Lucene search
K
CvelistMost viewed

366526 matches found

Cvelist
Cvelist
added 2026/05/13 3:8 p.m.102 views

CVE-2026-43479 net: usb: lan78xx: fix WARN in __netif_napi_del_locked on disconnect

In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: fix WARN in netifnapidellocked on disconnect Remove redundant netifnapidel call from disconnect path. A WARN may be triggered in netifnapidellocked during USB device disconnect: WARNING: CPU: 0 PID: 11 at...

0.00112EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/01/12 9:29 p.m.102 views

CVE-2025-12420 Unauthenticated Privilege Escalation in ServiceNow AI Platform

A vulnerability has been identified in the ServiceNow AI Platform that could enable an unauthenticated user to impersonate another user and perform the operations that the impersonated user is entitled to perform. ServiceNow has addressed this vulnerability by deploying a relevant security update...

10CVSS0.4549EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/15 6:2 a.m.102 views

CVE-2025-14707 Shiguangwu sgwbox N3 DOCKER Feature http_eshell_server command injection

A security flaw has been discovered in Shiguangwu sgwbox N3 2.0.25. Affected is an unknown function of the file /usr/sbin/httpeshellserver of the component DOCKER Feature. Performing manipulation of the argument params results in command injection. The attack may be initiated remotely. The exploi...

10CVSS0.16767EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/08/01 8:39 p.m.102 views

CVE-2013-10050 D-Link Devices tools_vct.xgi Authenticated RCE

An OS command injection vulnerability exists in multiple D-Link routers confirmed on DIR-300 rev A v1.05 and DIR-615 rev D v4.13 via the authenticated toolsvct.xgi CGI endpoint. The web interface fails to properly sanitize user-supplied input in the pingIp parameter, allowing attackers with valid...

8.7CVSS0.09637EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/04/30 4:49 p.m.102 views

CVE-2025-3599 Symantec Endpoint Protection Elevation of Privilege

Symantec Endpoint Protection Windows Agent, running an ERASER Engine prior to 119.1.7.8, may be susceptible to an Elevation of Privilege vulnerability, which may allow an attacker to delete resources that are normally protected from an application or user...

6.5CVSS0.00233EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/20 10:9 a.m.102 views

CVE-2024-9362 Directory Traversal in polyaxon/polyaxon

An unauthenticated directory traversal vulnerability exists in Polyaxon, affecting the latest version. This vulnerability allows an attacker to retrieve directory information and file contents from the server without proper authorization, leading to sensitive information disclosure. The issue...

7.5CVSS0.04245EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/15 9:46 p.m.102 views

CVE-2024-4143 Certain HP PC products using AMI BIOS – Buffer Overflow

A potential security vulnerability has been identified in certain HP PC products using AMI BIOS, which might allow arbitrary code execution. AMI has released firmware updates to mitigate this vulnerability...

0.00576EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/09 5:3 p.m.102 views

CVE-2024-38094 Microsoft SharePoint Remote Code Execution Vulnerability

...

7.2CVSS0.47826EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/05/10 2:59 p.m.102 views

CVE-2024-4044 Deserialization of Untrusted Data Vulnerability in FlexLogger and InstrumentStudio

A deserialization of untrusted data vulnerability exists in common code used by FlexLogger and InstrumentStudio that may result in remote code execution. Successful exploitation requires an attacker to get a user to open a specially crafted project file. This vulnerability affects NI FlexLogger...

7.8CVSS8AI score0.14692EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/27 7:55 a.m.102 views

CVE-2024-2398 HTTP/2 push headers memory-leak

When an application tells libcurl it wants to allow HTTP/2 server push, and the amount of received headers for the push surpasses the maximum allowed limit 1000, libcurl aborts the server push. When aborting, libcurl inadvertently does not free all the previously allocated headers and instead lea...

9.6AI score0.36081EPSS
Exploits1References13
Cvelist
Cvelist
added 2023/12/23 1:59 a.m.102 views

CVE-2023-7002 Backup Migration <= 1.3.9 - Authenticated (Admin+) OS Command Injection via url

The Backup Migration plugin for WordPress is vulnerable to OS Command Injection in all versions up to, and including, 1.3.9 via the 'url' parameter. This vulnerability allows authenticated attackers, with administrator-level permissions and above, to execute arbitrary commands on the host operati...

7.2CVSS8.2AI score0.45898EPSS
Exploits1References6
Cvelist
Cvelist
added 2022/06/08 10:0 a.m.102 views

CVE-2022-29404 Denial of service in mod_lua r:parsebody

In Apache HTTP Server 2.4.53 and earlier, a malicious request to a lua script that calls r:parsebody0 may cause a denial of service due to no default limit on possible input size...

8.6AI score0.05678EPSS
Exploits0References6
Cvelist
Cvelist
added 2021/03/22 12:0 p.m.102 views

CVE-2021-26295 RCE vulnerability in latest Apache OFBiz due to Java serialisation using RMI

Apache OFBiz has unsafe deserialization prior to 17.12.06. An unauthenticated attacker can use this vulnerability to successfully take over Apache OFBiz...

9.8AI score0.97822EPSS
Exploits9References13
Cvelist
Cvelist
added 2026/05/26 12:18 a.m.101 views

CVE-2026-9538 Archive::Tar versions before 3.10 for Perl allow memory exhaustion via attacker controlled entry size field in tar header

Archive::Tar versions before 3.10 for Perl allow memory exhaustion via attacker controlled entry size field in tar header. readtar reads each entry's payload with $handle-read$$data, $block, where $block is derived from the entry's 12-byte size field in the tar header with no upper bound on that...

0.00437EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/07 1:15 p.m.101 views

CVE-2026-41490 Dagster Vulnerable to SQL Injection via Dynamic Partition Keys in Database I/O Manager Integrations

Dagster is an orchestration platform for the development, production, and observation of data assets. Prior to Dagster Core version 1.13.1 and prior to Dagster libraries version 0.29.1, the DuckDB, Snowflake, BigQuery, and DeltaLake I/O managers constructed SQL WHERE clauses by interpolating...

8.3CVSS0.00265EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/05/03 3:15 a.m.101 views

CVE-2026-7677 kerwincui FastBee System Notice SysNoticeController.java add cross site scripting

A vulnerability was determined in kerwincui FastBee up to 1.2.1. The impacted element is the function Add of the file springboot/fastbee-admin/src/main/java/com/fastbee/web/controller/system/SysNoticeController.java of the component System Notice Handler. This manipulation of the argument...

5.1CVSS0.00195EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/30 9:26 p.m.101 views

CVE-2026-4257 Contact Form by Supsystic <= 1.7.36 - Unauthenticated Server-Side Template Injection via Prefill Functionality

The Contact Form by Supsystic plugin for WordPress is vulnerable to Server-Side Template Injection SSTI leading to Remote Code Execution RCE in all versions up to, and including, 1.7.36. This is due to the plugin using the Twig TwigLoaderString template engine without sandboxing, combined with th...

9.8CVSS0.41475EPSS
Exploits9References3
Cvelist
Cvelist
added 2026/02/02 10:47 p.m.101 views

CVE-2026-25137 NixOs Odoo database and filestore publicly accessible with default odoo configuration

The NixOs Odoo package is an open source ERP and CRM system. From 21.11 to before 25.11 and 26.05, every NixOS based Odoo setup publicly exposes the database manager without any authentication. This allows unauthorized actors to delete and download the entire database, including Odoos file store...

9.1CVSS0.09528EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/28 1:2 p.m.101 views

CVE-2025-15137 TRENDnet TEW-800MB NTPSyncWithHost.cgi sub_F934  command injection

A vulnerability was detected in TRENDnet TEW-800MB 1.0.1.0. Affected by this vulnerability is the function subF934 of the file NTPSyncWithHost.cgi. The manipulation results in command injection. The attack may be launched remotely. The exploit is now public and may be used. The vendor was...

9CVSS0.10346EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/07/10 4:55 p.m.101 views

CVE-2024-47252 Apache HTTP Server: mod_ssl error log variable escaping

Insufficient escaping of user-supplied data in modssl in Apache HTTP Server 2.4.63 and earlier allows an untrusted SSL/TLS client to insert escape characters into log files in some configurations. In a logging configuration where CustomLog is used with "%varnamex" or "%varnamec" to log variables...

0.00669EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/08 3:2 p.m.101 views

CVE-2025-6770 OS command injection in Ivanti Endpoint Manager

OS command injection in Ivanti Endpoint Manager Mobile EPMM before version 12.5.0.2 allows a remote authenticated attacker with high privileges to achieve remote code execution...

7.2CVSS0.12306EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/21 10:4 p.m.101 views

CVE-2025-34026 Versa Concerto Actuator Authentication Bypass Information Leak

The Versa Concerto SD-WAN orchestration platform is vulnerable to an authentication bypass in the Traefik reverse proxy configuration, allowing at attacker to access administrative endpoints. The internal Actuator endpoint can be leveraged for access to heap dumps and trace logs.This issue is kno...

9.2CVSS0.83479EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/11/19 5:19 p.m.101 views

CVE-2024-53047 mptcp: init: protect sched with rcu_read_lock

In the Linux kernel, the following vulnerability has been resolved: mptcp: init: protect sched with rcureadlock Enabling CONFIGPROVERCULIST with its dependence CONFIGRCUEXPERT creates this splat when an MPTCP socket is created: ============================= WARNING: suspicious RCU usage 6.12.0-rc...

0.00176EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/11/18 11:32 a.m.101 views

CVE-2024-52316 Apache Tomcat: Authentication bypass when using Jakarta Authentication API

Unchecked Error Condition vulnerability in Apache Tomcat. If Tomcat is configured to use a custom Jakarta Authentication formerly JASPIC ServerAuthContext component which may throw an exception during the authentication process without explicitly setting an HTTP status to indicate failure, the...

0.06287EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/10/15 12:0 a.m.101 views

CVE-2024-35584

SQL injection vulnerabilities were discovered in Ajax.php, ForWindow.php, ForExport.php, Modules.php, functions/HackingLogFnc.php in OpenSis Community Edition 9.1 to 8.0, and possibly earlier versions. It is possible for an authenticated user to perform SQL Injection due to the lack to...

0.05695EPSS
Exploits2References1
Cvelist
Cvelist
added 2024/07/09 5:2 p.m.101 views

CVE-2024-38077 Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability

...

9.8CVSS0.75365EPSS
Exploits5References1
Cvelist
Cvelist
added 2024/06/27 10:30 a.m.101 views

CVE-2024-5535 SSL_select_next_proto buffer overread

Issue summary: Calling the OpenSSL API function SSLselectnextproto with an empty supported client protocols buffer may cause a crash or memory contents to be sent to the peer. Impact summary: A buffer overread can have a range of potential consequences such as unexpected application beahviour or ...

0.05582EPSS
Exploits1References7
Cvelist
Cvelist
added 2024/04/09 6:59 p.m.101 views

CVE-2024-2222 Advanced Classifieds & Directory Pro <= 3.0.0 - Missing Authorization to Arbitrary Attachment Deletion

The Advanced Classifieds & Directory Pro plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the ajaxcallbackdeleteattachment function in all versions up to, and including, 3.0.0. This makes it possible for authenticated attackers, with subscriber...

4.3CVSS4.7AI score0.00539EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/03/16 4:26 a.m.101 views

CVE-2024-23523 WordPress Elementor Pro plugin <= 3.19.2 - Contributor+ Arbitrary User Meta Data Retrieval vulnerability

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Elementor Pro.This issue affects Elementor Pro: from n/a through 3.19.2...

6.5CVSS6.6AI score0.00529EPSS
Exploits0References1
Cvelist
Cvelist
added 2013/07/08 10:0 p.m.101 views

CVE-2013-4786

The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol RAKP authentication, which allows remote attackers to obtain password hashes and conduct offline password guessing attacks by obtaining the HMAC from a RAKP message 2 response from a BMC...

7.7AI score0.81802EPSS
Exploits2References7
Cvelist
Cvelist
added 2026/06/09 5:5 p.m.100 views

CVE-2026-50507 Windows BitLocker Security Feature Bypass Vulnerability

...

6.8CVSS0.05011EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/26 12:17 a.m.100 views

CVE-2026-42497 Archive::Tar versions before 3.08 for Perl extract hardlinks to attacker controlled paths outside the extraction directory

Archive::Tar versions before 3.08 for Perl extract hardlinks to attacker controlled paths outside the extraction directory. makespecialfile passes the tar header's linkname to link without validating it against absolute paths or .. segments, creating a hardlink that shares the victim file's inode...

0.00417EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/07 3:47 a.m.100 views

CVE-2026-41674 xmldom: XML injection through unvalidated DocumentType serialization

xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. In @xmldom/xmldom prior to versions 0.9.10 and 0.8.13 and xmldom version 0.6.0 and prior, the package serializes DocumentType node fields internalSubset, publicId, systemId verbatim without any...

8.7CVSS0.00457EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/01/21 7:34 p.m.100 views

CVE-2025-12781 base64.b64decode() always accepts "+/" characters, despite setting altchars

When passing data to the b64decode, standardb64decode, and urlsafeb64decode functions in the "base64" module the characters "+/" will always be accepted, regardless of the value of "altchars" parameter, typically used to establish an "alternative base64 alphabet" such as the URL safe alphabet. Th...

6.3CVSS0.00513EPSS
Exploits1References8
Cvelist
Cvelist
added 2026/01/13 10:51 p.m.100 views

CVE-2020-36911 Covenant 0.5 - Remote Code Execution (RCE)

Covenant 0.1.3 - 0.5 contains a remote code execution vulnerability that allows attackers to craft malicious JWT tokens with administrative privileges. Attackers can generate forged tokens with admin roles and upload custom DLL payloads to execute arbitrary commands on the target system...

9.8CVSS0.10447EPSS
Exploits1References7
Cvelist
Cvelist
added 2025/07/08 3:38 p.m.100 views

CVE-2025-6771 OS command injection in Ivanti Endpoint Manager

OS command injection in Ivanti Endpoint Manager Mobile EPMM before version 12.5.0.2,12.4.0.3 and 12.3.0.3 allows a remote authenticated attacker with high privileges to achieve remote code execution...

7.2CVSS0.14809EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/17 5:42 p.m.100 views

CVE-2024-49820 IBM Security Guardium Key Lifecycle Manager information disclosure

IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man i...

3.7CVSS0.00245EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/17 5:34 p.m.100 views

CVE-2024-49817 IBM Security Guardium Key Lifecycle Manager information disclosure

IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 stores user credentials in configuration files which can be read by a local privileged user...

4.4CVSS0.00189EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/18 6:47 a.m.100 views

CVE-2024-11315 TRCore DVC - Arbitrary File Upload through Path Traversal

The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of uploaded files. This allows unauthenticated remote attackers to upload arbitrary files to any directory, leading to arbitrary code execution by uploading webshells...

9.8CVSS0.01338EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/07/16 10:40 p.m.100 views

CVE-2024-21181

...

9.8CVSS0.01119EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/02 12:0 a.m.100 views

CVE-2024-39894

OpenSSH 9.5 through 9.7 before 9.8 sometimes allows timing attacks against echo-off password entry e.g., for su and Sudo because of an ObscureKeystrokeTiming logic error. Similarly, other timing attacks against keystroke entry could occur...

0.01634EPSS
Exploits0References10
Cvelist
Cvelist
added 2005/11/01 11:0 a.m.100 views

CVE-2005-3398

The default configuration of the web server for the Solaris Management Console SMC in Solaris 8, 9, and 10 enables the HTTP TRACE method, which could allow remote attackers to obtain sensitive information such as cookies and authentication data from HTTP headers...

6.1AI score0.13108EPSS
Exploits2References6
Cvelist
Cvelist
added 2026/06/08 11:7 a.m.99 views

CVE-2026-50751 User Authentication Bypass in VPN Remote Access and Mobile Access

A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password...

0.70099EPSS
Exploits5References1
Cvelist
Cvelist
added 2026/01/13 5:56 p.m.99 views

CVE-2026-20947 Microsoft SharePoint Server Remote Code Execution Vulnerability

...

8.8CVSS0.17948EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/13 2:26 p.m.99 views

CVE-2025-13444 OS Command Injection Remote Code Execution Vulnerability in Progress LoadMaster

OS Command Injection Remote Code Execution Vulnerability in API in Progress LoadMaster allows an authenticated attacker with “User Administration” permissions to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in the API input parameters...

8.4CVSS0.25389EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/05 9:32 p.m.99 views

CVE-2025-14107 ZSPACE Q2C NAS HTTP POST Request status zfilev2_api.SafeStatus command injection

A security flaw has been discovered in ZSPACE Q2C NAS up to 1.1.0210050. Affected by this vulnerability is the function zfilev2api.SafeStatus of the file /v2/file/safe/status of the component HTTP POST Request Handler. The manipulation of the argument safedir results in command injection. The...

9CVSS0.10962EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/12/05 9:32 p.m.99 views

CVE-2025-14106 ZSPACE Q2C NAS HTTP POST Request close zfilev2_api.CloseSafe command injection

A vulnerability was identified in ZSPACE Q2C NAS up to 1.1.0210050. Affected is the function zfilev2api.CloseSafe of the file /v2/file/safe/close of the component HTTP POST Request Handler. The manipulation of the argument safedir leads to command injection. The attack is possible to be carried o...

9CVSS0.10859EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/12/17 5:42 p.m.99 views

CVE-2024-49816 IBM Security Guardium Key Lifecycle Manager information disclosure

IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 stores potentially sensitive information in log files that could be read by a local privileged user...

4.9CVSS0.00353EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/31 9:2 p.m.99 views

CVE-2024-5138

The snapctl component within snapd allows a confined snap to interact with the snapd daemon to take certain privileged actions on behalf of the snap. It was found that snapctl did not properly parse command-line arguments, allowing an unprivileged user to trigger an authorised action on behalf of...

6.5AI score0.00826EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/05/31 2:24 p.m.99 views

CVE-2024-5565 Prompt Injection in "ask" API with visualization leads to RCE

The Vanna library uses a prompt function to present the user with visualized results, it is possible to alter the prompt using prompt injection and run arbitrary Python code instead of the intended visualization code. Specifically - allowing external input to the library’s “ask” method with...

8.1CVSS8.6AI score0.14956EPSS
Exploits0References1
Total number of security vulnerabilities5000