Lucene search
K

206235 matches found

EUVD
EUVD
added 4 hours ago4 views

EUVD-2026-41483

External Control of File Name or Path vulnerability in ASUS Business Manager allows a local user to execute arbitrary code with SYSTEM privileges via a tampered IPC message. Refer to the ' Security Update for ASUS Business Manager ' section on the ASUS Security Advisory for more information...

8.5CVSS6.2AI score
Exploits0References1
EUVD
EUVD
added 6 hours ago4 views

EUVD-2026-41459

An Out-of-bounds Write vulnerability in WatchGuard Fireware OS may allow an unauthenticated attacker on the same local network segment to execute arbitrary code. This vulnerability affects Fireware OS 11.0 up to and including 11.12.4Update1, 12.0 up to and including 12.12 and 2025.1 up to and...

7.7CVSS6AI score
Exploits0References2
BDU FSTEC
BDU FSTEC
added 6 hours ago12 views

The vulnerability of the pg_dump utility in the PostgreSQL database management system allows a hacker to execute arbitrary code.

The vulnerability of the pgdump utility in the PostgreSQL database management system is related to the inclusion of functions from an unverified and uncontrolled area. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

10CVSS7.2AI score0.00709EPSS
Exploits1References11Affected Software9
BDU FSTEC
BDU FSTEC
added 6 hours ago11 views

The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed, allowing an attacker to execute arbitrary code.

The vulnerability of Microsoft Office packages and 365 Apps for Enterprise lies in the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

8.4CVSS6AI score0.00425EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 6 hours ago8 views

The vulnerability of the Directum Web Agent component of the Directum RX system, which arises due to insufficient validation of input data, allows a perpetrator to execute arbitrary code.

The vulnerability of the Directum Web Agent component of the Directum RX system exists due to insufficient validation of input data. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code using a specially crafted file...

8.5CVSS6.1AI score
Exploits0Affected Software1
CVE
CVE
added yesterday10 views

CVE-2026-13053

WatchGuard Fireware OS has an authenticated out-of-bounds write vulnerability in the CLI command handler (CVE-2026-13053). A privileged, authenticated attacker could trigger code execution via a crafted CLI input. Affected versions include Fireware OS 11.0–11.12.4_Update1, 12.0–12.12, and 2025.1–...

8.6CVSS6.1AI score
Exploits0References1
CVE
CVE
added yesterday12 views

CVE-2026-13050

Summary (CVE-2026-13050): An out-of-bounds write in WatchGuard Fireware OS is exposed via the networkd component. An authenticated privileged user can trigger arbitrary code execution by sending specially crafted requests to the Management Web UI. Affected: Fireware OS versions 11.8 (through 11.1...

8.6CVSS6.1AI score
Exploits0References1
EUVD
EUVD
added yesterday10 views

EUVD-2026-36325

OpenClaw: Workspace .env could override Homebrew executable selection for skill install flows...

8.8CVSS5.8AI score0.00298EPSS
Exploits0References3
EUVD
EUVD
added yesterday5 views

EUVD-2026-41378

An improper validation vulnerability for driver GFACSysx64.sys in Little Orbit GFAC allows a local attacker to escalate privileges to SYSTEM and execute arbitrary code in kernel mode via crafted messages sent through a Minifilter communication port...

7.8CVSS6.1AI score
Exploits0References3
NVD
NVD
added yesterday3 views

CVE-2026-57623

Unauthenticated Arbitrary Code Execution in W3 Total Cache = 2.9.4 versions...

9CVSS
Exploits0References1
NVD
NVD
added yesterday3 views

CVE-2026-27436

Editor Arbitrary Code Execution in Five Star Business Profile and Schema = 2.3.19 versions...

9.1CVSS
Exploits0References1
CVE
CVE
added yesterday9 views

CVE-2026-57623

CVE-2026-57623 affects the WordPress W3 Total Cache plugin (versions

9CVSS5.9AI score
Exploits0References1
Cvelist
Cvelist
added yesterday13 views

CVE-2026-27436 WordPress Five Star Business Profile and Schema plugin <= 2.3.19 - Arbitrary Code Execution vulnerability

Editor Arbitrary Code Execution in Five Star Business Profile and Schema = 2.3.19 versions...

9.1CVSS
Exploits0References1
CVE
CVE
added yesterday10 views

CVE-2026-27436

The CVE covers WordPress plugin Five Star Business Profile and Schema (versions

9.1CVSS5.9AI score
Exploits0References1
Nuclei
Nuclei
added yesterday34 views

TOTOLINK CX-A3002RU - Remote Code Execution

An issue in TOTOLINK-CX-A3002RU V1.0.4-B20171106.1512 and TOTOLINK-CX-N150RT V2.1.6-B20171121.1002 and TOTOLINK-CX-N300RT V2.1.6-B20170724.1420 and TOTOLINK-CX-N300RT V2.1.8-B20171113.1408 and TOTOLINK-CX-N300RT V2.1.8-B20191010.1107 and TOTOLINK-CX-N302RE V2.0.2-B20170511.1523 allows a remote...

6.8CVSS6.2AI score0.0379EPSS
Exploits0References4
Nuclei
Nuclei
added yesterday48 views

eyoucms v.1.6.5 - Cross-Site Scripting

Cross Site Scripting XSS vulnerability in the func parameter in eyoucms v.1.6.5 allows a remote attacker to run arbitrary code via crafted URL. id: CVE-2024-22927 info: name: eyoucms v.1.6.5 - Cross-Site Scripting author: ritikchaddha severity: medium description: | Cross Site Scripting XSS...

6.1CVSS6.7AI score0.01028EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday21 views

vBulletin replaceAdTemplate - Remote Code Execution

vBulletin versions 5.0.0 through 6.0.3 contain a Remote Code Execution RCE vulnerability in the ajax/api/ad/replaceAdTemplate endpoint. This flaw arises from improper use of PHP's Reflection API, allowing unauthenticated attackers to invoke protected controller methods. By injecting a crafted...

10CVSS7.9AI score0.69649EPSS
Exploits6References4
Nuclei
Nuclei
added yesterday26 views

Ingress-Nginx Controller - Configuration Injection via Unsanitized `auth-url` Annotation

A security issue was discovered in ingress-nginx https-//github.com/kubernetes/ingress-nginx where the auth-url Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets...

8.8CVSS7.2AI score0.31809EPSS
Exploits8References3
Nuclei
Nuclei
added yesterday91 views

FoxCMS v.1.2.5 - Remote Code Execution

An issue in FoxCMS v.1.2.5 allows a remote attacker to execute arbitrary code via the case display page in the index.html component. id: CVE-2025-29306 info: name: FoxCMS v.1.2.5 - Remote Code Execution author: ritikchaddha severity: critical description: | An issue in FoxCMS v.1.2.5 allows a...

9.8CVSS7.7AI score0.43655EPSS
Exploits11References3
Nuclei
Nuclei
added yesterday14 views

shadoweb wdja v1.5.1 - Cross-Site Scripting

shadoweb wdja v1.5.1 is susceptible to cross-site scripting because it allows attackers to execute arbitrary code and gain escalated privileges via the backurl parameter to /php/passport/index.php. id: CVE-2020-20982 info: name: shadoweb wdja v1.5.1 - Cross-Site Scripting author:...

9.6CVSS7.5AI score0.06095EPSS
Exploits0References3
Rows per page
Query Builder