Lucene search
K
CvelistMost viewed

365247 matches found

Cvelist
Cvelist
added 2026/05/06 7:49 p.m.75 views

CVE-2026-44109 OpenClaw < 2026.4.15 - Authentication Bypass in Feishu Webhook and Card-Action Validation

OpenClaw before 2026.4.15 contains an authentication bypass vulnerability in Feishu webhook and card-action validation that allows unauthenticated requests to reach command dispatch. Missing encryptKey configuration and blank callback tokens fail open instead of rejecting requests, enabling...

9.8CVSS0.00718EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/05/02 11:16 a.m.75 views

CVE-2026-4062 Geo Mashup <= 1.13.18 - Unauthenticated Time-Based SQL Injection via 'object_ids' Parameter

The Geo Mashup plugin for WordPress is vulnerable to Time-Based SQL Injection via the 'objectids' and 'excludeobjectids' parameters in all versions up to, and including, 1.13.18. This is due to insufficient escaping on the user supplied parameters and lack of sufficient preparation on the existin...

7.5CVSS0.00328EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/03/19 1:53 p.m.75 views

CVE-2026-4426 Libarchive: libarchive: denial of service via malformed iso file processing

A flaw was found in libarchive. An Undefined Behavior vulnerability exists in the zisofs decompression logic, caused by improper validation of a field pzlog2bs read from ISO9660 Rock Ridge extensions. A remote attacker can exploit this by supplying a specially crafted ISO file. This can lead to...

6.5CVSS0.00305EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/10/13 9:8 p.m.75 views

CVE-2025-9713

Path traversal in Ivanti Endpoint Manager before version 2024 SU4 allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required...

8.8CVSS0.14805EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/09 3:11 p.m.75 views

CVE-2025-9872

Insufficient filename validation in Ivanti Endpoint Manager before 2024 SU3 SR1 and 2022 SU8 SR2 allows a remote unauthenticated attacker to achieve remote code execution. User interaction is required...

8.8CVSS0.13471EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/05 8:1 p.m.75 views

CVE-2013-10069 D-Link Devices Unauthenticated RCE

The web interface of multiple D-Link routers, including DIR-600 rev B ≤2.14b01 and DIR-300 rev B ≤2.13, contains an unauthenticated OS command injection vulnerability in command.php, which improperly handles the cmd POST parameter. A remote attacker can exploit this flaw without authentication to...

10CVSS0.11859EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/07/23 2:46 p.m.75 views

CVE-2025-40596

A Stack-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service DoS or potentially results in code execution...

0.56063EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/21 12:8 a.m.75 views

CVE-2025-6216 Allegra calculateTokenExpDate Password Recovery Authentication Bypass Vulnerability

Allegra calculateTokenExpDate Password Recovery Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of Allegra. Authentication is not required to exploit this vulnerability. The specific flaw exists within the password...

9.8CVSS0.3072EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/10 5:2 p.m.75 views

CVE-2025-33073 Windows SMB Client Elevation of Privilege Vulnerability

...

8.8CVSS0.64987EPSS
Exploits7References1
Cvelist
Cvelist
added 2025/06/06 6:44 p.m.75 views

CVE-2025-5473 GIMP ICO File Parsing Integer Overflow Remote Code Execution Vulnerability

GIMP ICO File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a...

7.8CVSS0.11066EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/01/29 9:40 p.m.75 views

CVE-2024-12705 DNS-over-HTTPS implementation suffers from multiple issues under heavy query load

Clients using DNS-over-HTTPS DoH can exhaust a DNS resolver's CPU and/or memory by flooding it with crafted valid or invalid HTTP/2 traffic. This issue affects BIND 9 versions 9.18.0 through 9.18.32, 9.20.0 through 9.20.4, 9.21.0 through 9.21.3, and 9.18.11-S1 through 9.18.32-S1...

7.5CVSS0.17935EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/19 2:23 p.m.75 views

CVE-2024-10524 GNU Wget is vulnerable to an SSRF attack when accessing partially-user-controlled shorthand URLs

Applications that use Wget to access a remote resource using shorthand URLs and pass arbitrary user credentials in the URL are vulnerable. In these cases attackers can enter crafted credentials which will cause Wget to access an arbitrary host...

6.5CVSS0.0111EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/11/14 3:29 p.m.75 views

CVE-2024-52505 matrix-appservice-irc allows IRC Command injection in provisioning API

matrix-appservice-irc is a Node.js IRC bridge for the Matrix messaging protocol. The provisioning API of the matrix-appservice-irc bridge up to version 3.0.2 contains a vulnerability which can lead to arbitrary IRC command execution as the bridge IRC bot. The vulnerability has been patched in...

5.4CVSS0.00374EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/08/20 7:54 p.m.75 views

CVE-2024-41659 GHSL-2024-034: memos CORS Misconfiguration in server.go

memos is a privacy-first, lightweight note-taking service. A CORS misconfiguration exists in memos 0.20.1 and earlier where an arbitrary origin is reflected with Access-Control-Allow-Credentials set to true. This may allow an attacking website to make a cross-origin request, allowing the attacker...

8.1CVSS0.00607EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/06/27 8:17 p.m.76 views

CVE-2024-2973 Session Smart Router(SSR): On redundant router deployments API authentication can be bypassed

An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router or conductor running with a redundant peer allows a network based attacker to bypass authentication and take full control of the device. Only routers or conductors that are running i...

10CVSS0.01088EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/06/18 7:1 p.m.75 views

CVE-2022-23829

A potential weakness in AMD SPI protection features may allow a malicious attacker with Ring0 kernel mode access to bypass the native System Management Mode SMM ROM protections...

8.2CVSS0.00196EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/09 7:42 p.m.75 views

CVE-2024-4577 Argument Injection in PHP-CGI

In PHP versions 8.1. before 8.1.29, 8.2. before 8.2.20, 8.3. before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may...

9.8CVSS0.99987EPSS
Exploits64References19
Cvelist
Cvelist
added 2024/05/07 8:31 a.m.75 views

CVE-2024-4346 Startklar Elementor Addons <= 1.7.13 - Unauthenticated Arbitrary File Deletion

The Startklar Elementor Addons plugin for WordPress is vulnerable to arbitrary file deletion in all versions up to, and including, 1.7.13. This is due to the plugin not properly validating the path of an uploaded file prior to deleting it. This makes it possible for unauthenticated attackers to...

9.1CVSS9.8AI score0.01522EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/05/01 2:43 p.m.75 views

CVE-2024-26304

There is a buffer overflow vulnerability in the underlying L2/L3 Management service that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's access point management protocol UDP port 8211. Successful exploitation of this...

9.8CVSS10AI score0.43998EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/02/13 2:4 p.m.75 views

CVE-2023-4408 Parsing large DNS messages may cause excessive CPU load

The DNS message parsing code in named includes a section whose computational complexity is overly high. It does not cause problems for typical DNS traffic, but crafted queries and responses may cause excessive CPU load on the affected named instance by exploiting this flaw. This issue affects bot...

7.5CVSS7.9AI score0.01327EPSS
Exploits0References7
Cvelist
Cvelist
added 2023/09/01 6:22 p.m.75 views

CVE-2023-41051 Default functions in VolatileMemory trait lack bounds checks in vm-memory

In a typical Virtual Machine Monitor VMM there are several components, such as boot loader, virtual device drivers, virtio backend drivers and vhost drivers, that need to access the VM physical memory. The vm-memory rust crate provides a set of traits to decouple VM memory consumers from VM memor...

2.5CVSS4.7AI score0.00237EPSS
Exploits0References6
Cvelist
Cvelist
added 2023/05/02 5:8 a.m.75 views

CVE-2023-21666 Improper Release of Memory Before Removing Last Reference (`Memory Leak`) in Graphics

Memory Corruption in Graphics while accessing a buffer allocated through the graphics pool...

8.4CVSS8.7AI score0.0018EPSS
Exploits2References2
Cvelist
Cvelist
added 2023/04/11 7:13 p.m.75 views

CVE-2023-21554 Microsoft Message Queuing (MSMQ) Remote Code Execution Vulnerability

...

9.8CVSS9.6AI score0.95454EPSS
Exploits7References1
Cvelist
Cvelist
added 2022/06/28 4:9 p.m.75 views

CVE-2022-0987

A flaw was found in PackageKit in the way some of the methods exposed by the Transaction interface examines files. This issue allows a local user to measure the time the methods take to execute and know whether a file owned by root or other users exists...

4.2AI score0.00263EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/05/25 8:55 p.m.75 views

CVE-2022-29251 Cross-site Scripting in the Flamingo theme manager

XWiki Platform Flamingo Theme UI is a tool that allows customization and preview of any Flamingo-based skin. Starting with versions 6.2.4 and 6.3-rc-1, a possible cross-site scripting vector is present in the FlamingoThemesCode.WebHomeSheet wiki page related to the "newThemeName" form field. The...

7.4CVSS7.2AI score0.01263EPSS
Exploits0References3
Cvelist
Cvelist
added 2022/03/03 12:0 a.m.75 views

CVE-2022-0492

A vulnerability was found in the Linux kernel’s cgroupreleaseagentwrite in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 releaseagent feature to escalate privileges and bypass the namespace isolation unexpectedly...

8.1AI score0.05528EPSS
Exploits12References10
Cvelist
Cvelist
added 2021/11/19 3:56 p.m.75 views

CVE-2021-22053

Applications using both spring-cloud-netflix-hystrix-dashboard and spring-boot-starter-thymeleaf expose a way to execute code submitted within the request URI path during the resolution of view templates. When a request is made at /hystrix/monitor;user-provided data, the path elements following...

9.2AI score0.13035EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/09/17 10:26 a.m.75 views

CVE-2021-39327 BulletProof Security <= 5.1 Sensitive Information Disclosure

The BulletProof Security WordPress plugin is vulnerable to sensitive information disclosure due to a file path disclosure in the publicly accessible /dbbackuplog.txt file which grants attackers the full path of the site, in addition to the path of database backup files. This affects versions up t...

5.3CVSS5.3AI score0.7233EPSS
Exploits7References5
Cvelist
Cvelist
added 2021/06/10 4:15 p.m.75 views

CVE-2021-31839 Incorrect permissions on McAfee Agent for Windows event folder

Improper privilege management vulnerability in McAfee Agent for Windows prior to 5.7.3 allows a local user to modify event information in the MA event folder. This allows a local user to either add false events or remove events from the event logs prior to them being sent to the ePO server...

4.8CVSS5.8AI score0.00182EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/01/04 2:26 a.m.75 views

CVE-2021-3007

Laminas Project laminas-http before 2.14.2, and Zend Framework 3.0.0, has a deserialization vulnerability that can lead to remote code execution if the content is controllable, related to the destruct method of the Zend\Http\Response\Stream class in Stream.php. NOTE: Zend Framework is no longer...

10AI score0.75313EPSS
Exploits3References5
Cvelist
Cvelist
added 2020/12/15 12:0 a.m.75 views

CVE-2020-10770

A flaw was found in Keycloak before 13.0.0, where it is possible to force the server to call out an unverified URL using the OIDC parameter requesturi. This flaw allows an attacker to use this parameter to execute a Server-side request forgery SSRF attack...

4.7AI score0.69724EPSS
Exploits5References2
Cvelist
Cvelist
added 2020/12/02 12:0 a.m.75 views

CVE-2020-27813

An integer overflow vulnerability exists with the length of websocket frames received via a websocket connection. An attacker would use this flaw to cause a denial of service attack on an HTTP Server allowing websocket connections...

7.3AI score0.02103EPSS
Exploits0References4
Cvelist
Cvelist
added 2017/12/26 10:0 p.m.75 views

CVE-2017-17931

PHP Scripts Mall Resume Clone Script has SQL Injection via the forget.php username parameter...

10AI score0.01147EPSS
Exploits1References1
Cvelist
Cvelist
added 2011/09/30 5:0 p.m.75 views

CVE-2011-3580

IceWarp WebMail in IceWarp Mail Server before 10.3.3 allows remote attackers to obtain configuration information via a direct request to the /server URI, which triggers a call to the phpinfo function...

6.2AI score0.0161EPSS
Exploits2References7
Cvelist
Cvelist
added 2026/06/23 4:4 p.m.74 views

CVE-2026-11940 tarfile extraction filter bypass allows escaping the destination directory

tarfile.extractall with the 'data' or 'tar' filter could be bypassed by a crafted archive where a hardlink references a symlink stored at a deeper name than the hardlink itself. The extraction fallback validated the symlink at it's archived location but recreated it at the hardlink's shallower...

7.8CVSS0.00613EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/06/05 10:36 a.m.74 views

CVE-2026-50264 Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: out-of-bounds heap write in dri2 drigetbuffers/drigetbufferswithformat

An out-of-bounds write flaw was found in the X.Org X server and Xwayland in DRIGetBuffers/DRIGetBuffersWithFormat. A client that requests multiple DRI2BufferBackLeft attachments and one DRI2BufferFrontLeft can trigger an out-of-bounds heap write. This may be used to crash the server, or for...

7.8CVSS0.00148EPSS
Exploits0References25
Cvelist
Cvelist
added 2026/05/22 2:31 a.m.74 views

CVE-2026-46597 Invoking byte arithmetic causes underflow and panic in golang.org/x/crypto/ssh

An incorrectly placed cast from bytes to int allowed for server-side panic in the AES-GCM packet decoder for well-crafted inputs...

0.00359EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/22 12:43 a.m.74 views

CVE-2026-34909

A malicious actor with access to the network could exploit a Path Traversal vulnerability found in UniFi OS devices to access files on the underlying system that could be manipulated to access an underlying account...

10CVSS0.02269EPSS
Exploits2References1
Cvelist
Cvelist
added 2026/05/21 9:25 a.m.74 views

CVE-2026-42000 Insufficient Validation of Names During AXFR

Insufficient Validation of Names During AXFR...

6.8CVSS0.00242EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/14 4:26 p.m.74 views

CVE-2026-44513 Diffusers: `trust_remote_code` bypass via `custom_pipeline` and local custom components

Diffusers is the a library for pretrained diffusion models. Prior to 0.38.0, a trustremotecode bypass in DiffusionPipeline.frompretrained allows arbitrary remote code execution despite the user passing trustremotecode=False or omitting it, which is the default. The vulnerability has three variant...

8.8CVSS0.00865EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/14 1:0 p.m.74 views

CVE-2026-6473 PostgreSQL server undersizes allocations, via integer wraparound

Integer wraparound in multiple PostgreSQL server features allows an unprivileged database user to cause the server to undersize an allocation and write out-of-bounds. This may execute arbitrary code as the operating system user running the database. In applications that pass gigabyte-scale user...

8.8CVSS0.00668EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/13 12:1 p.m.74 views

CVE-2026-25107

ELECOM wireless LAN access point devices use a hard-coded cryptographic key when creating backups of configuration files. An attacker who knows the encryption key can tamper the configuration file of the product, and a victim administrator may be tricked to use a crafted configuration file...

6.9CVSS0.00124EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/12 9:17 p.m.74 views

CVE-2026-44242 Micronaut Framework: Unbounded bundleCache in ResourceBundleMessageSource Allows Memory Exhaustion via Accept-Language Header

Micronaut Framework is a JVM-based full stack Java framework designed for building modular, easily testable JVM applications. Prior to 4.10.22, the bundleCache is keyed by Locale, baseName where the locale originates from the HTTP Accept-Language header. In applications that explicitly register a...

3.7CVSS0.00209EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 9:1 a.m.74 views

CVE-2026-5029 RCE in Code Runner MCP Server

A remote code execution vulnerability exists in Code Runner MCP Server when run with the --transport http option, which exposes the /mcp JSON-RPC endpoint without authentication on port 3088. An unauthenticated remote attacker can invoke the run-code MCP tool to supply arbitrary source code and...

8.7CVSS0.00291EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 7:48 a.m.75 views

CVE-2026-5028 Eight Day Week Print Workflow <= 1.2.6 - Authenticated (Subscriber+) SQL Injection via 'title' Parameter

The Eight Day Week Print Workflow plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'title' parameter in the pp-get-articles AJAX action in all versions up to, and including, 1.2.6. This is due to insufficient escaping on the user supplied parameter and lack of sufficie...

6.5CVSS0.00241EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/09 3:37 a.m.74 views

CVE-2026-42051 Kirby: System API endpoint leaks license data and installed version to authenticated users

Kirby is an open-source content management system. Prior to versions 4.9.0 and 5.4.0, the system API endpoint leaks license data and installed version to authenticated users. This issue has been patched in versions 4.9.0 and 5.4.0...

5.3CVSS0.00193EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/08 12:35 p.m.74 views

CVE-2022-50994 DrayTek Vigor 2960 < 1.5.1.4 OS Command Injection via mainfunction.cgi

DrayTek Vigor 2960 firmware versions prior to 1.5.1.4 contain an OS command injection vulnerability in the CGI login handler that allows unauthenticated remote attackers to execute arbitrary commands by injecting shell metacharacters into the formpassword parameter. Attackers can exploit...

9.2CVSS0.01432EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/08 3:38 a.m.74 views

CVE-2026-42208 LiteLLM: SQL injection in Proxy API key verification

LiteLLM is a proxy server AI Gateway to call LLM APIs in OpenAI or native format. From version 1.81.16 to before version 1.83.7, a database query used during proxy API key checks mixed the caller-supplied key value into the query text instead of passing it as a separate parameter. An...

9.3CVSS0.86607EPSS
Exploits7References2
Cvelist
Cvelist
added 2026/05/07 1:42 p.m.74 views

CVE-2026-44263 Weblate: Private Translation Enumeration via Screenshot API

Weblate is a web based localization tool. Prior to version 5.17.1, the screenshots, tasks, and component link API allowed for the enumeration of translations in a project inaccessible to the user. This issue has been patched in version 5.17.1...

4.3CVSS0.00288EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/07 5:12 a.m.74 views

CVE-2026-41586 ObjectInputStream.readObject() without ObjectInputFilter in fabric-sdk-java allows Java deserialization RCE

Hyperledger Fabric is an enterprise-grade permissioned distributed ledger framework for developing solutions and applications. From versions 1.0.0 to 2.2.26, Channel.java implements readObject and exposes deSerializeChannel which call ObjectInputStream.readObject on untrusted byte arrays without...

9.3CVSS0.0041EPSS
Exploits0References2
Total number of security vulnerabilities5000