Lucene search
+L

21 matches found

euvd
euvd
added 16 hours ago4 views

EUVD-2026-44856

The List category posts plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 0.95.0 via the sanitizestatus. This makes it possible for authenticated attackers, with contributor-level access and above, to extract titles, full content, excerpts,...

4.3CVSS6.1AI score
Exploits0References6
nvd
nvd
added 2026/06/22 2:17 p.m.12 views

CVE-2026-9029

A user with Editor permissions can place a malicious script in the attribution field of a Geomap panel's XYZ tile layer via a template variable. The script then executes in the browser of any user who views the affected dashboard stored cross-site scripting...

7.3CVSS0.0025EPSS
Exploits0References1
nessus
nessus
added 2026/06/04 12:0 a.m.50 views

Notepad++ 8.9.6.1 < 8.9.6.2 Multiple Vulnerabilities

The version of Notepad++ installed on the remote host is 8.9.6.1 prior to 8.9.6.2. It is, therefore, affected by multiple vulnerabilities: - An arbitrary code execution vulnerability exists due to improper handling of shortcuts.xml files. A previous fix in version 8.9.6.1 was incomplete, and a...

7.8CVSS7.5AI score0.0036EPSS
Exploits4References5
osv
osv
added 2026/05/19 5:44 p.m.1 views

CVE-2026-33637 Faraday: Protocol-relative URI objects still bypass host scoping (possible incomplete fix for GHSA-33mh-2634-fwr2)

Faraday is an HTTP client library abstraction layer that provides a common interface over many adapters. Versions 2.0.0 through 2.14.1 still allow protocol-relative host override when the request target is passed as a URI object rather than a String to Faraday::Connectionbuildexclusiveurl. This...

5.9AI score0.00272EPSS
Exploits1References4
ptsecurity
ptsecurity
added 2026/04/17 12:0 a.m.14 views

PT-2026-33550

Name of the Vulnerable Software and Affected Versions compressing versions prior to 1.10.5 compressing versions prior to 2.1.1 Description A patch bypass exists in the isPathWithinParent function located in lib/utils.js. The issue stems from a divergence between logical string validation and the...

8.4CVSS6.5AI score0.0024EPSS
Exploits2References8
euvd
euvd
added 2026/04/16 9:12 p.m.6 views

EUVD-2026-23295

Cryptomator is an open-source client-side encryption application for cloud storage. Version 1.19.1 contains a logic flaw in CheckHostTrustController.getAuthority that allows an attacker to bypass the security fix for CVE-2026-32303. The method hardcodes the URI scheme based on port number, causin...

7.6CVSS5.8AI score0.0011EPSS
Exploits1References3
cve
cve
added 2026/04/06 5:54 p.m.91 views

CVE-2026-35177

CVE-2026-35177 affects Vim with the zip.vim plugin prior to 9.2.0280. The issue is a path traversal bypass that can overwrite arbitrary files when opening crafted zip archives, circumventing the prior fix for CVE-2025-53906. The vulnerability is fixed in Vim 9.2.0280. Connected sources also note ...

7.1CVSS6.8AI score0.00126EPSS
Exploits0References1Affected Software1
cvelist
cvelist
added 2026/03/24 6:18 p.m.21 views

CVE-2026-33498 Parse Server: Query condition depth bypass via pre-validation transform pipeline

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.55 and 9.6.0-alpha.44, an attacker can send an unauthenticated HTTP request with a deeply nested query containing logical operators to permanently hang the Parse Server...

8.7CVSS0.00452EPSS
Exploits0References5
ptsecurity
ptsecurity
added 2026/03/09 12:0 a.m.12 views

PT-2026-24112

Name of the Vulnerable Software and Affected Versions Camaleon CMS versions 2.4.5.0 through 2.9.0 Description Camaleon CMS versions 2.4.5.0 through 2.9.0, prior to commit f54a77e, have a path traversal issue in the AWS S3 uploader implementation. Authenticated users can read arbitrary files from...

6.5CVSS5.9AI score0.00732EPSS
Exploits0References13
nessus
nessus
added 2026/03/04 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2024-36138

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Bypass incomplete fix of CVE-2024-27980, that arises from improper handling of batch files with all possible extensions on Windows via childprocess.spawn /...

8.1CVSS7.7AI score0.01411EPSS
Exploits0References2
osv
osv
added 2025/12/15 10:21 a.m.4 views

CVE-2025-37732 Kibana Cross-site Scripting via the Integration Package Upload Functionality

Improper neutralization of input during web page generation 'Cross-site Scripting' CWE-79 allows an authenticated user to render HTML tags within a user’s browser via the integration package upload functionality. This issue is related to ESA-2025-17 CVE-2025-25018 bypassing that fix to achieve HT...

5.4CVSS6AI score0.00154EPSS
Exploits0References3
redhat
redhat
added 2025/12/10 5:51 p.m.2 views

uri: URI module: Credential exposure via URI + operator

A flaw was found in the URI module. A remote attacker could exploit this vulnerability by using the + operator to combine Uniform Resource Identifiers URIs. This bypasses a previous fix and can lead to the leakage of sensitive information, such as user credentials passwords, from the original URI...

7.5CVSS5.8AI score0.0051EPSS
Exploits0References9
cve
cve
added 2025/11/24 11:56 p.m.18 views

CVE-2025-62155

The CVE-2025-62155 entry concerns QuantumNous/new-api. A SSRF vulnerability existed prior to version 0.9.6 where the fix only protected the first URL request; an attacker could bypass via a 302 redirect and reach internal/intranet resources. The issue has been addressed in version 0.9.6, accordin...

8.5CVSS6.5AI score0.00265EPSS
Exploits0References1
osv
osv
added 2025/11/24 8:5 p.m.7 views

GHSA-9F46-W24H-69W4 new-api is vulnerable to SSRF Bypass

Summary A recently patched SSRF vulnerability contains a bypass method that can bypass the existing security fix and still allow SSRF to occur. Because the existing fix only applies security restrictions to the first URL request, a 302 redirect can bypass existing security measures and successful...

8.5CVSS6.8AI score0.00265EPSS
Exploits0References4
vulnrichment
vulnrichment
added 2024/12/12 12:46 p.m.29 views

CVE-2024-36498 Stored cross site scripting

Due to missing input sanitization, an attacker can perform cross-site-scripting attacks and run arbitrary Javascript in the browser of other users. The "Edit Disclaimer Text" function of the configuration menu is vulnerable to stored XSS. Only the users Poweruser and Admin can use this function...

6.6AI score0.0054EPSS
Exploits0References2
osv
osv
added 2024/10/22 7:48 p.m.12 views

CLSA-2024-1729626489 php: Fix of CVE-2024-8927

CVE-2024-8927: Fix bypass of cgi.forceredirect configuration...

7.5CVSS6.7AI score0.01054EPSS
Exploits1References1
nvd
nvd
added 2024/08/14 10:15 p.m.26 views

CVE-2024-43368

The Trix editor, versions prior to 2.1.4, is vulnerable to XSS when pasting malicious code. This vulnerability is a bypass of the fix put in place for GHSA-qjqp-xr96-cj99. In pull request 1149, sanitation was added for Trix attachments with a text/html content type. However, Trix only checks the...

6.5CVSS0.00487EPSS
Exploits0References6
hackerone
hackerone
added 2020/04/08 11:45 a.m.31 views

Rocket.Chat: Desktop app RCE (#276031 bypass)

Summary: 276031 fix bypass, two click remote code execution. Description: The security issue is in links preload file https://github.com/RocketChat/Rocket.Chat.Electron/blob/master/src/preload/links.js file. By rewriting RegExp.prototype.test method it is possible to prepare proper answers to get...

0.8AI score
Exploits0
hackerone
hackerone
added 2019/04/18 12:33 p.m.25 views

ZEIT: [Fix Bypass #541631] Open redirect on Signup

Some signup and login paths did not verify the ?next= query param properly and allowed an open redirect with a carefully crafted invalid URL. It is standard practise to use a redirect query param in login and signup endpoints but the value should be carefully validated before accepting to redirec...

1.1AI score
Exploits0
nvd
nvd
added 2018/02/26 3:29 p.m.28 views

CVE-2018-7489

FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of th...

9.8CVSS9.5AI score0.20135EPSS
Exploits0References28
Rows per page
Query Builder