Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (359931 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2023-25042 1 Stormconsultancy 1 Oauth Twitter Feed For Developers 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Liam Gladdy (Storm Consultancy) oAuth Twitter Feed for Developers plugin <= 2.3.0 versions.
CVE-2023-25038 1 984.ru 1 For The Visually Impaired 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in 984.Ru For the visually impaired plugin <= 0.58 versions.
CVE-2023-25036 1 Social Media Icons Widget Project 1 Social Media Icons Widget 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in akhlesh-nagar, a.Ankit Social Media Icons Widget plugin <= 1.6 versions.
CVE-2023-25034 1 Wp Clean Up Project 1 Wp Clean Up 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in BoLiQuan WP Clean Up plugin <= 1.2.3 versions.
CVE-2023-25033 1 Sumo 1 Social Share Boost 2024-11-21 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Sumo Social Share Boost plugin <= 4.5 versions.
CVE-2023-25032 1 Printfriendly 1 Print\, Pdf\, Email By Printfriendly 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Print, PDF, Email by PrintFriendly plugin <= 5.5.1 versions.
CVE-2023-25029 1 Wp Social Bookmarking Light Project 1 Wp Social Bookmarking Light 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in utahta WP Social Bookmarking Light plugin <= 2.0.7 versions.
CVE-2023-25028 1 Cc Custom Taxonomy Project 1 Cc Custom Taxonomy 2024-11-21 5.9 Medium
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in chuyencode CC Custom Taxonomy plugin <= 1.0.1 versions.
CVE-2023-25025 1 Chetangole 1 Wp-copyprotect \[protect Your Blog Posts\] 2024-11-21 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Chetan Gole WP-CopyProtect [Protect your blog posts] plugin <= 3.1.0 versions.
CVE-2023-25019 1 Premio 1 Chaty 2024-11-21 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Premio Chaty plugin <= 3.0.9 versions
CVE-2023-24971 1 Ibm 2 B2b Advanced Communications, Multi-enterprise Integration Gateway 2024-11-21 7.5 High
IBM B2B Advanced Communications 1.0.0.0 and IBM Multi-Enterprise Integration Gateway 1.0.0.1 could allow a user to cause a denial of service due to the deserializing of untrusted serialized Java objects. IBM X-Force ID: 246976.
CVE-2023-24965 2 Ibm, Linux 2 Aspera Faspex, Linux Kernel 2024-11-21 5.8 Medium
IBM Aspera Faspex 5.0.5 does not restrict or incorrectly restricts access to a resource from an unauthorized actor. IBM X-Force ID: 246713.
CVE-2023-24959 1 Ibm 1 Infosphere Information Server 2024-11-21 5.3 Medium
IBM InfoSphere Information Systems 11.7 could expose information about the host system and environment configuration. IBM X-Force ID: 246332.
CVE-2023-24831 1 Apache 1 Iotdb 2024-11-21 9.8 Critical
Improper Authentication vulnerability in Apache Software Foundation Apache IoTDB.This issue affects Apache IoTDB Grafana Connector: from 0.13.0 through 0.13.3. Attackers could login without authorization. This is fixed in 0.13.4.
CVE-2023-24737 1 Sigb 1 Pmb 2024-11-21 6.1 Medium
PMB v7.4.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the query parameter at /admin/convert/export_z3950.php.
CVE-2023-24736 1 Sigb 1 Pmb 2024-11-21 9.8 Critical
PMB v7.4.6 was discovered to contain a remote code execution (RCE) vulnerability via the component /sauvegarde/restaure_act.php.
CVE-2023-24735 1 Sigb 1 Pmb 2024-11-21 6.1 Medium
PMB v7.4.6 was discovered to contain an open redirect vulnerability via the component /opac_css/pmb.php. This vulnerability allows attackers to redirect victim users to an external domain via a crafted URL.
CVE-2023-24733 1 Sigb 1 Pmb 2024-11-21 6.1 Medium
PMB v7.4.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the query parameter at /admin/convert/export_z3950_new.php.
CVE-2023-24726 1 Phpgurukul 1 Art Gallery Management System 2024-11-21 9.8 Critical
Art Gallery Management System v1.0 was discovered to contain a SQL injection vulnerability via the viewid parameter on the enquiry page.
CVE-2023-24698 1 Foswiki 1 Foswiki 2024-11-21 7.5 High
Insufficient parameter validation in the Foswiki::Sandbox component of Foswiki v2.1.7 and below allows attackers to perform a directory traversal via supplying a crafted web request.