6197 matches found
XWiki <= 17.3.0 - Server-Side Template Injection (SSTI)
XWiki = 17.3.0 contains a server-side template injection caused by improper validation of Apache Velocity template code in the Administration interface HTTP Meta Info field, letting authenticated administrators execute arbitrary template logic. id: CVE-2025-51991 info: name: XWiki = 17.3.0 -...
Angular-Base64-Upload - Remote Code Execution
angular-base64-upload prior to v0.1.21 is vulnerable to unauthenticated remote code execution via demo/server.php. Exploiting this vulnerability allows an attacker to upload arbitrary content to the server, which can subsequently be accessed through demo/uploads. This leads to the execution of...
Vendure - Arbitrary File Read
Vendure is an open-source headless commerce platform. Prior to versions 3.0.5 and 2.3.3, a vulnerability in Vendure's asset server plugin allows an attacker to craft a request which is able to traverse the server file system and retrieve the contents of arbitrary files, including sensitive data...
Blueimp jQuery-File-Upload v9.22.0 - Unrestricted File Upload
Blueimp jQuery-File-Upload v9.22.0 contains an unauthenticated arbitrary file upload caused by insufficient validation in the upload component, letting remote attackers upload malicious files, exploit requires no authentication. id: CVE-2018-9206 info: name: Blueimp jQuery-File-Upload v9.22.0 -...
xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: use-after-free in SyncChangeCounter()
A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChangeCounter. A client that sets up multiple SyncCounters can trigger a use-after-free when destroying those counters via a second client connection while changing those counters. This may be used to crash the server, or f...
CVE-2026-56003
A heap buffer overflow due to missing size checking in the property buffer when parsing PCF files in libXfont2 ComputeScaledProperties before libXfont2 before 2.0.8 could be used by attackers using authenticated X clients to execute code within the X server...
EUVD-2026-42177
An Improper Authentication vulnerability affecting DELMIA Apriso from Release 2020 through Release 2026 could allow an attacker to gain privileged access to the server...
CVE-2026-5268
Technical details about CVE-2026-5268 are not publicly provided in the supplied documents. No affected products, versions, root cause, or remediation are enumerated here. Monitor for updates and additional technical disclosures.
PT-2026-54750
Name of the Vulnerable Software and Affected Versions Guardian language-system affected versions not specified Description An unauthenticated remote attacker can execute arbitrary OS commands on the server. The issue occurs because the translate text.php file passes the id GET parameter directly...
PYSEC-2026-371 Open Source Kubectl MCP Server vulnerable to arbitrary code execution via user interaction with crafted HTML page
An issue in Open Source Kubectl MCP Server v1.1.1 allows attackers to execute arbitrary code on a victim system via user interaction with a crafted HTML page...
ALPINE-CVE-2026-48619
A flaw in Node.js HTTP/2 client allows a server to send an unlimited number of ORIGIN frames, which could lead to an Out of Memory error on the client. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...
CVE-2026-54069
SiYuan Note
CVE-2026-12986
A critical vulnerability in Admin GUI in Payara Server Full 4.x, 5.x, 6.x, 7.x, 7.2026.x, 6.2025.x, 6.2024.x on All platforms that allows the attacker to leak the admin gfresttoken to an attacker-controlled host that can result in a full unauthenticated takeover of Payara admin domain. A...
redis: RESTORE invalid memory access may allow remote code execution
A flaw was found in Redis. An authenticated attacker with permission to execute the RESTORE command can send a crafted serialized payload that may lead to an invalid memory access due to an improper validation of the serialized values. This flaw can cause the server to crash and may allow arbitra...
Deserialization of Untrusted Data
Overview Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the JMX RMI connector. An attacker can execute arbitrary code on the server by sending specially crafted serialized Java objects prior to authentication. Note: This is only exploitable if the JMX...
GHSA-VM85-HXW5-5432 vulnerabilities
Vulnerabilities for packages: nextcloud-server...
Amazon Linux 2023 : libnetapi, libnetapi-devel, libsmbclient (ALAS2023-2026-1895)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1895 advisory. unauthenticated udp packet crashes AD DC nbt server CVE-2026-3238 Samba file servers and classic non-AD domain controllers offer theSamValidatePasswordChange and SamValidatePasswordReset RPC...
Linux Distros Unpatched Vulnerability : CVE-2026-12199
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in nltk.app.wordnetapp up to version 3.9.3 allows unauthenticated remote shutdown of the local WordNet Browser HTTP server when started in its...
CVE-2026-12621
GridTime 3000 GNSS Time Server Password Reset form is vulnerable to XSS due to improper neutralization of input during web page generation. Affected from 1.0r0.03 up to, but not including, 1.2r0.0. Base CVSS v4 score is 5.3 (Medium). No exploitation details are provided in the documents; no remed...
CVE-2026-48937
A flaw in Node.js HTTP/2 server API can cause servers to keep accepting data even after sending a GOAWAY frame. This vulnerability affects two supported release lines: Node.js 22 and Node.js 24...