Lucene search
+L
CvelistMost viewed

367128 matches found

Cvelist
Cvelist
added 2021/01/12 7:41 p.m.150 views

CVE-2021-1636 Microsoft SQL Elevation of Privilege Vulnerability

...

8.8CVSS8.8AI score0.06153EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/08 12:17 a.m.149 views

CVE-2026-60002

ssh in OpenSSH before 10.4 can have a use-after-free when a server changes its host key during a key re-exchange. This outcome occurs only on the client side...

7.7CVSS0.00263EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/20 1:9 p.m.149 views

CVE-2026-45498 Microsoft Defender Denial of Service Vulnerability

...

4CVSS0.63076EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/04/28 1:43 p.m.148 views

CVE-2026-27760 OpenCATS PHP Code Injection via installer AJAX endpoint

OpenCATS prior to commit 3002a29 contains a PHP code injection vulnerability in the installer AJAX endpoint that allows unauthenticated attackers to execute arbitrary code by injecting PHP statements into the databaseConnectivity action parameter. Attackers can break out of the define string...

9.2CVSS0.22189EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/01/22 5:0 a.m.148 views

CVE-2024-21484

Versions of the package jsrsasign before 11.0.0 are vulnerable to Observable Discrepancy via the RSA PKCS1.5 or RSAOAEP decryption process. An attacker can decrypt ciphertexts by exploiting the Marvin security flaw. Exploiting this vulnerability requires the attacker to have access to a large...

7.5CVSS7.6AI score0.0096EPSS
Exploits1References7
Cvelist
Cvelist
added 2021/05/27 11:14 a.m.148 views

CVE-2021-22908

A buffer overflow vulnerability exists in Windows File Resource Profiles in 9.X allows a remote authenticated user with privileges to browse SMB shares to execute arbitrary code as the root user. As of version 9.1R3, this permission is not enabled by default...

9.1AI score0.69377EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/09 5:4 p.m.147 views

CVE-2026-45657 Windows Kernel Remote Code Execution Vulnerability

...

9.8CVSS0.15478EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/08 3:14 p.m.147 views

CVE-2026-42535 Apache HTTP Server: mod_dav_fs protected directory access

A path handling issue in moddavfs in Apache 2.4.67 and earlier allows a WebDAV content author to directly manipulate trusted DAV property databases, potentially causing child process crashes. Users are recommended to upgrade to version 2.4.68, which fixes this issue...

0.00538EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/22 12:0 a.m.147 views

CVE-2024-58274

Hikvision CSMP Comprehensive Security Management Platform iSecure Center through 2024-08-01 allows execution of a command within $ in /center/api/installation/detection JSON data, as exploited in the wild in 2024 and 2025...

8.3CVSS0.17508EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/06/19 2:57 p.m.147 views

CVE-2024-34444 WordPress Slider Revolution plugin < 6.7.0 - Unauthenticated Broken Access Control vulnerability

Missing Authorization vulnerability in ThemePunch OHG Slider Revolution.This issue affects Slider Revolution: from n/a before 6.7.0...

7.1CVSS0.00329EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/10/23 6:50 p.m.146 views

CVE-2025-6978 Diagnostics command injection vulnerability

Diagnostics command injection vulnerability...

7.2CVSS0.11737EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/18 7:48 a.m.146 views

CVE-2025-6023

An open redirect vulnerability has been identified in Grafana OSS that can be exploited to achieve XSS attacks. The vulnerability was introduced in Grafana v11.5.0. The open redirect can be chained with path traversal vulnerabilities to achieve XSS. Fixed in versions 12.0.2+security-01,...

7.6CVSS0.37565EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/07/08 5:57 p.m.146 views

CVE-2024-6409 Openssh: possible remote code execution due to a race condition in signal handling affecting red hat enterprise linux 9

A race condition vulnerability was discovered in how signals are handled by OpenSSH's server sshd. If a remote attacker does not authenticate within a set time period, then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not...

7CVSS0.27935EPSS
Exploits1References9
Cvelist
Cvelist
added 2026/06/08 3:26 p.m.145 views

CVE-2026-49975 Apache HTTP Server: mod_http2 denial of service

Memory Allocation with Excessive Size Value vulnerability in Apache HTTP Server's modhttp leads to denial of service via malicious HTTP requests. This issue affects Apache HTTP Server: from 2.4.17 through 2.4.67...

0.11471EPSS
Exploits8References1
Cvelist
Cvelist
added 2026/05/04 12:39 p.m.145 views

CVE-2026-34059 Apache HTTP Server: mod_proxy_ajp: Heap Over-Read and memory disclosure in ajp_parse_data()

Buffer Over-read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue...

0.00394EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/23 7:13 p.m.145 views

CVE-2026-41268 Flowise: Flowise Parameter Override Bypass Remote Command Execution

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, Flowise is vulnerable to a critical unauthenticated remote command execution RCE vulnerability. It can be exploited via a parameter override bypass using the FILE-STORAGE:: keyword combined wi...

7.7CVSS0.13789EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/11/20 1:32 a.m.145 views

CVE-2025-13442 UTT 进取 750W formPdbUpConfig system command injection

A security vulnerability has been detected in UTT 进取 750W up to 3.2.2-191225. Affected by this vulnerability is the function system of the file /goform/formPdbUpConfig. Such manipulation of the argument policyNames leads to command injection. The attack may be launched remotely. The exploit has...

7.5CVSS0.17978EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/10/21 12:0 a.m.145 views

CVE-2025-60344

A path traversal directory traversal vulnerability in D-Link DSR series routers allows unauthenticated remote attackers to manipulate input parameters used for file or directory path resolution e.g., via sequences such as “../”. Successful exploitation may allow access to files outside of the...

8.6CVSS0.10268EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/14 9:49 a.m.145 views

CVE-2025-55346 Unintended dynamic code execution leads to remote code execution by network attackers

User-controlled input flows to an unsafe implementation of a dynamic Function constructor, allowing network attackers to run arbitrary unsandboxed JS code in the context of the host, by sending a simple POST request...

9.8CVSS0.18448EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/08 3:20 p.m.144 views

CVE-2026-34355 Apache HTTP Server: mod_proxy_html buffer overflow

A buffer overflow in modproxyhtml in Apache HTTP Server 2.4.67 and earlier allows an attack by an untrusted backend. Users are recommended to upgrade to version 2.4.68, which fixes this issue...

0.00937EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/14 12:0 a.m.144 views

CVE-2025-43984

An issue was discovered on KuWFi GC111 devices Hardware Version: CPE-LM321V3.2, Software Version: GC111-GL-LM321V3.020191211. They are vulnerable to unauthenticated /goform/goformsetcmdprocess requests. A crafted POST request, using the SSID parameter, allows remote attackers to execute arbitrary...

0.19452EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/08/14 12:0 a.m.144 views

CVE-2024-53945

The KuWFi 4G AC900 LTE router 1.0.13 is vulnerable to command injection on the HTTP API endpoints /goform/formMultiApnSetting and /goform/atCmd. An authenticated attacker can execute arbitrary OS commands with root privileges via shell metacharacters in parameters such as pincode and cmds...

0.18596EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/06/09 6:36 p.m.144 views

CVE-2024-5585 Command injection via array-ish $command parameter of proc_open() (bypass CVE-2024-1874 fix)

In PHP versions 8.1. before 8.1.29, 8.2. before 8.2.20, 8.3. before 8.3.8, the fix for CVE-2024-1874 does not work if the command name includes trailing spaces. Original issue: when using procopen command with array syntax, due to insufficient escaping, if the arguments of the executed command ar...

7.7CVSS0.28807EPSS
Exploits1References5
Cvelist
Cvelist
added 2021/12/20 12:0 a.m.144 views

CVE-2021-44790 Possible buffer overflow when parsing multipart content in mod_lua of Apache HTTP Server 2.4.51 and earlier

A carefully crafted request body can cause a buffer overflow in the modlua multipart parser r:parsebody called from Lua scripts. The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier...

9.9AI score0.97108EPSS
Exploits4References20
Cvelist
Cvelist
added 2021/06/08 6:37 p.m.144 views

CVE-2021-26472 Unauthenticated remote command execution with SYSTEM privileges in Vembu products

In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 installed on Windows, the http API located at /consumerweb/secure/download.php. Using this command argument an unauthenticated attacker can execute arbitrary OS commands with SYSTEM privileges...

10CVSS10AI score0.02459EPSS
Exploits0References4
Cvelist
Cvelist
added 2021/05/27 11:15 a.m.144 views

CVE-2021-22894

A buffer overflow vulnerability exists in Pulse Connect Secure before 9.1R11.4 allows a remote authenticated attacker to execute arbitrary code as the root user via maliciously crafted meeting room...

9AI score0.41284EPSS
Exploits0References1
Cvelist
Cvelist
added 2012/01/28 2:0 a.m.144 views

CVE-2012-0053

protocol.c in the Apache HTTP Server 2.2.x through 2.2.21 does not properly restrict header information during construction of Bad Request aka 400 error documents, which allows remote attackers to obtain the values of HTTPOnly cookies via vectors involving a 1 long or 2 malformed header in...

8.3AI score0.82756EPSS
Exploits4References45
Cvelist
Cvelist
added 2026/05/04 2:41 p.m.143 views

CVE-2026-33007 Apache HTTP Server: mod_authn_socache crash

A NULL pointer dereference in the modauthnsocache in Apache HTTP Server 2.4.66 and earlier allows an unauthenticated remote user to crash a child process in a caching forward proxy configuration. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

0.00514EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/01 5:10 a.m.143 views

CVE-2025-6507 Deserialization of Untrusted Data in h2oai/h2o-3

A vulnerability in the h2oai/h2o-3 repository allows attackers to exploit deserialization of untrusted data, potentially leading to arbitrary code execution and reading of system files. This issue affects the latest master branch version 3.47.0.99999. The vulnerability arises from the ability to...

9.8CVSS0.12993EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/11/09 12:0 a.m.143 views

CVE-2022-3265

A cross-site scripting issue has been discovered in GitLab CE/EE affecting all versions prior to 15.3.5, 15.4 prior to 15.4.4, and 15.5 prior to 15.5.2. It was possible to exploit a vulnerability in setting the labels colour feature which could lead to a stored XSS that allowed attackers to perfo...

7.3CVSS6.8AI score0.86326EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/09 5:4 p.m.142 views

CVE-2026-45504 Microsoft Exchange Server Elevation of Privilege Vulnerability

...

8.8CVSS0.00465EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/21 3:32 a.m.142 views

CVE-2026-5965 NewSoft|NewSoftOA - OS Command Injection

NewSoftOA developed by NewSoft has an OS Command Injection vulnerability, allowing unauthenticated local attackers to inject arbitrary OS commands and execute them on the server...

9.8CVSS0.01735EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/10 8:32 a.m.142 views

CVE-2024-4434 LearnPress – WordPress LMS Plugin <= 4.2.6.5 - Unauthenticated Time-Based SQL Injection

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to time-based SQL Injection via the ‘termid’ parameter in versions up to, and including, 4.2.6.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This...

9.8CVSS9.9AI score0.36925EPSS
Exploits2References4
Cvelist
Cvelist
added 2024/05/02 4:52 p.m.142 views

CVE-2024-2043 EleForms – All In One Form Integration including DB for Elementor <= 2.9.9.7 - Missing Authorization to Sensitive Information Exposure

The EleForms – All In One Form Integration including DB for Elementor plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check when downloading form submissions in all versions up to, and including, 2.9.9.7. This makes it possible for unauthenticated...

5.3CVSS5.4AI score0.00532EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/08 3:17 p.m.141 views

CVE-2026-44119 Apache HTTP Server: escalation of privilege through expressions in .htaccess in multiple modules

Improper Privilege Management vulnerability in Apache HTTP Server 2.4.67 and earlier allows local .htaccess authors to read files with the privileges of the httpd user. This issue affects Apache HTTP Server: from through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the...

0.00171EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/22 3:43 p.m.141 views

CVE-2025-8677 Resource exhaustion via malformed DNSKEY handling

Querying for records within a specially crafted zone containing certain malformed DNSKEY records can lead to CPU exhaustion. This issue affects BIND 9 versions 9.18.0 through 9.18.39, 9.20.0 through 9.20.13, 9.21.0 through 9.21.12, 9.18.11-S1 through 9.18.39-S1, and 9.20.9-S1 through 9.20.13-S1...

7.5CVSS0.1096EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/24 1:0 a.m.141 views

CVE-2025-34035 EnGenius EnShare IoT Gigabit Cloud Service Command Injection

An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and earlier. The usbinteract.cgi script fails to properly sanitize user input passed to the path parameter, allowing unauthenticated remote attackers to inject arbitrary shell commands. The injected...

10CVSS0.12334EPSS
Exploits2References5
Cvelist
Cvelist
added 2025/04/30 8:0 p.m.141 views

CVE-2025-2082 Tesla Model 3 VCSEC Integer Overflow Remote Code Execution Vulnerability

Tesla Model 3 VCSEC Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Tesla Model 3 vehicles. Authentication is not required to exploit this vulnerability. The specific flaw exists within the VCSEC...

7.5CVSS0.00331EPSS
Exploits2References1
Cvelist
Cvelist
added 2026/06/09 2:27 p.m.140 views

CVE-2026-25089

A improper neutralization of special elements used in an os command 'os command injection' vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox Cloud 5.0.4 through 5.0.5, FortiSandbox PaaS 5.0.4 through 5.0.5 may...

9.8CVSS0.36135EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/04 2:42 p.m.141 views

CVE-2026-33006 Apache HTTP Server: mod_auth_digest timing attack

A timing attack against modauthdigest in Apache HTTP Server 2.4.66 allows a bypass of Digest authentication by a remote attacker. Users are recommended to upgrade to version 2.4.67, which fixes this issue...

0.00557EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/08/25 4:9 p.m.140 views

CVE-2025-53119 Securden Unified PAM Unauthenticated Unrestricted File Upload

An unauthenticated unrestricted file upload vulnerability allows an attacker to upload malicious binaries and scripts to the server...

7.5CVSS0.10973EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/04/29 12:0 a.m.140 views

CVE-2020-11023 Potential XSS vulnerability in jQuery

In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML containing elements from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods i.e. .html, .append, and others may execute untrusted code. This problem is patched in jQuery 3.5.0...

6.9CVSS7.1AI score0.8383EPSS
Exploits6References65
Cvelist
Cvelist
added 2026/06/08 3:23 p.m.139 views

CVE-2026-42536 Apache HTTP Server: mod_xml2enc heap overflow

Heap-based Buffer Overflow vulnerability in Apache HTTP Server with modxml2enc, xml2StartParse, and untrusted content This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...

0.00827EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/04 12:54 p.m.139 views

CVE-2026-34032 Apache HTTP Server: mod_proxy_ajp: Heap Buffer Over-Read Due to Missing Null-Termination Check (ajp_msg_get_string)

Improper Null Termination, Out-of-bounds Read vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue...

0.00485EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/21 9:42 p.m.139 views

CVE-2025-30204 jwt-go allows excessive memory allocation during header parsing

golang-jwt is a Go implementation of JSON Web Tokens. Starting in version 3.2.0 and prior to versions 5.2.2 and 4.5.2, the function parse.ParseUnverified splits via a call to strings.Split its argument which is untrusted data on periods. As a result, in the face of a malicious request whose...

7.5CVSS0.00693EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/02 10:36 a.m.138 views

CVE-2026-0599 Unbounded External Image Fetch in Validation Leads to Resource-Exhaustion DoS in huggingface/text-generation-inference

A vulnerability in huggingface/text-generation-inference version 3.3.6 allows unauthenticated remote attackers to exploit unbounded external image fetching during input validation in VLM mode. The issue arises when the router scans inputs for Markdown image links and performs a blocking HTTP GET...

7.5CVSS0.22494EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/03/19 3:28 p.m.138 views

CVE-2025-1758

Improper Input Validation vulnerability in Progress LoadMaster allows : Buffer OverflowThis issue affects: LoadMaster: 7.2.40.0 and above ECS: All versions Multi-Tenancy: 7.1.35.4 and above...

4.3CVSS0.04791EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/01 6:16 p.m.138 views

CVE-2024-38477 Apache HTTP Server: Crash resulting in Denial of Service in mod_proxy via a malicious request

null pointer dereference in modproxy in Apache HTTP Server 2.4.59 and earlier allows an attacker to crash the server via a malicious request. Users are recommended to upgrade to version 2.4.60, which fixes this issue...

0.03153EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/09 2:16 p.m.137 views

CVE-2026-10523

An Authentication Bypass vulnerability CWE-288 in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated attacker to create arbitrary administrative accounts and obtain full administrative access...

9.9CVSS0.4719EPSS
Exploits4References1
Cvelist
Cvelist
added 2026/05/04 2:40 p.m.137 views

CVE-2026-33523 Apache HTTP Server: multiple modules: HTTP response splitting forwarding malicious status line

HTTP response splitting vulnerability in multiple Apache HTTP Server modules with untrusted or compromised backend servers. This issue affects Apache HTTP Server: from through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue...

0.00436EPSS
Exploits0References1
Total number of security vulnerabilities5000