Lucene search
+L
CvelistMost viewed

367088 matches found

Cvelist
Cvelist
added 2021/12/01 2:50 p.m.68 views

CVE-2021-40154

NXP LPC55S69 devices before A3 have a buffer over-read via a crafted wlength value in a GET Descriptor Configuration request during use of USB In-System Programming ISP mode. This discloses protected flash memory...

6.1CVSS6.5AI score0.0073EPSS
Exploits1References2
Cvelist
Cvelist
added 2021/11/15 9:30 a.m.68 views

CVE-2021-42838 Grand Vice info Co. webopac7 - Reflected XSS

Grand Vice info Co. webopac7 book search field parameter does not properly restrict the input of special characters, thus unauthenticated attackers can inject JavaScript syntax remotely, and further perform reflective XSS attacks...

6.1CVSS6.3AI score0.0061EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/07/12 7:20 p.m.68 views

CVE-2021-24365 Admin Columns Free (< 4.3.2) & Pro (< 5.5.2) - Authenticated Stored Cross-Site Scripting (XSS) in Custom Field

The Admin Columns WordPress plugin Free before 4.3.2 and Pro before 5.5.2 allowed to configure individual columns for tables. Each column had a type. The type "Custom Field" allowed to choose an arbitrary database column to display in the table. There was no escaping applied to the contents of...

5.7AI score0.00932EPSS
Exploits4References2
Cvelist
Cvelist
added 2021/06/22 6:10 p.m.68 views

CVE-2021-22377

There is a command injection vulnerability in S12700 V200R019C00SPC500, S2700 V200R019C00SPC500, S5700 V200R019C00SPC500, S6700 V200R019C00SPC500 and S7700 V200R019C00SPC500. A module does not verify specific input sufficiently. Attackers can exploit this vulnerability by sending malicious...

7.3AI score0.00917EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/05/18 4:11 p.m.68 views

CVE-2021-32305

WebSVN before 2.6.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search parameter...

10AI score0.86716EPSS
Exploits9References2
Cvelist
Cvelist
added 2021/04/30 11:44 a.m.68 views

CVE-2020-24918

A buffer overflow in the RTSP service of the Ambarella Oryx RTSP Server 2020-01-07 allows an unauthenticated attacker to send a crafted RTSP request, with a long digest authentication header, to execute arbitrary code in parseauthenticationheader in libamprotocol-rtsp.so.1 in rtspsvc or cause a...

10AI score0.04358EPSS
Exploits1References4
Cvelist
Cvelist
added 2021/04/07 11:30 a.m.68 views

CVE-2021-30184

GNU Chess 6.2.7 allows attackers to execute arbitrary code via crafted PGN Portable Game Notation data. This is related to a buffer overflow in the use of a .tmp.epd temporary file in the cmdpgnload and cmdpgnreplay functions in frontend/cmd.cc...

8.1AI score0.01769EPSS
Exploits1References6
Cvelist
Cvelist
added 2021/01/12 7:42 p.m.68 views

CVE-2021-1648 Microsoft splwow64 Elevation of Privilege Vulnerability

...

7.8CVSS8.3AI score0.01229EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/12/31 8:20 a.m.68 views

CVE-2020-35911

An issue was discovered in the lockapi crate before 0.4.2 for Rust. A data race can occur because of MappedRwLockReadGuard unsoundness...

4.7AI score0.00207EPSS
Exploits0References1
Cvelist
Cvelist
added 2020/08/07 3:36 p.m.68 views

CVE-2020-11985

IP address spoofing when proxying using modremoteip and modrewrite For configurations using proxying with modremoteip and certain modrewrite rules, an attacker could spoof their IP address for logging and PHP scripts. Note this issue was fixed in Apache HTTP Server 2.4.24 but was retrospectively...

6.1AI score0.06808EPSS
Exploits0References16
Cvelist
Cvelist
added 2020/03/12 1:3 p.m.68 views

CVE-2020-10391

The way URIs are handled in admin/header.php in Chadha PHPKB Standard Multi-Language 9 allows Reflected XSS injecting arbitrary web script or HTML in admin/add-article.php by adding a question mark ? followed by the payload...

5AI score0.00733EPSS
Exploits1References2
Cvelist
Cvelist
added 2019/02/06 4:0 p.m.68 views

CVE-2019-1003010

A cross-site request forgery vulnerability exists in Jenkins Git Plugin 3.9.1 and earlier in src/main/java/hudson/plugins/git/GitTagAction.java that allows attackers to create a Git tag in a workspace and attach corresponding metadata to a build record...

4.8AI score0.01145EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/01/05 12:0 a.m.68 views

CVE-2016-10011

authfile.c in sshd in OpenSSH before 7.4 does not properly consider the effects of realloc on buffer contents, which might allow local users to obtain sensitive private-key information by leveraging access to a privilege-separated child process...

6.1AI score0.01101EPSS
Exploits1References12
Cvelist
Cvelist
added 2015/10/21 9:0 p.m.68 views

CVE-2015-4807

Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier, when running on Windows, allows remote authenticated users to affect availability via unknown vectors related to Server : Query Cache...

5.2AI score0.02729EPSS
Exploits0References9
Cvelist
Cvelist
added 2015/04/01 10:0 a.m.68 views

CVE-2015-0802

Mozilla Firefox before 37.0 relies on docshell type information instead of page principal information for Window.webidl access control, which might allow remote attackers to execute arbitrary JavaScript code with chrome privileges via certain content navigation that leverages the reachability of ...

9.3AI score0.67268EPSS
Exploits4References8
Cvelist
Cvelist
added 2015/01/21 6:0 p.m.68 views

CVE-2015-0381

Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier and 5.6.21 and earlier allows remote attackers to affect availability via unknown vectors related to Server : Replication, a different vulnerability than CVE-2015-0382...

6.6AI score0.05428EPSS
Exploits0References18
Cvelist
Cvelist
added 2014/10/15 12:0 a.m.68 views

CVE-2014-3566

The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka the "POODLE" issue...

4.6AI score0.99999EPSS
Exploits7References243
Cvelist
Cvelist
added 2014/07/20 10:0 a.m.68 views

CVE-2014-0117

The modproxy module in the Apache HTTP Server 2.4.x before 2.4.10, when a reverse proxy is enabled, allows remote attackers to cause a denial of service child-process crash via a crafted HTTP Connection header...

6.8AI score0.35543EPSS
Exploits2References24
Cvelist
Cvelist
added 2014/07/17 10:0 a.m.68 views

CVE-2014-4260

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier, and 5.6.17 and earlier, allows remote authenticated users to affect integrity and availability via vectors related to SRCHAR...

6.1AI score0.03482EPSS
Exploits0References12
Cvelist
Cvelist
added 2014/04/01 12:0 a.m.68 views

CVE-2013-5640

Multiple SQL injection vulnerabilities in Gnew 2013.1 allow remote attackers to execute arbitrary SQL commands via the 1 answerid or 2 questionid parameter to polls/vote.php, 3 storyid parameter to comments/add.php or 4 comments/edit.php, or 5 threadid parameter to posts/add.php. NOTE: this issue...

8.2AI score0.02387EPSS
Exploits6References4
Cvelist
Cvelist
added 2011/04/27 12:0 a.m.68 views

CVE-2011-1587

Cross-site scripting XSS vulnerability in MediaWiki before 1.16.4, when Internet Explorer 6 or earlier is used, allows remote attackers to inject arbitrary web script or HTML via an uploaded file accessed with a dangerous extension such as .html located before a ? question mark in a query string,...

5.5AI score0.01711EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/06/23 5:26 p.m.67 views

CVE-2026-57062

CMS Cryptographic Message Syntax parsing in gpgsm in GnuPG through 2.5.20 mishandles the CMS format for AES-GCM because aes-ICVlen is supposed to be 12 bytes but 4 bytes is accepted. NOTE: this is related to CVE-2026-34182...

2.9CVSS0.0011EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/23 2:20 p.m.67 views

CVE-2026-28496 FOSSBilling: Server-side template injection in Twig template rendering enables information disclosure and RCE

FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 have a Server-Side Template Injection SSTI vulnerability in the template rendering system. Administrators with access to features that render Twig templates email templates, mass mail campaigns, custo...

9.4CVSS0.01892EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/06/23 3:37 a.m.67 views

CVE-2026-55654 Openssh: heap out-of-bounds read in red hat enterprise linux versions of openssh gssapi indicator cleanup due to missing null sentinel termination

A flaw was found in OpenSSH. This vulnerability, a heap out-of-bounds read, occurs during the cleanup of GSSAPI Generic Security Service Application Programming Interface indicators when a trailing NULL termination is missing in the auth-indicators array. A remote attacker, under specific...

3.7CVSS0.00367EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/06/01 5:23 p.m.67 views

CVE-2026-45727 CloakBrowser: Unauthenticated path traversal via fingerprint parameter in cloakserve leads to arbitrary directory deletion

CloakBrowser is a tool to bypass bot detection tests. Prior to version 0.3.28, the cloakserve CDP multiplexer uses the user-supplied fingerprint query parameter directly as a filesystem path component when creating Chrome profile directories. An unauthenticated attacker who can reach the cloakser...

8.8CVSS0.00475EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/27 12:28 p.m.67 views

CVE-2026-1933 Samba: missing access check on reparse point operations

A flaw was found in Samba’s handling of NTFS-style reparse points on shares configured with read only = yes. Due to missing SMB-layer access checks, authenticated users with underlying filesystem write permissions may create or delete reparse point metadata through SMB operations even on read-onl...

7.1CVSS0.00862EPSS
Exploits0References13
Cvelist
Cvelist
added 2026/05/26 12:0 a.m.67 views

CVE-2026-48697

FastNetMon Community Edition through 1.2.9 does not verify TLS certificates on outbound HTTPS connections. The executewebrequestsecure function in src/fastlibrary.cpp creates a boost::asio::ssl::context with tlsclient mode and calls setdefaultverifypaths to load CA certificates, but never calls...

0.00164EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/20 1:9 p.m.67 views

CVE-2026-41091 Microsoft Defender Elevation of Privilege Vulnerability

...

7.8CVSS0.08371EPSS
Exploits2References1
Cvelist
Cvelist
added 2026/05/15 9:21 p.m.67 views

CVE-2026-45303 Open WebUI: Stored XSS via the HTML renedering view

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.5, through the HTML rendering view, scripts can be injected and executed. The frontend provides a function to visualize the HTML content of a current chat. The content is embedded in an...

7.7CVSS0.00217EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/15 7:18 p.m.67 views

CVE-2026-45399 Open WebUI: Low-privilege authenticated users can enumerate and stop global background tasks, causing system-wide chat disruption

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, any authenticated user with low privileges can enumerate active background tasks across the system and stop tasks belonging to other users via the GET /api/tasks and POST...

7.1CVSS0.0027EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/15 7:46 a.m.67 views

CVE-2026-6228 Frontend Admin by DynamiApps <= 3.28.36 - Unauthenticated Privilege Escalation via Edit User Form

The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to Privilege Escalation in versions up to and including 3.28.36. This is due to insufficient authorization checks in the role field update mechanism combined with overly permissive capabilities for the adminform post type. The...

8.8CVSS0.00325EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/15 1:45 a.m.67 views

CVE-2025-48512

Incorrect default permissions in the installation directory for the AMD general-purpose input/output controller GPIO could allow an attacker to achieve privilege escalation resulting in arbitrary code execution...

7CVSS0.00106EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/14 4:45 p.m.67 views

CVE-2026-42555 Valtimo: SpEL injection via StandardEvaluationContext allows Remote Code Execution by admin users

Valtimo is an open-source business process automation platform. com.ritense.valtimo:document from 12.0.0 to before 12.32.0, com.ritense.valtimo:case from 13.0.0 to before 13.23.0, and com.ritense.valtimo:contract from 13.4.0 to before 13.23.0 evaluate Spring Expression Language SpEL expressions...

9.1CVSS0.00576EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/14 1:0 p.m.67 views

CVE-2026-6637 PostgreSQL refint allows stack buffer overflow and SQL injection

Stack buffer overflow in PostgreSQL module "refint" allows an unprivileged database user to execute arbitrary code as the operating system user running the database. A distinct attack is possible if the application declares a user-controlled column as a "refint" cascade primary key and facilitate...

8.8CVSS0.00378EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/14 5:38 a.m.67 views

CVE-2025-14869 Improper Validation of Specified Quantity in Input in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.5 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an unauthenticated user to cause denial of service by sending specially crafted payloads on certain API endpoints...

7.5CVSS0.00354EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/13 4:57 p.m.67 views

CVE-2026-44576 Next.js: Cache poisoning in React Server Component responses

Next.js is a React framework for building full-stack web applications. From 14.2.0 to before 15.5.16 and 16.2.5, applications using React Server Components can be vulnerable to cache poisoning when shared caches do not correctly partition response variants. Under affected conditions, an attacker...

5.4CVSS0.0025EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/13 3:27 p.m.67 views

CVE-2026-44664 fast-xml-builder: Comment Value bypass regex

fast-xml-builder builds XML from JSON. In 1.1.5, the fix for CVE-2026-41650 in fast-xml-parser sanitizes -- sequences in XML comment content using .replace/--/g, '- -'. This skip the values containing three consecutive dashes e.g., ---..., allowing an attacker to break out of an XML comment and...

6.1CVSS0.00194EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/13 2:42 p.m.67 views

CVE-2026-44291 protobufjs: Code generation gadget after prototype pollution

protobufjs compiles protobuf definitions into JavaScript JS functions. Prior to 7.5.6 and 8.0.2, protobufjs used plain objects with inherited prototypes for internal type lookup tables used by generated encode and decode functions. If Object.prototype had already been polluted, those lookup table...

8.1CVSS0.00499EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/13 12:19 a.m.67 views

CVE-2026-8202 Post-authentication CPU utilization DoS via $trim/$ltrim/$rtrim operators

Using a densely populated chars mask and a large input string in the MongoDB aggregation operators $trim, $ltrim, and $rtrim, an authenticated user with aggregation permissions can pin CPU utilization at 100% for an extended period of time. This issue impacts MongoDB Server v7.0 versions prior to...

5.3CVSS0.00263EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 11:0 p.m.67 views

CVE-2026-42156 Flowsint: Cypher query injection in node type on node creation

Flowsint is an open-source OSINT graph exploration tool designed for cybersecurity investigation, transparency, and verification. Prior to 1.2.3, a remote attacker can create a node with a malicious type that can escape an existing Cypher query and an adversary can execute an arbitrary Cypher...

7.1CVSS0.00285EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 7:48 a.m.67 views

CVE-2026-2993 AI Chatbot & Workflow Automation by AIWU <= 1.4.17 - Unauthenticated SQL Injection in getListForTbl()

The AI Chatbot & Workflow Automation by AIWU plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 1.4.17 due to insufficient escaping on user supplied parameters and lack of sufficient preparation on the existing SQL query in the getListForTbl function. This makes...

7.5CVSS0.00413EPSS
Exploits0References19
Cvelist
Cvelist
added 2026/05/12 5:21 a.m.67 views

CVE-2026-41530

The automatic folder creation feature of Lhaz and Lhaz+ provided by Chitora soft contains a path traversal vulnerability. When the affected product is configured with the automatic folder creation feature enabled, and a product user tries to extract an archive file which has a crafted file name,...

4.6CVSS0.0015EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/11 4:47 p.m.67 views

CVE-2026-2291 CVE-2026-2291

dnsmasqs extractname function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-controlled IP address, or to cause a DoS...

0.00754EPSS
Exploits1References7
Cvelist
Cvelist
added 2026/05/11 4:46 p.m.67 views

CVE-2026-44996 OpenClaw < 2026.4.15 - Arbitrary Local File Read via Webchat Audio Embedding

OpenClaw before 2026.4.15 contains an arbitrary local file read vulnerability in the webchat audio embedding helper that fails to apply local media root containment checks. Attackers can influence agent or tool-produced ReplyPayload.mediaUrl parameters to resolve absolute local paths or file URLs...

6.3CVSS0.00305EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/10 6:36 a.m.67 views

CVE-2026-45186

In libexpat before 2.8.1, the computational complexity of attribute name collision checks allows a denial of service via moderately sized crafted XML input...

2.9CVSS0.00428EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/09 3:38 a.m.67 views

CVE-2026-42137 Kirby: `pages.access/list` and `files.access/list` permissions are not consistently checked in the REST API and changes dialog

Kirby is an open-source content management system. Prior to versions 4.9.0 and 5.4.0, pages.access/list and files.access/list permissions are not consistently checked in the Panel and REST API. This issue has been patched in versions 4.9.0 and 5.4.0...

7.1CVSS0.00303EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/08 12:0 a.m.67 views

CVE-2025-69691

Netgate pfSense CE 2.8.0 allows code execution in the XMLRPC API via pfsense.execphp. NOTE: the Supplier disputes this because the API call is only available to admins and they are intentionally allowed to execute PHP code...

0.0053EPSS
Exploits4References2
Cvelist
Cvelist
added 2026/05/07 12:7 p.m.67 views

CVE-2026-8080 MISP core - Stored XSS in MISP template (old engine) element attribute type

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in misp allows Stored XSS. This issue affects MISP before 2.5.37. A stored cross-site scripting vulnerability exists in the template element attribute handling logic. The application accepted...

6.8CVSS0.00139EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/05 3:17 p.m.67 views

CVE-2026-43062 Bluetooth: L2CAP: Fix type confusion in l2cap_ecred_reconf_rsp()

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix type confusion in l2capecredreconfrsp l2capecredreconfrsp casts the incoming data to struct l2capecredconnrsp the ECRED connection response, 8 bytes with result at offset 6 instead of struct...

7.1CVSS0.00215EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/04/30 12:0 a.m.67 views

CVE-2026-40686

In Exim before 4.99.2, when utf8 operators are enabled, there is an out-of-bounds read if large UTF-8 trailing characters are present malformed UTF-8 header data. Information might be divulged within an error message produced during handling of an unrelated e-mail message...

3.7CVSS0.00246EPSS
Exploits0References4
Total number of security vulnerabilities5000