Lucene search
K
CvelistMost viewed

365134 matches found

Cvelist
Cvelist
added 2026/03/31 9:50 p.m.56 views

CVE-2026-34605 SiYuan: Reflected XSS via SVG namespace prefix bypass in SanitizeSVG ( getDynamicIcon, unauthenticated )

SiYuan is a personal knowledge management system. From version 3.6.0 to before version 3.6.2, the SanitizeSVG function introduced in version 3.6.0 to fix XSS in the unauthenticated /api/icon/getDynamicIcon endpoint can be bypassed by using namespace-prefixed element names such as . The Go HTML5...

8.6CVSS0.00469EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/03/18 1:14 a.m.56 views

CVE-2026-2092 Keycloak-services: keycloak: unauthorized access via improper validation of encrypted saml assertions

A flaw was found in Keycloak. Keycloak's Security Assertion Markup Language SAML broker endpoint does not properly validate encrypted assertions when the overall SAML response is not signed. An attacker with a valid signed SAML assertion can exploit this by crafting a malicious SAML response. Thi...

7.7CVSS0.00241EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/03/05 5:53 a.m.56 views

CVE-2026-22399 WordPress Holmes theme <= 1.7 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Holmes holmes allows PHP Local File Inclusion.This issue affects Holmes: from n/a through = 1.7...

8.1CVSS0.00504EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/03 1:21 a.m.56 views

CVE-2026-2269 Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin <= 7.0.0.3 - Authenticated (Administrator+) Server-Side Request Forgery to Arbitrary File Upload

The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 7.0.0.3 via the downloadurl function. This makes it possible for authenticated attackers, with...

7.2CVSS0.00655EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/03 8:12 p.m.56 views

CVE-2026-1801 Libsoup: libsoup: http request smuggling via malformed chunk headers

A flaw was found in libsoup, an HTTP client/server library. This HTTP Request Smuggling vulnerability arises from non-RFC-compliant parsing in the soupfilterinputstreamreadline logic, where libsoup accepts malformed chunk headers, such as lone line feed LF characters instead of the required...

5.3CVSS0.00376EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/03 2:35 p.m.56 views

CVE-2026-1285 Potential denial-of-service vulnerability in django.utils.text.Truncator HTML methods

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. django.utils.text.Truncator.chars and Truncator.words methods with html=True and the truncatecharshtml and truncatewordshtml template filters allow a remote attacker to cause a potential denial-of-service via...

0.00993EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/01/28 3:15 p.m.56 views

CVE-2026-1536 Libsoup: libsoup: http header injection or response splitting via crlf injection in content-disposition header

A flaw was found in libsoup. An attacker who can control the input for the Content-Disposition header can inject CRLF Carriage Return Line Feed sequences into the header value. These sequences are then interpreted verbatim when the HTTP request or response is constructed, allowing arbitrary HTTP...

5.8CVSS0.00298EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/01/06 7:2 p.m.56 views

CVE-2026-0641 TOTOLINK WA300 cstecgi.cgi sub_401510 command injection

A security vulnerability has been detected in TOTOLINK WA300 5.2cu.7112B20190227. This vulnerability affects the function sub401510 of the file cstecgi.cgi. The manipulation of the argument UPLOADFILENAME leads to command injection. The attack may be initiated remotely. The exploit has been...

6.5CVSS0.0236EPSS
Exploits1References6
Cvelist
Cvelist
added 2025/12/30 12:11 p.m.56 views

CVE-2023-54234 scsi: mpi3mr: Fix missing mrioc->evtack_cmds initialization

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix missing mrioc-evtackcmds initialization Commit c1af985d27da "scsi: mpi3mr: Add Event acknowledgment logic" introduced an array mrioc-evtackcmds but initialization of the array elements was missed. They are just...

0.00166EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/09/22 12:0 a.m.56 views

CVE-2025-51006

Within tcpreplay's tcprewrite, a double free vulnerability has been identified in the dltlinuxsll2cleanup function in plugins/dltlinuxsll2/linuxsll2.c. This vulnerability is triggered when tcpeditdltcleanup indirectly invokes the cleanup routine multiple times on the same memory region. By...

0.00172EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/09/09 10:23 p.m.56 views

CVE-2025-59039 Prebid Universal Creative on npm briefly compromised

Prebid Universal Creative PUC is a JavaScript API to render multiple formats. Npm users of PUC 1.17.3 or PUC latest were briefly affected by crypto-related malware. This includes the extremely popular jsdelivr hosting of this file. The maintainers of PUC unpublished version 1.17.3. Users should s...

9.3CVSS0.00312EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/07/09 3:39 p.m.56 views

CVE-2025-53673

Jenkins Sensedia Api Platform tools Plugin 1.0 stores the Sensedia API Manager integration token unencrypted in its global configuration file on the Jenkins controller, where it can be viewed by users with access to the Jenkins controller file system...

0.00196EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/10 2:33 p.m.56 views

CVE-2024-34711 GeoServer has improper ENTITY_RESOLUTION_ALLOWLIST URI validation in XML Processing (SSRF)

GeoServer is an open source server that allows users to share and edit geospatial data. An improper URI validation vulnerability exists that enables an unauthorized attacker to perform XML External Entities XEE attack, then send GET request to any HTTP server. By default, GeoServer use...

9.3CVSS0.00262EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/05/15 7:21 p.m.56 views

CVE-2025-47161 Microsoft Defender for Endpoint Elevation of Privilege Vulnerability

...

7.8CVSS0.00705EPSS
Exploits2References1
Cvelist
Cvelist
added 2025/05/11 11:0 a.m.56 views

CVE-2025-4539 Hainan ToDesk DLL File Parser profapi.dll uncontrolled search path

A vulnerability was found in Hainan ToDesk 4.7.6.3. It has been declared as critical. This vulnerability affects unknown code in the library profapi.dll of the component DLL File Parser. The manipulation leads to uncontrolled search path. It is possible to launch the attack on the local host. The...

7.3CVSS0.00179EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/04/30 2:54 p.m.56 views

CVE-2025-32971 XWiki Solr script service doesn't take dropped programming right into account

XWiki is a generic wiki platform. In versions starting from 4.5.1 to before 15.10.13, from 16.0.0-rc-1 to before 16.4.4, and from 16.5.0-rc-1 to before 16.8.0-rc-1, the Solr script service doesn't take dropped programming rights into account. The Solr script service that is accessible in XWiki's...

3.8CVSS0.00334EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/04/20 6:31 a.m.56 views

CVE-2025-3822 SourceCodester Web-based Pharmacy Product Management System changepassword.php cross site scripting

A vulnerability was found in SourceCodester Web-based Pharmacy Product Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file changepassword.php. The manipulation of the argument txtconfirmpassword/txtnewpassword/txtoldpassword leads to cro...

4.8CVSS0.00393EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/04/16 7:45 a.m.56 views

CVE-2025-27538 MFA Enforcement Bypass Allows Unauthorized Removal of MFA for Other Users

Mattermost versions 10.5.x = 10.5.1, 9.11.x = 9.11.9 fail to enforce MFA checks in PUT /api/v4/users/user-id/mfa when the requesting user differs from the target user ID, which allows users with editotherusers permission to activate or deactivate MFA for other users, even if those users have not...

2.2CVSS0.00214EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/29 4:59 p.m.56 views

CVE-2025-24791 snowflake-connector-nodejs has incorrect validation of temporary credential cache file permissions

snowflake-connector-nodejs is a NodeJS driver for Snowflake. Snowflake discovered and remediated a vulnerability in the Snowflake NodeJS Driver. File permissions checks of the temporary credential cache could be bypassed by an attacker with write access to the local cache directory. This...

4.4CVSS0.00143EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/01/24 6:54 p.m.56 views

CVE-2025-24363 The HL7 FHIR IG publisher may potentially expose GitHub repo user and credential information

The HL7 FHIR IG publisher is a tool to take a set of inputs and create a standard FHIR IG. Prior to version 1.8.9, in CI contexts, the IG Publisher CLI uses git commands to determine the URL of the originating repo. If the repo was cloned, or otherwise set to use a repo that uses a username and...

4.2CVSS0.00176EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/01/14 7:57 p.m.56 views

CVE-2024-55894 TYPO3 Cross-Site Request Forgery in Backend User Module

TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery CSRF. Additionally, state-changing actions in downstrea...

4.3CVSS0.00235EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/01/05 4:0 p.m.56 views

CVE-2025-0223 IObit Protected Folder IOCTL IURegistryFilter.sys 0x8001E010 null pointer dereference

A vulnerability was found in IObit Protected Folder up to 13.6.0.5. It has been classified as problematic. Affected is the function 0x8001E000/0x8001E00C/0x8001E004/0x8001E010 in the library IURegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference...

6.8CVSS0.00349EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/12/22 12:0 a.m.56 views

CVE-2024-56378

libpoppler.so in Poppler through 24.12.0 has an out-of-bounds read vulnerability within the JBIG2Bitmap::combine function in JBIG2Stream.cc...

0.0062EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/12/18 12:44 p.m.56 views

CVE-2024-48889

An Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability CWE-78 in FortiManager version 7.6.0, version 7.4.4 and below, version 7.2.7 and below, version 7.0.12 and below, version 6.4.14 and below and FortiManager Cloud version 7.4.4 and below,...

7.2CVSS0.01652EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/09 8:54 p.m.56 views

CVE-2024-54149 Winter CMS Modules allows a sandbox bypass in Twig templates leading to data modification and deletion

Winter is a free, open-source content management system CMS based on the Laravel PHP framework. Winter CMS prior to versions 1.2.7, 1.1.11, and 1.0.476 allow users with access to the CMS templates sections that modify Twig files to bypass the sandbox placed on Twig files and modify resources such...

8.4CVSS0.00405EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/12/08 9:31 a.m.56 views

CVE-2024-12343 TP-Link VN020 F3v(T) SOAP Request WANIPConnection buffer overflow

A vulnerability classified as critical has been found in TP-Link VN020 F3vT TTV6.2.1021. Affected is an unknown function of the file /control/WANIPConnection of the component SOAP Request Handler. The manipulation of the argument NewConnectionType leads to buffer overflow. The attack needs to be...

7.1CVSS0.04719EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/11/18 6:45 a.m.56 views

CVE-2024-22067 ZTE NH8091 product has an improper permission control vulnerability

ZTE NH8091 product has an improper permission control vulnerability. Due to improper permission control of the Web module interface, an authenticated attacker may exploit the vulnerability to execute arbitrary commands...

6.8CVSS0.00673EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/15 3:17 p.m.56 views

CVE-2024-49758 LibreNMS has a stored XSS in ExamplePlugin with Device's Notes

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. User with Admin role can add Notes to a device, the application did not properly sanitize the user input, when the ExamplePlugin enable, if java script code is inside the device's Notes, its will be trigger. This...

4.8CVSS0.00332EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/11/14 11:0 a.m.56 views

CVE-2024-10571 Chartify – WordPress Chart Plugin <= 2.9.5 - Unauthenticated Local File Inclusion via source

The Chartify – WordPress Chart Plugin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.9.5 via the 'source' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the executio...

9.8CVSS0.04841EPSS
Exploits3References3
Cvelist
Cvelist
added 2024/11/13 10:20 a.m.56 views

CVE-2024-4741 Use After Free with SSL_free_buffers

Issue summary: Calling the OpenSSL API function SSLfreebuffers may cause memory to be accessed that was previously freed in some situations Impact summary: A use after free can have a range of potential consequences such as the corruption of valid data, crashes or execution of arbitrary code...

0.02945EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/11/12 5:53 p.m.56 views

CVE-2024-43462 SQL Server Native Client Remote Code Execution Vulnerability

...

8.8CVSS0.01577EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/27 9:0 p.m.56 views

CVE-2024-10429 WAVLINK WN530H4/WN530HG4/WN572HG3 internet.cgi set_ipv6 command injection

A vulnerability classified as critical has been found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. Affected is the function setipv6 of the file internet.cgi. The manipulation of the argument IPv6OpMode/IPv6IPAddr/IPv6WANIPAddr/IPv6GWAddr leads to command injection. It is possible to...

8.6CVSS0.17215EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/10/21 11:53 a.m.56 views

CVE-2024-47685 netfilter: nf_reject_ipv6: fix nf_reject_ip6_tcphdr_put()

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfrejectipv6: fix nfrejectip6tcphdrput syzbot reported that nfrejectip6tcphdrput was possibly sending garbage on the four reserved tcp bits th-res1 Use skbputzero to clear the whole TCP header, as done in...

0.01367EPSS
Exploits0References9
Cvelist
Cvelist
added 2024/10/20 11:26 a.m.56 views

CVE-2024-44000 WordPress LiteSpeed Cache plugin < 6.5.0.1 - Unauthenticated Account Takeover via Cookie Leak vulnerability

Insufficiently Protected Credentials vulnerability in LiteSpeed Technologies LiteSpeed Cache litespeed-cache allows Authentication Bypass.This issue affects LiteSpeed Cache: from n/a through 6.5.0.1...

9.8CVSS0.83178EPSS
Exploits7References1
Cvelist
Cvelist
added 2024/09/17 6:15 p.m.56 views

CVE-2024-38183 GroupMe Elevation of Privilege Vulnerability

...

9.8CVSS0.00788EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/09/07 4:11 p.m.56 views

CVE-2024-40714

An improper certificate validation vulnerability in TLS certificate validation allows an attacker on the same network to intercept sensitive credentials during restore operations...

8.3CVSS0.00336EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/09/02 12:0 a.m.56 views

CVE-2024-45623

D-Link DAP-2310 Hardware A Firmware 1.16RC028 allows remote attackers to execute arbitrary code via a stack-based buffer overflow in the ATP binary that handles PHP HTTP GET requests for the Apache HTTP Server httpd. NOTE: This vulnerability only affects products that are no longer supported by t...

0.0095EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/20 2:3 a.m.56 views

CVE-2024-5932 GiveWP – Donation Plugin and Fundraising Platform <= 3.14.1 - Unauthenticated PHP Object Injection to Remote Code Execution

The GiveWP – Donation Plugin and Fundraising Platform plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.14.1 via deserialization of untrusted input from the 'givetitle' parameter. This makes it possible for unauthenticated attackers to inject a PHP...

10CVSS0.74283EPSS
Exploits11References8
Cvelist
Cvelist
added 2024/08/13 10:33 a.m.56 views

CVE-2024-38787 WordPress Import and export users and customers plugin <= 1.26.8 - Sensitive Information via Imported File vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Javier Carazo Import and export users and customers import-users-from-csv-with-meta.This issue affects Import and export users and customers: from n/a through = 1.26.8...

7.5CVSS0.0042EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/01 10:3 p.m.56 views

CVE-2024-41949 biscuit-rust vulnerable to public key confusion in third party block

biscuit-rust is the Rust implementation of Biscuit, an authentication and authorization token for microservices architectures. Third-party blocks can be generated without transferring the whole token to the third-party authority. Instead, a ThirdPartyBlock request can be sent, providing only the...

3CVSS0.00237EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/29 1:46 p.m.56 views

CVE-2024-6576 MOVEit Transfer Privilege Escalation Vulnerability

Improper Authentication vulnerability in Progress MOVEit Transfer SFTP module can lead to Privilege Escalation.This issue affects MOVEit Transfer: from 2023.0.0 before 2023.0.12, from 2023.1.0 before 2023.1.7, from 2024.0.0 before 2024.0.3...

7.3CVSS0.00618EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/07/20 8:6 a.m.56 views

CVE-2024-37961 WordPress codoc plugin <= 0.9.51.12 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in codoc.Jp allows Stored XSS.This issue affects codoc: from n/a through 0.9.51.12...

7.1CVSS0.00354EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/12 12:25 p.m.56 views

CVE-2024-40917 memblock: make memblock_set_node() also warn about use of MAX_NUMNODES

In the Linux kernel, the following vulnerability has been resolved: memblock: make memblocksetnode also warn about use of MAXNUMNODES On an old x86 system with SRAT just covering space above 4Gb: ACPI: SRAT: Node 0 PXM 0 mem 0x100000000-0xfffffffff hotplug the commit referenced below leads to thi...

0.00264EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/07/11 5:3 p.m.56 views

CVE-2024-6484

...

Exploits0
Cvelist
Cvelist
added 2024/07/10 4:16 p.m.56 views

CVE-2024-4879 Jelly Template Injection Vulnerability in ServiceNow UI Macros

ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and Washington DC Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. ServiceNow applied an update to hosted...

9.8CVSS0.99976EPSS
Exploits8References3
Cvelist
Cvelist
added 2024/07/09 6:57 p.m.56 views

CVE-2024-39899 PrivateBin allows shortening of URLs for other domains

PrivateBin is an online pastebin where the server has zero knowledge of pasted data. In v1.5, PrivateBin introduced the YOURLS server-side proxy. The idea was to allow using the YOURLs URL shortener without running the YOURLs instance without authentication and/or exposing the authentication toke...

5.3CVSS0.00627EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/07/09 5:2 p.m.56 views

CVE-2024-35266 Azure DevOps Server Spoofing Vulnerability

...

7.6CVSS0.01582EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/09 5:2 p.m.56 views

CVE-2024-38060 Windows Imaging Component Remote Code Execution Vulnerability

...

8.8CVSS0.15908EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/07/09 5:2 p.m.56 views

CVE-2024-38023 Microsoft SharePoint Server Remote Code Execution Vulnerability

...

7.2CVSS0.529EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/07/08 5:27 p.m.56 views

CVE-2024-39896 Directus allows SSO User Enumeration

Directus is a real-time API and App dashboard for managing SQL database content. When relying on SSO providers in combination with local authentication it can be possible to enumerate existing SSO users in the instance. This is possible because if an email address exists in Directus and belongs t...

7.5CVSS0.00506EPSS
Exploits1References2
Total number of security vulnerabilities5000