Lucene search
K
CvelistMost viewed

366526 matches found

Cvelist
Cvelist
added 2026/04/17 3:22 a.m.84 views

CVE-2026-5807 Vault Vulnerable to Denial-of-Service via Unauthenticated Root Token Generation/Rekey Operations

Vault is vulnerable to a denial-of-service condition where an unauthenticated attacker can repeatedly initiate or cancel root token generation or rekey operations, occupying the single in-progress operation slot. This prevents legitimate operators from completing these workflows. This...

7.5CVSS0.00718EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/02 8:43 p.m.84 views

CVE-2026-23515 RCE - Command Injection in Signal K set-system-time plugin

Signal K Server is a server application that runs on a central hub in a boat. Prior to 1.5.0, a command injection vulnerability allows authenticated users with write permissions to execute arbitrary shell commands on the Signal K server when the set-system-time plugin is enabled. Unauthenticated...

9.9CVSS0.04163EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/12/13 4:31 a.m.84 views

CVE-2025-11693 Export WP Page to Static HTML & PDF <= 4.3.4 - Unauthenticated Cookie Exposure via Log File

The Export WP Page to Static HTML & PDF plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.3.4 through publicly exposed cookies.txt files containing authentication cookies. This makes it possible for unauthenticated attackers to cookies th...

9.8CVSS0.01954EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/09/09 3:9 p.m.84 views

CVE-2025-9712

Insufficient filename validation in Ivanti Endpoint Manager before 2024 SU3 SR1 and 2022 SU8 SR2 allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required...

8.8CVSS0.20461EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/23 2:48 p.m.84 views

CVE-2025-40597

A Heap-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service DoS or potentially results in code execution...

0.27599EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/21 12:8 a.m.84 views

CVE-2025-6216 Allegra calculateTokenExpDate Password Recovery Authentication Bypass Vulnerability

Allegra calculateTokenExpDate Password Recovery Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Allegra. Authentication is not required to exploit this vulnerability. The specific flaw exists within the password...

9.8CVSS0.3072EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/16 12:0 a.m.84 views

CVE-2025-27587

OpenSSL 3.0.0 through 3.3.2 on the PowerPC architecture is vulnerable to a Minerva attack, exploitable by measuring the time of signing of random messages using the EVPDigestSign API, and then using the private key to extract the K value nonce from the signatures. Next, based on the bit size of t...

0.0037EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/02 7:20 p.m.84 views

CVE-2025-48387 tar-fs has issue where extract can write outside the specified dir with a specific tarball

tar-fs provides filesystem bindings for tar-stream. Versions prior to 3.0.9, 2.1.3, and 1.16.5 have an issue where an extract can write outside the specified dir with a specific tarball. This has been patched in versions 3.0.9, 2.1.3, and 1.16.5. As a workaround, use the ignore option to ignore n...

8.7CVSS0.00474EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/10/24 12:0 a.m.84 views

CVE-2024-45242

EnGenius ENH1350EXT A8J-ENH1350EXT devices through 3.9.3.2c1.9.51 allow blind OS Command Injection via shell metacharacters to the Ping or Speed Test utility. During the time of initial setup, the device creates an open unsecured network whose admin panel is configured with the default credential...

0.34662EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/07/10 12:0 a.m.84 views

CVE-2024-39614

An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. getsupportedlanguagevariant was subject to a potential denial-of-service attack when used with very long strings containing specific characters...

0.28637EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/07/05 12:0 a.m.84 views

CVE-2024-32498

An issue was discovered in OpenStack Cinder through 24.0.0, Glance before 28.0.2, and Nova before 29.0.3. Arbitrary file access can occur via custom QCOW2 external data. By supplying a crafted QCOW2 image that references a specific data file path, an authenticated user may convince systems to...

0.00835EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/06/19 12:0 a.m.84 views

CVE-2024-36680

In the module "Facebook" pkfacebook =1.0.1 from Promokit.eu for PrestaShop, a guest can perform SQL injection. The ajax script facebookConnect.php have a sensitive SQL call that can be executed with a trivial http call and exploited to forge a SQL injection...

0.10087EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/15 12:0 a.m.84 views

CVE-2024-31497

In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where an adversary is able to read messages signed by PuTTY or Pageant...

5.6AI score0.05773EPSS
Exploits0References27
Cvelist
Cvelist
added 2024/04/04 1:46 p.m.84 views

CVE-2024-2700 Quarkus-core: leak of local configuration properties into quarkus applications

A vulnerability was found in the quarkus-core component. Quarkus captures local environment variables from the Quarkus namespace during the application's build, therefore, running the resulting application inherits the values captured at build time. Some local environment variables may have been...

7CVSS7AI score0.00286EPSS
Exploits0References8
Cvelist
Cvelist
added 2022/04/11 7:38 p.m.84 views

CVE-2022-1161 ICSA-22-090-05 Rockwell Automation Logix Controllers

An attacker with the ability to modify a user program may change user program code on some ControlLogix, CompactLogix, and GuardLogix Control systems. Studio 5000 Logix Designer writes user-readable program code to a separate location than the executed compiled code, allowing an attacker to chang...

10CVSS9.6AI score0.05013EPSS
Exploits0References1
Cvelist
Cvelist
added 2018/01/18 11:0 p.m.84 views

CVE-2012-6708

jQuery before 1.9.0 is vulnerable to Cross-site Scripting XSS attacks. The jQuerystrInput function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '' character anywhere in the string, giving...

6.1AI score0.08632EPSS
Exploits6References11
Cvelist
Cvelist
added 2017/09/18 3:0 p.m.84 views

CVE-2017-9798

Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker...

7.8AI score0.94999EPSS
Exploits9References55
Cvelist
Cvelist
added 2009/11/10 7:0 p.m.84 views

CVE-2009-2823

The Apache HTTP Server in Apple Mac OS X before 10.6.2 enables the HTTP TRACE method, which allows remote attackers to conduct cross-site scripting XSS attacks via unspecified web client software...

6.5AI score0.01684EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/06/23 10:2 p.m.83 views

CVE-2026-11972 tarfile opened in streaming mode mishandles EOF

When using the "tarfile" module with a file opened in "streaming mode" mode="r|" the tarfile module did not properly handle EOF, making archive parsing take exponentially longer...

8.2CVSS0.00433EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/06/01 5:59 p.m.83 views

CVE-2026-9319 IBM WebSphere Application Server is affected by a remote code execution vulnerability

IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to potential remote code execution due to deserialization of untrusted data via JAX-WS endpoints with WS-Security...

9CVSS0.00458EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/30 1:50 a.m.83 views

CVE-2026-48840

Exim 4.88 before 4.99.4, in some proxy configurations, mishandles certain short payloads, leading to disclosure of uninitialized stack memory values to a client...

5.3CVSS0.00264EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/22 2:31 a.m.83 views

CVE-2026-39834 Invoking infinite loop on large channel writes in golang.org/x/crypto/ssh

When writing data larger than 4GB in a single Write call on an SSH channel, an integer overflow in the internal payload size calculation caused the write loop to spin indefinitely, sending empty packets without making progress. The size comparison now uses int64 to prevent truncation...

0.00466EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/22 2:31 a.m.83 views

CVE-2026-39829 Invoking pathological RSA/DSA parameters may cause DoS in golang.org/x/crypto/ssh

The RSA and DSA public key parsers did not enforce size limits on key parameters. A crafted public key with an excessively large modulus or DSA parameter could cause several minutes of CPU consumption during signature verification. This could be triggered by unauthenticated clients during public...

0.00415EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/22 12:43 a.m.83 views

CVE-2026-34908

A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi OS devices to make unauthorized changes to the system...

10CVSS0.02452EPSS
Exploits2References1
Cvelist
Cvelist
added 2026/05/07 8:58 p.m.83 views

CVE-2026-35428 Azure Cloud Shell Spoofing Vulnerability

...

9.6CVSS0.00933EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/07 12:0 p.m.83 views

CVE-2026-42010 Gnutls: gnutls: authentication bypass via nul character in username

A flaw was found in gnutls. Servers configured with RSA-PSK Rivest–Shamir–Adleman – Pre-Shared Key wrongfully matched usernames containing a NUL character with truncated usernames. A remote attacker could exploit this by sending a specially crafted username, leading to an authentication bypass...

7.1CVSS0.0105EPSS
Exploits0References21
Cvelist
Cvelist
added 2026/05/04 1:11 p.m.83 views

CVE-2025-58074 Privilege escalation during the installation of Norton Secure VPN via the Microsoft Store

A privilege escalation vulnerability exists during the installation of Norton Secure VPN via the Microsoft Store. A low-privilege user can replace files during the installation process, which may result in deletion of arbitrary files that can lead to elevation of privileges...

8.8CVSS0.00127EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/02 11:16 a.m.84 views

CVE-2026-6320 Salon Booking System – Free Version <= 10.30.25 - Unauthenticated Arbitrary File Read via Booking File Field Path Traversal

The Salon Booking System – Free Version plugin for WordPress is vulnerable to Arbitrary File Read in versions up to, and including, 10.30.25. This is due to the public booking flow accepting attacker-controlled file-field values and later using those stored values as trusted paths for email...

7.5CVSS0.00373EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/20 8:29 p.m.83 views

CVE-2026-33626 LMDeploy Vulnerable to Server-Side Request Forgery (SSRF) via Vision-Language Image Loading

LMDeploy is a toolkit for compressing, deploying, and serving large language models. Versions prior to 0.12.3 have a Server-Side Request Forgery SSRF vulnerability in LMDeploy's vision-language module. The loadimage function in lmdeploy/vl/utils.py fetches arbitrary URLs without validating...

7.5CVSS0.4525EPSS
Exploits2References4
Cvelist
Cvelist
added 2026/03/26 4:5 a.m.83 views

CVE-2026-4840 Netcore Power 15AX Diagnostic Tool netis.cgi setTools os command injection

A security flaw has been discovered in Netcore Power 15AX up to 3.0.0.6938. Affected by this issue is the function setTools of the file /bin/netis.cgi of the component Diagnostic Tool Interface. Performing a manipulation of the argument IpAddr results in os command injection. Remote exploitation ...

9CVSS0.08263EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/10/13 9:8 p.m.83 views

CVE-2025-9713

Path traversal in Ivanti Endpoint Manager before version 2024 SU4 allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required...

8.8CVSS0.14805EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/09 3:11 p.m.83 views

CVE-2025-9872

Insufficient filename validation in Ivanti Endpoint Manager before 2024 SU3 SR1 and 2022 SU8 SR2 allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required...

8.8CVSS0.13471EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/12 5:9 p.m.83 views

CVE-2025-53760 Microsoft SharePoint Elevation of Privilege Vulnerability

...

7.1CVSS0.11896EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/05 8:1 p.m.83 views

CVE-2013-10069 D-Link Devices Unauthenticated RCE

The web interface of multiple D-Link routers, including DIR-600 rev B ≤2.14b01 and DIR-300 rev B ≤2.13, contains an unauthenticated OS command injection vulnerability in command.php, which improperly handles the cmd POST parameter. A remote attacker can exploit this flaw without authentication to...

10CVSS0.11859EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/07/08 9:32 p.m.83 views

CVE-2025-49533 Adobe Experience Manager (MS) | Deserialization of Untrusted Data (CWE-502)

Adobe Experience Manager MS versions 6.5.23.0 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could lead to arbitrary code execution by an attacker. Exploitation of this issue does not require user interaction. Scope is unchanged...

9.8CVSS0.44894EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/08 4:57 p.m.83 views

CVE-2025-47984 Windows GDI Information Disclosure Vulnerability

...

7.5CVSS0.14294EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/30 5:57 a.m.83 views

CVE-2025-41235 CVE-2025-41235: Spring Cloud Gateway Server Forwards Headers from Untrusted Proxies

Spring Cloud Gateway Server forwards the X-Forwarded-For and Forwarded headers from untrusted proxies...

8.6CVSS0.0029EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/10 12:0 a.m.83 views

CVE-2024-58136

Yii 2 before 2.0.52 mishandles the attaching of behavior that is defined by an class array key, a CVE-2024-4990 regression, as exploited in the wild in February through April 2025...

9CVSS0.84758EPSS
Exploits1References5
Cvelist
Cvelist
added 2024/11/19 4:31 p.m.83 views

CVE-2024-51831 WordPress Persian Nested Show/Hide Text plugin <= 1.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Aboutorab Pourhaghani Persian Nested Show/Hide Text persian-nested-showhide-text allows Stored XSS.This issue affects Persian Nested Show/Hide Text: from n/a through = 1.5...

6.5CVSS0.00374EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/13 5:29 p.m.83 views

CVE-2024-38199 Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability

...

9.8CVSS0.0223EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/19 10:21 a.m.83 views

CVE-2023-48760 WordPress JetElements For Elementor plugin <= 2.6.13 - Unauthenticated Broken Access Control vulnerability

Missing Authorization vulnerability in Crocoblock JetElements For Elementor.This issue affects JetElements For Elementor: from n/a through 2.6.13...

8.2CVSS0.00445EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/02 1:28 p.m.83 views

CVE-2024-34144

A sandbox bypass vulnerability involving crafted constructor bodies in Jenkins Script Security Plugin 1335.vf07d9ce377ae and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the contex...

7.4AI score0.48081EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/04/25 4:45 p.m.83 views

CVE-2024-2467 Perl-crypt-openssl-rsa: side-channel attack in pkcs#1 v1.5 padding mode (marvin attack)

A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA package, which could be sufficient to recover plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of trial messages. The...

5.9CVSS5.6AI score0.00516EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/04/03 5:18 p.m.83 views

CVE-2024-2653 CVE-2024-2653

amphp/http will collect CONTINUATION frames in an unbounded buffer and will not check a limit until it has received the set ENDHEADERS flag, resulting in an OOM crash...

7.8AI score0.83244EPSS
Exploits1References3
Cvelist
Cvelist
added 2022/06/08 10:0 a.m.83 views

CVE-2022-28330 read beyond bounds in mod_isapi

Apache HTTP Server 2.4.53 and earlier on Windows may read beyond bounds when configured to process requests with the modisapi module...

7.3AI score0.03398EPSS
Exploits0References3
Cvelist
Cvelist
added 2021/04/09 5:50 p.m.83 views

CVE-2021-20022

SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to upload an arbitrary file to the remote host...

8.5AI score0.16509EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/04/07 6:20 p.m.83 views

CVE-2021-21425 Unauthenticated Arbitrary YAML Write/Update leads to Code Execution

Grav Admin Plugin is an HTML user interface that provides a way to configure Grav and create and modify pages. In versions 1.10.7 and earlier, an unauthenticated user can execute some methods of administrator controller without needing any credentials. Particular method execution will result in...

9.3CVSS9.7AI score0.806EPSS
Exploits12References4
Cvelist
Cvelist
added 2017/07/27 9:0 p.m.83 views

CVE-2016-2161

In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to modauthdigest can cause the server to crash, and each instance continues to crash even for subsequently valid requests...

7.5AI score0.20952EPSS
Exploits0References27
Cvelist
Cvelist
added 2017/07/13 4:0 p.m.83 views

CVE-2017-9788

In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in Proxy-Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by modauthdigest. Providing an initial key with no '=' assignment could reflect the stale...

8.4AI score0.5677EPSS
Exploits0References46
Cvelist
Cvelist
added 2026/06/05 10:36 a.m.82 views

CVE-2026-50260 Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: use-after-free in freecounter()

A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounter. A client that sets up multiple SyncCounters and awaits on those triggers can trigger a use-after-free when destroying those counters via a second client connection. This may be used to crash the server, or for...

7.8CVSS0.00154EPSS
Exploits0References25
Total number of security vulnerabilities5000