Lucene search
K

2621 matches found

Nuclei
Nuclei
added 17 hours ago19 views

Microsoft Exchange - Pre-Auth SSRF / ACL Bypass (ProxyNotFound)

Microsoft Exchange Server contains a remote code execution caused by improper input validation in the server component, letting remote attackers execute arbitrary code, exploit requires network access to the server. id: CVE-2021-28480 info: name: Microsoft Exchange - Pre-Auth SSRF / ACL Bypass...

10CVSS7.6AI score0.83337EPSS
Exploits4References5
Cvelist
Cvelist
added 3 days ago35 views

CVE-2025-30007 HestiaCP < 1.9.5 Authenticated OS Command Injection via DNS Record Management

HestiaCP before 1.9.5 contains an authenticated OS command injection vulnerability that allows low-privilege authenticated users to execute arbitrary commands as root by injecting a single-quote character into unvalidated DNS record types. Attackers can exploit insufficient input validation in...

8.8CVSS0.02077EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 6 days ago7 views

Cisco Catalyst Center Arbitrary File Read (cisco-sa-catc-file-read-wLH2vf8X)

The version of Cisco Catalyst Center formerly Cisco DNA Center installed on the remote host is affected by a vulnerability. - A vulnerability in Cisco Catalyst Center could allow an unauthenticated, remote attacker to read arbitrary files from a restricted container. This vulnerability is due to...

7.5CVSS7.3AI score0.00756EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/07/06 9:34 a.m.35 views

CVE-2026-49042 Apache Camel: langchain4j-tools: filter tool argument headers against declared parameters

Improper Input Validation vulnerability in Apache Camel. This issue affects Apache Camel: from 4.8.0 through 4.18.2, from 4.19.0 through 4.20.0. Users are recommended to upgrade to version 4.18.3, 4.21.0, which fixes the issue...

0.00399EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/06 12:0 a.m.11 views

PT-2026-55888

Name of the Vulnerable Software and Affected Versions Apache Camel versions 4.3.0 through 4.14.7 Apache Camel versions 4.15.0 through 4.18.2 Apache Camel versions 4.19.0 through 4.20.9 Description Improper input validation in the camel-elasticsearch-rest-client component allows for authorization...

5.3CVSS6.1AI score0.00451EPSS
Exploits1References6
EUVD
EUVD
added 2026/07/05 12:2 p.m.12 views

EUVD-2026-41753

An unauthenticated improper input validation vulnerability in the POST /fetchcvedata endpoint in cve-search. A remote attacker can manipulate request parameters controlling the MongoDB collection, projected fields, and regular-expression filters to read arbitrary application MongoDB collections...

9.2CVSS6.2AI score0.00349EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/05 12:2 p.m.5 views

CVE-2026-59509

An unauthenticated improper input validation vulnerability in the POST /fetchcvedata endpoint in cve-search. A remote attacker can manipulate request parameters controlling the MongoDB collection, projected fields, and regular-expression filters to read arbitrary application MongoDB collections...

9.2CVSS6.2AI score0.00349EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/03 2:1 a.m.8 views

CVE-2022-4989

UNSUPPORTED WHEN ASSIGNED Improper Validation of Specified Quantity in Input in the ASUS AI Suite 3 driver allows a local user to access unintended memory regions via crafted IOCTL requests, leading to privilege escalation...

8.5CVSS5.8AI score0.00103EPSS
Exploits0References2
OSV
OSV
added 2026/07/02 2:13 p.m.2 views

PYSEC-2026-708 Improper Input Validation in OpenCV

OpenCV 3.0.0 allows remote attackers to cause a denial of service segfault via vectors involving corrupt chunks. This issue was fixed in OpenCV version 3.3.1 corresponding to OpenCV 3.3.1.11...

5.5CVSS6AI score0.01031EPSS
Exploits1References7
Tenable Nessus
Tenable Nessus
added 2026/07/02 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-14428

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Insufficient validation of untrusted input in Dawn in Google Chrome on Android prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer...

8.3CVSS6.2AI score0.00259EPSS
Exploits0References2
NVD
NVD
added 2026/07/01 5:16 p.m.12 views

CVE-2026-56151

Improper Input Validation CWE-20 in Kibana can lead to a denial of service via Input Data Manipulation CAPEC-153. An authenticated user can submit a specially crafted Fleet policy input that is not correctly validated, which can render Fleet agent, server, and policy management functionality...

6.5CVSS0.00281EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/01 4:27 p.m.32 views

CVE-2026-20191 Cisco Catalyst Center Arbitrary File Read Vulnerability

A vulnerability in Cisco Catalyst Center could allow an unauthenticated, remote attacker to read arbitrary files from a restricted container. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request...

7.5CVSS0.00756EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/07/01 2:58 p.m.6 views

CVE-2026-24250

NVIDIA Megatron Bridge for Linux contains a vulnerability where an attacker could cause improper validation of allowed inputs. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure...

7.8CVSS5.8AI score0.00155EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2026/07/01 4:17 a.m.9 views

CVE-2026-20457

In Modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patc...

5.3CVSS0.00182EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.7 views

PT-2026-54702

Name of the Vulnerable Software and Affected Versions Cisco Catalyst Center affected versions not specified Description Insufficient validation of user-supplied input allows an unauthenticated, remote attacker to read arbitrary files from a restricted container. This is achieved by sending a...

7.5CVSS6AI score0.00756EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.13 views

PT-2026-54454

Name of the Vulnerable Software and Affected Versions Modem affected versions not specified Description Improper input validation in the Modem can cause a system crash. This allows a remote denial of service if a User Equipment UE connects to a rogue base station controlled by an attacker. The...

5.3CVSS6.2AI score0.00169EPSS
Exploits0References8
OSV
OSV
added 2026/06/30 11:17 p.m.3 views

DEBIAN-CVE-2026-14045

Insufficient validation of untrusted input in Network in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to leak cross-origin data via a crafted HTML page. Chromium security severity: Low...

4.3CVSS5.8AI score0.00201EPSS
Exploits0References1
NVD
NVD
added 2026/06/30 11:17 p.m.6 views

CVE-2026-13991

Insufficient validation of untrusted input in Chrome for iOS in Google Chrome on iOS prior to 150.0.7871.47 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Medium...

4.3CVSS0.00169EPSS
Exploits0References2
OSV
OSV
added 2026/06/30 11:17 p.m.5 views

DEBIAN-CVE-2026-13927

Insufficient validation of untrusted input in UI in Google Chrome on Android prior to 150.0.7871.47 allowed a local attacker to perform privilege escalation via a malicious file. Chromium security severity: Medium...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References1
NVD
NVD
added 2026/06/30 11:17 p.m.4 views

CVE-2026-13893

Insufficient validation of untrusted input in WebUI in Google Chrome prior to 150.0.7871.47 allowed a remote attacker to leak cross-origin data via malicious network traffic. Chromium security severity: Medium...

6.5CVSS0.00293EPSS
Exploits0References2
Rows per page
Query Builder