CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

9 matches found

RedhatCVE•added 2026/01/09 10:46 a.m.•4 views

CVE-2022-31259

The route lookup process in beego before 1.12.9 and 2.x before 2.0.3 allows attackers to bypass access control. When a /p1/p2/:name route is configured, attackers can access it by appending .xml in various places e.g., p1.xml instead of p1...

9.8CVSS6.7AI score0.00151EPSS

Exploits1References1

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2015-0767

Malware in sbrugna...

7.5CVSS6.4AI score0.00349EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2022-4661

Malicious code in bioql PyPI...

8.6CVSS8.5AI score0.01918EPSS

Exploits0References3

IBM Security Bulletins•added 2022/09/08 12:9 a.m.•51 views

Security Bulletin: Denial of service may affect IBM HTTP Server (CVE-2015-1283)

Summary Denial of service may affect IBM HTTP Server. The IBM HTTP Server is used by IBM WebSphere Application Server. Vulnerability Details CVEID: CVE-2015-1283 DESCRIPTION: Multiple integer overflows in the XMLGetBuffer function in Expat through 2.1.0, as used in Google Chrome before 44.0.2403....

7.5CVSS8.5AI score0.05614EPSS

Exploits0Affected Software1

Packet Storm•added 2019/12/04 12:0 a.m.•243 views

Microsoft Visual Basic 2010 Express XML Injection

Exploit Title: Microsoft Visual Basic 2010 Express - XML External Entity Injection Exploit Author: ZwX Exploit Date: 2019-12-03 Version Software : 10.0.30319.1 RTMRel Vendor Homepage : https://www.microsoft.com/ Software Link:...

0.2AI score

Exploits0

OSV•added 2019/08/14 2:15 p.m.•2 views

CVE-2019-0345

A remote unauthenticated attacker can abuse a web service in SAP NetWeaver Application Server for Java Administrator System Overview, versions 7.30, 7.31, 7.40, 7.50, by sending a specially crafted XML file and trick the application server into leaking authentication credentials for its own SAP...

9.8CVSS7.4AI score0.01025EPSS

Exploits0References2

Akamai Blog•added 2019/03/04 11:0 a.m.•127 views

Automated API Protection with WAP

For those who use Web Application Protector from Akamai: "Your APIs just got an extra layer of protection". For everyone else, learn how easy a WAF can be. You protect your web applications, that's awesome, but what about all your APIs? Do you know how many you have, who accesses them and what...

0.4AI score

Exploits0

Silent Robot Systems•added 2016/10/02 8:40 p.m.•474 views

Exploiting CVE-2016-4264 With OXML_XXE

Recently ColdFusion was shown vulnerable to XXE based attacks in OXML documents; CVE-2016-4264. The blog post linked gives an example building the file using python; cool! Its easy to backdoor files in a similar fashion with OXML XXE. The fastest way to do this is using the "Overwrite File inside...

6.4CVSS8.4AI score0.55384EPSS

Exploits7

seebug.org•added 2014/07/01 12:0 a.m.•17 views

Darwin Streaming Server <= 4.1.2 (parse_xml.cgi) Code Execution Exploit

No description provided by source. !/usr/bin/perl QTTS REMOTE ROOT exploit by FOXMULDER [email protected] FOXMULDER PRESENTS foxmulderatabv.bg DarwinOSX4.x? 5.X QTSSQuick Time Stream Server 3.X The bug in Darwin 5.X with unpatched QTSS in parsexml.cgi which lead to remote root compromise: $filenam...

7.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by