Lucene search
K
CvelistMost viewed

364940 matches found

Cvelist
Cvelist
•added 2026/05/09 12:43 a.m.•66 views

CVE-2026-6664 PgBouncer integer overflow in PgBouncer network packet parsing

An integer overflow in network packet parsing code in PgBouncer before 1.25.2 bypasses a boundary check and can lead to a crash. An unauthenticated remote attacker can crash PgBouncer with a malformed SCRAM authentication packet...

7.5CVSS0.00698EPSS
Exploits1References1
Cvelist
Cvelist
•added 2026/05/08 2:22 p.m.•66 views

CVE-2026-43439 cgroup: fix race between task migration and iteration

In the Linux kernel, the following vulnerability has been resolved: cgroup: fix race between task migration and iteration When a task is migrated out of a cssset, cgroupmigrateaddtask first moves it from cset-tasks to cset-mgtasks via: listmovetail&task-cglist, &cset-mgtasks; If a csstaskiter...

0.00089EPSS
Exploits0References8
Cvelist
Cvelist
•added 2026/05/08 2:0 a.m.•66 views

CVE-2026-6737

An Exposed IOCTL with Insufficient Access Control vulnerability in AsusPTPFilter allows a local user to bypass driver security mechanisms and obtain restricted touchpad information or render the touchpad unusable via crafted IOCTL requests.Refer to the ' Security Update for ASUS Precision...

2CVSS0.00092EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/05/07 7:41 p.m.•66 views

CVE-2026-42499 Quadratic string concatenation in consumePhrase in net/mail

Pathological inputs could cause DoS through consumePhrase when parsing an email address according to RFC 5322...

0.00798EPSS
Exploits0References4
Cvelist
Cvelist
•added 2026/05/06 11:29 a.m.•66 views

CVE-2026-43282 RDMA/ionic: Fix potential NULL pointer dereference in ionic_query_port

In the Linux kernel, the following vulnerability has been resolved: RDMA/ionic: Fix potential NULL pointer dereference in ionicqueryport The function ionicqueryport calls ibdevicegetnetdev without checking the return value which could lead to NULL pointer dereference, Fix it by checking the retur...

0.00112EPSS
Exploits0References3
Cvelist
Cvelist
•added 2026/05/05 7:15 p.m.•66 views

CVE-2026-7857 D-Link DI-8100 CGI user_group.asp sprintf buffer overflow

A vulnerability has been found in D-Link DI-8100 16.07.26A1. This vulnerability affects the function sprintf of the file /usergroup.asp of the component CGI Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and m...

8.6CVSS0.04164EPSS
Exploits1References5
Cvelist
Cvelist
•added 2026/05/05 2:26 a.m.•66 views

CVE-2026-1921 Loco Translate <= 2.8.2 - Authenticated (Translator+) Path Traversal to Limited File Read via 'ref' Parameter

The Loco Translate plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 2.8.2 via the fsReference AJAX route. This is due to the findSourceFile method normalizing user-supplied ref paths containing ../ directory traversal sequences without validating that the...

4.9CVSS0.0064EPSS
Exploits0References7
Cvelist
Cvelist
•added 2026/05/05 12:0 a.m.•66 views

CVE-2026-7788 Axle-Bucamp MCP-Docusaurus document.py get_content path traversal

A security flaw has been discovered in Axle-Bucamp MCP-Docusaurus up to 404bc028e15ec304c9a045528560f4b5f27a17e0. The affected element is the function updatedocument/continuedocument/deletedocument/getcontent of the file app/routes/document.py. Performing a manipulation of the argument DOCSDIR/pa...

7.5CVSS0.0041EPSS
Exploits0References5
Cvelist
Cvelist
•added 2026/04/30 12:0 a.m.•66 views

CVE-2026-40686

In Exim before 4.99.2, when utf8 operators are enabled, there is an out-of-bounds read if large UTF-8 trailing characters are present malformed UTF-8 header data. Information might be divulged within an error message produced during handling of an unrelated e-mail message...

3.7CVSS0.00246EPSS
Exploits0References4
Cvelist
Cvelist
•added 2026/04/28 4:43 p.m.•66 views

CVE-2026-6238 Buffer overread in ns_printrrf with corrupted RDATA field

The deprecated functions nsprintrrf, nsprintrr and fpnquery in the GNU C Library version 2.0.1 to version 2.43 fail to validate the RDATA content against the RDATA length in a DNS response when processing A6, CERT, LOC, TKEY or TSIG records, which may allow an attacker to craft a DNS response,...

0.00311EPSS
Exploits0References2
Cvelist
Cvelist
•added 2026/04/27 3:28 p.m.•66 views

CVE-2026-6970 authd Denial of Service and Local Privilege Escalation

authd prior to version 0.6.4 contains a logic error in primary group ID assignment that can lead to local privilege escalation. When a user's primary group ID GID differs from their UID, either because the account was created with authd prior to version 0.5.4 or because the primary group was...

7.3CVSS0.0011EPSS
Exploits0References2
Cvelist
Cvelist
•added 2026/04/10 5:54 p.m.•66 views

CVE-2026-1502 HTTP client proxy tunnel headers not validated for CR/LF

CR/LF bytes were not rejected by HTTP client proxy tunnel headers or host...

5.7CVSS0.00562EPSS
Exploits0References9
Cvelist
Cvelist
•added 2026/04/01 12:22 p.m.•66 views

CVE-2026-29014 MetInfo CMS Unauthenticated PHP Code Injection RCE

MetInfo CMS versions 7.9, 8.0, and 8.1 contain an unauthenticated PHP code injection vulnerability that allows remote attackers to execute arbitrary code by sending crafted requests with malicious PHP code. Attackers can exploit insufficient input neutralization in the execution path to achieve...

9.8CVSS0.39688EPSS
Exploits4References3
Cvelist
Cvelist
•added 2026/03/30 7:47 a.m.•66 views

CVE-2026-5121 Libarchive: libarchive: arbitrary code execution via integer overflow in iso9660 image processing

A flaw was found in libarchive. On 32-bit systems, an integer overflow vulnerability exists in the zisofs block pointer allocation logic. A remote attacker can exploit this by providing a specially crafted ISO9660 image, which can lead to a heap buffer overflow. This could potentially allow for...

7.5CVSS0.01073EPSS
Exploits0References36
Cvelist
Cvelist
•added 2026/03/27 4:13 p.m.•66 views

CVE-2026-28369 Undertow: undertow: request smuggling via malformed http request headers

A flaw was found in Undertow. When Undertow receives an HTTP request where the first header line starts with one or more spaces, it incorrectly processes the request by stripping these leading spaces. This behavior, which violates HTTP standards, can be exploited by a remote attacker to perform...

8.7CVSS0.00677EPSS
Exploits0References4
Cvelist
Cvelist
•added 2026/01/27 2:23 p.m.•66 views

CVE-2026-1470 Authenticated users can bypass the Expression sandbox mechanism to achieve full remote code execution on n8n’s main node.

n8n contains a critical Remote Code Execution RCE vulnerability in its workflow Expression evaluation system. Expressions supplied by authenticated users during workflow configuration may be evaluated in an execution context that is not sufficiently isolated from the underlying runtime. An...

9.9CVSS0.18071EPSS
Exploits2References2
Cvelist
Cvelist
•added 2026/01/19 9:16 p.m.•66 views

CVE-2026-23944 Arcane allows unauthenticated proxy access to remote environments

Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to version 1.13.2, unauthenticated requests could be proxied to remote environment agents, allowing access to remote environment resources without authentication. The environment proxy middleware handled...

9.3CVSS0.00445EPSS
Exploits0References4
Cvelist
Cvelist
•added 2025/08/14 10:2 a.m.•66 views

CVE-2025-8956 D-Link DIR‑818L ssdpcgi cgibin getenv command injection

A vulnerability was found in D-Link DIR‑818L up to 1.05B01. This issue affects the function getenv of the file /htdocs/cgibin of the component ssdpcgi. The manipulation leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used...

6.5CVSS0.18145EPSS
Exploits1References5
Cvelist
Cvelist
•added 2025/07/10 1:53 p.m.•66 views

CVE-2025-7425 Libxslt: libxml2: heap use-after-free in libxslt caused by atype corruption in xmlattrptr

A flaw was found in libxslt where the attribute type, atype, flags are modified in a way that corrupts internal memory management. When XSLT functions, such as the key process, result in tree fragments, this corruption prevents the proper cleanup of ID attributes. As a result, the system may acce...

7.8CVSS0.00339EPSS
Exploits1References32
Cvelist
Cvelist
•added 2025/06/10 7:52 a.m.•66 views

CVE-2025-27818 Apache Kafka: Possible RCE attack via SASL JAAS LdapLoginModule configuration

A possible security vulnerability has been identified in Apache Kafka. This requires access to a alterConfig to the cluster resource, or Kafka Connect worker, and the ability to create/modify connectors on it with an arbitrary Kafka client SASL JAAS config and a SASL-based security protocol, whic...

0.00881EPSS
Exploits0References1
Cvelist
Cvelist
•added 2025/05/06 8:22 p.m.•66 views

CVE-2025-46573 passport-wsfed-saml2 Has SAML Authentication Bypass via Attribute Smuggling

passport-wsfed-saml2 provides passport strategy for both WS-fed and SAML2 protocol. A vulnerability present starting in version 3.0.5 up to and including version 4.6.3 allows an attacker to impersonate any user during SAML authentication by tampering with a valid SAML response. This can be done b...

8.6CVSS0.00326EPSS
Exploits0References2
Cvelist
Cvelist
•added 2025/04/30 2:55 p.m.•66 views

CVE-2025-32973 org.xwiki.platform:xwiki-platform-component-wiki provides no warning when granting XWiki.ComponentClass programming right

XWiki is a generic wiki platform. In versions starting from 15.9-rc-1 to before 15.10.12, from 16.0.0-rc-1 to before 16.4.3, and from 16.5.0-rc-1 to before 16.8.0-rc-1, when a user with programming rights edits a document in XWiki that was last edited by a user without programming rights and...

9CVSS0.00338EPSS
Exploits1References3
Cvelist
Cvelist
•added 2025/04/24 4:8 p.m.•66 views

CVE-2025-39399 WordPress License For Envato plugin <= 1.0.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Ashraful Sarkar Naiem License For Envato license-envato allows PHP Local File Inclusion.This issue affects License For Envato: from n/a through = 1.0.0...

7.5CVSS0.00611EPSS
Exploits0References1
Cvelist
Cvelist
•added 2025/04/23 11:36 a.m.•66 views

CVE-2025-2703

The built-in XY Chart plugin is vulnerable to a DOM XSS vulnerability. A user with Editor permissions is able to modify such a panel in order to make it execute arbitrary JavaScript...

6.8CVSS0.12241EPSS
Exploits0References2
Cvelist
Cvelist
•added 2025/03/06 12:0 a.m.•66 views

CVE-2025-26699

An issue was discovered in Django 5.1 before 5.1.7, 5.0 before 5.0.13, and 4.2 before 4.2.20. The django.utils.text.wrap method and wordwrap template filter are subject to a potential denial-of-service attack when used with very long strings...

5CVSS0.00766EPSS
Exploits0References3
Cvelist
Cvelist
•added 2025/02/24 7:52 p.m.•66 views

CVE-2025-26529 Stored XSS risk in admin live log

Description information displayed in the site administration live log required additional sanitizing to prevent a stored XSS risk...

8.3CVSS0.00478EPSS
Exploits1References2
Cvelist
Cvelist
•added 2025/02/10 5:0 p.m.•66 views

CVE-2025-1151 GNU Binutils ld xmemdup.c xmemdup memory leak

A vulnerability was found in GNU Binutils 2.43. It has been rated as problematic. This issue affects the function xmemdup of the file xmemdup.c of the component ld. The manipulation leads to memory leak. The attack may be initiated remotely. The complexity of an attack is rather high. The...

3.1CVSS0.00595EPSS
Exploits1References5
Cvelist
Cvelist
•added 2024/12/12 9:4 a.m.•66 views

CVE-2024-4109

...

Exploits0
Cvelist
Cvelist
•added 2024/10/10 9:57 a.m.•66 views

CVE-2024-45118 Adobe Commerce | Improper Access Control (CWE-284)

Adobe Commerce versions 2.4.7-p2, 2.4.6-p7, 2.4.5-p9, 2.4.4-p10 and earlier are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. A low-privileged attacker could leverage this vulnerability to bypass security measures and have high impact on...

6.5CVSS0.00626EPSS
Exploits0References1
Cvelist
Cvelist
•added 2024/10/07 8:15 p.m.•66 views

CVE-2024-45060 Unauthenticated Cross-Site-Scripting (XSS) in sample file in PHPSpreadsheet

PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. One of the sample scripts in PhpSpreadsheet is susceptible to a cross-site scripting XSS vulnerability due to improper handling of input where a number is expected leading to formula injection. The code in in...

7.1CVSS0.00466EPSS
Exploits1References2
Cvelist
Cvelist
•added 2024/09/13 12:0 a.m.•66 views

CVE-2024-39925

An issue was discovered in Vaultwarden formerly BitwardenRS 1.30.3. It lacks an offboarding process for members who leave an organization. As a result, the shared organization key is not rotated when a member departs. Consequently, the departing member, whose access should be revoked, retains a...

0.00573EPSS
Exploits0References3
Cvelist
Cvelist
•added 2024/09/09 6:49 p.m.•66 views

CVE-2024-7260 Keycloak-core: open redirect on account page

An open redirect vulnerability was found in Keycloak. A specially crafted URL can be constructed where the referrer and referreruri parameters are made to trick a user to visit a malicious webpage. A trusted URL can trick users and automation into believing that the URL is safe, when, in fact, it...

6.1CVSS0.00546EPSS
Exploits0References4
Cvelist
Cvelist
•added 2024/09/07 7:43 a.m.•66 views

CVE-2024-45498 Apache Airflow: Command Injection in an example DAG

Example DAG: exampleinleteventextra.py shipped with Apache Airflow version 2.10.0 has a vulnerability that allows an authenticated attacker with only DAG trigger permission to execute arbitrary commands. If you used that example as the base of your DAGs - please review if you have not copied the...

0.01237EPSS
Exploits0References2
Cvelist
Cvelist
•added 2024/08/05 11:31 a.m.•66 views

CVE-2024-2937 Mali GPU Kernel Driver allows improper GPU memory processing operations

Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user to make improper GPU memory processing operations to gain access to already freed memory.This issue affects...

0.00222EPSS
Exploits0References1
Cvelist
Cvelist
•added 2024/07/31 3:44 p.m.•66 views

CVE-2024-39694 Duende IdentityServer Open Redirect vulnerability

Duende IdentityServer is an OpenID Connect and OAuth 2.x framework for ASP.NET Core. It is possible for an attacker to craft malicious Urls that certain functions in IdentityServer will incorrectly treat as local and trusted. If such a Url is returned as a redirect, some browsers will follow it t...

4.7CVSS0.00534EPSS
Exploits0References6
Cvelist
Cvelist
•added 2024/07/17 10:52 a.m.•66 views

CVE-2024-27311 Arbitrary file writing

Zohocorp ManageEngine DDI Central versions 4001 and prior were vulnerable to directory traversal vulnerability which allows the user to upload new files to the server folder...

5.5CVSS0.01459EPSS
Exploits0References1
Cvelist
Cvelist
•added 2024/07/08 9:21 p.m.•66 views

CVE-2024-3653 Undertow: learningpushhandler can lead to remote memory dos attacks

A vulnerability was found in Undertow. This issue requires enabling the learning-push handler in the server's config, which is disabled by default, leaving the maxAge config in the handler unconfigured. The default is -1, which makes the handler vulnerable. If someone overwrites that config, the...

5.3CVSS0.01866EPSS
Exploits0References8
Cvelist
Cvelist
•added 2024/07/08 3:32 p.m.•66 views

CVE-2024-39699 Directus has a Blind SSRF On File Import

Directus is a real-time API and App dashboard for managing SQL database content. There was already a reported SSRF vulnerability via file import. It was fixed by resolving all DNS names and checking if the requested IP is an internal IP address. However it is possible to bypass this security...

5CVSS0.00435EPSS
Exploits1References2
Cvelist
Cvelist
•added 2024/06/06 12:0 a.m.•66 views

CVE-2024-33655

The DNS protocol in RFC 1035 and updates allows remote attackers to cause a denial of service resource consumption by arranging for DNS queries to be accumulated for seconds, such that responses are later sent in a pulsing burst which can be considered traffic amplification in some cases, aka the...

0.01729EPSS
Exploits0References12
Cvelist
Cvelist
•added 2024/05/16 1:39 p.m.•66 views

CVE-2023-46842 x86 HVM hypercalls may trigger Xen bug check

Unlike 32-bit PV guests, HVM guests may switch freely between 64-bit and other modes. This in particular means that they may set registers used to pass 32-bit-mode hypercall arguments to values outside of the range 32-bit code would be able to set them to. When processing of hypercalls takes a...

6.5AI score0.0853EPSS
Exploits0References1
Cvelist
Cvelist
•added 2024/05/01 2:52 p.m.•66 views

CVE-2024-26305

There is a buffer overflow vulnerability in the underlying Utility daemon that could lead to unauthenticated remote code execution by sending specially crafted packets destined to the PAPI Aruba's access point management protocol UDP port 8211. Successful exploitation of this vulnerability result...

9.8CVSS10AI score0.15163EPSS
Exploits0References1
Cvelist
Cvelist
•added 2024/04/25 5:0 p.m.•66 views

CVE-2024-32481 vyper's range(start, start + N) reverts for negative numbers

Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. Starting in version 0.3.8 and prior to version 0.4.0b1, when looping over a range of the form rangestart, start + N, if start is negative, the execution will always revert. This issue is caused by an incorrect assertion...

5.3CVSS5.5AI score0.00791EPSS
Exploits1References4
Cvelist
Cvelist
•added 2024/03/18 6:32 p.m.•66 views

CVE-2024-21661 Argo CD Denial of Service (DoS) Vulnerability Due to Unsafe Array Modification in Multi-threaded Environment

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Prior to versions 2.8.13, 2.9.9, and 2.10.4, an attacker can exploit a critical flaw in the application to initiate a Denial of Service DoS attack, rendering the application inoperable and affecting all users. The issue...

7.5CVSS7.5AI score0.01176EPSS
Exploits1References5
Cvelist
Cvelist
•added 2024/02/27 3:25 p.m.•66 views

CVE-2024-26142 Rails possible ReDoS vulnerability in Accept header parsing in Action Dispatch

Rails is a web-application framework. Starting in version 7.1.0, there is a possible ReDoS vulnerability in the Accept header parsing routines of Action Dispatch. This vulnerability is patched in 7.1.3.1. Ruby 3.2 has mitigations for this problem, so Rails applications using Ruby 3.2 or newer are...

7.5CVSS7.7AI score0.01498EPSS
Exploits0References5
Cvelist
Cvelist
•added 2024/02/05 8:45 p.m.•66 views

CVE-2023-50782 Python-cryptography: bleichenbacher timing oracle attack against rsa decryption - incomplete fix for cve-2020-25659

A flaw was found in the python-cryptography package. This issue may allow a remote attacker to decrypt captured messages in TLS servers that use RSA key exchanges, which may lead to exposure of confidential or sensitive data...

7.5CVSS6.6AI score0.01118EPSS
Exploits0References2
Cvelist
Cvelist
•added 2024/01/05 4:31 p.m.•66 views

CVE-2023-34325 Multiple vulnerabilities in libfsimage disk handling

This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE. libfsimage contains parsing code for several filesystems, most of them based on grub-legacy code. libfsimage is used by pygrub to inspect guest disks. Pygrub runs as the...

8.4AI score0.00289EPSS
Exploits0References1
Cvelist
Cvelist
•added 2024/01/03 4:55 p.m.•66 views

CVE-2024-21631 Integer overflow in URI leading to potential host spoofing

Vapor is an HTTP web framework for Swift. Prior to version 4.90.0, Vapor's vaporurlparserparse function uses uint16t indexes when parsing a URI's components, which may cause integer overflows when parsing untrusted inputs. This vulnerability does not affect Vapor directly but could impact...

6.5CVSS6.8AI score0.00601EPSS
Exploits0References2
Cvelist
Cvelist
•added 2023/12/25 11:31 p.m.•66 views

CVE-2023-7107 code-projects E-Commerce Website user_signup.php sql injection

A vulnerability was found in code-projects E-Commerce Website 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file usersignup.php. The manipulation of the argument firstname/middlename/email/address/contact/username leads to sql injection. The attac...

7.5CVSS7.7AI score0.00924EPSS
Exploits1References3
Cvelist
Cvelist
•added 2023/12/22 8:36 p.m.•66 views

CVE-2023-50730 Grackle has StackOverflowError in GraphQL query processing

Grackle is a GraphQL server written in functional Scala, built on the Typelevel stack. The GraphQL specification requires that GraphQL fragments must not form cycles, either directly or indirectly. Prior to Grackle version 0.18.0, that requirement wasn't checked, and queries with cyclic fragments...

7.5CVSS7.9AI score0.00827EPSS
Exploits0References3
Cvelist
Cvelist
•added 2023/12/19 3:43 p.m.•66 views

CVE-2023-46257

An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service DoS or code execution...

9.8CVSS9.8AI score0.11337EPSS
Exploits0References1
Total number of security vulnerabilities5000