Lucene search
K
CvelistMost viewed

364953 matches found

Cvelist
Cvelist
added 2022/03/11 11:55 p.m.204 views

CVE-2022-24760 Command Injection in Parse server

Parse Server is an open source http web server backend. In versions prior to 4.10.7 there is a Remote Code Execution RCE vulnerability in Parse Server. This vulnerability affects Parse Server in the default configuration with MongoDB. The main weakness that leads to RCE is the Prototype Pollution...

10CVSS9.9AI score0.49081EPSS
Exploits1References3
Cvelist
Cvelist
added 2021/12/14 12:0 a.m.204 views

CVE-2021-4104 Deserialization of untrusted data in JMSAppender in Apache Log4j 1.2

JMSAppender in Log4j 1.2 is vulnerable to deserialization of untrusted data when the attacker has write access to the Log4j configuration. The attacker can provide TopicBindingName and TopicConnectionFactoryBindingName configurations causing JMSAppender to perform JNDI requests that result in...

8.9AI score0.81147EPSS
Exploits9References14
Cvelist
Cvelist
added 2024/06/19 5:37 a.m.203 views

CVE-2024-5853 Image Optimizer, Resizer and CDN – Sirv <= 7.2.6 - Authenticated (Contributor+) Arbitrary File Upload

The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the sirvuploadfilebychanks AJAX action in all versions up to, and including, 7.2.6. This makes it possible for authenticated attackers, with...

9.9CVSS0.00787EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/06/14 12:51 p.m.203 views

CVE-2024-2024 Folders Pro <= 3.0.2 - Authenticated(Author+) Arbitrary File Upload via handle_folders_file_upload

The Folders Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'handlefoldersfileupload' function in all versions up to, and including, 3.0.2. This makes it possible for authenticated attackers, with author access and above, to upload...

8.8CVSS0.03303EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/11/28 12:0 a.m.203 views

CVE-2023-49314

Asana Desktop 2.1.0 on macOS allows code injection because of specific Electron Fuses. There is inadequate protection against code injection through settings such as RunAsNode and EnableNodeCliInspectArguments, and thus r3ggi/electroniz3r can be used to perform an attack...

7.9AI score0.04333EPSS
Exploits0References6
Cvelist
Cvelist
added 2022/03/25 6:3 p.m.203 views

CVE-2022-0995

An out-of-bounds OOB memory write flaw was found in the Linux kernel’s watchqueue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to gain privileged access or cause a denial of service on the system...

7.5AI score0.06197EPSS
Exploits10References5
Cvelist
Cvelist
added 2022/01/31 5:54 p.m.203 views

CVE-2021-42635

PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use a hardcoded APPKEY value, leading to pre-auth remote code execution...

8.6AI score0.05524EPSS
Exploits1References6
Cvelist
Cvelist
added 2021/12/15 2:15 p.m.203 views

CVE-2021-43890 Windows AppX Installer Spoofing Vulnerability

...

7.1CVSS7.3AI score0.10295EPSS
Exploits1References5
Cvelist
Cvelist
added 2024/12/12 4:23 a.m.202 views

CVE-2024-10590 Opt-In Downloads <= 4.07 - Authenticated (Subscriber+) Arbitrary File Upload

The Opt-In Downloads plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the adminupload function in all versions up to, and including, 4.07. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload...

8.8CVSS0.00811EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/06/28 7:27 p.m.202 views

CVE-2024-5827 Arbitrary File Write by Prompt Injection via DuckDB SQL in vanna-ai/vanna

Vanna v0.3.4 is vulnerable to SQL injection in its DuckDB integration exposed to its Flask Web APIs. Attackers can inject malicious SQL training data and generate corresponding queries to write arbitrary files on the victim's file system, such as backdoor.php with contents . This can lead to...

9.8CVSS0.03452EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/04/13 12:0 a.m.202 views

CVE-2022-22956

VMware Workspace ONE Access has two authentication bypass vulnerabilities CVE-2022-22955 & CVE-2022-22956 in the OAuth2 ACS framework. A malicious actor may bypass the authentication mechanism and execute any operation due to exposed endpoints in the authentication framework...

10AI score0.50694EPSS
Exploits5References3
Cvelist
Cvelist
added 2021/12/14 6:40 p.m.202 views

CVE-2021-4044 Invalid handling of X509_verify_cert() internal errors in libssl

Internally libssl in OpenSSL calls X509verifycert on the client side to verify a certificate supplied by a server. That function may return a negative return value to indicate an internal error for example out of memory. Such a negative return value is mishandled by OpenSSL and will cause an IO...

7.5AI score0.50099EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/07/02 8:44 a.m.201 views

CVE-2024-4836 LFI in sites managed by Edito CMS

Web services managed by Edito CMS Content Management System in versions from 3.5 through 3.25 leak sensitive data as they allow downloading configuration files by an unauthenticated user. The issue in versions 3.5 - 3.25 was removed in releases which dates from 10th of January 2014. Higher versio...

7.5CVSS0.02651EPSS
Exploits0References3
Cvelist
Cvelist
added 2023/12/18 12:0 a.m.200 views

CVE-2023-48795

The SSH transport protocol with certain OpenSSH extensions, found in OpenSSH before 9.6 and other products, allows remote attackers to bypass integrity checks such that some packets are omitted from the extension negotiation message, and a client and server may consequently end up with a connecti...

6.8AI score0.93305EPSS
Exploits4References118
Cvelist
Cvelist
added 2022/06/16 5:7 p.m.199 views

CVE-2022-30657 Adobe InCopy Font Parsing Use-After-Free Remote Code Execution Vulnerability

Adobe InCopy versions 17.2 and earlier and 16.4.1 and earlier are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS7.9AI score0.02459EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/02/01 10:8 p.m.199 views

CVE-2021-42638

PrinterLogic Web Stack versions 19.1.1.13 SP9 and below do not sanitize user input resulting in pre-auth remote code execution...

8.7AI score0.05486EPSS
Exploits1References6
Cvelist
Cvelist
added 2003/04/02 5:0 a.m.199 views

CVE-2002-0597

LANMAN service on Microsoft Windows 2000 allows remote attackers to cause a denial of service CPU/memory exhaustion via a stream of malformed data to microsoft-ds port 445...

6.6AI score0.515EPSS
Exploits1References7
Cvelist
Cvelist
added 2024/07/01 6:15 p.m.198 views

CVE-2024-38476 Apache HTTP Server may use exploitable/malicious backend application output to run local handlers via internal redirect

Vulnerability in core of Apache HTTP Server 2.4.59 and earlier are vulnerably to information disclosure, SSRF or local script execution via backend applications whose response headers are malicious or exploitable. Users are recommended to upgrade to version 2.4.60, which fixes this issue...

0.41611EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/03/21 7:51 p.m.198 views

CVE-2022-26148

An issue was discovered in Grafana through 7.3.4, when integrated with Zabbix. The Zabbix password can be found in the apijsonrpc.php HTML source code. When the user logs in and allows the user to register, one can right click to view the source code and use Ctrl-F to search for password in...

9.7AI score0.53439EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/04/07 5:58 p.m.197 views

CVE-2026-39339 ChurchCRM has an API Authentication Bypass

ChurchCRM is an open-source church management system. Prior to 7.1.0, a critical authentication bypass vulnerability in ChurchCRM's API middleware ChurchCRM/Slim/Middleware/AuthMiddleware.php allows unauthenticated attackers to access all protected API endpoints by including "api/public" anywhere...

9.1CVSS0.01351EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/03/02 9:59 p.m.196 views

CVE-2022-0711

A flaw was found in the way HAProxy processed HTTP responses containing the "Set-Cookie2" header. This flaw could allow an attacker to send crafted HTTP response packets which lead to an infinite loop, eventually resulting in a denial of service condition. The highest threat from this vulnerabili...

7.4AI score0.16563EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/07/09 9:8 p.m.195 views

CVE-2025-53624 docusaurus-plugin-content-gists Exposes GitHub Personal Access Token

The Docusaurus gists plugin adds a page to your Docusaurus instance, displaying all public gists of a GitHub user. docusaurus-plugin-content-gists versions prior to 4.0.0 are vulnerable to exposing GitHub Personal Access Tokens in production build artifacts when passed through plugin configuratio...

10CVSS0.01842EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/03/07 3:9 p.m.193 views

CVE-2023-25690 Apache HTTP Server: HTTP request splitting with mod_rewrite and mod_proxy

Some modproxy configurations on Apache HTTP Server versions 2.4.0 through 2.4.55 allow a HTTP Request Smuggling attack. Configurations are affected when modproxy is enabled along with some form of RewriteRule or ProxyPassMatch in which a non-specific pattern matches some portion of the...

9.8AI score0.8377EPSS
Exploits5References4
Cvelist
Cvelist
added 2021/09/15 7:32 p.m.193 views

CVE-2016-20012

OpenSSH through 8.7 allows remote attackers, who have a suspicion that a certain combination of username and public key is known to an SSH server, to test whether this suspicion is correct. This occurs because a challenge is sent only when that combination could be valid for a login session. NOTE...

5.5AI score0.05326EPSS
Exploits1References8
Cvelist
Cvelist
added 2021/06/10 7:10 a.m.192 views

CVE-2020-13950 mod_proxy_http NULL pointer dereference

Apache HTTP Server versions 2.4.41 to 2.4.46 modproxyhttp can be made to crash NULL pointer dereference with specially crafted requests using both Content-Length and Transfer-Encoding headers, leading to a Denial of Service...

8.4AI score0.49089EPSS
Exploits0References10
Cvelist
Cvelist
added 2024/07/01 6:14 p.m.191 views

CVE-2024-38474 Apache HTTP Server weakness with encoded question marks in backreferences

Substitution encoding issue in modrewrite in Apache HTTP Server 2.4.59 and earlier allows attacker to execute scripts in directories permitted by the configuration but not directly reachable by any URL or source disclosure of scripts meant to only to be executed as CGI. Users are recommended to...

0.02456EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/06/28 6:11 p.m.191 views

CVE-2024-38514 NextChat Server-Side Request Forgery (SSRF)

NextChat is a cross-platform ChatGPT/Gemini UI. There is a Server-Side Request Forgery SSRF vulnerability due to a lack of validation of the endpoint GET parameter on the WebDav API endpoint. This SSRF can be used to perform arbitrary HTTPS request from the vulnerable instance MKCOL, PUT and GET...

7.4CVSS0.02186EPSS
Exploits0References2
Cvelist
Cvelist
added 2022/06/21 2:45 p.m.190 views

CVE-2022-2068 The c_rehash script allows command injection

In addition to the crehash shell command injection identified in CVE-2022-1292, further circumstances where the crehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there...

10AI score0.96275EPSS
Exploits1References9
Cvelist
Cvelist
added 2022/05/03 3:15 p.m.190 views

CVE-2022-1292 The c_rehash script allows command injection

The crehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the...

10AI score0.83223EPSS
Exploits5References14
Cvelist
Cvelist
added 2021/11/23 12:0 a.m.190 views

CVE-2021-3672

A flaw was found in c-ares library, where a missing input validation check of host names returned by DNS Domain Name Servers can lead to output of wrong hostnames which might potentially lead to Domain Hijacking. The highest threat from this vulnerability is to confidentiality and integrity as we...

6.1AI score0.02617EPSS
Exploits1References5
Cvelist
Cvelist
added 2023/12/18 12:0 a.m.189 views

CVE-2023-51385

In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has shell metacharacters, and this name is referenced by an expansion token in certain situations. For example, an untrusted Git repository can have a submodule with shell metacharacters in a user name or...

7.4AI score0.19753EPSS
Exploits8References11
Cvelist
Cvelist
added 2022/06/16 5:6 p.m.189 views

CVE-2022-30655 Adobe InCopy Font Parsing Use-After-Free Remote Code Execution Vulnerability

Adobe InCopy versions 17.2 and earlier and 16.4.1 and earlier are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS7.9AI score0.02459EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/04/11 2:19 p.m.189 views

CVE-2022-27115

In Studio-42 elFinder 2.1.60, there is a vulnerability that causes remote code execution through file name bypass for file upload...

10AI score0.28594EPSS
Exploits1References1
Cvelist
Cvelist
added 2022/03/28 6:52 p.m.189 views

CVE-2022-0735

An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.10 before 14.6.5, all versions starting from 14.7 before 14.7.4, all versions starting from 14.8 before 14.8.2. An unauthorised user was able to steal runner registration tokens through an information disclosure...

10CVSS9AI score0.13227EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/07/01 6:12 p.m.188 views

CVE-2024-38472 Apache HTTP Server on WIndows UNC SSRF

SSRF in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via SSRF and malicious requests or content Users are recommended to upgrade to version 2.4.60 which fixes this issue. Note: Existing configurations that access UNC paths will have to configure new...

0.6795EPSS
Exploits1References1
Cvelist
Cvelist
added 2022/01/06 11:5 p.m.188 views

CVE-2022-21662 Stored XSS in WordPress

WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Low-privileged authenticated users like author in WordPress core are able to execute JavaScript/perform stored XSS attack, which can affect high-privileged users. This has been patched...

8CVSS8.2AI score0.63712EPSS
Exploits0References6
Cvelist
Cvelist
added 2021/12/08 2:34 p.m.188 views

CVE-2021-42835

An issue was discovered in Plex Media Server through 1.24.4.5081-e362dc1ee. An attacker with a foothold in a endpoint via a low-privileged user account can access the exposed RPC service of the update service component. This RPC functionality allows the attacker to interact with the RPC...

7.3AI score0.01166EPSS
Exploits1References4
Cvelist
Cvelist
added 2021/11/02 10:13 p.m.188 views

CVE-2021-43267

An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication TIPC functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSGCRYPTO message type...

9.2AI score0.5758EPSS
Exploits2References6
Cvelist
Cvelist
added 2007/08/18 9:0 p.m.188 views

CVE-2007-4270

Multiple race conditions in IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 allow local users to gain root privileges via a symlink attack on certain files...

6.3AI score0.00328EPSS
Exploits1References11
Cvelist
Cvelist
added 2021/08/30 6:12 p.m.187 views

CVE-2021-33055

Zoho ManageEngine ADSelfService Plus through 6102 allows unauthenticated remote code execution in non-English editions...

10AI score0.18062EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/09/07 4:3 p.m.186 views

CVE-2023-46809

Node.js versions which bundle an unpatched version of OpenSSL or run against a dynamically linked version of OpenSSL which are unpatched are vulnerable to the Marvin Attack - https://people.redhat.com/hkario/marvin/, if PCKS 1 v1.5 padding is allowed when performing RSA descryption using a privat...

0.01302EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/02/23 5:40 p.m.186 views

CVE-2022-20623 Cisco Nexus 9000 Series Switches Bidirectional Forwarding Detection Denial of Service Vulnerability

A vulnerability in the rate limiter for Bidirectional Forwarding Detection BFD traffic of Cisco NX-OS Software for Cisco Nexus 9000 Series Switches could allow an unauthenticated, remote attacker to cause BFD traffic to be dropped on an affected device. This vulnerability is due to a logic error ...

8.6CVSS8.1AI score0.12345EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/02/14 7:51 p.m.186 views

CVE-2019-16864

CompleteFTPService.exe in the server in EnterpriseDT CompleteFTP before 12.1.4 allows Remote Code Execution by leveraging a Windows user account that has SSH access. The exec command is always run as SYSTEM...

9.1AI score0.07714EPSS
Exploits1References2
Cvelist
Cvelist
added 2021/09/02 4:9 p.m.186 views

CVE-2021-28564 Adobe Acrobat Reader out-of-bounds write vulnerability could lead to arbitrary code execution

Acrobat Reader DC versions versions 2021.001.20150 and earlier, 2020.001.30020 and earlier and 2017.011.30194 and earlier are affected by an Out-of-bounds Write vulnerability within the ImageTool component. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code...

8.8CVSS8.8AI score0.03529EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/13 1:54 a.m.185 views

CVE-2024-39710

Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote code execution...

9.1CVSS0.01899EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/11/19 6:10 p.m.185 views

CVE-2021-22965

A vulnerability in Pulse Connect Secure before 9.1R12.1 could allow an unauthenticated administrator to causes a denial of service when a malformed request is sent to the device...

7.6AI score0.02123EPSS
Exploits0References1
Cvelist
Cvelist
added 2021/09/02 4:7 p.m.185 views

CVE-2021-28550 Adobe Acrobat Reader use after free vulnerability could lead to arbitrary code execution

Acrobat Reader DC versions versions 2021.001.20150 and earlier, 2020.001.30020 and earlier and 2017.011.30194 and earlier are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current...

9.6CVSS8.9AI score0.52005EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/13 1:54 a.m.184 views

CVE-2024-39711

Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti Policy Secure before version 22.7R1.1 allows a remote authenticated attacker with admin privileges to achieve remote code execution...

9.1CVSS0.01744EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/06/15 8:23 p.m.184 views

CVE-2022-30648 Adobe Illustrator Font Parsing Use-After-Free Remote Code Execution Vulnerability

Adobe Illustrator versions 26.0.2 and earlier and 25.4.5 and earlier are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

7.8CVSS7.9AI score0.02424EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/01/14 7:5 p.m.184 views

CVE-2021-44701 Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability

Acrobat Reader DC version 21.007.20099 and earlier, 20.004.30017 and earlier and 17.011.30204 and earlier are affected by a use-after-free vulnerability in the processing of Format event actions that could result in arbitrary code execution in the context of the current user. Exploitation of this...

7.8CVSS7.9AI score0.20906EPSS
Exploits0References1
Total number of security vulnerabilities5000