Lucene search
K
CvelistMost viewed

365298 matches found

Cvelist
Cvelist
•added 2022/04/28 1:22 p.m.•74 views

CVE-2021-41945

Encode OSS httpx 0.23.0 is affected by improper input validation in httpx.URL, httpx.Client and some functions using httpx.URL.copywith...

9.3AI score0.02026EPSS
Exploits1References5
Cvelist
Cvelist
•added 2022/01/14 5:13 p.m.•74 views

CVE-2022-23227

NUUO NVRmini2 through 3.11 allows an unauthenticated attacker to upload an encrypted TAR archive, which can be abused to add arbitrary users because of the lack of handleimportuser.php authentication. When combined with another flaw CVE-2011-5325, it is possible to overwrite arbitrary files under...

9.1AI score0.49431EPSS
Exploits1References4
Cvelist
Cvelist
•added 2021/07/29 7:5 a.m.•74 views

CVE-2021-37578 Remote code execution via RMI

Apache jUDDI uses several classes related to Java's Remote Method Invocation RMI which as an extension to UDDI provides an alternate transport for accessing UDDI services. RMI uses the default Java serialization mechanism to pass parameters in RMI invocations. A remote attacker can send a malicio...

9.9AI score0.04115EPSS
Exploits0References2
Cvelist
Cvelist
•added 2021/06/08 5:45 p.m.•74 views

CVE-2021-32674 Remote Code Execution via traversal in TAL expressions

Zope is an open-source web application server. This advisory extends the previous advisory at https://github.com/zopefoundation/Zope/security/advisories/GHSA-5pr9-v234-jw36 with additional cases of TAL expression traversal vulnerabilities. Most Python modules are not available for using in TAL...

8.8CVSS8.9AI score0.01574EPSS
Exploits0References4
Cvelist
Cvelist
•added 2021/06/07 8:27 p.m.•74 views

CVE-2020-25716

A flaw was found in Cloudforms. A role-based privileges escalation flaw where export or import of administrator files is possible. An attacker with a specific group can perform actions restricted only to system administrator. This is the affect of an incomplete fix for CVE-2020-10783. The highest...

8.1AI score0.00769EPSS
Exploits0References1
Cvelist
Cvelist
•added 2021/05/21 1:55 p.m.•74 views

CVE-2021-32633 Remote Code Execution via traversal in TAL expressions

Zope is an open-source web application server. In Zope versions prior to 4.6 and 5.2, users can access untrusted modules indirectly through Python modules that are available for direct use. By default, only users with the Manager role can add or edit Zope Page Templates through the web, but sites...

6.8CVSS8.8AI score0.01843EPSS
Exploits1References5
Cvelist
Cvelist
•added 2021/03/04 12:33 p.m.•74 views

CVE-2020-24914

A PHP object injection bug in profile.php in qcubed all versions including 3.1.1 unserializes the untrusted data of the POST-variable "strProfileData" and allows an unauthenticated attacker to execute code via a crafted POST request...

9.7AI score0.0545EPSS
Exploits3References4
Cvelist
Cvelist
•added 2020/08/07 3:27 p.m.•74 views

CVE-2020-11984

Apache HTTP server 2.4.32 to 2.4.44 modproxyuwsgi info disclosure and possible RCE...

9.5AI score0.90039EPSS
Exploits2References32
Cvelist
Cvelist
•added 2019/10/17 7:9 p.m.•74 views

CVE-2019-15627

Versions 10.0, 11.0 and 12.0 of the Trend Micro Deep Security Agent are vulnerable to an arbitrary file delete attack, which may lead to availability impact. Local OS access is required. Please note that only Windows agents are affected...

6.9AI score0.01311EPSS
Exploits4References2
Cvelist
Cvelist
•added 2018/01/21 10:0 p.m.•74 views

CVE-2016-10708

sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service NULL pointer dereference and daemon crash via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c...

6AI score0.15716EPSS
Exploits1References11
Cvelist
Cvelist
•added 2014/02/06 2:0 a.m.•74 views

CVE-2013-4463

OpenStack Compute Nova Folsom, Grizzly, and Havana does not properly verify the virtual size of a QCOW2 image, which allows local users to cause a denial of service host file system disk consumption via a compressed QCOW2 image. NOTE: this issue is due to an incomplete fix for CVE-2013-2096...

5.8AI score0.00368EPSS
Exploits0References4
Cvelist
Cvelist
•added 2013/10/21 5:0 p.m.•74 views

CVE-2013-4450

The HTTP server in Node.js 0.10.x before 0.10.21 and 0.8.x before 0.8.26 allows remote attackers to cause a denial of service memory and CPU consumption by sending a large number of pipelined requests without reading the response...

6.2AI score0.3722EPSS
Exploits3References10
Cvelist
Cvelist
•added 2011/11/08 11:0 a.m.•74 views

CVE-2011-4415

The appregsub function in server/util.c in the Apache HTTP Server 2.0.x through 2.0.64 and 2.2.x through 2.2.21, when the modsetenvif module is enabled, does not restrict the size of values of environment variables, which allows local users to cause a denial of service memory consumption or NULL...

7.2AI score0.031EPSS
Exploits4References4
Cvelist
Cvelist
•added 2011/08/29 3:0 p.m.•74 views

CVE-2011-3192

The byterange filter in the Apache HTTP Server 1.3.x, 2.0.x through 2.0.64, and 2.2.x through 2.2.19 allows remote attackers to cause a denial of service memory and CPU consumption via a Range header that expresses multiple overlapping ranges, as exploited in the wild in August 2011, a different...

7.5AI score0.98945EPSS
Exploits17References72
Cvelist
Cvelist
•added 2026/06/30 3:11 p.m.•73 views

CVE-2026-48282 ColdFusion | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22)

ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability that could lead to arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interactio...

10CVSS0.28583EPSS
Exploits3References1
Cvelist
Cvelist
•added 2026/06/18 12:11 a.m.•73 views

CVE-2026-12569 Remote Code Execution (RCE) vulnerability in Windchill PDMlink

A critical remote code execution RCE vulnerability has been reported in PTC Windchill PDMlink and PTC FlexPLM. The vulnerability may be exploited through the deserialization of untrusted data. This advisory also applies to all CPS versions The identified vulnerability also impacts Windchill and...

9.3CVSS0.01247EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/05 11:28 p.m.•73 views

CVE-2026-9290 WP User Manager <= 2.9.17 - Unauthenticated Path Traversal to Local File Inclusion via 'tab' Query Parameter

The WP User Manager – User Profile Builder & Membership plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.9.17 via the profile template scope function. This makes it possible for unauthenticated attackers to include and execute arbitrary .php files...

7.5CVSS0.02403EPSS
Exploits1References13
Cvelist
Cvelist
•added 2026/06/05 10:31 a.m.•73 views

CVE-2026-50256 Xorg-x11-server: xorg-x11-server-xwayland: xorg-x11-server: stack buffer overflow in font alias resolution due to libxfont2 name length mismatch

A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. A mismatch between the X server and the libXfont2 library's maximum font name length can cause a stack buffer overflow during font alias resolution. The server allocates a 256 byte stack buffer but libXfont2's alias...

7.8CVSS0.00157EPSS
Exploits0References25
Cvelist
Cvelist
•added 2026/06/04 2:3 a.m.•73 views

CVE-2026-8829 HTML::Entities versions before 3.84 for Perl read freed heap memory in _decode_entities

HTML::Entities versions before 3.84 for Perl read freed heap memory in decodeentities. The XS routine backing HTML::Entities::decodeentities cached a pointer repl into the entity-value SV returned by hvfetch on the entity2char hash. When the input SV was identical to a value SV in that hash, and...

0.0031EPSS
Exploits0References2
Cvelist
Cvelist
•added 2026/06/03 4:9 p.m.•73 views

CVE-2026-20230 Cisco Unified Communications Manager Server-Side Request Forgery Vulnerability

A vulnerability in Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, remote attacker to conduct server-side request forgery SSRF attacks through an affected device. This vulnerability ...

8.6CVSS0.41694EPSS
Exploits3References1
Cvelist
Cvelist
•added 2026/05/13 5:38 p.m.•73 views

CVE-2026-45411 vm2: Sandbox Breakout Using Async Generator

vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.3, it is possible to catch a host exception using the yield expression inside an async generator. When the generator is closed using the return function, the value is awaited on and exceptions thrown in the then call will be caught by th...

9.8CVSS0.00568EPSS
Exploits1References1
Cvelist
Cvelist
•added 2026/05/12 9:37 p.m.•73 views

CVE-2026-44301 Hugo: Node tool execution allows file system access outside the project directory

Hugo is a static site generator. From 0.43 to before 0.161.0, when building a Hugo site that uses Node-based asset pipelines PostCSS, Babel, TailwindCSS, Hugo invoked the configured Node tools without restrictions on file system access. As a result, executing hugo against an untrusted site could...

8.6CVSS0.00274EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/05/12 8:20 a.m.•73 views

CVE-2026-25786

Affected devices do not properly validate and sanitize PLC/station name rendered on the "communication" parameters page of the web interface. This could allow an authenticated attacker who is authorized to download a TIA project into the product, to inject malicious scripts into the page. If a...

9.3CVSS0.0037EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/05/12 7:48 a.m.•74 views

CVE-2026-6237 Quick Table <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'style' Shortcode Attribute

The Quick Table plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'style' attribute of the 'qtbl' shortcode in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS0.00187EPSS
Exploits0References3
Cvelist
Cvelist
•added 2026/05/09 5:5 a.m.•73 views

CVE-2025-15634 HCL BigFix WebUI is affected by a missing authorization vulnerability

A missing authorization vulnerability in HCL BigFix WebUI allows an authenticated user without proper permissions to view sensitive environmental information via direct URL access to the unauthorized page...

5.3CVSS0.0018EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/05/09 3:39 a.m.•73 views

CVE-2026-42174 Kirby: User avatar creation, replacement and deletion are not gated by user update permissions

Kirby is an open-source content management system. Prior to versions 4.9.0 and 5.4.0, user avatar creation, replacement and deletion are not gated by user update permissions. This issue has been patched in versions 4.9.0 and 5.4.0...

5.3CVSS0.00237EPSS
Exploits0References3
Cvelist
Cvelist
•added 2026/05/07 8:58 p.m.•73 views

CVE-2026-33109 Azure Managed Instance for Apache Cassandra Remote Code Execution Vulnerability

...

9.9CVSS0.00711EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/05/07 7:41 p.m.•73 views

CVE-2026-33814 Infinite loop in HTTP/2 transport when given bad SETTINGS_MAX_FRAME_SIZE in net/http/internal/http2 in golang.org/x/net

When processing HTTP/2 SETTINGS frames, transport will enter an infinite loop of writing CONTINUATION frames if it receives a SETTINGSMAXFRAMESIZE with a value of 0...

0.00781EPSS
Exploits0References5
Cvelist
Cvelist
•added 2026/05/07 4:27 a.m.•73 views

CVE-2026-4348 BetterDocs Pro <= 3.7.0 - Unauthenticated SQL Injection via Encyclopedia 'limit' Parameter

The BetterDocs Pro plugin for WordPress is vulnerable to SQL Injection via the getcurrentletterdocs and docssortbyletter AJAX actions in all versions up to, and including, 3.7.0. This is due to the limit POST parameter being interpolated directly into a SQL query string before being passed to...

7.5CVSS0.00395EPSS
Exploits0References2
Cvelist
Cvelist
•added 2026/05/05 2:26 a.m.•73 views

CVE-2026-4409 Subscribe To Comments Reloaded <= 240119 - Improper Authorization to Unauthenticated Arbitrary Subscription Management

The Subscribe To Comments Reloaded plugin for WordPress is vulnerable to unauthorized modification of data due to a leaked secret key and usage of a weak hash generation algorithm in all versions up to, and including, 240119. This makes it possible for unauthenticated attackers to extract the...

6.5CVSS0.00227EPSS
Exploits0References4
Cvelist
Cvelist
•added 2026/05/04 6:30 p.m.•73 views

CVE-2026-42231 n8n: Prototype Pollution in XML Webhook Body Parser Leads to RCE

n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, a flaw in the xml2js library used to parse XML request bodies in n8n's webhook handler allowed prototype pollution via a crafted XML payload. An authenticated user with permission to create or modi...

9.4CVSS0.00851EPSS
Exploits1References1
Cvelist
Cvelist
•added 2026/04/15 6:35 p.m.•73 views

CVE-2026-6245 Sssd: out-of-bounds read in the sssd

A flaw was found in the System Security Services Daemon SSSD. The pampasskeychildreaddata function within the PAM passkey responder fails to properly handle raw bytes received from a pipe. Because the data is treated as a NUL-terminated C string without explicit termination, it results in an...

5.5CVSS0.00141EPSS
Exploits0References2
Cvelist
Cvelist
•added 2026/01/08 2:49 p.m.•73 views

CVE-2026-22034 Snuffleupagus vulnerable to RCE on instances with upload validation enabled but without the VLD package

Snuffleupagus is a module that raises the cost of attacks against website by killing bug classes and providing a virtual patching system. On deployments of Snuffleupagus prior to version 0.13.0 with the non-default upload validation feature enabled and configured to use one of the upstream...

9.2CVSS0.00657EPSS
Exploits1References8
Cvelist
Cvelist
•added 2025/07/28 11:21 a.m.•73 views

CVE-2025-38481 comedi: Fail COMEDI_INSNLIST ioctl if n_insns is too large

In the Linux kernel, the following vulnerability has been resolved: comedi: Fail COMEDIINSNLIST ioctl if ninsns is too large The handling of the COMEDIINSNLIST ioctl allocates a kernel buffer to hold the array of struct comediinsn, getting the length from the ninsns member of the struct...

0.00156EPSS
Exploits0References8
Cvelist
Cvelist
•added 2025/05/20 5:32 p.m.•73 views

CVE-2025-47277 vLLM Allows Remote Code Execution via PyNcclPipe Communication Service

vLLM, an inference and serving engine for large language models LLMs, has an issue in versions 0.6.5 through 0.8.4 that ONLY impacts environments using the PyNcclPipe KV cache transfer integration with the V0 engine. No other configurations are affected. vLLM supports the use of...

9.8CVSS0.00959EPSS
Exploits1References4
Cvelist
Cvelist
•added 2025/05/19 6:13 p.m.•73 views

CVE-2025-47581 WordPress WordPress Events Calendar Registration & Tickets plugin <= 2.6.0 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in elbisnero WordPress Events Calendar Registration & Tickets wpeventplus allows Object Injection.This issue affects WordPress Events Calendar Registration & Tickets: from n/a through = 2.6.0...

9.8CVSS0.00396EPSS
Exploits0References1
Cvelist
Cvelist
•added 2025/04/30 4:30 p.m.•73 views

CVE-2025-3859 Firefox Focus elide URL allows address bar spoofing

Websites directing users to long URLs that caused eliding to occur in the location view could leverage the truncating behavior to potentially trick users into thinking they were on a different webpage. This vulnerability was fixed in Focus 138...

0.00172EPSS
Exploits0References2
Cvelist
Cvelist
•added 2025/04/15 8:19 p.m.•73 views

CVE-2025-32778 Web-Check allows command Injection via Unvalidated URL in Screenshot API

Web-Check is an all-in-one OSINT tool for analyzing any website. A command injection vulnerability exists in the screenshot API of the Web Check project Lissy93/web-check. The issue stems from user-controlled input url being passed unsanitized into a shell command using exec, allowing attackers t...

9.3CVSS0.19761EPSS
Exploits4References3
Cvelist
Cvelist
•added 2025/04/08 5:24 p.m.•73 views

CVE-2025-29812 DirectX Graphics Kernel Elevation of Privilege Vulnerability

...

7.8CVSS0.00806EPSS
Exploits0References1
Cvelist
Cvelist
•added 2025/03/20 10:9 a.m.•73 views

CVE-2025-0330 Exposure of Sensitive Information in berriai/litellm

In berriai/litellm version v1.52.1, an issue in proxyserver.py causes the leakage of Langfuse API keys when an error occurs while parsing team settings. This vulnerability exposes sensitive information, including langfusesecret and langfusepublickey, which can provide full access to the Langfuse...

7.5CVSS0.00523EPSS
Exploits1References1
Cvelist
Cvelist
•added 2024/11/14 1:0 p.m.•73 views

CVE-2024-10979 PostgreSQL PL/Perl environment variable changes execute arbitrary code

Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables e.g. PATH. That often suffices to enable arbitrary code execution, even if the attacker lacks a database server operating system user. Versions...

8.8CVSS0.04422EPSS
Exploits1References1
Cvelist
Cvelist
•added 2024/10/17 1:59 a.m.•73 views

CVE-2024-45766

Dell OpenManage Enterprise, versions OME 4.1 and prior, contains an Improper Control of Generation of Code 'Code Injection' vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Code execution...

8CVSS0.00531EPSS
Exploits0References1
Cvelist
Cvelist
•added 2024/09/26 5:21 p.m.•73 views

CVE-2024-47171 Agnai vulnerable to Relative Path Traversal in Image Upload

Agnai is an artificial-intelligence-agnostic multi-user, mult-bot roleplaying chat system. A vulnerability in versions prior to 1.0.330 permits attackers to upload image files at attacker-chosen location on the server. This issue can lead to image file uploads to unauthorized or unintended...

4.3CVSS0.00495EPSS
Exploits0References3
Cvelist
Cvelist
•added 2024/09/18 7:12 a.m.•73 views

CVE-2024-46740 binder: fix UAF caused by offsets overwrite

In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF caused by offsets overwrite Binder objects are processed and copied individually into the target buffer during transactions. Any raw data in-between these objects is copied as well. However, this raw data copy lac...

0.00289EPSS
Exploits0References7
Cvelist
Cvelist
•added 2024/08/13 5:30 p.m.•73 views

CVE-2024-38140 Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability

...

9.8CVSS0.0381EPSS
Exploits0References1
Cvelist
Cvelist
•added 2024/07/19 8:50 a.m.•75 views

CVE-2024-29736 Apache CXF: SSRF vulnerability via WADL stylesheet parameter

A SSRF vulnerability in WADL service description in versions of Apache CXF before 4.0.5, 3.6.4 and 3.5.9 allows an attacker to perform SSRF style attacks on REST webservices. The attack only applies if a custom stylesheet parameter is configured...

0.01029EPSS
Exploits0References1
Cvelist
Cvelist
•added 2024/07/19 6:0 a.m.•73 views

CVE-2024-6205 PayPlus Payment Gateway < 6.6.9 - Unauthenticated SQLi

The PayPlus Payment Gateway WordPress plugin before 6.6.9 does not properly sanitise and escape a parameter before using it in a SQL statement via a WooCommerce API route available to unauthenticated users, leading to an SQL injection vulnerability...

0.04168EPSS
Exploits4References1
Cvelist
Cvelist
•added 2024/07/01 6:10 p.m.•73 views

CVE-2024-36387 Apache HTTP Server: DoS by Null pointer in websocket over HTTP/2

Serving WebSocket protocol upgrades over a HTTP/2 connection could result in a Null Pointer dereference, leading to a crash of the server process, degrading performance...

0.01715EPSS
Exploits0References2
Cvelist
Cvelist
•added 2024/03/21 9:50 p.m.•73 views

CVE-2024-28117 Grav vulnerable to Server Side Template Injection (SSTI)

Grav is an open-source, flat-file content management system. Prior to version 1.7.45, Grav validates accessible functions through the Utils::isDangerousFunction function, but does not impose restrictions on twig functions like twigarraymap, allowing attackers to bypass the validation and execute...

8.8CVSS9.4AI score0.01381EPSS
Exploits1References2
Cvelist
Cvelist
•added 2024/01/22 11:9 p.m.•73 views

CVE-2024-23342 python-ecdsa vulnerable to Minerva attack on P-256

The ecdsa PyPI package is a pure Python implementation of ECC Elliptic Curve Cryptography with support for ECDSA Elliptic Curve Digital Signature Algorithm, EdDSA Edwards-curve Digital Signature Algorithm and ECDH Elliptic Curve Diffie-Hellman. Versions 0.18.0 and prior are vulnerable to the...

7.4CVSS7.6AI score0.00977EPSS
Exploits1References4
Total number of security vulnerabilities5000