Lucene search
+L
CvelistMost viewed

366848 matches found

Cvelist
Cvelist
added 2026/07/08 12:16 a.m.135 views

CVE-2026-60001

sshd in OpenSSH before 10.4 does not always honor the minimum authentication delay...

6.5CVSS0.00265EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/09 2:27 p.m.135 views

CVE-2026-25089

A improper neutralization of special elements used in an os command 'os command injection' vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox Cloud 5.0.4 through 5.0.5, FortiSandbox PaaS 5.0.4 through 5.0.5 may...

9.8CVSS0.23393EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/25 4:9 p.m.135 views

CVE-2025-53119 Securden Unified PAM Unauthenticated Unrestricted File Upload

An unauthenticated unrestricted file upload vulnerability allows an attacker to upload malicious binaries and scripts to the server...

7.5CVSS0.10973EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/09 5:2 p.m.135 views

CVE-2024-37334 Microsoft OLE DB Driver for SQL Server Remote Code Execution Vulnerability

...

8.8CVSS0.01645EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/02/09 8:14 a.m.135 views

CVE-2024-21762

A out-of-bounds write in Fortinet FortiOS versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, 6.0.0 through 6.0.17, FortiProxy versions 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14, 2.0.0 through 2.0.13, 1.2.0...

9.8CVSS9.8AI score0.83428EPSS
Exploits12References1
Cvelist
Cvelist
added 2023/05/09 6:36 p.m.135 views

CVE-2023-20520

Improper access control settings in ASP Bootloader may allow an attacker to corrupt the return address causing a stack-based buffer overrun potentially leading to arbitrary code execution...

9.8AI score0.00789EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/05/28 9:0 p.m.135 views

CVE-2021-29492 Bypass of path matching rules using escaped slash characters

Envoy is a cloud-native edge/middle/service proxy. Envoy does not decode escaped slash sequences %2F and %5C in HTTP URL paths in versions 1.18.2 and before. A remote attacker may craft a path with escaped slashes, e.g. /something%2F..%2Fadmin, to bypass access control, e.g. a block on /admin. A...

8.1CVSS8.5AI score0.68383EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/08 12:13 a.m.134 views

CVE-2026-59999

In sshd in OpenSSH before 10.4, DisableForwarding=yes was supposed to take precedence over PermitTunnel=yes, but did not...

5.9CVSS0.0014EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/08 3:22 p.m.134 views

CVE-2026-44185 Apache HTTP Server: Stack Buffer Over-Read in mod_ssl OCSP `send_request`

Buffer Over-read vulnerability in Apache HTTP Server via outbound OCSP requests to an attacker controlled OCSP server This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...

0.00598EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/08 3:12 p.m.134 views

CVE-2026-34356 Apache HTTP Server: ProxyPassReverseCookieMap buffer overflow

Heap-based Buffer Overflow vulnerability in Apache HTTP Server with malicious backend servers and ProxyPassReverseCookie This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67. Users are recommended to upgrade to version 2.4.68, which fixes the issue...

0.00682EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/20 7:16 a.m.134 views

CVE-2026-33057 Mesop Affected by Unauthenticated Remote Code Execution via Test Suite Route /exec-py

Mesop is a Python-based UI framework that allows users to build web applications. In versions 1.2.2 and below, an explicit web endpoint inside the ai/ testing module infrastructure directly ingests untrusted Python code strings unconditionally without authentication measures, yielding standard...

9.8CVSS0.05289EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/10/06 12:0 a.m.134 views

CVE-2025-61984

ssh in OpenSSH before 10.1 allows control characters in usernames that originate from certain possibly untrusted sources, potentially leading to code execution when a ProxyCommand is used. The untrusted sources are the command line and %-sequence expansion of a configuration file. A configuration...

3.6CVSS0.00284EPSS
Exploits2References3
Cvelist
Cvelist
added 2025/05/29 7:6 p.m.134 views

CVE-2025-46701 Apache Tomcat: Security constraint bypass for CGI scripts

Improper Handling of Case Sensitivity vulnerability in Apache Tomcat's GCI servlet allows security constraint bypass of security constraints that apply to the pathInfo component of a URI mapped to the CGI servlet. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.6, from 10.1.0-M1...

0.02736EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/04/24 4:50 p.m.134 views

CVE-2025-31324 Missing Authorization check in SAP NetWeaver (Visual Composer development server)

SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect the confidentiality, integrity, and availabili...

10CVSS0.99406EPSS
Exploits18References2
Cvelist
Cvelist
added 2026/07/08 12:9 a.m.133 views

CVE-2026-59997

internal-sftp in sshd in OpenSSH before 10.4 recognizes only the first 9 command-line arguments, which can be important if a later command-line argument would have helped to ensure the intended security properties of an SFTP connection...

4.2CVSS0.00177EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/08 7:7 a.m.133 views

CVE-2026-41724 VMSA-2026-0004: VMware Cloud Foundation Operations updates address multiple vulnerabilities (CVE-2026-41722, CVE-2026-41723 and CVE-2026-41724)

VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with privileges to create policies, views or text-widgets may be able to inject scripts to perform administrative actions in VMware Cloud Foundation Operations...

8CVSS0.00313EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/02 10:36 a.m.133 views

CVE-2026-0599 Unbounded External Image Fetch in Validation Leads to Resource-Exhaustion DoS in huggingface/text-generation-inference

A vulnerability in huggingface/text-generation-inference version 3.3.6 allows unauthenticated remote attackers to exploit unbounded external image fetching during input validation in VLM mode. The issue arises when the router scans inputs for Markdown image links and performs a blocking HTTP GET...

7.5CVSS0.22494EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/04/17 5:27 p.m.133 views

CVE-2024-2961

The iconv function in the GNU C Library versions 2.39 and older may overflow the output buffer passed to it by up to 4 bytes when converting strings to the ISO-2022-CN-EXT character set, which may be used to crash an application or overwrite a neighbouring variable...

9AI score0.8833EPSS
Exploits16References16
Cvelist
Cvelist
added 2026/06/08 3:10 p.m.132 views

CVE-2026-29170 Apache HTTP Server: mod_proxy_ftp XSS

A cross-site scripting vulnerability exists in modproxyftp's HTML directory list generation in Apache HTTP Server 2.4.67 and earlier when listing FTP directory contents either via forward or reverse proxy configuration. Users are recommended to upgrade to version 2.4.68, which fixes this issue...

0.00504EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/24 4:49 p.m.132 views

CVE-2024-41110 Moby authz zero length regression

Moby is an open-source project created by Docker for software containerization. A security vulnerability has been detected in certain versions of Docker Engine, which could allow an attacker to bypass authorization plugins AuthZ under specific circumstances. The base likelihood of this being...

9.9CVSS0.16496EPSS
Exploits0References12
Cvelist
Cvelist
added 2000/10/13 4:0 a.m.132 views

CVE-2000-0771

Microsoft Windows 2000 allows local users to cause a denial of service by corrupting the local security policy via malformed RPC traffic, aka the "Local Security Policy Corruption" vulnerability...

6.2AI score0.01526EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/09 2:16 p.m.131 views

CVE-2026-10523

An Authentication Bypass vulnerability CWE-288 in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated attacker to create arbitrary administrative accounts and obtain full administrative access...

9.9CVSS0.4719EPSS
Exploits4References1
Cvelist
Cvelist
added 2026/06/08 3:16 p.m.131 views

CVE-2026-43951 Apache HTTP Server: OOB Read in `merge_response_headers` can cause crash

Out-of-bounds Read vulnerability in Apache HTTP Server with modheaders and modmime and multiple response languages. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.67...

0.00525EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/29 9:31 p.m.131 views

CVE-2026-1281

A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution...

9.8CVSS0.81231EPSS
Exploits6References1
Cvelist
Cvelist
added 2025/05/13 12:17 a.m.131 views

CVE-2025-42999 Insecure Deserialization in SAP NetWeaver (Visual Composer development server)

SAP NetWeaver Visual Composer Metadata Uploader is vulnerable when a privileged user can upload untrusted or malicious content which, when deserialized, could potentially lead to a compromise of confidentiality, integrity, and availability of the host system...

9.1CVSS0.12522EPSS
Exploits3References2
Cvelist
Cvelist
added 2024/08/26 4:7 p.m.131 views

CVE-2024-43283 WordPress Contest Gallery plugin <= 23.1.2 - Unauthenticated Comment UserID And IP address Disclosure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery.This issue affects Contest Gallery: from n/a through = 23.1.2...

5.3CVSS0.01104EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/04/29 12:0 a.m.131 views

CVE-2020-11022 jQuery has a potential XSS vulnerability

In jQuery starting with 1.12.0 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods i.e. .html, .append, and others may execute untrusted code. This problem is patched in jQuery 3.5.0...

6.9CVSS7.1AI score0.99019EPSS
Exploits7References47
Cvelist
Cvelist
added 2026/05/22 7:50 a.m.130 views

CVE-2026-8679 AudioIgniter Music Player <= 2.0.2 - Unauthenticated Insecure Direct Object Reference to 'audioigniter_playlist_id' Parameter

The AudioIgniter plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 2.0.2. This is due to the handleplaylistendpoint function hooked to templateredirect accepting a user-controlled playlist ID via the audioigniterplaylistid query var or the...

7.5CVSS0.01508EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/12 3:33 p.m.130 views

CVE-2026-43515 Apache Tomcat: Security constraints not correctly applied

Improper Authorization vulnerability when multiple method constraints define an HTTP method for the same extension in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117, from 8.5.0 through 8.5.100, from...

0.01136EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/05 1:10 p.m.130 views

CVE-2026-29168 Apache HTTP Server: mod_md unrestricted OCSP response

Allocation of Resources Without Limits or Throttling vulnerability in Apache HTTP Server's modmd via OCSP response data. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue...

0.00628EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/14 11:37 a.m.130 views

CVE-2025-47445 WordPress Eventin plugin <= 4.0.26 - Arbitrary File Download Vulnerability

Relative Path Traversal vulnerability in Arraytics Eventin wp-event-solution allows Path Traversal.This issue affects Eventin: from n/a through = 4.0.26...

7.5CVSS0.0465EPSS
Exploits1References1
Cvelist
Cvelist
added 2022/09/19 6:1 p.m.130 views

CVE-2022-40139

Improper validation of some components used by the rollback mechanism in Trend Micro Apex One and Trend Micro Apex One as a Service clients could allow a Apex One server administrator to instruct affected clients to download an unverified rollback package, which could lead to remote code executio...

8.1AI score0.03054EPSS
Exploits0References1
Cvelist
Cvelist
added 2000/02/04 5:0 a.m.130 views

CVE-1999-0524

ICMP information such as 1 netmask and 2 timestamp is allowed from arbitrary hosts...

6.2AI score0.31586EPSS
Exploits2References8
Cvelist
Cvelist
added 2026/05/04 1:7 p.m.129 views

CVE-2026-33857 Apache HTTP Server: Off-by-one OOB reads in AJP getter functions

Out-of-bounds Read vulnerability in modproxyajp of Apache HTTP Server. This issue affects Apache HTTP Server: through 2.4.66. Users are recommended to upgrade to version 2.4.67, which fixes the issue...

0.00393EPSS
Exploits0References1
Cvelist
Cvelist
added 2001/08/29 4:0 a.m.129 views

CVE-2001-0509

Vulnerabilities in RPC servers in 1 Microsoft Exchange Server 2000 and earlier, 2 Microsoft SQL Server 2000 and earlier, 3 Windows NT 4.0, and 4 Windows 2000 allow remote attackers to cause a denial of service via malformed inputs...

7.2AI score0.16975EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/20 1:22 p.m.128 views

CVE-2026-3517 OS Command Injection Remote Code Execution Vulnerability in Progress LoadMaster, ECS Connection Manager, Object Scale Connection Manager & MOVEit WAF

OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an authenticated attacker with “Geo Administration” permissions to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in the 'addcountry' command...

8.4CVSS0.18238EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/22 5:0 a.m.128 views

CVE-2024-21519

This affects versions of the package opencart/opencart from 4.0.0.0. An Arbitrary File Creation issue was identified via the database restoration functionality. By injecting PHP code into the database, an attacker with admin privileges can create a backup file with an arbitrary filename including...

6.6CVSS0.00719EPSS
Exploits1References2
Cvelist
Cvelist
added 2015/01/28 11:0 a.m.128 views

CVE-2015-1419

Unspecified vulnerability in vsftpd 3.0.2 and earlier allows remote attackers to bypass access restrictions via unknown vectors, related to denyfile parsing...

6.4AI score0.06725EPSS
Exploits0References3
Cvelist
Cvelist
added 2004/09/01 4:0 a.m.128 views

CVE-2003-0003

Buffer overflow in the RPC Locator service for Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code via an RPC call to the service containing certain parameter information...

7.5AI score0.4545EPSS
Exploits1References8
Cvelist
Cvelist
added 2026/07/08 12:11 a.m.127 views

CVE-2026-59998

sshd in OpenSSH before 10.4 has an undocumented security-relevant behavior: GSSAPIStrictAcceptorCheck has no value if the server is in Windows Active Directory...

4.8CVSS0.00179EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/07/08 12:7 a.m.127 views

CVE-2026-59996

scp in OpenSSH before 10.4 may place a file in the parent directory of an intended directory when the copy occurs between two remote destinations...

4.2CVSS0.00241EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/10 6:46 p.m.127 views

CVE-2026-27826 MCP Atlassian has SSRF via unvalidated X-Atlassian-Jira-Url / X-Atlassian-Confluence-Url headers

MCP Atlassian is a Model Context Protocol MCP server for Atlassian products Confluence and Jira. Prior to version 0.17.0, an unauthenticated attacker who can reach the mcp-atlassian HTTP endpoint can force the server process to make outbound HTTP requests to an arbitrary attacker-controlled URL b...

8.2CVSS0.14958EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/02/11 3:20 p.m.127 views

CVE-2024-10644

Code injection in Ivanti Connect Secure before version 22.7R2.4 and Ivanti Policy Secure before version 22.7R1.3 allows a remote authenticated attacker with admin privileges to achieve remote code execution...

9.1CVSS0.02317EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/16 6:43 a.m.127 views

CVE-2021-4449 ZoomSounds <= 5.96 - Unauthenticated Arbitrary File Upload

The ZoomSounds plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'savepng.php' file in versions up to, and including, 5.96. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may...

9.8CVSS0.05288EPSS
Exploits2References6
Cvelist
Cvelist
added 2024/10/02 4:53 p.m.127 views

CVE-2024-20432 Cisco Nexus Dashboard Fabric Controller Web UI Command Injection Vulnerability

A vulnerability in the REST API and web UI of Cisco Nexus Dashboard Fabric Controller NDFC could allow an authenticated, low-privileged, remote attacker to perform a command injection attack against an affected device. This vulnerability is due to improper user authorization and insufficient...

9.9CVSS0.01142EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/01 9:15 p.m.127 views

CVE-2024-39309 ZDI-CAN-23894: Parse Server literalizeRegexPart SQL Injection Authentication Bypass Vulnerability

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. A vulnerability in versions prior to 6.5.7 and 7.1.0 allows SQL injection when Parse Server is configured to use the PostgreSQL database. The algorithm to detect SQL injection has been improved...

9.8CVSS0.20171EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/05/27 4:11 p.m.127 views

CVE-2024-35219 OpenAPI Generator Online - Arbitrary File Read/Delete

OpenAPI Generator allows generation of API client libraries SDK generation, server stubs, documentation and configuration automatically given an OpenAPI Spec. Prior to version 7.6.0, attackers can exploit a path traversal vulnerability to read and delete files and folders from an arbitrary,...

8.3CVSS8.1AI score0.03592EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/10/23 6:51 a.m.127 views

CVE-2023-31122 Apache HTTP Server: mod_macro buffer over-read

Out-of-bounds Read vulnerability in modmacro of Apache HTTP Server.This issue affects Apache HTTP Server: through 2.4.57...

7.9AI score0.02978EPSS
Exploits0References6
Cvelist
Cvelist
added 2022/04/01 10:17 p.m.127 views

CVE-2022-22965

A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution RCE via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e. the default, it is...

8.7AI score0.99677EPSS
Exploits103References8
Cvelist
Cvelist
added 2021/05/18 11:51 a.m.127 views

CVE-2020-25709

A flaw was found in OpenLDAP. This flaw allows an attacker who can send a malicious packet to be processed by OpenLDAP’s slapd server, to trigger an assertion failure. The highest threat from this vulnerability is to system availability...

7.4AI score0.02858EPSS
Exploits0References8
Total number of security vulnerabilities5000