Lucene search
+L
CvelistMost viewed

367071 matches found

Cvelist
Cvelist
added 2024/05/10 8:32 a.m.118 views

CVE-2024-4444 LearnPress – WordPress LMS Plugin <= 4.2.6.5 - Unauthenticated Bypass to User Registration

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to bypass to user registration in versions up to, and including, 4.2.6.5. This is due to missing checks in the 'createaccount' function in the checkout. This makes it possible for unauthenticated attackers to register as the...

5.3CVSS5.9AI score0.00712EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/02/05 9:21 p.m.118 views

CVE-2023-6989 Shield Security – Smart Bot Blocking & Intrusion Prevention Security <= 18.5.9 - Unauthenticated Local File Inclusion

The Shield Security – Smart Bot Blocking & Intrusion Prevention Security plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 18.5.9 via the renderactiontemplate parameter. This makes it possible for unauthenticated attacker to include and execute PHP...

9.8CVSS9.8AI score0.56567EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/01/17 7:7 p.m.118 views

CVE-2006-20001 Apache HTTP Server: mod_dav out of bounds read, or write of zero byte

A carefully crafted If: request header can cause a memory read, or write of a single zero byte, in a pool heap memory location beyond the header value sent. This could cause the process to crash. This issue affects Apache HTTP Server 2.4.54 and earlier...

8.4AI score0.03546EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/27 2:34 a.m.117 views

CVE-2026-48961 IO::Compress versions from 2.207 before 2.220 for Perl ship a zipdetails CLI tool that crashes with undefined subroutine on Info-ZIP Unix Extra Field with 8-byte UID or GID

IO::Compress versions from 2.207 before 2.220 for Perl ship a zipdetails CLI tool that crashes with undefined subroutine on Info-ZIP Unix Extra Field with 8-byte UID or GID. When decodeux in bin/zipdetails handles an Info-ZIP Unix Extra Field tag 0x7875 with UID Size or GID Size set to 8, causing...

0.00262EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/13 6:44 p.m.117 views

CVE-2026-26190 Milvus Allows Unauthenticated Access to Restful API on Metrics Port (9091) Leads to Critical System Compromise

Milvus is an open-source vector database built for generative AI applications. Prior to 2.5.27 and 2.6.10, Milvus exposes TCP port 9091 by default, which enables authentication bypasses. The /expr debug endpoint uses a weak, predictable default authentication token derived from etcd.rootPath...

9.8CVSS0.34346EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/12/15 5:2 a.m.117 views

CVE-2025-14705 Shiguangwu sgwbox N3 SHARESERVER Feature command injection

A vulnerability was determined in Shiguangwu sgwbox N3 2.0.25. This affects an unknown function of the component SHARESERVER Feature. This manipulation of the argument params causes command injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilize...

10CVSS0.14852EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/08/13 5:30 p.m.117 views

CVE-2024-37968 Windows DNS Spoofing Vulnerability

...

7.5CVSS0.01019EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/06/08 10:0 a.m.117 views

CVE-2022-30556 Information Disclosure in mod_lua with websockets

Apache HTTP Server 2.4.53 and earlier may return lengths to applications calling r:wsread that point past the end of the storage allocated for the buffer...

8.9AI score0.04687EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/12/15 5:32 a.m.116 views

CVE-2025-14706 Shiguangwu sgwbox N3 NETREBOOT http_eshell_server command injection

A vulnerability was identified in Shiguangwu sgwbox N3 2.0.25. This impacts an unknown function of the file /usr/sbin/httpeshellserver of the component NETREBOOT Interface. Such manipulation leads to command injection. The attack can be launched remotely. The exploit is publicly available and mig...

10CVSS0.16767EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/12/05 11:2 a.m.116 views

CVE-2025-66200 Apache HTTP Server: mod_userdir+suexec bypass via AllowOverride FileInfo

moduserdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP Server. Users with access to use the RequestHeader directive in htaccess can cause some CGI scripts to run under an unexpected userid. This issue affects Apache HTTP Server: from 2.4.7 through 2.4.65. Users are...

0.00591EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/07 6:0 a.m.116 views

CVE-2025-10162 OrderConvo < 14 - Unauthenticated Arbitrary File Read

The Admin and Customer Messages After Order for WooCommerce: OrderConvo WordPress plugin before 14 does not validate the path of files to be downloaded, which could allow unauthenticated attacker to read/download arbitrary files via a path traversal attack...

0.03632EPSS
Exploits4References1
Cvelist
Cvelist
added 2025/05/14 1:21 p.m.116 views

CVE-2025-3600 Unsafe Reflection Vulnerability in Telerik UI for ASP.NET AJAX

In Progress® Telerik® UI for AJAX, versions 2011.2.712 to 2025.1.218, an unsafe reflection vulnerability exists that may lead to an unhandled exception resulting in a crash of the hosting process and denial of service...

7.5CVSS0.19422EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/13 1:54 a.m.116 views

CVE-2024-39712

Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote code execution...

9.1CVSS0.01744EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/18 8:33 a.m.116 views

CVE-2024-5555 Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) <= 5.6.5 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Element Pack Elementor Addons Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘social-link-title’ parameter in all versions up to, and including, 5.6.5 due to insufficient input sanitization and...

6.4CVSS0.00499EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/10/16 7:39 p.m.116 views

CVE-2023-5561 WordPress < 6.3.2 - Unauthenticated Post Author Email Disclosure

WordPress does not properly restrict which user fields are searchable via the REST API, allowing unauthenticated attackers to discern the email addresses of users who have published public posts on an affected website via an Oracle style attack...

5.7AI score0.03862EPSS
Exploits4References3
Cvelist
Cvelist
added 2026/03/19 12:0 a.m.115 views

CVE-2026-25667

ASP.NET Core Kestrel in Microsoft .NET 8.0 before 8.0.22 and .NET 9.0 before 9.0.11 allows a remote attacker to cause excessive CPU consumption by sending a crafted QUIC packet, because of an incorrect exit condition for HTTP/3 Encoder/Decoder stream processing...

0.03002EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/01/05 2:34 p.m.115 views

CVE-2025-15029 An unauthenticated user is able to introduce SQL Injection using the Awie export module

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Centreon Infra Monitoring Awie export modules allows SQL Injection to unauthenticated user. This issue affects Infra Monitoring: from 25.10.0 before 25.10.2, from 24.10.0 before 24.10.3, from 24.04...

9.8CVSS0.11204EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/18 12:0 a.m.115 views

CVE-2025-63387

Dify v1.9.1 is vulnerable to Insecure Permissions. An unauthenticated attacker can directly send HTTP GET requests to the /console/api/system-features endpoint without any authentication credentials or session tokens. The endpoint fails to implement proper authorization checks, allowing anonymous...

0.28042EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/12/05 10:17 a.m.115 views

CVE-2025-59775 Apache HTTP Server: NTLM Leakage on Windows through UNC SSRF

Server-Side Request Forgery SSRF vulnerability in Apache HTTP Server on Windows with AllowEncodedSlashes On and MergeSlashes Off allows to potentially leak NTLM hashes to a malicious server via SSRF and malicious requests or content Users are recommended to upgrade to version 2.4.66, which fixes...

0.00784EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/16 1:42 p.m.115 views

CVE-2025-53892 Intlify Vue I18n's escapeParameterHtml does not prevent DOM-based XSS via tag attributes like onerror

Vue I18n is the internationalization plugin for Vue.js. The escapeParameterHtml: true option in Vue I18n is designed to protect against HTML/script injection by escaping interpolated parameters. However, starting in version 9.0.0 and prior to versions 9.14.5, 10.0.8, and 11.1.0, this setting fail...

5.3CVSS0.00676EPSS
Exploits0References8
Cvelist
Cvelist
added 2024/05/09 4:14 p.m.115 views

CVE-2024-34351 Next.js Server-Side Request Forgery in Server Actions

Next.js is a React framework that can provide building blocks to create web applications. A Server-Side Request Forgery SSRF vulnerability was identified in Next.js Server Actions. If the Host header is modified, and the below conditions are also met, an attacker may be able to make requests that...

7.5CVSS7.6AI score0.05453EPSS
Exploits3References3
Cvelist
Cvelist
added 2023/01/18 12:0 a.m.115 views

CVE-2023-22809

In Sudo before 1.9.12p2, the sudoedit aka -e feature mishandles extra arguments passed in the user-provided environment variables SUDOEDITOR, VISUAL, and EDITOR, allowing a local attacker to append arbitrary entries to the list of files to process. This can lead to privilege escalation. Affected...

7.9AI score0.55367EPSS
Exploits20References14
Cvelist
Cvelist
added 2000/02/04 5:0 a.m.115 views

CVE-1999-0511

IP forwarding is enabled on a machine which is not a router or firewall...

6.6AI score0.06908EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/03 8:45 a.m.114 views

CVE-2026-7687 langflow-ai langflow Full Builtins code_parser.py CodeParser.parse_callable_details command injection

A vulnerability was determined in langflow-ai langflow up to 1.8.4. Affected by this issue is the function CodeParser.parsecallabledetails of the file src/lfx/src/lfx/custom/codeparser/codeparser.py of the component Full Builtins Module Handler. Executing a manipulation can lead to command...

6.5CVSS0.01666EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/15 6:2 a.m.114 views

CVE-2025-14707 Shiguangwu sgwbox N3 DOCKER Feature http_eshell_server command injection

A security flaw has been discovered in Shiguangwu sgwbox N3 2.0.25. Affected is an unknown function of the file /usr/sbin/httpeshellserver of the component DOCKER Feature. Performing manipulation of the argument params results in command injection. The attack may be initiated remotely. The exploi...

10CVSS0.16767EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/06/03 8:33 p.m.114 views

CVE-2025-49001 Dataease Authentication Bypass Vulnerability

DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.10, secret verification does not take effect successfully, so a user can use any secret to forge a JWT token. The vulnerability has been fixed in v2.10.10. No known workarounds are available...

8.7CVSS0.21265EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/04 11:51 a.m.113 views

CVE-2026-53359 KVM: x86: Fix shadow paging use-after-free due to unexpected role

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix shadow paging use-after-free due to unexpected role Commit 0cb2af2ea66ad "KVM: x86: Fix shadow paging use-after-free due to unexpected GFN" fixed a shadow paging mismatch between stored and computed GFNs; the bug...

0.00176EPSS
Exploits5References6
Cvelist
Cvelist
added 2026/05/08 12:0 a.m.113 views

CVE-2023-42344

Alkacon OpenCms before 10.5.1 allows remote unauthenticated attackers to obtain sensitive information via a cmis-online/query XXE attack on a Chemistry servlet...

0.02231EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/13 2:26 p.m.113 views

CVE-2025-13444 OS Command Injection Remote Code Execution Vulnerability in Progress LoadMaster

OS Command Injection Remote Code Execution Vulnerability in API in Progress LoadMaster allows an authenticated attacker with “User Administration” permissions to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in the API input parameters...

8.4CVSS0.25389EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/01/05 10:6 a.m.113 views

CVE-2025-5965 RCE via the backup feature available only to user with high privilege

In the backup parameters, a user with high privilege is able to concatenate custom instructions to the backup setup. Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability in Centreon Infra Monitoring Backup configuration in the administration setup...

7.2CVSS0.24817EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/28 1:2 p.m.113 views

CVE-2025-15137 TRENDnet TEW-800MB NTPSyncWithHost.cgi sub_F934  command injection

A vulnerability was detected in TRENDnet TEW-800MB 1.0.1.0. Affected by this vulnerability is the function subF934 of the file NTPSyncWithHost.cgi. The manipulation results in command injection. The attack may be launched remotely. The exploit is now public and may be used. The vendor was...

9CVSS0.10346EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/05/13 8:49 p.m.113 views

CVE-2025-43562 ColdFusion | Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') (CWE-78)

ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability that could result in arbitrary code execution in the context of the current user. A high-privileged attacker could...

9.1CVSS0.35482EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/05 6:45 p.m.113 views

CVE-2025-27515 Laravel has a File Validation Bypass

Laravel is a web application framework. When using wildcard validation to validate a given file or image field files., a user-crafted malicious request could potentially bypass the validation rules. This vulnerability is fixed in 11.44.1 and 12.1.1...

6.9CVSS0.00691EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/03/21 10:10 p.m.113 views

CVE-2024-28863 node-tar vulnerable to denial of service while parsing a tar file due to lack of folders count validation

node-tar is a Tar for Node.js. node-tar prior to version 6.2.1 has no limit on the number of sub-folders created in the folder creation process. An attacker who generates a large number of sub-folders can consume memory on the system running node-tar and even crash the Node.js client within few...

6.5CVSS6.5AI score0.00929EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/02/21 3:29 p.m.113 views

CVE-2024-1708 Improper limitation of a pathname to a restricted directory (“path traversal”)

ConnectWise ScreenConnect 23.9.7 and prior are affected by path-traversal vulnerability, which may allow an attacker the ability to execute remote code or directly impact confidential data or critical systems...

8.4CVSS9.5AI score0.87624EPSS
Exploits5References2
Cvelist
Cvelist
added 2023/02/14 7:33 p.m.113 views

CVE-2023-21713 Microsoft SQL Server Remote Code Execution Vulnerability

...

8.8CVSS8.9AI score0.01755EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/12/16 10:35 a.m.113 views

CVE-2020-28458 Prototype Pollution

All versions of package datatables.net are vulnerable to Prototype Pollution due to an incomplete fix for https://snyk.io/vuln/SNYK-JS-DATATABLESNET-598806...

7.3CVSS7.4AI score0.0367EPSS
Exploits2References7
Cvelist
Cvelist
added 2026/01/12 9:29 p.m.112 views

CVE-2025-12420 Unauthenticated Privilege Escalation in ServiceNow AI Platform

A vulnerability has been identified in the ServiceNow AI Platform that could enable an unauthenticated user to impersonate another user and perform the operations that the impersonated user is entitled to perform. ServiceNow has addressed this vulnerability by deploying a relevant security update...

10CVSS0.4549EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/05 9:32 p.m.112 views

CVE-2025-14106 ZSPACE Q2C NAS HTTP POST Request close zfilev2_api.CloseSafe command injection

A vulnerability was identified in ZSPACE Q2C NAS up to 1.1.0210050. Affected is the function zfilev2api.CloseSafe of the file /v2/file/safe/close of the component HTTP POST Request Handler. The manipulation of the argument safedir leads to command injection. The attack is possible to be carried o...

9CVSS0.10859EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/12/25 10:6 a.m.112 views

CVE-2024-52046 Apache MINA: MINA applications using unbounded deserialization may allow RCE

The ObjectSerializationDecoder in Apache MINA uses Java’s native deserialization protocol to process incoming serialized data but lacks the necessary security checks and defenses. This vulnerability allows attackers to exploit the deserialization process by sending specially crafted malicious...

10CVSS0.23932EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/02/05 9:27 p.m.112 views

CVE-2023-6846 File Manager Pro <= 8.3.4 - Authenticated (Subscriber+) Arbitrary File Upload

The File Manager Pro plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 8.3.4 via the mkcheckfilemanagerphpsyntax AJAX function. This makes it possible for authenticated attackers, with subscriber access and above, to execute code on the server...

8.8CVSS8.7AI score0.15871EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/10/18 3:52 a.m.112 views

CVE-2023-38545

This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 bytes. If the host na...

9.7AI score0.78483EPSS
Exploits6References13
Cvelist
Cvelist
added 2022/06/08 10:0 a.m.112 views

CVE-2022-28615 Read beyond bounds in ap_strcmp_match()

Apache HTTP Server 2.4.53 and earlier may crash or disclose information due to a read beyond bounds in apstrcmpmatch when provided with an extremely large input buffer. While no code distributed with the server can be coerced into such a call, third-party modules or lua scripts that use...

9.6AI score0.05729EPSS
Exploits0References6
Cvelist
Cvelist
added 2021/08/16 12:0 a.m.112 views

CVE-2021-33193 Request splitting via HTTP/2 method injection and mod_proxy

A crafted method sent through HTTP/2 will bypass validation and be forwarded by modproxy, which can lead to request splitting or cache poisoning. This issue affects Apache HTTP Server 2.4.17 to 2.4.48...

8AI score0.46179EPSS
Exploits1References13
Cvelist
Cvelist
added 2021/06/10 7:10 a.m.112 views

CVE-2019-17567 mod_proxy_wstunnel tunneling of non Upgraded connections

Apache HTTP Server versions 2.4.6 to 2.4.46 modproxywstunnel configured on an URL that is not necessarily Upgraded by the origin server was tunneling the whole connection regardless, thus allowing for subsequent requests on the same connection to pass through with no HTTP validation, authenticati...

7.4AI score0.60266EPSS
Exploits0References11
Cvelist
Cvelist
added 2026/01/13 2:31 p.m.111 views

CVE-2025-13447 OS Command Injection Remote Code Execution Vulnerability in Progress LoadMaster

OS Command Injection Remote Code Execution Vulnerability in API in Progress LoadMaster allows an authenticated attacker with “User Administration” permissions to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in the API input parameters...

8.4CVSS0.25389EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/05 9:32 p.m.111 views

CVE-2025-14107 ZSPACE Q2C NAS HTTP POST Request status zfilev2_api.SafeStatus command injection

A security flaw has been discovered in ZSPACE Q2C NAS up to 1.1.0210050. Affected by this vulnerability is the function zfilev2api.SafeStatus of the file /v2/file/safe/status of the component HTTP POST Request Handler. The manipulation of the argument safedir results in command injection. The...

9CVSS0.10962EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/07/21 11:33 a.m.111 views

CVE-2025-2301 IDOR in Akbim Software's Online Exam Registration

Authorization Bypass Through User-Controlled Key vulnerability in Akbim Software Online Exam Registration allows Exploitation of Trusted Identifiers. This issue affects Online Exam Registration: before 14.03.2025...

4.4CVSS0.00327EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/07/08 3:2 p.m.111 views

CVE-2025-6770 OS command injection in Ivanti Endpoint Manager

OS command injection in Ivanti Endpoint Manager Mobile EPMM before version 12.5.0.2 allows a remote authenticated attacker with high privileges to achieve remote code execution...

7.2CVSS0.12306EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/21 10:4 p.m.111 views

CVE-2025-34026 Versa Concerto Actuator Authentication Bypass Information Leak

The Versa Concerto SD-WAN orchestration platform is vulnerable to an authentication bypass in the Traefik reverse proxy configuration, allowing at attacker to access administrative endpoints. The internal Actuator endpoint can be leveraged for access to heap dumps and trace logs.This issue is kno...

9.2CVSS0.83479EPSS
Exploits1References1
Total number of security vulnerabilities5000