Export limit exceeded: 361566 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 361566 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 361566 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 361566 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 361566 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Export limit exceeded: 361566 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Expected end of text, found ':' (at char 6), (line:1, col:7)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (361566 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2019-14734 2 Adplug Project, Fedoraproject 2 Adplug, Fedora 2024-11-21 8.8 High
AdPlug 2.3.1 has multiple heap-based buffer overflows in CmtkLoader::load() in mtk.cpp.
CVE-2019-14733 2 Adplug Project, Fedoraproject 2 Adplug, Fedora 2024-11-21 8.8 High
AdPlug 2.3.1 has multiple heap-based buffer overflows in CradLoader::load() in rad.cpp.
CVE-2019-14732 2 Adplug Project, Fedoraproject 2 Adplug, Fedora 2024-11-21 8.8 High
AdPlug 2.3.1 has multiple heap-based buffer overflows in Ca2mLoader::load() in a2m.cpp.
CVE-2019-14731 1 Cnezsoft 1 Zentao 2024-11-21 N/A
An issue was discovered in ZenTao 11.5.1. There is an XSS (stored) vulnerability that leads to the capture of other people's cookies via the Rich Text Box.
CVE-2019-14730 1 Control-webpanel 1 Webpanel 2024-11-21 4.3 Medium
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete a domain from a victim's account via an attacker account.
CVE-2019-14729 1 Control-webpanel 1 Webpanel 2024-11-21 4.3 Medium
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete a sub-domain from a victim's account via an attacker account.
CVE-2019-14728 1 Control-webpanel 1 Webpanel 2024-11-21 4.3 Medium
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to add an e-mail forwarding destination to a victim's account via an attacker account.
CVE-2019-14727 1 Control-webpanel 1 Webpanel 2024-11-21 4.3 Medium
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to change the e-mail password of a victim account via an attacker account.
CVE-2019-14726 1 Control-webpanel 1 Webpanel 2024-11-21 5.4 Medium
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to access and delete DNS records of a victim's account via an attacker account.
CVE-2019-14725 1 Control-webpanel 1 Webpanel 2024-11-21 4.3 Medium
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to change the e-mail usage value of a victim account via an attacker account.
CVE-2019-14724 1 Control-webpanel 1 Webpanel 2024-11-21 7.5 High
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to edit an e-mail forwarding destination of a victim's account via an attacker account.
CVE-2019-14723 1 Control-webpanel 1 Webpanel 2024-11-21 4.3 Medium
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete a victim's e-mail account via an attacker account.
CVE-2019-14722 1 Control-webpanel 1 Webpanel 2024-11-21 4.3 Medium
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to delete an e-mail forwarding destination from a victim's account via an attacker account.
CVE-2019-14721 1 Control-webpanel 1 Webpanel 2024-11-21 6.5 Medium
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.851, an insecure object reference allows an attacker to remove a target user from phpMyAdmin via an attacker account.
CVE-2019-14719 1 Verifone 2 Mx900, Mx900 Firmware 2024-11-21 7.8 High
Verifone MX900 series Pinpad Payment Terminals with OS 30251000 allow multiple arbitrary command injections, as demonstrated by the file manager.
CVE-2019-14718 1 Verifone 2 Mx900, Mx900 Firmware 2024-11-21 6.7 Medium
Verifone MX900 series Pinpad Payment Terminals with OS 30251000 have Insecure Permissions, with resultant svc_netcontrol arbitrary command injection and privilege escalation.
CVE-2019-14717 1 Verifone 2 Verix Os, Vx520 2024-11-21 7.8 High
Verifone Verix OS on VerixV Pinpad Payment Terminals with QT000530 have a Buffer Overflow via the Run system call.
CVE-2019-14716 1 Verifone 2 Verix Os, Vx520 2024-11-21 6.6 Medium
Verifone VerixV Pinpad Payment Terminals with QT000530 have an undocumented physical access mode (aka VerixV shell.out).
CVE-2019-14715 1 Verifone 8 P200, P200 Firmware, P400 and 5 more 2024-11-21 6.8 Medium
Verifone Pinpad Payment Terminals allow undocumented physical access to the system via an SBI bootloader memory write operation.
CVE-2019-14713 1 Verifone 2 Mx900, Mx900 Firmware 2024-11-21 5.5 Medium
Verifone MX900 series Pinpad Payment Terminals with OS 30251000 allow installation of unsigned packages.