CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Name of the Vulnerable Software and Affected Versions: Liferay Portal versions 7.4.0 through 7.4.3.111 Liferay DXP versions 2023.Q3.1 through 2023.Q3.4 Liferay DXP version 2023.Q4.0 Liferay Portal versions 7.3 GA through update 35 Liferay Portal versions 7.4 GA through update 92 Description: An...

6.9CVSS6.6AI score0.00224EPSS

Exploits0References5

RedhatCVE•added 2025/05/22 10:30 p.m.•5 views

CVE-2022-24336

In JetBrains TeamCity before 2021.2.1, an unauthenticated attacker can cancel running builds via an XML-RPC request to the TeamCity server...

5.3CVSS7AI score0.00004EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 10:30 a.m.•8 views

CVE-2019-5434

An attacker could send a specifically crafted payload to the XML-RPC invocation script and trigger the unserialize call on the "what" parameter in the "openads.spc" RPC method. Such vulnerability could be used to perform various types of attacks, e.g. exploit serialize-related PHP vulnerabilities...

9.8CVSS7.4AI score0.89078EPSS

Exploits7References1

BDU FSTEC•added 2020/10/01 12:0 a.m.•1 views

The vulnerability of the XML-RPC documentation server interpreter for the Python programming language allows a hacker to perform a cross-site scripting attack.

The vulnerability of the XML-RPC documentation server interpreter for the Python programming language is related to the lack of measures taken to protect the structure of web pages. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

6.1CVSS0.02456EPSS

Exploits1References14Affected Software8

SonicWall•added 2018/07/17 12:0 a.m.•12 views

SonicWall GMS XML-RPC Remote Code Execution Vulnerability

A vulnerability in lack of validation of user-supplied parameters pass to XML-RPC calls on SonicWall Global Management System GMS virtual appliance's, allow remote user to execute arbitrary code. This vulnerability affected GMS version 8.1 and earlier. CVE: CVE-2018-9866 Last updated: Aug. 3, 201...

10CVSS7.5AI score0.11228EPSS

Exploits1

Ubuntu•added 2016/08/10 4:58 p.m.•90 views

USN-3059-1: xmlrpc-epi vulnerability

It was discovered that xmlrpc-epi incorrectly handled lengths in the simplestringaddn function. A remote attacker could use this issue to cause applications using xmlrpc-epi such as PHP to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS8.5AI score0.13001EPSS

Exploits1

Tenable Nessus•added 2016/02/26 12:0 a.m.•17 views

WordPress < 3.0.3 XML-RPC Interface Access Restriction Bypass

Binary data 9112.prm...

6.5CVSS7.3AI score0.00302EPSS

Exploits1References3

OSV•added 2013/02/13 5:55 p.m.•1 views

UBUNTU-CVE-2012-3363

ZendXmlRpc in Zend Framework 1.x before 1.11.12 and 1.12.x before 1.12.0 does not properly handle SimpleXMLElement classes, which allows remote attackers to read arbitrary files or create TCP connections via an external entity reference in a DOCTYPE element in an XML-RPC request, aka an XML...

9.1CVSS5.9AI score0.55118EPSS

Exploits1References4

Vulnrichment•added 2013/02/13 5:0 p.m.•5 views

CVE-2012-3363

7.2AI score0.55118EPSS

Exploits1References12

OSV•added 2008/02/08 2:0 a.m.•7 views

CVE-2008-0664

The XML-RPC implementation xmlrpc.php in WordPress before 2.3.3, when registration is enabled, allows remote attackers to edit posts of other blog users via unknown vectors...

6.3AI score

Exploits0References12

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by