Lucene search
K

14 matches found

CVE
CVE
added 2026/05/03 2:15 p.m.18 views

CVE-2026-7700

Langflow-ai Langflow up to v1.8.4 is affected by a code injection in the LambdaFilterComponent’s eval function (src/lfx/src/lfx/components/llm_operations/lambda_filter.p). The underlying issue is unsafe evaluation of input, enabling remote exploitation. The CVE indicates the attack can be perform...

6.5CVSS6.3AI score0.00291EPSS
Exploits0References4
CVE
CVE
added 2026/04/26 1:19 p.m.17 views

CVE-2018-25263

Faleemi Desktop Software 1.8.2 contains a local buffer overflow in the Device alias field of the Managing Log interface that allows an attacker with local access to trigger a structured exception handler (SEH) overwrite and execute arbitrary code (PoC shows calculator). The vulnerability is trigg...

8.6CVSS6.3AI score0.00147EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/09 9:49 a.m.10 views

CVE-2020-24220

ShopXO v1.8.1 has a command execution vulnerability. Attackers can use this vulnerability to execute arbitrary commands and gain control of the server...

9CVSS8.2AI score0.02401EPSS
Exploits0References1
OSV
OSV
added 2025/12/18 8:16 a.m.4 views

CVE-2025-58948

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in axiomthemes Aromatica aromatica allows PHP Local File Inclusion.This issue affects Aromatica: from n/a through = 1.8...

8.1CVSS5.8AI score0.00445EPSS
Exploits0References1
CVE
CVE
added 2025/12/08 12:32 p.m.21 views

CVE-2025-14245

IdeaCMS up to version 1.8 contains a SQL injection vulnerability in the whereRaw usage of Coupon.php (app/common/logic/index/Coupon.php). The root cause is improper manipulation of the params argument, enabling remote attacker input to influence SQL queries. Multiple security feeds (NVD, Red Hat,...

9.8CVSS6.8AI score0.00339EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/05/23 12:0 a.m.15 views

PT-2025-54: Business Logic Errors in FreeScout

The vulnerability was identified in FreeScout , versions v.1.8.173 and 1.8.174. The discovered vulnerability allows an attacker to gain access to a functional capability without completing the required sequence of actions, bypassing the intended business workflow. Vulnerability status: Confirmed ...

7CVSS5.8AI score0.0027EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:33 p.m.6 views

CVE-2020-26041

An issue was discovered in Hoosk CmS v1.8.0. There is an Remote Code Execution vulnerability in install/index.php...

9.8CVSS7.6AI score0.02756EPSS
Exploits1
Cvelist
Cvelist
added 2025/05/16 3:45 p.m.21 views

CVE-2025-32180 WordPress Product Carousel For WooCommerce – WoorouSell plugin <= 1.1.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in mojofywp Product Carousel For WooCommerce – WoorouSell woorousell allows Stored XSS.This issue affects Product Carousel For WooCommerce – WoorouSell: from n/a through = 1.1.0...

6.5CVSS0.00215EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/04/29 12:0 a.m.7 views

PT-2024-13396

Name of the Vulnerable Software and Affected Versions PyPXE version 1.8.4 Description The issue allows a remote attacker to cause a denial of service via the handle function in the tftp module. Recommendations For PyPXE version 1.8.4, consider disabling the handle function in the tftp module as a...

8.8CVSS7.2AI score0.00539EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2023/07/08 12:0 a.m.5 views

PT-2023-25234 · Gz Scripts · Gz Multi Hotel Booking System

Name of the Vulnerable Software and Affected Versions: GZ Scripts GZ Multi Hotel Booking System version 1.8 Description: A vulnerability was found in the GZ Multi Hotel Booking System. It has been classified as problematic. The issue affects an unknown function of the file /index.php. The...

6.1CVSS4.3AI score0.00506EPSS
Exploits0References5
CNNVD
CNNVD
added 2023/03/24 12:0 a.m.5 views

Deno 安全漏洞

Deno is open source a simple , modern and secure JavaScript and TypeScript runtime environment . It uses V8 and is built with Rust. A security vulnerability exists in Deno 1.8.0 and earlier versions that exploits a vulnerability that allows a malicious program to clear the first two lines of the...

8.8CVSS8.4AI score0.01142EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/10/11 12:0 a.m.4 views

Dell Hybrid Client 安全漏洞

Dell Hybrid Client is a software application from Dell USA Inc. It provides a client computing software with hybrid cloud management capabilities. A security vulnerability previously existed in Dell Hybrid Client version 1.8, which stemmed from the inclusion of a Zip Bomb vulnerability in the UI....

7.5CVSS7.3AI score0.00472EPSS
Exploits0References2
OSV
OSV
added 2019/01/10 3:33 p.m.10 views

SUSE-SU-2019:0061-1 Security update for haproxy

This update for haproxy to version 1.8.15 fixes the following issues: Security issues fixed: - CVE-2018-20102: Fixed an out-of-bounds read in dnsvalidatednsresponse, which allowed for memory disclosure bsc1119368 - CVE-2018-20103: Fixed an infinite recursion via crafted packet allows stack...

7.5CVSS7.5AI score0.06593EPSS
Exploits0References5
OSV
OSV
added 2017/08/29 1:35 a.m.4 views

CVE-2017-10831

Untrusted search path vulnerability in The electronic authentication system based on the commercial registration system "The CRCA user's Software" Ver1.8 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory...

7.8CVSS5.8AI score0.01456EPSS
Exploits0References2
Rows per page
Query Builder