CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

663 matches found

vulnersOsv•added 2026/04/16 10:36 p.m.•8 views

@afd-software/angular-ng-autocomplete (=14.0.0), @angularexpert/my-workspace (=0.0.0) +146 more potentially affected by CVE-2026-41423 via @angular/platform-server (>=0.0.0-0 <=18.2.14)

@angular/platform-server NPM version =0.0.0-0, =5.0.0, =1.0.0, =0.0.1, =2.0.0, =0.0.6, =19.3.0, =1.5.0, =1.4.1, =1.5.2 - @nani-creative-labs/app-builder =1.0.0 - @nger/angular =1.0.3 and more Source cves: CVE-2026-41423 Source advisory: OSV:GHSA-45Q2-GJVG-7973...

8.7CVSS5.8AI score0.00038EPSS

Exploits0

ATTACKERKB•added 2026/04/14 12:6 a.m.•1 views

CVE-2026-0512

Due to a Cross-Site Scripting XSS vulnerability in the SAP Supplier Relationship Management SICF Handler in SRM Catalog, an unauthenticated attacker could craft a malicious URL, that if accessed by a victim, results in execution of malicious content within the victim's browser. This could allow t...

6.1CVSS6AI score0.00108EPSS

Exploits0References3Affected Software1

Positive Technologies•added 2026/04/13 12:0 a.m.•4 views

PT-2026-32248

UAF vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality...

5.7CVSS5.8AI score0.00003EPSS

Exploits0References2

vulnersOsv•added 2026/04/10 12:31 p.m.•6 views

at.chrl:chrl-jms (=1.1.0), at.researchstudio.sat:won-core (>=0.2 <=0.9) +1035 more potentially affected by CVE-2026-39304 via org.apache.activemq:activemq-broker (>=5.10.0 <=5.19.3)

org.apache.activemq:activemq-broker MAVEN version =5.10.0, =0.2, =0.3, =0.2, =0.2, =0.3, =0.3, =0.3, =0.3, =0.3, =0.2, =0.3, =0.3, =0.6 - at.researchstudio.sat:won-owner =0.3 - at.researchstudio.sat:won-owner-webapp =0.3 and more Source cves: CVE-2026-39304 Source advisory: OSV:GHSA-5568-6QCG-G7F...

7.5CVSS5.8AI score0.00056EPSS

Exploits0

Cvelist•added 2026/03/05 7:10 a.m.•20 views

CVE-2026-28536

Authentication bypass vulnerability in the device authentication module. Impact: Successful exploitation of this vulnerability will affect integrity and confidentiality...

9.6CVSS0.00037EPSS

Exploits0References3

SUSE CVE•added 2026/01/10 12:23 a.m.•2 views

SUSE CVE-2026-21860

Werkzeug is a comprehensive WSGI web application library. Prior to version 3.1.5, Werkzeug's safejoin function allows path segments with Windows device names that have file extensions or trailing spaces. On Windows, there are special device names such as CON, AUX, etc that are implicitly present...

6.3CVSS6.9AI score0.00034EPSS

Exploits0References3

RedhatCVE•added 2026/01/09 10:17 a.m.•6 views

CVE-2019-2597

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products subcomponent: PIA Core Technology. Supported versions that are affected are 8.55, 8.56 and 8.57. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromi...

5.8CVSS5.6AI score0.00676EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:3 a.m.•5 views

CVE-2024-39670

Privilege escalation vulnerability in the account synchronisation module. Impact: Successful exploitation of this vulnerability will affect availability...

6.2CVSS7.2AI score0.00061EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:52 a.m.•4 views

CVE-2021-2288

Vulnerability in the Oracle Bills of Material product of Oracle E-Business Suite component: Bill Issues. Supported versions that are affected are 12.1.1-12.1.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Bills of Material...

8.1CVSS6.9AI score0.01221EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:46 a.m.•4 views

CVE-2025-23884

Cross-Site Request Forgery CSRF vulnerability in Chris Roberts Annie annie allows Cross Site Request Forgery.This issue affects Annie: from n/a through = 2.1.1...

7.1CVSS7.2AI score0.00078EPSS

Exploits0References1

Positive Technologies•added 2025/11/19 12:0 a.m.•5 views

PT-2025-47476

Name of the Vulnerable Software and Affected Versions Looker versions prior to 24.12.106 Looker versions 24.12.106 through 24.18.198 Looker versions prior to 25.0.75 Looker versions 25.0.75 through 25.6.63 Looker versions prior to 25.6.63 Looker versions 25.6.63 through 25.8.45 Looker versions...

6CVSS5.5AI score0.00032EPSS

Exploits0References5

Cvelist•added 2025/11/11 4:50 p.m.•4 views

CVE-2025-27712

Improper neutralization for some IntelR Neural Compressor software before version v3.4 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege. This...

5.7CVSS0.00013EPSS

Exploits0References1

Japan Vulnerability Notes•added 2025/10/22 4:54 a.m.•5 views

Multiple stored cross-site scripting vulnerabilities in Movable Type

Overview Movable Type provided by Six Apart Ltd. contains multiple stored cross-site scripting vulnerabilities listed below. Stored cross-site scripting vulnerability in Edit ContentData page CWE-79 - CVE-2025-54856 Stored cross-site scripting vulnerability in Edit CategorySet of ContentType page...

4.8CVSS6.1AI score0.00024EPSS

Exploits0References6