Lucene search
+L
CvelistMost viewed

367610 matches found

Cvelist
Cvelist
added 2021/09/03 7:25 p.m.166 views

CVE-2021-30616

Chromium: CVE-2021-30616 Use after free in Media...

9.6AI score0.04159EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/08/10 5:43 p.m.166 views

CVE-2020-15658

The code for downloading files did not properly take care of special characters, which led to an attacker being able to cut off the file ending at an earlier position, leading to a different file type being downloaded than shown in the dialog. This vulnerability affects Firefox ESR 78.1, Firefox...

6.6AI score0.01202EPSS
Exploits0References6
Cvelist
Cvelist
added 2013/05/02 2:0 p.m.166 views

CVE-2012-5657

The 1 ZendFeedRss and 2 ZendFeedAtom classes in ZendFeed in Zend Framework 1.11.x before 1.11.15 and 1.12.x before 1.12.1 allow remote attackers to read arbitrary files, send HTTP requests to intranet servers, and possibly cause a denial of service CPU and memory consumption via an XML External...

9.3AI score0.01705EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/03/18 11:11 p.m.165 views

CVE-2026-32255 Kan is Vulnerable to Unauthenticated SSRF via Attachment Download Endpoint

Kan is an open-source project management tool. In versions 0.5.4 and below, the /api/download/attatchment endpoint has no authentication and no URL validation. The Attachment Download endpoint accepts a user-supplied URL query parameter and passes it directly to fetch server-side, and returns the...

8.6CVSS0.10069EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/25 10:19 p.m.165 views

CVE-2026-27577 n8n: Expression Sandbox Escape Leads to RCE

n8n is an open source workflow automation platform. Prior to versions 2.10.1, 2.9.3, and 1.123.22, additional exploits in the expression evaluation of n8n have been identified and patched following CVE-2025-68613. An authenticated user with permission to create or modify workflows could abuse...

9.4CVSS0.1016EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/02/20 10:22 p.m.165 views

CVE-2026-2043 Nagios Host esensors_websensor_configwizard_func Command Injection Remote Code Execution Vulnerability

Nagios Host esensorswebsensorconfigwizardfunc Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Nagios Host. Authentication is required to exploit this vulnerability. The specific flaw exists...

7.2CVSS0.74172EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/27 12:4 p.m.165 views

CVE-2024-42327 SQL injection in user.get API

A non-admin user account on the Zabbix frontend with the default User role, or with any other role that gives API access can exploit this vulnerability. An SQLi exists in the CUser class in the addRelatedObjects function, this function is being called from the CUser.get function which is availabl...

9.9CVSS0.78831EPSS
Exploits13References1
Cvelist
Cvelist
added 2023/04/18 10:53 p.m.165 views

CVE-2023-29527 Code injection from account through AWM view sheet in xwiki platform

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In affected versions a user without script or programming right may edit a user profile or any other document with the wiki editor and add groovy script content. Viewing the document after...

9.9CVSS9.8AI score0.0109EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/04/03 5:3 p.m.164 views

CVE-2026-0545 Missing Authentication for Critical Function in mlflow/mlflow

In mlflow/mlflow, the FastAPI job endpoints under /ajax-api/3.0/jobs/ are not protected by authentication or authorization when the basic-auth app is enabled. This vulnerability affects the latest version of the repository. If job execution is enabled MLFLOWSERVERENABLEJOBEXECUTION=true and any j...

9.1CVSS0.04392EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/12/09 5:19 p.m.164 views

CVE-2025-53679

An improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability CWE-78 vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.2, FortiSandbox 4.4.0 through 4.4.7, FortiSandbox 4.2 all versions, FortiSandbox 4.0 all versions, FortiSandbox Cloud 24.1,...

7.2CVSS0.11196EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/01 12:2 a.m.164 views

CVE-2025-9752 D-Link DIR-852 SOAP Service soap.cgi soapcgi_main os command injection

A security vulnerability has been detected in D-Link DIR-852 1.00CN B09. Impacted is the function soapcgimain of the file soap.cgi of the component SOAP Service. Such manipulation of the argument service leads to os command injection. The attack can be launched remotely. The exploit has been...

7.5CVSS0.15815EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/06/10 7:55 a.m.164 views

CVE-2025-27817 Apache Kafka Client: Arbitrary file read and SSRF vulnerability

A possible arbitrary file read and SSRF vulnerability has been identified in Apache Kafka Client. Apache Kafka Clients accept configuration data for setting the SASL/OAUTHBEARER connection with the brokers, including "sasl.oauthbearer.token.endpoint.url" and "sasl.oauthbearer.jwks.endpoint.url"...

0.63637EPSS
Exploits2References1
Cvelist
Cvelist
added 2019/01/03 7:0 p.m.164 views

CVE-2018-19862

Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP POST request. NOTE: this product is discontinued...

9.8AI score0.12555EPSS
Exploits5References3
Cvelist
Cvelist
added 2026/04/02 1:4 p.m.163 views

CVE-2026-2701 RCE vulnerability in Progress ShareFile Storage Zones Controller (SZC)

Authenticated user can upload a malicious file to the server and execute it, which leads to remote code execution...

9.1CVSS0.4881EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/10/05 8:40 a.m.163 views

CVE-2021-41773 Path traversal and file disclosure vulnerability in Apache HTTP Server 2.4.49

A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default...

8.1AI score0.99992EPSS
Exploits151References29
Cvelist
Cvelist
added 2025/02/27 2:18 a.m.162 views

CVE-2025-21756 vsock: Keep the binding until socket destruction

In the Linux kernel, the following vulnerability has been resolved: vsock: Keep the binding until socket destruction Preserve sockets bindings; this includes both resulting from an explicit bind and those implicitly bound through autobind during connect. Prevents socket unbinding during a transpo...

7.8CVSS0.00844EPSS
Exploits3References7
Cvelist
Cvelist
added 2023/06/07 1:51 a.m.162 views

CVE-2020-36731 Flexible Checkout Fields for WooCommerce <= 2.3.1 - Unauthenticated Arbitrary Plugin Settings Update

The Flexible Checkout Fields for WooCommerce plugin for WordPress is vulnerable to Unauthenticated Arbitrary Plugin Settings update, in addition to Stored Cross-Site Scripting in versions up to, and including, 2.3.1. This is due to missing authorization checks on the updateSettingsAction function...

7.2CVSS6.4AI score0.01342EPSS
Exploits1References3
Cvelist
Cvelist
added 2022/01/14 7:5 p.m.162 views

CVE-2021-44703 Adobe Acrobat Pro DC Stack Overflow Vulnerability Arbitrary code execution

Acrobat Reader DC version 21.007.20099 and earlier, 20.004.30017 and earlier and 17.011.30204 and earlier are affected by a stack buffer overflow vulnerability due to insecure handling of a crafted file, potentially resulting in arbitrary code execution in the context of the current user...

7.8CVSS7.9AI score0.57304EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/06/29 5:33 p.m.162 views

CVE-2020-14145

The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts where no host key for the server has been cached by the client. NOTE: some reports...

5.8AI score0.02057EPSS
Exploits2References8
Cvelist
Cvelist
added 2026/05/15 7:30 a.m.161 views

CVE-2026-8398

A supply chain attack compromised the official installation packages of DAEMON Tools Lite Windows versions 12.5.0.2421 through 12.5.0.2434, distributed from the legitimate website daemon-tools.cc between approximately April 8, 2026, and May 5, 2026. Attackers gained unauthorized access to the...

9.8CVSS0.01456EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/05/04 2:48 p.m.161 views

CVE-2026-29169 Apache HTTP Server: mod_dav_lock indirect lock crash

A NULL pointer dereference in moddavlock in Apache HTTP Server 2.4.66 and earlier may allow an attacker to crash the server with a malicious request.moddavlock is not used internally by moddav or moddavfs. The only known use-case for moddavlock was moddavsvn from Apache Subversion earlier than...

0.00594EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/03 3:45 p.m.161 views

CVE-2026-35216 Budibase: Unauthenticated Remote Code Execution via Webhook Trigger and Bash Automation Step

Budibase is an open-source low-code platform. Prior to version 3.33.4, an unauthenticated attacker can achieve Remote Code Execution RCE on the Budibase server by triggering an automation that contains a Bash step via the public webhook endpoint. No authentication is required to trigger the...

9CVSS0.11982EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/05/13 6:52 p.m.160 views

CVE-2026-42031 CKAN: Unauthenticated SQL Injection and Authorization Bypass in `datastore_search_sql`

CKAN is an open-source DMS data management system for powering data hubs and data portals. Prior to 2.10.10 and 2.11.5, a vulnerability in datastoresearchsql allowed attackers to inject SQL in order to gain access to private resources and PostgreSQL system information This vulnerability is fixed ...

8.3CVSS0.01815EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/04 12:37 p.m.160 views

CVE-2026-24072 Apache HTTP Server: mod_rewrite elevation of privileges via ap_expr

An escalation of privilege bug in various modules in Apache HTTP 2.4.66 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

0.00654EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/04/14 9:53 p.m.159 views

CVE-2026-27305 ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)

ColdFusion versions 2023.18, 2025.6 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access sensitive files and directories outsi...

8.6CVSS0.28962EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/09 8:59 p.m.159 views

CVE-2025-47269 code-server session cookie can be extracted by having user visit specially crafted proxy URL

code-server runs VS Code on any machine anywhere through browser access. Prior to version 4.99.4, a maliciously crafted URL using the proxy subpath can result in the attacker gaining access to the session token. Failure to properly validate the port for a proxy request can result in proxying to a...

8.3CVSS0.36027EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/05/03 1:55 a.m.159 views

CVE-2023-27329 Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability

Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious...

7.8CVSS8.2AI score0.03925EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/03/05 7:7 p.m.158 views

CVE-2021-28041

ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an agent to an attacker-controlled host...

7.2AI score0.03422EPSS
Exploits1References9
Cvelist
Cvelist
added 2026/01/20 1:57 p.m.157 views

CVE-2026-22844 Zoom Node Deployments - Command Injection

A Command Injection vulnerability in Zoom Node Multimedia Routers MMRs before version 5.2.1716.0 may allow a meeting participant to conduct remote code execution of the MMR via network access...

9.9CVSS0.12965EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/05 5:33 a.m.157 views

CVE-2024-4295 Email Subscribers by Icegram Express <= 5.7.20 - Unauthenticated SQL Injection via hash

The Email Subscribers by Icegram Express plugin for WordPress is vulnerable to SQL Injection via the ‘hash’ parameter in all versions up to, and including, 5.7.20 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes i...

9.8CVSS9.7AI score0.10161EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/05/03 1:55 a.m.157 views

CVE-2023-27330 Foxit PDF Reader XFA Annotation Use-After-Free Remote Code Execution Vulnerability

Foxit PDF Reader XFA Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a...

7.8CVSS8.2AI score0.03925EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/06/10 11:1 a.m.157 views

CVE-2021-20081

Incomplete List of Disallowed Inputs in ManageEngine ServiceDesk Plus before version 11205 allows a remote, authenticated attacker to execute arbitrary commands with SYSTEM privileges...

7.4AI score0.5242EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/01/10 2:41 a.m.156 views

CVE-2025-61686 React Router has Path Traversal in File Session Storage

React Router is a router for React. In @react-router/node versions 7.0.0 through 7.9.3, @remix-run/deno prior to version 2.17.2, and @remix-run/node prior to version 2.17.2, if createFileSessionStorage is being used from @react-router/node or @remix-run/node/@remix-run/deno in Remix v2 with an...

9.1CVSS0.16104EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/07 5:34 p.m.156 views

CVE-2025-20188

A vulnerability in the Out-of-Band Access Point AP Image Download, the Clean Air Spectral Recording, and the client debug bundles features of Cisco IOS XE Software for Wireless LAN Controllers WLCs could allow an unauthenticated, remote attacker to upload arbitrary files to an affected system. Th...

10CVSS0.17894EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/04/01 4:21 a.m.156 views

CVE-2025-2007 Import Export Suite for CSV and XML Datafeed <= 7.19 - Authenticated (Subscriber+) Arbitrary File Deletion

The Import Export Suite for CSV and XML Datafeed plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the deleteImage function in all versions up to, and including, 7.19. This makes it possible for authenticated attackers, with Subscriber-level...

8.1CVSS0.01058EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/05/03 1:55 a.m.156 views

CVE-2023-27331 Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability

Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious...

7.8CVSS8.2AI score0.03925EPSS
Exploits0References2
Cvelist
Cvelist
added 2013/02/24 8:0 p.m.156 views

CVE-2012-5337

Multiple cross-site scripting XSS vulnerabilities in jforum.page in JForum 2.1.9 allow remote attackers to inject arbitrary web script or HTML via the 1 action, 2 matchtype, 3 sortby, or 4 start parameters...

5.8AI score0.02519EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/19 9:40 a.m.155 views

CVE-2026-45434 Apache OFBiz: Authentication Bypass via Password-Change Logic Flaw Leading to RCE

Improper Authentication vulnerability in Apache OFBiz via Password-Change Logic Flaw Leading to Remote Code Execution This issue affects Apache OFBiz: before 24.09.06. Users are recommended to upgrade to version 24.09.06, which fixes the issue...

0.22876EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/25 7:17 a.m.155 views

CVE-2024-51978 Authentication bypass via default password generation affecting multiple models from Brother Industries, Ltd, Toshiba Tec, and Konica Minolta, Inc.

An unauthenticated attacker who knows the target device's serial number, can generate the default administrator password for the device. An unauthenticated attacker can first discover the target device's serial number via CVE-2024-51977 over HTTP/HTTPS/IPP, or via a PJL request, or via an SNMP...

9.8CVSS0.23635EPSS
Exploits0References10
Cvelist
Cvelist
added 2022/06/06 5:5 p.m.155 views

CVE-2022-1680

An account takeover issue has been discovered in GitLab EE affecting all versions starting from 11.10 before 14.9.5, all versions starting from 14.10 before 14.10.4, all versions starting from 15.0 before 15.0.1. When group SAML SSO is configured, the SCIM feature available only on Premium+...

9.9CVSS9.2AI score0.15471EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/27 3:50 p.m.154 views

CVE-2026-48027 Compromised Nx Console version 18.95.0

Nx Console is the user interface for Nx & Lerna. On 19 May 2026, a malicious version of Nx Console, 18.95.0, was published at 12:30 PM UTC and removed soon after at 12:48 PM UTC, leaving it available for 18 minutes in Visual Studio Marketplace. For OpenVSX, the problem was detected later, and the...

9.3CVSS0.0185EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/04/04 5:54 p.m.154 views

CVE-2024-25693 Portal for ArcGIS has a directory traversal vulnerability.

There is a path traversal in Esri Portal for ArcGIS versions = 11.2. Successful exploitation may allow a remote, authenticated attacker to traverse the file system to access files or execute code outside of the intended directory...

9.9CVSS9.6AI score0.01265EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/15 1:55 p.m.153 views

CVE-2025-53521 BigIP APM Vulnerability

When a BIG-IP APM access policy is configured on a virtual server, specific malicious traffic can lead to Remote Code Execution RCE. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

9.8CVSS0.02213EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/04 7:21 p.m.153 views

CVE-2024-27316 Apache HTTP Server: HTTP/2 DoS by memory exhaustion on endless continuation frames

HTTP/2 incoming headers exceeding the limit are temporarily buffered in nghttp2 in order to generate an informative HTTP 413 response. If a client does not stop sending headers, this leads to memory exhaustion...

7.7AI score0.91327EPSS
Exploits2References5
Cvelist
Cvelist
added 2021/05/27 11:15 a.m.153 views

CVE-2021-22899

A command injection vulnerability exists in Pulse Connect Secure before 9.1R11.4 allows a remote authenticated attacker to perform remote code execution via Windows Resource Profiles Feature...

9AI score0.22343EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 5:4 p.m.152 views

CVE-2026-45657 Windows Kernel Remote Code Execution Vulnerability

...

9.8CVSS0.15478EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/28 1:43 p.m.152 views

CVE-2026-27760 OpenCATS PHP Code Injection via installer AJAX endpoint

OpenCATS prior to commit 3002a29 contains a PHP code injection vulnerability in the installer AJAX endpoint that allows unauthenticated attackers to execute arbitrary code by injecting PHP statements into the databaseConnectivity action parameter. Attackers can break out of the define string...

9.2CVSS0.22189EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/12/18 8:38 p.m.152 views

CVE-2024-45338 Non-linear parsing of case-insensitive content in golang.org/x/net/html

An attacker can craft an input to the Parse functions that would be processed non-linearly with respect to its length, resulting in extremely slow parsing. This could cause a denial of service...

0.00874EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/07/18 9:32 a.m.152 views

CVE-2024-40898 Apache HTTP Server: SSRF with mod_rewrite in server/vhost context on Windows

SSRF in Apache HTTP Server on Windows with modrewrite in server/vhost context, allows to potentially leak NTML hashes to a malicious server via SSRF and malicious requests. Users are recommended to upgrade to version 2.4.62 which fixes this issue...

0.01536EPSS
Exploits5References1
Cvelist
Cvelist
added 2019/11/27 8:36 p.m.152 views

CVE-2011-2523

vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on port 6200/tcp...

9.5AI score0.96184EPSS
Exploits36References6
Total number of security vulnerabilities5000