CVE & Exploit Intelligence Database

Updated 1h ago

Search and track vulnerabilities with real-time exploit intelligence. Cross-reference CVEs against public exploits from ExploitDB, Metasploit, GitHub, and Nuclei — with CVSS and EPSS scoring, CISA KEV monitoring, and AI-powered exploit analysis.

337,123 CVEs tracked 53,223 with exploits 4,686 exploited in wild 1,539 CISA KEV 3,912 Nuclei templates 37,757 vendors 42,429 researchers
210 results Clear all
CVE-2019-16786 7.1 HIGH 1 Writeup EPSS 0.01
Waitress <1.3.1 - Info Disclosure
Waitress through version 1.3.1 would parse the Transfer-Encoding header and only look for a single string value, if that value was not chunked it would fall through and use the Content-Length header instead. According to the HTTP standard Transfer-Encoding should be a comma separated list, with the inner-most encoding first, followed by any further transfer codings, ending with chunked. Requests sent with: "Transfer-Encoding: gzip, chunked" would incorrectly get ignored, and the request would use a Content-Length header instead to determine the body size of the HTTP message. This could allow for Waitress to treat a single request as multiple requests in the case of HTTP pipelining. This issue is fixed in Waitress 1.4.0.
CWE-444 Dec 20, 2019
CVE-2019-16785 7.1 HIGH 1 Writeup EPSS 0.01
Waitress <1.3.1 - Info Disclosure
Waitress through version 1.3.1 implemented a "MAY" part of the RFC7230 which states: "Although the line terminator for the start-line and header fields is the sequence CRLF, a recipient MAY recognize a single LF as a line terminator and ignore any preceding CR." Unfortunately if a front-end server does not parse header fields with an LF the same way as it does those with a CRLF it can lead to the front-end and the back-end server parsing the same HTTP message in two different ways. This can lead to a potential for HTTP request smuggling/splitting whereby Waitress may see two requests while the front-end server only sees a single HTTP message. This issue is fixed in Waitress 1.4.0.
CWE-444 Dec 20, 2019
CVE-2013-2167 9.8 CRITICAL EPSS 0.01
Openstack Python-keystoneclient < 0.2.5 - Data Authenticity Bypass
python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache signing bypass
CWE-345 Dec 10, 2019
CVE-2013-2166 9.8 CRITICAL EPSS 0.00
Openstack Python-keystoneclient < 0.2.5 - Weak Encryption
python-keystoneclient version 0.2.3 to 0.2.5 has middleware memcache encryption bypass
CWE-326 Dec 10, 2019
CVE-2013-1793 7.5 HIGH EPSS 0.00
Redhat Openstack - Missing Authentication
openstack-utils openstack-db has insecure password creation
CWE-306 Dec 10, 2019
CVE-2019-14856 6.5 MEDIUM EPSS 0.00
Redhat Ansible < 2.6.20 - Authentication Bypass
ansible before versions 2.8.6, 2.7.14, 2.6.20 is vulnerable to a None
CWE-287 Nov 26, 2019
CVE-2019-11287 7.5 HIGH 1 PoC Analysis EPSS 0.03
Broadcom Rabbitmq Server < 3.8.1 - Denial of Service
Pivotal RabbitMQ, versions 3.7.x prior to 3.7.21 and 3.8.x prior to 3.8.1, and RabbitMQ for Pivotal Platform, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain a web management plugin that is vulnerable to a denial of service attack. The "X-Reason" HTTP Header can be leveraged to insert a malicious Erlang format string that will expand and consume the heap, resulting in the server crashing.
CWE-134 Nov 23, 2019
CVE-2019-11291 4.8 MEDIUM EPSS 0.00
Broadcom Rabbitmq Server < 3.7.20 - XSS
Pivotal RabbitMQ, 3.7 versions prior to v3.7.20 and 3.8 version prior to v3.8.1, and RabbitMQ for PCF, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain two endpoints, federation and shovel, which do not properly sanitize user input. A remote authenticated malicious user with administrative access could craft a cross site scripting attack via the vhost or node name fields that could grant access to virtual hosts and policy management information.
CWE-79 Nov 22, 2019
CVE-2019-14818 7.5 HIGH EPSS 0.01
Dpdk Data Plane Development Kit < 16.11.10 - Memory Leak
A flaw was found in all dpdk version 17.x.x before 17.11.8, 16.x.x before 16.11.10, 18.x.x before 18.11.4 and 19.x.x before 19.08.1 where a malicious master, or a container with access to vhost_user socket, can send specially crafted VRING_SET_NUM messages, resulting in a memory leak including file descriptors. This flaw could lead to a denial of service condition.
CWE-401 Nov 14, 2019
CVE-2013-6461 6.5 MEDIUM EPSS 0.02
Nokogiri < 1.5.11 - XML Entity Expansion
Nokogiri gem 1.5.x and 1.6.x has DoS while parsing XML entities by failing to apply limits
CWE-776 Nov 05, 2019
CVE-2013-6460 6.5 MEDIUM EPSS 0.03
Nokogiri < 1.5.11 - XML Entity Expansion
Nokogiri gem 1.5.x has Denial of Service via infinite loop when parsing XML documents
CWE-776 Nov 05, 2019
CVE-2013-2255 5.9 MEDIUM EPSS 0.00
Openstack Compute < 0.4.0 - Improper Certificate Validation
HTTPSConnections in OpenStack Keystone 2013, OpenStack Compute 2013.1, and possibly other OpenStack components, fail to validate server-side SSL certificates.
CWE-295 Nov 01, 2019
CVE-2019-11281 4.8 MEDIUM EPSS 0.01
Pivotal Software Rabbitmq < 3.7.18 - XSS
Pivotal RabbitMQ, versions prior to v3.7.18, and RabbitMQ for PCF, versions 1.15.x prior to 1.15.13, versions 1.16.x prior to 1.16.6, and versions 1.17.x prior to 1.17.3, contain two components, the virtual host limits page, and the federation management UI, which do not properly sanitize user input. A remote authenticated malicious user with administrative access could craft a cross site scripting attack that would gain access to virtual hosts and policy management information.
CWE-79 Oct 16, 2019
CVE-2019-14846 7.8 HIGH EPSS 0.00
Redhat Ansible Engine < 2.6.20 - Log Information Exposure
In Ansible, all Ansible Engine versions up to ansible-engine 2.8.5, ansible-engine 2.7.13, ansible-engine 2.6.19, were logging at the DEBUG level which lead to a disclosure of credentials if a plugin used a library that logged credentials at the DEBUG level. This flaw does not affect Ansible modules, as those are executed in a separate process.
CWE-532 Oct 08, 2019
CVE-2017-18635 6.1 MEDIUM 1 PoC Analysis EPSS 0.07
noVNC <0.6.2 - XSS
An XSS vulnerability was discovered in noVNC before 0.6.2 in which the remote VNC server could inject arbitrary HTML into the noVNC web page via the messages propagated to the status field, such as the VNC server name.
CWE-79 Sep 25, 2019
CVE-2019-9515 7.5 HIGH 1 Writeup EPSS 0.10
HTTP/2 - DoS
Some HTTP/2 implementations are vulnerable to a settings flood, potentially leading to a denial of service. The attacker sends a stream of SETTINGS frames to the peer. Since the RFC requires that the peer reply with one acknowledgement per SETTINGS frame, an empty SETTINGS frame is almost equivalent in behavior to a ping. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both.
CWE-770 Aug 13, 2019
CVE-2019-9514 7.5 HIGH 1 Writeup EPSS 0.09
HTTP/2 - DoS
Some HTTP/2 implementations are vulnerable to a reset flood, potentially leading to a denial of service. The attacker opens a number of streams and sends an invalid request over each stream that should solicit a stream of RST_STREAM frames from the peer. Depending on how the peer queues the RST_STREAM frames, this can consume excess memory, CPU, or both.
CWE-770 Aug 13, 2019
CVE-2019-14433 6.5 MEDIUM EPSS 0.01
OpenStack Nova <17.0.12-19.0.2 - Info Disclosure
An issue was discovered in OpenStack Nova before 17.0.12, 18.x before 18.2.2, and 19.x before 19.0.2. If an API request from an authenticated user ends in a fault condition due to an external exception, details of the underlying environment may be leaked in the response, and could include sensitive configuration or other data.
CWE-209 Aug 09, 2019
CVE-2018-10899 8.1 HIGH EPSS 0.02
Jolokia < 1.6.1 - CSRF
A flaw was found in Jolokia versions from 1.2 to before 1.6.1. Affected versions are vulnerable to a system-wide CSRF. This holds true for properly configured instances with strict checking for origin and referrer headers. This could result in a Remote Code Execution attack.
CWE-352 Aug 01, 2019
CVE-2019-10156 5.4 MEDIUM EPSS 0.01
Ansible <2.6.18, <2.7.12, <2.8.2 - Info Disclosure
A flaw was discovered in the way Ansible templating was implemented in versions before 2.6.18, 2.7.12 and 2.8.2, causing the possibility of information disclosure through unexpected variable substitution. By taking advantage of unintended variable substitution the content of any variable may be disclosed.
CWE-200 Jul 30, 2019

Investigate

Critical + Public Exploits Exploited in Wild + PoC High EPSS (>=0.7) + PoC With Nuclei Templates Latest Public Exploits

Ecosystems

Linux Maven Packagist PyPI npm Go ecosystem RubyGems crates.io NuGet Hex SwiftURL GitHub Actions

Reference Indexes

Exploit Database Researchers Vendors CWE Categories

Recent Blog Posts

CVE-2026-28391: OpenClaw Command Injection - The Day I Hacked Myself
Mar 09, 2026
Introducing FuzzForge: Autonomous Source-Code Fuzzing - Finding Bugs in nginx in 112 Minutes
Mar 08, 2026
CVE-2025-68670 Part 2: From Crash to RCE - The One That Fought Back (and Lost)
Mar 04, 2026
CVE-2025-68670: Pre-Auth xrdp Overflow - The One Where the Protocol Fought Back
Mar 04, 2026
CVE-2025-62507: Redis Stack Overflow to RCE in 68 Minutes - Then We Turned ASLR On
Mar 03, 2026
CVE-2025-15467: From OpenSSL Stack Overflow to Three ROP Chains in 64 Minutes - Introducing Stackforge
Mar 03, 2026
 View all posts →

CVEForge Labs

CVE-2016-15057 CRITICAL
Apache Continuum - Command Injection
CVE-2021-32824 CRITICAL
Apache Dubbo <2.6.10-2.7.10 - RCE
CVE-2023-42117 CRITICAL
Exim < 4.96.2 - Remote Code Execution
CVE-2024-31866 CRITICAL
Apache Zeppelin <0.11.1 - RCE
CVE-2024-37288 CRITICAL
Elastic Kibana - Insecure Deserialization
CVE-2024-43115 HIGH
Apache DolphinScheduler <3.2.2 - RCE
CVE-2024-45409 CRITICAL
Ruby-SAML <=1.16.0 - Auth Bypass
CVE-2024-56143 HIGH
Strapi < 5.5.2 - IDOR
CVE-2025-10622 HIGH
Red Hat Satellite - Command Injection
CVE-2025-11539 CRITICAL
Grafana Image Renderer - RCE
 View all labs →

KEV Gaps

CVE-2026-1603
Ivanti Endpoint Manager < 2024 - Authentication Bypass
 CVE-2023-43000
macOS Ventura <13.5-iPadOS <16.6-Safari <16.6 - Use After Free
 CVE-2021-30952
tvOS <15.2 - RCE
 CVE-2021-22681
Rockwell Automation Studio 5000 <21 - Path Traversal
 CVE-2026-22719
VMware Aria Operations - Command Injection
 CVE-2026-25108
FileZen - Command Injection
 CVE-2026-22769
Dell RecoverPoint <6.0.3.1 HF1 - Auth Bypass
 CVE-2021-22175
Gitlab < 13.6.7 - SSRF
 CVE-2024-7694
Teamt5 Threatsonar Anti-ransomware < 3.5.0 - Unrestricted File Upload
 CVE-2020-7796
Zimbra Collaboration Suite <8.8.15 Patch 7 - SSRF
 CVE-2026-21525
Microsoft Windows 10 1607 < 10.0.14393.8868 - NULL Pointer Dereference
 CVE-2026-21519
Microsoft Windows 10 1607 < 10.0.14393.8868 - Type Confusion