CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

84 matches found

RedhatCVE•added 2026/01/07 9:31 a.m.•5 views

CVE-2019-16572

Jenkins Weibo Plugin 1.0.1 and earlier stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system...

5.5CVSS6.7AI score0.00036EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2014-6683

Malware in sbrugna...

5.4CVSS6.4AI score0.00134EPSS

Exploits0References4

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-16097

Malware in sbrugna...

7.5CVSS7.5AI score0.00198EPSS

Exploits1References2

EUVD•added 2025/10/07 12:30 a.m.•0 views

EUVD-2012-1414

Malware in sbrugna...

10CVSS6.4AI score0.00433EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2020-11195

Malware in sbrugna...

5.4CVSS5.5AI score0.00191EPSS

Exploits1References3

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-2561

Malicious code in bioql PyPI...

5.5CVSS5.6AI score0.00036EPSS

Exploits0References3

The Hacker News•added 2025/07/05 6:12 a.m.•8 views

Taiwan NSB Alerts Public on Data Risks from Douyin, Weibo, and RedNote Over China Ties

Taiwan's National Security Bureau NSB has warned that China-developed applications like RedNote aka Xiaohongshu, Weibo, Douyin, WeChat, and Baidu Cloud pose security risks due to excessive data collection and data transfer to China. The alert comes following an inspection of these apps carried ou...

6.7AI score

Exploits0

RedhatCVE•added 2025/05/22 5:4 p.m.•3 views

CVE-2020-19290

A stored cross-site scripting XSS vulnerability in the /weibo/comment component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Weibo comment section...

5.4CVSS5.5AI score0.00191EPSS

Exploits1

RedhatCVE•added 2025/05/22 5:4 p.m.•3 views

CVE-2020-19291

A stored cross-site scripting XSS vulnerability in the /weibo/publishdata component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in a posted Weibo...

5.4CVSS5.5AI score0.00151EPSS

Exploits1

RedhatCVE•added 2025/05/22 3:20 p.m.•5 views

CVE-2020-23349

An intent redirection issue was doscovered in Sina Weibo Android SDK 4.2.7 com.sina.weibo.sdk.share.WbShareTransActivity, any unexported Activities could be started by the com.sina.weibo.sdk.share.WbShareTransActivity...

7.5CVSS6.9AI score0.00198EPSS

Exploits1

RedhatCVE•added 2025/05/22 6:39 a.m.•5 views

CVE-2019-17268

The omniauth-weibo-oauth2 gem 0.4.6 for Ruby, as distributed on RubyGems.org, included a code-execution backdoor inserted by a third party. Versions through 0.4.5, and 0.5.1 and later, are unaffected...

9.8CVSS6.9AI score0.00646EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 3:1 a.m.•2 views

CVE-2012-1389

Unspecified vulnerability in the Di Long Weibo com.icekirin.weibos application 1.9.9 for Android has unknown impact and attack vectors...

10CVSS7AI score0.00433EPSS

Exploits0References1

OSV•added 2025/05/15 8:15 p.m.•1 views

CVE-2024-12282

The WordPress连接微博 WordPress plugin through 2.5.6 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...

6.1CVSS7.3AI score0.00109EPSS

Exploits1References1

CVE•added 2023/09/01 8:0 p.m.•32 views

CVE-2023-4713

The CVE-2023-4713 entry concerns IBOS OA 4.5.5 where the addComment function at ?r=weibo/comment/addcomment is vulnerable to SQL injection via the touid parameter. The vulnerability is described as critical, with potential high impact on confidentiality, integrity, and availability. The root caus...

8.8CVSS6.7AI score0.00066EPSS

Exploits1References3Affected Software1

CNNVD•added 2023/09/01 12:0 a.m.•2 views

IBOS SQL Injection Vulnerability

IBOS is a collaborative office management system. An SQL injection vulnerability exists in IBOS OA version 4.5.5, which stems from the fact that incorrect manipulation of the touid in the addComment function of ?r=weibo/comment/addcomment can lead to SQL injection...

8.8CVSS7.9AI score0.00066EPSS

Exploits1References4

NVD•added 2022/09/19 11:15 p.m.•10 views

CVE-2022-38550

A stored cross-site scripting XSS vulnerability in the /weibo/list component of Jeesns v2.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.4CVSS0.00209EPSS

Exploits1References1

OSV•added 2022/09/19 11:15 p.m.•0 views

CVE-2022-38550

A stored cross-site scripting XSS vulnerability in the /weibo/list component of Jeesns v2.0.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

5.4CVSS5.9AI score

Exploits0References1

Positive Technologies•added 2022/09/19 12:0 a.m.•1 views

PT-2022-24450 · Jeesns · Jeesns

Name of the Vulnerable Software and Affected Versions: Jeesns version 2.0.0 Description: A stored cross-site scripting XSS issue in the "/weibo/list" component allows attackers to execute arbitrary web scripts or HTML via a crafted payload. This can lead to the execution of malicious code on the...

5.4CVSS5.6AI score0.00209EPSS

Exploits1References4

The Hacker News•added 2022/05/27 4:14 p.m.•21 views

Experts Detail New RCE Vulnerability Affecting Google Chrome Dev Channel

Details have emerged about a recently patched critical remote code execution vulnerability in the V8 JavaScript and WebAssembly engine used in Google Chrome and Chromium-based browsers. The issue relates to a case of use-after-free in the instruction optimization component, successful exploitatio...

1.8AI score

Exploits0

Github Security Blog•added 2022/05/24 5:8 p.m.•19 views

omniauth-weibo-oauth2 included a code-execution backdoor inserted by a third party

9.8CVSS4.1AI score0.00646EPSS

Exploits0References5Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by