Lucene search
+L
CvelistMost viewed

366817 matches found

cvelist
cvelist
added 2026/05/11 5:19 p.m.126 views

CVE-2026-7210 The expat and elementtree parsers use insufficient entropy for XML hash-flooding protection

xml.parsers.expat and xml.etree.ElementTree use insufficient entropy for Expat hash-flooding protection, which allows a crafted XML document to trigger hash flooding.\r\n\r\nFully mitigating this vulnerability requires both updating libexpat to 2.8.0 or later and applying this patch...

6.3CVSS0.0079EPSS
Exploits0References7
cvelist
cvelist
added 2026/04/20 1:22 p.m.126 views

CVE-2026-3517 OS Command Injection Remote Code Execution Vulnerability in Progress LoadMaster, ECS Connection Manager, Object Scale Connection Manager & MOVEit WAF

OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an authenticated attacker with “Geo Administration” permissions to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in the 'addcountry' command...

8.4CVSS0.18238EPSS
Exploits0References1
cvelist
cvelist
added 2000/03/22 5:0 a.m.126 views

CVE-1999-0678

A default configuration of Apache on Debian GNU/Linux sets the ServerRoot to /usr/doc, which allows remote users to read documentation files for the entire server...

6.5AI score0.31408EPSS
Exploits0References1
cvelist
cvelist
added 2026/07/08 12:14 a.m.125 views

CVE-2026-60000

sshd in OpenSSH before 10.4 allows remote attackers to cause a denial of service resource consumption from excessive authentication attempts because MaxAuthTries was mishandled for GSSAPIAuthentication...

3.7CVSS0.00407EPSS
Exploits0References3
cvelist
cvelist
added 2026/05/12 3:24 p.m.125 views

CVE-2026-43512 Apache Tomcat: Digest authenticator will authenticate any unknown user

DEPRECATED: Authentication Bypass Issues vulnerability in digest authentication in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117, from 8.5.0 through 8.5.100, from before 7.0.0. Older unsupported...

0.01233EPSS
Exploits1References1
cvelist
cvelist
added 2026/03/10 6:46 p.m.125 views

CVE-2026-27826 MCP Atlassian has SSRF via unvalidated X-Atlassian-Jira-Url / X-Atlassian-Confluence-Url headers

MCP Atlassian is a Model Context Protocol MCP server for Atlassian products Confluence and Jira. Prior to version 0.17.0, an unauthenticated attacker who can reach the mcp-atlassian HTTP endpoint can force the server process to make outbound HTTP requests to an arbitrary attacker-controlled URL b...

8.2CVSS0.14958EPSS
Exploits1References2
cvelist
cvelist
added 2024/05/16 8:46 p.m.125 views

CVE-2024-22476

Improper input validation in some IntelR Neural Compressor software before version 2.5.0 may allow an unauthenticated user to potentially enable escalation of privilege via remote access...

10CVSS9.8AI score0.33357EPSS
Exploits0References1
cvelist
cvelist
added 2024/05/07 2:29 p.m.125 views

CVE-2024-34342 react-pdf's PDF.js vulnerable to arbitrary JavaScript execution upon opening a malicious PDF

react-pdf displays PDFs in React apps. If PDF.js is used to load a malicious PDF, and PDF.js is configured with isEvalSupported set to true which is the default value, unrestricted attacker-controlled JavaScript will be executed in the context of the hosting domain. This vulnerability is fixed in...

7.1CVSS6.9AI score0.01064EPSS
Exploits1References6
cvelist
cvelist
added 2022/06/08 10:0 a.m.125 views

CVE-2022-31813 mod_proxy X-Forwarded-For dropped by hop-by-hop mechanism

Apache HTTP Server 2.4.53 and earlier may not send the X-Forwarded- headers to the origin server based on client side Connection header hop-by-hop mechanism. This may be used to bypass IP based authentication on the origin server/application...

9.9AI score0.0314EPSS
Exploits1References6
cvelist
cvelist
added 2007/11/20 1:0 a.m.125 views

CVE-2004-2756

Cross-site scripting XSS vulnerability in viewtopic.php in Xoops 2.x, possibly 2 through 2.0.5, allows remote attackers to inject arbitrary web script or HTML via the 1 forum and 2 topicid parameters...

5.8AI score0.02205EPSS
Exploits0References2
cvelist
cvelist
added 2025/12/05 1:40 p.m.124 views

CVE-2025-58098 Apache HTTP Server: Server Side Includes adds query string to #exec cmd=...

Apache HTTP Server 2.4.65 and earlier with Server Side Includes SSI enabled and modcgid but not modcgi passes the shell-escaped query string to exec cmd="..." directives. This issue affects Apache HTTP Server before 2.4.66. Users are recommended to upgrade to version 2.4.66, which fixes the issue...

0.01527EPSS
Exploits0References1
cvelist
cvelist
added 2024/11/01 2:17 p.m.124 views

CVE-2024-47308 WordPress Templately plugin <= 3.1.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in WPDeveloper Templately templately.This issue affects Templately: from n/a through = 3.1.2...

6.5CVSS0.01695EPSS
Exploits0References1
cvelist
cvelist
added 2024/11/07 1:21 p.m.123 views

CVE-2024-43425 Moodle: remote code execution via calculated question types

A flaw was found in Moodle. Additional restrictions are required to avoid a remote code execution risk in calculated question types. Note: This requires the capability to add/update questions...

8.1CVSS0.83343EPSS
Exploits8References2
cvelist
cvelist
added 2024/04/04 7:19 p.m.123 views

CVE-2023-38709 Apache HTTP Server: HTTP response splitting

Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58...

7.6AI score0.03914EPSS
Exploits0References9
cvelist
cvelist
added 2005/08/16 4:0 a.m.123 views

CVE-2004-2320

The default configuration of BEA WebLogic Server and Express 8.1 SP2 and earlier, 7.0 SP4 and earlier, 6.1 through SP6, and 5.1 through SP13 responds to the HTTP TRACE request, which can allow remote attackers to steal information using cross-site tracing XST attacks in applications that are...

7.6AI score0.02561EPSS
Exploits0References7
cvelist
cvelist
added 2004/09/01 4:0 a.m.124 views

CVE-2002-1140

The Sun Microsystems RPC library Services for Unix 3.0 Interix SD, as implemented on Microsoft Windows NT4, 2000, and XP, allows remote attackers to cause a denial of service service hang via malformed packet fragments, aka "Improper parameter size check leading to denial of service."...

6.6AI score0.13903EPSS
Exploits0References3
cvelist
cvelist
added 2024/05/02 4:52 p.m.122 views

CVE-2024-2082 EleForms – All In One Form Integration including DB for Elementor <= 2.9.9.7 - Unauthenticated Stored Cross-Site Scripting

The EleForms – All In One Form Integration including DB for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in all versions up to, and including, 2.9.9.7 due to insufficient input sanitization and output escaping. This makes it possible for...

7.2CVSS6.4AI score0.00374EPSS
Exploits0References2
cvelist
cvelist
added 2023/12/18 12:0 a.m.122 views

CVE-2023-51384

In ssh-agent in OpenSSH before 9.6, certain destination constraints can be incompletely applied. When destination constraints are specified during addition of PKCS11-hosted private keys, these constraints are only applied to the first key, even if a PKCS11 token returns multiple keys...

6.3AI score0.00426EPSS
Exploits0References7
cvelist
cvelist
added 2026/02/20 10:22 p.m.121 views

CVE-2026-2041 Nagios Host zabbixagent_configwizard_func Command Injection Remote Code Execution Vulnerability

Nagios Host zabbixagentconfigwizardfunc Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Nagios Host. Authentication is required to exploit this vulnerability. The specific flaw exists within t...

7.2CVSS0.74605EPSS
Exploits0References2
cvelist
cvelist
added 2009/01/15 12:0 a.m.121 views

CVE-2003-1567

The undocumented TRACK method in Microsoft Internet Information Services IIS 5.0 returns the content of the original request in the body of the response, which makes it easier for remote attackers to steal cookies and authentication credentials, or bypass the HttpOnly protection mechanism, by usi...

6.5AI score0.25061EPSS
Exploits1References4
cvelist
cvelist
added 2004/09/01 4:0 a.m.121 views

CVE-2002-1141

An input validation error in the Sun Microsystems RPC library Services for Unix 3.0 Interix SD, as implemented on Microsoft Windows NT4, 2000, and XP, allows remote attackers to cause a denial of service via malformed fragmented RPC client packets, aka "Denial of service by sending an invalid RPC...

6.6AI score0.13903EPSS
Exploits0References3
cvelist
cvelist
added 2026/04/15 4:3 p.m.120 views

CVE-2026-20147 Cisco Identity Services Engine Remote Code Execution Vulnerability

A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to...

9.9CVSS0.11679EPSS
Exploits0References1
cvelist
cvelist
added 2026/01/02 7:11 p.m.120 views

CVE-2026-21445 Langflow Missing Authentication on Critical API Endpoints

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.7.0.dev45, multiple critical API endpoints in Langflow are missing authentication controls. The issue allows any unauthenticated user to access sensitive user conversation data, transaction histories...

9.3CVSS0.20655EPSS
Exploits1References2
cvelist
cvelist
added 2024/05/17 8:48 a.m.120 views

CVE-2024-24882 WordPress LMS by Masteriyo plugin <= 1.7.2 - Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in masteriyo Masteriyo - LMS learning-management-system.This issue affects Masteriyo - LMS: from n/a through = 1.7.2...

9.8CVSS9.6AI score0.02112EPSS
Exploits0References1
cvelist
cvelist
added 2024/04/04 7:20 p.m.120 views

CVE-2024-24795 Apache HTTP Server: HTTP Response Splitting in multiple modules

HTTP Response splitting in multiple modules in Apache HTTP Server allows an attacker that can inject malicious response headers into backend applications to cause an HTTP desynchronization attack. Users are recommended to upgrade to version 2.4.59, which fixes this issue...

7.5AI score0.02874EPSS
Exploits0References1
cvelist
cvelist
added 2019/05/16 6:17 p.m.120 views

CVE-2019-0708

A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka 'Remote Desktop Services Remote Code Execution Vulnerability'...

9.3AI score0.99999EPSS
Exploits123References14
cvelist
cvelist
added 2025/11/07 3:32 a.m.119 views

CVE-2025-64328 FreePBX Administration GUI is Vulnerable to Authenticated Command Injection

FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. In versions 17.0.2.36 and above before 17.0.3, the filestore module within the Administrative interface is vulnerable to a post-authentication command injection by an authenticated known user via the...

8.6CVSS0.84618EPSS
Exploits4References3
cvelist
cvelist
added 2024/07/09 5:3 p.m.119 views

CVE-2024-38081 .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability

...

7.3CVSS0.01292EPSS
Exploits0References1
cvelist
cvelist
added 2023/10/06 6:48 p.m.119 views

CVE-2023-21266

In multiple functions of ActivityManagerService.java, there is a possible way to escape Google Play protection due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8AI score0.00113EPSS
Exploits0References2
cvelist
cvelist
added 2020/06/01 3:28 p.m.119 views

CVE-2020-12062

The scp client in OpenSSH 8.2 incorrectly sends duplicate responses to the server upon a utimes system call failure, which allows a malicious unprivileged user on the remote server to overwrite arbitrary files in the client's download directory by creating a crafted subdirectory anywhere on the...

7.5AI score0.02267EPSS
Exploits0References4
cvelist
cvelist
added 2025/12/10 12:34 p.m.118 views

CVE-2025-13184 Unauthenticated Telnet enablement via cstecgi.cgi (auth bypass) leading to unauthenticated root login with a blank password

Unauthenticated Telnet enablement via cstecgi.cgi auth bypass leading to unauthenticated root login with a blank password on factory/reset X5000R V9.1.0u.6369B20230113 arbitrary command execution. Earlier versions that share the same implementation, may also be affected...

0.11174EPSS
Exploits1References1
cvelist
cvelist
added 2025/05/08 12:0 a.m.118 views

CVE-2025-45797

TOTOlink A950RG V4.1.2cu.5204B20210112 contains a buffer overflow vulnerability. The vulnerability arises from the improper input validation of the NoticeUrl parameter in the setNoticeCfg interface of /lib/cstemodules/system.so...

0.12876EPSS
Exploits1References1
cvelist
cvelist
added 2024/06/22 5:0 a.m.118 views

CVE-2024-21518

This affects versions of the package opencart/opencart from 4.0.0.0. A Zip Slip issue was identified via the marketplace installer due to improper sanitization of the target path, allowing files within a malicious archive to traverse the filesystem and be extracted to arbitrary locations. An...

7.2CVSS0.14126EPSS
Exploits1References2
cvelist
cvelist
added 2024/05/10 8:32 a.m.118 views

CVE-2024-4444 LearnPress – WordPress LMS Plugin <= 4.2.6.5 - Unauthenticated Bypass to User Registration

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to bypass to user registration in versions up to, and including, 4.2.6.5. This is due to missing checks in the 'createaccount' function in the checkout. This makes it possible for unauthenticated attackers to register as the...

5.3CVSS5.9AI score0.00712EPSS
Exploits1References4
cvelist
cvelist
added 2024/02/05 9:21 p.m.118 views

CVE-2023-6989 Shield Security – Smart Bot Blocking & Intrusion Prevention Security <= 18.5.9 - Unauthenticated Local File Inclusion

The Shield Security – Smart Bot Blocking & Intrusion Prevention Security plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 18.5.9 via the renderactiontemplate parameter. This makes it possible for unauthenticated attacker to include and execute PHP...

9.8CVSS9.8AI score0.56567EPSS
Exploits0References2
cvelist
cvelist
added 2020/03/12 3:48 p.m.118 views

CVE-2020-0796

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 SMBv3 protocol handles certain requests, aka 'Windows SMBv3 Client/Server Remote Code Execution Vulnerability'...

9.9AI score0.9981EPSS
Exploits125References7
cvelist
cvelist
added 2026/05/27 2:34 a.m.117 views

CVE-2026-48961 IO::Compress versions from 2.207 before 2.220 for Perl ship a zipdetails CLI tool that crashes with undefined subroutine on Info-ZIP Unix Extra Field with 8-byte UID or GID

IO::Compress versions from 2.207 before 2.220 for Perl ship a zipdetails CLI tool that crashes with undefined subroutine on Info-ZIP Unix Extra Field with 8-byte UID or GID. When decodeux in bin/zipdetails handles an Info-ZIP Unix Extra Field tag 0x7875 with UID Size or GID Size set to 8, causing...

0.00262EPSS
Exploits0References2
cvelist
cvelist
added 2025/12/05 10:46 a.m.117 views

CVE-2025-65082 Apache HTTP Server: CGI environment variable override

Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache HTTP Server through environment variables set via the Apache configuration unexpectedly superseding variables calculated by the server for CGI programs. This issue affects Apache HTTP Server from 2.4.0 through...

0.00771EPSS
Exploits0References1
cvelist
cvelist
added 2025/07/10 4:53 p.m.117 views

CVE-2024-42516 Apache HTTP Server: HTTP response splitting

HTTP response splitting in the core of Apache HTTP Server allows an attacker who can manipulate the Content-Type response headers of applications hosted or proxied by the server can split the HTTP response. This vulnerability was described as CVE-2023-38709 but the patch included in Apache HTTP...

0.00679EPSS
Exploits0References1
cvelist
cvelist
added 2022/06/08 10:0 a.m.117 views

CVE-2022-30556 Information Disclosure in mod_lua with websockets

Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread that point past the end of the storage allocated for the buffer...

8.9AI score0.04687EPSS
Exploits0References6
cvelist
cvelist
added 2025/12/05 11:2 a.m.116 views

CVE-2025-66200 Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo

moduserdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP Server. Users with access to use the RequestHeader directive in htaccess can cause some CGI scripts to run under an unexpected userid. This issue affects Apache HTTP Server: from 2.4.7 through 2.4.65. Users are...

0.00591EPSS
Exploits0References1
cvelist
cvelist
added 2024/11/13 1:54 a.m.116 views

CVE-2024-39712

Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote code execution...

9.1CVSS0.01744EPSS
Exploits0References1
cvelist
cvelist
added 2024/08/13 5:30 p.m.116 views

CVE-2024-37968 Windows DNS Spoofing Vulnerability

...

7.5CVSS0.01019EPSS
Exploits0References1
cvelist
cvelist
added 2024/07/18 8:33 a.m.116 views

CVE-2024-5555 Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) <= 5.6.5 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Element Pack Elementor Addons Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘social-link-title’ parameter in all versions up to, and including, 5.6.5 due to insufficient input sanitization and...

6.4CVSS0.00499EPSS
Exploits0References3
cvelist
cvelist
added 2023/10/16 7:39 p.m.116 views

CVE-2023-5561 WordPress < 6.3.2 - Unauthenticated Post Author Email Disclosure

WordPress does not properly restrict which user fields are searchable via the REST API, allowing unauthenticated attackers to discern the email addresses of users who have published public posts on an affected website via an Oracle style attack...

5.7AI score0.03862EPSS
Exploits4References3
cvelist
cvelist
added 2023/01/17 7:7 p.m.116 views

CVE-2006-20001 Apache HTTP Server: mod_dav out of bounds read, or write of zero byte

A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool heap memory location beyond the header value sent. This could cause the process to crash. This issue affects Apache HTTP Server 2.4.54 and earlier...

8.4AI score0.03546EPSS
Exploits0References2
cvelist
cvelist
added 2026/03/19 12:0 a.m.115 views

CVE-2026-25667

ASP.NET Core Kestrel in Microsoft .NET 8.0 before 8.0.22 and .NET 9.0 before 9.0.11 allows a remote attacker to cause excessive CPU consumption by sending a crafted QUIC packet, because of an incorrect exit condition for HTTP/3 Encoder/Decoder stream processing...

0.03002EPSS
Exploits1References3
cvelist
cvelist
added 2026/01/28 5:35 p.m.115 views

CVE-2020-36962 Tendenci 12.3.1 - CSV/ Formula Injection

Tendenci 12.3.1 contains a CSV formula injection vulnerability in the contact form message field that allows attackers to inject malicious formulas during export. Attackers can submit crafted payloads like '=10+20+cmd|' /C calc'!A0' in the message field to trigger arbitrary command execution when...

9.8CVSS0.10683EPSS
Exploits1References4
cvelist
cvelist
added 2025/12/05 10:17 a.m.115 views

CVE-2025-59775 Apache HTTP Server: NTLM Leakage on Windows through UNC SSRF

Server-Side Request Forgery SSRF vulnerability in Apache HTTP Server on Windows with AllowEncodedSlashes On and MergeSlashes Off allows to potentially leak NTLM hashes to a malicious server via SSRF and malicious requests or content Users are recommended to upgrade to version 2.4.66, which fixes...

0.00784EPSS
Exploits0References1
cvelist
cvelist
added 2025/10/07 6:0 a.m.115 views

CVE-2025-10162 OrderConvo < 14 - Unauthenticated Arbitrary File Read

The Admin and Customer Messages After Order for WooCommerce: OrderConvo WordPress plugin before 14 does not validate the path of files to be downloaded, which could allow unauthenticated attacker to read/download arbitrary files via a path traversal attack...

0.03632EPSS
Exploits4References1
Total number of security vulnerabilities5000