Lucene search
K
CvelistMost viewed

364899 matches found

Cvelist
Cvelist
added 2024/01/31 5:51 p.m.289 views

CVE-2024-21888

A privilege escalation vulnerability in web component of Ivanti Connect Secure 9.x, 22.x and Ivanti Policy Secure 9.x, 22.x allows a user to elevate privileges to that of an administrator...

8.8CVSS9.3AI score0.86806EPSS
Exploits4References1
Cvelist
Cvelist
added 2024/10/16 6:43 a.m.288 views

CVE-2020-36836 WP Fastest Cache <= 0.9.0.2 - Authenticated (Subscriber+) Arbitrary File Deletion

The WP Fastest Cache plugin for WordPress is vulnerable to unauthorized arbitrary file deletion in versions up to, and including, 0.9.0.2 due to a lack of capability checking and insufficient path validation. This makes it possible for authenticated users with minimal permissions to delete...

8CVSS0.01367EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/07/24 5:29 p.m.288 views

CVE-2024-41667 OpenAM FreeMarker template injection

OpenAM is an open access management solution. In versions 15.0.3 and prior, the getCustomLoginUrlTemplate method in RealmOAuth2ProviderSettings.java is vulnerable to template injection due to its usage of user input. Although the developer intended to implement a custom URL for handling login to...

8.8CVSS0.03536EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/01/31 12:14 p.m.288 views

CVE-2024-1086 Use-after-free in Linux kernel's netfilter: nf_tables component

A use-after-free vulnerability in the Linux kernel's netfilter: nftables component can be exploited to achieve local privilege escalation. The nftverdictinit function allows positive values as drop error within the hook verdict, and hence the nfhookslow function can cause a double free...

7.8CVSS7.9AI score0.28058EPSS
Exploits16References14
Cvelist
Cvelist
added 2026/03/23 2:1 p.m.287 views

CVE-2026-33478 AVideo Multi-Chain Attack: Unauthenticated Remote Code Execution via Clone Key Disclosure, Database Dump, and Command Injection

WWBN AVideo is an open source video platform. In versions up to and including 26.0, multiple vulnerabilities in AVideo's CloneSite plugin chain together to allow a completely unauthenticated attacker to achieve remote code execution. The clones.json.php endpoint exposes clone secret keys without...

10CVSS0.13266EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/02/19 4:36 a.m.287 views

CVE-2026-0926 Prodigy Commerce <= 3.3.0 - Unauthenticated Local File Inclusion via parameters[template_name]

The Prodigy Commerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.3.0 via the 'parameterstemplatename' parameter. This makes it possible for unauthenticated attackers to include and read arbitrary files or execute arbitrary files on the server...

9.8CVSS0.09396EPSS
Exploits5References6
Cvelist
Cvelist
added 2024/06/25 8:35 a.m.284 views

CVE-2024-6028 Quiz Maker <= 6.5.8.3 - Unauthenticated SQL Injection via 'ays_questions' Parameter

The Quiz Maker plugin for WordPress is vulnerable to time-based SQL Injection via the 'aysquestions' parameter in all versions up to, and including, 6.5.8.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

9.8CVSS0.11755EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/01/07 4:7 p.m.283 views

CVE-2025-0247 Memory safety bugs fixed in Firefox 134 and Thunderbird 134

Memory safety bugs present in Firefox 133 and Thunderbird 133. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 134 and Thunderbird 134...

0.09348EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/01/12 12:52 a.m.283 views

CVE-2024-21591 Junos OS: SRX Series and EX Series: Security Vulnerability in J-web allows a preAuth Remote Code Execution

An Out-of-bounds Write vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an unauthenticated, network-based attacker to cause a Denial of Service DoS, or Remote Code Execution RCE and obtain root privileges on the device. This issue is caused by use of an...

9.8CVSS9.8AI score0.17668EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/10/11 5:0 a.m.281 views

CVE-2024-21534

All versions of the package jsonpath-plus are vulnerable to Remote Code Execution RCE due to improper input sanitization. An attacker can execute aribitrary code on the system by exploiting the unsafe default usage of vm in Node. Note: There were several attempts to fix it in versions 10.0.0-10.1...

9.8CVSS0.09076EPSS
Exploits4References4
Cvelist
Cvelist
added 2024/07/09 7:38 a.m.281 views

CVE-2024-6313 Gutenberg Forms <= 2.2.9 - Unauthenticated Arbitrary File Upload

The Gutenberg Forms plugin for WordPress is vulnerable to arbitrary file uploads due to the users can specify the allowed file types in the 'upload' function in versions up to, and including, 2.2.9. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected...

9.8CVSS0.01108EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/02 5:8 p.m.279 views

CVE-2026-35414

OpenSSH before 10.3 mishandles the authorizedkeys principals option in uncommon scenarios involving a principals list in conjunction with a Certificate Authority that makes certain use of comma characters...

4.2CVSS0.00176EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/07/23 2:26 p.m.279 views

CVE-2024-0760 A flood of DNS messages over TCP may make the server unstable

A malicious client can send many DNS messages over TCP, potentially causing the server to become unstable while the attack is in progress. The server may recover after the attack ceases. Use of ACLs will not mitigate the attack. This issue affects BIND 9 versions 9.18.1 through 9.18.27, 9.19.0...

7.5CVSS0.0468EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/07/09 7:38 a.m.279 views

CVE-2024-6161 Default Thumbnail Plus <= 1.0.2.3 - Authenticated (Contributor+) Arbitrary File Upload

The Default Thumbnail Plus plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'getcacheimage' function in all versions up to, and including, 1.0.2.3. This makes it possible for authenticated attackers, with contributor-level and above...

8.8CVSS0.00786EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/04/24 6:15 p.m.279 views

CVE-2024-20353

A vulnerability in the management and VPN web servers for Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to cause the device to reload unexpectedly, resulting in a denial of service DoS condition. This...

8.6CVSS8.7AI score0.70686EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/01/17 8:15 p.m.279 views

CVE-2023-6549

Improper Restriction of Operations within the Bounds of a Memory Buffer in NetScaler ADC and NetScaler Gateway allows Unauthenticated Denial of Service and Out-Of-Bounds Memory Read...

8.2CVSS8.5AI score0.57633EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/11/11 5:59 p.m.278 views

CVE-2025-60710 Host Process for Windows Tasks Elevation of Privilege Vulnerability

...

7.8CVSS0.04666EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/09/22 11:59 p.m.278 views

CVE-2024-43989 WordPress Justified Image Grid plugin <= 4.6.1 - Unauthenticated Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in Firsh Justified Image Grid justified-image-grid.This issue affects Justified Image Grid: from n/a through = 4.6.1...

7.5CVSS0.12232EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/11/03 12:0 a.m.276 views

CVE-2023-31102

Ppmd7.c in 7-Zip before 23.00 allows an integer underflow and invalid read operation via a crafted 7Z archive...

7.6AI score0.7104EPSS
Exploits0References5
Cvelist
Cvelist
added 2021/09/16 2:40 p.m.276 views

CVE-2021-39275 ap_escape_quotes buffer overflow

apescapequotes may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier...

9.9AI score0.36339EPSS
Exploits0References15
Cvelist
Cvelist
added 2024/11/05 12:0 a.m.275 views

CVE-2024-51358

An issue in Linux Server Heimdall v.2.6.1 allows a remote attacker to execute arbitrary code via a crafted script to the Add new application...

0.00924EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/03/14 10:15 a.m.275 views

CVE-2022-22719 mod_lua Use of uninitialized value of in r:parsebody

A carefully crafted request body can cause a read to a random memory area which could cause the process to crash. This issue affects Apache HTTP Server 2.4.52 and earlier...

8.7AI score0.69803EPSS
Exploits0References15
Cvelist
Cvelist
added 2024/04/04 10:16 p.m.274 views

CVE-2024-21894

A heap overflow vulnerability in IPSec component of Ivanti Connect Secure 9.x, 22.x and Ivanti Policy Secure allows an unauthenticated malicious user to send specially crafted requests in-order-to crash the service thereby causing a DoS attack. In certain conditions this may lead to execution of...

8.2CVSS9.9AI score0.18987EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/12 5:46 a.m.273 views

CVE-2024-5651 Fence-agents-remediation: fence agent command line options leads to remote code execution

A flaw was found in the Fence Agents Remediation operator. This vulnerability can allow a Remote Code Execution RCE primitive by supplying an arbitrary command to execute in the --ssh-path/--telnet-path arguments. A low-privilege user, for example, a user with developer access, can create a...

8.8CVSS0.01369EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/07/27 1:51 a.m.273 views

CVE-2024-6431 Media.net Ads Manager <= 2.10.13 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File Upload

The Media.net Ads Manager plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation and missing capability check in the 'sendMail' function in all versions up to, and including, 2.10.13. This makes it possible for authenticated attackers, with subscriber-lev...

8.8CVSS0.00786EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/25 8:25 a.m.272 views

CVE-2026-2416 Geo Mashup <= 1.13.17 - Unauthenticated SQL Injection via 'sort' Parameter

The Geo Mashup plugin for WordPress is vulnerable to SQL Injection via the 'sort' parameter in all versions up to, and including, 1.13.17. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

7.5CVSS0.01392EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/10/17 12:0 a.m.272 views

CVE-2024-30875

Cross Site Scripting vulnerability in JavaScript Library jquery-ui v.1.13.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via a crafted payload to the window.addEventListener component. NOTE: this is disputed by the Supplier because it cannot be reproduced, a...

0.0079EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/09 7:38 a.m.272 views

CVE-2024-6123 Bit Form <= 2.13.3 - Authenticated (Administrator+) Arbitrary File Upload

The Bit Form plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'iconUpload' function in all versions up to, and including, 2.13.3. This makes it possible for authenticated attackers, with administrator-level and above permissions, to upload...

7.2CVSS0.00957EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/07/09 3:33 a.m.272 views

CVE-2024-6365 Product Table by WBW <= 2.0.1 - Unauthenticated Remote Code Execution

The Product Table by WBW plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.0.1 via the 'saveCustomTitle' function. This is due to missing authorization and lack of sanitization of appended data in the languages/customTitle.php file. This makes it...

9.8CVSS0.01211EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/12/19 3:43 p.m.272 views

CVE-2023-46263

An unrestricted upload of file with dangerous type vulnerability exists in Avalanche versions 6.4.1 and below that could allow an attacker to achieve a remote code execution...

7.2CVSS9.9AI score0.81884EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/03/14 10:15 a.m.272 views

CVE-2022-22720 HTTP request smuggling vulnerability in Apache HTTP Server 2.4.52 and earlier

Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling...

9.8AI score0.28189EPSS
Exploits0References16
Cvelist
Cvelist
added 2024/07/11 12:0 a.m.271 views

CVE-2024-36435

An issue was discovered on Supermicro BMC firmware in select X11, X12, H12, B12, X13, H13, and B13 motherboards and CMM6 modules. An unauthenticated user can post crafted data to the interface that triggers a stack buffer overflow, and may lead to arbitrary remote code execution on a BMC...

9.8CVSS0.01293EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/04 8:32 a.m.271 views

CVE-2024-6318 IMGspider <= 2.3.10 - Authenticated (Contributor+) Arbitrary File Upload via 'upload_img_file'

The IMGspider plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'uploadimgfile' function in all versions up to, and including, 2.3.10. This makes it possible for authenticated attackers, with contributor-level and above permissions, to upload...

8.8CVSS0.00939EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/02/21 11:30 p.m.271 views

CVE-2024-1451 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions starting from 16.9 before 16.9.1. A crafted payload added to the user profile page could lead to a stored XSS on the client side, allowing attackers to perform arbitrary actions on behalf of victims."...

8.7CVSS8.2AI score0.51467EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/12/16 12:0 a.m.270 views

CVE-2024-55557

ui/pref/ProxyPrefView.java in weasis-core in Weasis 4.5.1 has a hardcoded key for symmetric encryption of proxy credentials...

0.01366EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/08/30 10:25 p.m.270 views

CVE-2024-6586

Lightdash version 0.1024.6 allows users with the necessary permissions, such as Administrator or Editor, to create and share dashboards. A dashboard that contains HTML elements which point to a threat actor controlled source can trigger an SSRF request when exported, via a POST request to...

0.01786EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/08/14 8:29 a.m.270 views

CVE-2024-4389 Slider & Popup Builder by Depicter – Add Image Slider, Carousel Slider, Exit Intent Popup, Popup Modal, Coupon Popup, Post Slider Carousel <= 3.1.1 - Authenticated (Contributor+) Arbitrary File Upload

The Slider and Carousel slider by Depicter plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the uploadFile function in all versions up to, and including, 3.1.1. This makes it possible for authenticated attackers, with contributor access or higher...

8.8CVSS0.01021EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/12/10 5:0 a.m.269 views

CVE-2024-21542

Versions of the package luigi before 3.6.0 are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip due to improper destination file path validation in the extractpackagesarchive function...

8.6CVSS0.01096EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/02/27 10:11 p.m.268 views

CVE-2026-28515 openDCIM <= 23.04 Missing Authorization in install.php

openDCIM version 23.04, through commit 4467e9c4, contains a missing authorization vulnerability in install.php and container-install.php. The installer and upgrade handler expose LDAP configuration functionality without enforcing application role checks. Any authenticated user can access this...

9.3CVSS0.01157EPSS
Exploits3References8
Cvelist
Cvelist
added 2025/12/18 12:22 p.m.268 views

CVE-2025-14437 Hummingbird <= 3.18.0 - Unauthenticated Sensitive Information Exposure via Log File

The Hummingbird Performance plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.18.0 via the 'request' function. This makes it possible for unauthenticated attackers to extract sensitive data including Cloudflare API credentials...

7.5CVSS0.01986EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/11 12:0 a.m.268 views

CVE-2024-48322

UsersController.php in Run.codes 1.5.2 and older has a reset password race condition vulnerability...

0.00828EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/08/05 12:0 a.m.268 views

CVE-2024-40498

SQL Injection vulnerability in PuneethReddyHC Online Shopping sysstem advanced v.1.0 allows an attacker to execute arbitrary code via the register.php...

0.01005EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/03/14 10:15 a.m.267 views

CVE-2022-23943 mod_sed: Read/write beyond bounds

Out-of-bounds Write vulnerability in modsed of Apache HTTP Server allows an attacker to overwrite heap memory with possibly attacker provided data. This issue affects Apache HTTP Server 2.4 version 2.4.52 and prior versions...

9.7AI score0.50401EPSS
Exploits0References11
Cvelist
Cvelist
added 2026/02/05 4:13 p.m.266 views

CVE-2020-37123 Pinger 1.0 - Remote Code Execution

Pinger 1.0 contains a remote code execution vulnerability that allows attackers to inject shell commands through the ping and socket parameters. Attackers can exploit the unsanitized input in ping.php to write arbitrary PHP files and execute system commands by appending shell metacharacters...

9.8CVSS0.03135EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/11/22 4:23 p.m.265 views

CVE-2024-10220 Arbitrary command execution through gitRepo volume

The Kubernetes kubelet component allows arbitrary command execution via specially crafted gitRepo volumes.This issue affects kubelet: through 1.28.11, from 1.29.0 through 1.29.6, from 1.30.0 through 1.30.2...

8.1CVSS0.03001EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/09/26 12:0 a.m.265 views

CVE-2024-46627

Incorrect access control in BECN DATAGERRY v2.2 allows attackers to execute arbitrary commands via crafted web requests...

0.04099EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/01/12 5:2 p.m.265 views

CVE-2023-46805

An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks...

8.2CVSS9AI score0.99986EPSS
Exploits17References2
Cvelist
Cvelist
added 2023/10/31 8:22 p.m.265 views

CVE-2023-3676 Kubernetes - Windows nodes - Insufficient input sanitization leads to privilege escalation

A security issue was discovered in Kubernetes where a user that can create pods on Windows nodes may be able to escalate to admin privileges on those nodes. Kubernetes clusters are only affected if they include Windows nodes...

8.8CVSS8.8AI score0.11668EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/12/09 11:30 a.m.264 views

CVE-2023-32117 WordPress Integrate Google Drive plugin <= 1.1.99 - Unauthenticated Broken Access Control vulnerability

Missing Authorization vulnerability in SoftLab Integrate Google Drive allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Integrate Google Drive: from n/a through 1.1.99...

9.8CVSS0.06399EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/12/20 11:20 a.m.264 views

CVE-2021-44224 Possible NULL dereference or SSRF in forward proxy configurations in Apache HTTP Server 2.4.51 and earlier

A crafted URI sent to httpd configured as a forward proxy ProxyRequests on can cause a crash NULL pointer dereference or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint Server Side Request Forgery...

9.2AI score0.82295EPSS
Exploits0References19
Total number of security vulnerabilities5000