CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

143 matches found

CNNVD•added 2026/05/12 12:0 a.m.•4 views

Apache Tomcat 输入验证错误漏洞

Apache Tomcat is a lightweight web application server developed by the Apache Foundation in the United States. It supports Servlet and JavaServer Page JSP technologies. Vulnerabilities exist in versions of Apache Tomcat from 11.0.0-M1 to 11.0.21, 10.1.0-M1 to 10.1.54, 9.0.0.M1 to 9.0.117, and...

9.8CVSS5.8AI score0.00253EPSS

Exploits0References1

Tenable Nessus•added 2025/11/10 12:0 a.m.•2 views

Lucee Unset Credentials

Lucee web application server may be configured with no credentials. If an attacker setup the default accounts, they could gain unauthorized access to the application and perform arbitrary actions on it. No source data...

7.1AI score

Exploits0References4

Tenable Nessus•added 2025/11/10 12:0 a.m.•3 views

Lucee Default Credentials

Lucee web application server may be configured with default or predictable credentials for its accounts. If an attacker can guess the credentials, they may be able to gain unauthorized access to the application and perform arbitrary actions on it. No source data...

7.3AI score

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2006-1043

Malware in sbrugna...

6.4CVSS6.4AI score0.05852EPSS

Exploits0References7

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2005-3630

Malware in sbrugna...

5CVSS6.4AI score0.00979EPSS

Exploits1References10

EUVD•added 2025/10/07 12:30 a.m.•0 views

EUVD-2006-5769

Malware in sbrugna...

5CVSS6.4AI score0.01186EPSS

Exploits0References9

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2006-5768

Malware in sbrugna...

4.6CVSS6.4AI score0.07161EPSS

Exploits0References10

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2006-5994

Malware in sbrugna...

5CVSS6.4AI score0.00577EPSS

Exploits0References3

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2008-2416

Malware in sbrugna...

4.3CVSS6.4AI score0.07699EPSS

Exploits1References7

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2005-3631

Malware in sbrugna...

5CVSS6.4AI score0.01653EPSS

Exploits1References9

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-46425

Malicious code in bioql PyPI...

6.9CVSS6.6AI score0.01918EPSS

Exploits2References2

CNVD•added 2025/07/18 12:0 a.m.•1 views

Apache Tomcat Competitive Conditions Issue Vulnerability

Apache Tomcat is the United States Apache Apache Foundation of a lightweight Web application server . Used to implement the Servlet and JavaServer Page JSP support. Apache Tomcat suffers from a Competitive Conditions Issue vulnerability, which can be exploited by an attacker to cause a denial of...

7.5CVSS6.7AI score0.01205EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 8:29 a.m.•3 views

CVE-2024-5178

ServiceNow has addressed a sensitive file read vulnerability that was identified in the Washington DC, Vancouver, and Utah Now Platform releases. This vulnerability could allow an administrative user to gain unauthorized access to sensitive files on the web application server. The vulnerability i...

6.9CVSS6.9AI score0.01918EPSS

Exploits2References1

CNNVD•added 2024/12/17 12:0 a.m.•1 views

Apache Tomcat 安全漏洞

Apache Tomcat is the United States Apache Apache Foundation of a lightweight Web application server . Used to implement the Servlet and JavaServer Page JSP support. Apache Tomcat has a resource management issue vulnerability that stems from the presence of uncontrolled resource consumption, which...

5.3CVSS6.6AI score0.01228EPSS

Exploits0References7

NVD•added 2024/07/10 5:15 p.m.•11 views

CVE-2024-5178

6.9CVSS0.01918EPSS

Exploits2References2

Cvelist•added 2024/07/10 4:23 p.m.•34 views

CVE-2024-5178 Incomplete Input Validation in SecurelyAccess API

6.9CVSS0.01918EPSS

Exploits2References2

Cvelist•added 2024/05/09 8:3 p.m.•9 views

CVE-2024-1467 Starter Templates — Elementor, WordPress & Beaver Builder Templates <= 4.1.6 - Authenticated (Contributor+) Server-Side Request Forgery

The Starter Templates — Elementor, WordPress & Beaver Builder Templates plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 4.1.6 via the aiapirequest. This makes it possible for authenticated attackers, with contributor-level access and above, ...

4.3CVSS5.8AI score0.00132EPSS

Exploits0References3

Cvelist•added 2023/10/04 8:7 p.m.•12 views

CVE-2023-44389 Zope management interface vulnerable to stored cross site scripting via the title property

Zope is an open-source web application server. The title property, available on most Zope objects, can be used to store script code that is executed while viewing the affected object in the Zope Management Interface ZMI. All versions of Zope 4 and Zope 5 are affected. Patches will be released wit...

3.1CVSS5.4AI score0.00372EPSS

Exploits0References3

CVE•added 2023/10/04 8:7 p.m.•56 views

CVE-2023-44389

Zope (Zope 4 and Zope 5) is affected by a stored XSS via the title property in the ZMI. The vulnerability arises because the title value can execute script code when viewed, with the issue mapped to the Zope management interface (ZMI). All versions are affected until patches are released in Zope ...

4.8CVSS4.5AI score0.00372EPSS

Exploits0References3Affected Software1

NVD•added 2023/09/21 5:15 p.m.•13 views

CVE-2023-42458

Zope is an open-source web application server. Prior to versions 4.8.10 and 5.8.5, there is a stored cross site scripting vulnerability for SVG images. Note that an image tag with an SVG image as source is never vulnerable, even when the SVG image contains malicious code. To exploit the...

5.4CVSS4.3AI score0.00321EPSS

Exploits1References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by