Lucene search
K
AttackerkbMost viewed

75081 matches found

ATTACKERKB
ATTACKERKB
added 2019/08/26 12:0 a.m.19 views

CVE-2019-15637

Numerous Tableau products are vulnerable to XXE via a malicious workbook, extension, or data source, leading to information disclosure or a DoS. This affects Tableau Server, Tableau Desktop, Tableau Reader, and Tableau Public Desktop. Recent assessments: ccondon-r7 at July 26, 2024 2:21pm UTC...

8.1CVSS7.1AI score0.14314EPSS
Exploits5References5
ATTACKERKB
ATTACKERKB
added 2018/07/13 7:29 p.m.19 views

CVE-2018-8847

Eaton 9000X DriveA versions 2.0.29 and prior has a stack-based buffer overflow vulnerability, which may allow remote code execution...

9.8CVSS6.5AI score0.06838EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2018/07/13 12:0 a.m.19 views

CVE-2018-14054: LibMP4v2 MP4StringProperty Handling Double Free Vulnerability

LibMP4v2 is an open source MP4 processing library, designed to create and modify MP4 files as defined by ISO-IEC:14496-1:2001 MPEG-4 Systems. Originally discovered by Ruikai Liu, a double free vulnerability was found in the MP4StringProperty code. While parsing MP4 atoms, it is possible to cause ...

9.8CVSS9.1AI score0.02596EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2017/11/06 12:0 a.m.19 views

Samsung SRN-1670D Web Viewer Version 1.0.0.193 Arbitrary File Read and Upload

Samsung NVR Recorder SRN-1670D is a high performance network video recorder. An arbitrary file upload vulnerability was found in the Web Viewer component, which could allow an authenticated user to upload a PHP payload to get code execution. Recent assessments: jvazquez-r7 at September 12, 2019...

8.8CVSS0.8AI score0.51379EPSS
Exploits7References4
ATTACKERKB
ATTACKERKB
added 2017/04/21 12:0 a.m.19 views

CVE-2016-1561

ExaGrid appliances with firmware before 4.8 P26 have a default SSH public key in the authorizedkeys file for root, which allows remote attackers to obtain SSH access by leveraging knowledge of a private key from another installation or a firmware image. Recent assessments: h00die at March 24, 202...

7.5CVSS4.4AI score0.74261EPSS
Exploits4References4
ATTACKERKB
ATTACKERKB
added 2017/03/09 12:0 a.m.19 views

CVE-2017-6526

An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to unauthenticated command execution through an improperly protected administrative web shell cgi-bin/dna/sysAdmin.cgi POST requests. Recent assessments: h00die at March 27, 2020 4:16pm UTC reported: The Admin console...

10CVSS3AI score0.574EPSS
Exploits9References4
ATTACKERKB
ATTACKERKB
added 2016/09/19 12:0 a.m.19 views

CVE-2016-6415

The server IKEv1 implementation in Cisco IOS 12.2 through 12.4 and 15.0 through 15.6, IOS XE through 3.18S, IOS XR 4.3.x and 5.0.x through 5.2.x, and PIX before 7.0 allows remote attackers to obtain sensitive information from device memory via a Security Association SA negotiation request, aka Bu...

7.5CVSS6.4AI score0.87313EPSS
Exploits7References4
ATTACKERKB
ATTACKERKB
added 2014/04/25 12:0 a.m.19 views

CVE-2014-0780

Directory traversal vulnerability in NTWebServer in InduSoft Web Studio 7.1 before SP2 Patch 4 allows remote attackers to read administrative passwords in APP files, and consequently execute arbitrary code, via unspecified web requests. Recent assessments: Assessed Attacker Value: 0 Assessed...

9.8CVSS7AI score0.74548EPSS
Exploits5References7
ATTACKERKB
ATTACKERKB
added 2026/06/29 1:22 p.m.18 views

CVE-2026-13676

fast-uri versions 2.3.1 through 3.1.2 and 4.0.0 fail to canonicalize Unicode IDN hostnames for HTTP-family URLs. The IDN conversion path calls a helper that does not exist on the global URL constructor, silently leaving the host in its original Unicode form while normalize and equal still return...

7.5CVSS5.8AI score0.00312EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/25 1:37 p.m.18 views

CVE-2026-47148

In EmberZNet v9.0.2 and earlier, malformed GetGroupMembership commands can trigger repeated reads past the end of the message payload and terminate the process. These messages must come from a device that has already joined the network, and no information leakage back to the sender was observed...

7.1CVSS5.9AI score0.00249EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/24 1:21 p.m.18 views

CVE-2026-35025

ProFTPD through 1.3.9b and 1.3.10rc2 contains an access control bypass vulnerability that allows authenticated FTP users to circumvent Directory ACL restrictions by prefixing paths with /proc/self/root in the RNFR command handler. Attackers can exploit the unresolved symlink components in...

8.6CVSS5.9AI score0.00331EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/05 7:31 a.m.18 views

CVE-2026-48907

A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated users, ultimately resulting in PHP code upload and execution...

10CVSS5.6AI score0.80425EPSS
Exploits19References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/05 2:14 a.m.18 views

CVE-2026-50593

Graphite before 1.3.15 has an integer underflow and resultant out-of-bounds write via Graphite actions, because slotat does not ensure that an offset is within the allowed slot-map range...

7.3CVSS5.8AI score0.00112EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/02 2:0 a.m.18 views

CVE-2026-10567

A security vulnerability has been detected in 1Panel-dev CordysCRM up to 1.4.1. This impacts the function Save of the file src/main/java/cn/cordys/crm/system/service/ModuleFormService.java of the component ModuleFormController. The manipulation of the argument Description leads to cross site...

5.1CVSS4.1AI score0.00237EPSS
Exploits0References9Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/29 4:58 p.m.18 views

CVE-2026-5768

The Frontier X2 device allows unauthenticated BLE read/write access to critical GATT characteristics without enforcing pairing authentication or authorization. This allows attackers within BLE range to perform unauthorized control of device functions, including starting/stopping activities,...

8.8CVSS5.8AI score0.0028EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/28 7:30 p.m.18 views

CVE-2026-33590

Insecure default settings of Portainer CE grant regular non-admin users privileges that allow host filesystem access and host-level code execution. An authenticated non-administrative user with endpoint access can exploit these settings to read host files or obtain root equivalent access on the...

9.4CVSS5.9AI score0.00452EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/26 9:15 p.m.18 views

CVE-2026-9584

A security vulnerability has been detected in code-projects Project Management System 1.0. Affected is an unknown function of the file chk.php of the component Login. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed publicly a...

7.5CVSS6.8AI score0.00254EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/26 8:59 p.m.18 views

CVE-2026-47672

epa4all-client is the Java Client for epa4all / ePA 3.0 in the Telematik Infrastruktur. In 1.2.4 and earlier, any network-reachable caller can write arbitrary documents to any patient's electronic health record accessible by the institution's SMC-B card. In a misconfigured deployment e.g.,...

6.5CVSS5.9AI score0.00162EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/26 11:45 a.m.18 views

CVE-2026-9541

A security flaw has been discovered in Squirrel up to 3.2. Impacted is the function ReadObject of the file squirrel/sqobject.cpp of the component Cnut File Handler. Performing a manipulation results in heap-based buffer overflow. The attack is only possible with local access. The exploit has been...

5.3CVSS6.1AI score0.0017EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/05/25 5:15 p.m.18 views

CVE-2026-9477

A security flaw has been discovered in Totolink A8000RU 7.1cu.643b20200521. This issue affects the function setAccessDeviceCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Performing a manipulation of the argument mac results in os command injection. The attack is...

10CVSS5.6AI score0.01909EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/25 5:0 p.m.18 views

CVE-2026-9476

A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. This vulnerability affects the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument admpass leads to os command injection. The attack can be...

10CVSS7.1AI score0.01909EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/24 10:36 p.m.18 views

CVE-2026-48832

action/cookie.php in ecrire in SPIP before 4.4.15 is prone to an open redirect vulnerability...

3.5CVSS5.8AI score0.00186EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/22 10:18 a.m.18 views

CVE-2026-5755

Mattermost versions 11.6.x = 11.6.0, 11.5.x = 11.5.2, 11.5.x = 11.5.3, 11.4.x = 11.4.4, 10.11.x = 10.11.14 fail to validate the TIFF IFD offset in the image header before allocating memory, which allows authenticated users with file upload or posting permissions to cause a denial of service serve...

6.5CVSS5.8AI score0.00245EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/22 12:0 a.m.18 views

CVE-2026-42627

In Arm ArmNN through 2026-03-27, an integer overflow in TensorShape::GetNumElements in armnn/Tensor.cpp allows a crafted TFLite model file to bypass buffer size validation and trigger a heap-based buffer over-read during model optimization. The overflow occurs when multiplying tensor dimensions...

6AI score0.00132EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/20 3:0 a.m.18 views

CVE-2026-24142

NVIDIA TRT-LLM for any platform contains a deserialization vulnerability and unsafe serialized handle. A successful exploit of this vulnerability might lead to code execution, data tampering, and information disclosure...

6.3CVSS5.9AI score0.00379EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/20 1:25 a.m.18 views

CVE-2026-6400

The Child Height Predictor by Ostheimer plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to and including 1.3. This is due to missing nonce verification in the options function, which handles plugin settings updates. The form template does not include a...

4.3CVSS5.7AI score0.00163EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/05/20 1:25 a.m.18 views

CVE-2026-8626

The SponsorMe plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via PHPSELF Parameter in all versions up to, and including, 0.5.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in...

6.1CVSS6AI score0.00266EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/19 7:45 a.m.18 views

CVE-2026-44408

There is an unauthorized access vulnerability in ZTE MU5250. Due to improper permission control of the Web interface, an unauthorized attacker can modify configuration through the interface...

6.3CVSS5.8AI score0.00252EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/17 12:30 a.m.18 views

CVE-2026-8724

A security flaw has been discovered in Dataease 2.10.20. Impacted is the function SqlparserUtils.transFilter of the file SqlparserUtils.java of the component Data Dashboard. The manipulation results in sql injection. The attack may be launched remotely. The exploit has been released to the public...

5.8CVSS5.6AI score0.00387EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/05/16 3:25 p.m.18 views

CVE-2020-37242

Supsystic Ultimate Maps 1.1.12 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'sidx' GET parameter. Attackers can send crafted requests to the getListForTbl action with boolean-based blind or...

8.8CVSS6.2AI score0.00276EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/15 4:22 p.m.18 views

CVE-2026-44309

Gitsign is a keyless Sigstore to signing tool for Git commits with your a GitHub / OIDC identity. Prior to 0.16.0, gitsign verify and gitsign verify-tag re-encode commit/tag objects through go-git's EncodeWithoutSignature before checking the signature, instead of verifying against the raw git...

5.3CVSS5.8AI score0.00119EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/14 7:52 p.m.18 views

CVE-2026-8569

Out of bounds write in Codecs in Google Chrome on Mac prior to 148.0.7778.168 allowed a remote attacker to potentially perform a sandbox escape via a crafted video file. Chromium security severity: Medium...

8.3CVSS5.8AI score0.00246EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/11 4:46 p.m.18 views

CVE-2026-45006

OpenClaw before 2026.4.23 contains an improper access control vulnerability in the gateway tool's config.apply and config.patch operations that allows compromised models to write unsafe configuration changes by bypassing an incomplete denylist protection. Attackers can persist malicious config...

8.8CVSS5.8AI score0.00489EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/08 9:40 p.m.18 views

CVE-2026-42209

FlashMQ is a MQTT broker/server, designed for multi-CPU environments. Prior to version 1.26.1, a remote client with retained publish permission can crash the FlashMQ broker when both setretainedmessagedefertimeout and setretainedmessagedefertimeoutspread are configured to non-default values,...

6.5CVSS5.8AI score0.00355EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/15 10:13 a.m.18 views

CVE-2026-28741

Mattermost versions 10.11.x = 10.11.12, 11.5.x = 11.5.0, 11.4.x = 11.4.2, 11.3.x = 11.3.2 fail to validate CSRF tokens on an authentication endpoint which allows an attacker to update a user's authentication method via a CSRF attack by tricking a user into visiting a malicious page. Mattermost...

6.8CVSS5.8AI score0.00129EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/26 8:48 p.m.18 views

CVE-2026-33628

Invoice Ninja is a source-available invoice, quote, project and time-tracking app built with Laravel. Invoice line item descriptions in Invoice Ninja v5.13.0 bypass the XSS denylist filter, allowing stored XSS payloads to execute when invoices are rendered in the PDF preview or client portal. The...

5.4CVSS5.9AI score0.00231EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/17 8:33 a.m.18 views

CVE-2026-1323

The extension fails to properly define allowed classes used when deserializing transport failure metadata. An attacker may exploit this to execute untrusted serialized code. Note that an active exploit requires write access to the directory configured at...

5.2CVSS5.9AI score0.00215EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/16 5:32 p.m.18 views

CVE-2026-4254

A weakness has been identified in Tenda AC8 up to 16.03.50.11. This vulnerability affects the function doSystemCmd of the file /goform/SysToolChangePwd of the component HTTP Endpoint. This manipulation of the argument local2c causes stack-based buffer overflow. The attack can be initiated remotel...

10CVSS8AI score0.00887EPSS
Exploits1References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/13 5:28 p.m.18 views

CVE-2026-29775

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, a client-side heap out-of-bounds read/write occurs in FreeRDP's bitmap cache subsystem due to an off-by-one boundary check in bitmapcacheput. A malicious server can send a CACHEBITMAPORDER Rev1 with cacheId equal to...

5.3CVSS5.8AI score0.00309EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/02 2:23 p.m.18 views

CVE-2024-47886

Chamilo is a learning management system. Chamillo is affected by a post-authentication phar unserialize which leads to a remote code execution RCE within versions 1.11.12 to 1.11.26. By abusing multiple supported features from the virtualization plugin vchamilo, the vulnerability allows an...

8.7CVSS6.7AI score0.00905EPSS
Exploits1References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/01 11:32 a.m.18 views

CVE-2026-3392

A weakness has been identified in FascinatedBox lily up to 2.3. The affected element is the function evaltree of the file src/lilyemitter.c. This manipulation causes null pointer dereference. The attack is restricted to local execution. The exploit has been made available to the public and could ...

5.5CVSS5.6AI score0.00167EPSS
Exploits1References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/21 11:2 p.m.18 views

CVE-2026-2894

A vulnerability was identified in funadmin up to 7.1.0-rc4. Affected by this vulnerability is the function getMember of the file app/frontend/view/login/forget.html. Such manipulation leads to information disclosure. The attack may be launched remotely. The exploit is publicly available and might...

6.9CVSS5.3AI score0.004EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/02/11 8:37 p.m.18 views

CVE-2020-37192

MSN Password Recovery 1.30 contains an XML external entity injection vulnerability that allows attackers to read local system files through crafted XML input. Attackers can exploit the 'Favorites' tab by injecting a malicious XML file that references external entities to retrieve sensitive system...

6.7CVSS5.6AI score0.00207EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/05 11:8 p.m.18 views

CVE-2025-68157

Webpack is a module bundler. From version 5.49.0 to before 5.104.0, when experiments.buildHttp is enabled, webpack’s HTTPS resolver HttpUriPlugin enforces allowedUris only for the initial URL, but does not re-validate allowedUris after following HTTP 30x redirects. As a result, an import that...

3.7CVSS5.4AI score0.002EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/01/15 8:24 p.m.18 views

CVE-2026-21912

A Time-of-check Time-of-use TOCTOU Race Condition vulnerability in the method to collect FPC Ethernet firmware statistics of Juniper Networks Junos OS on MX10k Series allows a local, low-privileged attacker executing the 'show system firmware' CLI command to cause an LC480 or LC2101 line card to...

6.8CVSS5.9AI score0.00103EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2025/07/10 12:0 a.m.18 views

CVE-2025-47812

In Wing FTP Server before 7.4.4. the user and admin web interfaces mishandle '\0' bytes, ultimately allowing injection of arbitrary Lua code into user session files. This can be used to execute arbitrary system commands with the privileges of the FTP service root or SYSTEM by default. This is thu...

10CVSS6.7AI score0.95343EPSS
Exploits23References8
ATTACKERKB
ATTACKERKB
added 2025/05/11 3:15 a.m.18 views

CVE-2025-4527

A security flaw has been discovered in Dígitro NGC Explorer up to 3.44.15/3.48.21. The impacted element is an unknown function of the component Password Transmission Handler. Performing a manipulation results in client-side enforcement of server-side security. The attack can be initiated remotely...

6.3CVSS5.1AI score0.00446EPSS
Exploits0References9Affected Software1
ATTACKERKB
ATTACKERKB
added 2025/04/18 12:0 a.m.18 views

CVE-2025-42599

Active! mail 6 BuildInfo: 6.60.05008561 and earlier contains a stack-based buffer overflow vulnerability. Receiving a specially crafted request created and sent by a remote unauthenticated attacker may lead to arbitrary code execution and/or a denial-of-service DoS condition. Recent assessments:...

9.8CVSS8.4AI score0.03084EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2025/04/07 12:0 a.m.18 views

CVE-2025-3248

Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary code. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Valu...

9.8CVSS8.4AI score0.9999EPSS
Exploits33References5
ATTACKERKB
ATTACKERKB
added 2025/02/12 12:0 a.m.18 views

CVE-2025-0111

An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user. You can greatly reduce the risk of this issue by...

7.1CVSS6.3AI score0.01927EPSS
Exploits0References2
Total number of security vulnerabilities5000