Lucene search
+L

7022 matches found

nuclei
nuclei
added 10 hours ago71 views

L-Soft LISTSERV 16.5 - Cross-Site Scripting

The REPORT after z but before a parameter in wa.exe in L-Soft LISTSERV 16.5 before 17 allows an attacker to conduct XSS attacks via a crafted URL. id: CVE-2023-27641 info: name: L-Soft LISTSERV 16.5 - Cross-Site Scripting author: ritikchaddha severity: medium description: | The REPORT after z but...

6.1CVSS6.4AI score0.01092EPSS
Exploits1References2
nuclei
nuclei
added 10 hours ago43 views

Joomla! Component OrgChart 1.0.0 - Local File Inclusion

A directory traversal vulnerability in the OrgChart comorgchart component 1.0.0 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1878 info: name: Joomla! Component OrgChart 1.0.0 - Local File Inclusion author:...

7.5CVSS6.2AI score0.11429EPSS
Exploits1References5
nuclei
nuclei
added 10 hours ago57 views

rConfig <=3.9.4 - SQL Injection

rConfig 3.9.4 and prior has unauthenticated snippets.inc.php SQL injection. Because nodes' passwords are stored in cleartext by default, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices. id: CVE-2020-10549 info: name: rConfig 3.9.4 or apply th...

9.8CVSS7AI score0.36164EPSS
Exploits1References5
nuclei
nuclei
added 10 hours ago83 views

Sonatype Nexus Repository Manager <3.15.0 - Remote Code Execution

Sonatype Nexus Repository Manager before 3.15.0 is susceptible to remote code execution. id: CVE-2019-7238 info: name: Sonatype Nexus Repository Manager 3.15.0 - Remote Code Execution author: pikpikcu severity: critical description: Sonatype Nexus Repository Manager before 3.15.0 is susceptible t...

9.8CVSS7.3AI score0.76526EPSS
Exploits4References5
ncsc
ncsc
added yesterday10 views

Zero-day vulnerabilities are exploited in SonicWall SMA1000 devices.

SonicWall has identified two vulnerabilities in the SonicWall SMA1000 appliance. The vulnerability with the identifier CVE-2026-15409 involves Server-Side Request Forgery SSRF in the Work Place interface, allowing an unauthorized attacker to send requests to the device to unintended locations. Th...

10CVSS6.4AI score0.01647EPSS
Exploits4References1
nuclei
nuclei
added 3 days ago596 views

Jenkins - Remote Command Injection

Jenkins 2.153 and earlier and LTS 2.138.3 and earlier are susceptible to a remote command injection via stapler/core/src/main/java/org/kohsuke/stapler/MetaClass.java that allows attackers to invoke some methods on Java objects by accessing crafted URLs that were not intended to be invoked this wa...

10CVSS6.8AI score0.98481EPSS
Exploits5References5
nvd
nvd
added 5 days ago7 views

CVE-2026-61454

The Grav Admin2 plugin getgrav/grav-plugin-admin2 before 2.0.4 embeds a global JavaScript variable window.GRAVCONFIG in the Admin2 SPA bootstrap page at /grav/admin and its subroutes. This object is returned in every unauthenticated response and discloses the server URL, API prefix, admin base...

8.7CVSS0.00239EPSS
Exploits0References2
krebs
krebs
added 2026/07/08 12:31 p.m.8 views

Felons, Fraudsters Flog Offensive Cybersecurity Startup

A cybersecurity startup dangling millions of dollars to acquire zero-day security vulnerabilities in popular software is run by a pair of far-right conspiracy theorists and convicted felons whose most recent ventures included fake intelligence companies and a now-defunct AI-based lobbying platfor...

5.9AI score
Exploits0
nessus
nessus
added 2026/07/06 12:0 a.m.13 views

Linux Distros Unpatched Vulnerability : CVE-2026-54161

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - nut - None Ubuntu Linux - upsmon: remote OS command injection RCE via attacker- controlled ups.alarm in NOTIFYCMD execution CVE-2026-54161 Note...

6.3AI score
Exploits0References3
kaspersky
kaspersky
added 2026/07/02 12:0 a.m.6 views

KLA91131 PE vulnerability in Microsoft Server Software

Privilege escalation vulnerability was found in Microsoft Server Software. Malicious users can exploit this vulnerability to gain privileges. Original advisories CVE-2026-54998 Exploitation Public exploits exist for this vulnerability. Related products Microsoft-Exchange-Online CVE list...

8.8CVSS5.9AI score0.0063EPSS
Exploits1References3
nessus
nessus
added 2026/07/01 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-14156

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient policy enforcement in StorageAccessAPI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process t...

6.5CVSS6.2AI score0.002EPSS
Exploits0References2
circl
circl
added 2026/06/30 12:19 p.m.12 views

EDB-40344

creationtimestamp| type| source ---|---|--- 2026-06-30 12:19:13+00:00| exploited| https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/bb230d46-5c19-48c7-aede-32a3a5ce9add...

5.8AI score
Exploits0References1
circl
circl
added 2026/06/30 10:19 a.m.21 views

EDB-42114

creationtimestamp| type| source ---|---|--- 2026-06-30 10:19:43+00:00| exploited| https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/a72f807b-519b-4ed1-8cb6-a58786e1d85b...

5.8AI score
Exploits0References1
nessus
nessus
added 2026/06/28 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-48004

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Debian Linux - qemu - None Ubuntu Linux - Unknown description CVE-2026-48004 Note that Nessus relies on the presence of the package as reported by the vendor...

6.1AI score
Exploits0References3
nvd
nvd
added 2026/06/26 4:16 p.m.13 views

CVE-2026-21734

A web page that contains unusual GPU shader code is loaded into the GPU compiler process and can trigger a write out-of-bounds write crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the device. An...

7.7CVSS0.00118EPSS
Exploits0References1
euvd
euvd
added 2026/06/26 3:14 p.m.7 views

EUVD-2026-39785

A web page that contains unusual GPU shader code is loaded into the GPU compiler process and can trigger a write out-of-bounds write crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the device. An...

7.7CVSS5.8AI score0.00118EPSS
Exploits0References1
nessus
nessus
added 2026/06/25 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2026-52972

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - crypto: afalg - Cap AEAD AD length to 0x80000000 In order to prevent arithmetic overflows when checking the TX buffer size, cap the associated data length to...

7CVSS6.2AI score0.00144EPSS
Exploits0References3
circl
circl
added 2026/06/23 2:6 p.m.13 views

CVE-2021-39509

creationtimestamp| type| source ---|---|--- 2026-06-23 14:06:18+00:00| exploited| https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/eebbb5b3-1e7e-4a0c-a700-57c26308a5a3 2026-06-30 12:19:19+00:00| exploited|...

9.8CVSS7.3AI score0.05098EPSS
Exploits1References2
circl
circl
added 2026/06/19 4:45 p.m.13 views

CVE-2010-3889

creationtimestamp| type| source ---|---|--- 2026-06-19 16:45:39+00:00| exploited| https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/61bdff58-1d5c-4f34-80c6-4ceeea80b6d9 2026-06-23 14:04:10+00:00| exploited|...

7.2CVSS5.8AI score0.01606EPSS
Exploits0References2
nessus
nessus
added 2026/06/19 12:0 a.m.9 views

Photon OS 4.0: Dotnet PHSA-2026-4.0-1036

An update of the dotnet package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-4.0-1036. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

7.8CVSS6.8AI score0.0243EPSS
Exploits0References6
Rows per page
Query Builder