Lucene search
K

22 matches found

VulnCheck KEV
VulnCheck KEV
added 4 days ago7 views

VulnCheck KEV: CVE-2026-57624

Unauthenticated Remote Code Execution RCE in Blocksy Companion Pro = 2.1.46 versions...

10CVSS5.9AI score0.00697EPSS
In wildExploits0References2
VulnCheck KEV
VulnCheck KEV
added 2026/06/16 12:0 a.m.16 views

VulnCheck KEV: CVE-2026-10735

Multiple Shapedsmart-post-show-pro WordPress plugin before 4.0.2, Real Testimonials Pro WordPress plugin before 3.2.5, Product Slider for WooCommerce Pro WordPress plugin before 3.5.3 Pro smart-post-show-pro WordPress plugin before 4.0.2, Real Testimonials Pro WordPress plugin before 3.2.5, Produ...

7.5CVSS6.2AI score0.00387EPSS
In wildExploits1References2
VulnCheck KEV
VulnCheck KEV
added 2026/06/08 12:0 a.m.14 views

VulnCheck KEV: CVE-2026-49060

Incorrect Privilege Assignment vulnerability in Hippoo Mobile App for WooCommerce allows Privilege Escalation. This issue affects Hippoo Mobile App for WooCommerce: from n/a through 1.9.4...

9.8CVSS5.4AI score0.00514EPSS
In wildExploits1References3
HackRead
HackRead
added 2026/05/23 11:16 a.m.13 views

RondoDox Botnet Exploits Critical 2018 Vulnerability to Hijack ASUS Routers

Cybersecurity firm VulnCheck reveals hackers are using a critical 2018 vulnerability to bypass authentication and hack over a million ASUS routers...

5.8AI score
Exploits0
VulnCheck KEV
VulnCheck KEV
added 2026/04/27 12:0 a.m.19 views

VulnCheck KEV: CVE-2026-42208

LiteLLM is a proxy server AI Gateway to call LLM APIs in OpenAI or native format. From version 1.81.16 to before version 1.83.7, a database query used during proxy API key checks mixed the caller-supplied key value into the query text instead of passing it as a separate parameter. An...

9.8CVSS6AI score0.86607EPSS
In wildExploits7References3
VulnCheck KEV
VulnCheck KEV
added 2026/04/26 12:0 a.m.6 views

VulnCheck KEV: CVE-2026-4047

A vulnerability is present in Qinglong due to improperly matching case sensitive paths used by middleware authenticaion but the underlying Express.js framework treats paths case insensitively...

5.3AI score
In wildExploits0References2
VulnCheck KEV
VulnCheck KEV
added 2026/03/31 12:0 a.m.10 views

VulnCheck KEV: CVE-2023-36899

ASP.NET Elevation of Privilege Vulnerability...

8.8CVSS5.8AI score0.74288EPSS
In wildExploits1References2
The Hacker News
The Hacker News
added 2026/01/07 4:31 a.m.7 views

Ongoing Attacks Exploiting Critical RCE Vulnerability in Legacy D-Link DSL Routers

A newly discovered critical security flaw in legacy D-Link DSL gateway routers has come under active exploitation in the wild. The vulnerability, tracked as CVE-2026-0625 CVSS score: 9.3, concerns a case of command injection in the "dnscfg.cgi" endpoint that arises as a result of improper...

9.3CVSS9.1AI score0.00964EPSS
Exploits0
Cvelist
Cvelist
added 2025/10/15 1:21 a.m.10 views

CVE-2024-13991 Huijietong Cloud Video Platform fileDownload Arbitrary File Read

Huijietong Cloud Video Platform contains a path traversal vulnerability that allows an unauthenticated attacker can supply arbitrary file paths to the fullPath parameter of the /fileDownload?action=downloadBackupFile endpoint and retrieve files from the server filesystem. VulnCheck has observed...

8.7CVSS0.00418EPSS
Exploits0References2
HackRead
HackRead
added 2025/08/08 7:14 p.m.8 views

15,000 Jenkins Servers at Risk from RCE Vulnerability (CVE-2025-53652)

A new report by VulnCheck exposes a critical command injection flaw CVE-2025-53652 in the Jenkins Git Parameter plugin.…...

8.2CVSS7.4AI score0.00618EPSS
Exploits1
GithubExploit
GithubExploit
added 2025/05/03 10:7 p.m.25 views

nuclei-templates

Nuclei Templates Community curated list of templates for the nu...

5.7AI score
Exploits0
VulnCheck KEV
VulnCheck KEV
added 2025/02/26 12:0 a.m.3 views

VulnCheck KEV: CVE-2024-28916

Xbox Gaming Services Elevation of Privilege Vulnerability...

8.8CVSS7.3AI score0.00652EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2024/11/19 12:0 a.m.3 views

VulnCheck KEV: CVE-2024-44309

Apple iOS, macOS, and other Apple products contain an unspecified vulnerability when processing maliciously crafted web content that may lead to a cross-site scripting XSS attack...

6.3CVSS7.2AI score0.21044EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2024/04/09 12:0 a.m.3 views

VulnCheck KEV: CVE-2024-26234

Proxy Driver Spoofing Vulnerability...

6.7CVSS7.4AI score0.04853EPSS
Exploits0References1
VulnCheck KEV
VulnCheck KEV
added 2024/03/21 12:0 a.m.4 views

VulnCheck KEV: CVE-2023-21716

Microsoft Word Remote Code Execution Vulnerability...

9.8CVSS7.4AI score0.82302EPSS
Exploits11References1
The Hacker News
The Hacker News
added 2024/03/11 9:53 a.m.71 views

BianLian Threat Actors Exploiting JetBrains TeamCity Flaws in Ransomware Attacks

The threat actors behind the BianLian ransomware have been observed exploiting security flaws in JetBrains TeamCity software to conduct their extortion-only attacks. According to a new report from GuidePoint Security, which responded to a recent intrusion, the incident "began with the exploitatio...

10CVSS10AI score0.99984EPSS
Exploits72
VulnCheck KEV
VulnCheck KEV
added 2023/11/30 12:0 a.m.4 views

VulnCheck KEV: CVE-2022-0769

The Users Ultra WordPress plugin through 3.1.0 fails to properly sanitize and escape the datatarget parameter before it is being interpolated in an SQL statement and then executed via the ratingvote AJAX action available to both unauthenticated and authenticated users, leading to an SQL...

9.8CVSS7.4AI score0.08415EPSS
Exploits2References1
The Hacker News
The Hacker News
added 2023/07/13 12:56 p.m.135 views

Fake PoC for Linux Kernel Vulnerability on GitHub Exposes Researchers to Malware

In a sign that cybersecurity researchers continue to be under the radar of malicious actors, a proof-of-concept PoC has been discovered on GitHub, concealing a backdoor with a "crafty" persistence method. "In this instance, the PoC is a wolf in sheep's clothing, harboring malicious intent under t...

7.8CVSS7.5AI score0.00476EPSS
Exploits0
VulnCheck KEV
VulnCheck KEV
added 2022/05/25 12:0 a.m.4 views

VulnCheck KEV: CVE-2019-3010

Oracle Solaris component: XScreenSaver contains an unspecified vulnerability that allows for privilege escalation...

8.8CVSS7.3AI score0.13506EPSS
Exploits8References1
VulnCheck KEV
VulnCheck KEV
added 2022/03/28 12:0 a.m.5 views

VulnCheck KEV: CVE-2021-34484

Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation...

7.8CVSS7.3AI score0.14393EPSS
Exploits2References1
Rows per page
Query Builder