Lucene search
K

24150 matches found

Nuclei
Nuclei
added yesterday63 views

Artica Web Proxy 4.30 - OS Command Injection

Artica Web Proxy 4.30 allows an authenticated remote attacker to inject commands via the service-cmds parameter in cyrus.php. These commands are executed with root privileges via servicecmdspeform. id: CVE-2020-17505 info: name: Artica Web Proxy 4.30 - OS Command Injection author: dwisiswant0...

9CVSS7.1AI score0.82165EPSS
Exploits4References5
Nuclei
Nuclei
added yesterday37 views

Joomla! Component ZiMB Comment 0.8.1 - Local File Inclusion

A directory traversal vulnerability in the ZiMB Comment comzimbcomment component 0.8.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1602 info: name: Joomla! Component...

7.5CVSS6.2AI score0.15695EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday50 views

WordPress Videos sync PDF <=1.7.4 - Local File Inclusion

WordPress Videos sync PDF 1.7.4 and prior does not validate the p parameter before using it in an include statement, which could lead to local file inclusion. id: CVE-2022-1392 info: name: WordPress Videos sync PDF =1.7.5 or apply the vendor-provided patch to mitigate the vulnerability. reference...

7.5CVSS7AI score0.1129EPSS
Exploits2References5
Nuclei
Nuclei
added yesterday37 views

Joomla! Component JProject Manager 1.0 - Local File Inclusion

A directory traversal vulnerability in the Ternaria Informatica JProject Manager comjprojectmanager component 1.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1469 inf...

6.8CVSS6.2AI score0.08163EPSS
Exploits2References5
Nuclei
Nuclei
added yesterday29 views

Razer Sila Gaming Router 2.0.441_api-2.0.418 - Local File Inclusion

Razer Sila Gaming Router 2.0.441api-2.0.418 is vulnerable to local file inclusion which could allow attackers to read arbitrary files. id: CVE-2022-29014 info: name: Razer Sila Gaming Router 2.0.441api-2.0.418 - Local File Inclusion author: edoardottt severity: high description: Razer Sila Gaming...

7.5CVSS7AI score0.10612EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday86 views

Suprema BioStar <2.8.2 - Local File Inclusion

Suprema BioStar before 2.8.2 Video Extension allows remote attackers can read arbitrary files from the server via local file inclusion. id: CVE-2020-15050 info: name: Suprema BioStar 2.8.2 - Local File Inclusion author: gy741 severity: high description: Suprema BioStar before 2.8.2 Video Extensio...

7.5CVSS7.1AI score0.50734EPSS
Exploits4References4
Nuclei
Nuclei
added yesterday26 views

Joomla! Component Love Factory 1.3.4 - Local File Inclusion

A directory traversal vulnerability in the Love Factory comlovefactory component 1.3.4 for Joomla! allows remote attackers to read arbitrary files via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1957 info: name: Joomla! Component Love Factory 1.3.4 - Local File Inclusion...

7.5CVSS6.2AI score0.14847EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday35 views

WordPress Admin Word Count Column 2.2 - Local File Inclusion

The plugin does not validate the path parameter given to readfile, which could allow unauthenticated attackers to read arbitrary files on server running old version of PHP susceptible to the null byte technique. This could also lead to RCE by using a Phar Deserialization technique. id:...

9.8CVSS7.1AI score0.21881EPSS
Exploits2References5
Nuclei
Nuclei
added yesterday92 views

Powertek Firmware <3.30.30 - Authorization Bypass

Powertek firmware multiple brands before 3.30.30 running Power Distribution Units are vulnerable to authorization bypass in the web interface. To exploit the vulnerability, an attacker must send an HTTP packet to the data retrieval interface /cgi/getparam.cgi with the tmpToken cookie set to an...

9.8CVSS6.9AI score0.13425EPSS
Exploits1References5
CVE
CVE
added 2 days ago16 views

CVE-2026-10665

CVE-2026-10665 concerns Zephyr’s WireGuard implementation (subsys/net/lib/wireguard). The flaw: wg_process_data_message() linearizes an inbound payload into a fixed pool buffer, passing the attacker-controlled data_len as both the destination capacity and copy length to net_buf_linearize, ignorin...

7.4CVSS6.2AI score0.00367EPSS
Exploits0References2
EUVD
EUVD
added 4 days ago7 views

EUVD-2026-42706

An Improper Validation of Specified Quantity in Input vulnerability in the Packet Forwarding Engine pfe of Juniper Networks Junos OS on MX Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service DoS. When a specific packet is received from device in the same broadcast...

7.1CVSS6AI score0.00269EPSS
Exploits0References2
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-42707

An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine pfe of Juniper Networks Junos OS on QFX10000 Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service DoS. On all QFX10000 platforms in an EVPN-VxLAN scenario, if an...

7.1CVSS6AI score0.00269EPSS
Exploits0References2
EUVD
EUVD
added 4 days ago8 views

EUVD-2026-42709

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on MX with SPC3 and SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. When an affected device initiates a TCP...

8.2CVSS6AI score0.00405EPSS
Exploits0References2
NVD
NVD
added 5 days ago7 views

CVE-2026-57030

A Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in the packet forwarding engine PFE of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. As part of the stateful...

8.2CVSS0.00381EPSS
Exploits0References1
NVD
NVD
added 5 days ago6 views

CVE-2026-57031

An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine PFE of Juniper Networks Junos OS on MX Series allows adjacent subscribers to bypass configured firewall filters. On MX Series devices with MPC10/11, LC4800/9600, and MX304 with subscribers...

5.3CVSS0.00238EPSS
Exploits0References1
NVD
NVD
added 5 days ago7 views

CVE-2026-57027

A Missing Release of Memory after Effective Lifetime vulnerability in the packet forwarding engine pfe of Juniper Networks Junos OS on specific EX Series devices allows an unauthenticated adjacent attacker to cause a Denial-of-Service DoS.When sFlow is configured in a Virtual Chassis VC scenario...

7.1CVSS0.00269EPSS
Exploits0References1
NVD
NVD
added 5 days ago9 views

CVE-2026-57022

An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS on MX with SPC3 and SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. When an affected device initiates a TCP...

8.2CVSS0.00405EPSS
Exploits0References1
NVD
NVD
added 5 days ago9 views

CVE-2026-57019

An Improper Validation of Specified Quantity in Input vulnerability in the Packet Forwarding Engine pfe of Juniper Networks Junos OS on MX Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service DoS. When a specific packet is received from device in the same broadcast...

7.1CVSS0.00269EPSS
Exploits0References1
NVD
NVD
added 5 days ago6 views

CVE-2026-57020

An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine pfe of Juniper Networks Junos OS on QFX10000 Series allows an unauthenticated, adjacent attacker to cause a Denial-of-Service DoS. On all QFX10000 platforms in an EVPN-VxLAN scenario, if an...

7.1CVSS0.00269EPSS
Exploits0References1
Cvelist
Cvelist
added 5 days ago35 views

CVE-2026-57030 Junos OS: SRX Series: Flow sessions are not getting cleared leading to a DoS

A Concurrent Execution using Shared Resource with Improper Synchronization 'Race Condition' vulnerability in the packet forwarding engine PFE of Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. As part of the stateful...

8.2CVSS0.00381EPSS
Exploits0References1
Rows per page
Query Builder