Lucene search
+L
CvelistMost viewed

367088 matches found

Cvelist
Cvelist
added 2024/07/24 7:41 a.m.61 views

CVE-2024-39676 Apache Pinot: Unauthorized endpoint exposed sensitive information

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Apache Pinot. This issue affects Apache Pinot: from 0.1 before 1.0.0. Users are recommended to upgrade to version 1.0.0 and configure RBAC, which fixes the issue. Details: When using a request to path “/appconfigs” to the...

0.00846EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/24 12:0 a.m.61 views

CVE-2024-40767

In OpenStack Nova before 27.4.1, 28 before 28.2.1, and 29 before 29.1.1, by supplying a raw format image that is actually a crafted QCOW2 image with a backing file path or VMDK flat image with a descriptor file path, an authenticated user may convince systems to return a copy of the referenced...

0.00941EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/07/16 10:40 p.m.61 views

CVE-2024-21184

...

7.2CVSS0.00529EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/16 5:3 p.m.61 views

CVE-2024-40626 Stored Cross-site Scripting (XSS) vulnerability in Outline editor

Outline is an open source, collaborative document editor. A type confusion issue was found in ProseMirror’s rendering process that leads to a Stored Cross-Site Scripting XSS vulnerability in Outline. An authenticated user can create a document containing a malicious JavaScript payload. When other...

7.3CVSS0.00515EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/07/09 5:3 p.m.61 views

CVE-2024-38020 Microsoft Outlook Spoofing Vulnerability

...

6.5CVSS0.01841EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/09 3:33 p.m.61 views

CVE-2024-26015

An incorrect parsing of numbers with different radices vulnerability CWE-1389 in FortiProxy version 7.4.3 and below, version 7.2.10 and below, version 7.0.17 and below and FortiOS version 7.4.3 and below, version 7.2.8 and below, version 7.0.15 and below IP address validation feature may permit a...

3.4CVSS0.00467EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/08 8:51 p.m.61 views

CVE-2024-5971 Undertow: response write hangs in case of java 17 tlsv1.3 newsessionticket

A vulnerability was found in Undertow, where the chunked response hangs after the body was flushed. The response headers and body were sent but the client would continue waiting as Undertow does not send the expected 0\r\n termination of the chunked response. This results in uncontrolled resource...

7.5CVSS0.02716EPSS
Exploits0References10
Cvelist
Cvelist
added 2024/07/08 2:52 p.m.61 views

CVE-2024-39677 NHibernate SQL injection vulnerability in discriminator mappings, static fields referenced in HQL, and some utilities

NHibernate is an object-relational mapper for the .NET framework. A SQL injection vulnerability exists in some types implementing ILiteralType.ObjectToSQLString. Callers of these methods are exposed to the vulnerability, which includes mappings using inheritance with discriminator values; HQL...

5.9CVSS0.00578EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/07/01 4:11 p.m.61 views

CVE-2024-20399 Cisco NX-OS Software CLI Command Injection Vulnerability

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated user in possession of Administrator credentials to execute arbitrary commands as root on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that ar...

6CVSS0.04271EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/06/25 3:30 a.m.61 views

CVE-2024-6297 Several WordPress.org Plugins <= Various Versions - Injected Backdoor

Several plugins for WordPress hosted on WordPress.org have been compromised and injected with malicious PHP scripts. A malicious threat actor compromised the source code of various plugins and injected code that exfiltrates database credentials and is used to create new, malicious, administrator...

10CVSS0.01011EPSS
Exploits0References10
Cvelist
Cvelist
added 2024/06/18 9:0 p.m.61 views

CVE-2024-6129 spa-cartcms Username login observable behavioral discrepancy

A vulnerability, which was classified as problematic, was found in spa-cartcms 1.9.0.6. Affected is an unknown function of the file /login of the component Username Handler. The manipulation of the argument email leads to observable behavioral discrepancy. It is possible to launch the attack...

6.3CVSS0.00605EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/06/11 2:57 p.m.61 views

CVE-2024-34820 WordPress If-So Dynamic Content Personalization plugin <= 1.7.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in If So Plugin If-So Dynamic Content Personalization.This issue affects If-So Dynamic Content Personalization: from n/a through 1.7.1...

6.5CVSS0.00437EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/10 8:3 p.m.61 views

CVE-2024-36416 SuiteCRM v4 API Excessive log data DOS

SuiteCRM is an open-source Customer Relationship Management CRM software application. Prior to versions 7.14.4 and 8.6.1, a deprecated v4 API example with no log rotation allows denial of service by logging excessive data. Versions 7.14.4 and 8.6.1 contain a fix for this issue...

8.6CVSS0.01952EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/06/07 9:33 a.m.61 views

CVE-2023-5424 WS Form LITE <= 1.9.217 - Unauthenticated CSV Injection

The WS Form LITE plugin for WordPress is vulnerable to CSV Injection in versions up to, and including, 1.9.217. This allows unauthenticated attackers to embed untrusted input into exported CSV files, which can result in code execution when these files are downloaded and opened on a local system...

4.7CVSS0.00493EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/06/06 6:19 p.m.61 views

CVE-2024-0520 Remote Code Execution due to Full Controlled File Write in mlflow/mlflow

A vulnerability in mlflow/mlflow version 8.2.1 allows for remote code execution due to improper neutralization of special elements used in an OS command 'Command Injection' within the mlflow.data.httpdatasetsource.py module. Specifically, when loading a dataset from a source URL with an HTTP...

10CVSS0.02382EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/06/04 8:31 a.m.61 views

CVE-2024-4581 Slider Revolution <= 6.7.11 - Authenticated (Author+) Stored Cross-Site Scripting via Add Layer class, id, and title Attributes

The Slider Revolution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Add Layer widget in all versions up to, and including, 6.7.11 due to insufficient input sanitization and output escaping on the user supplied 'class', 'id', and 'title' attributes. This makes ...

6.4CVSS5.7AI score0.00279EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/03 2:13 a.m.61 views

CVE-2023-42119 Exim dnsdb Out-Of-Bounds Read Information Disclosure Vulnerability

Exim dnsdb Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists within the smtp...

3.1CVSS5.9AI score0.01593EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/03 2:12 a.m.61 views

CVE-2023-41230 D-Link DIR-3040 HTTP Request Processing Referer Stack-Based Buffer Overflow Remote Code Execution Vulnerability

D-Link DIR-3040 HTTP Request Processing Referer Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. Authentication is not required to exploit this...

7.5CVSS8.2AI score0.00759EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/03 12:0 a.m.61 views

CVE-2024-30851

Directory Traversal vulnerability in codesiddhant Jasmin Ransomware v.1.0.1 allows an attacker to obtain sensitive information via the downloadfile.php component...

9.2AI score0.04611EPSS
Exploits7References2
Cvelist
Cvelist
added 2024/05/01 10:45 a.m.61 views

CVE-2024-32984 Yamux Memory Exhaustion Vulnerability via Active::pending_frames property

Yamux is a stream multiplexer over reliable, ordered connections such as TCP/IP. The Rust implementation of the Yamux stream multiplexer uses a vector for pending frames. This vector is not bounded in length. Every time the Yamux protocol requires sending of a new frame, this frame gets appended ...

7.5CVSS7.6AI score0.00761EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/05/01 5:28 a.m.61 views

CVE-2024-26999 serial/pmac_zilog: Remove flawed mitigation for rx irq flood

In the Linux kernel, the following vulnerability has been resolved: serial/pmaczilog: Remove flawed mitigation for rx irq flood The mitigation was intended to stop the irq completely. That may be better than a hard lock-up but it turns out that you get a crash anyway if you're using pmaczilog as ...

7.7AI score0.00182EPSS
Exploits0References8
Cvelist
Cvelist
added 2024/04/27 12:0 a.m.61 views

CVE-2024-33851

phpecc, as used in paragonie/phpecc before 2.0.1, has a branch-based timing leak in Point addition. This is related to phpecc/phpecc on GitHub, and the Matyas Danter ECC library...

6.6AI score0.00408EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/10 11:49 a.m.61 views

CVE-2024-20758 Adobe Commerce | Improper Input Validation (CWE-20)

Adobe Commerce versions 2.4.6-p4, 2.4.5-p6, 2.4.4-p7, 2.4.7-beta3 and earlier are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution on the underlying filesystem. Exploitation of this issue does not require user interaction, but the attack...

9CVSS9.5AI score0.01418EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/02 12:0 a.m.61 views

CVE-2024-29276

An issue was discovered in seeyonOA version 8, allows remote attackers to execute arbitrary code via the importProcess method in WorkFlowDesignerController.class component...

7.9AI score0.32791EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/01 12:37 a.m.61 views

CVE-2024-22100 MicroDicom DICOM Heap-based Buffer Overflow

MicroDicom DICOM Viewer versions 2023.3 Build 9342 and prior are affected by a heap-based buffer overflow vulnerability, which could allow an attacker to execute arbitrary code on affected installations of DICOM Viewer. A user must open a malicious DCM file in order to exploit the vulnerability...

7.8CVSS8.1AI score0.00264EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/02/20 9:58 a.m.61 views

CVE-2023-49109 Remote Code Execution in Apache Dolphinscheduler

Exposure of Remote Code Execution in Apache Dolphinscheduler. This issue affects Apache DolphinScheduler: before 3.2.1. We recommend users to upgrade Apache DolphinScheduler to version 3.2.1, which fixes the issue...

7.4AI score0.02301EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/02/13 9:38 p.m.61 views

CVE-2023-6152

A user changing their email after signing up and verifying it can change it without verification in profile settings. The configuration option "verifyemailenabled" will only validate email only on sign up...

5.4CVSS5.8AI score0.01385EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/02/06 12:0 a.m.61 views

CVE-2024-24680

An issue was discovered in Django 3.2 before 3.2.24, 4.2 before 4.2.10, and Django 5.0 before 5.0.2. The intcomma template filter was subject to a potential denial-of-service attack when used with very long strings...

7.5AI score0.01606EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/01/30 3:50 p.m.61 views

CVE-2024-22193 vantage6 unencrypted task can be created in encrypted collaboration

The vantage6 technology enables to manage and deploy privacy enhancing technologies like Federated Learning FL and Multi-Party Computation MPC. There are no checks on whether the input is encrypted if a task is created in an encrypted collaboration. Therefore, a user may accidentally create a tas...

3.5CVSS4.7AI score0.00257EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/01/05 9:2 p.m.62 views

CVE-2024-21641 Flarum's Logout Route allows open redirects

Flarum is open source discussion platform software. Prior to version 1.8.5, the Flarum /logout route includes a redirect parameter that allows any third party to redirect users from a trusted domain of the Flarum installation to redirect to any link. For logged-in users, the logout must be...

6.5CVSS7.6AI score0.01067EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/12/22 6:30 p.m.61 views

CVE-2023-50714 The Oauth2 PKCE implementation is vulnerable

yii2-authclient is an extension that adds OpenID, OAuth, OAuth2 and OpenId Connect consumers for the Yii framework 2.0. In yii2-authclient prior to version 2.2.15, the Oauth2 PKCE implementation is vulnerable in 2 ways. First, the authCodeVerifier should be removed after usage similar to authStat...

6.8CVSS8.9AI score0.00492EPSS
Exploits1References5
Cvelist
Cvelist
added 2023/12/09 12:42 a.m.61 views

CVE-2023-49797 Local Privilege Escalation in pyinstaller on Windows

PyInstaller bundles a Python application and all its dependencies into a single package. A PyInstaller built application, elevated as a privileged process, may be tricked by an unprivileged attacker into deleting files the unprivileged user does not otherwise have access to. A user is affected if...

8.8CVSS8.7AI score0.00324EPSS
Exploits0References5
Cvelist
Cvelist
added 2023/11/17 12:0 a.m.61 views

CVE-2023-46402

git-urls 1.0.0 allows ReDOS Regular Expression Denial of Service in urls.go...

7.7AI score0.0085EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/11/14 8:20 p.m.61 views

CVE-2023-34060

VMware Cloud Director Appliance contains an authentication bypass vulnerability in case VMware Cloud Director Appliance was upgraded to 10.5 from an older version. On an upgraded version of VMware Cloud Director Appliance 10.5, a malicious actor with network access to the appliance can bypass log...

10AI score0.01345EPSS
Exploits4References4
Cvelist
Cvelist
added 2023/10/20 7:29 a.m.61 views

CVE-2023-4386 Essential Blocks <= 4.2.0 - Unauthenticated PHP Object Injection via queries

The Essential Blocks plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 4.2.0 via deserialization of untrusted input in the getposts function. This allows unauthenticated attackers to inject a PHP Object. No POP chain is present in the vulnerable plugin. ...

8.1CVSS9AI score0.00768EPSS
Exploits2References2
Cvelist
Cvelist
added 2023/10/03 5:0 a.m.61 views

CVE-2023-26150

Versions of the package asyncua before 0.9.96 are vulnerable to Improper Authentication such that it is possible to access Address Space without encryption and authentication. Note: This issue is a result of missing checks for services that require an active session...

6.5CVSS7.7AI score0.00454EPSS
Exploits1References7
Cvelist
Cvelist
added 2023/09/27 8:24 p.m.61 views

CVE-2023-43651 Remote code execution on the host system via MongoDB shell in jumpserver

JumpServer is an open source bastion host. An authenticated user can exploit a vulnerability in MongoDB sessions to execute arbitrary commands, leading to remote code execution. This vulnerability may further be leveraged to gain root privileges on the system. Through the WEB CLI interface provid...

8.5CVSS10AI score0.01716EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/09/26 6:19 p.m.62 views

CVE-2023-43646 Inefficient Regular Expression Complexity in get-func-name

get-func-name is a module to retrieve a function's name securely and consistently both in NodeJS and the browser. Versions prior to 2.0.1 are subject to a regular expression denial of service redos vulnerability which may lead to a denial of service when parsing malicious input. This vulnerabilit...

8.6CVSS8.5AI score0.01114EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/09/26 1:51 a.m.61 views

CVE-2023-4506 Active Directory Integration / LDAP Integration <= 4.1.10 - LDAP Passback

The Active Directory Integration / LDAP Integration plugin for WordPress is vulnerable to LDAP Passback in versions up to, and including, 4.1.10. This is due to insufficient validation when changing the LDAP server. This makes it possible for authenticated attackers, with administrative access an...

2.2CVSS6.5AI score0.00721EPSS
Exploits2References4
Cvelist
Cvelist
added 2023/09/07 12:11 p.m.61 views

CVE-2023-3747 Insufficient Validation on Override Codes for Always-Enabled WARP Mode

Zero Trust Administrators have the ability to disallow end users from disabling WARP on their devices. Override codes can also be created by the Administrators to allow a device to temporarily be disconnected from WARP, however, due to lack of server side validation, an attacker with local access...

5.5CVSS5.7AI score0.00182EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/08/29 4:46 p.m.61 views

CVE-2023-41037 Cleartext Signed Message Signature Spoofing in openpgpjs

OpenPGP.js is a JavaScript implementation of the OpenPGP protocol. In affected versions OpenPGP Cleartext Signed Messages are cryptographically signed messages where the signed text is readable without special tools. These messages typically contain a "Hash: ..." header declaring the hash algorit...

4.3CVSS4.9AI score0.00309EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/08/01 4:49 p.m.61 views

CVE-2023-38560 Ghostscript: integer overflow in pcl/pl/plfont.c:418 in pl_glyph_name

An integer overflow flaw was found in pcl/pl/plfont.c:418 in plglyphname in ghostscript. This issue may allow a local attacker to cause a denial of service via transforming a crafted PCL file to PDF format...

5.5CVSS5.5AI score0.00343EPSS
Exploits0References4
Cvelist
Cvelist
added 2023/07/06 7:39 p.m.61 views

CVE-2023-35934 yt-dlp File Downloader cookie leak

yt-dlp is a command-line program to download videos from video sites. During file downloads, yt-dlp or the external downloaders that yt-dlp employs may leak cookies on HTTP redirects to a different host, or leak them when the host for download fragments differs from their parent manifest's host...

6.1CVSS8.4AI score0.01038EPSS
Exploits0References10
Cvelist
Cvelist
added 2023/07/06 3:3 p.m.61 views

CVE-2023-36830 SQLFluff vulnerability for users with access to config file, using `library_path` to call arbitrary python code.

SQLFluff is a SQL linter. Prior to version 2.1.2, in environments where untrusted users have access to the config files, there is a potential security vulnerability where those users could use the librarypath config value to allow arbitrary python code to be executed via macros. For many users wh...

6.3CVSS8AI score0.00414EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/07/06 2:53 p.m.62 views

CVE-2023-24497

Cross-site scripting xss vulnerabilities exist in the requestHandlers.js detaildevice functionality of Milesight VPN v2.0.2. A specially-crafted HTTP request can lead to arbitrary Javascript code injection. An attacker can send an HTTP request to trigger these vulnerabilities.This XSS is exploite...

4.7CVSS5.3AI score0.00572EPSS
Exploits1References1
Cvelist
Cvelist
added 2023/06/12 5:0 a.m.61 views

CVE-2023-26133

All versions of the package progressbar.js are vulnerable to Prototype Pollution via the function extend in the file utils.js...

8.2CVSS9.7AI score0.01251EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/06/08 1:56 a.m.61 views

CVE-2023-2986 Abandoned Cart Lite for WooCommerce <= 5.15.1 - Authentication Bypass

The Abandoned Cart Lite for WooCommerce plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 5.14.2. This is due to insufficient encryption on the user being supplied during the abandoned cart link decode through the plugin. This allows unauthenticated...

9.8CVSS9.9AI score0.41077EPSS
Exploits5References8
Cvelist
Cvelist
added 2023/06/07 11:20 p.m.61 views

CVE-2023-34239 Unfiltered paths in gradio

Gradio is an open-source Python library that is used to build machine learning and data science. Due to a lack of path filtering Gradio does not properly restrict file access to users. Additionally Gradio does not properly restrict the what URLs are proxied. These issues have been addressed in...

7.3CVSS9.5AI score0.00651EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/06/05 5:31 a.m.61 views

CVE-2023-3096 KylinSoft kylin-software-properties changedSource access control

A vulnerability was found in KylinSoft kylin-software-properties on KylinOS. It has been declared as critical. This vulnerability affects the function changedSource. The manipulation leads to improper access controls. An attack has to be approached locally. The exploit has been disclosed to the...

5.3CVSS7.8AI score0.00332EPSS
Exploits1References3
Cvelist
Cvelist
added 2023/05/30 12:0 a.m.61 views

CVE-2023-34153

A vulnerability was found in ImageMagick. This security flaw causes a shell command injection vulnerability via video:vsync or video:pixel-format options in VIDEO encoding/decoding...

9.1AI score0.03161EPSS
Exploits1References5
Total number of security vulnerabilities5000