Lucene search
+L

35094 matches found

EUVD
EUVD
added yesterday3 views

EUVD-2026-45394

A vulnerability was found in RobinHerbots Inputmask up to 5.0.9. Affected by this issue is the function extendDefaults/extendDefinitions/extendAliases in the library lib/dependencyLibs/extend.js of the component Internal Deep Merge Helper. The manipulation results in improperly controlled...

6.5CVSS6.1AI score
Exploits0References7
NVD
NVD
added yesterday4 views

CVE-2026-16150

A vulnerability was found in RobinHerbots Inputmask up to 5.0.9. Affected by this issue is the function extendDefaults/extendDefinitions/extendAliases in the library lib/dependencyLibs/extend.js of the component Internal Deep Merge Helper. The manipulation results in improperly controlled...

6.5CVSS
Exploits0References6
Cvelist
Cvelist
added yesterday9 views

CVE-2026-16151 CartoDB carto-api-client filters.ts addFilter prototype pollution

A vulnerability has been found in CartoDB carto-api-client 0.5.29. This impacts the function addFilter of the file src/filters.ts. Such manipulation of the argument column leads to improperly controlled modification of object prototype attributes. The attack can be executed remotely. The project...

6.5CVSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2024-58362

SurrealDB before 1.5.5 and 2.0.0-beta before 2.0.0-beta.3 accepts an arbitrary object in the signin and signup operations of the RPC API without recursively validating it for non-computed values. When a record access method defines a SIGNIN or SIGNUP query and the RPC API is exposed to untrusted...

8.8CVSS5.5AI score
Exploits0References3
EUVD
EUVD
added yesterday7 views

EUVD-2024-55678

SurrealDB before 1.5.5 and 2.0.0-beta before 2.0.0-beta.3 accepts an arbitrary object in the signin and signup operations of the RPC API without recursively validating it for non-computed values. When a record access method defines a SIGNIN or SIGNUP query and the RPC API is exposed to untrusted...

8.8CVSS5.5AI score
Exploits0References2
Nuclei
Nuclei
added yesterday14 views

Schneider Electric U.motion Builder - SQL Injection

The vulnerability exists within processing of trackimportexport.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the objectid input parameter. id: CVE-2018-7765 info: name: Schneider Electric U.motion...

8.8CVSS8.2AI score0.02917EPSS
Exploits3References2
Nuclei
Nuclei
added yesterday73 views

SugarCRM - Unauthenticated Remote Code Execution via PHP Object Injection

A PHP object injection vulnerability exists in SugarCRM versions prior to 6.5.24, 6.7.13, 7.5.2.5, 7.6.2.2, and 7.7.1.0 due to improper validation of PHP serialized input in the SugarRestSerialize.php script. The vulnerable code fails to sanitize the restdata parameter before passing it to the...

9.3CVSS6.3AI score0.02971EPSS
Exploits0References5
Nuclei
Nuclei
added yesterday14 views

Masteriyo LMS <= 1.7.3 - Insecure Direct Object Reference

Authentication Bypass Using an Alternate Path or Channel vulnerability in Masteriyo Masteriyo - LMS. Unauth access to course progress.This issue affects Masteriyo - LMS: from n/a through 1.7.3. id: CVE-2024-33939 info: name: Masteriyo LMS = 1.7.3 - Insecure Direct Object Reference author:...

5.3CVSS5.2AI score0.00843EPSS
Exploits0References2
Nuclei
Nuclei
added yesterday58 views

SEOPress < 7.9 - Authentication Bypass

The SEOPress WordPress plugin before 7.9 does not properly protect some of its REST API routes, which combined with another Object Injection vulnerability can allow unauthenticated attackers to unserialize malicious gadget chains, compromising the site if a suitable chain is present. id:...

9.8CVSS7.2AI score0.03744EPSS
Exploits1References4
Nuclei
Nuclei
added yesterday127 views

My Geo Posts Free <= 1.2 - PHP Object Injection

The My Geo Posts Free plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 1.2 via deserialization of untrusted input. This makes it possible for unauthenticated attackers to inject a PHP Object. No known POP chain is present in the vulnerable software. If ...

9.8CVSS8.9AI score0.0307EPSS
Exploits0References4
Nuclei
Nuclei
added yesterday133 views

Vendure - Arbitrary File Read

Vendure is an open-source headless commerce platform. Prior to versions 3.0.5 and 2.3.3, a vulnerability in Vendure's asset server plugin allows an attacker to craft a request which is able to traverse the server file system and retrieve the contents of arbitrary files, including sensitive data...

9.1CVSS8.6AI score0.59798EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday47 views

Webmin < 1.920 - Authenticated Remote Code Execution

rpc.cgi in Webmin through 1.920 allows authenticated Remote Code Execution via a crafted object name because unserialisevariable makes an eval call. NOTE: the WebminServersIndex documentation states "RPC can be used to run any command or modify any file on a server, which is why access to it must...

8.8CVSS8.1AI score0.38038EPSS
Exploits4References5
Nuclei
Nuclei
added yesterday22 views

Danswer - Insecure Direct Object Reference

The application does not verify whether the attacker is the creator of the file, allowing the attacker to directly call the GET /api/chat/file/fileid interface to view any user's file. id: CVE-2024-9617 info: name: Danswer - Insecure Direct Object Reference author: s4e-io severity: medium...

6.5CVSS6.4AI score0.01557EPSS
Exploits0
CVE
CVE
added 2 days ago22 views

CVE-2026-54159

CVE-2026-54159 affects PrestaShop ps_facetedsearch module versions 3.0.0 through 4.0.3. The root cause is trusting the value of slider filters (price/weight) from the request URL, storing it in an internal cache, and deserializing it with PHP’s native unserialize(), enabling a crafted object inje...

10CVSS5.7AI score0.00092EPSS
Exploits0References3
NVD
NVD
added 2 days ago6 views

CVE-2026-45162

Pimcore is an Open Source Data & Experience Management Platform. Prior to 11.5.17 LTS and 12.3.7, multiple Pimcore locations call PHP's unserialize on data from database columns and filesystem files without the allowedclasses restriction, including lib/Tool/Authentication.php, models/Site/Dao.php...

8CVSS0.00202EPSS
Exploits0References4
CVE
CVE
added 2 days ago23 views

CVE-2026-45162

Pimcore is affected by unsafe PHP deserialization across multiple locations. Prior to versions 11.5.17 (LTS) and 12.3.7, several Pimcore code paths call unserialize() on data from database columns and filesystem files without restricting allowed_classes, enabling object injection and potential re...

8CVSS6.3AI score0.00202EPSS
Exploits0References4
Cvelist
Cvelist
added 2 days ago33 views

CVE-2026-45162 Pimcore: Unsafe PHP Deserialization in Multiple Locations Without allowed_classes Restriction

Pimcore is an Open Source Data & Experience Management Platform. Prior to 11.5.17 LTS and 12.3.7, multiple Pimcore locations call PHP's unserialize on data from database columns and filesystem files without the allowedclasses restriction, including lib/Tool/Authentication.php, models/Site/Dao.php...

8CVSS0.00202EPSS
Exploits0References4
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-45259

Pimcore is an Open Source Data & Experience Management Platform. Prior to 11.5.17 LTS and 12.3.7, multiple Pimcore locations call PHP's unserialize on data from database columns and filesystem files without the allowedclasses restriction, including lib/Tool/Authentication.php, models/Site/Dao.php...

8CVSS6.3AI score0.00202EPSS
Exploits0References4
NVD
NVD
added 2 days ago5 views

CVE-2026-63099

TheHive through 4.1.24 contains a broken object-level authorization vulnerability in the attachment download endpoints that allows any authenticated user to access attachments belonging to other organizations by supplying a content-hash identifier. Attackers can exploit the missing...

7.1CVSS
Exploits0References2
NVD
NVD
added 2 days ago6 views

CVE-2026-14871

osTicket versions v1.18.3 and v1.17.7 contain a Broken Object Level Authorization BOLA leading to Insecure Direct Object Reference IDOR in the AJAX ticket-management subsystem...

7.1CVSS
Exploits0References5
Rows per page
Query Builder