CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

127 matches found

ATTACKERKB•added 2026/01/30 11:2 a.m.•2 views

CVE-2026-22623

Due to insufficient input parameter validation on the interface, authenticated users of certain HIKSEMI NAS products can execute arbitrary commands on the device by crafting specific messages...

7.2CVSS6.1AI score0.00035EPSS

Exploits0References2Affected Software1

RedhatCVE•added 2026/01/09 12:10 p.m.•7 views

CVE-2018-18558

An issue was discovered in Espressif ESP-IDF 2.x and 3.x before 3.0.6 and 3.1.x before 3.1.1. Insufficient validation of input data in the 2nd stage bootloader allows a physically proximate attacker to bypass secure boot checks and execute arbitrary code, by crafting an application binary that...

6.9CVSS7.5AI score0.00038EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:19 a.m.•6 views

CVE-2021-22452

A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may exploit this vulnerability to read at any address...

5.5CVSS6.7AI score0.00025EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:21 a.m.•5 views

CVE-2021-27641

SAP 3D Visual Enterprise Viewer, version - 9, allows a user to open manipulated TIF file received from untrusted sources which results in crashing of the application and becoming temporarily unavailable until the user restarts the application, this is caused due to Improper Input Validation...

5.5CVSS6.8AI score0.00143EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:6 a.m.•2 views

CVE-2024-34681

Improper input validation in BluetoothAdapter prior to SMR Nov-2024 Release 1 allows local attackers to cause local permanent denial of service on Galaxy Watch...

6.6CVSS6.5AI score0.00091EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 8:45 a.m.•5 views

CVE-2022-38385

IBM Cloud Pak for Security CP4S 1.10.0.0 through 1.10.2.0 could allow an authenticated user to obtain highly sensitive information or perform unauthorized actions due to improper input validation. IBM X-Force ID: 233777...

8.1CVSS5.9AI score0.00328EPSS

Exploits0References1

RedhatCVE•added 2026/01/07 9:37 a.m.•7 views

CVE-2019-7352

Self - Stored Cross Site Scripting XSS exists in ZoneMinder through 1.32.3, as the view 'state' aka Run State state.php does no input validation to the value supplied to the 'New State' aka newState field, allowing an attacker to execute HTML or JavaScript code...

6.1CVSS5.8AI score0.0024EPSS

Exploits1References1

RedhatCVE•added 2026/01/07 9:29 a.m.•6 views

CVE-2019-12347

In pfSense 2.4.4-p3, a stored XSS vulnerability occurs when attackers inject a payload into the Name or Description field via an acmeaccountkeysedit.php action. The vulnerability occurs due to input validation errors...

6.1CVSS5.8AI score0.73177EPSS

Exploits2References1