Lucene search
K
CvelistMost viewed

366251 matches found

Cvelist
Cvelist
added 2025/07/16 4:16 p.m.60 views

CVE-2025-20288 Cisco Unified Intelligence Center Server-Side Request Forgery Vulnerability

A vulnerability in the web-based management interface of Cisco Unified Intelligence Center could allow an unauthenticated, remote attacker to conduct a server-side request forgery SSRF attack through an affected device. This vulnerability is due to improper input validation for specific HTTP...

5.8CVSS0.00323EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/27 7:57 p.m.60 views

CVE-2025-53094 ESPAsyncWebServer Vulnerable to CRLF Injection in AsyncWebHeader.cpp

ESPAsyncWebServer is an asynchronous HTTP and WebSocket server library for ESP32, ESP8266, RP2040 and RP2350. In versions up to and including 3.7.8, a CRLF Carriage Return Line Feed injection vulnerability exists in the construction and output of HTTP headers within AsyncWebHeader.cpp. Unsanitize...

8.7CVSS0.00363EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/06/12 7:42 p.m.60 views

CVE-2025-2745 AVEVA PI Web API Cross-site Scripting

A cross-site scripting vulnerability exists in AVEVA PI Web API version 2023 SP1 and prior that, if exploited, could allow an authenticated attacker with privileges to create/update annotations or upload media files to persist arbitrary JavaScript code that will be executed by users who were...

6.5CVSS0.00205EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/05 12:0 a.m.60 views

CVE-2025-5622 D-Link DIR-816 wirelessApcli_5g stack-based overflow

A vulnerability was found in D-Link DIR-816 1.10CNB05 and classified as critical. Affected by this issue is the function wirelessApcli5g of the file /goform/wirelessApcli5g. The manipulation of the argument apclimode5g/apclienc5g/apclidefaultkey5g leads to stack-based buffer overflow. The attack...

10CVSS0.02009EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/05/06 8:18 p.m.60 views

CVE-2025-46572 passport-wsfed-saml2 Has SAML Authentication Bypass via Signature Wrapping

passport-wsfed-saml2 provides passport strategy for both WS-fed and SAML2 protocol. A vulnerability present starting in version 3.0.5 up to and including version 4.6.3 allows an attacker to impersonate any user during SAML authentication by crafting a SAMLResponse. This can be done by using a val...

9.3CVSS0.00369EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/05/02 5:22 a.m.60 views

CVE-2025-3488 WPML Multilingual CMS 3.6.0 - 4.7.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via wpml_language_switcher Shortcode

The WPML plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's wpmllanguageswitcher shortcode in versions 3.6.0 - 4.7.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with...

6.4CVSS0.00247EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/04/15 7:22 p.m.60 views

CVE-2025-32445 Users can gain privileged access to the host system and cluster with EventSource and Sensor CR

Argo Events is an event-driven workflow automation framework for Kubernetes. A user with permission to create/modify EventSource and Sensor custom resources can gain privileged access to the host system and cluster, even without having direct administrative privileges. The EventSource and Sensor...

9.9CVSS0.00724EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/04/12 11:41 p.m.60 views

CVE-2025-2814 Crypt::CBC versions between 1.21 and 3.05 for Perl may use insecure rand() function for cryptographic functions

Crypt::CBC versions between 1.21 and 3.05 for Perl may use the rand function as the default source of entropy, which is not cryptographically secure, for cryptographic functions. This issue affects operating systems where "/dev/urandom'" is unavailable. In that case, Crypt::CBC will fallback to...

0.00189EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/03/24 6:18 p.m.60 views

CVE-2025-2749 Kentico Xperience <= 13.0.178 Staging Media File Upload Authenticated RCE

An authenticated remote code execution in Kentico Xperience allows authenticated users Staging Sync Server to upload arbitrary data to path relative locations. This results in path traversal and arbitrary file upload, including content that can be executed server side leading to remote code...

7.2CVSS0.03854EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/02/28 9:0 p.m.60 views

CVE-2025-27410 PwnDoc Arbitrary File Write to RCE using Path Traversal in backup restore as admin

PwnDoc is a penetration test reporting application. Prior to version 1.2.0, the backup restore functionality is vulnerable to path traversal in the TAR entry's name, allowing an attacker to overwrite any file on the system with their content. By overwriting an included .js file and restarting the...

6.5CVSS0.01934EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/02/14 7:24 p.m.60 views

CVE-2025-25296 Label Studio allows Cross-Site Scripting (XSS) via GET request to `/projects/upload-example` endpoint

Label Studio is an open source data labeling tool. Prior to version 1.16.0, Label Studio's /projects/upload-example endpoint allows injection of arbitrary HTML through a GET request with an appropriately crafted labelconfig query parameter. By crafting a specially formatted XML label config with...

6.1CVSS0.0185EPSS
Exploits2References2
Cvelist
Cvelist
added 2025/02/05 5:31 p.m.60 views

CVE-2025-20029 BIG-IP iControl REST and tmsh vulnerability

Command injection vulnerability exists in iControl REST and BIG-IP TMOS Shell tmsh save command, which may allow an authenticated attacker to execute arbitrary system commands. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

8.8CVSS0.0707EPSS
Exploits2References1
Cvelist
Cvelist
added 2025/01/21 5:36 p.m.60 views

CVE-2025-24019 YesWiki vulnerable to authenticated arbitrary file deletion

YesWiki is a wiki system written in PHP. In versions up to and including 4.4.5, it is possible for any authenticated user, through the use of the filemanager to delete any file owned by the user running the FastCGI Process Manager FPM on the host without any limitation on the filesystem's scope...

7.1CVSS0.00568EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/01/13 9:42 p.m.60 views

CVE-2024-51491 Process crash during CRL-based revocation check on OS using separate mount point for temp Directory in notation-go

notion-go is a collection of libraries for supporting sign and verify OCI artifacts. Based on Notary Project specifications. The issue was identified during Quarkslab's security audit on the Certificate Revocation List CRL based revocation check feature. After retrieving the CRL, notation-go...

3.3CVSS0.00192EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/01/07 10:7 p.m.60 views

CVE-2025-22133 WeGIA Allows Arbitrary File Upload with Remote Code Execution (RCE)

WeGIA is a web manager for charitable institutions. Prior to 3.2.8, a critical vulnerability was identified in the /WeGIA/html/socio/sistema/controller/controlaxlsx.php endpoint. The endpoint accepts file uploads without proper validation, allowing the upload of malicious files, such as .phar,...

9.9CVSS0.00722EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/01/05 4:0 p.m.60 views

CVE-2025-0223 IObit Protected Folder IOCTL IURegistryFilter.sys 0x8001E010 null pointer dereference

A vulnerability was found in IObit Protected Folder up to 13.6.0.5. It has been classified as problematic. Affected is the function 0x8001E000/0x8001E00C/0x8001E004/0x8001E010 in the library IURegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference...

6.8CVSS0.00349EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/12/31 3:18 p.m.60 views

CVE-2024-56198 path-sanitizer allows bypassing the existing filters to achieve path-traversal vulnerability

path-sanitizer is a simple lightweight npm package for sanitizing paths to prevent Path Traversal. Prior to 3.1.0, the filters can be bypassed using .=%5c which results in a path traversal. This vulnerability is fixed in 3.1.0...

9.3CVSS0.00733EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/12/11 3:35 p.m.60 views

CVE-2024-53677 Apache Struts: Mixing setters for uploaded files and normal fields can allow bypass file upload checks

File upload logic in Apache Struts is flawed. An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution. This issue affects Apache Struts: from 2.0.0 before...

9.5CVSS0.78198EPSS
Exploits15References1
Cvelist
Cvelist
added 2024/12/10 5:49 p.m.60 views

CVE-2024-49128 Windows Remote Desktop Services Remote Code Execution Vulnerability

...

8.1CVSS0.01154EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/03 3:39 p.m.60 views

CVE-2024-53999 Mobile Security Framework (MobSF) Stored Cross-Site Scripting Vulnerability in "Diff or Compare" Functionality

Mobile Security Framework MobSF is a pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. The application allows users to upload files with scripts in the filename parameter. As a result, a malicious user can upload a script file to th...

8.1CVSS0.00508EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/12/02 1:49 p.m.60 views

CVE-2024-52453 WordPress Library Bookshelves plugin <= 5.8 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in photonicgnostic Library Bookshelves library-bookshelves allows Reflected XSS.This issue affects Library Bookshelves: from n/a through = 5.8...

7.1CVSS0.00339EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/06 8:51 p.m.60 views

CVE-2024-51736 Command execution hijack on Windows with Process class in symfony/process

Symphony process is a module for the Symphony PHP framework which executes commands in sub-processes. On Windows, when an executable file named cmd.exe is located in the current working directory it will be called by the Process class when preparing command arguments, leading to possible hijackin...

0.0043EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/08 1:59 a.m.60 views

CVE-2024-21302 Windows Secure Kernel Mode Elevation of Privilege Vulnerability

...

6.7CVSS0.01559EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/06 6:3 a.m.60 views

CVE-2024-6203 HaloITSM - Password Reset Poisoning

HaloITSM versions up to 2.146.1 are affected by a Password Reset Poisoning vulnerability. Poisoned password reset links can be sent to existing HaloITSM users given their email address is known. When these poisoned links get accessed e.g. manually by the victim or automatically by an email client...

8.3CVSS0.00367EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/01 3:15 p.m.60 views

CVE-2024-6242 Rockwell Automation Chassis Restrictions Bypass Vulnerability in Select Logix Devices

A vulnerability exists in Rockwell Automation affected products that allows a threat actor to bypass the Trusted® Slot feature in a ControlLogix® controller. If exploited on any affected module in a 1756 chassis, a threat actor could potentially execute CIP commands that modify user projects and/...

7.3CVSS0.09197EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/24 12:0 a.m.60 views

CVE-2024-40767

In OpenStack Nova before 27.4.1, 28 before 28.2.1, and 29 before 29.1.1, by supplying a raw format image that is actually a crafted QCOW2 image with a backing file path or VMDK flat image with a descriptor file path, an authenticated user may convince systems to return a copy of the referenced...

0.00941EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/07/16 5:3 p.m.60 views

CVE-2024-40626 Stored Cross-site Scripting (XSS) vulnerability in Outline editor

Outline is an open source, collaborative document editor. A type confusion issue was found in ProseMirror’s rendering process that leads to a Stored Cross-Site Scripting XSS vulnerability in Outline. An authenticated user can create a document containing a malicious JavaScript payload. When other...

7.3CVSS0.00515EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/07/09 5:3 p.m.60 views

CVE-2024-38020 Microsoft Outlook Spoofing Vulnerability

...

6.5CVSS0.01841EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/09 3:33 p.m.60 views

CVE-2024-26015

An incorrect parsing of numbers with different radices vulnerability CWE-1389 in FortiProxy version 7.4.3 and below, version 7.2.10 and below, version 7.0.17 and below and FortiOS version 7.4.3 and below, version 7.2.8 and below, version 7.0.15 and below IP address validation feature may permit a...

3.4CVSS0.00467EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/08 8:51 p.m.60 views

CVE-2024-5971 Undertow: response write hangs in case of java 17 tlsv1.3 newsessionticket

A vulnerability was found in Undertow, where the chunked response hangs after the body was flushed. The response headers and body were sent but the client would continue waiting as Undertow does not send the expected 0\r\n termination of the chunked response. This results in uncontrolled resource...

7.5CVSS0.02716EPSS
Exploits0References10
Cvelist
Cvelist
added 2024/07/08 2:52 p.m.60 views

CVE-2024-39677 NHibernate SQL injection vulnerability in discriminator mappings, static fields referenced in HQL, and some utilities

NHibernate is an object-relational mapper for the .NET framework. A SQL injection vulnerability exists in some types implementing ILiteralType.ObjectToSQLString. Callers of these methods are exposed to the vulnerability, which includes mappings using inheritance with discriminator values; HQL...

5.9CVSS0.00578EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/07/01 4:11 p.m.60 views

CVE-2024-20399 Cisco NX-OS Software CLI Command Injection Vulnerability

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated user in possession of Administrator credentials to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that ar...

6CVSS0.04271EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/07/01 12:0 a.m.60 views

CVE-2024-39001

ag-grid-enterprise v31.3.2 was discovered to contain a prototype pollution via the component ModuleSupport.jsonApply. This vulnerability allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties...

0.00827EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/06/11 2:57 p.m.60 views

CVE-2024-34820 WordPress If-So Dynamic Content Personalization plugin <= 1.7.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in If So Plugin If-So Dynamic Content Personalization.This issue affects If-So Dynamic Content Personalization: from n/a through 1.7.1...

6.5CVSS0.00437EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/10 8:3 p.m.60 views

CVE-2024-36416 SuiteCRM v4 API Excessive log data DOS

SuiteCRM is an open-source Customer Relationship Management CRM software application. Prior to versions 7.14.4 and 8.6.1, a deprecated v4 API example with no log rotation allows denial of service by logging excessive data. Versions 7.14.4 and 8.6.1 contain a fix for this issue...

8.6CVSS0.01952EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/06/08 2:27 p.m.60 views

CVE-2024-35694 WordPress WPMobile.App plugin <= 11.41 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Amauri WPMobile.App wpappninja.This issue affects WPMobile.App: from n/a through = 11.41...

7.1CVSS0.00668EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/06 6:19 p.m.60 views

CVE-2024-0520 Remote Code Execution due to Full Controlled File Write in mlflow/mlflow

A vulnerability in mlflow/mlflow version 8.2.1 allows for remote code execution due to improper neutralization of special elements used in an OS command 'Command Injection' within the mlflow.data.httpdatasetsource.py module. Specifically, when loading a dataset from a source URL with an HTTP...

10CVSS0.02382EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/05/10 5:7 p.m.60 views

CVE-2024-34359 llama-cpp-python vulnerable to Remote Code Execution by Server-Side Template Injection in Model Metadata

llama-cpp-python is the Python bindings for llama.cpp. llama-cpp-python depends on class Llama in llama.py to load .gguf llama.cpp or Latency Machine Learning Models. The init constructor built in the Llama takes several parameters to configure the loading and running of the model. Other than NUM...

9.6CVSS9.9AI score0.2842EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/05/03 2:13 a.m.60 views

CVE-2023-42119 Exim dnsdb Out-Of-Bounds Read Information Disclosure Vulnerability

Exim dnsdb Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists within the smtp...

3.1CVSS5.9AI score0.01593EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/01 10:45 a.m.60 views

CVE-2024-32984 Yamux Memory Exhaustion Vulnerability via Active::pending_frames property

Yamux is a stream multiplexer over reliable, ordered connections such as TCP/IP. The Rust implementation of the Yamux stream multiplexer uses a vector for pending frames. This vector is not bounded in length. Every time the Yamux protocol requires sending of a new frame, this frame gets appended ...

7.5CVSS7.6AI score0.00761EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/04/27 12:0 a.m.60 views

CVE-2024-33851

phpecc, as used in paragonie/phpecc before 2.0.1, has a branch-based timing leak in Point addition. This is related to phpecc/phpecc on GitHub, and the Matyas Danter ECC library...

6.6AI score0.00408EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/10 11:49 a.m.60 views

CVE-2024-20758 Adobe Commerce | Improper Input Validation (CWE-20)

Adobe Commerce versions 2.4.6-p4, 2.4.5-p6, 2.4.4-p7, 2.4.7-beta3 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution on the underlying filesystem. Exploitation of this issue does not require user interaction, but the attack...

9CVSS9.5AI score0.01418EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/03 5:0 p.m.60 views

CVE-2024-26759 mm/swap: fix race when skipping swapcache

In the Linux kernel, the following vulnerability has been resolved: mm/swap: fix race when skipping swapcache When skipping swapcache for SWPSYNCHRONOUSIO, if two or more threads swapin the same entry at the same time, they get different pages A, B. Before one thread T0 finishes the swapin and...

7.8AI score0.00252EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/04/03 12:0 a.m.60 views

CVE-2024-24506

Cross Site Scripting XSS vulnerability in Lime Survey Community Edition Version v.5.3.32+220817, allows remote attackers to execute arbitrary code via the Administrator email address parameter in the General Setting function...

6.4AI score0.00677EPSS
Exploits4References2
Cvelist
Cvelist
added 2024/04/02 12:0 a.m.60 views

CVE-2024-29276

An issue was discovered in seeyonOA version 8, allows remote attackers to execute arbitrary code via the importProcess method in WorkFlowDesignerController.class component...

7.9AI score0.32791EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/26 12:0 a.m.60 views

CVE-2024-25421

An issue in Ignite Realtime Openfire v.4.9.0 and before allows a remote attacker to escalate privileges via the ROOMCACHE component...

7AI score0.0165EPSS
Exploits2References3
Cvelist
Cvelist
added 2024/03/25 6:41 p.m.60 views

CVE-2024-28106 phpMyFAQ Stored XSS at FAQ News Content

phpMyFAQ is an open source FAQ web application for PHP 8.1+ and MySQL, PostgreSQL and other databases. By manipulating the news parameter in a POST request, an attacker can inject malicious JavaScript code. Upon browsing to the compromised news page, the XSS payload triggers. This vulnerability i...

4.3CVSS5AI score0.00542EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/03/13 3:48 p.m.60 views

CVE-2024-23672 Apache Tomcat: WebSocket DoS with incomplete closing handshake

Denial of Service via incomplete cleanup vulnerability in Apache Tomcat. It was possible for WebSocket clients to keep WebSocket connections open leading to increased resource consumption.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M16, from 10.1.0-M1 through 10.1.18, from...

7.8AI score0.02313EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/01 12:37 a.m.60 views

CVE-2024-22100 MicroDicom DICOM Heap-based Buffer Overflow

MicroDicom DICOM Viewer versions 2023.3 Build 9342 and prior are affected by a heap-based buffer overflow vulnerability, which could allow an attacker to execute arbitrary code on affected installations of DICOM Viewer. A user must open a malicious DCM file in order to exploit the vulnerability...

7.8CVSS8.1AI score0.00264EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/02/19 11:24 a.m.60 views

CVE-2024-1346 Weak MySQL database root password in LaborOfficeFree

Weak MySQL database root password in LaborOfficeFree affects version 19.10. This vulnerability allows an attacker to calculate the root password of the MySQL database used by LaborOfficeFree using two constants...

6.8CVSS6.7AI score0.00392EPSS
Exploits5References1
Total number of security vulnerabilities5000