Lucene search
+L

16916 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:3 a.m.9 views

CVE-2024-39284

Uncontrolled search path for some IntelR Advisor software before version 2024.2 may allow an authenticated user to potentially enable escalation of privilege via local access...

6.7CVSS7.1AI score0.00195EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:56 a.m.8 views

CVE-2023-40173

Social media skeleton is an uncompleted/framework social media project implemented using a php, css ,javascript and html. Prior to version 1.0.5 Social media skeleton did not properly salt passwords leaving user passwords susceptible to cracking should an attacker gain access to hashed passwords...

7.5CVSS6.9AI score0.00535EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:53 a.m.6 views

CVE-2021-27475

Rockwell Automation Connected Components Workbench v12.00.00 and prior does not limit the objects that can be deserialized. This vulnerability allows attackers to craft a malicious serialized object that, if opened by a local user in Connected Components Workbench, may result in remote code...

8.6CVSS7.4AI score0.0281EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:52 a.m.7 views

CVE-2021-33010

An exception is thrown from a function in AVEVA System Platform versions 2017 through 2020 R2 P01, but it is not caught, which may cause a denial-of-service condition...

7.5CVSS6.7AI score0.01028EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:50 a.m.5 views

CVE-2021-31883

A vulnerability has been identified in Capital Embedded AR Classic 431-422 All versions, Capital Embedded AR Classic R20-11 All versions V2303. When processing a DHCP ACK message, the DHCP client application does not validate the length of the Vendor options, leading to Denial-of-Service...

7.5CVSS6.4AI score0.01477EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:50 a.m.10 views

CVE-2021-31559

A crafted request bypasses S2S TCP Token authentication writing arbitrary events to an index in Splunk Enterprise Indexer 8.1 versions before 8.1.5 and 8.2 versions before 8.2.1. The vulnerability impacts Indexers configured to use TCPTokens. It does not impact Universal Forwarders...

7.5CVSS7.1AI score0.00833EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:50 a.m.19 views

CVE-2021-22127

An improper input validation vulnerability in FortiClient for Linux 6.4.x before 6.4.3, FortiClient for Linux 6.2.x before 6.2.9 may allow an unauthenticated attacker to execute arbitrary code on the host operating system as root via tricking the user into connecting to a network with a malicious...

8CVSS7.9AI score0.00476EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:50 a.m.13 views

CVE-2021-22640

An attacker can decrypt the Ovarro TBox login password by communication capture and brute force attacks...

9.8CVSS7AI score0.00687EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:49 a.m.11 views

CVE-2021-22646

The “ipk” package containing the configuration created by TWinSoft can be uploaded, extracted, and executed in Ovarro TBox, allowing malicious code execution...

9.8CVSS7AI score0.01196EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:49 a.m.16 views

CVE-2021-22209

An issue has been discovered in GitLab CE/EE affecting all versions starting from 13.8. GitLab was not properly validating authorisation tokens which resulted in GraphQL mutation being executed...

7.5CVSS6.4AI score0.00934EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:49 a.m.4 views

CVE-2025-23786

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in DuoGeek Email to Download email-to-download allows Reflected XSS.This issue affects Email to Download: from n/a through = 3.1.0...

7.1CVSS7.2AI score0.00297EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:49 a.m.5 views

CVE-2025-23885

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in anildhiman MJ Contact us mj-contact-us allows Reflected XSS.This issue affects MJ Contact us: from n/a through = 5.2.3...

7.1CVSS7.2AI score0.0022EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:49 a.m.6 views

CVE-2025-23984

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in brainvireinfo Dynamic URL SEO dynamic-url-seo allows Reflected XSS.This issue affects Dynamic URL SEO: from n/a through = 1.0...

7.1CVSS7.2AI score0.00313EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:49 a.m.13 views

CVE-2025-23687

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in simonhunter Woo Store Mode woo-store-mode allows Reflected XSS.This issue affects Woo Store Mode: from n/a through = 1.0.1...

7.1CVSS7.2AI score0.00213EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:49 a.m.6 views

CVE-2025-23690

Cross-Site Request Forgery CSRF vulnerability in ArtkanMedia Book a Place book-a-place allows Stored XSS.This issue affects Book a Place: from n/a through = 0.7.1...

7.1CVSS7.2AI score0.00169EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:49 a.m.6 views

CVE-2025-23498

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ContentLocalized Translation.Pro translation-pro allows Reflected XSS.This issue affects Translation.Pro: from n/a through = 1.0.0...

7.1CVSS7.2AI score0.00378EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:49 a.m.5 views

CVE-2025-23618

Cross-Site Request Forgery CSRF vulnerability in starise Twitter Shortcode twitter-shortcode allows Stored XSS.This issue affects Twitter Shortcode: from n/a through = 0.9...

7.1CVSS7.2AI score0.00184EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:48 a.m.7 views

CVE-2025-23672

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in tenteeglobal Instant Appointment instant-appointment allows Reflected XSS.This issue affects Instant Appointment: from n/a through = 1.2...

7.1CVSS7.2AI score0.00357EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:48 a.m.4 views

CVE-2025-23753

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in digireturn DN Sitemap Control dn-sitemap-control allows Reflected XSS.This issue affects DN Sitemap Control: from n/a through = 1.0.6...

7.1CVSS5.9AI score0.00363EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:48 a.m.3 views

CVE-2025-23438

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Vincent Mimoun-Prat WP PT-Viewer wp-ptviewer allows Reflected XSS.This issue affects WP PT-Viewer: from n/a through = 2.0.2...

7.1CVSS7.2AI score0.00397EPSS
Exploits0References1
Rows per page
Query Builder