Lucene search
+L
CvelistMost viewed

366824 matches found

cvelist
cvelist
added 2024/07/16 11:0 a.m.84 views

CVE-2024-6457 HUSKY - Products Filter Professional for WooCommerce <= 1.3.6 - Unauthenticated Time-Based SQL Injection

The HUSKY – Products Filter Professional for WooCommerce plugin for WordPress is vulnerable to time-based SQL Injection via the ‘woofauthor’ parameter in all versions up to, and including, 1.3.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...

9.8CVSS0.19725EPSS
Exploits0References3
cvelist
cvelist
added 2024/07/10 12:0 a.m.84 views

CVE-2024-39614

An issue was discovered in Django 5.0 before 5.0.7 and 4.2 before 4.2.14. getsupportedlanguagevariant was subject to a potential denial-of-service attack when used with very long strings containing specific characters...

0.28637EPSS
Exploits0References3
cvelist
cvelist
added 2024/07/04 12:0 a.m.84 views

CVE-2024-39930

The built-in SSH server of Gogs through 0.13.0 allows argument injection in internal/ssh/ssh.go, leading to remote code execution. Authenticated attackers can exploit this by opening an SSH connection and sending a malicious --split-string env request if the built-in SSH server is activated...

9.9CVSS0.07258EPSS
Exploits3References3
cvelist
cvelist
added 2024/06/19 10:21 a.m.84 views

CVE-2023-48760 WordPress JetElements For Elementor plugin <= 2.6.13 - Unauthenticated Broken Access Control vulnerability

Missing Authorization vulnerability in Crocoblock JetElements For Elementor.This issue affects JetElements For Elementor: from n/a through 2.6.13...

8.2CVSS0.00445EPSS
Exploits0References1
cvelist
cvelist
added 2024/06/19 12:0 a.m.84 views

CVE-2024-36680

In the module "Facebook" pkfacebook =1.0.1 from Promokit.eu for PrestaShop, a guest can perform SQL injection. The ajax script facebookConnect.php have a sensitive SQL call that can be executed with a trivial http call and exploited to forge a SQL injection...

0.10087EPSS
Exploits0References1
cvelist
cvelist
added 2024/05/02 1:28 p.m.84 views

CVE-2024-34144

A sandbox bypass vulnerability involving crafted constructor bodies in Jenkins Script Security Plugin 1335.vf07d9ce377ae and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox protection and execute arbitrary code in the contex...

7.4AI score0.48081EPSS
Exploits0References2
cvelist
cvelist
added 2023/04/03 12:0 a.m.84 views

CVE-2022-38922

BluePage CMS thru 3.9 processes an insufficiently sanitized HTTP Header Cookie value allowing MySQL Injection in the 'users-cookie-settings' token using a Time-based blind SLEEP payload...

9.8AI score0.01081EPSS
Exploits2References3
cvelist
cvelist
added 2021/04/07 6:20 p.m.84 views

CVE-2021-21425 Unauthenticated Arbitrary YAML Write/Update leads to Code Execution

Grav Admin Plugin is an HTML user interface that provides a way to configure Grav and create and modify pages. In versions 1.10.7 and earlier, an unauthenticated user can execute some methods of administrator controller without needing any credentials. Particular method execution will result in...

9.3CVSS9.7AI score0.806EPSS
Exploits12References4
cvelist
cvelist
added 2018/01/18 11:0 p.m.84 views

CVE-2012-6708

jQuery before 1.9.0 is vulnerable to Cross-site Scripting XSS attacks. The jQuerystrInput function does not differentiate selectors from HTML in a reliable fashion. In vulnerable versions, jQuery determined whether the input was HTML by looking for the '' character anywhere in the string, giving...

6.1AI score0.08632EPSS
Exploits6References11
cvelist
cvelist
added 2017/09/18 3:0 p.m.84 views

CVE-2017-9798

Apache httpd allows remote attackers to read secret data from process memory if the Limit directive can be set in a user's .htaccess file, or if httpd.conf has certain misconfigurations, aka Optionsbleed. This affects the Apache HTTP Server through 2.2.34 and 2.4.x through 2.4.27. The attacker...

7.8AI score0.94999EPSS
Exploits9References55
cvelist
cvelist
added 2017/07/13 4:0 p.m.84 views

CVE-2017-9788

In Apache httpd before 2.2.34 and 2.4.x before 2.4.27, the value placeholder in Proxy-Authorization headers of type 'Digest' was not initialized or reset before or between successive key=value assignments by modauthdigest. Providing an initial key with no '=' assignment could reflect the stale...

8.4AI score0.5677EPSS
Exploits0References46
cvelist
cvelist
added 2009/11/10 7:0 p.m.84 views

CVE-2009-2823

The Apache HTTP Server in Apple Mac OS X before 10.6.2 enables the HTTP TRACE method, which allows remote attackers to conduct cross-site scripting XSS attacks via unspecified web client software...

6.5AI score0.01684EPSS
Exploits1References5
cvelist
cvelist
added 2026/05/30 1:50 a.m.83 views

CVE-2026-48840

Exim 4.88 before 4.99.4, in some proxy configurations, mishandles certain short payloads, leading to disclosure of uninitialized stack memory values to a client...

5.3CVSS0.00264EPSS
Exploits0References2
cvelist
cvelist
added 2026/05/27 7:16 p.m.83 views

CVE-2026-44886 Pi.Alert: Web Interface Vulnerable to Unauthenticated Blind SQL Injection

Pi.Alert is a WIFI / LAN intruder detector with web service monitoring. From 2024-06-29 to before 2026-05-07, the web application endpoint is vulnerable to SQL injection. The /pialert/php/server/devices.php route accepts requests from unauthenticated users when the action URL parameter is set to...

8.7CVSS0.00248EPSS
Exploits0References1
cvelist
cvelist
added 2026/05/26 2:15 p.m.83 views

CVE-2026-45247 Mirasvit Cache Warmer for Magento < 1.11.12 PHP Object Injection

Mirasvit Full Page Cache Warmer for Magento 2 before version 1.11.12 contains a PHP object injection vulnerability that allows unauthenticated attackers to achieve remote code execution by supplying a crafted serialized PHP object in the CacheWarmer cookie. Attackers can exploit the unrestricted...

9.8CVSS0.27546EPSS
Exploits1References3
cvelist
cvelist
added 2026/05/22 2:31 a.m.83 views

CVE-2026-39831 Invoking bypass of FIDO/U2F security keys physical interaction in golang.org/x/crypto/ssh

The Verify method for FIDO/U2F security key types [email protected], [email protected] did not check the User Presence flag. Signatures generated without physical touch were accepted, allowing unattended use of a hardware security key. To restore the previous behavior,...

0.00373EPSS
Exploits0References4
cvelist
cvelist
added 2026/05/22 2:31 a.m.83 views

CVE-2026-39833 Invoking key constraints not enforced in golang.org/x/crypto/ssh/agent

The in-memory keyring returned by NewKeyring silently accepted keys with the ConfirmBeforeUse constraint but never enforced it. The key would sign without any confirmation prompt, with no indication to the caller that the constraint was not in effect. NewKeyring now returns an error when...

0.0036EPSS
Exploits0References5
cvelist
cvelist
added 2026/05/12 2:20 a.m.83 views

CVE-2026-34260 SQL injection vulnerability in SAP S/4HANA (SAP Enterprise Search for ABAP)

SAP S/4HANA SAP Enterprise Search for ABAP contains a SQL injection vulnerability that allows an authenticated attacker to inject malicious SQL statements through user-controlled input. The application directly concatenates this malicious user input into SQL queries, which are then passed to the...

9.6CVSS0.00466EPSS
Exploits0References2
cvelist
cvelist
added 2026/05/10 1:0 a.m.83 views

CVE-2026-8216 Industrial Application Software IAS Canias ERP Java RMI Session Management iasServerRemoteInterface.doAction improper authentication

A vulnerability was identified in Industrial Application Software IAS Canias ERP 8.03. This issue affects the function iasServerRemoteInterface.doAction of the component Java RMI Session Management. Such manipulation leads to improper authentication. The attack can be launched remotely. The vendo...

7.5CVSS0.00391EPSS
Exploits0References4
cvelist
cvelist
added 2026/05/02 11:16 a.m.84 views

CVE-2026-6320 Salon Booking System – Free Version <= 10.30.25 - Unauthenticated Arbitrary File Read via Booking File Field Path Traversal

The Salon Booking System – Free Version plugin for WordPress is vulnerable to Arbitrary File Read in versions up to, and including, 10.30.25. This is due to the public booking flow accepting attacker-controlled file-field values and later using those stored values as trusted paths for email...

7.5CVSS0.00373EPSS
Exploits0References2
cvelist
cvelist
added 2026/05/01 2:15 p.m.83 views

CVE-2026-43042 mpls: add seqcount to protect the platform_label{,s} pair

In the Linux kernel, the following vulnerability has been resolved: mpls: add seqcount to protect the platformlabel,s pair The RCU-protected codepaths mplsforward, mplsdumproutes can have an inconsistent view of platformlabels vs platformlabel in case of a concurrent resize...

7.1CVSS0.0011EPSS
Exploits0References2
cvelist
cvelist
added 2026/04/20 8:29 p.m.83 views

CVE-2026-33626 LMDeploy Vulnerable to Server-Side Request Forgery (SSRF) via Vision-Language Image Loading

LMDeploy is a toolkit for compressing, deploying, and serving large language models. Versions prior to 0.12.3 have a Server-Side Request Forgery SSRF vulnerability in LMDeploy's vision-language module. The loadimage function in lmdeploy/vl/utils.py fetches arbitrary URLs without validating...

7.5CVSS0.4525EPSS
Exploits2References4
cvelist
cvelist
added 2026/03/12 9:30 p.m.83 views

CVE-2026-3910

Inappropriate implementation in V8 in Google Chrome prior to 146.0.7680.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

0.02EPSS
Exploits0References2
cvelist
cvelist
added 2025/05/30 5:57 a.m.83 views

CVE-2025-41235 CVE-2025-41235: Spring Cloud Gateway Server Forwards Headers from Untrusted Proxies

Spring Cloud Gateway Server forwards the X-Forwarded-For and Forwarded headers from untrusted proxies...

8.6CVSS0.0029EPSS
Exploits0References1
cvelist
cvelist
added 2025/04/10 12:0 a.m.83 views

CVE-2024-58136

Yii 2 before 2.0.52 mishandles the attaching of behavior that is defined by an class array key, a CVE-2024-4990 regression, as exploited in the wild in February through April 2025...

9CVSS0.84758EPSS
Exploits1References5
cvelist
cvelist
added 2024/08/13 5:29 p.m.83 views

CVE-2024-38199 Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability

...

9.8CVSS0.0223EPSS
Exploits0References1
cvelist
cvelist
added 2024/07/04 1:21 p.m.83 views

CVE-2024-22277

VMware Cloud Director Availability contains an HTML injection vulnerability. A malicious actor with network access to VMware Cloud Director Availability can craft malicious HTML tags to execute within replication tasks...

6.4CVSS0.00325EPSS
Exploits0References1
cvelist
cvelist
added 2024/07/01 3:58 p.m.83 views

CVE-2024-36421 GHSL-2023-234: Flowise Cors Misconfiguration in packages/server/src/index.ts

Flowise is a drag & drop user interface to build a customized large language model flow. In version 1.4.3 of Flowise, A CORS misconfiguration sets the Access-Control-Allow-Origin header to all, allowing arbitrary origins to connect to the website. In the default configuration unauthenticated,...

7.5CVSS0.0596EPSS
Exploits1References2
cvelist
cvelist
added 2024/04/25 4:45 p.m.83 views

CVE-2024-2467 Perl-crypt-openssl-rsa: side-channel attack in pkcs#1 v1.5 padding mode (marvin attack)

A timing-based side-channel flaw exists in the perl-Crypt-OpenSSL-RSA package, which could be sufficient to recover plaintext across a network in a Bleichenbacher-style attack. To achieve successful decryption, an attacker would have to be able to send a large number of trial messages. The...

5.9CVSS5.6AI score0.00516EPSS
Exploits0References4
cvelist
cvelist
added 2024/03/04 12:15 p.m.83 views

CVE-2023-6241 Mali GPU Kernel Driver allows improper GPU memory processing operations

Use After Free vulnerability in Arm Ltd Midgard GPU Kernel Driver, Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to exploit a software race condition to perform improper memory processing...

6.5AI score0.00721EPSS
Exploits2References1
cvelist
cvelist
added 2023/12/07 11:5 a.m.83 views

CVE-2022-45362 WordPress Paytm Payment Gateway Plugin <= 2.7.0 is vulnerable to Server Side Request Forgery (SSRF)

Server-Side Request Forgery SSRF vulnerability in Paytm Paytm Payment Gateway.This issue affects Paytm Payment Gateway: from n/a through 2.7.0...

7.2CVSS7.2AI score0.40506EPSS
Exploits0References1
cvelist
cvelist
added 2023/11/01 9:2 a.m.83 views

CVE-2023-1714 Bitrix24 Remote Command Execution (RCE) via Unsafe Variable Extraction

Unsafe variable extraction in bitrix/modules/main/classes/general/useroptions.php in Bitrix24 22.0.300 allows remote authenticated attackers to execute arbitrary code via 1 appending arbitrary content to existing PHP files or 2 PHAR deserialization...

8.8CVSS9AI score0.01399EPSS
Exploits1References1
cvelist
cvelist
added 2021/04/29 3:3 a.m.83 views

CVE-2021-31879

GNU Wget through 1.21.1 does not omit the Authorization header upon a redirect to a different origin, a related issue to CVE-2018-1000007...

8AI score0.01104EPSS
Exploits0References2
cvelist
cvelist
added 2021/04/09 5:50 p.m.83 views

CVE-2021-20022

SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to upload an arbitrary file to the remote host...

8.5AI score0.16509EPSS
Exploits0References1
cvelist
cvelist
added 2017/07/27 9:0 p.m.83 views

CVE-2016-2161

In Apache HTTP Server versions 2.4.0 to 2.4.23, malicious input to modauthdigest can cause the server to crash, and each instance continues to crash even for subsequently valid requests...

7.5AI score0.20952EPSS
Exploits0References27
cvelist
cvelist
added 2026/07/03 6:16 a.m.82 views

CVE-2026-8932 incomplete mTLS config matching in conn reuse

libcurl would reuse a previously created connection even when some mTLS config related option had been changed that should have prohibited reuse. libcurl keeps previously used connections in a connection pool for subsequent transfers to reuse if one of them matches the setup. However, some TLS...

0.00368EPSS
Exploits1References3
cvelist
cvelist
added 2026/06/23 4:4 p.m.82 views

CVE-2026-11940 tarfile extraction filter bypass allows escaping the destination directory

tarfile.extractall with the 'data' or 'tar' filter could be bypassed by a crafted archive where a hardlink references a symlink stored at a deeper name than the hardlink itself. The extraction fallback validated the symlink at it's archived location but recreated it at the hardlink's shallower...

7.8CVSS0.00613EPSS
Exploits0References8
cvelist
cvelist
added 2026/06/10 8:54 p.m.82 views

CVE-2026-0269 PAN-OS: Denial of Service (DoS) in Tunnel Traffic Processing

A memory corruption vulnerability in the processing of tunnel traffic in Palo Alto Networks PAN-OS® software allows an authenticated user to initiate system reboots using a maliciously crafted packet. Repeated attempts to initiate a reboot causes the firewall to enter maintenance mode. Panorama,...

6.9CVSS0.00224EPSS
Exploits0References1
cvelist
cvelist
added 2026/06/05 10:36 a.m.82 views

CVE-2026-50263 Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: use-after-free information disclosure in createsaverwindow()

A use-after-free flaw was found in the X.Org X server and Xwayland in CreateSaverWindow. A client can trigger a use-after-free read after changing window attributes and forcing the screen saver, leading to information disclosure...

5.5CVSS0.00141EPSS
Exploits0References25
cvelist
cvelist
added 2026/06/05 7:31 a.m.82 views

CVE-2026-48907 Joomla Extension - joomlacontenteditor.net - Remote Code Execution in JCE extension for Joomla < 2.9.99.5

A vulnerability in the JCE editor extension for Joomla allows the creation of new editor profiles for unauthenticated users, ultimately resulting in PHP code upload and execution...

10CVSS0.80425EPSS
Exploits19References1
cvelist
cvelist
added 2026/05/22 2:31 a.m.82 views

CVE-2026-46598 Invoking pathological inputs can lead to client panic in golang.org/x/crypto/ssh/agent

For certain crafted inputs, a 'ed25519.PrivateKey' was created by casting malformed wire bytes, leading to a panic when used...

0.00313EPSS
Exploits0References4
cvelist
cvelist
added 2026/05/20 9:28 a.m.82 views

CVE-2026-6728 Slider Revolution <= 7.0.9 - Unauthenticated Sensitive Information Exposure via 'sliders/stream'

The Slider Revolution plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 7.0.9 via the 'getstreamdata' function. This makes it possible for unauthenticated attackers to extract sensitive data including published password-protected post, page, an...

5.3CVSS0.00332EPSS
Exploits0References2
cvelist
cvelist
added 2026/05/09 2:41 a.m.83 views

CVE-2026-8207

Gibbon versions before v30.0.01 are affected by an authenticated SQL Injection vulnerability by abusing the Tracking/graphing https://github.com/GibbonEdu/core/blob/c431e25fdc874adece5d2dc7e408e9aa2d1abadb/modules/Tracking/graphing.phpL145 feature. Successful exploitation requires Teacher or high...

7CVSS0.00226EPSS
Exploits0References2
cvelist
cvelist
added 2026/04/29 11:35 a.m.82 views

CVE-2026-22745 CVE-2026-22745 : Denial of service in static resource handling on Windows platforms

Spring MVC and WebFlux applications are vulnerable to Denial of Service attacks when resolving static resources. More precisely, an application can be vulnerable when all the following are true: the application is using Spring MVC or Spring WebFlux the application is serving static resources from...

5.3CVSS0.00341EPSS
Exploits0References2
cvelist
cvelist
added 2025/05/10 5:0 a.m.82 views

CVE-2025-4496 TOTOLINK T10/A3100R/A950RG/A800R/N600R/A3000RU/A810R cstecgi.cgi CloudACMunualUpdate buffer overflow

A vulnerability was found in TOTOLINK T10, A3100R, A950RG, A800R, N600R, A3000RU and A810R 4.1.8cu.5241B20210927. It has been declared as critical. This vulnerability affects the function CloudACMunualUpdate of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument FileName leads to buff...

9CVSS0.00992EPSS
Exploits0References5
cvelist
cvelist
added 2025/04/25 3:4 p.m.82 views

CVE-2025-32432 Craft CMS Allows Remote Code Execution

Craft is a flexible, user-friendly CMS for creating custom digital experiences on the web and beyond. Starting from version 3.0.0-RC1 to before 3.9.15, 4.0.0-RC1 to before 4.14.15, and 5.0.0-RC1 to before 5.6.17, Craft is vulnerable to remote code execution. This is a high-impact, low-complexity...

10CVSS0.99829EPSS
Exploits14References5
cvelist
cvelist
added 2024/11/06 1:31 p.m.82 views

CVE-2024-10914 D-Link DNS-320/DNS-320LW/DNS-325/DNS-340L account_mgr.cgi cgi_user_add os command injection

A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. It has been declared as critical. Affected by this vulnerability is the function cgiuseradd of the file /cgi-bin/accountmgr.cgi?cmd=cgiuseradd. The manipulation of the argument name leads to os command...

9.2CVSS0.97432EPSS
Exploits11References5
cvelist
cvelist
added 2024/10/12 2:5 a.m.82 views

CVE-2024-9860 Bridge Core <= 3.3 - Missing Authorization to Authenticated (Subscriber+) Demo Import

The Bridge Core plugin for WordPress is vulnerable to unauthorized modification of data or loss of data due to a missing capability check on the 'importaction' and 'installpluginperdemo' functions in versions up to, and including, 3.3. This makes it possible for authenticated attackers with...

5.4CVSS0.00303EPSS
Exploits0References2
cvelist
cvelist
added 2024/05/30 3:29 p.m.82 views

CVE-2024-36927 ipv4: Fix uninit-value access in __ip_make_skb()

In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix uninit-value access in ipmakeskb KMSAN reported uninit-value access in ipmakeskb 1. ipmakeskb tests HDRINCL to know if the skb has icmphdr. However, HDRINCL can cause a race condition. If calling setsockopt2 with...

6.1AI score0.00166EPSS
Exploits0References6
cvelist
cvelist
added 2024/05/27 8:4 p.m.82 views

CVE-2024-29415

The ip package through 2.0.1 for Node.js might allow SSRF because some IP addresses such as 127.1, 01200034567, 012.1.2.3, 000:0:0000::01, and ::fFFf:127.0.0.1 are improperly categorized as globally routable via isPublic. NOTE: this issue exists because of an incomplete fix for CVE-2023-42282...

9.7AI score0.08279EPSS
Exploits0References3
Total number of security vulnerabilities5000