Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (24 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-48986 2 Revive, Revive-adserver 2 Adserver, Revive Adserver 2025-11-26 N/A
Authorization bypass in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes an logged in attacker to change other users' email address and potentialy take over their accounts using the forgot password functionality.
CVE-2025-48987 2 Revive, Revive-adserver 2 Adserver, Revive Adserver 2025-11-26 6.1 Medium
Improper Neutralization of Input in Revive Adserver 5.5.2 and 6.0.1 and earlier versions causes a potential reflected XSS attack.
CVE-2022-4680 1 Revive 1 Revive Old Posts 2025-03-28 7.2 High
The Revive Old Posts WordPress plugin before 9.0.11 unserializes user input provided via the settings, which could allow high privilege users such as admin to perform PHP Object Injection when a suitable gadget is present.
CVE-2023-26756 1 Revive 1 Adserver 2024-11-21 7.5 High
The login page of Revive Adserver v5.4.1 is vulnerable to brute force attacks. NOTE: The vendor's position is that this is effectively mitigated by rate limits and password-quality features.