CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

465 matches found

SUSE SLED15 / SLES15 Security Update : MozillaFirefox (SUSE-SU-2026:2109-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2109-1 advisory. This update for MozillaFirefox fixes the following issues Update to Firefox Extended Support Release 140.11.0...

9.8CVSS6AI score0.00164EPSS

Exploits0References51

CNNVD•added 3 days ago•2 views

SOPlanning code-related vulnerabilities

SOPlanning is a set of online project management software developed by SOPlanning Company. Versions of SOPlanning 1.55 and earlier had code vulnerabilities. These vulnerabilities stemmed from an unvalidated validation of file extensions during upload. This allowed authenticated attackers to uploa...

8.8CVSS5.9AI score0.00067EPSS

Exploits0References2

Circl•added last week•5 views

CVE-2026-9912

creationtimestamp| type| source ---|---|--- 2026-05-28 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/google-chrome-multiple-vulnerabilities20260529 2026-05-28 18:00:00+00:00| seen| https://www.hkcert.org/security-bulletin/microsoft-edge-multiple-vulnerabilities20260529 2026-05-29...

6.5CVSS5.7AI score0.00035EPSS

Exploits0References3

CNNVD•added 2026/04/14 12:0 a.m.•1 views

Uppy 安全漏洞

Uppy is an open-source file uploader developed by Transloadit, designed for web browsers. Version 0.25.6 of Uppy contains a security vulnerability, which stems from the use of incompatible types to access resources...

9.8CVSS5.8AI score0.00058EPSS

Exploits0References4

RedHat Linux•added 2026/02/17 12:55 a.m.•4 views

npm-serialize-javascript: Cross-site Scripting (XSS) in serialize-javascript

A flaw was found in npm-serialize-javascript. The vulnerability occurs because the serialize-javascript module does not properly sanitize certain inputs, such as regex or other JavaScript object types, allowing an attacker to inject malicious code. This code could be executed when deserialized by...

5.4CVSS5.8AI score0.01129EPSS

Exploits0References6

CNNVD•added 2026/02/04 12:0 a.m.•4 views

Movable Type 跨站脚本漏洞

Movable Type is a content management system developed by Movable Type Inc. Movable Type has a cross-site scripting vulnerability, which stems from a storage-based cross-site scripting vulnerability present in exported sites. This vulnerability may allow arbitrary scripts to be executed on the web...

5.4CVSS6.2AI score0.00014EPSS

Exploits0References4

RedhatCVE•added 2025/12/19 12:37 p.m.•2 views

CVE-2025-67850

A flaw was found in moodle. This vulnerability, known as Cross-Site Scripting XSS, occurs due to insufficient checks on user-provided data in the formula editor's arithmetic expression fields. A remote attacker could inject malicious code into these fields. When other users view these expressions...

6.4AI score0.00012EPSS

Exploits0References2

The Hacker News•added 2025/12/13 5:32 a.m.•18 views

Apple Issues Security Updates After Two WebKit Flaws Found Exploited in the Wild

Apple on Friday released security updates for iOS, iPadOS, macOS, tvOS, watchOS, visionOS, and its Safari web browser to address two security flaws that it said have been exploited in the wild, one of which is the same flaw that was patched by Google in Chrome earlier this week. The vulnerabiliti...

10CVSS8.9AI score0.4843EPSS

Exploits35

Jake Archibald's Blog•added 2025/10/15 1:0 a.m.•4 views

The present and potential future of progressive image rendering

Progressive image formats allow the decoder to create a partial rendering when only part of the image resource is available. Sometimes it's part of the image, and sometimes it's a low quality/resolution version of the image. I've been digging into it recently, and I think there are some common...

6AI score

Exploits0