Lucene search
K
CvelistMost viewed

365117 matches found

Cvelist
Cvelist
added 2026/05/06 6:13 p.m.69 views

CVE-2026-8001

Use After Free in Printing in Google Chrome on Linux, Mac, ChromeOS prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...

0.00178EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/05 8:52 p.m.69 views

CVE-2026-40068 Claude Code arbitrary code execution via git worktree commondir trust dialog bypass

In versions 2.1.63 through 2.1.83 of Claude Code, the folder trust determination logic used the git worktree commondir file without validating its contents. An attacker could craft a malicious repository with a commondir file pointing to a path the victim had previously trusted, causing Claude Co...

7.7CVSS0.00281EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/05 3:37 a.m.69 views

CVE-2026-4665 WP Carousel Free <= 2.7.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'data-caption' Attribute

The WP Carousel Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting via crafted fancybox data-caption attributes in all versions up to, and including, 2.7.10. This is due to the fancybox-config.js script reading the carousel container's id attribute directly from the DOM to...

6.4CVSS0.00281EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/04 8:13 p.m.69 views

CVE-2026-42238 Unauthenticated Remote Code Execution via Backup Restore in nginx-ui

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.8, nginx-ui exposes a backup restore endpoint POST /api/restore that is completely unauthenticated during the first 10 minutes after process startup on any fresh installation. An unauthenticated remote attacker can...

9CVSS0.00764EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/05/04 6:28 p.m.69 views

CVE-2026-42230 n8n: Open Redirect in MCP OAuth Consent Flow

n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, the /mcp-oauth/register endpoint accepted OAuth client registrations without authentication, allowing arbitrary redirecturi values to be registered. When a user denies the MCP OAuth consent dialog,...

5.1CVSS0.00181EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/02 5:29 a.m.69 views

CVE-2026-5112 Gravity Forms <= 2.10.0 - Unauthenticated Stored Cross-Site Scripting via Calculation Product Field in Repeater

The Gravity Forms plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting in versions up to and including 2.10.0. This is due to insufficient input validation and output escaping of Calculation Product field product names when rendered inside Repeater fields. The validat...

7.2CVSS0.00232EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/15 4:2 p.m.69 views

CVE-2026-4181 D-Link DIR-816 goahead form2RepeaterStep2.cgi stack-based overflow

A security flaw has been discovered in D-Link DIR-816 1.10CNB05. This affects an unknown function of the file /goform/form2RepeaterStep2.cgi of the component goahead. The manipulation of the argument key1/key2/key3/key4/pskValue results in stack-based buffer overflow. The attack may be launched...

10CVSS0.01184EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/07/07 5:57 p.m.69 views

CVE-2025-53536 Roo Code allows Potential Remote Code Execution via .vscode/settings.json

Roo Code is an AI-powered autonomous coding agent. Prior to 3.22.6, if the victim had "Write" auto-approved, an attacker with the ability to submit prompts to the agent could write to VS Code settings files and trigger code execution. There were multiple ways to achieve that. One example is with...

8.1CVSS0.00656EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/02/11 5:58 p.m.69 views

CVE-2025-21381 Microsoft Excel Remote Code Execution Vulnerability

...

7.8CVSS0.01113EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/18 11:32 p.m.69 views

CVE-2023-21586 Acrobat Reader | NULL Pointer Dereference (CWE-476)

Adobe Acrobat Reader versions 22.003.20282 and earlier, 22.003.20281 and earlier and 20.005.30418 and earlier are affected by a NULL Pointer Dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the...

5.5CVSS0.02052EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/06 3:0 p.m.69 views

CVE-2024-54141 phpMyFAQ Generates an Error Message Containing Sensitive Information if database server is not available

phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. Prior to 4.0.0, phpMyFAQ exposes the database ie postgreSQL server's credential when connection to DB fails. This vulnerability is fixed in 4.0.0...

8.6CVSS0.00487EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/11/15 3:36 p.m.69 views

CVE-2022-20685 Multiple Cisco Products Snort Modbus Denial of Service Vulnerability

A vulnerability in the Modbus preprocessor of the Snort detection engine could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to an integer overflow while processing Modbus traffic. An attacker could exploit th...

7.5CVSS0.01386EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/13 2:2 a.m.69 views

CVE-2024-10038 WP-Strava <= 2.12.1 - Authenticated (Administrator+) Stored Cross-Site Scripting

The WP-Strava plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 2.12.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and...

6.1CVSS0.00345EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/09/10 6:50 p.m.69 views

CVE-2024-45409 The Ruby SAML library vulnerable to a SAML authentication bypass via Incorrect XPath selector

The Ruby SAML library is for implementing the client side of a SAML authorization. Ruby-SAML in = 12.2 and 1.13.0 = 1.16.0 does not properly verify the signature of the SAML Response. An unauthenticated attacker with access to any signed saml document by the IdP can thus forge a SAML...

10CVSS0.10684EPSS
Exploits3References4
Cvelist
Cvelist
added 2024/07/29 4:20 p.m.69 views

CVE-2024-6748 SQL Injection

Zohocorp ManageEngine OpManager, OpManager Plus, OpManager MSP and RMM versions 128317 and below are vulnerable to authenticated SQL injection in the URL monitoring...

8.3CVSS0.23784EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/25 9:17 a.m.69 views

CVE-2024-37084 CVE-2024-37084: Remote code execution in Spring Cloud Data Flow

In Spring Cloud Data Flow versions prior to 2.11.4, a malicious user who has access to the Skipper server api can use a crafted upload request to write an arbitrary file to any location on the file system which could lead to compromising the server...

9.8CVSS0.35211EPSS
Exploits4References1
Cvelist
Cvelist
added 2024/07/21 9:0 a.m.69 views

CVE-2024-6947 Flute CMS Notification ContentParser.php replaceContent code injection

A vulnerability was found in Flute CMS 0.2.2.4-alpha. It has been rated as critical. This issue affects the function replaceContent of the file app/Core/Support/ContentParser.php of the component Notification Handler. The manipulation leads to code injection. The attack may be initiated remotely...

5.8CVSS0.00593EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/05/07 8:31 a.m.69 views

CVE-2024-4345 Startklar Elementor Addons <= 1.7.13 - Unauthenticated Arbitrary File Upload

The Startklar Elementor Addons plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the 'process' function in the 'startklarDropZoneUploadProcess' class in versions up to, and including, 1.7.13. This makes it possible for unauthenticated attacke...

9.8CVSS10AI score0.01444EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/03/22 12:55 p.m.69 views

CVE-2024-29943

An attacker was able to perform an out-of-bounds read or write on a JavaScript object by fooling range-based bounds check elimination. This vulnerability affects Firefox 124.0.1...

5.8AI score0.22935EPSS
Exploits2References3
Cvelist
Cvelist
added 2024/03/11 5:56 p.m.69 views

CVE-2023-6444 Seriously Simple Podcasting < 3.0.0 - Unauthenticated Administrator Email Disclosure

The Seriously Simple Podcasting WordPress plugin before 3.0.0 discloses the Podcast owner's email address which by default is the admin email address via an unauthenticated crafted request...

6.9AI score0.02463EPSS
Exploits3References1
Cvelist
Cvelist
added 2024/01/29 10:41 p.m.69 views

CVE-2024-23829 aiohttp's HTTP parser (the python one, not llhttp) still overly lenient about separators

aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. Security-sensitive parts of the Python HTTP parser retained minor differences in allowable character sets, that must trigger error handling to robustly match frame boundaries of proxies in order to protect against...

6.5CVSS7.3AI score0.0102EPSS
Exploits1References5
Cvelist
Cvelist
added 2023/06/21 4:26 p.m.69 views

CVE-2023-2828 named's configured cache size limit can be significantly exceeded

Every named instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the max-cache-size statement in the configuration file; it...

7.5CVSS7.9AI score0.03776EPSS
Exploits0References7
Cvelist
Cvelist
added 2023/05/11 8:51 p.m.69 views

CVE-2023-31146 Vyper vulnerable to OOB DynArray access when array is on both LHS and RHS of an assignment

Vyper is a Pythonic smart contract language for the Ethereum virtual machine. Prior to version 0.3.8, during codegen, the length word of a dynarray is written before the data, which can result in out-of-bounds array access in the case where the dynarray is on both the lhs and rhs of an assignment...

7.5CVSS9.5AI score0.01241EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/04/18 9:32 p.m.69 views

CVE-2023-30608 Parser contains an inefficient regular expression in sqlparse

sqlparse is a non-validating SQL parser module for Python. In affected versions the SQL parser contains a regular expression that is vulnerable to ReDoS Regular Expression Denial of Service. This issue was introduced by commit e75e358. The vulnerability may lead to Denial of Service DoS. This...

5.5CVSS7.9AI score0.0098EPSS
Exploits0References5
Cvelist
Cvelist
added 2023/04/13 10:35 p.m.69 views

CVE-2023-1326 local privilege escalation in apport-cli

A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal size can be set: a local attacker can escalate...

7.7CVSS8.1AI score0.00874EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/02/15 2:58 p.m.69 views

CVE-2023-25578 Starlite DoS vulnerability when parsing multipart request body

Starlite is an Asynchronous Server Gateway Interface ASGI framework. Prior to version 1.5.2, the request body parsing in starlite allows a potentially unauthenticated attacker to consume a large amount of CPU time and RAM. The multipart body parser processes an unlimited number of file parts and ...

7.5CVSS7.7AI score0.01004EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/01/20 10:49 p.m.69 views

CVE-2023-22742 libgit2 fails to verify SSH keys by default

libgit2 is a cross-platform, linkable library implementation of Git. When using an SSH remote with the optional libssh2 backend, libgit2 does not perform certificate checking by default. Prior versions of libgit2 require the caller to set the certificatecheck field of libgit2's gitremotecallbacks...

5.3CVSS6.1AI score0.0058EPSS
Exploits0References7
Cvelist
Cvelist
added 2022/12/27 9:13 p.m.69 views

CVE-2021-4238 Insufficient randomness in github.com/Masterminds/goutils

Randomly-generated alphanumeric strings contain significantly less entropy than expected. The RandomAlphaNumeric and CryptoRandomAlphaNumeric functions always return strings containing at least one digit from 0 to 9. This significantly reduces the amount of entropy in short strings generated by...

9.3AI score0.01319EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/11/11 3:49 p.m.69 views

CVE-2022-36380

Uncontrolled search path in the installer software for some Intelr NUC Kit Wireless Adapter drivers for Windows 10 before version 22.40 may allow an authenticated user to potentially enable escalation of privilege via local access...

6.7CVSS7.6AI score0.00169EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/09/21 10:15 a.m.69 views

CVE-2022-38178 Memory leaks in EdDSA DNSSEC verification code

By spoofing the target resolver with responses that have a malformed EdDSA signature, an attacker can trigger a small memory leak. It is possible to gradually erode available memory to the point where named crashes for lack of resources...

7.5CVSS7.8AI score0.02176EPSS
Exploits0References9
Cvelist
Cvelist
added 2022/09/13 6:41 p.m.69 views

CVE-2022-30170 Windows Credential Roaming Service Elevation of Privilege Vulnerability

...

7.3CVSS8.5AI score0.0147EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/06/15 9:51 p.m.69 views

CVE-2022-29143 Microsoft SQL Server Remote Code Execution Vulnerability

...

7.5CVSS7.8AI score0.01974EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/05/19 5:20 p.m.69 views

CVE-2021-32934 ThroughTek P2P SDK - Cleartext Transmission of Sensitive Information

The affected ThroughTek P2P products SDKs using versions before 3.1.5, any versions with nossl tag, device firmware not using AuthKey for IOTC conneciton, firmware using AVAPI module without enabling DTLS mechanism, and firmware using P2PTunnel or RDT module do not sufficiently protect data...

9.1CVSS9.1AI score0.00578EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/05/03 3:15 a.m.69 views

CVE-2022-20759 Cisco Adaptive Security Appliance Software and Firepower Threat Defense Software Web Services Interface Privilege Escalation Vulnerability

A vulnerability in the web services interface for remote access VPN features of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an authenticated, but unprivileged, remote attacker to elevate privileges to level 15. This vulnerability is d...

8.8CVSS9.1AI score0.28369EPSS
Exploits1References2
Cvelist
Cvelist
added 2022/02/01 1:46 a.m.69 views

CVE-2021-46667

MariaDB before 10.6.5 has a sqllex.cc integer overflow, leading to an application crash...

6.6AI score0.00425EPSS
Exploits1References6
Cvelist
Cvelist
added 2021/12/07 10:55 p.m.69 views

CVE-2021-44420

In Django 2.2 before 2.2.25, 3.1 before 3.1.14, and 3.2 before 3.2.10, HTTP requests for URLs with trailing newlines could bypass upstream access control based on URL paths...

7.5AI score0.02295EPSS
Exploits0References6
Cvelist
Cvelist
added 2021/12/06 3:55 p.m.69 views

CVE-2021-24917 WPS Hide Login < 1.9.1 - Protection Bypass with Referer-Header

The WPS Hide Login WordPress plugin before 1.9.1 has a bug which allows to get the secret login page by setting a random referer string and making a request to /wp-admin/options.php as an unauthenticated user...

7.8AI score0.71532EPSS
Exploits5References2
Cvelist
Cvelist
added 2021/03/15 5:3 p.m.69 views

CVE-2021-25667

A vulnerability has been identified in RUGGEDCOM RM1224 All versions = V4.3 and = V4.3 and = V4.3 and = V2.0 and V2.1.3, SCALANCE XB-200 All versions V4.1, SCALANCE XC-200 All versions V4.1, SCALANCE XF-200BA All versions V4.1, SCALANCE XM400 All versions V6.2, SCALANCE XP-200 All versions V4.1,...

9.1AI score0.00852EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/03/04 12:31 p.m.69 views

CVE-2020-24913

A SQL injection vulnerability in qcubed all versions including 3.1.1 in profile.php via the strQuery parameter allows an unauthenticated attacker to access the database by injecting SQL code via a crafted POST request...

9.7AI score0.40621EPSS
Exploits5References5
Cvelist
Cvelist
added 2021/02/25 4:30 p.m.69 views

CVE-2021-20328 MongoDB Java driver client-side field level encryption not verifying KMS host name

Specific versions of the Java driver that support client-side field level encryption CSFLE fail to perform correct host name verification on the KMS server’s certificate. This vulnerability in combination with a privileged network position active MITM attack could result in interception of traffi...

6.4CVSS6.8AI score0.00432EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/12/31 8:20 a.m.69 views

CVE-2020-35912

An issue was discovered in the lockapi crate before 0.4.2 for Rust. A data race can occur because of MappedRwLockWriteGuard unsoundness...

4.7AI score0.00205EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/09/11 12:0 a.m.69 views

CVE-2020-1045 Microsoft ASP.NET Core Security Feature Bypass Vulnerability

...

7.5CVSS7.5AI score0.06624EPSS
Exploits0References6
Cvelist
Cvelist
added 2020/02/24 2:38 p.m.69 views

CVE-2019-18182

pacman before 5.2 is vulnerable to arbitrary command injection in conf.c in the downloadwithxfercommand function. This can be exploited when unsigned databases are used. To exploit the vulnerability, the user must enable a non-default XferCommand and retrieve an attacker-controlled crafted databa...

9.6AI score0.03672EPSS
Exploits1References6
Cvelist
Cvelist
added 2018/11/28 11:0 p.m.69 views

CVE-2018-18203

A vulnerability in the update mechanism of Subaru StarLink Harman head units 2017, 2018, and 2019 may give an attacker with physical access to the vehicle's USB ports the ability to rewrite the firmware of the head unit. This occurs because the device accepts modified QNX6 filesystem images as lo...

6.6AI score0.00241EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/08/14 1:0 p.m.69 views

CVE-2016-4975 mod_userdir CRLF injection

Possible CRLF injection allowing HTTP response splitting attacks for sites which use moduserdir. This issue was mitigated by changes made in 2.4.25 and 2.2.32 which prohibit CR or LF injection into the "Location" or other outbound header key or value. Fixed in Apache HTTP Server 2.4.25 Affected...

6.9AI score0.19798EPSS
Exploits0References24
Cvelist
Cvelist
added 2018/01/18 2:0 a.m.69 views

CVE-2018-2640

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.5.58 and prior, 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols...

6.5AI score0.03952EPSS
Exploits0References15
Cvelist
Cvelist
added 2016/10/25 2:0 p.m.69 views

CVE-2016-5612

Unspecified vulnerability in Oracle MySQL 5.5.50 and earlier, 5.6.31 and earlier, and 5.7.13 and earlier allows remote authenticated users to affect availability via vectors related to DML...

5.6AI score0.0336EPSS
Exploits0References9
Cvelist
Cvelist
added 2014/10/10 10:0 a.m.69 views

CVE-2014-3581

The cachemergeheadersout function in modules/cache/cacheutil.c in the modcache module in the Apache HTTP Server before 2.4.11 allows remote attackers to cause a denial of service NULL pointer dereference and application crash via an empty HTTP Content-Type header...

6.5AI score0.13451EPSS
Exploits0References29
Cvelist
Cvelist
added 2013/10/17 11:0 p.m.69 views

CVE-2013-4365

Heap-based buffer overflow in the fcgidheaderbucketread function in fcgidbucket.c in the modfcgid module before 2.3.9 for the Apache HTTP Server allows remote attackers to have an unspecified impact via unknown vectors...

6.8AI score0.13141EPSS
Exploits0References9
Cvelist
Cvelist
added 2010/12/06 10:0 p.m.69 views

CVE-2010-4478

OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, which allows remote attackers to bypass the need for knowledge of the shared secret, and successfully authenticate, by sending crafted values in each round of the protocol, a...

6AI score0.04242EPSS
Exploits1References7
Total number of security vulnerabilities5000