Lucene search
K
CvelistMost viewed

364602 matches found

Cvelist
Cvelist
added 2026/05/06 11:28 a.m.65 views

CVE-2026-43198 tcp: fix potential race in tcp_v6_syn_recv_sock()

In the Linux kernel, the following vulnerability has been resolved: tcp: fix potential race in tcpv6synrecvsock Code in tcpv6synrecvsock after the call to tcpv4synrecvsock is done too late. After tcpv4synrecvsock, the child socket is already visible from TCP ehash table and other cpus might use i...

9.8CVSS0.00298EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/04 7:12 p.m.65 views

CVE-2026-41924 WDR201A WiFi Extender OS Command Injection via makeRequest.cgi

WDR201A WiFi Extender HW V2.1, FW LFMZX28040922V1.02 contains an OS command injection vulnerability in the makeRequest.cgi binary that allows unauthenticated remote attackers to execute arbitrary shell commands by injecting malicious input into the settime or StartSniffer functions. Attackers can...

9.3CVSS0.02707EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/30 12:0 a.m.65 views

CVE-2026-40686

In Exim before 4.99.2, when utf8 operators are enabled, there is an out-of-bounds read if large UTF-8 trailing characters are present malformed UTF-8 header data. Information might be divulged within an error message produced during handling of an unrelated e-mail message...

3.7CVSS0.00246EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/15 4:2 p.m.65 views

CVE-2026-4181 D-Link DIR-816 goahead form2RepeaterStep2.cgi stack-based overflow

A security flaw has been discovered in D-Link DIR-816 1.10CNB05. This affects an unknown function of the file /goform/form2RepeaterStep2.cgi of the component goahead. The manipulation of the argument key1/key2/key3/key4/pskValue results in stack-based buffer overflow. The attack may be launched...

10CVSS0.01184EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/02/14 4:27 p.m.65 views

CVE-2026-23197 i2c: imx: preserve error state in block data length handler

In the Linux kernel, the following vulnerability has been resolved: i2c: imx: preserve error state in block data length handler When a block read returns an invalid length, zero or I2CSMBUSBLOCKMAX, the length handler sets the state to IMXI2CSTATEFAILED. However, i2cimxmasterisr unconditionally...

0.001EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/01/06 12:0 a.m.65 views

CVE-2025-65212

An issue was discovered in NJHYST HY511 POE core before 2.1 and plugins before 0.1. The vulnerability stems from the device's insufficient cookie verification, allowing an attacker to directly request the configuration file address and download the core configuration file without logging into the...

0.04617EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/10/29 7:37 p.m.65 views

CVE-2025-11201 MLflow Tracking Server Model Creation Directory Traversal Remote Code Execution Vulnerability

MLflow Tracking Server Model Creation Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MLflow Tracking Server. Authentication is not required to exploit this vulnerability. The specific flaw...

8.1CVSS0.27133EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/09/08 6:0 a.m.65 views

CVE-2025-8085 Ditty < 3.1.58 - Unauthenticated SSRF

The Ditty WordPress plugin before 3.1.58 lacks authorization and authentication for requests to its displayItems endpoint, allowing unauthenticated visitors to make requests to arbitrary URLs...

0.16399EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/08/12 5:10 p.m.65 views

CVE-2025-53778 Windows NTLM Elevation of Privilege Vulnerability

...

8.8CVSS0.36074EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/05 1:0 p.m.65 views

CVE-2025-54948

A vulnerability in Trend Micro Apex One on-premise management console could allow a pre-authenticated remote attacker to upload malicious code and execute commands on affected installations...

9.4CVSS0.2079EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/01 8:39 p.m.65 views

CVE-2013-10048 D-Link Devices command.php Unauthenticated RCE

An OS command injection vulnerability exists in various legacy D-Link routers—including DIR-300 rev B and DIR-600 firmware ≤ 2.13 and ≤ 2.14b01, respectively—due to improper input handling in the unauthenticated command.php endpoint. By sending specially crafted POST requests, a remote attacker c...

9.3CVSS0.12099EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/07/29 10:11 p.m.65 views

CVE-2025-54381 BentoML is Vulnerable to an SSRF Attack Through File Upload Processing

BentoML is a Python library for building online serving systems optimized for AI apps and model inference. In versions 1.4.0 until 1.4.19, the file upload processing system contains an SSRF vulnerability that allows unauthenticated remote attackers to force the server to make arbitrary HTTP...

9.9CVSS0.11883EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/07/29 9:52 p.m.65 views

CVE-2025-54126 WebAssembly Micro Runtime's `--addr-pool` option allows all IPv4 addresses when subnet mask is not specified

The WebAssembly Micro Runtime's WAMR iwasm package is the executable binary built with WAMR VMcore which supports WebAssembly System Interface WASI and command line interface. In versions 2.4.0 and below, iwasm uses --addr-pool with an IPv4 address that lacks a subnet mask, allowing the system to...

6.9CVSS0.0061EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/07/23 1:13 p.m.65 views

CVE-2025-40599

An authenticated arbitrary file upload vulnerability exists in the SMA 100 series web management interface. A remote attacker with administrative privileges can exploit this flaw to upload arbitrary files to the system, potentially leading to remote code execution...

0.11635EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/07/10 1:53 p.m.65 views

CVE-2025-7425 Libxslt: libxml2: heap use-after-free in libxslt caused by atype corruption in xmlattrptr

A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may acce...

7.8CVSS0.00339EPSS
Exploits1References32
Cvelist
Cvelist
added 2025/06/18 11:30 p.m.65 views

CVE-2025-24286

A vulnerability allowing an authenticated user with the Backup Operator role to modify backup jobs, which could execute arbitrary code...

7.2CVSS0.1119EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/18 11:30 p.m.65 views

CVE-2025-23121

A vulnerability allowing remote code execution RCE on the Backup Server by an authenticated domain user...

9.9CVSS0.12442EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/11 5:28 p.m.65 views

CVE-2025-0923 IBM Cognos Analytics information disclosure

IBM Cognos Analytics 11.2.0, 11.2.1, 11.2.2, 11.2.3, 11.2.4, 12.0.0, 12.0.1, 12.0.2, 12.0.3, and 12.0.4 stores source code on the web server that could aid in further attacks against the system...

5.3CVSS0.00241EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/29 12:29 p.m.65 views

CVE-2025-48045 MICI Network Co. Ltd. NetFax Server Default Administrator Credentials Disclosure

An unauthenticated HTTP GET request to the /client.php endpoint will disclose the default administrator user credentials...

8.7CVSS0.00556EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/22 12:0 a.m.65 views

CVE-2025-32813

An issue was discovered in Infoblox NETMRI before 7.6.1. Remote Unauthenticated Command Injection can occur...

0.43042EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/14 11:5 a.m.65 views

CVE-2025-3834 SQL Injection

Zohocorp ManageEngine ADAudit Plus versions 8510 and prior are vulnerable to authenticated SQL injection in the OU History report...

8.1CVSS0.01285EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/24 1:58 p.m.65 views

CVE-2025-43855 tRPC 11 WebSocket DoS Vulnerability

tRPC allows users to build & consume fully typesafe APIs without schemas or code generation. In versions starting from 11.0.0 to before 11.1.1, an unhandled error is thrown when validating invalid connectionParams which crashes a tRPC WebSocket server. This allows any unauthenticated user to cras...

8.7CVSS0.00349EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/04/08 11:7 a.m.65 views

CVE-2025-30166 Pimcore's Admin Classic Bundle allows HTML Injection

Pimcore's Admin Classic Bundle provides a Backend UI for Pimcore. An HTML injection issue allows users with access to the email sending functionality to inject arbitrary HTML code into emails sent via the admin interface, potentially leading to session cookie theft and the alteration of page...

1.8CVSS0.00222EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/03/23 3:0 p.m.65 views

CVE-2025-0927

...

Exploits1
Cvelist
Cvelist
added 2025/01/21 3:27 p.m.65 views

CVE-2025-24011 Umbraco CMS Vulnerable to User Enumeration Feasible Based On Management API Timing and Response Codes

Umbraco is a free and open source .NET content management system. Starting in version 14.0.0 and prior to versions 14.3.2 and 15.1.2, it's possible to determine whether an account exists based on an analysis of response codes and timing of Umbraco management API responses. Versions 14.3.2 and...

5.3CVSS0.01451EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/12/12 9:4 a.m.65 views

CVE-2024-4109

...

Exploits0
Cvelist
Cvelist
added 2024/11/01 4:19 p.m.65 views

CVE-2024-51483 changedetection.io Path Traversal vulnerability

changedetection.io is free, open source web page change detection software. Prior to version 0.47.5, when a WebDriver is used to fetch files, source:file:///etc/passwd can be used to retrieve local system files, where the more traditional file:///etc/passwd gets blocked. Version 0.47.5 fixes the...

6.9CVSS0.0229EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/09/10 4:53 p.m.65 views

CVE-2024-38226 Microsoft Publisher Security Feature Bypass Vulnerability

...

7.3CVSS0.02667EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/09/10 4:53 p.m.65 views

CVE-2024-37341 Microsoft SQL Server Elevation of Privilege Vulnerability

...

8.8CVSS0.01456EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/09/09 6:49 p.m.65 views

CVE-2024-7260 Keycloak-core: open redirect on account page

An open redirect vulnerability was found in Keycloak. A specially crafted URL can be constructed where the referrer and referreruri parameters are made to trick a user to visit a malicious webpage. A trusted URL can trick users and automation into believing that the URL is safe, when, in fact, it...

6.1CVSS0.00546EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/08/27 6:31 p.m.65 views

CVE-2024-8210 D-Link DNS-1550-04 hd_config.cgi sprintf command injection

A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20240814. It has been classified as critical. This...

6.5CVSS0.07482EPSS
Exploits1References6
Cvelist
Cvelist
added 2024/08/06 3:38 a.m.65 views

CVE-2024-6781 Calibre Arbitrary File Read

Path traversal in Calibre = 7.14.0 allow unauthenticated attackers to achieve arbitrary file read...

7.5CVSS0.62696EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/07/08 3:32 p.m.65 views

CVE-2024-39699 Directus has a Blind SSRF On File Import

Directus is a real-time API and App dashboard for managing SQL database content. There was already a reported SSRF vulnerability via file import. It was fixed by resolving all DNS names and checking if the requested IP is an internal IP address. However it is possible to bypass this security...

5CVSS0.00435EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/07/04 8:36 a.m.65 views

CVE-2024-39884 Apache HTTP Server: source code disclosure with handlers configured via AddType

A regression in the core of Apache HTTP Server 2.4.60 ignores some use of the legacy content-type based configuration of handlers. "AddType" and similar configuration, under some circumstances where files are requested indirectly, result in source code disclosure of local content. For example,...

0.00889EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/07/01 2:17 p.m.65 views

CVE-2024-21457 Buffer Over-read in WLAN Host Communication

INformation disclosure while handling Multi-link IE in beacon frame...

6.5CVSS0.00213EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/24 9:59 a.m.65 views

CVE-2024-29868 Apache StreamPipes, Apache StreamPipes: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Recovery Token Generation

Use of Cryptographically Weak Pseudo-Random Number Generator PRNG vulnerability in Apache StreamPipes user self-registration and password recovery mechanism. This allows an attacker to guess the recovery token in a reasonable time and thereby to take over the attacked user's account. This issue...

0.05995EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/06/18 5:0 p.m.65 views

CVE-2024-21685

This High severity Information Disclosure vulnerability was introduced in versions 9.4.0, 9.12.0, and 9.15.0 of Jira Core Data Center. This Information Disclosure vulnerability, with a CVSS Score of 7.4, allows an unauthenticated attacker to view sensitive information via an Information Disclosur...

7.4CVSS0.00439EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/06/10 12:0 a.m.65 views

CVE-2024-37393

Multiple LDAP injections vulnerabilities exist in SecurEnvoy MFA before 9.4.514 due to improper validation of user-supplied input. An unauthenticated remote attacker could exfiltrate data from Active Directory through blind LDAP injection attacks against the DESKTOP service exposed on the...

0.03304EPSS
Exploits2References3
Cvelist
Cvelist
added 2024/05/23 1:56 a.m.65 views

CVE-2024-4978 Malicious Code in Justice AV Solutions (JAVS) Viewer

Justice AV Solutions Viewer Setup 8.3.7.250-1 contains a malicious binary when executed and is signed with an unexpected authenticode signature. A remote, privileged threat actor may exploit this vulnerability to execute of unauthorized PowerShell commands...

8.7CVSS8.4AI score0.26937EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/05/18 9:24 p.m.66 views

CVE-2024-36050

Nix through 2.22.1 mishandles certain usage of hash caches, which makes it easier for attackers to replace current source code with attacker-controlled source code by luring a maintainer into accepting a malicious pull request...

6.6AI score0.00394EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/03/23 12:0 a.m.65 views

CVE-2024-24725

Gibbon through 26.0.00 allows remote authenticated users to conduct PHP deserialization attacks via columnOrder in a POST request to the modules/System%20Admin/importrun.php&type=externalAssessment&step=4 URI...

6.6AI score0.5132EPSS
Exploits7References2
Cvelist
Cvelist
added 2024/02/24 5:0 a.m.65 views

CVE-2024-21502

Versions of the package fastecdsa before 2.3.2 are vulnerable to Use of Uninitialized Variable on the stack, via the curvemathmul function in src/curveMath.c, due to being used and interpreted as user-defined type. Depending on the variable's actual value it could be arbitrary free, arbitrary...

7.5CVSS7.7AI score0.01025EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/01/11 8:32 a.m.65 views

CVE-2023-6266 Backup Migration <= 1.3.6 - Unauthenticated Arbitrary Backup Download to Sensitive Information Exposure

The Backup Migration plugin for WordPress is vulnerable to unauthorized access of data due to insufficient path and file validation on the BMIBACKUP case of the handledownloading function in all versions up to, and including, 1.3.6. This makes it possible for unauthenticated attackers to download...

7.5CVSS7.5AI score0.02072EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/01/05 4:31 p.m.65 views

CVE-2023-34325 Multiple vulnerabilities in libfsimage disk handling

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. libfsimage contains parsing code for several filesystems, most of them based on grub-legacy code. libfsimage is used by pygrub to inspect guest disks. Pygrub runs as the...

8.4AI score0.00289EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/01/02 9:54 p.m.65 views

CVE-2024-21632 omniauth-microsoft_graph vulnerable to account takeover (nOAuth)

omniauth-microsoftgraph provides an Omniauth strategy for the Microsoft Graph API. Prior to versions 2.0.0, the implementation did not validate the legitimacy of the email attribute of the user nor did it give/document an option to do so, making it susceptible to nOAuth misconfiguration in cases...

8.6CVSS9.6AI score0.00904EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/12/19 3:43 p.m.65 views

CVE-2023-46261

An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service DoS or code execution...

9.8CVSS9.8AI score0.11337EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/11/12 9:16 p.m.65 views

CVE-2023-29425 WordPress ShiftController Employee Shift Scheduling Plugin <= 4.9.23 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in plainware.Com ShiftController Employee Shift Scheduling plugin = 4.9.23 versions...

5.4CVSS9AI score0.00264EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/09/16 8:31 p.m.65 views

CVE-2023-5012 Topaz OFD Protection Module Warsaw core.exe unquoted search path

A vulnerability, which was classified as problematic, was found in Topaz OFD 2.11.0.201. This affects an unknown part of the file C:\Program Files\Topaz OFD\Warsaw\core.exe of the component Protection Module Warsaw. The manipulation leads to unquoted search path. Attacking locally is a requiremen...

5.3CVSS7.8AI score0.00194EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/09/07 10:11 p.m.65 views

CVE-2023-40029 Cluster secret might leak in cluster details page in Argo CD

Argo CD is a declarative continuous deployment for Kubernetes. Argo CD Cluster secrets might be managed declaratively using Argo CD / kubectl apply. As a result, the full secret body is stored inkubectl.kubernetes.io/last-applied-configuration annotation. pull request 7139 introduced the ability ...

9.9CVSS9.5AI score0.00975EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/08/25 8:12 p.m.65 views

CVE-2023-40164 Notepad++ global buffer read overflow in nsCodingStateMachine::NextState

Notepad++ is a free and open-source source code editor. Versions 8.5.6 and prior are vulnerable to global buffer read overflow in nsCodingStateMachine::NextStater. The exploitability of this issue is not clear. Potentially, it may be used to leak internal memory allocation information. As of time...

5.5CVSS6.1AI score0.00549EPSS
Exploits1References1
Total number of security vulnerabilities5000