Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (4 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-27925 1 Nintex 1 Automation 2026-01-29 8.5 High
Nintex Automation 5.6 and 5.7 before 5.8 has insecure deserialization of user input.
CVE-2025-27926 1 Nintex 1 Automation 2026-01-29 4.3 Medium
In Nintex Automation 5.6 and 5.7 before 5.8, the K2 SmartForms Designer folder has configuration files (web.config) containing passwords that are readable by unauthorized users.
CVE-2022-38167 1 Nintex 1 Workflow 2025-05-01 6.1 Medium
The Nintex Workflow plugin 5.2.2.30 for SharePoint allows XSS.
CVE-2015-7299 1 Nintex 3 K2 Blackpearl, K2 For Sharepoint, K2 Smartforms 2025-04-12 N/A
SQL injection vulnerability in Runtime/Runtime/AjaxCall.ashx in K2 blackpearl, smartforms, and K2 for SharePoint 4.6.7 allows remote attackers to execute arbitrary SQL commands via the xml parameter.