Lucene search
+L
CvelistMost viewed

366850 matches found

Cvelist
Cvelist
•added 2025/07/18 4:34 p.m.•79 views

CVE-2025-7783 Usage of unsafe random function in form-data for choosing boundary

Use of Insufficiently Random Values vulnerability in form-data allows HTTP Parameter Pollution HPP. This vulnerability is associated with program files lib/formdata.Js. This issue affects form-data: 2.5.4, 3.0.0 - 3.0.3, 4.0.0 - 4.0.3...

9.4CVSS0.01735EPSS
Exploits1References2
Cvelist
Cvelist
•added 2025/04/25 12:18 a.m.•79 views

CVE-2025-43864 React Router allows a DoS via cache poisoning by forcing SPA mode

React Router is a router for React. Starting in version 7.2.0 and prior to version 7.5.2, it is possible to force an application to switch to SPA mode by adding a header to the request. If the application uses SSR and is forced to switch to SPA, this causes an error that completely corrupts the...

7.5CVSS0.25329EPSS
Exploits0References3
Cvelist
Cvelist
•added 2025/04/11 4:21 a.m.•79 views

CVE-2025-2636 InstaWP Connect <= 0.1.0.85 - Unauthenticated Local PHP File Inclusion

The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 0.1.0.85 via the 'instawp-database-manager' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files ...

8.1CVSS0.10241EPSS
Exploits0References3
Cvelist
Cvelist
•added 2025/02/22 3:21 a.m.•79 views

CVE-2024-13899 Mambo Importer <= 1.0 - Authenticated (Administrator+) PHP Object Injection

The Mambo Importer plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0 via deserialization of untrusted input via the $data parameter in the fImportMenu function. This makes it possible for authenticated attackers, with Administrator-level access a...

7.2CVSS0.0062EPSS
Exploits0References2
Cvelist
Cvelist
•added 2025/02/07 10:12 a.m.•79 views

CVE-2025-25163 WordPress Plugin A/B Image Optimizer Plugin <= 3.3 - Arbitrary File Download vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Zach Swetz Plugin A/B Image Optimizer images-optimizer allows Path Traversal.This issue affects Plugin A/B Image Optimizer: from n/a through = 3.3...

7.5CVSS0.01966EPSS
Exploits4References1
Cvelist
Cvelist
•added 2024/12/10 5:49 p.m.•79 views

CVE-2024-49138 Windows Common Log File System Driver Elevation of Privilege Vulnerability

...

7.8CVSS0.25414EPSS
Exploits4References1
Cvelist
Cvelist
•added 2024/12/10 5:49 p.m.•79 views

CVE-2024-49097 Windows PrintWorkflowUserSvc Elevation of Privilege Vulnerability

...

7CVSS0.00438EPSS
Exploits0References1
Cvelist
Cvelist
•added 2024/11/04 10:31 p.m.•79 views

CVE-2024-10805 code-projects University Event Management System doedit.php sql injection

A vulnerability was found in code-projects University Event Management System 1.0. It has been classified as critical. This affects an unknown part of the file doedit.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has...

6.5CVSS0.00518EPSS
Exploits1References5
Cvelist
Cvelist
•added 2024/05/01 2:54 p.m.•79 views

CVE-2024-33511

There is a buffer overflow vulnerability in the underlying Automatic Reporting service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's access point management protocol UDP port 8211. Successful exploitation of this...

9.8CVSS10AI score0.14559EPSS
Exploits0References1
Cvelist
Cvelist
•added 2024/03/27 11:26 a.m.•79 views

CVE-2024-30180 WordPress Easy Social Feed plugin <= 6.5.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Easy Social Feed allows Stored XSS.This issue affects Easy Social Feed: from n/a through 6.5.3...

6.5CVSS6.6AI score0.00339EPSS
Exploits0References1
Cvelist
Cvelist
•added 2024/03/12 4:57 p.m.•79 views

CVE-2024-26203 Azure Data Studio Elevation of Privilege Vulnerability

...

7.3CVSS7.6AI score0.00943EPSS
Exploits0References1
Cvelist
Cvelist
•added 2024/02/02 12:0 a.m.•79 views

CVE-2023-46344

A vulnerability in Solar-Log Base 15 Firmware 6.0.1 Build 161, and possibly other Solar-Log Base products, allows an attacker to escalate their privileges by exploiting a stored cross-site scripting XSS vulnerability in the switch group function under /ilang=DE&b=csmartenergyswgroups in the web...

5.9AI score0.00446EPSS
Exploits4References2
Cvelist
Cvelist
•added 2023/06/30 10:58 p.m.•79 views

CVE-2023-36812 Remote Code Execution in OpenTSDB

OpenTSDB is a open source, distributed, scalable Time Series Database TSDB. OpenTSDB is vulnerable to Remote Code Execution vulnerability by writing user-controlled input to Gnuplot configuration file and running Gnuplot with the generated configuration. This issue has been patched in commit...

9.8CVSS9.9AI score0.16501EPSS
Exploits4References4
Cvelist
Cvelist
•added 2022/08/29 2:3 p.m.•79 views

CVE-2022-0851

There is a flaw in convert2rhel. When the --activationkey option is used with convert2rhel, the activation key is subsequently passed to subscription-manager via the command line, which could allow unauthorized users locally on the machine to view the activation key via the process command line v...

5.7AI score0.00303EPSS
Exploits1References2
Cvelist
Cvelist
•added 2021/05/13 10:51 p.m.•79 views

CVE-2021-33026

The Flask-Caching extension through 1.10.1 for Flask relies on Pickle for serialization, which may lead to remote code execution or local privilege escalation. If an attacker gains access to cache storage e.g., filesystem, Memcached, Redis, etc., they can construct a crafted payload, poison the...

9.9AI score0.07288EPSS
Exploits3References2
Cvelist
Cvelist
•added 2021/04/28 1:58 p.m.•79 views

CVE-2020-21991

AVE DOMINAplus =1.10.x suffers from an authentication bypass vulnerability due to missing control check when directly calling the autologin GET parameter in changeparams.php script. Setting the autologin value to 1 allows an unauthenticated attacker to permanently disable the authentication...

9.8AI score0.02914EPSS
Exploits2References2
Cvelist
Cvelist
•added 2019/04/09 5:37 p.m.•79 views

CVE-2019-8990 TIBCO ActiveMatrix BusinessWorks Fails To Properly Enforce Authentication

The HTTP Connector component of TIBCO Software Inc.'s TIBCO ActiveMatrix BusinessWorks contains a vulnerability that theoretically allows unauthenticated HTTP requests to be processed by the BusinessWorks engine even when authentication is required. This possibility is restricted to circumstances...

9.1CVSS8.3AI score0.02889EPSS
Exploits0References3
Cvelist
Cvelist
•added 2017/10/26 12:0 a.m.•79 views

CVE-2017-15906

The processopen function in sftp-server.c in OpenSSH before 7.6 does not properly prevent write operations in readonly mode, which allows attackers to create zero-length files...

5.5AI score0.03359EPSS
Exploits0References9
Cvelist
Cvelist
•added 2017/06/20 1:0 a.m.•79 views

CVE-2017-3167

In Apache httpd 2.2.x before 2.2.33 and 2.4.x before 2.4.26, use of the apgetbasicauthpw by third-party modules outside of the authentication phase may lead to authentication requirements being bypassed...

9.8AI score0.20231EPSS
Exploits0References38
Cvelist
Cvelist
•added 2026/06/29 8:6 a.m.•78 views

CVE-2026-13595 Util-linux: util-linux: heap use-after-free in libblkid nested partition probing

A flaw was found in the libblkid library of util-linux. During nested partition probing, the BSD, Minix, Solaris x86, and UnixWare partition probers cache a raw pointer to a parent partition entry in a dynamically allocated array. When subsequent partition additions cause the array to be...

6.8CVSS0.00112EPSS
Exploits0References4
Cvelist
Cvelist
•added 2026/06/23 3:36 a.m.•78 views

CVE-2026-55655 Openssh: local mitm of x11 forwarding via abstract unix socket pre-binding in red hat enterprise linux openssh client versions

A flaw was found in OpenSSH. A local unprivileged attacker on a Linux client host can hijack client-side X11 forwarding connections. This is possible by pre-binding the preferred abstract X socket name when X11 forwarding is enabled and a local UNIX-domain X socket is used. A successful attack ca...

5CVSS0.0009EPSS
Exploits0References3
Cvelist
Cvelist
•added 2026/06/05 10:31 a.m.•78 views

CVE-2026-50256 Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libxfont2 name length mismatch

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer overflow during font alias resolution. The server allocates a 256 byte stack buffer but libXfont2's alias...

7.8CVSS0.00157EPSS
Exploits0References25
Cvelist
Cvelist
•added 2026/05/15 4:41 p.m.•78 views

CVE-2026-45035 Tabby: RCE via `tabby://run` URL Scheme

Tabby formerly Terminus is a highly configurable terminal emulator. Prior to 1.0.233, Tabby registers itself as the handler for the tabby:// URL scheme on all platforms. The URL scheme handler supports a run command that directly executes OS commands with no user confirmation, sanitization, or...

9.4CVSS0.0038EPSS
Exploits1References1
Cvelist
Cvelist
•added 2026/05/14 1:0 p.m.•78 views

CVE-2026-6477 PostgreSQL libpq lo_* functions let server superuser overwrite client stack memory

Use of inherently dangerous function PQfn..., resultisint=0, ... in PostgreSQL libpq loexport, loread, lolseek64, and lotell64 functions allows the server superuser to overwrite a client stack buffer with an arbitrarily-large response. Like gets, PQfn..., resultisint=0, ... stores arbitrary-lengt...

8.8CVSS0.00464EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/05/13 8:14 p.m.•78 views

CVE-2026-8328 FTP PASV SSRF, ftpcp() does not use actual peer address, trusts server-supplied PASV host address

The ftpcp function in Lib/ftplib.py was not updated when CVE-2021-4189 was fixed. While makepasv was patched to replace server-supplied PASV host addresses with the actual peer address getpeername0, ftpcp still calls parse227 directly and passes the raw attacker-controllable IP address and port t...

5.9CVSS0.00476EPSS
Exploits0References10
Cvelist
Cvelist
•added 2026/05/13 3:8 p.m.•78 views

CVE-2026-43488 usb: xhci: Prevent interrupt storm on host controller error (HCE)

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Prevent interrupt storm on host controller error HCE The xHCI controller reports a Host Controller Error HCE in UAS Storage Device plug/unplug scenarios on Android devices. HCE is checked in xhciirq function and causes...

0.00114EPSS
Exploits0References5
Cvelist
Cvelist
•added 2026/05/13 8:29 a.m.•78 views

CVE-2026-7168 cross-proxy Digest auth state leak

Successfully using libcurl to do a transfer over a specific HTTP proxy proxyA with Digest authentication and then changing the proxy host to a second one proxyB for a second transfer, reusing the same handle, makes libcurl wrongly pass on the Proxy-Authorization: header field meant for proxyA, to...

0.00471EPSS
Exploits1References3
Cvelist
Cvelist
•added 2026/05/13 5:15 a.m.•78 views

CVE-2026-32661

Stack-based buffer overflow vulnerability exists in GUARDIANWALL MailSuite and GUARDIANWALL Mail Security Cloud SaaS version. If a remote attacker sends a specially crafted request to the product's web service, arbitrary code may be executed when the product is configured to run pop3wallpasswd wi...

9.8CVSS0.00472EPSS
Exploits0References2
Cvelist
Cvelist
•added 2026/05/12 4:59 p.m.•78 views

CVE-2026-40402 Windows Hyper-V Elevation of Privilege Vulnerability

...

9.3CVSS0.00332EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/05/04 4:19 p.m.•78 views

CVE-2026-42812 Apache Polaris: No protection on `write.metadata.path`

In Apache Iceberg, the table's metadata files are control files: they tell readers which data files belong to the table and which table version to read. write.metadata.path is an optional table property that tells Polaris where to write those metadata files. For a table already registered in a...

9.9CVSS0.00364EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/05/04 3:57 p.m.•78 views

CVE-2026-42373 D-Link DIR-605L B2 Hardcoded Telnet Backdoor Credentials

D-Link DIR-605L Hardware Revision B2 End-of-Life, EOL contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn76dlwbrdir605L" read from /etc/alphaconfig/imagesign. The custom telnetd binary...

9.8CVSS0.00472EPSS
Exploits1References1
Cvelist
Cvelist
•added 2025/08/08 4:32 p.m.•78 views

CVE-2025-8732 libxml2 xmlcatalog xmlParseSGMLCatalog recursion

A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads to uncontrolled recursion. Attacking locally is a requirement. The exploit has been disclosed to...

4.8CVSS0.00202EPSS
Exploits1References6
Cvelist
Cvelist
•added 2025/05/13 4:58 p.m.•78 views

CVE-2025-32701 Windows Common Log File System Driver Elevation of Privilege Vulnerability

...

7.8CVSS0.01291EPSS
Exploits0References1
Cvelist
Cvelist
•added 2025/04/22 4:32 p.m.•78 views

CVE-2025-34028 Commvault Command Center Innovation Release <= 11.38.25 Unathenticated Install Package Path Traversal

The Commvault Command Center Innovation Release allows an unauthenticated actor to upload ZIP files that represent install packages that, when expanded by the target server, are vulnerable to path traversal vulnerability that can result in Remote Code Execution via malicious JSP. This issue affec...

9.3CVSS0.97292EPSS
Exploits5References4
Cvelist
Cvelist
•added 2025/01/29 9:40 p.m.•78 views

CVE-2024-12705 DNS-over-HTTPS implementation suffers from multiple issues under heavy query load

Clients using DNS-over-HTTPS DoH can exhaust a DNS resolver's CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traffic. This issue affects BIND 9 versions 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, and 9.18.11-S1 through 9.18.32-S1...

7.5CVSS0.17935EPSS
Exploits0References1
Cvelist
Cvelist
•added 2024/12/12 7:20 p.m.•79 views

CVE-2024-55878 Cross-site Scripting vulnerability in SimpleXLSXEx::readXfs and SimpeXLSX::toHTMLEx

SimpleXLSX is software for parsing and retrieving data from Excel XLSx files. Starting in version 1.0.12 and prior to version 1.1.12, when calling the extended toHTMLEx method, it is possible to execute arbitrary JavaScript code. Version 1.1.12 fixes the issue. As a workaround, don't use direct...

6.8CVSS0.00452EPSS
Exploits0References2
Cvelist
Cvelist
•added 2024/12/05 12:54 p.m.•78 views

CVE-2024-51549 Absolute Path Traversal

Absolute File Traversal vulnerabilities allows access and modification of un-intended resources. Affected products: ABB ASPECT - Enterprise v3.08.02; NEXUS Series v3.08.02; MATRIX Series v3.08.02...

10CVSS0.00543EPSS
Exploits0References1
Cvelist
Cvelist
•added 2024/10/23 5:0 p.m.•78 views

CVE-2024-10296 PHPGurukul Medical Card Generation System Report of Medical Card Page card-bwdates-reports-details.php sql injection

A vulnerability was found in PHPGurukul Medical Card Generation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/card-bwdates-reports-details.php of the component Report of Medical Card Page. The manipulation of the argume...

5.8CVSS0.00403EPSS
Exploits0References4
Cvelist
Cvelist
•added 2024/08/26 10:11 a.m.•78 views

CVE-2024-43911 wifi: mac80211: fix NULL dereference at band check in starting tx ba session

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL dereference at band check in starting tx ba session In MLD connection, linkdata/linkconf are dynamically allocated. They don't point to vif-bssconf. So, there will be no chanreq assigned to vif-bssconf an...

0.00225EPSS
Exploits0References2
Cvelist
Cvelist
•added 2024/06/17 7:25 p.m.•78 views

CVE-2024-37902 Path thraversal in DeepJavaLibrary

DeepJavaLibraryDJL is an Engine-Agnostic Deep Learning Framework in Java. DJL versions 0.1.0 through 0.27.0 do not prevent absolute path archived artifacts from inserting archived files directly into the system, overwriting system files. This is fixed in DJL 0.28.0 and patched in DJL Large Model...

10CVSS0.00655EPSS
Exploits0References2
Cvelist
Cvelist
•added 2024/05/01 2:43 p.m.•78 views

CVE-2024-26304

There is a buffer overflow vulnerability in the underlying L2/L3 Management service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's access point management protocol UDP port 8211. Successful exploitation of this...

9.8CVSS10AI score0.43998EPSS
Exploits0References1
Cvelist
Cvelist
•added 2024/04/25 11:2 a.m.•78 views

CVE-2024-2829 Inefficient Regular Expression Complexity in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.5 before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1. A crafted wildcard filter in FileFinder may lead to a denial of service...

7.5CVSS7.4AI score0.25965EPSS
Exploits0References2
Cvelist
Cvelist
•added 2024/04/18 2:43 p.m.•78 views

CVE-2024-29021 SSRF into Sandbox Escape through Unsafe Default Configuration

Judge0 is an open-source online code execution system. The default configuration of Judge0 leaves the service vulnerable to a sandbox escape via Server Side Request Forgery SSRF. This allows an attacker with sufficient access to the Judge0 API to obtain unsandboxed code execution as root on the...

9CVSS9.3AI score0.20179EPSS
Exploits0References2
Cvelist
Cvelist
•added 2024/02/14 4:30 p.m.•78 views

CVE-2024-24990 NGINX HTTP/3 QUIC vulnerability

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed requests can cause NGINX worker processes to terminate. Note: The HTTP/3 QUIC module is not enabled by default and is considered experimental. For more information, refer to Support for QUIC and HTTP/3...

7.5CVSS7.6AI score0.00914EPSS
Exploits0References2
Cvelist
Cvelist
•added 2024/02/13 2:4 p.m.•78 views

CVE-2023-4408 Parsing large DNS messages may cause excessive CPU load

The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected named instance by exploiting this flaw. This issue affects bot...

7.5CVSS7.9AI score0.01327EPSS
Exploits0References7
Cvelist
Cvelist
•added 2023/05/02 5:8 a.m.•78 views

CVE-2023-21666 Improper Release of Memory Before Removing Last Reference (`Memory Leak`) in Graphics

Memory Corruption in Graphics while accessing a buffer allocated through the graphics pool...

8.4CVSS8.7AI score0.0018EPSS
Exploits2References2
Cvelist
Cvelist
•added 2023/04/24 12:0 a.m.•78 views

CVE-2023-31045

A stored Cross-site scripting XSS issue in Text Editors and Formats in Backdrop CMS before 1.24.2 allows remote attackers to inject arbitrary web script or HTML via the name parameter. When a user is editing any content type e.g., page, post, or card as an admin, the stored XSS payload is execute...

5.1AI score0.00536EPSS
Exploits1References2
Cvelist
Cvelist
•added 2022/05/20 10:25 p.m.•78 views

CVE-2022-29205 Segfault due to missing support for quantized types in TensorFlow

TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, there is a potential for segfault / denial of service in TensorFlow by calling tf.compat.v1. ops which don't yet have support for quantized types, which was added after migration to...

5.5CVSS5.8AI score0.00317EPSS
Exploits1References8
Cvelist
Cvelist
•added 2022/03/23 12:0 a.m.•78 views

CVE-2021-3618

ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates, such as multi-domain or wildcard certificates. A MiTM attacker having access to victim's traffic at the TCP/IP layer can redirect traffic fr...

7.8AI score0.02037EPSS
Exploits0References3
Cvelist
Cvelist
•added 2022/02/04 10:32 p.m.•78 views

CVE-2022-23585 Memory leak in decoding PNG images in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. When decoding PNG images TensorFlow can produce a memory leak if the image is invalid. After calling png::CommonInitDecode..., &decode, the decode value contains allocated buffers which can only be freed by calling...

4.3CVSS6.7AI score0.00992EPSS
Exploits1References3
Total number of security vulnerabilities5000