Lucene search
K
CvelistMost viewed

364899 matches found

Cvelist
Cvelist
•added 2023/01/27 6:12 p.m.•66 views

CVE-2021-41231 OpenMage LTS DataFlow upload remote code execution vulnerability

OpenMage LTS is an e-commerce platform. Prior to versions 19.4.22 and 20.0.19, an administrator with the permissions to upload files via DataFlow and to create products was able to execute arbitrary code via the convert profile. Versions 19.4.22 and 20.0.19 contain a patch for this issue...

7.2CVSS7.5AI score0.01235EPSS
Exploits0References4
Cvelist
Cvelist
•added 2022/11/24 11:22 p.m.•66 views

CVE-2022-29827

Use of Hard-coded Cryptographic Key vulnerability in Mitsubishi Electric GX Works3 versions from 1.000A and later allows a remote unauthenticated attacker to disclose sensitive information. As a result, unauthenticated attackers may view programs and project files or execute programs illegally...

6.8CVSS7.8AI score0.01032EPSS
Exploits0References3
Cvelist
Cvelist
•added 2022/08/22 3:1 p.m.•66 views

CVE-2022-2361 Social Chat < 6.0.5 - Admin+ Stored Cross-Site Scripting

The WP Social Chat WordPress plugin before 6.0.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks...

5AI score0.00513EPSS
Exploits1References1
Cvelist
Cvelist
•added 2022/06/01 4:47 p.m.•66 views

CVE-2021-43306 Exponential ReDoS in jquery-validation

An exponential ReDoS Regular Expression Denial of Service can be triggered in the jquery-validation npm package, when an attacker is able to supply arbitrary input to the url2 method...

5.9CVSS7.8AI score0.01327EPSS
Exploits1References1
Cvelist
Cvelist
•added 2022/02/18 7:51 p.m.•66 views

CVE-2022-24052

MariaDB CONNECT Storage Engine Heap-based Buffer Overflow Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the...

7CVSS8.3AI score0.00689EPSS
Exploits0References6
Cvelist
Cvelist
•added 2021/12/22 5:12 p.m.•66 views

CVE-2021-45261

An Invalid Pointer vulnerability exists in GNU patch 2.7 via the anotherhunk function, which causes a Denial of Service...

5.6AI score0.00705EPSS
Exploits1References1
Cvelist
Cvelist
•added 2021/07/07 8:5 p.m.•66 views

CVE-2021-32715 Lenient Parsing of Content-Length Header When Prefixed with Plus Sign

hyper is an HTTP library for rust. hyper's HTTP/1 server code had a flaw that incorrectly parses and accepts requests with a Content-Length header with a prefixed plus sign, when it should have been rejected as illegal. This combined with an upstream HTTP proxy that doesn't parse such...

3.1CVSS5.6AI score0.00886EPSS
Exploits1References2
Cvelist
Cvelist
•added 2021/06/01 12:28 p.m.•66 views

CVE-2021-23017

A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact...

7.9AI score0.53461EPSS
Exploits10References14
Cvelist
Cvelist
•added 2021/02/14 3:43 a.m.•66 views

CVE-2021-26929

An XSS issue was discovered in Horde Groupware Webmail Edition through 5.2.22 where the HordeTextFilter library before 2.3.7 is used. The attacker can send a plain text e-mail message, with JavaScript encoded as a link or email that is mishandled by preProcess in Text2html.php, because bespoke us...

6.1AI score0.04944EPSS
Exploits7References7
Cvelist
Cvelist
•added 2020/12/16 12:0 a.m.•66 views

CVE-2020-35476

A remote code execution vulnerability occurs in OpenTSDB through 2.4.0 via command injection in the yrange parameter. The yrange value is written to a gnuplot file in the /tmp directory. This file is then executed via the mygnuplot.sh shell script. tsd/GraphHandler.java attempted to prevent comma...

9.9AI score0.8533EPSS
Exploits5References2
Cvelist
Cvelist
•added 2020/08/07 3:36 p.m.•66 views

CVE-2020-11985

IP address spoofing when proxying using modremoteip and modrewrite For configurations using proxying with modremoteip and certain modrewrite rules, an attacker could spoof their IP address for logging and PHP scripts. Note this issue was fixed in Apache HTTP Server 2.4.24 but was retrospectively...

6.1AI score0.06808EPSS
Exploits0References16
Cvelist
Cvelist
•added 2019/09/16 5:50 p.m.•66 views

CVE-2019-16370

The PGP signing plugin in Gradle before 6.0 relies on the SHA-1 algorithm, which might allow an attacker to replace an artifact with a different one that has the same SHA-1 message digest, a related issue to CVE-2005-4900...

5.9AI score0.01025EPSS
Exploits1References2
Cvelist
Cvelist
•added 2019/09/04 11:31 a.m.•66 views

CVE-2019-12587

The EAP peer implementation in Espressif ESP-IDF 2.0.0 through 4.0.0 and ESP8266NONOSSDK 2.2.0 through 3.1.0 allows the installation of a zero Pairwise Master Key PMK after the completion of any EAP authentication method, which allows attackers in radio range to replay, decrypt, or spoof frames v...

8.1AI score0.00804EPSS
Exploits2References3
Cvelist
Cvelist
•added 2019/04/17 2:3 p.m.•67 views

CVE-2019-10949

Delta Industrial Automation CNCSoft, CNCSoft ScreenEditor Version 1.00.88 and prior. Multiple out-of-bounds read vulnerabilities may be exploited, allowing information disclosure due to a lack of user input validation for processing specially crafted project files...

5.4AI score0.0241EPSS
Exploits0References13
Cvelist
Cvelist
•added 2017/07/26 3:0 p.m.•66 views

CVE-2017-11658

In the WP Rocket plugin 2.9.3 for WordPress, the Local File Inclusion mitigation technique is to trim traversal characters .. -- however, this is insufficient to stop remote attacks and can be bypassed by using 0x00 bytes, as demonstrated by a .%00.../.%00.../ attack...

7.5AI score0.03327EPSS
Exploits1References3
Cvelist
Cvelist
•added 2017/04/24 7:0 p.m.•66 views

CVE-2017-3453

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple...

6.5AI score0.03078EPSS
Exploits0References10
Cvelist
Cvelist
•added 2016/12/13 9:0 p.m.•66 views

CVE-2016-6664

mysqldsafe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17, when...

6.7AI score0.0308EPSS
Exploits10References15
Cvelist
Cvelist
•added 2016/05/16 10:0 a.m.•66 views

CVE-2015-3152

Oracle MySQL before 5.7.3, Oracle MySQL Connector/C aka libmysqlclient before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, aka a "BACKRONYM" attack...

5.8AI score0.07083EPSS
Exploits1References17
Cvelist
Cvelist
•added 2014/10/15 3:15 p.m.•66 views

CVE-2014-4274

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier and 5.6.19 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to SERVER:MyISAM...

6.4AI score0.0034EPSS
Exploits0References4
Cvelist
Cvelist
•added 2014/04/15 10:0 a.m.•66 views

CVE-2013-5704

The modheaders module in the Apache HTTP Server 2.2.22 allows remote attackers to bypass "RequestHeader unset" directives by placing a header in the trailer portion of data sent with chunked transfer coding. NOTE: the vendor states "this is not a security issue in httpd as such."...

4.8AI score0.60205EPSS
Exploits2References47
Cvelist
Cvelist
•added 2014/03/18 1:0 a.m.•66 views

CVE-2013-6438

The davxmlgetcdata function in main/util.c in the moddav module in the Apache HTTP Server before 2.4.8 does not properly remove whitespace characters from CDATA sections, which allows remote attackers to cause a denial of service daemon crash via a crafted DAV WRITE request...

7AI score0.26831EPSS
Exploits2References48
Cvelist
Cvelist
•added 2013/11/02 7:0 p.m.•66 views

CVE-2013-4477

The LDAP backend in OpenStack Identity Keystone Grizzly and Havana, when removing a role on a tenant for a user who does not have that role, adds the role to the user, which allows local users to gain privileges...

6.2AI score0.00444EPSS
Exploits1References4
Cvelist
Cvelist
•added 2012/07/10 9:0 p.m.•66 views

CVE-2012-1854

Untrusted search path vulnerability in VBE6.dll in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Microsoft Visual Basic for Applications VBA; and Summit Microsoft Visual Basic for Applications SDK allows local users to gain privileges via a Trojan horse DLL in the current...

6.3AI score0.21028EPSS
Exploits0References3
Cvelist
Cvelist
•added 2011/01/25 6:0 p.m.•66 views

CVE-2011-0021

Multiple heap-based buffer overflows in cdg.c in the CDG decoder in VideoLAN VLC Media Player before 1.1.6 allow remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted CDG video...

7.7AI score0.0578EPSS
Exploits0References8
Cvelist
Cvelist
•added 2010/08/04 7:0 p.m.•66 views

CVE-2010-1871

JBoss Seam 2 jboss-seam2, as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, does not properly sanitize inputs for JBoss Expression Language EL expressions, which allows remote attackers to execute arbitrary code via a crafted URL. NOTE: this is only a vulnerability when th...

7.4AI score0.83397EPSS
Exploits8References8
Cvelist
Cvelist
•added 2006/12/26 11:0 p.m.•66 views

CVE-2006-6745

Multiple unspecified vulnerabilities in Sun Java Development Kit JDK and Java Runtime Environment JRE 5.0 Update 7 and earlier, and Java System Development Kit SDK and JRE 1.4.212 and earlier 1.4.x versions, allow attackers to develop Java applets or applications that are able to gain privileges,...

6.6AI score0.03058EPSS
Exploits0References35
Cvelist
Cvelist
•added 2026/06/23 4:28 p.m.•65 views

CVE-2026-55255 Langflow: IDOR Vulnerability in `/api/v1/responses` Endpoint Allows Authenticated Attackers to Access Another User's Flow

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to 1.9.1, an Insecure Direct Object Reference IDOR vulnerability in /api/v1/responses endpoint allows an authenticated attacker to execute any flow belonging to another user by specifying the victim's flow ID in...

8.4CVSS0.00467EPSS
Exploits2References3
Cvelist
Cvelist
•added 2026/06/12 5:12 p.m.•65 views

CVE-2026-47225 Improper Search Cache Isolation for Scoped Search API Keys in Typesense

Typesense is a fast, typo-tolerant search engine. Prior to versions 29.1 and 30.2, there is a cache isolation issue affecting search requests that use both server-side search result caching and Scoped Search API Keys. Under specific request ordering, cached search results could be reused across...

6CVSS0.00226EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/06/08 11:27 p.m.•65 views

CVE-2026-11645

Out of bounds read and write in V8 in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

0.01654EPSS
Exploits4References2
Cvelist
Cvelist
•added 2026/05/29 9:50 a.m.•65 views

CVE-2026-46579 Openshift/router: openshift/router: mtls client certificate spoofing via unstripped x-ssl-client headers on http frontend

A flaw was found in the OpenShift Router. When a Route has insecureEdgeTerminationPolicy set to Allow, the HTTP frontend does not remove X-SSL-Client- headers from incoming requests. This allows an unauthenticated attacker to send plain HTTP requests with crafted X-SSL-Client- headers. As a resul...

7.4CVSS0.0023EPSS
Exploits0References5
Cvelist
Cvelist
•added 2026/05/17 10:0 p.m.•65 views

CVE-2026-8765 Kilo-Org kilocode File Diff API Endpoint worktree-diff.ts Bun.file path traversal

A vulnerability was detected in Kilo-Org kilocode up to 7.0.47. This vulnerability affects the function Bun.file of the file packages/opencode/src/kilocode/review/worktree-diff.ts of the component File Diff API Endpoint. Performing a manipulation of the argument File results in path traversal. It...

5.3CVSS0.0058EPSS
Exploits1References4
Cvelist
Cvelist
•added 2026/05/14 1:0 p.m.•65 views

CVE-2026-6475 PostgreSQL pg_basebackup and pg_rewind can overwrite unrelated files of origin superuser choice

Symlink following in PostgreSQL pgbasebackup plain format and in pgrewind allows an origin superuser to overwrite local files, e.g. /var/lib/postgres/.bashrc, that hijack the operating system account. It will remain the case that starting the server after these commands implicitly trusts the orig...

8.8CVSS0.00324EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/05/14 1:0 p.m.•65 views

CVE-2026-6472 PostgreSQL CREATE TYPE does not check multirange schema CREATE privilege

Missing authorization in PostgreSQL CREATE TYPE allows an object creator to hijack other queries that use searchpath to find user-defined types, including extension-defined types. That is to say, the victim will execute arbitrary SQL functions of the attacker's choice. Versions before PostgreSQL...

5.4CVSS0.00159EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/05/13 10:24 p.m.•65 views

CVE-2026-8500 Web::Passwd versions through 0.03 for Perl is vulnerable to RCE

Web::Passwd versions through 0.03 for Perl is vulnerable to RCE. Web::Passwd is a small CGI application for managing htpasswd files using the htpasswd command. The user parameter is not validated or escaped, and is used as the last argument on the command line, allowing for command injection...

0.01653EPSS
Exploits0References2
Cvelist
Cvelist
•added 2026/05/12 11:0 p.m.•65 views

CVE-2026-42156 Flowsint: Cypher query injection in node type on node creation

Flowsint is an open-source OSINT graph exploration tool designed for cybersecurity investigation, transparency, and verification. Prior to 1.2.3, a remote attacker can create a node with a malicious type that can escape an existing Cypher query and an adversary can execute an arbitrary Cypher...

7.1CVSS0.00285EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/05/12 10:24 p.m.•65 views

CVE-2026-5371 MonsterInsights <= 10.1.2 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Exposure And Plugin Integration Reset

The MonsterInsights – Google Analytics Dashboard for WordPress Website Stats Made Easy plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability checks on the getadsaccesstoken and resetexperience functions in all versions up to, and including,...

7.1CVSS0.00349EPSS
Exploits0References4
Cvelist
Cvelist
•added 2026/05/12 8:25 p.m.•65 views

CVE-2026-44011 Craft CMS: Potential authenticated Remote Code Execution via malicious attached Behavior

Craft CMS is a content management system CMS. From 4.0.0 to before 4.17.12 and 5.9.18, Craft CMS which contains an input-handling flaw in a Yii object creation path that let any authenticated user inject malicious configuration and execute arbitrary commands on the server. The request-controlled...

8.6CVSS0.00346EPSS
Exploits0References2
Cvelist
Cvelist
•added 2026/05/12 5:21 a.m.•65 views

CVE-2026-41530

The automatic folder creation feature of Lhaz and Lhaz+ provided by Chitora soft contains a path traversal vulnerability. When the affected product is configured with the automatic folder creation feature enabled, and a product user tries to extract an archive file which has a crafted file name,...

4.6CVSS0.0015EPSS
Exploits0References2
Cvelist
Cvelist
•added 2026/05/11 5:40 p.m.•65 views

CVE-2026-42860 Open edx Enterprise Service: SSRF via SAML metadata URL in sync_provider_data endpoint

The Open edx Enterprise Service app provides enterprise features to the Open edX platform. From 7.0.2 to 7.0.4, the syncproviderdata endpoint in SAMLProviderDataViewSet fetches SAML metadata from a URL stored in SAMLProviderConfig.metadatasource. An authenticated user with the Enterprise Admin ro...

8.5CVSS0.00301EPSS
Exploits1References1
Cvelist
Cvelist
•added 2026/05/10 11:15 p.m.•65 views

CVE-2026-8252 Open5GS SMF smf_nsmf_handle_create_data_in_hsmf null pointer dereference

A vulnerability was determined in Open5GS up to 2.7.7. Affected is the function smfnsmfhandlecreatedatainhsmf of the component SMF. Executing a manipulation can lead to null pointer dereference. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized...

5.3CVSS0.00378EPSS
Exploits1References5
Cvelist
Cvelist
•added 2026/05/10 12:12 p.m.•65 views

CVE-2022-50962 uBidAuction 2.0.1 myOrders Reflected XSS

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the orders/myOrders module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted GET reques...

6.1CVSS0.00252EPSS
Exploits0References4
Cvelist
Cvelist
•added 2026/05/09 12:43 a.m.•65 views

CVE-2026-6664 PgBouncer integer overflow in PgBouncer network packet parsing

An integer overflow in network packet parsing code in PgBouncer before 1.25.2 bypasses a boundary check and can lead to a crash. An unauthenticated remote attacker can crash PgBouncer with a malformed SCRAM authentication packet...

7.5CVSS0.00698EPSS
Exploits1References1
Cvelist
Cvelist
•added 2026/05/08 10:2 p.m.•65 views

CVE-2026-42224 ipl/web is vulnerable to reflected XSS by malformed search requests

ipl/web is a set of common web components for php projects. Prior to versions 0.13.1 and 0.10.3, the vulnerability allows an attacker to inject malicious Javascript into a victim's browser to run it in the context of Icinga Web. The victim needs to visit a specifically prepared website and may ha...

7.6CVSS0.00259EPSS
Exploits0References4
Cvelist
Cvelist
•added 2026/05/08 3:8 p.m.•65 views

CVE-2026-44497 ZEBRA: Consensus Divergence in Transparent Sighash Hash-Type Handling due to Stale Buffer

ZEBRA is a Zcash node written entirely in Rust. Prior to zebrad version 4.4.0 and prior to zebra-script version 6.0.0, the fix for CVE-2026-41583 introduced a separate issue due to insufficient error handling of the case where the sighash type is invalid, during sighash computation. Instead of...

9.3CVSS0.00188EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/05/08 12:0 a.m.•65 views

CVE-2025-69690

Netgate pfSense CE 2.7.2 allows code execution by using the module installer with a backup file with a serialized PHP object containing the postrebootcommands property. NOTE: the Supplier disputes this because this installer is only available to admins and they are intentionally allowed to execut...

0.00634EPSS
Exploits4References2
Cvelist
Cvelist
•added 2026/05/06 11:28 a.m.•65 views

CVE-2026-43198 tcp: fix potential race in tcp_v6_syn_recv_sock()

In the Linux kernel, the following vulnerability has been resolved: tcp: fix potential race in tcpv6synrecvsock Code in tcpv6synrecvsock after the call to tcpv4synrecvsock is done too late. After tcpv4synrecvsock, the child socket is already visible from TCP ehash table and other cpus might use i...

9.8CVSS0.00298EPSS
Exploits0References3
Cvelist
Cvelist
•added 2026/05/04 7:12 p.m.•65 views

CVE-2026-41924 WDR201A WiFi Extender OS Command Injection via makeRequest.cgi

WDR201A WiFi Extender HW V2.1, FW LFMZX28040922V1.02 contains an OS command injection vulnerability in the makeRequest.cgi binary that allows unauthenticated remote attackers to execute arbitrary shell commands by injecting malicious input into the settime or StartSniffer functions. Attackers can...

9.3CVSS0.02707EPSS
Exploits0References3
Cvelist
Cvelist
•added 2026/04/30 12:0 a.m.•65 views

CVE-2026-40687

In Exim before 4.99.2, when the SPA authentication driver is used with an adversarial SPA resource, there can be an out-of-bounds write that crashes the connection instance, or erroneous data processing that divulges data from uninitialized heap memory...

4.8CVSS0.00373EPSS
Exploits0References4
Cvelist
Cvelist
•added 2026/04/28 12:0 a.m.•65 views

CVE-2026-42167

modsql in ProFTPD before 1.3.9a allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an expansion such as %U, and the SQL backend allows commands e.g., COPY TO PROGRAM...

8.1CVSS0.04438EPSS
Exploits7References5
Cvelist
Cvelist
•added 2026/03/15 4:2 p.m.•65 views

CVE-2026-4181 D-Link DIR-816 goahead form2RepeaterStep2.cgi stack-based overflow

A security flaw has been discovered in D-Link DIR-816 1.10CNB05. This affects an unknown function of the file /goform/form2RepeaterStep2.cgi of the component goahead. The manipulation of the argument key1/key2/key3/key4/pskValue results in stack-based buffer overflow. The attack may be launched...

10CVSS0.01184EPSS
Exploits1References5
Total number of security vulnerabilities5000