Lucene search
+L

124 matches found

NVD
NVD
added 4 days ago7 views

CVE-2026-59518

Deserialization of Untrusted Data vulnerability in wpWax Directorist directorist allows Object Injection.This issue affects Directorist: from n/a through = 8.8.2...

9.8CVSS0.00313EPSS
Exploits0References1
Cvelist
Cvelist
added 4 days ago30 views

CVE-2026-59518 WordPress Directorist plugin <= 8.8.2 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in wpWax Directorist directorist allows Object Injection.This issue affects Directorist: from n/a through = 8.8.2...

9.8CVSS0.00313EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2026/06/19 3:0 a.m.7 views

CVE-2026-56132

In libexpat before 2.8.2, there is a heap-based buffer overflow in doProlog in xmlparse.c because scaffold backing array reallocation is mishandled when there is data-structure sharing across parsers...

6.9CVSS6AI score0.00107EPSS
Exploits0
EUVD
EUVD
added 2026/06/11 9:47 a.m.10 views

EUVD-2022-56003

Missing Authorization vulnerability in TemplateHouse Soledad allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Soledad: from n/a through 8.2.5...

5.4CVSS5.4AI score0.00177EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:17 p.m.10 views

CVE-2026-33432

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions up to and including 8.2.8.2, when LDAP authentication is enabled, Roxy-WI constructs an LDAP search filter by directly concatenating the user-supplied login username into the filter string without...

9.1CVSS5.5AI score0.00423EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.10 views

Astra Linux – Vulnerability in Vim

NULL pointer dereferencing in the GitHub repository for Vim/Vim before version 8.2...

7.8CVSS6.7AI score0.01234EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Vim

Out-of-bounds write in the GitHub repository for Vim/Vim before version 8.2...

7.8CVSS7.1AI score0.01474EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in Vim

Uncontrolled recursion in the GitHub repository vim/vim before version 8.2.4975...

5.5CVSS6.7AI score0.01172EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Vim

Heap-based Buffer Overflow in the GitHub repository for vim/vim before version 8.2...

7.8CVSS7.1AI score0.01559EPSS
Exploits1References2
EUVD
EUVD
added 2026/05/19 4:21 p.m.15 views

EUVD-2026-30039

protobufjs: Denial of Service via unbounded recursive JSON descriptor expansion...

7.5CVSS5.8AI score0.00263EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/13 12:5 a.m.7 views

CVE-2026-8199 Post-auth memory exhaustion via bitwise match expressions

An authenticated user can cause excess memory usage via bitwise match expression AST processing of $bitsAllSet, $bitsAnySet, $bitsAllClear, and $bitsAnyClear. This contributes to memory pressure and may lead to availability loss by OOM. This issue impacts MongoDB Server v7.0 versions prior to...

7.1CVSS5.8AI score0.00258EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/24 2:5 a.m.6 views

EUVD-2026-25377

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Versions prior to 8.2.6.4 have a SQL injection vulnerability in the haproxysectionsave function in app/routes/config/routes.py. The serverip parameter, sourced from the URL path, is passed unsanitized through...

9.3CVSS6.2AI score0.00352EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/03/25 4:15 p.m.43 views

CVE-2026-32573 WordPress Nelio AB Testing plugin <= 8.2.7 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Code Injection.This issue affects Nelio AB Testing: from n/a through = 8.2.7...

9.1CVSS0.00297EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/25 4:14 p.m.1 views

CVE-2026-25401 WordPress WPCargo Track & Trace plugin <= 8.0.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Arni Cinco WPCargo Track & Trace wpcargo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPCargo Track & Trace: from n/a through = 8.0.2...

7.5CVSS5.9AI score0.00278EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/13 11:42 a.m.5 views

CVE-2026-32393

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in CreativesPlanet Greenly Theme Addons greenly-addons allows PHP Local File Inclusion.This issue affects Greenly Theme Addons: from n/a through 8.2...

5.8AI score0.00381EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/13 12:0 a.m.15 views

PT-2026-25239

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Creatives Planet Greenly Theme Addons greenly-addons allows PHP Local File Inclusion.This issue affects Greenly Theme Addons: from n/a through 8.2...

5.8AI score0.00381EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2026/03/12 8:19 a.m.3 views

Important: Red Hat Security Advisory: thunderbird security update

An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

10CVSS6AI score0.00604EPSS
Exploits0References39
NVD
NVD
added 2026/03/11 8:16 a.m.9 views

CVE-2024-14024

An improper certificate validation vulnerability has been reported to affect Video Station. If an attacker gains local network access who have also gained an administrator account, they can then exploit the vulnerability to compromise the security of the system. We have already fixed the...

6.7CVSS0.00077EPSS
Exploits0References1
Atlassian
Atlassian
added 2026/03/06 5:28 a.m.20 views

File Inclusion node-tar Dependency in Jira Software Data Center

This High severity File Inclusion vulnerability was introduced in versions 9.15.2, 9.16.0, 9.17.0, 10.0.0, 10.1.1, 10.2.0, 10.3.0, 10.4.0, 10.5.0, 10.6.0, 10.7.1, 11.0.0, 11.1.0, 11.2.0, and 11.3.1 of Jira Software Data Center. This File Inclusion vulnerability, with a CVSS Score of 8.2 and a CVS...

8.2CVSS5.9AI score0.00334EPSS
Exploits2
OSV
OSV
added 2026/01/28 10:13 a.m.4 views

RHSA-2026:1409 Red Hat Security Advisory: php:8.2 security update

Bulletin has no description...

7.5CVSS5.8AI score0.00953EPSS
Exploits6References33
Rows per page
Query Builder