CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

170 matches found

OSV•added 2026/05/26 6:58 p.m.•7 views

GHSA-QRVH-R3F2-9H4R XWiki Platform has an Unauthenticated XAR Import via REST /wikis/{wikiName}

Impact POST /wikis/wikiName executes a XAR import without performing any authentication or authorization checks, allowing an unauthenticated attacker to create or update documents in the target wiki Patches This vulnerability has been patched in XWiki 16.10.17, 17.4.9, 17.10.3, 18.0.1 and...

9.3CVSS5.8AI score0.00016EPSS

Exploits1References5

GithubExploit•added 2026/05/25 6:10 p.m.•73 views

Exploit for CVE-2026-33137

CVE-2026-33137 XWiki Platform - Unauthenticated XAR Import...

9.3CVSS6AI score0.00016EPSS

Exploits1

NVD•added 2026/05/20 8:16 p.m.•8 views

CVE-2026-33137

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki Platform is a generic wiki platform. In versions starting with 15.10.6 and prior to 18.1.0-rc-1, 17.10.3, 17.4.9, and 16.10.17, the POST /wikis/wikiName API executes a XAR import without...

9.3CVSS0.00016EPSS

Exploits1References3

Vulnrichment•added 2026/05/20 6:59 p.m.•6 views

CVE-2026-33137 XWiki Platform has an Unauthenticated XAR Import via REST /wikis/{wikiName}

9.3CVSS5.7AI score0.00016EPSS

Exploits1References3

CVE•added 2026/05/20 6:59 p.m.•21 views

CVE-2026-33137

CVE-2026-33137 — XWiki Platform : The issue affects XWiki Platform where, in versions prior to 18.1.0-rc-1, 17.10.3, 17.4.9, and 16.10.17, the POST /wikis/{wikiName} API performs a XAR import without authentication or authorization checks, allowing an unauthenticated attacker to create or update ...

9.3CVSS5.7AI score0.00016EPSS

Exploits1References3

ATTACKERKB•added 2026/05/20 6:59 p.m.•5 views

CVE-2026-33137

9.3CVSS5.7AI score0.00016EPSS

Exploits1References4Affected Software1

Cvelist•added 2026/05/20 6:59 p.m.•27 views

CVE-2026-33137 XWiki Platform has an Unauthenticated XAR Import via REST /wikis/{wikiName}

9.3CVSS0.00016EPSS

Exploits1References3

EUVD•added 2026/05/20 6:59 p.m.•6 views

EUVD-2026-31157

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki Platform is a generic wiki platform. In versions prior to 18.1.0-rc-1, 17.10.3, 17.4.9, and 16.10.17, the POST /wikis/wikiName API executes a XAR import without performing any...

9.3CVSS5.8AI score0.00016EPSS

Exploits1References3

CNNVD•added 2026/01/27 12:0 a.m.•1 views

Several products of Beckhoff Automation have security vulnerabilities.

Beckhoff Automation’s Beckhoff.Device.Manager.XAR, etc., are products of the American company Beckhoff Automation. Beckhoff.Device.Manager.XAR is a core component used for remote management and controller configuration. Beckhoff Automation’s MDP software package for TwinCAT/BSD is a core componen...

7.8CVSS6AI score0.00009EPSS

Exploits0References2

CNNVD•added 2026/01/27 12:0 a.m.•1 views

Beckhoff Automation's various products have a vulnerability regarding input validation errors.

Beckhoff Automation products such as Beckhoff.Device.Manager.XAR are developed by the American company Beckhoff Automation. Beckhoff.Device.Manager.XAR is a core component used for remote management and controller configuration. The Beckhoff Automation MDP software package for TwinCAT/BSD is a co...

8.8CVSS6.2AI score0.00351EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2010-3777

Malware in sbrugna...

6.8CVSS9.2AI score0.02396EPSS

Exploits0References9

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2018-1827

Malware in sbrugna...

5.5CVSS6.2AI score0.00699EPSS

Exploits0References12

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2017-2762

Malware in sbrugna...

9.8CVSS9.3AI score0.00384EPSS

Exploits0References5

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2017-5676

Malware in sbrugna...

6.5CVSS6.5AI score0.0229EPSS

Exploits0References10

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2016-8592

Malware in sbrugna...

7.8CVSS8.7AI score0.0051EPSS

Exploits0References2

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2017-2761

Malware in sbrugna...

9.8CVSS9.3AI score0.00361EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-1020

Malicious code in bioql PyPI...

7.7CVSS7.4AI score0.00426EPSS

Exploits1References5

NVD•added 2024/10/04 1:15 p.m.•12 views

CVE-2024-9484

An null-pointer-derefrence in the engine module in AVG/Avast Antivirus signature 24092400 released on 24/Sep/2024 on MacOS allows a malformed xar file to crash the application during file processing...

5.5CVSS0.0008EPSS

Exploits0References1

OSV•added 2024/10/04 1:15 p.m.•1 views

CVE-2024-9484

5.5CVSS5.8AI score0.0008EPSS

Exploits0References1

OSV•added 2024/10/04 1:15 p.m.•0 views

CVE-2024-9483

A null-pointer-dereference in the signature verification module in AVG/Avast Antivirus signature 24092400 released on 24/Sep/2024 on MacOS may allow a malformed xar file to crash the application during processing...

5.5CVSS5.8AI score0.00061EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by