Lucene search
+L
CvelistMost viewed

366857 matches found

Cvelist
Cvelist
added 2025/12/03 4:26 p.m.101 views

CVE-2024-32641 Masa CMS Vulnerable to Pre-Auth RCE via JSON API

Masa CMS is an open source Enterprise Content Management platform. Masa CMS versions prior to 7.2.8, 7.3.13, and 7.4.6 are vulnerable to remote code execution. The vulnerability exists in the addParam function, which accepts user input via the criteria parameter. This input is subsequently...

9.8CVSS0.11047EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/06/11 12:54 a.m.101 views

CVE-2025-5959

Type Confusion in V8 in Google Chrome prior to 137.0.7151.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

0.10666EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/03 12:0 a.m.101 views

CVE-2025-44148

Cross Site Scripting XSS vulnerability in MailEnable before v10 allows a remote attacker to execute arbitrary code via the failure.aspx component...

0.50752EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/05/23 10:28 a.m.101 views

CVE-2025-36527 SQL Injection

Zohocorp ManageEngine ADAudit Plus versions below 8511 are vulnerable to SQL injection while exporting reports...

8.3CVSS0.23084EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/17 5:42 p.m.101 views

CVE-2024-49816 IBM Security Guardium Key Lifecycle Manager information disclosure

IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 stores potentially sensitive information in log files that could be read by a local privileged user...

4.9CVSS0.00353EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/18 6:47 a.m.101 views

CVE-2024-11315 TRCore DVC - Arbitrary File Upload through Path Traversal

The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of uploaded files. This allows unauthenticated remote attackers to upload arbitrary files to any directory, leading to arbitrary code execution by uploading webshells...

9.8CVSS0.01338EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/07/09 5:2 p.m.101 views

CVE-2024-38077 Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability

...

9.8CVSS0.75365EPSS
Exploits5References1
Cvelist
Cvelist
added 2024/03/16 4:26 a.m.101 views

CVE-2024-23523 WordPress Elementor Pro plugin <= 3.19.2 - Contributor+ Arbitrary User Meta Data Retrieval vulnerability

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Elementor Pro.This issue affects Elementor Pro: from n/a through 3.19.2...

6.5CVSS6.6AI score0.00529EPSS
Exploits0References1
Cvelist
Cvelist
added 2013/07/08 10:0 p.m.101 views

CVE-2013-4786

The IPMI 2.0 specification supports RMCP+ Authenticated Key-Exchange Protocol RAKP authentication, which allows remote attackers to obtain password hashes and conduct offline password guessing attacks by obtaining the HMAC from a RAKP message 2 response from a BMC...

7.7AI score0.81802EPSS
Exploits2References7
Cvelist
Cvelist
added 2026/06/09 5:5 p.m.100 views

CVE-2026-50507 Windows BitLocker Security Feature Bypass Vulnerability

...

6.8CVSS0.05011EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/08 11:7 a.m.100 views

CVE-2026-50751 User Authentication Bypass in VPN Remote Access and Mobile Access

A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password...

0.70099EPSS
Exploits5References1
Cvelist
Cvelist
added 2026/05/18 12:44 p.m.100 views

CVE-2026-42009 Gnutls: gnutls: denial of service via dtls packet reordering vulnerability

A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security DTLS packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This...

7.5CVSS0.01335EPSS
Exploits0References22
Cvelist
Cvelist
added 2025/07/08 4:58 p.m.100 views

CVE-2025-49704 Microsoft SharePoint Remote Code Execution Vulnerability

...

8.8CVSS0.99907EPSS
Exploits7References1
Cvelist
Cvelist
added 2025/05/14 11:0 a.m.100 views

CVE-2025-3833 SQL Injection

Zohocorp ManageEngine ADSelfService Plus versions 6513 and prior are vulnerable to authenticated SQL injection in the MFA reports...

8.1CVSS0.33693EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/16 10:40 p.m.100 views

CVE-2024-21181

...

9.8CVSS0.01119EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/02 12:0 a.m.100 views

CVE-2024-39894

OpenSSH 9.5 through 9.7 before 9.8 sometimes allows timing attacks against echo-off password entry e.g., for su and Sudo because of an ObscureKeystrokeTiming logic error. Similarly, other timing attacks against keystroke entry could occur...

0.01634EPSS
Exploits0References10
Cvelist
Cvelist
added 2024/04/17 11:34 a.m.100 views

CVE-2024-3333 Essential Addons for Elementor <= 5.9.14 - Authenticated (Contributor+) Store Cross-Site Scripting via Widget URL Attribute

The Essential Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the URL attributes of widgets in all versions up to, and including, 5.9.14 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5.8AI score0.00402EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/03/26 8:49 p.m.100 views

CVE-2023-48777 WordPress Elementor plugin 3.3.0-3.18.1 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Elementor.Com Elementor Website Builder.This issue affects Elementor Website Builder: from 3.3.0 through 3.18.1...

9.9CVSS9.7AI score0.041EPSS
Exploits3References1
Cvelist
Cvelist
added 2005/11/01 11:0 a.m.100 views

CVE-2005-3398

The default configuration of the web server for the Solaris Management Console SMC in Solaris 8, 9, and 10 enables the HTTP TRACE method, which could allow remote attackers to obtain sensitive information such as cookies and authentication data from HTTP headers...

6.1AI score0.13108EPSS
Exploits2References6
Cvelist
Cvelist
added 2025/12/02 5:57 p.m.99 views

CVE-2025-66399 SNMP Command Injection leads to RCE in Cacti

Cacti is an open source performance and fault management framework. Prior to 1.2.29, there is an input-validation flaw in the SNMP device configuration functionality. An authenticated Cacti user can supply crafted SNMP community strings containing control characters including newlines that are...

8.7CVSS0.10941EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/07/25 2:23 a.m.99 views

CVE-2019-25224 WP Database Backup < 5.2 - Unauthenticated OS Command Injection

The WP Database Backup plugin for WordPress is vulnerable to OS Command Injection in versions before 5.2 via the mysqldump function. This vulnerability allows unauthenticated attackers to execute arbitrary commands on the host operating system...

9.8CVSS0.16682EPSS
Exploits1References6
Cvelist
Cvelist
added 2024/11/04 12:0 a.m.99 views

CVE-2024-51127

An issue in the createTempFile method of hornetq v2.4.9 allows attackers to arbitrarily overwrite files or access sensitive information...

0.0067EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/08/20 11:45 p.m.99 views

CVE-2024-43863 drm/vmwgfx: Fix a deadlock in dma buf fence polling

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix a deadlock in dma buf fence polling Introduce a version of the fence ops that on release doesn't remove the fence from the pending list, and thus doesn't require a lock to fix poll-fence wait-fence unref deadlocks...

0.00164EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/05/31 2:24 p.m.99 views

CVE-2024-5565 Prompt Injection in "ask" API with visualization leads to RCE

The Vanna library uses a prompt function to present the user with visualized results, it is possible to alter the prompt using prompt injection and run arbitrary Python code instead of the intended visualization code. Specifically - allowing external input to the library’s “ask” method with...

8.1CVSS8.6AI score0.14956EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/03/09 8:18 p.m.99 views

CVE-2023-27483 fieldpath's Paved.SetValue allows growing arrays up to arbitrary sizes in crossplane-runtime

crossplane-runtime is a set of go libraries used to build Kubernetes controllers in Crossplane and its related stacks. An out of memory panic vulnerability has been discovered in affected versions. Applications that use the Paved type's SetValue method with user provided input without proper...

5.9CVSS7.6AI score0.00798EPSS
Exploits0References2
Cvelist
Cvelist
added 2020/04/01 11:8 p.m.99 views

CVE-2020-1927

In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with modrewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL...

6.7AI score0.56691EPSS
Exploits0References27
Cvelist
Cvelist
added 2019/01/30 10:0 p.m.99 views

CVE-2018-17199

In Apache HTTP Server 2.4 release 2.4.37 and prior, modsession checks the session expiry time before decoding the session. This causes session expiry time to be ignored for modsessioncookie sessions since the expiry time is loaded when the session is decoded...

6.5AI score0.19994EPSS
Exploits0References28
Cvelist
Cvelist
added 2026/06/11 3:39 p.m.98 views

CVE-2026-44486 Axios: Proxy-Authorization header leaks to redirect target when proxy is re-evaluated to direct connection

Axios is a promise based HTTP client for the browser and Node.js. Prior to 0.32.0 and 1.16.0, Axios’ Node.js HTTP adapter can leak proxy credentials to a redirect target in affected versions. When a request is sent through an authenticated proxy, Axios may add a Proxy-Authorization header. If Axi...

7.5CVSS0.00532EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/06/09 5:5 p.m.98 views

CVE-2026-47281 Visual Studio Code Elevation of Privilege Vulnerability

...

9.6CVSS0.00591EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/13 8:28 a.m.98 views

CVE-2026-6276 stale custom cookie host causes cookie leak

Using libcurl, when a custom Host: header is first set for an HTTP request and a second request is subsequently done using the same easy handle but without the custom Host: header set, the second request would use stale information and pass on cookies meant for the first host in the second reques...

0.00291EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/05/06 8:34 a.m.98 views

CVE-2026-42509 Apache Wicket: crafted strings can break out of the JavaScript sequence

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Apache Wicket. This issue affects Apache Wicket: from 8.0.0 through 8.17.0, 9.0.0, from 10.0.0 through 10.8.0. Users are recommended to upgrade to version 10.9.0, which fixes the issue...

0.00357EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/19 7:38 p.m.98 views

CVE-2026-27013 Fabric.js Affected by Stored XSS via SVG Export

Fabric.js is a Javascript HTML5 canvas library. Prior to version 7.2.0, Fabric.js applies escapeXml to text content during SVG export src/shapes/Text/TextSVGExportMixin.ts:186 but fails to apply it to other user-controlled string values that are interpolated into SVG attribute markup. When...

7.6CVSS0.00281EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/12/05 5:31 a.m.98 views

CVE-2025-13860 Easy Jump Links Menus <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes

The Easy Jump Links Menus plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the htags parameter in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...

6.4CVSS0.00205EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/03 3:40 p.m.98 views

CVE-2025-55182

A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes...

10CVSS0.99562EPSS
Exploits376References2
Cvelist
Cvelist
added 2025/10/28 2:43 p.m.98 views

CVE-2025-34311 IPFire < v2.29 Command Injection via Proxy Report Creation

IPFire versions prior to 2.29 Core Update 198 contain a command injection vulnerability that allows an authenticated attacker to execute arbitrary commands as the user 'nobody' via multiple parameters when creating a Proxy report. When a user creates a Proxy report the application issues an HTTP...

8.7CVSS0.13784EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/08/12 5:10 p.m.98 views

CVE-2025-53722 Windows Remote Desktop Services Denial of Service Vulnerability

...

7.5CVSS0.17942EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/10 5:2 p.m.98 views

CVE-2025-47163 Microsoft SharePoint Server Remote Code Execution Vulnerability

...

8.8CVSS0.11509EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/16 7:32 p.m.98 views

CVE-2025-4802

Untrusted LDLIBRARYPATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen including internal dlopen calls after setlocale or calls to NSS functions...

0.00548EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/08/13 5:29 p.m.98 views

CVE-2024-38063 Windows TCP/IP Remote Code Execution Vulnerability

...

9.8CVSS0.70564EPSS
Exploits24References1
Cvelist
Cvelist
added 2024/05/09 8:3 p.m.98 views

CVE-2024-3806 Porto <= 7.1.0 - Unauthenticated Local File Inclusion via porto_ajax_posts

The Porto theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 7.1.0 via the 'portoajaxposts' function. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in...

9.8CVSS10AI score0.02687EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/11/02 3:1 p.m.98 views

CVE-2022-4900 Potential buffer overflow in php_cli_server_startup_workers

A vulnerability was found in PHP where setting the environment variable PHPCLISERVERWORKERS to a large value leads to a heap buffer overflow...

6.2CVSS6.5AI score0.00367EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/03/07 3:9 p.m.98 views

CVE-2023-27522 Apache HTTP Server: mod_proxy_uwsgi HTTP response splitting

HTTP Response Smuggling vulnerability in Apache HTTP Server via modproxyuwsgi. This issue affects Apache HTTP Server: from 2.4.30 through 2.4.55. Special characters in the origin response header can truncate/split the response forwarded to the client...

8.8AI score0.02134EPSS
Exploits0References3
Cvelist
Cvelist
added 2022/06/16 5:45 a.m.98 views

CVE-2022-31626 mysqlnd/pdo password buffer overflow

In PHP versions 7.4.x below 7.4.30, 8.0.x below 8.0.20, and 8.1.x below 8.1.7, when pdomysql extension with mysqlnd driver, if the third party is allowed to supply host to connect to and the password for the connection, password of excessive length can trigger a buffer overflow in PHP, which can...

7.5CVSS9.6AI score0.5838EPSS
Exploits2References7
Cvelist
Cvelist
added 2018/03/26 3:0 p.m.98 views

CVE-2018-1312

In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed. In a cluster of servers using a common Digest authentication configuration, HTTP requests could be replayed...

9.5AI score0.15885EPSS
Exploits0References29
Cvelist
Cvelist
added 2026/05/12 3:14 p.m.97 views

CVE-2026-41284 Apache Tomcat: Unbounded read in WebDAV LOCK and PROPFIND handling

Allocation of Resources Without Limits or Throttling vulnerability in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117. Older, unsupported versions may also be affected. Users are recommended to upgrade ...

0.0078EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/07 3:36 a.m.97 views

CVE-2026-41672 xmldom: XML node injection through unvalidated comment serialization

xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. In @xmldom/xmldom prior to versions 0.9.10 and 0.8.13 and xmldom version 0.6.0 and prior, the package allows attacker-controlled comment content to be serialized into XML without validating or...

8.7CVSS0.00365EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/04/15 8:45 p.m.97 views

CVE-2026-22676 Barracuda RMM < 2025.2.2 Privilege Escalation via Insecure Directory Permissions

Barracuda RMM versions prior to 2025.2.2 contain a privilege escalation vulnerability that allows local attackers to gain SYSTEM-level privileges by exploiting overly permissive filesystem ACLs on the C:\Windows\Automation directory. Attackers can modify existing automation content or place...

8.5CVSS0.00104EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/06 7:11 a.m.97 views

CVE-2026-29059 Windmill: SUPERADMIN_SECRET (rarely used) can be accessed publicly

Windmill is an open-source developer platform for internal code: APIs, background jobs, workflows and UIs. Prior to version 1.603.3, an unauthenticated path traversal vulnerability exists in Windmill's getlogfile endpoint "/api/w/workspace/jobsu/getlogfile/filename". The filename parameter is...

6.9CVSS0.02584EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/01/06 2:33 p.m.97 views

CVE-2024-8474

OpenVPN Connect before version 3.5.0 can contain the configuration profile's clear-text private key which is logged in the application log, which an unauthorized actor can use to decrypt the VPN traffic...

0.00535EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/17 4:29 a.m.97 views

CVE-2024-12356 Command Injection Vulnerability in Remote Support(RS) & Privileged Remote Access (PRA)

A critical vulnerability has been discovered in Privileged Remote Access PRA and Remote Support RS products which can allow an unauthenticated attacker to inject commands that are run as a site user...

9.8CVSS0.87991EPSS
Exploits8References3
Total number of security vulnerabilities5000