Lucene search
K
CvelistMost viewed

366526 matches found

Cvelist
Cvelist
added 2026/05/13 5:31 p.m.61 views

CVE-2026-44004 vm2: Host Process OOM DoS via Buffer.alloc (Timeout Bypass)

vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, sandboxed code can call Buffer.alloc with an arbitrary size to allocate memory directly on the host heap. Because Buffer.alloc is a synchronous C++ native call, vm2's timeout option cannot interrupt it. A single request can exhaust ho...

7.5CVSS0.00424EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/13 5:29 p.m.61 views

CVE-2026-44002 vm2: Host File Path Disclosure via Stack Trace Information Leak

vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.0, vm2's CallSite wrapper class intended as a safe wrapper for V8's native CallSite blocks getThis and getFunction to prevent host object leakage, but allows getFileName to return unsanitized host absolute paths. Any sandboxed code can...

5.8CVSS0.00241EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/13 2:37 p.m.61 views

CVE-2026-44288 protobufjs: Overlong UTF-8 decoding

protobufjs compiles protobuf definitions into JavaScript JS functions. Prior to 7.5.6 and 8.0.2, protobufjs includes a minimal UTF-8 decoder that accepted overlong UTF-8 byte sequences and decoded them to their canonical characters instead of replacing them. An attacker who can provide protobuf...

5.3CVSS0.00301EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/13 8:37 a.m.61 views

CVE-2026-41051 csync2 uses insecure temporary directories when compiled with C99 or later

csync2 uses insecure temporary directories when compiled with C99 or later, allowing for TOCTOU style attacks on the temporary directories...

5.1CVSS0.00075EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/13 4:26 a.m.61 views

CVE-2026-6828 Fluent Forms <= 6.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'permission_message' Shortcode Attribute

The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'permissionmessage' parameter in all versions up to, and including, 6.2.1 due to insufficient input sanitization and output escaping...

6.4CVSS0.00201EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/05/12 9:28 p.m.61 views

CVE-2026-44305 Lemur: LDAP TLS certificate verification globally disabled enables credential interception

Lemur manages TLS certificate creation. Prior to 1.9.0, when LDAP TLS is enabled LDAPUSETLS = True, Lemur's LDAP authentication module unconditionally disables TLS certificate verification at the global ldap module level. This allows a man-in-the-middle attacker positioned between Lemur and the...

6.8CVSS0.00094EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 6:1 p.m.61 views

CVE-2026-42348 OpAMP client reads unbounded HTTP response bodies

OpenTelemetry.OpAmp.Client is the OpAMP client for OpenTelemetry .NET. Prior to 0.2.0-alpha.1, when receiving responses from the OpAMP server over HTTP, the OpAMP client allocates an unbounded buffer to read all bytes from the server, with no upper-bound on the number of bytes consumed. This coul...

5.9CVSS0.00311EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/12 1:20 p.m.61 views

CVE-2026-45091 sealed-env: TOTP secret embedded in unseal token payload (enterprise mode)

sealed-env is a cross-stack, zero-trust secret management library for Node.js and Java/Spring Boot. In sealed-env enterprise mode, versions 0.1.0-alpha.1 through 0.1.0-alpha.3 embedded the operator's literal TOTP secret in the JWS payload of every minted unseal token. JWS payload is base64-encode...

9.1CVSS0.00326EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/12 12:36 p.m.61 views

CVE-2026-8391 Other issue in the JavaScript Engine component

Other issue in the JavaScript Engine component. This vulnerability was fixed in Firefox 150.0.3, Firefox ESR 115.36, Firefox ESR 140.11, and Thunderbird 140.11...

0.00298EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/11 1:45 a.m.61 views

CVE-2026-8262 Devs Palace ERP Online chart-save cross site scripting

A vulnerability was identified in Devs Palace ERP Online up to 4.0.0. This impacts an unknown function of the file /accounts/chart-save. Such manipulation leads to cross site scripting. The attack may be performed from remote. The exploit is publicly available and might be used. The vendor was...

4.8CVSS0.00202EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/10 12:12 p.m.61 views

CVE-2022-50961 WordPress Plugin IP2Location Country Blocker 2.26.7 Stored XSS

WordPress Plugin IP2Location Country Blocker 2.26.7 contains a stored cross-site scripting vulnerability that allows authenticated users to inject arbitrary JavaScript code through the Frontend Settings interface. Attackers can inject malicious scripts in the URL field of the Display page setting...

6.4CVSS0.00191EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/10 5:30 a.m.61 views

CVE-2026-8233 Dotouch XproUPF access control

A vulnerability was determined in Dotouch XproUPF 2.0.0-release-088aa7c4. Affected is an unknown function of the component UPF. This manipulation causes improper access controls. A high degree of complexity is needed for the attack. The exploitability is told to be difficult. The vendor was...

4.6CVSS0.00139EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/10 4:30 a.m.61 views

CVE-2026-8230 Wavlink NU516U1 login.cgi sys_login1 os command injection

A flaw has been found in Wavlink NU516U1 240425. The impacted element is the function syslogin1 of the file /cgi-bin/login.cgi. Executing a manipulation of the argument ipaddr can lead to os command injection. The attack can be executed remotely. The exploit has been published and may be used. Th...

6.5CVSS0.04944EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/05/09 8:15 p.m.61 views

CVE-2026-8196 JeecgBoot mLogin Endpoint LoginController.java authorization

A flaw has been found in JeecgBoot 3.9.1. The impacted element is an unknown function of the file jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/LoginController.java of the component mLogin Endpoint. This manipulation causes authorization bypass. The attack...

6.3CVSS0.00463EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/08 3:42 p.m.61 views

CVE-2026-42793 Atom table exhaustion via attacker-controlled GraphQL SDL names in absinthe

Allocation of Resources Without Limits or Throttling vulnerability in absinthe-graphql absinthe allows unauthenticated denial of service via atom table exhaustion when parsing attacker-controlled GraphQL SDL. Multiple Blueprint.Draft.convert/2 implementations in Absinthe's SDL language modules ca...

8.2CVSS0.00613EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/05/08 2:22 p.m.61 views

CVE-2026-43437 ALSA: pcm: fix use-after-free on linked stream runtime in snd_pcm_drain()

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: fix use-after-free on linked stream runtime in sndpcmdrain In the drain loop, the local variable 'runtime' is reassigned to a linked stream's runtime runtime = s-runtime at line 2157. After releasing the stream lock at...

7.8CVSS0.00126EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/05/08 9:26 a.m.61 views

CVE-2026-7650 E2Pdf – Export Pdf Tool for WordPress <= 1.32.17 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'id' Shortcode Attribute

The E2Pdf – Export Pdf Tool for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' attribute of the e2pdf-download shortcode in all versions up to, and including, 1.32.17. This is due to insufficient input sanitization and output escaping on the shortcode...

6.4CVSS0.00244EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/05/07 10:31 a.m.61 views

CVE-2026-33589 Arbitrary File Read via Local File Inclusion (LFI)

Lack of user input validation in the file upload functionality of Open Notebook v1.8.3 allows the application user to access local files content from the docker container via path traversal...

8.2CVSS0.0018EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/06 11:28 a.m.61 views

CVE-2026-43276 net: mana: Fix double destroy_workqueue on service rescan PCI path

In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix double destroyworkqueue on service rescan PCI path While testing corner cases in the driver, a use-after-free crash was found on the service rescan PCI path. When manaservreset calls managdsuspend, managdcleanup...

0.00118EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/06 7:40 a.m.61 views

CVE-2026-43096 mshv: Fix infinite fault loop on permission-denied GPA intercepts

In the Linux kernel, the following vulnerability has been resolved: mshv: Fix infinite fault loop on permission-denied GPA intercepts Prevent infinite fault loops when guests access memory regions without proper permissions. Currently, mshvhandlegpaintercept attempts to remap pages for all faults...

0.00107EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/05 7:13 p.m.61 views

CVE-2026-33489 CoreDNS transfer plugin subzone ACL bypass via lexicographic zone comparison

CoreDNS is a DNS server that chains plugins. In versions prior to 1.14.3, the transfer plugin can select the wrong ACL stanza when both a parent zone and a more-specific subzone are configured. The longestMatch function in plugin/transfer/transfer.go uses a lexicographic string comparison instead...

8.2CVSS0.00388EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/05/05 3:29 p.m.61 views

CVE-2026-43071 dcache: Limit the minimal number of bucket to two

In the Linux kernel, the following vulnerability has been resolved: dcache: Limit the minimal number of bucket to two There is an OOB read problem on dentryhashtable when user sets 'dhashentries=1': BUG: unable to handle page fault for address: ffff888b30b774b0 PF: supervisor read access in kerne...

9.1CVSS0.0039EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/05/05 2:41 p.m.61 views

CVE-2026-34000 Xwayland: xorg: x.org x server: information disclosure and denial of service via out-of-bounds read in xkb geometry processing.

A flaw was found in the X.Org X server. This out-of-bounds read vulnerability in the XKB geometry processing, specifically within the CheckSetGeom and XkbAddGeomKeyAlias functions, allows an attacker to read uninitialized or out-of-bounds memory. An attacker with a connection to the X11 server,...

6.1CVSS0.00489EPSS
Exploits0References27
Cvelist
Cvelist
added 2026/05/05 11:25 a.m.61 views

CVE-2026-6261 Betheme <= 28.4 - Authenticated (Author+) Arbitrary File Upload to Remote Code Execution via Icon Pack Upload

The Betheme theme for WordPress is vulnerable to Arbitrary File Upload in versions up to, and including, 28.4. This is due to the uploadicons function workflow moving and unzipping user-controlled ZIP files into a public uploads directory without validating extracted file types. This makes it...

8.8CVSS0.00612EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/05 12:0 a.m.61 views

CVE-2026-31196

OS command injection vulnerability in the traceroute diagnostic handler in /bin/httpdclientside in ALTICE LABS / SFR France GR140DG Fibre Router with firmware 3GN8020801R13, 3GN8020802R0A, or 3GN8020803R0A inserts unsanitized user input into a system call, allowing authenticated remote attackers ...

0.01275EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/04 7:31 p.m.61 views

CVE-2026-6321 fast-uri vulnerable to path traversal via percent-encoded dot segments

fast-uri decoded percent-encoded path separators and dot segments before applying dot-segment removal in its normalize and equal functions. Encoded path data was treated like real slashes and parent-directory references, so distinct URIs could collapse onto the same normalized path. Applications...

7.5CVSS0.00521EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/24 5:20 p.m.61 views

CVE-2026-41898 rust-openssl: Unchecked callback-returned length in PSK and cookie generate trampolines can cause OpenSSL to leak adjacent memory to the network peer

rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.24 to before 0.10.78, the FFI trampolines behind SslContextBuilder::setpskclientcallback, setpskservercallback, setcookiegeneratecb, and setstatelesscookiegeneratecb forwarded the user closure's returned usize...

8.3CVSS0.00412EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/21 6:30 a.m.61 views

CVE-2026-31370 Information Leak Vulnerability in Honor E

Honor E APP is affected by information leak vulnerability, successful exploitation of this vulnerability may affect service confidentiality...

6.3CVSS0.00192EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/10 7:23 p.m.61 views

CVE-2026-40175 Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain

Axios is a promise based HTTP client for the browser and Node.js. Versions prior to 1.15.0 and 0.3.1 are vulnerable to a specific gadget-style attack chain in which prototype pollution in a third-party dependency may be leveraged to inject unsanitized header values into outbound requests. This...

4.8CVSS0.01815EPSS
Exploits5References7
Cvelist
Cvelist
added 2026/03/17 11:14 a.m.61 views

CVE-2026-4271 Libsoup: libsoup: denial of service via use-after-free in http/2 server

A flaw was found in libsoup, a library for handling HTTP requests. This vulnerability, known as a Use-After-Free, occurs in the HTTP/2 server implementation. A remote attacker can exploit this by sending specially crafted HTTP/2 requests that cause authentication failures. This can lead to the...

5.3CVSS0.00829EPSS
Exploits1References6
Cvelist
Cvelist
added 2026/03/15 11:2 p.m.61 views

CVE-2026-4193 D-Link DIR-823G goahead UpdateClientInfo access control

A security vulnerability has been detected in D-Link DIR-823G 1.0.2B05. The affected element is the function...

7.5CVSS0.0077EPSS
Exploits1References11
Cvelist
Cvelist
added 2026/02/13 11:58 a.m.61 views

CVE-2026-2443 Libsoup: out-of-bounds read in libsoup handle_partial_get() leading to heap information disclosure

A flaw was identified in libsoup, a widely used HTTP library in GNOME-based systems. When processing specially crafted HTTP Range headers, the library may improperly validate requested byte ranges. In certain build configurations, this could allow a remote attacker to access portions of server...

5.3CVSS0.0043EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/11 7:11 a.m.61 views

CVE-2025-14512 Glib: integer overflow in glib gio attribute escaping causes heap buffer overflow

A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service DoS via an integer overflow in GLib's GIO GLib Input/Output escapebytestring function when processing malicious file or remote filesystem attribute values...

6.5CVSS0.00524EPSS
Exploits0References21
Cvelist
Cvelist
added 2025/09/02 11:14 a.m.61 views

CVE-2025-5662 Deserialization Vulnerability in h2oai/h2o-3

A deserialization vulnerability exists in the H2O-3 REST API POST /99/ImportSQLTable that affects all versions up to 3.46.0.7. This vulnerability allows remote code execution RCE due to improper validation of JDBC connection parameters when using a Key-Value format. The vulnerability is present i...

9.8CVSS0.0064EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/03 4:0 p.m.61 views

CVE-2025-5508 TOTOLINK A3002RU IP Port Filtering Page cross site scripting

A vulnerability was found in TOTOLINK A3002RU 2.1.1-B20230720.1011. It has been rated as problematic. Affected by this issue is some unknown functionality of the component IP Port Filtering Page. The manipulation of the argument Comment leads to cross site scripting. The attack may be launched...

4.8CVSS0.00334EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/05/07 2:53 p.m.61 views

CVE-2025-2777 SysAid On-Prem <= 23.3.40 lshw Proceessing XML External Entity Injection

SysAid On-Prem versions = 23.3.40 are vulnerable to an unauthenticated XML External Entity XXE vulnerability in the lshw processing functionality, allowing for administrator account takeover and file read primitives...

9.3CVSS0.79475EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/03/24 3:39 p.m.61 views

CVE-2023-25610

A buffer underwrite 'buffer underflow' vulnerability in the administrative interface of Fortinet FortiOS version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.6, version 6.4.0 through 6.4.11 and version 6.2.12 and below, FortiProxy version 7.2.0 through 7.2.2, version 7.0.0 through 7.0.8, versio...

9.8CVSS0.17797EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/03/19 4:3 p.m.61 views

CVE-2025-30153 Improper Handling of Highly Compressed Data (Data Amplification) in github.com/getkin/kin-openapi/openapi3filter

kin-openapi is a Go project for handling OpenAPI files. Prior to 0.131.0, when validating a request with a multipart/form-data schema, if the OpenAPI schema allows it, an attacker can upload a crafted ZIP file e.g., a ZIP bomb, causing the server to consume all available system memory. The root...

7.5CVSS0.00497EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/03/06 4:29 p.m.61 views

CVE-2025-0337 Authorization bypass in Now Platform

ServiceNow has addressed an authorization bypass vulnerability that was identified in the Washington release of the Now Platform. This vulnerability, if exploited, potentially could enable an authenticated user to access unauthorized data stored within the Now Platform that the user otherwise wou...

7.1CVSS0.0036EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/05 12:0 a.m.61 views

CVE-2025-27663

Vasion Print formerly PrinterLogic before Virtual Appliance Host 22.0.843 Application 20.0.1923 allows Weak Password Encryption / Encoding OVE-20230524-0007...

0.00353EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/28 9:0 p.m.61 views

CVE-2025-27410 PwnDoc Arbitrary File Write to RCE using Path Traversal in backup restore as admin

PwnDoc is a penetration test reporting application. Prior to version 1.2.0, the backup restore functionality is vulnerable to path traversal in the TAR entry's name, allowing an attacker to overwrite any file on the system with their content. By overwriting an included .js file and restarting the...

6.5CVSS0.01934EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/01/29 8:25 p.m.61 views

CVE-2025-24794 The Snowflake Connector for Python uses insecure deserialization of the OCSP response cache

The Snowflake Connector for Python provides an interface for developing Python applications that can connect to Snowflake and perform all standard operations. Snowflake discovered and remediated a vulnerability in the Snowflake Connector for Python. The OCSP response cache uses pickle as the...

6.7CVSS0.00246EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/01/13 9:42 p.m.61 views

CVE-2024-51491 Process crash during CRL-based revocation check on OS using separate mount point for temp Directory in notation-go

notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. The issue was identified during Quarkslab's security audit on the Certificate Revocation List CRL based revocation check feature. After retrieving the CRL, notation-go...

3.3CVSS0.00192EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/01/05 4:0 p.m.61 views

CVE-2025-0223 IObit Protected Folder IOCTL IURegistryFilter.sys 0x8001E010 null pointer dereference

A vulnerability was found in IObit Protected Folder up to 13.6.0.5. It has been classified as problematic. Affected is the function 0x8001E000/0x8001E00C/0x8001E004/0x8001E010 in the library IURegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference...

6.8CVSS0.00349EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/12/31 3:18 p.m.61 views

CVE-2024-56198 path-sanitizer allows bypassing the existing filters to achieve path-traversal vulnerability

path-sanitizer is a simple lightweight npm package for sanitizing paths to prevent Path Traversal. Prior to 3.1.0, the filters can be bypassed using .=%5c which results in a path traversal. This vulnerability is fixed in 3.1.0...

9.3CVSS0.00733EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/12/10 5:49 p.m.61 views

CVE-2024-49128 Windows Remote Desktop Services Remote Code Execution Vulnerability

...

8.1CVSS0.01154EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/09 11:30 a.m.61 views

CVE-2023-47871 WordPress Contact Form to Any API plugin <= 1.1.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in IT Path Solutions Contact Form to Any API allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Contact Form to Any API: from n/a through 1.1.6...

4.3CVSS0.00465EPSS
Exploits2References1
Cvelist
Cvelist
added 2024/12/02 1:49 p.m.61 views

CVE-2024-52453 WordPress Library Bookshelves plugin <= 5.8 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in photonicgnostic Library Bookshelves library-bookshelves allows Reflected XSS.This issue affects Library Bookshelves: from n/a through = 5.8...

7.1CVSS0.00339EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/06 8:51 p.m.61 views

CVE-2024-51736 Command execution hijack on Windows with Process class in symfony/process

Symphony process is a module for the Symphony PHP framework which executes commands in sub-processes. On Windows, when an executable file named cmd.exe is located in the current working directory it will be called by the Process class when preparing command arguments, leading to possible hijackin...

0.0043EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/23 1:23 p.m.61 views

CVE-2024-5466 Remote Code Execution

Zohocorp ManageEngine OpManager and Remote Monitoring and Management versions 128329 and below are vulnerable to the authenticated remote code execution in the deploy agent option...

8.8CVSS0.06967EPSS
Exploits0References1
Total number of security vulnerabilities5000