Lucene search
+L
CvelistMost viewed

366824 matches found

cvelist
cvelist
added 2024/05/13 10:6 a.m.97 views

CVE-2024-4068 Memory Exhaustion in braces

The NPM package braces, versions prior to 3.0.3, fails to limit the number of characters it can handle, which could lead to Memory Exhaustion. In lib/parse.js, if a malicious user sends "imbalanced braces" as input, the parsing will enter a loop, which will cause the program to start allocating...

7.5CVSS7.7AI score0.01471EPSS
Exploits1References5
cvelist
cvelist
added 2023/06/19 10:52 a.m.97 views

CVE-2023-2359 Revolution Slider <= 6.6.12 - Author+ Remote Code Execution

The Slider Revolution WordPress plugin through 6.6.12 does not check for valid image files upon import, leading to an arbitrary file upload which may be escalated to Remote Code Execution in some server configurations...

9.2AI score0.0254EPSS
Exploits2References1
cvelist
cvelist
added 2023/02/13 8:49 p.m.97 views

CVE-2023-25572 React-Admin vulnerable to Cross-Site-Scripting attack on `<RichTextField>`

react-admin is a frontend framework for building browser applications on top of REST/GraphQL APIs. react-admin prior to versions 3.19.12 and 4.7.6, along with ra-ui-materialui prior to 3.19.12 and 4.7.6, are vulnerable to cross-site scripting. All React applications built with react-admin and usi...

5.4CVSS5.3AI score0.00694EPSS
Exploits1References5
cvelist
cvelist
added 2021/04/09 10:3 p.m.97 views

CVE-2021-30480

Zoom Chat through 2021-04-09 on Windows and macOS allows certain remote authenticated attackers to execute arbitrary code without user interaction. An attacker must be within the same organization, or an external party who has been accepted as a contact. NOTE: this is specific to the Zoom Chat...

8.5CVSS8.9AI score0.05837EPSS
Exploits1References9
cvelist
cvelist
added 2020/08/07 3:32 p.m.97 views

CVE-2020-11993

Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools. Configuring the LogLevel of modhttp2 above "info" will mitigate this...

8.7AI score0.58716EPSS
Exploits2References26
cvelist
cvelist
added 2018/03/26 3:0 p.m.97 views

CVE-2018-1312

In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed. In a cluster of servers using a common Digest authentication configuration, HTTP requests could be replayed...

9.5AI score0.15885EPSS
Exploits0References29
cvelist
cvelist
added 2010/01/25 7:0 p.m.97 views

CVE-2010-0386

The default configuration of Sun Java System Application Server 7 and 7 2004Q2 enables the HTTP TRACE method, which makes it easier for remote attackers to steal cookies and authentication credentials via a cross-site tracing XST attack, a related issue to CVE-2004-2763 and CVE-2005-3398...

6.5AI score0.01692EPSS
Exploits0References1
cvelist
cvelist
added 2010/01/25 7:0 p.m.97 views

CVE-2008-7253

The default configuration of the web server in IBM Lotus Domino Server, possibly 6.0 through 8.0, enables the HTTP TRACE method, which makes it easier for remote attackers to steal cookies and authentication credentials via a cross-site tracing XST attack, a related issue to CVE-2004-2763 and...

6.4AI score0.02093EPSS
Exploits0References4
cvelist
cvelist
added 2026/06/09 5:5 p.m.96 views

CVE-2026-47281 Visual Studio Code Elevation of Privilege Vulnerability

...

9.6CVSS0.00591EPSS
Exploits0References1
cvelist
cvelist
added 2026/05/22 2:31 a.m.96 views

CVE-2026-42508 Invoking auth bypass via unenforced @revoked status in golang.org/x/crypto/ssh/knownhosts

Previously, a revoked 'SignatureKey' belonging to a CA was not correctly checked for revocation. Now, both the 'key' and 'key.SignatureKey' are checked for @revoked...

0.00487EPSS
Exploits0References4
cvelist
cvelist
added 2026/05/20 1:9 p.m.96 views

CVE-2026-3039 BIND 9 server memory exhaustion during GSS-API TKEY negotiation

BIND servers that are configured to use TKEY-based authentication via GSS-API tokens are vulnerable to excessive memory consumption when receiving and processing maliciously-constructed packets. Typically these servers will be found in Active Directory integrated DNS deployments and/or...

7.5CVSS0.01047EPSS
Exploits0References4
cvelist
cvelist
added 2026/05/12 3:32 p.m.96 views

CVE-2026-43514 Apache Tomcat: AJP secret compared in non-constant time

Observable Timing Discrepancy vulnerability when comparing AJP secret in Apache Tomcat. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.21, from 10.1.0-M1 through 10.1.54, from 9.0.0.M1 through 9.0.117, from 8.5.0 through 8.5.100, from 7.0.0 through 7.0.109. Older unsupported versio...

0.00352EPSS
Exploits0References1
cvelist
cvelist
added 2026/04/22 7:28 p.m.96 views

CVE-2026-6019 BaseCookie.js_output() does not neutralize embedded characters

http.cookies.Morsel.jsoutput returns an inline snippet and only escapes " for JavaScript string context. It does not neutralize the HTML parser-sensitive sequence inside the generated script element. Mitigation base64-encodes the cookie value to disallow escaping using cookie value...

2.1CVSS0.00229EPSS
Exploits1References6
cvelist
cvelist
added 2026/03/09 3:24 p.m.96 views

CVE-2026-25866 MobaXterm < 26.1 Notepad++ Unquoted Service Path

MobaXterm versions prior to 26.1 contain an uncontrolled search path element vulnerability. The application calls WinExec to execute Notepad++ without a fully qualified executable path when opening remote files. An attacker can exploit the search path behavior by placing a malicious executable...

8.5CVSS0.00132EPSS
Exploits0References2
cvelist
cvelist
added 2025/07/10 4:58 p.m.96 views

CVE-2025-49812 Apache HTTP Server: mod_ssl TLS upgrade attack

In some modssl configurations on Apache HTTP Server versions through to 2.4.63, an HTTP desynchronisation attack allows a man-in-the-middle attacker to hijack an HTTP session via a TLS upgrade. Only configurations using "SSLEngine optional" to enable TLS upgrades are affected. Users are recommend...

0.00516EPSS
Exploits0References1
cvelist
cvelist
added 2025/05/13 8:49 p.m.96 views

CVE-2025-43561 ColdFusion | Incorrect Authorization (CWE-863)

ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. A high-privileged attacker could leverage this vulnerability to bypass authentication mechanisms and...

9.1CVSS0.13954EPSS
Exploits0References1
cvelist
cvelist
added 2025/03/31 5:6 p.m.96 views

CVE-2025-31125 Vite has a `server.fs.deny` bypassed for `inline` and `raw` with `?import` query

Vite is a frontend tooling framework for javascript. Vite exposes content of non-allowed files using ?inline&import or ?raw?import. Only apps explicitly exposing the Vite dev server to the network using --host or server.host config option are affected. This vulnerability is fixed in 6.2.4, 6.1.3,...

5.3CVSS0.58765EPSS
Exploits9References2
cvelist
cvelist
added 2025/01/07 12:0 a.m.96 views

CVE-2022-41573

An issue was discovered in Ovidentia 8.3. The file upload feature does not prevent the uploading of executable files. A user can upload a .png file containing PHP code and then rename it to have the .php extension. It will then be accessible at an images/common/ URI for remote code execution...

0.01211EPSS
Exploits0References3
cvelist
cvelist
added 2024/07/01 3:25 p.m.96 views

CVE-2024-36401 Remote Code Execution (RCE) vulnerability in evaluating property name expressions in Geoserver

GeoServer is an open source server that allows users to share and edit geospatial data. Prior to versions 2.22.6, 2.23.6, 2.24.4, and 2.25.2, multiple OGC request parameters allow Remote Code Execution RCE by unauthenticated users through specially crafted input against a default GeoServer...

9.8CVSS0.99813EPSS
Exploits25References5
cvelist
cvelist
added 2024/05/18 12:0 a.m.96 views

CVE-2024-36048

QAbstractOAuth in Qt Network Authorization in Qt before 5.15.17, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.6, and 6.6.x through 6.7.x before 6.7.1 uses only the time to seed the PRNG, which may result in guessable values...

6.4AI score0.0097EPSS
Exploits0References5
cvelist
cvelist
added 2023/12/24 12:0 a.m.96 views

CVE-2023-51767

OpenSSH through 10.0, when common types of DRAM are used, might allow row hammer attacks for authentication bypass because the integer value of authenticated in mmanswerauthpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim...

7AI score0.00661EPSS
Exploits0References8
cvelist
cvelist
added 2023/08/07 1:19 p.m.96 views

CVE-2023-4194 Kernel: tap: tap_open(): correctly initialize socket uid next fix of i_uid to current_fsuid

A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized access to some resources. The original patches fixing CVE-2023-1076 are incorrect or incomplete. The problem is that the following upstream commits -...

5.5CVSS6.7AI score0.00274EPSS
Exploits0References6
cvelist
cvelist
added 2022/10/21 12:0 a.m.96 views

CVE-2022-37454

The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute arbitrary code or eliminate expected cryptographic properties. This occurs in the sponge function interface...

10AI score0.05193EPSS
Exploits1References13
cvelist
cvelist
added 2020/10/22 5:26 p.m.96 views

CVE-2020-15906

tiki-login.php in Tiki before 21.2 sets the admin password to a blank value after 50 invalid login attempts...

9.5AI score0.27362EPSS
Exploits5References2
cvelist
cvelist
added 2026/06/09 4:46 p.m.95 views

CVE-2026-49959 Hermes WebUI < 0.51.311 RCE via Git Configuration Injection

Hermes WebUI before version 0.51.311 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands by placing malicious executable Git configuration in a workspace repository's .git/config file. Attackers can exploit Git subprocess invocations in...

8.8CVSS0.00945EPSS
Exploits0References4
cvelist
cvelist
added 2026/05/07 9:45 a.m.95 views

CVE-2026-6805 Vulnerability on Cryptobox external sharing feature

Vulnerability on the external sharing feature in Cryptobox allows an attacker knowing a sharing link URL to retrieve information from the server allowing an offline brute-force attack of the access code associated to this sharing link...

6.9CVSS0.00232EPSS
Exploits0References1
cvelist
cvelist
added 2026/04/16 4:54 a.m.95 views

CVE-2026-22616

Eaton Intelligent Power Protector IPP software allows repeated authentication attempts against the web interface login page due to insufficient rate‑limiting controls. This security issue has been fixed in the latest version of Eaton IPP which is available on the Eaton download centre...

6.5CVSS0.00319EPSS
Exploits0References1
cvelist
cvelist
added 2025/11/10 2:20 p.m.95 views

CVE-2025-12480

Triofox versions prior to 16.7.10368.56560, are vulnerable to an Improper Access Control flaw that allows access to initial setup pages even after setup is complete...

9.1CVSS0.90532EPSS
Exploits1References4
cvelist
cvelist
added 2025/08/05 1:0 p.m.95 views

CVE-2025-54948

A vulnerability in Trend Micro Apex One on-premise management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations...

9.4CVSS0.2079EPSS
Exploits0References1
cvelist
cvelist
added 2025/07/02 4:24 a.m.95 views

CVE-2025-6463 Forminator Forms – Contact Form, Payment Form & Custom Form Builder <= 1.44.2 - Unauthenticated Arbitrary File Deletion Triggered via Administrator Form Submission Deletion

The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'entrydeleteuploadfiles' function in all versions up to, and including, 1.44.2. This makes it possible for...

8.8CVSS0.10538EPSS
Exploits0References3
cvelist
cvelist
added 2025/06/23 8:42 p.m.95 views

CVE-2025-2828 SSRF Vulnerability in RequestsToolkit in langchain-ai/langchain

A Server-Side Request Forgery SSRF vulnerability exists in the RequestsToolkit component of the langchain-community package specifically, langchaincommunity.agenttoolkits.openapi.toolkit.RequestsToolkit in langchain-ai/langchain version 0.0.27. This vulnerability occurs because the toolkit does n...

8.4CVSS0.14732EPSS
Exploits1References2
cvelist
cvelist
added 2025/05/22 12:0 a.m.95 views

CVE-2025-32814

An issue was discovered in Infoblox NETMRI before 7.6.1. Unauthenticated SQL Injection can occur...

0.37474EPSS
Exploits0References1
cvelist
cvelist
added 2025/04/12 1:32 a.m.95 views

CVE-2025-29803 Visual Studio Tools for Applications and SQL Server Management Studio Elevation of Privilege Vulnerability

...

7.3CVSS0.00677EPSS
Exploits0References1
cvelist
cvelist
added 2024/12/17 5:35 p.m.95 views

CVE-2024-49818 IBM Security Guardium Key Lifecycle Manager information disclosure

IBM Security Guardium Key Lifecycle Manager 4.1, 4.1.1, 4.2.0, and 4.2.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system...

4.3CVSS0.00462EPSS
Exploits0References1
cvelist
cvelist
added 2024/09/10 7:22 p.m.95 views

CVE-2024-8503 VICIdial Unauthenticated SQL Injection

An unauthenticated attacker can leverage a time-based SQL injection vulnerability in VICIdial to enumerate database records. By default, VICIdial stores plaintext credentials within the database...

0.80023EPSS
Exploits10References2
cvelist
cvelist
added 2021/08/12 4:25 p.m.95 views

CVE-2021-32808 Cross-site scripting in ckeditor via abuse of undo functionality

ckeditor is an open source WYSIWYG HTML editor with rich content support. A vulnerability has been discovered in the clipboard Widget plugin if used alongside the undo feature. The vulnerability allows a user to abuse undo functionality using malformed widget HTML, which could result in executing...

7.6CVSS6.8AI score0.01192EPSS
Exploits0References7
cvelist
cvelist
added 2019/09/25 4:39 p.m.95 views

CVE-2019-10098

In Apache HTTP server 2.4.0 to 2.4.39, Redirects configured with modrewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an unexpected URL within the request URL...

7.8AI score0.73981EPSS
Exploits1References17
cvelist
cvelist
added 2019/04/08 8:11 p.m.95 views

CVE-2019-0217

In Apache HTTP Server 2.4 release 2.4.38 and prior, a race condition in modauthdigest when running in a threaded server could allow a user with valid credentials to authenticate using another username, bypassing configured access control restrictions...

7.7AI score0.17666EPSS
Exploits0References39
cvelist
cvelist
added 2015/02/15 8:0 p.m.95 views

CVE-2014-7883

HP Universal CMDB UCMDB Probe 9.05, 10.01, and 10.11 enables the HTTP TRACE method, which allows remote attackers to obtain sensitive information by reading the headers of a response...

6AI score0.37022EPSS
Exploits5References3
cvelist
cvelist
added 2010/03/05 7:0 p.m.95 views

CVE-2010-0425

modules/arch/win32/modisapi.c in modisapi in the Apache HTTP Server 2.0.37 through 2.0.63, 2.2.0 through 2.2.14, and 2.3.x before 2.3.7, when running on Windows, does not ensure that request processing is complete before calling isapiunload for an ISAPI .dll module, which allows remote attackers ...

9.6AI score0.94248EPSS
Exploits13References42
cvelist
cvelist
added 2009/06/01 10:0 p.m.95 views

CVE-2004-2763

The default configuration of Sun ONE/iPlanet Web Server 4.1 SP1 through SP12 and 6.0 SP1 through SP5 responds to the HTTP TRACE request, which can allow remote attackers to steal information using cross-site tracing XST attacks in applications that are vulnerable to cross-site scripting...

5.9AI score0.02178EPSS
Exploits1References3
cvelist
cvelist
added 2026/05/14 2:59 p.m.94 views

CVE-2026-44484 Compromise of PyTorch Lightning PyPi Package Versions

PyTorch Lightning is a deep learning framework to pretrain and finetune AI models. Versions 2.6.2 and 2.6.2 have introduced functionality consistent with a credential harvesting mechanism...

9.3CVSS0.00392EPSS
Exploits0References1
cvelist
cvelist
added 2026/05/12 9:29 a.m.94 views

CVE-2026-6813 Continually <= 4.3.1 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'continually_embed_code' Parameter

The Continually plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 4.3.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and...

4.4CVSS0.00195EPSS
Exploits0References5
cvelist
cvelist
added 2026/05/05 3:29 p.m.94 views

CVE-2026-43073 x86-64: rename misleadingly named '__copy_user_nocache()' function

In the Linux kernel, the following vulnerability has been resolved: x86-64: rename misleadingly named 'copyusernocache' function This function was a masterclass in bad naming, for various historical reasons. It claimed to be a non-cached user copy. It is literally neither of those things. It's a...

0.00117EPSS
Exploits0References6
cvelist
cvelist
added 2026/04/29 1:31 p.m.94 views

CVE-2026-42519

A missing permission check in Jenkins Script Security Plugin 1399.ve6a66547f6e1 and earlier allows attackers with Overall/Read permission to enumerate pending and approved Script Security classpaths...

0.00174EPSS
Exploits0References1
cvelist
cvelist
added 2025/10/20 2:43 p.m.94 views

CVE-2025-57738 Apache Syncope: Remote Code Execution by delegated administrators

Apache Syncope offers the ability to extend / customize the base behavior on every deployment by allowing to provide custom implementations of a few Java interfaces; such implementations can be provided either as Java or Groovy classes, with the latter being particularly attractive as the machine...

0.23107EPSS
Exploits0References1
cvelist
cvelist
added 2025/10/14 2:14 p.m.94 views

CVE-2025-10242

OS command injection in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12.4.0.4 allows a remote authenticated attacker with admin privileges to achieve remote code execution...

7.2CVSS0.2084EPSS
Exploits0References1
cvelist
cvelist
added 2025/09/11 8:51 a.m.94 views

CVE-2025-58320 DIALink - Directory Traversal Authentication Bypass Vulnerability

Delta Electronics DIALink has an Directory Traversal Authentication Bypass Vulnerability...

7.3CVSS0.13174EPSS
Exploits0References1
cvelist
cvelist
added 2025/09/08 6:0 a.m.94 views

CVE-2025-8085 Ditty < 3.1.58 - Unauthenticated SSRF

The Ditty WordPress plugin before 3.1.58 lacks authorization and authentication for requests to its displayItems endpoint, allowing unauthenticated visitors to make requests to arbitrary URLs...

0.16399EPSS
Exploits1References1
cvelist
cvelist
added 2025/08/29 5:30 p.m.94 views

CVE-2025-9377 Authenticated RCE via Parental Control command injection

The authenticated remote command execution RCE vulnerability exists in the Parental Control page on TP-Link Archer C7EU V2 and TL-WR841N/NDMS V9. This issue affects Archer C7EU V2: before 241108 and TL-WR841N/NDMS V9: before 241108. Both products have reached the status of EOL end-of-life. It's...

8.6CVSS0.11747EPSS
Exploits0References2
Total number of security vulnerabilities5000