Lucene search
K
CvelistMost viewed

365318 matches found

Cvelist
Cvelist
added 2017/01/05 12:0 a.m.64 views

CVE-2016-10012

The shared memory manager associated with pre-authentication compression in sshd in OpenSSH before 7.4 does not ensure that a bounds check is enforced by all compilers, which might allows local users to gain privileges by leveraging access to a sandboxed privilege-separation process, related to t...

6.3AI score0.01281EPSS
Exploits1References12
Cvelist
Cvelist
added 2015/11/18 3:0 p.m.64 views

CVE-2015-4852

The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to...

9.3AI score0.96032EPSS
Exploits17References15
Cvelist
Cvelist
added 2014/10/15 10:3 p.m.64 views

CVE-2014-6530

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to CLIENT:MYSQLDUMP...

6.3AI score0.02667EPSS
Exploits0References4
Cvelist
Cvelist
added 2014/09/25 1:0 a.m.64 views

CVE-2014-7169

GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the...

8.5AI score0.9994EPSS
Exploits18References160
Cvelist
Cvelist
added 2014/07/20 10:0 a.m.64 views

CVE-2014-0118

The deflateinfilter function in moddeflate.c in the moddeflate module in the Apache HTTP Server before 2.4.10, when request body decompression is enabled, allows remote attackers to cause a denial of service resource consumption via crafted request data that decompresses to a much larger size...

4.9AI score0.37156EPSS
Exploits0References43
Cvelist
Cvelist
added 2014/07/17 10:0 a.m.64 views

CVE-2014-4258

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SRINFOSC...

6.2AI score0.03482EPSS
Exploits0References12
Cvelist
Cvelist
added 2014/01/15 1:33 a.m.64 views

CVE-2013-5908

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.72 and earlier, 5.5.34 and earlier, and 5.6.14 and earlier allows remote attackers to affect availability via unknown vectors related to Error Handling...

6.9AI score0.0467EPSS
Exploits0References17
Cvelist
Cvelist
added 2013/01/17 1:30 a.m.64 views

CVE-2013-0385

Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows local users to affect confidentiality and integrity via unknown vectors related to Server Replication...

4.2AI score0.00419EPSS
Exploits0References7
Cvelist
Cvelist
added 2013/01/17 1:30 a.m.64 views

CVE-2013-0383

Unspecified vulnerability in the Server component in Oracle MySQL 5.1.66 and earlier, and 5.5.28 and earlier, allows remote attackers to affect availability via unknown vectors related to Server Locking...

4.6AI score0.02649EPSS
Exploits0References7
Cvelist
Cvelist
added 2012/12/03 11:0 a.m.64 views

CVE-2012-5612

Heap-based buffer overflow in Oracle MySQL 5.5.19 and other versions through 5.5.28, and MariaDB 5.5.28a and possibly other versions, allows remote authenticated users to cause a denial of service memory corruption and crash and possibly execute arbitrary code, as demonstrated using certain...

5.8AI score0.20837EPSS
Exploits2References13
Cvelist
Cvelist
added 2012/10/16 11:0 p.m.64 views

CVE-2012-3158

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.64 and earlier, and 5.5.26 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Protocol...

4.5AI score0.04501EPSS
Exploits0References11
Cvelist
Cvelist
added 2012/07/17 10:0 p.m.64 views

CVE-2012-0540

Unspecified vulnerability in Oracle MySQL Server 5.1.62 and earlier and 5.5.23 and earlier allows remote authenticated users to affect availability, related to GIS Extension...

4.6AI score0.037EPSS
Exploits0References10
Cvelist
Cvelist
added 2012/05/03 10:0 p.m.64 views

CVE-2012-1703

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer, a different vulnerability than CVE-2012-1690...

4.4AI score0.0374EPSS
Exploits0References10
Cvelist
Cvelist
added 2009/12/20 2:0 a.m.64 views

CVE-2009-4029

The 1 dist or 2 distcheck rules in GNU Automake 1.11.1, 1.10.3, and release branches branch-1-4 through branch-1-9, when producing a distribution tarball for a package that uses Automake, assign insecure permissions 777 to directories in the build tree, which introduces a race condition that allo...

8.7AI score0.00477EPSS
Exploits1References12
Cvelist
Cvelist
added 2009/06/05 9:0 p.m.64 views

CVE-2009-1946

PHP remote file inclusion vulnerability in latestposts.php in AdaptBB 1.0, when registerglobals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the forumspath parameter...

7.5AI score0.01861EPSS
Exploits1References4
Cvelist
Cvelist
added 2008/10/23 9:0 p.m.64 views

CVE-2008-4250

The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows remote attackers to execute arbitrary code via a crafted RPC request that triggers the overflow during path canonicalization, as exploited in the wild ...

9.5AI score0.98751EPSS
Exploits12References18
Cvelist
Cvelist
added 2004/04/06 4:0 a.m.64 views

CVE-2004-0381

mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the failed-mysql-bugreport temporary file...

5.8AI score0.00604EPSS
Exploits0References11
Cvelist
Cvelist
added 2026/07/02 11:49 p.m.63 views

CVE-2026-55726 Gardyn IoT Hub Exposure of Sensitive System Information to an Unauthorized Control Sphere

The Azure Blob Storage container used for Gardyn device logs is publicly listable without authentication. A malicious user would be able to access any device log file available in the blob storage container...

6.9CVSS0.00359EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/23 3:37 a.m.63 views

CVE-2026-55654 Openssh: heap out-of-bounds read in red hat enterprise linux versions of openssh gssapi indicator cleanup due to missing null sentinel termination

A flaw was found in OpenSSH. This vulnerability, a heap out-of-bounds read, occurs during the cleanup of GSSAPI Generic Security Service Application Programming Interface indicators when a trailing NULL termination is missing in the auth-indicators array. A remote attacker, under specific...

3.7CVSS0.00367EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/05/18 8:15 p.m.63 views

CVE-2026-8838 Remote Code Execution via eval() Injection in amazon-redshift-python-driver

Unsafe use of Python's eval on server-received data in the vectorin function in amazon-redshift-python-driver before 2.1.14 allows a rogue server or man-in-the-middle actor to execute arbitrary code on the client. To remediate this issue, users should upgrade to version 2.1.14...

9.8CVSS0.00808EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/05/18 3:59 p.m.63 views

CVE-2026-45829

A pre-authentication, code injection vulnerability in version 1.0.0 or later of the ChromaDB Python project allows an unauthenticated attacker to run arbitrary code on the server by sending a malicious model repository and trustremotecode set to true in...

10CVSS0.12387EPSS
Exploits2References2
Cvelist
Cvelist
added 2026/05/17 11:30 p.m.63 views

CVE-2026-8771 linlinjava litemall Front-end WeChat API WxGoodsController.java list sql injection

A security flaw has been discovered in linlinjava litemall up to 1.8.0. This impacts the function list of the file litemall-wx-api/src/main/java/org/linlinjava/litemall/wx/web/WxGoodsController.java of the component Front-end WeChat API. Performing a manipulation results in sql injection. Remote...

7.5CVSS0.00259EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/15 6:11 a.m.63 views

CVE-2026-41702 TOCTOU local privilege escalation vulnerability

VMware Fusion contains a TOCTOU Time-of-check Time-of-use vulnerability that occurs during an operation performed by a SETUID binary. A malicious actor with local non-administrative user privileges may exploit this vulnerability to escalate privileges to root on the system where Fusion is install...

7.8CVSS0.00122EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/15 2:51 a.m.63 views

CVE-2026-0427

Improper cleanup of shared register resources in GPU firmware could allow an admin-privileged attacker from a Guest Virtual machine VM to access these shared resources from another Guest VM, potentially resulting in the loss of confidentiality, integrity, or availability...

4.6CVSS0.00112EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/15 2:51 a.m.63 views

CVE-2024-36332

Improper isolation of GPU HW register space could allow a privileged attacker in malicious Guest Virtual Machine VM to perform unauthorized access to specific victim range of GPU MMIO register space, potentially causing the host OS to reboot and creating a Denial of Service DOS condition...

6.8CVSS0.00105EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/14 8:32 p.m.63 views

CVE-2026-44666 HRConvert2: Missing Sanitization enables Unauthenticated Remote Command Execution

HRConvert2 is a self-hosted, drag-and-drop & nosql file conversion server & share tool. Prior to 3.3.8, the sanitizeString function in convertCore.php is missing backtick and tab \t from its strip list. User input then reaches shellexec, where the shell interprets these characters and commands...

9.3CVSS0.00297EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/14 3:52 p.m.63 views

CVE-2026-44504 Aegra: Cross-user run injection in /threads/{thread_id}/runs (IDOR)

Aegra is a drop-in replacement for LangSmith Deployments. Prior to 0.9.7, with multiple authenticated users on a shared instance are vulnerable to a cross-tenant IDOR. Any authenticated attacker, given another user's threadid, can execute graph runs against the user's thread, read the user's full...

8.6CVSS0.00285EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/14 3:36 p.m.63 views

CVE-2026-42590 Gotenberg: ExifTool group-prefix syntax bypasses dangerous-tag blocklist

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.30.0, The ExifTool metadata write blocklist in Gotenberg can be bypassed using ExifTool's group-prefix syntax, enabling arbitrary file rename, move, hardlink, and symlink creation on the server. ExifTool supports group-prefix...

8.2CVSS0.0029EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/14 3:20 p.m.63 views

CVE-2026-42591 Gotenberg: Server-Side Request Forgery (SSRF) in github.com/gotenberg/gotenberg/v8

Gotenberg is a Docker-powered stateless API for PDF files. Prior to 8.32.0, the LibreOffice conversion endpoint /forms/libreoffice/convert passes uploaded documents directly to LibreOffice without inspecting their content. LibreOffice then fetches any embedded external URLs on its own, completely...

8.2CVSS0.00245EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/14 8:24 a.m.63 views

CVE-2026-6514 InfusedWoo Pro <= 5.1.2 - Unauthenticated Arbitrary File Read via 'url' Parameter

The InfusedWoo Pro plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 5.1.2 via the popupsubmit. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating from the web application and can be used to...

7.5CVSS0.00271EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/14 12:0 a.m.63 views

CVE-2026-24710

Northern.tech CFEngine Enterprise before 3.21.8, 3.24.3, and 3.27.0 allows XSS...

0.00166EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/13 3:8 p.m.63 views

CVE-2026-43483 KVM: SVM: Set/clear CR8 write interception when AVIC is (de)activated

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Set/clear CR8 write interception when AVIC is deactivated Explicitly set/clear CR8 write interception when AVIC is deactivated to fix a bug where KVM leaves the interception enabled after AVIC is activated. E.g. if KVM...

0.00114EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/05/13 3:1 p.m.63 views

CVE-2026-44458 Hono: CSS Declaration Injection via Style Object Values in JSX SSR

Hono is a Web application framework that provides support for any JavaScript runtime. Prior to 4.12.18, the JSX renderer escapes style attribute object values for HTML but not for CSS. Untrusted input in a style object value or property name can therefore inject additional CSS declarations into t...

4.3CVSS0.00197EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 8:19 p.m.64 views

CVE-2026-35504 Subnet Solutions PowerSYSTEM Center CRLF injection

PowerSYSTEM Center email notification service is affected by a CRLF injection vulnerability when using SMTPS communication...

5.5CVSS0.00268EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/12 7:48 a.m.63 views

CVE-2026-6247 scratchblocks for WP <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'element' Shortcode Attribute

The scratchblocks for WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'element' attribute of the 'scratchblocks' shortcode in all versions up to, and including, 1.0.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

6.4CVSS0.00187EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/11 8:31 p.m.63 views

CVE-2026-43873 WWBN AVideo: Unauthenticated Disclosure of CloneSite `myKey` via Error Echo in `cloneClient.json.php` Enables Cross-Site DB Dump of the Configured Clone Server

WWBN AVideo is an open source video platform. In versions up to and including 29.0, plugin/CloneSite/cloneClient.json.php echoes the local CloneSite shared secret $objClone-myKey, a constant md5$global'systemRootPath' . $global'salt' into the HTTP response body on every unauthenticated request. T...

7.5CVSS0.00255EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/11 3:15 a.m.63 views

CVE-2026-8268 Open5GS SMF OpenAPI_list_create denial of service

A vulnerability has been found in Open5GS up to 2.7.7. This issue affects the function OpenAPIlistcreate of the component SMF. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The project was informed ...

5.3CVSS0.00372EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/05/11 12:0 a.m.63 views

CVE-2026-31253

The flash-attention training framework thru commit e724e2588cbe754beb97cf7c011b5e7e34119e62 2025-13-04 contains an insecure deserialization vulnerability CWE-502 in its checkpoint loading mechanism. The loadcheckpoint function in checkpoint.py and the checkpoint loading code in eval.py use...

0.00218EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/10 12:12 p.m.63 views

CVE-2022-50943 Moodle LMS 4.0 Cross-Site Scripting via course search.php

Moodle LMS 4.0 contains a cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting payloads through the search parameter. Attackers can inject JavaScript code via the search field in course/search.php to execute arbitrary scripts in users'...

6.1CVSS0.00331EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/05/10 4:19 a.m.63 views

CVE-2026-6722 Use-After-Free in SOAP using Apache map

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the SOAP extension's object deduplication mechanism stores pointers to PHP objects in a global map without incrementing their reference counts. When an apache:Map node contains duplicate keys,...

9.5CVSS0.00739EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/10 3:51 a.m.63 views

CVE-2025-14179 SQL injection in pdo_firebird via NUL bytes in quoted strings

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the PDO Firebird driver improperly handles NUL bytes when preparing SQL queries. During token-by-token query construction, a string token containing a NUL byte is copied via strncat, which stops at...

8.9CVSS0.00298EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/09 12:43 a.m.63 views

CVE-2026-6665 PgBouncer buffer overflow in SCRAM

The SCRAM code in PgBouncer before 1.25.2 did not check the return value of strlcat correctly when building the contents of the SCRAM client-final-message. A malicious backend that sends a SCRAM server-final-message with a long nonce can trigger a stack overflow...

8.1CVSS0.00372EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/08 1:30 a.m.63 views

CVE-2026-8125 code-projects Simple Chat System sendMessage.php sql injection

A vulnerability was detected in code-projects Simple Chat System 1.0. This vulnerability affects unknown code of the file sendMessage.php. The manipulation of the argument type/length/business parameter validity results in sql injection. The attack may be launched remotely. The exploit is now...

6.5CVSS0.0025EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/07 6:30 p.m.63 views

CVE-2026-8084 OSGeo gdal HDF-EOS Grid File SWapi.c memmove out-of-bounds

A vulnerability was determined in OSGeo gdal up to 3.13.0dev-4. This vulnerability affects the function memmove of the file frmts/hdf4/hdf-eos/SWapi.c of the component HDF-EOS Grid File Handler. This manipulation causes out-of-bounds read. The attack is restricted to local execution. The exploit...

4.8CVSS0.00264EPSS
Exploits1References9
Cvelist
Cvelist
added 2026/05/06 11:28 a.m.63 views

CVE-2026-43247 media: chips-media: wave5: Fix SError of kernel panic when closed

In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix SError of kernel panic when closed SError of kernel panic rarely happened while testing fluster. The root cause was to enter suspend mode because timeout of autosuspend delay happened. 48.834439...

0.00121EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/06 11:28 a.m.63 views

CVE-2026-43219 net: cpsw_new: Fix potential unregister of netdev that has not been registered yet

In the Linux kernel, the following vulnerability has been resolved: net: cpswnew: Fix potential unregister of netdev that has not been registered yet If an error occurs during registernetdev for the first MAC in cpswregisterports, even though cpsw-slaves0.ndev is set to NULL, cpsw-slaves1.ndev...

0.00128EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/05/05 9:25 p.m.63 views

CVE-2026-40075 OpenMRS Core arbitrary file read via path traversal in ModuleResourcesServlet

OpenMRS Core is an open source electronic medical record system platform. In versions 2.7.8 and earlier and versions 2.8.0 through 2.8.5, the /openmrs/moduleResources/moduleid endpoint is vulnerable to a path traversal attack. The ModuleResourcesServlet constructs a filesystem path from...

8.2CVSS0.00558EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/05 7:37 p.m.63 views

CVE-2026-35397 jupyter-server path traversal allows access to sibling directories sharing root_dir name prefix

Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, a path traversal vulnerability in the REST API allows an authenticated user to escape the configured rootdir and access sibling directories whose names begin with the same prefix as the rootdir. For exampl...

7.6CVSS0.00583EPSS
Exploits2References1
Cvelist
Cvelist
added 2026/05/05 3:23 p.m.63 views

CVE-2026-43063 xfs: don't irele after failing to iget in xfs_attri_recover_work

In the Linux kernel, the following vulnerability has been resolved: xfs: don't irele after failing to iget in xfsattrirecoverwork xlogrecoveryiget never set @ip to a valid pointer if they return an error, so this irele will walk off a dangling pointer. Fix that...

7.8CVSS0.00126EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/05 2:41 p.m.63 views

CVE-2026-34002 Xorg: xwayland: x.org x server: information disclosure or denial of service via out-of-bounds read in xkb modifier map handling

A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB X Keyboard Extension modifier map handling. An attacker with access to the X11 server can exploit this by sending a malformed request, which causes the server to read beyond its intended memory...

6.1CVSS0.00489EPSS
Exploits0References26
Total number of security vulnerabilities5000