Lucene search
K
CvelistMost viewed

363414 matches found

Cvelist
Cvelist
added 2007/03/02 7:0 p.m.842 views

CVE-2007-1192

Thomas R. Pasawicz HyperBook Guestbook 1.30 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download an admin password hash via a direct request for data/gbconfiguration.dat...

6.5AI score0.02456EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/12/27 9:44 a.m.610 views

CVE-2024-3393 PAN-OS: Firewall Denial of Service (DoS) in DNS Security Using a Specially Crafted Packet

A Denial of Service vulnerability in the DNS Security feature of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to send a malicious packet through the data plane of the firewall that reboots the firewall. Repeated attempts to trigger this condition will cause the firewall t...

8.7CVSS0.26636EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/28 2:32 a.m.600 views

CVE-2025-8253 code-projects Exam Form Submission delete_s6.php sql injection

A vulnerability was found in code-projects Exam Form Submission 1.0. It has been classified as critical. This affects an unknown part of the file /admin/deletes6.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been...

7.5CVSS0.00479EPSS
Exploits1References5
Cvelist
Cvelist
added 2024/12/17 6:13 p.m.555 views

CVE-2024-51479 Authorization bypass in Next.js

Next.js is a React framework for building full-stack web applications. In affected versions if a Next.js application is performing authorization in middleware based on pathname, it was possible for this authorization to be bypassed for pages directly under the application's root directory. For...

7.5CVSS0.03884EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/19 5:41 p.m.538 views

CVE-2025-13315 Unauthenticated log access in Twonky Server

Twonky Server 8.5.2 on Linux and Windows is vulnerable to an access control flaw. An unauthenticated attacker can bypass web service API authentication controls to leak a log file and read the administrator's username and encrypted password...

9.3CVSS0.31944EPSS
Exploits3References1
Cvelist
Cvelist
added 2025/09/29 11:29 a.m.538 views

CVE-2025-8868 Chef Automate compliance service SQL Injection Vulnerability

In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in the compliance service via improperly neutralized inputs used in an SQL command using a well-known token...

9.8CVSS0.22827EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/10/19 9:30 p.m.529 views

CVE-2020-15261 Unquoted service path vulnerability on Veyon

On Windows the Veyon Service before version 4.4.2 contains an unquoted service path vulnerability, allowing locally authenticated users with administrative privileges to run malicious executables with LocalSystem privileges. Since Veyon users both students and teachers usually don't have...

8CVSS7.8AI score0.11123EPSS
Exploits4References6
Cvelist
Cvelist
added 2024/09/16 3:42 p.m.519 views

CVE-2024-8752 WebIQ 2.15.9 Runtime on Windows - Directory Traversal Vulnerability

The Windows version of WebIQ 2.15.9 is affected by a directory traversal vulnerability that allows remote attackers to read any file on the system...

9.3CVSS0.11759EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/01/14 2:9 p.m.518 views

CVE-2024-48884

A improper limitation of a pathname to a restricted directory 'path traversal' vulnerability in Fortinet FortiManager 7.6.0 through 7.6.1, FortiManager 7.4.1 through 7.4.3, FortiManager Cloud 7.4.1 through 7.4.3, FortiOS 7.6.0, FortiOS 7.4.0 through 7.4.4, FortiOS 7.2.0 through 7.2.9, FortiOS 7.0...

7.5CVSS0.14944EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/08 10:15 p.m.518 views

CVE-2025-0282

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code execution...

9CVSS0.99971EPSS
Exploits13References1
Cvelist
Cvelist
added 2024/06/09 7:55 p.m.519 views

CVE-2024-2408 PHP is vulnerable to the Marvin Attack

The opensslprivatedecrypt function in PHP, when using PKCS1 padding OPENSSLPKCS1PADDING, which is the default, is vulnerable to the Marvin Attack unless it is used with an OpenSSL version that includes the changes from this pull request: https://github.com/openssl/openssl/pull/13817...

0.01158EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/02/10 3:9 p.m.502 views

CVE-2026-1603

An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthenticated attacker to leak specific stored credential data...

8.6CVSS0.81089EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/25 3:56 p.m.492 views

CVE-2025-3928 Commvault Web Server unspecified vulnerability

Commvault Web Server has an unspecified vulnerability that can be exploited by a remote, authenticated attacker. According to the Commvault advisory: "Webservers can be compromised through bad actors creating and executing webshells." Fixed in version 11.36.46, 11.32.89, 11.28.141, and 11.20.217...

8.8CVSS0.01932EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/03/06 10:7 p.m.481 views

CVE-2024-2236 Libgcrypt: vulnerable to marvin attack

A timing-based side-channel flaw was found in libgcrypt's RSA implementation. This issue may allow a remote attacker to initiate a Bleichenbacher-style attack, which can lead to the decryption of RSA ciphertexts...

5.9CVSS5.8AI score0.01114EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/05/28 1:32 p.m.479 views

CVE-2025-48734 Apache Commons BeanUtils: PropertyUtilsBean does not suppresses an enum's declaredClass property by default

Improper Access Control vulnerability in Apache Commons. A special BeanIntrospector class was added in version 1.9.2. This can be used to stop attackers from using the declared class property of Java enum objects to get access to the classloader. However this protection was not enabled by default...

0.01495EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/02/11 3:20 p.m.478 views

CVE-2025-22467

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.6 allows a remote authenticated attacker to achieve remote code execution...

9.9CVSS0.03705EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/02 7:29 a.m.474 views

CVE-2024-53104 media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the frames buffer in...

0.03301EPSS
Exploits1References9
Cvelist
Cvelist
added 2024/09/19 10:51 p.m.472 views

CVE-2024-45410 HTTP client can remove the X-Forwarded headers in Traefik

Traefik is a golang, Cloud Native Application Proxy. When a HTTP request is processed by Traefik, certain HTTP headers such as X-Forwarded-Host or X-Forwarded-Port are added by Traefik before the request is routed to the application. For a HTTP client, it should not be possible to remove or modif...

9.8CVSS0.01513EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/12/31 10:31 a.m.469 views

CVE-2024-12108 WhatsUp Gold - Public API signing key rotation issue

In WhatsUp Gold versions released before 2024.0.2, an attacker can gain access to the WhatsUp Gold server via the public API...

9.6CVSS0.06798EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/03 7:32 p.m.466 views

CVE-2024-34750 Apache Tomcat: HTTP/2 excess header handling DoS

Improper Handling of Exceptional Conditions, Uncontrolled Resource Consumption vulnerability in Apache Tomcat. When processing an HTTP/2 stream, Tomcat did not handle some cases of excessive HTTP headers correctly. This led to a miscounting of active HTTP/2 streams which in turn led to the use of...

0.04602EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/12 4:7 p.m.465 views

CVE-2024-11005

Command injection in Ivanti Connect Secure before version 22.7R2.1 Not Applicable to 9.1Rx and Ivanti Policy Secure before version 22.7R1.1 Not Applicable to 9.1Rx allows a remote authenticated attacker with admin privileges to achieve remote code execution...

9.1CVSS0.01652EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/09/25 4:28 p.m.465 views

CVE-2024-20467

A vulnerability in the implementation of the IPv4 fragmentation reassembly code in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper management of resources during fragment...

8.6CVSS0.0098EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/12 3:57 p.m.463 views

CVE-2024-9420

A use-after-free in Ivanti Connect Secure before version 22.7R2.3 and 9.1R18.9 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker to achieve remote code execution...

0.01436EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/13 1:54 a.m.461 views

CVE-2024-38655

Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.9 and Ivanti Policy Secure before version 22.7R1.1 and 9.1R18.9 allows a remote authenticated attacker with admin privileges to achieve remote code execution...

9.1CVSS0.01744EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/15 2:24 p.m.459 views

CVE-2024-7262 Arbitrary Code Execution in WPS Office

Improper path validation in promecefpluginhost.exe in Kingsoft WPS Office version ranging from 12.2.0.13110 to 12.2.0.16412 exclusive on Windows allows an attacker to load an arbitrary Windows library. The vulnerability was found weaponized as a single-click exploit in the form of a deceptive...

9.3CVSS0.01773EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/10 6:47 p.m.458 views

CVE-2024-11633

Argument injection in Ivanti Connect Secure before version 22.7R2.4 allows a remote authenticated attacker with admin privileges to achieve remote code execution...

9.1CVSS0.01705EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/12 4:6 p.m.457 views

CVE-2024-11006

Command injection in Ivanti Connect Secure before version 22.7R2.1 Not Applicable to 9.1Rx and Ivanti Policy Secure before version 22.7R1.1 Not Applicable to 9.1Rx allows a remote authenticated attacker with admin privileges to achieve remote code execution...

9.1CVSS0.01652EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/12 4:5 p.m.457 views

CVE-2024-11007

Command injection in Ivanti Connect Secure before version 22.7R2.1 Not Applicable to 9.1Rx and Ivanti Policy Secure before version 22.7R1.1 Not Applicable to 9.1Rx allows a remote authenticated attacker with admin privileges to achieve remote code execution...

9.1CVSS0.01652EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/10 6:48 p.m.456 views

CVE-2024-11634

Command injection in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to achieve remote code execution. Not applicable to 9.1Rx...

9.1CVSS0.01847EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/12/10 12:0 a.m.437 views

CVE-2021-44228 Apache Log4j2 JNDI features do not protect against attacker controlled LDAP and other JNDI related endpoints

Apache Log4j2 2.0-beta9 through 2.15.0 excluding security releases 2.12.2, 2.12.3, and 2.3.1 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can control log messages or log message...

9.1AI score0.99999EPSS
Exploits351References51
Cvelist
Cvelist
added 2026/02/10 5:51 p.m.427 views

CVE-2026-21513 MSHTML Framework Security Feature Bypass Vulnerability

...

8.8CVSS0.15384EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/05 12:0 a.m.426 views

CVE-2025-66376

Zimbra Collaboration ZCS 10 before 10.0.18 and 10.1 before 10.1.13 allows Classic UI stored XSS via Cascading Style Sheets CSS @import directives in an HTML e-mail message...

7.2CVSS0.12009EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/02/20 10:12 p.m.416 views

CVE-2026-2033 MLflow Tracking Server Artifact Handler Directory Traversal Remote Code Execution Vulnerability

MLflow Tracking Server Artifact Handler Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MLflow Tracking Server. Authentication is not required to exploit this vulnerability. The specific fla...

8.1CVSS0.01682EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/13 1:54 a.m.411 views

CVE-2024-38656

Argument injection in Ivanti Connect Secure before version 22.7R2.2 and 9.1R18.9 and Ivanti Policy Secure before version 22.7R1.2 allows a remote authenticated attacker with admin privileges to achieve remote code execution...

9.1CVSS0.01744EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/03 10:55 p.m.408 views

CVE-2026-27971 Qwik affected by unauthenticated RCE via server$ Deserialization

Qwik is a performance focused javascript framework. qwik =1.19.0 is vulnerable to RCE due to an unsafe deserialization vulnerability in the server$ RPC mechanism that allows any unauthenticated user to execute arbitrary code on the server with a single HTTP request. Affects any deployment where...

9.2CVSS0.04632EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/20 3:28 p.m.406 views

CVE-2024-56337 Apache Tomcat: RCE due to TOCTOU issue in JSP compilation - CVE-2024-50379 mitigation was incomplete

Time-of-check Time-of-use TOCTOU Race Condition vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.0.97. The following versions were EOL at the time the CVE was created but are known to be...

0.43663EPSS
Exploits13References2
Cvelist
Cvelist
added 2026/03/04 9:24 a.m.405 views

CVE-2023-7337 JS Help Desk – AI-Powered Support & Ticketing System 2.8.2 - Unauthenticated SQL Injection via 'js-support-ticket-token-tkstatus' Cookie

The JS Help Desk – AI-Powered Support & Ticketing System plugin for WordPress is vulnerable to SQL Injection via the 'js-support-ticket-token-tkstatus' cookie in version 2.8.2 due to an incomplete fix for CVE-2023-50839 where a second sink was left with insufficient escaping on the user supplied...

7.5CVSS0.01317EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/06/13 2:5 a.m.400 views

CVE-2024-3922 Dokan Pro <= 3.10.3 - Unauthenticated SQL Injection

The Dokan Pro plugin for WordPress is vulnerable to SQL Injection via the 'code' parameter in all versions up to, and including, 3.10.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

10CVSS0.56209EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/13 8:42 p.m.392 views

CVE-2026-2493 IceWarp collaboration Directory Traversal Information Disclosure Vulnerability

IceWarp collaboration Directory Traversal Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of IceWarp. Authentication is not required to exploit this vulnerability. The specific flaw exists within handling...

7.5CVSS0.03929EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/07/20 12:0 a.m.392 views

CVE-2023-38408

The PKCS11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. Code in /usr/lib is not necessarily safe for loading into ssh-agent. NOTE: this issue exists because o...

8.3AI score0.76768EPSS
Exploits10References20
Cvelist
Cvelist
added 2024/08/13 2:31 a.m.388 views

CVE-2024-7094 JS Help Desk – The Ultimate Help Desk & Support Plugin <= 2.8.6 - Unauthenticated PHP Code Injection to Remote Code Execution

The JS Help Desk – The Ultimate Help Desk & Support Plugin plugin for WordPress is vulnerable to PHP Code Injection leading to Remote Code Execution in all versions up to, and including, 2.8.6 via the 'storeTheme' function. This is due to a lack of sanitization on user-supplied values, which...

9.8CVSS0.37899EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/03/04 6:0 a.m.381 views

CVE-2026-2025 Mail Mint < 1.19.5 - Unauthenticated Emails Disclosure

The Mail Mint WordPress plugin before 1.19.5 does not have authorization in one of its REST API endpoint, allowing unauthenticated users to call it and retrieve the email addresses of users on the blog...

0.01379EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/19 1:45 p.m.379 views

CVE-2025-71260 BMC FootPrints ITSM 20.20.02 <= 20.24.01.001 VIEWSTATE Deserialization RCE

BMC FootPrints ITSM versions 20.20.02 through 20.24.01.001 contain a deserialization of untrusted data vulnerability in the ASP.NET servlet's VIEWSTATE handling that allows authenticated attackers to execute arbitrary code. Attackers can supply crafted serialized objects to the VIEWSTATE paramete...

8.8CVSS0.3436EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/02/06 8:24 a.m.377 views

CVE-2026-21643

An improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet FortiClientEMS 7.4.4 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests...

9.8CVSS0.94085EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/02/26 1:24 a.m.372 views

CVE-2026-1557 WP Responsive Images <= 1.0 - Unauthenticated Path Traversal to Arbitrary File Read via src

The WP Responsive Images plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.0 via the 'src' parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information...

7.5CVSS0.01722EPSS
Exploits0References7
Cvelist
Cvelist
added 2025/02/11 4:50 p.m.364 views

CVE-2025-24472

An Authentication Bypass Using an Alternate Path or Channel vulnerability CWE-288 affecting FortiOS 7.0.0 through 7.0.16 and FortiProxy 7.2.0 through 7.2.12, 7.0.0 through 7.0.19 may allow a remote unauthenticated attacker with prior knowledge of upstream and downstream devices serial numbers to...

8.1CVSS0.02988EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/04 9:14 a.m.360 views

CVE-2025-6205 Missing authorization vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025

A missing authorization vulnerability affecting DELMIA Apriso from Release 2020 through Release 2025 could allow an attacker to gain privileged access to the application...

9.1CVSS0.71059EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/18 7:42 a.m.356 views

CVE-2024-40764

Heap-based buffer overflow vulnerability in the SonicOS IPSec VPN allows an unauthenticated remote attacker to cause Denial of Service DoS...

0.007EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/23 12:0 a.m.354 views

CVE-2022-25369

An issue was discovered in Dynamicweb before 9.12.8. An attacker can add a new administrator user without authentication. This flaw exists due to a logic issue when determining if the setup phases of the product can be run again. Once an attacker is authenticated as the new admin user they have...

0.40739EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/03/11 12:0 a.m.353 views

CVE-2022-0001

Non-transparent sharing of branch predictor selectors between contexts in some IntelR Processors may allow an authorized user to potentially enable information disclosure via local access...

6.9AI score0.00508EPSS
Exploits0References5
Total number of security vulnerabilities5000