Lucene search
K

19633 matches found

RedHat Linux
RedHat Linux
added yesterday3 views

firefox: thunderbird: Mitigation bypass in the DOM: Security component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the DOM: Security component...

6.5CVSS6AI score0.00248EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added yesterday3 views

firefox: thunderbird: Mitigation bypass in the DOM: Security component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the DOM: Security component...

9.1CVSS6AI score0.00251EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added yesterday3 views

firefox: thunderbird: Mitigation bypass in the DOM: Security component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the DOM: Security component...

9.1CVSS6AI score0.00251EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added yesterday4 views

firefox: thunderbird: Mitigation bypass in the DOM: Security component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the DOM: Security component...

6.5CVSS6AI score0.00248EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added yesterday7 views

CVE-2026-15574

A flaw was found in the vllm-orchestrator-gateway component. The system's production binary logs all incoming authorization headers and full chat payloads, which may contain personally identifiable information PII and secrets, to persistent logs. This sensitive data, including bearer tokens and...

7.5CVSS6AI score0.00259EPSS
Exploits0References3
RedHat Linux
RedHat Linux
added yesterday4 views

firefox: thunderbird: Mitigation bypass in the DOM: Security component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the DOM: Security component...

9.1CVSS6AI score0.00251EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added yesterday4 views

firefox: thunderbird: Mitigation bypass in the DOM: Security component

A flaw was found in Firefox and Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: Mitigation bypass in the DOM: Security component...

6.5CVSS6AI score0.00248EPSS
Exploits0References6
Nuclei
Nuclei
added yesterday75 views

Cacti v1.2.8 - Remote Code Execution

Cacti v1.2.8 is susceptible to remote code execution. This vulnerability could be exploited without authentication if "Guest Realtime Graphs" privileges are enabled. id: CVE-2020-8813 info: name: Cacti v1.2.8 - Remote Code Execution author: gy741 severity: high description: Cacti v1.2.8 is...

9.3CVSS6.9AI score0.73779EPSS
Exploits24References5
Nuclei
Nuclei
added yesterday38 views

Fortinet FortiOS <=5.2.3 - Cross-Site Scripting

Fortinet FortiOS 5.2.x before 5.2.3 contains a cross-site scripting vulnerability in the SSL VPN login page which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. id: CVE-2015-1880 info: name: Fortinet FortiOS =5.2.3 - Cross-Site Scripting author: pikpikcu...

4.3CVSS6.3AI score0.14255EPSS
Exploits0References5
Nuclei
Nuclei
added yesterday108 views

Adobe ColdFusion - Pre-Auth Remote Code Execution

Adobe ColdFusion versions 2018u16 and earlier, 2021u6 and earlier and 2023.0.0.330468 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction. id: CVE-2023-29300 info:...

9.8CVSS7.2AI score0.99988EPSS
Exploits0References5
Nuclei
Nuclei
added yesterday106 views

OURPHP <= 7.2.0 - Cross Site Scripting

OURPHP alertdocument.domain" matchers-condition: and matchers: - type: word part: body words: - "alertdocument.domain...

6.1CVSS6.4AI score0.01173EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday74 views

ATutor < 2.2.1 - Cross Site Scripting

ATutor 2.2.1 was discovered with a vulnerability, a reflected cross-site scripting XSS, in ATtutor 2.2.1 via token body parameter. id: CVE-2023-27008 info: name: ATutor 2.2.1 - Cross Site Scripting author: r3Y3r53 severity: medium description: | ATutor 2.2.1 was discovered with a vulnerability, a...

6.1CVSS6.4AI score0.01499EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday70 views

D-Link D-View 8 v2.0.1.28 - Authentication Bypass

Use of a static key to protect a JWT token used in user authentication can allow an for an authentication bypass in D-Link D-View 8 v2.0.1.28 id: CVE-2023-5074 info: name: D-Link D-View 8 v2.0.1.28 - Authentication Bypass author: DhiyaneshDK severity: critical description: | Use of a static key t...

9.8CVSS6.8AI score0.67914EPSS
Exploits1References4
Nuclei
Nuclei
added yesterday58 views

Emlog Pro v2.1.14 - Cross-Site Scripting

Cross Site Scripting XSS vulnerability in Emlog Pro v2.1.14 via /admin/store.php. id: CVE-2023-41621 info: name: Emlog Pro v2.1.14 - Cross-Site Scripting author: ritikchaddha severity: medium description: | Cross Site Scripting XSS vulnerability in Emlog Pro v2.1.14 via /admin/store.php. impact: ...

6.1CVSS6.4AI score0.01146EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday307 views

Craft CMS - Remote Code Execution via Template Path Manipulation

This template identifies a critical Remote Code Execution RCE vulnerability in Craft CMS, identified as GHSA-2p6p-9rc9-62j9. The vulnerability exists due to improper handling of the --templatesPath query parameter, allowing attackers to execute arbitrary code by referencing malicious Twig...

9.8CVSS7.4AI score0.97446EPSS
Exploits9References5
Nuclei
Nuclei
added yesterday34 views

DomainMOD 4.11.01 - Cross-Site Scripting

DomainMOD 4.11.01 contains a cross-site scripting vulnerability via assets/add/account-owner.php Owner name field. id: CVE-2018-19749 info: name: DomainMOD 4.11.01 - Cross-Site Scripting author: arafatansari severity: medium description: | DomainMOD 4.11.01 contains a cross-site scripting...

4.8CVSS6.3AI score0.03316EPSS
Exploits6References5
Nuclei
Nuclei
added yesterday42 views

GRAND FlAGallery 1.57 - Cross-Site Scripting

A cross-site scripting XSS vulnerability in facebook.php in the GRAND FlAGallery plugin flash-album-gallery before 1.57 for WordPress allows remote attackers to inject arbitrary web script or HTML via the i parameter. id: CVE-2011-4624 info: name: GRAND FlAGallery 1.57 - Cross-Site Scripting...

4.3CVSS6.2AI score0.07062EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday117 views

Piwigo 13.7.0 - SQL Injection

Piwigo is open source photo gallery software. Prior to version 13.8.0, there is a SQL Injection vulnerability in the login of the administrator screen. The SQL statement that acquires the HTTP Header User-Agent is vulnerable at the endpoint that records user information when logging in to the...

9.8CVSS7.2AI score0.97405EPSS
Exploits21References5
Nuclei
Nuclei
added yesterday117 views

WordPress Site Editor <=1.1.1 - Local File Inclusion

WordPress Site Editor through 1.1.1 allows remote attackers to retrieve arbitrary files via the ajaxpath parameter to editor/extensions/pagebuilder/includes/ajaxshortcodepattern.php. id: CVE-2018-7422 info: name: WordPress Site Editor =1.1.1 - Local File Inclusion author: LuskaBol,0x240x23elu...

7.5CVSS7.1AI score0.63102EPSS
Exploits7References5
Nuclei
Nuclei
added yesterday41 views

Joomla! Component Realtyna Translator 1.0.15 - Local File Inclusion

A directory traversal vulnerability in the Realtyna Translator comrealtyna component 1.0.15 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-2682 info: name: Joomla!...

7.5CVSS6.2AI score0.14311EPSS
Exploits2References5
Rows per page
Query Builder