Lucene search
K
CvelistMost viewed

364883 matches found

Cvelist
Cvelist
added 2026/05/13 3:1 p.m.63 views

CVE-2026-44458 Hono: CSS Declaration Injection via Style Object Values in JSX SSR

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.18, the JSX renderer escapes style attribute object values for HTML but not for CSS. Untrusted input in a style object value or property name can therefore inject additional CSS declarations into t...

4.3CVSS0.00197EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 7:48 a.m.63 views

CVE-2026-6247 scratchblocks for WP <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'element' Shortcode Attribute

The scratchblocks for WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'element' attribute of the 'scratchblocks' shortcode in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

6.4CVSS0.00187EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/11 8:31 p.m.63 views

CVE-2026-43873 WWBN AVideo: Unauthenticated Disclosure of CloneSite `myKey` via Error Echo in `cloneClient.json.php` Enables Cross-Site DB Dump of the Configured Clone Server

WWBN AVideo is an open source video platform. In versions up to and including 29.0, plugin/CloneSite/cloneClient.json.php echoes the local CloneSite shared secret $objClone-myKey, a constant md5$global'systemRootPath' . $global'salt' into the HTTP response body on every unauthenticated request. T...

7.5CVSS0.00255EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/11 3:15 a.m.63 views

CVE-2026-8268 Open5GS SMF OpenAPI_list_create denial of service

A vulnerability has been found in Open5GS up to 2.7.7. This issue affects the function OpenAPIlistcreate of the component SMF. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The project was informed ...

5.3CVSS0.00372EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/05/11 12:0 a.m.63 views

CVE-2026-31253

The flash-attention training framework thru commit e724e2588cbe754beb97cf7c011b5e7e34119e62 2025-13-04 contains an insecure deserialization vulnerability CWE-502 in its checkpoint loading mechanism. The loadcheckpoint function in checkpoint.py and the checkpoint loading code in eval.py use...

0.00218EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/09 12:43 a.m.63 views

CVE-2026-6665 PgBouncer buffer overflow in SCRAM

The SCRAM code in PgBouncer before 1.25.2 did not check the return value of strlcat correctly when building the contents of the SCRAM client-final-message. A malicious backend that sends a SCRAM server-final-message with a long nonce can trigger a stack overflow...

8.1CVSS0.00372EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/08 1:30 a.m.63 views

CVE-2026-8125 code-projects Simple Chat System sendMessage.php sql injection

A vulnerability was detected in code-projects Simple Chat System 1.0. This vulnerability affects unknown code of the file sendMessage.php. The manipulation of the argument type/length/business parameter validity results in sql injection. The attack may be launched remotely. The exploit is now...

6.5CVSS0.0025EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/06 11:28 a.m.63 views

CVE-2026-43247 media: chips-media: wave5: Fix SError of kernel panic when closed

In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix SError of kernel panic when closed SError of kernel panic rarely happened while testing fluster. The root cause was to enter suspend mode because timeout of autosuspend delay happened. 48.834439...

0.00121EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/06 11:28 a.m.63 views

CVE-2026-43219 net: cpsw_new: Fix potential unregister of netdev that has not been registered yet

In the Linux kernel, the following vulnerability has been resolved: net: cpswnew: Fix potential unregister of netdev that has not been registered yet If an error occurs during registernetdev for the first MAC in cpswregisterports, even though cpsw-slaves0.ndev is set to NULL, cpsw-slaves1.ndev...

0.00128EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/05/06 11:28 a.m.63 views

CVE-2026-43216 net: Drop the lock in skb_may_tx_timestamp()

In the Linux kernel, the following vulnerability has been resolved: net: Drop the lock in skbmaytxtimestamp skbmaytxtimestamp may acquire sock::skcallbacklock. The lock must not be taken in IRQ context, only softirq is okay. A few drivers receive the timestamp via a dedicated interrupt and comple...

0.00127EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/05 9:25 p.m.63 views

CVE-2026-40075 OpenMRS Core arbitrary file read via path traversal in ModuleResourcesServlet

OpenMRS Core is an open source electronic medical record system platform. In versions 2.7.8 and earlier and versions 2.8.0 through 2.8.5, the /openmrs/moduleResources/moduleid endpoint is vulnerable to a path traversal attack. The ModuleResourcesServlet constructs a filesystem path from...

8.2CVSS0.00558EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/05 7:37 p.m.63 views

CVE-2026-35397 jupyter-server path traversal allows access to sibling directories sharing root_dir name prefix

Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, a path traversal vulnerability in the REST API allows an authenticated user to escape the configured rootdir and access sibling directories whose names begin with the same prefix as the rootdir. For exampl...

7.6CVSS0.00583EPSS
Exploits2References1
Cvelist
Cvelist
added 2026/05/05 3:23 p.m.63 views

CVE-2026-43063 xfs: don't irele after failing to iget in xfs_attri_recover_work

In the Linux kernel, the following vulnerability has been resolved: xfs: don't irele after failing to iget in xfsattrirecoverwork xlogrecoveryiget never set @ip to a valid pointer if they return an error, so this irele will walk off a dangling pointer. Fix that...

7.8CVSS0.00126EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/05 8:27 a.m.64 views

CVE-2026-3601 User Registration & Membership <= 5.1.4 - Missing Authorization to Authenticated (Contributor+) Limited Page Content Modification

The User Registration & Membership plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the embedformaction function in all versions up to, and including, 5.1.4. This makes it possible for authenticated attackers, with Contributor-level acce...

4.3CVSS0.003EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/05/03 12:57 a.m.63 views

CVE-2026-40561 Starlet versions through 0.31 for Perl allows HTTP Request Smuggling via Improper Header Precedence

Starlet versions through 0.31 for Perl allows HTTP Request Smuggling via Improper Header Precedence. Starlet incorrectly prioritizes "Content-Length" over "Transfer-Encoding: chunked" when both headers are present in an HTTP request. Per RFC 7230 3.3.3, Transfer-Encoding must take precedence. An...

0.00378EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/02 7:46 a.m.63 views

CVE-2026-6229 Royal Addons for Elementor <= 1.7.1057 - Authenticated (Contributor+) Server-Side Request Forgery via CSV URL Parameter

The Royal Elementor Addons plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 1.7.1057. This is due to insufficient validation of user-supplied URLs in the rendercsvdata function, which can be bypassed by including 'docs.google.com/spreadsheets' in...

7.2CVSS0.00379EPSS
Exploits0References10
Cvelist
Cvelist
added 2026/05/01 9:46 a.m.63 views

CVE-2026-42404 Apache Neethi: Unrestricted HTTP Redirect Following in Policy References

Apache Neethi does not impose any restrictions on URIs when manually fetching remote policy references through the PolicyReference API. When an application explicitly calls the API to retrieve a policy from a remote URI, an outbound request is made for arbitrary protocols and internal IP...

6.5CVSS0.00497EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/06 3:17 p.m.63 views

CVE-2026-5704 Tar: tar: hidden file injection via crafted archives

A flaw was found in tar. A remote attacker could exploit this vulnerability by crafting a malicious archive, leading to hidden file injection with fully attacker-controlled content. This bypasses pre-extraction inspection mechanisms, potentially allowing an attacker to introduce malicious files...

5CVSS0.0043EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/03/15 12:19 a.m.63 views

CVE-2026-3442 Binutils: gnu binutils: information disclosure or denial of service via out-of-bounds read in bfd linker

A flaw was found in GNU Binutils. This vulnerability, a heap-based buffer overflow, specifically an out-of-bounds read, exists in the bfd linker component. An attacker could exploit this by convincing a user to process a specially crafted malicious XCOFF object file. Successful exploitation may...

6.1CVSS0.00245EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/11/21 12:29 p.m.63 views

CVE-2025-66092 WordPress Accordion Slider plugin <= 1.9.13 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bqworks Accordion Slider accordion-slider allows Stored XSS.This issue affects Accordion Slider: from n/a through = 1.9.13...

6.5CVSS0.00134EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/13 5:28 p.m.63 views

CVE-2024-10219 Incorrect Authorization in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 15.6 before 18.0.6, 18.1 before 18.1.4, and 18.2 before 18.2.2 that under certain conditions could have allowed authenticated users to bypass access controls and download private artifacts by accessing specific API endpoints...

6.5CVSS0.00398EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/05/01 10:54 a.m.63 views

CVE-2025-27007 WordPress SureTriggers <= 1.0.82 - Privilege Escalation Vulnerability

Incorrect Privilege Assignment vulnerability in Brainstorm Force OttoKit suretriggers allows Privilege Escalation.This issue affects OttoKit: from n/a through = 1.0.82...

9.8CVSS0.5088EPSS
Exploits3References1
Cvelist
Cvelist
added 2025/04/24 2:55 a.m.63 views

CVE-2025-1976 Code injection exposure in Fabric OS 9.1.0 through 9.1.1d6

Brocade Fabric OS versions starting with 9.1.0 have root access removed, however, a local user with admin privilege can potentially execute arbitrary code with full root privileges on Fabric OS versions 9.1.0 through 9.1.1d6...

8.6CVSS0.00736EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/14 2:49 p.m.63 views

CVE-2025-2475 Unauthorized Bot Login Using Credentials

Mattermost versions 10.5.x = 10.5.1, 10.4.x = 10.4.3, 9.11.x = 9.11.9 fail to invalidate the cache when a user account is converted to a bot which allows an attacker to login to the bot exactly one time via normal credentials...

5.4CVSS0.00204EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/10 4:22 a.m.63 views

CVE-2025-3102 SureTriggers <= 1.0.78 - Authorization Bypass due to Missing Empty Value Check to Unauthenticated Administrative User Creation

The SureTriggers: All-in-One Automation Platform plugin for WordPress is vulnerable to an authentication bypass leading to administrative account creation due to a missing empty value check on the 'secretkey' value in the 'autheticateuser' function in all versions up to, and including, 1.0.78. Th...

8.1CVSS0.76126EPSS
Exploits8References3
Cvelist
Cvelist
added 2025/01/23 11:37 a.m.63 views

CVE-2025-23006

Pre-authentication deserialization of untrusted data vulnerability has been identified in the SMA1000 Appliance Management Console AMC and Central Management Console CMC, which in specific conditions could potentially enable a remote unauthenticated attacker to execute arbitrary OS commands...

0.23432EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/12/13 1:44 p.m.63 views

CVE-2024-55889 phpMyFAQ Vulnerable to Unintended File Download Triggered by Embedded Frames

phpMyFAQ is an open source FAQ web application. Prior to version 3.2.10, a vulnerability exists in the FAQ Record component where a privileged attacker can trigger a file download on a victim's machine upon page visit by embedding it in an element without user interaction or explicit consent...

4.9CVSS0.02163EPSS
Exploits3References2
Cvelist
Cvelist
added 2024/09/23 3:26 p.m.63 views

CVE-2024-47068 DOM Clobbering Gadget found in rollup bundled scripts that leads to XSS

Rollup is a module bundler for JavaScript. Versions prior to 2.79.2, 3.29.5, and 4.22.4 are susceptible to a DOM Clobbering vulnerability when bundling scripts with properties from import.meta e.g., import.meta.url in cjs/umd/iife format. The DOM Clobbering gadget can lead to cross-site scripting...

6.1CVSS0.007EPSS
Exploits1References5
Cvelist
Cvelist
added 2024/09/18 1:54 p.m.63 views

CVE-2024-31166 Out-of-bounds Read in libfluid_msg library

Out-of-bounds Read vulnerability in Open Networking Foundation ONF libfluid libfluidmsg module. This vulnerability is associated with program routine fluidmsg::of13::HelloElemVersionBitmap::unpack. This issue affects libfluid: 0.1.0...

6.5CVSS0.00486EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/09/09 6:50 p.m.63 views

CVE-2024-7318 Keycloak-core: one time passcode (otp) is valid longer than expiration timeseverity

A vulnerability was found in Keycloak. Expired OTP codes are still usable when using FreeOTP when the OTP token period is set to 30 seconds default. Instead of expiring and deemed unusable around 30 seconds in, the tokens are valid for an additional 30 seconds totaling 1 minute. A one time passco...

4.8CVSS0.00393EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/09/04 3:27 p.m.63 views

CVE-2024-8391 Eclipse Vert.x gRPC server does not limit the maximum message size

In Eclipse Vert.x version 4.3.0 to 4.5.9, the gRPC server does not limit the maximum length of message payload Maven GAV: io.vertx:vertx-grpc-server and io.vertx:vertx-grpc-client. This is fixed in the 4.5.10 version. Note this does not affect the Vert.x gRPC server based grpc-java and Netty...

6.9CVSS0.0058EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/08/13 11:23 p.m.63 views

CVE-2024-38163 Windows Update Stack Elevation of Privilege Vulnerability

...

7.8CVSS0.00651EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/06 4:54 a.m.63 views

CVE-2024-39817

Insertion of sensitive information into sent data issue exists in Cybozu Office 10.0.0 to 10.8.6, which may allow a user who can login to the product to view data that the user does not have access by conducting 'search' under certain conditions in Custom App...

0.00417EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/07/23 4:59 p.m.63 views

CVE-2024-41664 Blind SSRF via Canarytoken Webhook

Canarytokens help track activity and actions on a network. Prior to sha-8ea5315, Canarytokens.org was vulnerable to a blind SSRF in the Webhook alert feature. When a Canarytoken is created, users choose to receive alerts either via email or via a webhook. If a webhook is supplied when a Canarytok...

5.4CVSS0.00381EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/15 12:0 a.m.63 views

CVE-2024-6345 Remote Code Execution in pypa/setuptools

A vulnerability in the packageindex module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code...

8.8CVSS0.01939EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/07/12 12:13 p.m.63 views

CVE-2024-36522 Apache Wicket: Remote code execution via XSLT injection

The default configuration of XSLTResourceStream.java is vulnerable to remote code execution via XSLT injection when processing input from an untrusted source without validation. Users are recommended to upgrade to versions 10.1.0, 9.18.0 or 8.16.0, which fix this issue...

0.02127EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/07/09 5:2 p.m.63 views

CVE-2024-38051 Windows Graphics Component Remote Code Execution Vulnerability

...

7.8CVSS0.01121EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/05 6:39 p.m.63 views

CVE-2024-39689 Certifi removes GLOBALTRUST root certificate

Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi starting in 2021.5.30 and prior to 2024.7.4 recognized root certificates from GLOBALTRUST. Certifi 2024.7.04 removes root certificates fro...

7.5CVSS0.01049EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/07/01 12:0 a.m.63 views

CVE-2024-38999

jrburke requirejs v2.3.6 was discovered to contain a prototype pollution via the function s.contexts..configure. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

0.00749EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/26 5:6 p.m.63 views

CVE-2024-39460

Jenkins Bitbucket Branch Source Plugin 886.v44cf5e4ecec5 and earlier prints the Bitbucket OAuth access token as part of the Bitbucket URL in the build log in some cases...

0.00489EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/06/18 7:50 a.m.64 views

CVE-2024-5533 Divi <= 4.25.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Divi theme for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 4.25.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web script...

6.4CVSS0.00263EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/06/16 12:0 a.m.63 views

CVE-2024-38428

url.c in GNU Wget through 1.24.5 mishandles semicolons in the userinfo subcomponent of a URI, and thus there may be insecure behavior in which data that was supposed to be in the userinfo subcomponent is misinterpreted to be part of the host subcomponent...

0.00672EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/06/11 2:32 p.m.63 views

CVE-2024-21754

A use of password hash with insufficient computational effort vulnerability CWE-916 affecting FortiOS version 7.4.3 and below, 7.2 all versions, 7.0 all versions, 6.4 all versions and FortiProxy version 7.4.2 and below, 7.2 all versions, 7.0 all versions, 2.0 all versions may allow a privileged...

1.8CVSS0.03469EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/05/14 4:22 p.m.63 views

CVE-2023-24204

SQL injection vulnerability in SourceCodester Simple Customer Relationship Management System v1.0 allows attacker to execute arbitrary code via the name parameter in get-quote.php...

8.4AI score0.00639EPSS
Exploits2References3
Cvelist
Cvelist
added 2024/05/02 4:52 p.m.63 views

CVE-2024-2667 InstaWP Connect – 1-click WP Staging & Migration <= 0.1.0.22 - Unauthenticated Arbitrary File Upload

The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file validation in the /wp-json/instawp-connect/v1/config REST API endpoint in all versions up to, and including, 0.1.0.22. This makes it possible for...

9.8CVSS9.7AI score0.05747EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/02 1:55 p.m.63 views

CVE-2024-30251 Denial of service when trying to parse malformed POST requests in aiohttp

aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. In affected versions an attacker can send a specially crafted POST multipart/form-data request. When the aiohttp server processes it, the server will enter an infinite loop and be unable to process any further request...

7.5CVSS7.5AI score0.01085EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/05/02 1:28 p.m.63 views

CVE-2024-34145

A sandbox bypass vulnerability involving sandbox-defined classes that shadow specific non-sandbox-defined classes in Jenkins Script Security Plugin 1335.vf07d9ce377ae and earlier allows attackers with permission to define and run sandboxed scripts, including Pipelines, to bypass the sandbox...

7.4AI score0.01002EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/04/24 3:49 p.m.63 views

CVE-2023-47504 WordPress Elementor plugin <= 3.16.4 - Auth. Arbitrary Attachment Read vulnerability

Improper Authentication vulnerability in Elementor Elementor Website Builder allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Elementor Website Builder: from n/a through 3.16.4...

6.5CVSS7.8AI score0.01452EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/04/09 4:49 p.m.63 views

CVE-2024-29905 DIRAC: Unauthorized users can read proxy contents during generation

DIRAC is an interware, meaning a software framework for distributed computing. Prior to version 8.0.41, during the proxy generation process e.g., when using dirac-proxy-init, it is possible for unauthorized users on the same machine to gain read access to the proxy. This allows the user to then...

8.1CVSS8.2AI score0.00317EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/03/19 1:40 p.m.63 views

CVE-2024-29138 WordPress Restrict User Access plugin <= 2.5 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Joachim Jensen Restrict User Access – Membership Plugin with Force restrict-user-access.This issue affects Restrict User Access – Membership Plugin with Force: from n/a through = 2.5...

7.1CVSS7.1AI score0.00622EPSS
Exploits0References1
Total number of security vulnerabilities5000