Lucene search
K

2439 matches found

OSV
OSV
added 2025/10/02 11:15 a.m.2 views

DEBIAN-CVE-2025-54293

Path Traversal in the log file retrieval function in Canonical LXD 5.0 LTS on Linux allows authenticated remote attackers to read arbitrary files on the host system via crafted log file names or symbolic links...

6.5CVSS5.6AI score0.00537EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/10/01 4:12 p.m.3 views

CVE-2025-20361 Cisco Unified Communications Manager Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of...

4.8CVSS5.9AI score0.00207EPSS
Exploits0References1
NVD
NVD
added 2025/09/30 11:37 a.m.3 views

CVE-2025-41094

Insecure Direct Object Reference IDOR vulnerability in BOLD Workplanner in versions prior to 2.5.25 4935b438f9b, consisting of a lack of adequate validation of user input, allowing an authenticated user to access to functional contract details using unauthorised internal identifiers...

7.1CVSS0.00234EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/30 11:31 a.m.4 views

CVE-2025-8868

In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in the compliance service via improperly neutralized inputs used in an SQL command using a well-known token...

9.8CVSS7.5AI score0.22827EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/30 3:35 a.m.4 views

CVE-2025-10000 Qyrr – simply and modern QR-Code creation <= 2.0.7 - Authenticated (Contributor+) Arbitrary File Upload

The Qyrr – simply and modern QR-Code creation plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the blobtofile function in all versions up to, and including, 2.0.7. This makes it possible for authenticated attackers, with Contributor-level access...

6.4CVSS6.9AI score0.00361EPSS
Exploits0References2
NVD
NVD
added 2025/09/29 12:15 p.m.16 views

CVE-2025-8868

In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in the compliance service via improperly neutralized inputs used in an SQL command using a well-known token...

9.8CVSS0.22827EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/27 4:45 a.m.10 views

CVE-2025-10037

The Featured Image from URL FIFU plugin for WordPress is vulnerable to SQL Injection via the getpostswithinternalfeaturedimage function in all versions up to, and including, 5.2.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...

4.9CVSS6.6AI score0.00306EPSS
Exploits0References1
CVE
CVE
added 2025/09/26 8:18 a.m.14 views

CVE-2025-1862

The CVE-2025-1862 entry concerns WSO2 products with an arbitrary file upload vulnerability in the BPEL uploader SOAP service endpoint caused by improper validation of user-supplied filenames. The flaw allows an authenticated attacker (with administrative privileges) to upload files to a server-co...

7.2CVSS8AI score0.00502EPSS
Exploits0References1Affected Software4
Tenable Nessus
Tenable Nessus
added 2025/09/25 12:0 a.m.5 views

Apache Solr < 9.8.0 ConfigSet Privilege Escalation via <lib> Injection (CVE-2025-24814)

Solr instances that 1 use the 'FileSystemConfigSetService' component the default in 'standalone' or 'user-managed' mode, and 2 are running without authentication and authorization are vulnerable to a sort of privilege escalation wherein individual 'trusted' configset files can be ignored in favor...

5.5CVSS6.2AI score0.01136EPSS
Exploits0References2
NVD
NVD
added 2025/09/24 5:15 p.m.6 views

CVE-2025-20334

A vulnerability in the HTTP API subsystem of Cisco IOS XE Software could allow a remote attacker to inject commands that will execute with root privileges into the underlying operating system. This vulnerability is due to insufficient input validation. An attacker with administrative privileges...

8.8CVSS0.00468EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2025/09/24 12:0 a.m.7 views

Linux Kernel ksmbd smb2_sess_setup Preauth_HashValue Race Condition Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Linux Kernel. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of the PreauthHashValue field. The issue results from the lack of proper locking...

8.5CVSS7.6AI score0.00391EPSS
Exploits1References1
Zero Day Initiative
Zero Day Initiative
added 2025/09/24 12:0 a.m.3 views

Linux Kernel ksmbd generate_key context.iov_base Null Pointer Dereference Denial-of-Service Vulnerability

This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of the Linux Kernel. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of a context value when updating a hash function. The issue...

5.3CVSS6.6AI score0.07142EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/20 4:27 a.m.1 views

CVE-2025-10002 ClickWhale <= 2.5.0 - Authenticated (Admin+) SQL injection

The ClickWhale – Link Manager, Link Shortener and Click Tracker for Affiliate Links & Link Pages plugin for WordPress is vulnerable to SQL Injection via the exportcsv function in all versions up to, and including, 2.5.0 due to insufficient escaping on the user supplied parameter and lack of...

4.9CVSS6.2AI score0.00276EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/09/19 5:33 p.m.6 views

CVE-2025-35431

CISA Thorium does not escape user controlled strings used in LDAP queries. An authenticated remote attacker can modify LDAP authorization data such as group memberships. Fixed in 1.1.1...

5.4CVSS6.9AI score0.00285EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/18 9:24 p.m.4 views

CVE-2025-54497 Cognex In-Sight Explorer and In-Sight Camera Firmware Incorrect Permission Assignment for Critical Resource

Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23 to allow management operations such as firmware upgrades and device reboots, which require authentication. A user with protected privileges can successfully invoke the SetSerialPort functionality to...

8.1CVSS6.4AI score0.00293EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/18 12:0 a.m.6 views

PT-2025-38487

Name of the Vulnerable Software and Affected Versions Cognex In-Sight Explorer and In-Sight Camera Firmware affected versions not specified Description The software exposes a telnet-based service on port 23 for management operations, including firmware upgrades and device reboot, which requires...

7.7CVSS6.3AI score0.00125EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/09/15 10:34 p.m.7 views

CVE-2025-30468

This issue was addressed through improved state management. This issue is fixed in iOS 26 and iPadOS 26. Private Browsing tabs may be accessed without authentication...

0.00349EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/12 5:24 a.m.1 views

CVE-2025-8575 LWS Cleaner <= 2.4.1.3 - Authenticated (Administrator+) Arbitrary File Deletion via 'lws_cl_delete_file'

The LWS Cleaner plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'lwscldeletefile' function in all versions up to, and including, 2.4.1.3. This makes it possible for authenticated attackers, with Administrator-level access and above, to...

7.2CVSS7AI score0.00746EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/09/11 8:27 p.m.7 views

CVE-2025-34173

In pfSense CE /usr/local/www/snort/snortipreputation.php, the value of the iplist parameter is not sanitized of directory traversal-related characters/strings before being used to check if a file exists. While the contents of the file cannot be read, the server reveals whether a file exists, whic...

5.3CVSS6.7AI score0.00836EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/09/11 8:27 p.m.7 views

CVE-2025-34176

In pfSense CE /suricata/suricataipreputation.php, the value of the iplist parameter is not sanitized of directory traversal-related strings/characters. This value is directly used in a file existence check operation. While the contents of the file cannot be read, the server reveals whether the fi...

5.3CVSS6.7AI score0.14008EPSS
Exploits0References1
Rows per page
Query Builder