40 through 8.0 SP2 FP2 8.0.2.202, and MiVoice Business Express versions 7.3 PR3 7.3.1.302 and earlier, and 8.0 8.0.0.40 through 8.0 SP2 FP1 8.0.2.202, could allow creation of...

5.3CVSS7.1AI score0.00343EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:29 a.m.•3 views

CVE-2021-27374

VertiGIS WebOffice 10.7 SP1 before patch20210202 and 10.8 SP1 before patch20210207 allows attackers to achieve "Zugriff auf Inhalte der WebOffice Applikation."...

7.5CVSS7AI score0.00281EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:26 a.m.•2 views

CVE-2021-28095

OX Documents before 7.10.5-rev5 has Incorrect Access Control for documents that contain XML structures because hash collisions can occur, due to use of CRC32...

5.8CVSS7AI score0.00146EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:15 a.m.•6 views

CVE-2019-2263

Access to freed memory can happen while reading from diag driver due to use after free issue in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in IPQ4019, IPQ8064...

7.8CVSS7.5AI score0.00044EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:10 a.m.•2 views

CVE-2019-11925

Insufficient boundary checks when processing the JPEG APP12 block marker in the GD extension could allow access to out-of-bounds memory via a maliciously constructed invalid JPEG input. This issue affects HHVM versions prior to 3.30.9, all versions between 4.0.0 and 4.8.3, all versions between...

9.8CVSS6.7AI score0.00974EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:55 a.m.•4 views

CVE-2020-12478

TeamPass 2.1.27.36 allows an unauthenticated attacker to retrieve files from the TeamPass web root. This may include backups or LDAP debug files...

7.5CVSS6.9AI score0.35561EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 9:52 a.m.•5 views

CVE-2020-10100

An issue was discovered in Zammad 3.0 through 3.2. It allows for users to view ticket customer details associated with specific customers. However, the application does not properly implement access controls related to this functionality. As such, users of one company are able to access ticket da...

6.5CVSS6.7AI score0.00405EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:25 a.m.•5 views

CVE-2023-4650

Improper Access Control in GitHub repository instantsoft/icms2 prior to 2.16.1-git...

4.7CVSS6.8AI score0.00049EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 9:13 a.m.•5 views

CVE-2022-0133

peertube is vulnerable to Improper Access Control...

7.5CVSS6.8AI score0.00343EPSS

Exploits1References1