Lucene search
K
CvelistMost viewed

365247 matches found

Cvelist
Cvelist
added 2026/05/08 12:35 p.m.74 views

CVE-2022-50994 DrayTek Vigor 2960 < 1.5.1.4 OS Command Injection via mainfunction.cgi

DrayTek Vigor 2960 firmware versions prior to 1.5.1.4 contain an OS command injection vulnerability in the CGI login handler that allows unauthenticated remote attackers to execute arbitrary commands by injecting shell metacharacters into the formpassword parameter. Attackers can exploit...

9.2CVSS0.01432EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/08 3:38 a.m.74 views

CVE-2026-42208 LiteLLM: SQL injection in Proxy API key verification

LiteLLM is a proxy server AI Gateway to call LLM APIs in OpenAI or native format. From version 1.81.16 to before version 1.83.7, a database query used during proxy API key checks mixed the caller-supplied key value into the query text instead of passing it as a separate parameter. An...

9.3CVSS0.86607EPSS
Exploits7References2
Cvelist
Cvelist
added 2026/05/07 1:42 p.m.74 views

CVE-2026-44263 Weblate: Private Translation Enumeration via Screenshot API

Weblate is a web based localization tool. Prior to version 5.17.1, the screenshots, tasks, and component link API allowed for the enumeration of translations in a project inaccessible to the user. This issue has been patched in version 5.17.1...

4.3CVSS0.00288EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/07 5:12 a.m.74 views

CVE-2026-41586 ObjectInputStream.readObject() without ObjectInputFilter in fabric-sdk-java allows Java deserialization RCE

Hyperledger Fabric is an enterprise-grade permissioned distributed ledger framework for developing solutions and applications. From versions 1.0.0 to 2.2.26, Channel.java implements readObject and exposes deSerializeChannel which call ObjectInputStream.readObject on untrusted byte arrays without...

9.3CVSS0.0041EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/07 4:27 a.m.74 views

CVE-2026-6692 Slider Revolution 7.0.0 - 7.0.10 - Authenticated (Subscriber+) Arbitrary File Upload via _get_media_url

The Slider Revolution plugin for WordPress is vulnerable to Arbitrary File Upload in versions 7.0.0 to 7.0.10 via the 'getmediaurl' and 'checkfilepath' function. This is due to insufficient file type validation. This makes it possible for authenticated attackers, with subscriber-level access and...

8.8CVSS0.00815EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/07 3:49 a.m.74 views

CVE-2026-41675 xmldom: XML node injection through unvalidated processing instruction serialization

xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. In @xmldom/xmldom prior to versions 0.9.10 and 0.8.13 and xmldom version 0.6.0 and prior, the package allows attacker-controlled processing instruction data to be serialized into XML without...

8.7CVSS0.00408EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/23 12:11 p.m.74 views

CVE-2026-39440 WordPress FunnelFormsPro plugin <= 3.8.1 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Funnelforms LLC FunnelFormsPro allows Remote Code Inclusion.This issue affects FunnelFormsPro: from n/a through 3.8.1...

9.9CVSS0.00364EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/08/08 4:32 p.m.74 views

CVE-2025-8732 libxml2 xmlcatalog xmlParseSGMLCatalog recursion

A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads to uncontrolled recursion. Attacking locally is a requirement. The exploit has been disclosed to...

4.8CVSS0.00202EPSS
Exploits1References6
Cvelist
Cvelist
added 2025/07/23 2:48 p.m.74 views

CVE-2025-40597

A Heap-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service DoS or potentially results in code execution...

0.27599EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/08 9:32 p.m.74 views

CVE-2025-49533 Adobe Experience Manager (MS) | Deserialization of Untrusted Data (CWE-502)

Adobe Experience Manager MS versions 6.5.23.0 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could lead to arbitrary code execution by an attacker. Exploitation of this issue does not require user interaction. Scope is unchanged...

9.8CVSS0.44894EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/08 4:57 p.m.74 views

CVE-2025-47984 Windows GDI Information Disclosure Vulnerability

...

7.5CVSS0.14294EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/10 12:12 a.m.74 views

CVE-2025-42989 Missing Authorization check in SAP NetWeaver Application Server for ABAP

RFC inbound processing�does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. On successful exploitation the attacker could critically impact both integrity and availability of the application...

9.6CVSS0.00414EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/05/21 4:19 p.m.74 views

CVE-2025-20152 ISE restart

A vulnerability in the RADIUS message processing feature of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to improper handling of certain RADIUS requests. An attacker...

8.6CVSS0.00667EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/06 8:32 a.m.74 views

CVE-2025-21453 Use After Free in GPS HLOS Driver

Memory corruption while processing a data structure, when an iterator is accessed after it has been removed, potential failures occur...

7.8CVSS0.00089EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/11 7:9 p.m.74 views

CVE-2025-27789 Inefficient RexExp complexity in generated code with .replace when transpiling named capturing groups

Babel is a compiler for writing next generation JavaScript. When using versions of Babel prior to 7.26.10 and 8.0.0-alpha.17 to compile regular expression named capturing groups, Babel will generate a polyfill for the .replace method that has quadratic complexity on some specific replacement...

6.2CVSS0.00478EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/01/23 11:13 a.m.74 views

CVE-2024-13236 Tainacan <= 0.21.12 - Authenticated (Subscriber+) SQL Injection

The Tainacan plugin for WordPress is vulnerable to SQL Injection via the 'collectionid' parameter in all versions up to, and including, 0.21.12 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

6.5CVSS0.00443EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/12/12 8:15 a.m.74 views

CVE-2024-21574

The issue stems from a missing validation of the pip field in a POST request sent to the /customnode/install endpoint used to install custom nodes which is added to the server by the extension. This allows an attacker to craft a request that triggers a pip install on a user controlled package or...

10CVSS0.01107EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/15 9:24 p.m.74 views

CVE-2024-9500 Autodesk ADP Desktop SDK Privilege Escalation Vulnerability

A maliciously crafted DLL file when placed in temporary files and folders that are leveraged by the Autodesk Installer could lead to escalation of privileges to NT AUTHORITY/SYSTEM due to insecure privilege management...

7.8CVSS0.00189EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/23 5:0 p.m.74 views

CVE-2024-10296 PHPGurukul Medical Card Generation System Report of Medical Card Page card-bwdates-reports-details.php sql injection

A vulnerability was found in PHPGurukul Medical Card Generation System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/card-bwdates-reports-details.php of the component Report of Medical Card Page. The manipulation of the argume...

5.8CVSS0.00403EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/10/03 5:40 p.m.74 views

CVE-2024-41988 Missing Authentication for Critical Function vulnerability in TEM Opera Plus FM Family Transmitter

TEM Opera Plus FM Family Transmitter allows access to an unprotected endpoint that allows MPFS File System binary image upload without authentication. This file system serves as the basis for the HTTP2 web server module but is also used by the SNMP module and is available to other applications th...

9.3CVSS0.0059EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/09/01 12:0 a.m.74 views

CVE-2024-45509

In MISP through 2.4.196, app/Controller/BookmarksController.php does not properly restrict access to bookmarks data in the case where the user is not an org admin...

0.00395EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/26 10:11 a.m.74 views

CVE-2024-43911 wifi: mac80211: fix NULL dereference at band check in starting tx ba session

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL dereference at band check in starting tx ba session In MLD connection, linkdata/linkconf are dynamically allocated. They don't point to vif-bssconf. So, there will be no chanreq assigned to vif-bssconf an...

0.00225EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/08/21 1:53 p.m.74 views

CVE-2024-28000 WordPress LiteSpeed Cache plugin <= 6.3.0.1 - Unauthenticated Privilege Escalation vulnerability

Incorrect Privilege Assignment vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache.This issue affects LiteSpeed Cache: from n/a through = 6.3.0.1...

9.8CVSS0.68266EPSS
Exploits8References1
Cvelist
Cvelist
added 2024/07/16 10:40 p.m.74 views

CVE-2024-21182

...

7.5CVSS0.49689EPSS
Exploits3References1
Cvelist
Cvelist
added 2024/07/11 3:43 p.m.74 views

CVE-2024-39905 Red-DiscordBot vulnerable to Incorrect Authorization in commands API

Red is a fully modular Discord bot. Due to a bug in Red's Core API, 3rd-party cogs using the @commands.canmanagechannel command permission check without additional permission controls may authorize a user to run a command even when that user doesn't have permissions to manage a channel. None of t...

5.3CVSS0.0041EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/07/09 5:2 p.m.74 views

CVE-2024-35264 .NET and Visual Studio Remote Code Execution Vulnerability

...

8.1CVSS0.02565EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/25 3:4 p.m.74 views

CVE-2024-5806 MOVEit Transfer Authentication Bypass Vulnerability

Improper Authentication vulnerability in Progress MOVEit Transfer SFTP module can lead to Authentication Bypass.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.11, from 2023.1.0 before 2023.1.6, from 2024.0.0 before 2024.0.2...

9.1CVSS0.75812EPSS
Exploits3References2
Cvelist
Cvelist
added 2024/06/25 12:54 p.m.74 views

CVE-2024-31111 WordPress Core < 6.5.5 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Automattic WordPress allows Stored XSS.This issue affects WordPress: from 6.5 through 6.5.4, from 6.4 through 6.4.4, from 6.3 through 6.3.4, from 6.2 through 6.2.5, from 6.1 through 6.1.6,...

6.5CVSS0.00318EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/06/25 11:9 a.m.74 views

CVE-2024-6307 WordPress Core < 6.5.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via HTML API

WordPress Core is vulnerable to Stored Cross-Site Scripting via the HTML API in various versions prior to 6.5.5 due to insufficient input sanitization and output escaping on URLs. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web...

6.4CVSS0.00467EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/06/18 5:43 a.m.74 views

CVE-2024-37079

vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution...

9.8CVSS0.22377EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/29 4:2 p.m.74 views

CVE-2024-31079 NGINX HTTP/3 QUIC vulnerability

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate or cause other potential impact. This attack requires that a request be specifically timed during the connection draining process, which the attacke...

4.8CVSS5AI score0.00872EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/05/13 3:3 p.m.74 views

CVE-2024-31444 Cacti XSS vulnerability in lib/html.php by reading dirty data stored in database

Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, some of the data stored in automationtreerulesformsave function in automationtreerules.php is not thoroughly checked and is used to concatenate the HTML statement in formconfirm function from...

4.6CVSS5.1AI score0.14664EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/05/13 10:4 a.m.74 views

CVE-2024-4067 Regular Expression Denial of Service in micromatch

The NPM package micromatch prior to 4.0.8 is vulnerable to Regular Expression Denial of Service ReDoS. The vulnerability occurs in micromatch.braces in index.js because the pattern . will greedily match anything. By passing a malicious payload, the pattern matching will keep backtracking to the...

5.3CVSS5.4AI score0.01429EPSS
Exploits1References5
Cvelist
Cvelist
added 2024/05/11 5:38 a.m.74 views

CVE-2024-4560 Kognetiks Chatbot for WordPress <= 1.9.9 - Unauthenticated Arbitrary File Upload via chatbot_chatgpt_upload_file_to_assistant Function

The Kognetiks Chatbot for WordPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the chatbotchatgptuploadfiletoassistant function in all versions up to, and including, 1.9.9. This makes it possible for unauthenticated attackers, with to uploa...

9.8CVSS10AI score0.00905EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/04/09 6:59 p.m.74 views

CVE-2024-3136 MasterStudy LMS <= 3.3.3 - Unauthenticated Local File Inclusion via template

The MasterStudy LMS plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.3.3 via the 'template' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the execution of any PHP cod...

9.8CVSS10AI score0.05018EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/02/06 5:0 p.m.74 views

CVE-2024-1253 Byzoro Smart S40 Management Platform Import web.php unrestricted upload

A vulnerability, which was classified as critical, has been found in Byzoro Smart S40 Management Platform up to 20240126. Affected by this issue is some unknown functionality of the file /useratte/web.php of the component Import Handler. The manipulation of the argument fileupload leads to...

5.8CVSS7.2AI score0.01696EPSS
Exploits1References4
Cvelist
Cvelist
added 2023/09/01 10:48 a.m.74 views

CVE-2023-25042 WordPress oAuth Twitter Feed for Developers Plugin <= 2.3.0 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Liam Gladdy Storm Consultancy oAuth Twitter Feed for Developers plugin = 2.3.0 versions...

5.9CVSS5.6AI score0.00393EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/04/13 12:0 a.m.74 views

CVE-2023-26918

Diasoft File Replication Pro 7.5.0 allows attackers to escalate privileges by replacing a legitimate file with a Trojan horse that will be executed as LocalSystem. This occurs because %ProgramFiles%\FileReplicationPro allows Everyone:F access...

9.8AI score0.06051EPSS
Exploits4References2
Cvelist
Cvelist
added 2023/02/03 8:26 p.m.74 views

CVE-2023-23941 SwagPayPal payment not sent to PayPal correctly

SwagPayPal is a PayPal integration for shopware/platform. If JavaScript-based PayPal checkout methods are used PayPal Plus, Smart Payment Buttons, SEPA, Pay Later, Venmo, Credit card, the amount and item list sent to PayPal may not be identical to the one in the created order. The problem has bee...

7.5CVSS7.7AI score0.00297EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/10/06 12:0 a.m.74 views

CVE-2022-39273 Default OAuth Authorization Server secret in FlyteAdmin

FlyteAdmin is the control plane for the data processing platform Flyte. Users who enable the default Flyte’s authorization server without changing the default clientid hashes will be exposed to the public internet. In an effort to make enabling authentication easier for Flyte administrators, the...

4.8CVSS7.8AI score0.0067EPSS
Exploits0References3
Cvelist
Cvelist
added 2022/09/28 10:25 p.m.74 views

CVE-2022-31628 phar wrapper can occur dos when using quine gzip file

In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop...

2.3CVSS7.9AI score0.00591EPSS
Exploits0References8
Cvelist
Cvelist
added 2022/08/29 2:3 p.m.74 views

CVE-2022-0851

There is a flaw in convert2rhel. When the --activationkey option is used with convert2rhel, the activation key is subsequently passed to subscription-manager via the command line, which could allow unauthorized users locally on the machine to view the activation key via the process command line v...

5.7AI score0.00303EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/04/28 1:22 p.m.74 views

CVE-2021-41945

Encode OSS httpx 0.23.0 is affected by improper input validation in httpx.URL, httpx.Client and some functions using httpx.URL.copywith...

9.3AI score0.02026EPSS
Exploits1References5
Cvelist
Cvelist
added 2022/01/14 5:13 p.m.74 views

CVE-2022-23227

NUUO NVRmini2 through 3.11 allows an unauthenticated attacker to upload an encrypted TAR archive, which can be abused to add arbitrary users because of the lack of handleimportuser.php authentication. When combined with another flaw CVE-2011-5325, it is possible to overwrite arbitrary files under...

9.1AI score0.49431EPSS
Exploits1References4
Cvelist
Cvelist
added 2021/07/29 7:5 a.m.74 views

CVE-2021-37578 Remote code execution via RMI

Apache jUDDI uses several classes related to Java's Remote Method Invocation RMI which as an extension to UDDI provides an alternate transport for accessing UDDI services. RMI uses the default Java serialization mechanism to pass parameters in RMI invocations. A remote attacker can send a malicio...

9.9AI score0.04115EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/06/08 5:45 p.m.74 views

CVE-2021-32674 Remote Code Execution via traversal in TAL expressions

Zope is an open-source web application server. This advisory extends the previous advisory at https://github.com/zopefoundation/Zope/security/advisories/GHSA-5pr9-v234-jw36 with additional cases of TAL expression traversal vulnerabilities. Most Python modules are not available for using in TAL...

8.8CVSS8.9AI score0.01574EPSS
Exploits0References4
Cvelist
Cvelist
added 2021/06/07 8:27 p.m.74 views

CVE-2020-25716

A flaw was found in Cloudforms. A role-based privileges escalation flaw where export or import of administrator files is possible. An attacker with a specific group can perform actions restricted only to system administrator. This is the affect of an incomplete fix for CVE-2020-10783. The highest...

8.1AI score0.00769EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/05/21 1:55 p.m.74 views

CVE-2021-32633 Remote Code Execution via traversal in TAL expressions

Zope is an open-source web application server. In Zope versions prior to 4.6 and 5.2, users can access untrusted modules indirectly through Python modules that are available for direct use. By default, only users with the Manager role can add or edit Zope Page Templates through the web, but sites...

6.8CVSS8.8AI score0.01843EPSS
Exploits1References5
Cvelist
Cvelist
added 2021/03/04 12:33 p.m.74 views

CVE-2020-24914

A PHP object injection bug in profile.php in qcubed all versions including 3.1.1 unserializes the untrusted data of the POST-variable "strProfileData" and allows an unauthenticated attacker to execute code via a crafted POST request...

9.7AI score0.0545EPSS
Exploits3References4
Cvelist
Cvelist
added 2020/08/07 3:27 p.m.74 views

CVE-2020-11984

Apache HTTP server 2.4.32 to 2.4.44 modproxyuwsgi info disclosure and possible RCE...

9.5AI score0.90039EPSS
Exploits2References32
Total number of security vulnerabilities5000