Lucene search
K
CvelistMost viewed

365151 matches found

cvelist
cvelist
added 2021/04/12 1:10 p.m.243 views

CVE-2021-23369 Remote Code Execution (RCE)

The package handlebars before 4.7.7 are vulnerable to Remote Code Execution RCE when selecting certain compiling options to compile templates coming from an untrusted source...

5.6CVSS9.9AI score0.07028EPSS
Exploits2References7
cvelist
cvelist
added 2024/03/12 3:9 p.m.241 views

CVE-2023-42789

A out-of-bounds write vulnerability in Fortinet FortiOS 7.4.0 through 7.4.1, FortiOS 7.2.0 through 7.2.5, FortiOS 7.0.0 through 7.0.12, FortiOS 6.4.0 through 6.4.14, FortiOS 6.2.0 through 6.2.15, FortiProxy 7.4.0, FortiProxy 7.2.0 through 7.2.6, FortiProxy 7.0.0 through 7.0.12, FortiProxy 2.0.0...

9.8CVSS9.9AI score0.03279EPSS
Exploits0References1
cvelist
cvelist
added 2026/04/21 12:0 a.m.240 views

CVE-2026-38834

Tenda W30E V2.0 V16.01.0.21 was found to contain a command injection vulnerability in the dopingaction function via the hostName parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

0.01327EPSS
Exploits1References1
cvelist
cvelist
added 2026/04/02 4:44 p.m.240 views

CVE-2026-35386

In OpenSSH before 10.3, command execution can occur via shell metacharacters in a username within a command line. This requires a scenario where the username on the command line is untrusted, and also requires a non-default configurations of % in sshconfig...

3.6CVSS0.00247EPSS
Exploits0References3
cvelist
cvelist
added 2024/11/28 9:47 a.m.240 views

CVE-2024-11082 Tumult Hype Animations <= 1.9.15 - Authenticated (Author+) Arbitrary File Upload via hypeanimations_panel Function

The Tumult Hype Animations plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the hypeanimationspanel function in all versions up to, and including, 1.9.15. This makes it possible for authenticated attackers, with Author-level access and above, to...

9.9CVSS0.01163EPSS
Exploits0References5
cvelist
cvelist
added 2024/09/03 3:58 p.m.239 views

CVE-2024-6119 Possible denial of service in X.509 name checks

Issue summary: Applications performing certificate name checks e.g., TLS clients checking server certificates may attempt to read an invalid memory address resulting in abnormal termination of the application process. Impact summary: Abnormal termination of an application can a cause a denial of...

0.66594EPSS
Exploits0References5
cvelist
cvelist
added 2023/07/11 4:16 p.m.239 views

CVE-2023-36824 Heap overflow in COMMAND GETKEYS and ACL evaluation in Redis

Redis is an in-memory database that persists on disk. In Redit 7.0 prior to 7.0.12, extracting key names from a command and a list of arguments may, in some cases, trigger a heap overflow and result in reading random heap memory, heap corruption and potentially remote code execution. Several...

7.4CVSS9.3AI score0.77422EPSS
Exploits0References5
cvelist
cvelist
added 2023/02/15 12:0 a.m.239 views

CVE-2023-24580

An issue was discovered in the Multipart Request Parser in Django 3.2 before 3.2.18, 4.0 before 4.0.10, and 4.1 before 4.1.7. Passing certain inputs e.g., an excessive number of parts to multipart forms could result in too many open files or memory exhaustion, and provided a potential vector for ...

7.7AI score0.62575EPSS
Exploits0References11
cvelist
cvelist
added 2025/07/09 12:41 p.m.238 views

CVE-2025-6514 OS command injection in mcp-remote when connecting to untrusted MCP servers

mcp-remote is exposed to OS command injection when connecting to untrusted MCP servers due to crafted input from the authorizationendpoint response URL...

9.6CVSS0.76637EPSS
Exploits0References3
cvelist
cvelist
added 2024/10/23 3:36 p.m.238 views

CVE-2024-49668 WordPress Verbalize WP plugin <= 1.0 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in christopherdewese1099 Verbalize WP verbalize-wp allows Upload a Web Shell to a Web Server.This issue affects Verbalize WP: from n/a through = 1.0...

10CVSS0.01457EPSS
Exploits0References1
cvelist
cvelist
added 2023/03/01 3:36 p.m.238 views

CVE-2023-0594

Grafana is an open-source platform for monitoring and observability. Starting with the 7.0 branch, Grafana had a stored XSS vulnerability in the trace view visualization. The stored XSS vulnerability was possible due the value of a span's attributes/resources were not properly sanitized and this...

7.3CVSS7.2AI score0.09216EPSS
Exploits0References1
cvelist
cvelist
added 2021/06/10 7:10 a.m.238 views

CVE-2021-26690 mod_session NULL pointer dereference

Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Cookie header handled by modsession can cause a NULL pointer dereference and crash, leading to a possible Denial Of Service...

8.7AI score0.65067EPSS
Exploits0References12
cvelist
cvelist
added 2024/10/05 3:16 p.m.237 views

CVE-2024-47374 WordPress LiteSpeed Cache plugin <= 6.5.0.2 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Stored XSS.This issue affects LiteSpeed Cache: from n/a through = 6.5.0.2...

7.1CVSS0.0138EPSS
Exploits0References1
cvelist
cvelist
added 2023/07/19 12:53 a.m.237 views

CVE-2023-3765 Absolute Path Traversal in mlflow/mlflow

Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.5.0...

10CVSS9.7AI score0.70736EPSS
Exploits1References2
cvelist
cvelist
added 2022/11/23 12:0 a.m.237 views

CVE-2022-41924 Tailscale Windows daemon is vulnerable to RCE via CSRF

A vulnerability identified in the Tailscale Windows client allows a malicious website to reconfigure the Tailscale daemon tailscaled, which can then be used to remotely execute code. In the Tailscale Windows client, the local API was bound to a local TCP socket, and communicated with the Windows...

9.6CVSS9.3AI score0.01555EPSS
Exploits1References3
cvelist
cvelist
added 2021/09/16 2:40 p.m.237 views

CVE-2021-34798 NULL pointer dereference in httpd core

Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier...

8.8AI score0.64509EPSS
Exploits0References17
cvelist
cvelist
added 2022/03/15 1:0 a.m.236 views

CVE-2022-0944 Template injection in connection test endpoint leads to RCE in sqlpad/sqlpad

Template injection in connection test endpoint leads to RCE in GitHub repository sqlpad/sqlpad prior to 6.10.1...

9.1CVSS7.4AI score0.08669EPSS
Exploits12References2
cvelist
cvelist
added 2026/01/07 9:21 a.m.235 views

CVE-2025-13801 Yoco Payments <= 3.9.0 - Unauthenticated Arbitrary File Read

The Yoco Payments plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 3.9.0 via the file parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information...

7.5CVSS0.01709EPSS
Exploits0References4
cvelist
cvelist
added 2025/03/25 6:48 p.m.234 views

CVE-2025-30567 WordPress WP01 plugin <= 2.6.2 - Arbitrary File Download Vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in WP01 WP01 wp01 allows Path Traversal.This issue affects WP01: from n/a through = 2.6.2...

7.5CVSS0.02628EPSS
Exploits0References1
cvelist
cvelist
added 2024/12/03 12:0 a.m.234 views

CVE-2024-29404

An issue in Razer Synapse 3 v.3.9.131.20813 and Synapse 3 App v.20240213 allows a local attacker to execute arbitrary code via the export parameter of the Chroma Effects function in the Profiles component...

0.00467EPSS
Exploits0References3
cvelist
cvelist
added 2024/07/22 9:4 a.m.234 views

CVE-2024-37259 WordPress WP Extended plugin <= 2.4.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Extended The Ultimate WordPress Toolkit – WP Extended wpextended.This issue affects The Ultimate WordPress Toolkit – WP Extended: from n/a through = 2.4.7...

7.1CVSS0.0063EPSS
Exploits0References1
cvelist
cvelist
added 2024/10/30 7:56 a.m.233 views

CVE-2024-50508 WordPress Woocommerce Product Design plugin <= 1.0.0 - Arbitrary File Download vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Chetan Khandla Woocommerce Product Design woo-product-design allows Path Traversal.This issue affects Woocommerce Product Design: from n/a through = 1.0.0...

7.5CVSS0.0102EPSS
Exploits0References1
cvelist
cvelist
added 2023/03/01 3:35 p.m.232 views

CVE-2023-0507

Grafana is an open-source platform for monitoring and observability. Starting with the 8.1 branch, Grafana had a stored XSS vulnerability affecting the core plugin GeoMap. The stored XSS vulnerability was possible due to map attributions weren't properly sanitized and allowed arbitrary JavaScript...

7.3CVSS7.2AI score0.1546EPSS
Exploits0References2
cvelist
cvelist
added 2024/10/30 7:54 a.m.231 views

CVE-2024-50510 WordPress AR For Woocommerce plugin <= 6.3 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in webandprint AR For Woocommerce ar-for-woocommerce allows Upload a Web Shell to a Web Server.This issue affects AR For Woocommerce: from n/a through = 6.3...

10CVSS0.00991EPSS
Exploits0References1
cvelist
cvelist
added 2024/10/30 7:45 a.m.231 views

CVE-2024-50507 WordPress DS.DownloadList plugin <= 1.3 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Daschmi DS.DownloadList dsdownloadlist allows Object Injection.This issue affects DS.DownloadList: from n/a through = 1.3...

9.8CVSS0.01016EPSS
Exploits0References1
cvelist
cvelist
added 2023/08/04 12:0 a.m.231 views

CVE-2023-39143

PaperCut NG and PaperCut MF before 22.1.3 on Windows allow path traversal, enabling attackers to upload, read, or delete arbitrary files. This leads to remote code execution when external device integration is enabled a very common configuration...

10AI score0.78696EPSS
Exploits1References2
cvelist
cvelist
added 2025/01/07 10:49 a.m.229 views

CVE-2024-56278 WordPress WP Ultimate Exporter plugin <= 2.9.1 - Remote Code Execution (RCE) vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Smackcoders Inc., WP Ultimate Exporter wp-ultimate-exporter allows PHP Remote File Inclusion.This issue affects WP Ultimate Exporter: from n/a through = 2.9.1...

9.1CVSS0.0188EPSS
Exploits0References1
cvelist
cvelist
added 2024/11/28 10:34 a.m.229 views

CVE-2024-52475 WordPress Wawp plugin < 3.0.18 - Account Takeover vulnerability

Authentication Bypass Using an Alternate Path or Channel vulnerability in Information Technology Wawp automation-web-platform allows Authentication Bypass.This issue affects Wawp: from n/a through 3.0.18...

9.8CVSS0.01825EPSS
Exploits0References1
cvelist
cvelist
added 2023/06/14 12:0 a.m.228 views

CVE-2023-34753

bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the tid parameter at admin/index.php?mode=settings&page=tmpl&action=edit...

10AI score0.04228EPSS
Exploits1References1
cvelist
cvelist
added 2023/02/14 12:0 a.m.228 views

CVE-2023-25725

HAProxy before 2.7.3 may allow a bypass of access control because HTTP/1 headers are inadvertently lost in some situations, aka "request smuggling." The HTTP header parsers in HAProxy may accept empty header field names, which could be used to truncate the list of HTTP headers and thus make some...

9.3AI score0.05493EPSS
Exploits0References6
cvelist
cvelist
added 2022/09/23 12:0 a.m.228 views

CVE-2022-35951 Redis subject to Integer Overflow leading to Remote Code Execution via Heap Overflow

Redis is an in-memory database that persists on disk. Versions 7.0.0 and above, prior to 7.0.5 are vulnerable to an Integer Overflow. Executing an XAUTOCLAIM command on a stream key in a specific state, with a specially crafted COUNT argument may cause an integer overflow, a subsequent heap...

7CVSS9.9AI score0.02904EPSS
Exploits0References4
cvelist
cvelist
added 2026/04/02 4:30 p.m.227 views

CVE-2026-35385

In OpenSSH before 10.3, a file downloaded by scp may be installed setuid or setgid, an outcome contrary to some users' expectations, if the download is performed as root with -O legacy scp protocol and without -p preserve mode...

7.5CVSS0.00419EPSS
Exploits0References3
cvelist
cvelist
added 2026/02/18 6:0 a.m.227 views

CVE-2026-1368 Video Conferencing with Zoom API < 4.6.6 - Unauthenticated SDK Signature Generation

The Video Conferencing with Zoom WordPress plugin before 4.6.6 contains an AJAX handler that has its nonce verification commented out, allowing unauthenticated attackers to generate valid Zoom SDK signatures for any meeting ID and retrieve the site's Zoom SDK key...

0.01211EPSS
Exploits0References1
cvelist
cvelist
added 2024/07/01 6:14 p.m.227 views

CVE-2024-38473 Apache HTTP Server proxy encoding problem

Encoding problem in modproxy in Apache HTTP Server 2.4.59 and earlier allows request URLs with incorrect encoding to be sent to backend services, potentially bypassing authentication via crafted requests. Users are recommended to upgrade to version 2.4.60, which fixes this issue...

0.25878EPSS
Exploits1References2
cvelist
cvelist
added 2024/06/29 4:33 a.m.227 views

CVE-2024-6265 UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WordPress <= 1.2.10 - Unauthenticated SQL Injection via 'uwp_sort_by'

The UsersWP – Front-end login form, User Registration, User Profile & Members Directory plugin for WordPress plugin for WordPress is vulnerable to time-based SQL Injection via the ‘uwpsortby’ parameter in all versions up to, and including, 1.2.10 due to insufficient escaping on the user supplied...

9.8CVSS0.024EPSS
Exploits0References3
cvelist
cvelist
added 2024/01/26 1:2 a.m.227 views

CVE-2024-0402 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in GitLab

An issue has been discovered in GitLab CE/EE affecting all versions from 16.0 prior to 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1 which allows an authenticated user to write files to arbitrary locations on the GitLab server while creating a workspace...

9.9CVSS9.4AI score0.03302EPSS
Exploits0References2
cvelist
cvelist
added 2023/03/22 12:0 a.m.227 views

CVE-2023-0386

A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a local user to escalat...

7.8AI score0.0788EPSS
Exploits14References6
cvelist
cvelist
added 2022/09/28 1:34 p.m.227 views

CVE-2022-40083

Labstack Echo v4.8.0 was discovered to contain an open redirect vulnerability via the Static Handler component. This vulnerability can be leveraged by attackers to cause a Server-Side Request Forgery SSRF...

9.5AI score0.02333EPSS
Exploits1References1
cvelist
cvelist
added 2025/07/08 9:25 p.m.226 views

CVE-2025-27203 Adobe Connect | Deserialization of Untrusted Data (CWE-502)

Adobe Connect versions 24.0 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could lead to arbitrary code execution by an attacker. Exploitation of this issue does require user interaction and scope is changed...

9.6CVSS0.00989EPSS
Exploits0References1
cvelist
cvelist
added 2023/06/14 12:0 a.m.226 views

CVE-2023-34752

bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the lid parameter at admin/index.php?mode=settings&page=lang&action=edit...

10AI score0.04383EPSS
Exploits1References2
cvelist
cvelist
added 2023/04/10 12:0 a.m.226 views

CVE-2023-28206

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6.5, iOS 16.4.1 and iPadOS 16.4.1, macOS Ventura 13.3.1, iOS 15.7.5 and iPadOS 15.7.5, macOS Big Sur 11.7.6. An app may be able to execute arbitrary code with kernel privileges. App...

8.1AI score0.24513EPSS
Exploits0References5
cvelist
cvelist
added 2024/07/22 9:3 a.m.225 views

CVE-2024-37261 WordPress WP-Lister Lite for Amazon plugin <= 2.6.16 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Lab WP-Lister Lite for Amazon wp-lister-for-amazon.This issue affects WP-Lister Lite for Amazon: from n/a through = 2.6.16...

7.1CVSS0.0063EPSS
Exploits0References1
cvelist
cvelist
added 2024/01/28 12:0 a.m.225 views

CVE-2024-23738

An issue in Postman version 10.22 and before on macOS allows a remote attacker to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings. NOTE: the vendor states "we dispute the report's accuracy ... the configuration does not enable remote code execution.."...

9.8AI score0.01457EPSS
Exploits1References2
cvelist
cvelist
added 2023/06/14 12:0 a.m.225 views

CVE-2023-34755

bloofox v0.5.2.1 was discovered to contain a SQL injection vulnerability via the userid parameter at admin/index.php?mode=user&action=edit...

10AI score0.04228EPSS
Exploits1References1
cvelist
cvelist
added 2022/11/17 12:0 a.m.226 views

CVE-2022-23748

mDNSResponder.exe is vulnerable to DLL Sideloading attack. Executable improperly specifies how to load the DLL, from which folder and under what conditions. In these scenarios, a malicious attacker could be using the valid and legitimate executable to load malicious files...

7.8AI score0.09092EPSS
Exploits0References2
cvelist
cvelist
added 2024/01/28 12:0 a.m.224 views

CVE-2024-23741

An issue in Hyper on macOS version 3.4.1 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings...

9.8AI score0.01574EPSS
Exploits0References2
cvelist
cvelist
added 2023/08/19 5:35 a.m.224 views

CVE-2023-2317 Typora DOM-Based Cross-site Scripting leading to Remote Code Execution

DOM-based XSS in updater/update.html in Typora before 1.6.7 on Windows and Linux allows a crafted markdown file to run arbitrary JavaScript code in the context of Typora main window via loading typora://app/typemark/updater/update.html in tag. This vulnerability can be exploited if a user opens a...

8.6CVSS8.8AI score0.02161EPSS
Exploits1References2
cvelist
cvelist
added 2024/01/28 12:0 a.m.223 views

CVE-2024-23739

An issue in Discord for macOS version 0.0.291 and before, allows remote attackers to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments settings...

9.8AI score0.01808EPSS
Exploits1References2
cvelist
cvelist
added 2023/06/20 2:45 p.m.223 views

CVE-2023-2533 PaperCut MF/NG 22.0.10 (Build 65996 2023-03-27) - Remote code execution via CSRF

A Cross-Site Request Forgery CSRF vulnerability has been identified in PaperCut NG/MF, which, under specific conditions, could potentially enable an attacker to alter security settings or execute arbitrary code. This could be exploited if the target is an admin with a current login session...

8.4CVSS9.1AI score0.29246EPSS
Exploits1References2
cvelist
cvelist
added 2023/05/03 10:50 a.m.223 views

CVE-2022-30995

Sensitive information disclosure due to improper authentication. The following products are affected: Acronis Cyber Protect 15 Windows, Linux before build 29486, Acronis Cyber Backup 12.5 Windows, Linux before build 16545...

9.3CVSS7.5AI score0.03265EPSS
Exploits1References1
Total number of security vulnerabilities5000