Lucene search
K
CvelistMost viewed

365140 matches found

cvelist
cvelist
•added 2023/06/07 1:51 a.m.•56 views

CVE-2020-36708 Epsilon Framework Themes (Various Versions) - Function Injection

The following themes for WordPress are vulnerable to Function Injections in versions up to and including Shapely = 1.2.7, NewsMag = 2.4.1, Activello = 1.4.0, Illdy = 2.1.4, Allegiant = 1.2.2, Newspaper X = 1.3.1, Pixova Lite = 2.0.5, Brilliance = 1.2.7, MedZone Lite = 1.2.4, Regina Lite = 2.0.4,...

9.8CVSS9.9AI score0.65342EPSS
Exploits1References5
cvelist
cvelist
•added 2023/05/10 12:0 a.m.•56 views

CVE-2023-25568 Boxo bitswap/server: DOS unbounded persistent memory leak

Boxo, formerly known as go-libipfs, is a library for building IPFS applications and implementations. In versions 0.4.0 and 0.5.0, if an attacker is able allocate arbitrary many bytes in the Bitswap server, those allocations are lasting even if the connection is closed. This affects users acceptin...

8.2CVSS8.3AI score0.00863EPSS
Exploits0References4
cvelist
cvelist
•added 2023/05/09 5:3 p.m.•56 views

CVE-2023-29335 Microsoft Word Security Feature Bypass Vulnerability

...

7.5CVSS7.7AI score0.01164EPSS
Exploits0References1
cvelist
cvelist
•added 2023/05/08 8:5 p.m.•56 views

CVE-2023-31127 DMTF-2023-0001: SPDM mutual authentication bypass

libspdm is a sample implementation that follows the DMTF SPDM specifications. A vulnerability has been identified in SPDM session establishment in libspdm prior to version 2.3.1. If a device supports both DHE session and PSK session with mutual authentication, the attacker may be able to establis...

9CVSS9.4AI score0.00943EPSS
Exploits0References3
cvelist
cvelist
•added 2023/04/27 12:0 a.m.•56 views

CVE-2023-29471

Lightbend Alpakka Kafka before 5.0.0 logs its configuration as debug information, and thus log files may contain credentials if plain cleartext login is configured. This occurs in akka.kafka.internal.KafkaConsumerActor...

5.7AI score0.00152EPSS
Exploits0References2
cvelist
cvelist
•added 2023/04/23 10:47 a.m.•56 views

CVE-2023-27425 WordPress Electric Studio Client Login Plugin <= 0.8.1 is vulnerable to Cross Site Scripting (XSS)

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in James Irving-Swift Electric Studio Client Login plugin = 0.8.1 versions...

5.9CVSS5.5AI score0.00369EPSS
Exploits0References1
cvelist
cvelist
•added 2023/04/13 12:0 a.m.•56 views

CVE-2023-30630

Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance because, for example, execution of Dmidecode via Sudo is plausible. NOTE: Some third parties have indicated the fix in 3.5 does not adequately address the vulnerability. The argument is that the proposed...

7.2AI score0.00523EPSS
Exploits1References4
cvelist
cvelist
•added 2023/04/11 7:13 p.m.•56 views

CVE-2023-24883 Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

...

6.5CVSS8.1AI score0.01461EPSS
Exploits0References1
cvelist
cvelist
•added 2023/04/06 4:36 p.m.•56 views

CVE-2023-29008 SvelteKit framework has Insufficient CSRF protection for CORS requests

The SvelteKit framework offers developers an option to create simple REST APIs. This is done by defining a +server.js file, containing endpoint handlers for different HTTP methods. SvelteKit provides out-of-the-box cross-site request forgery CSRF protection to its users. The protection is...

8.8CVSS9.2AI score0.00373EPSS
Exploits1References2
cvelist
cvelist
•added 2023/03/20 8:16 p.m.•57 views

CVE-2022-43663

An integer conversion vulnerability exists in the SORBAx64.dll RecvPacket functionality of WellinTech KingHistorian 35.01.00.05. A specially crafted network packet can lead to a buffer overflow. An attacker can send a malicious packet to trigger this vulnerability...

8.1CVSS9.7AI score0.14039EPSS
Exploits1References1
cvelist
cvelist
•added 2023/03/18 9:31 p.m.•56 views

CVE-2023-1489 Lespeed WiseCleaner Wise System Monitor IoControlCode WiseHDInfo64.dll 0x9C402088 access control

A vulnerability has been found in Lespeed WiseCleaner Wise System Monitor 1.5.3.54 and classified as critical. Affected by this vulnerability is the function 0x9C402088 in the library WiseHDInfo64.dll of the component IoControlCode Handler. The manipulation leads to improper access controls. The...

7.8CVSS7.9AI score0.00527EPSS
Exploits1References4
cvelist
cvelist
•added 2023/03/14 2:46 p.m.•56 views

CVE-2023-1299 Nomad Job Submitter Privilege Escalation Using Workload Identity

HashiCorp Nomad and Nomad Enterprise 1.5.0 allow a job submitter to escalate to management-level privileges using workload identity and task API. Fixed in 1.5.1...

7.4CVSS9AI score0.00532EPSS
Exploits0References1
cvelist
cvelist
•added 2023/02/07 6:14 p.m.•56 views

CVE-2023-24814 Persisted Cross-Site Scripting in Frontend Rendering in typo3

TYPO3 is a free and open source Content Management Framework released under the GNU General Public License. In affected versions the TYPO3 core component GeneralUtility::getIndpEnv uses the unfiltered server environment variable PATHINFO, which allows attackers to inject malicious content. In...

8.8CVSS8.4AI score0.00831EPSS
Exploits1References7
cvelist
cvelist
•added 2023/02/07 6:5 p.m.•56 views

CVE-2023-24813 URI validation failure on SVG parsing. Bypass of CVE-2023-23924

Dompdf is an HTML to PDF converter written in php. Due to the difference in the attribute parser of Dompdf and php-svg-lib, an attacker can still call arbitrary URLs with arbitrary protocols. Dompdf parses the href attribute of image tags and respects xlink:href even if href is specified. However...

10CVSS9.8AI score0.03572EPSS
Exploits3References2
cvelist
cvelist
•added 2023/02/06 12:0 a.m.•56 views

CVE-2022-48085

Softr v2.0 was discovered to contain a HTML injection vulnerability via the Work Space Name parameter...

5.9AI score0.00591EPSS
Exploits1References3
cvelist
cvelist
•added 2023/01/16 10:14 a.m.•56 views

CVE-2022-41703 Apache Superset: SQL injection vulnerability in adhoc clauses

A vulnerability in the SQL Alchemy connector of Apache Superset allows an authenticated user with read access to a specific database to add subqueries to the WHERE and HAVING fields referencing tables on the same database that the user should not have access to, despite the user having the featur...

5.7AI score0.01194EPSS
Exploits0References1
cvelist
cvelist
•added 2023/01/10 12:0 a.m.•56 views

CVE-2023-21524 Windows Local Security Authority (LSA) Elevation of Privilege Vulnerability

...

7.8CVSS8.3AI score0.004EPSS
Exploits0References1
cvelist
cvelist
•added 2022/12/24 12:0 a.m.•56 views

CVE-2022-4730 Graphite Web Absolute Time Range cross site scripting

A vulnerability was found in Graphite Web. It has been classified as problematic. Affected is an unknown function of the component Absolute Time Range Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the publi...

3.5CVSS5.7AI score0.00765EPSS
Exploits1References4
cvelist
cvelist
•added 2022/12/23 8:50 p.m.•56 views

CVE-2022-23854

AVEVA InTouch Access Anywhere versions 2020 R2 and older are vulnerable to a path traversal exploit that could allow an unauthenticated user with network access to read files on the system outside of the secure gateway web server...

7.5CVSS7.8AI score0.45957EPSS
Exploits5References3
cvelist
cvelist
•added 2022/12/15 12:43 a.m.•56 views

CVE-2022-23526 Helm contains Denial of service through schema file

Helm is a tool for managing Charts, pre-configured Kubernetes resources. Versions prior to 3.10.3 are subject to NULL Pointer Dereference in thechartutil package that can cause a segmentation violation. The chartutil package contains a parser that loads a JSON Schema validation file. For example,...

5.3CVSS8.4AI score0.00818EPSS
Exploits0References2
cvelist
cvelist
•added 2022/12/09 10:12 p.m.•56 views

CVE-2022-23510 SQl injection in cube-js

cube-js is a headless business intelligence platform. In version 0.31.23 all authenticated Cube clients could bypass SQL row-level security and run arbitrary SQL via the newly introduced /v1/sql-runner endpoint. This issue has been resolved in version 0.31.24. Users are advised to either upgrade ...

9.6CVSS9.7AI score0.00898EPSS
Exploits0References3
cvelist
cvelist
•added 2022/12/05 12:0 a.m.•56 views

CVE-2022-32224

A possible escalation to RCE vulnerability exists when using YAML serialized columns in Active Record 7.0.3.1, 6.1.6.1, 6.0.5.1 and 5.2.8.1 which could allow an attacker, that can manipulate data in the database via means like SQL injection, the ability to escalate to an RCE...

9.9AI score0.02386EPSS
Exploits1References2
cvelist
cvelist
•added 2022/11/18 12:0 a.m.•56 views

CVE-2022-41901 `CHECK_EQ` fail via input in `SparseMatrixNNZ` in Tensorflow

TensorFlow is an open source platform for machine learning. An input sparsematrix that is not a matrix with a shape with rank 0 will trigger a CHECK fail in tf.rawops.SparseMatrixNNZ. We have patched the issue in GitHub commit f856d02e5322821aad155dad9b3acab1e9f5d693. The fix will be included in...

4.8CVSS7.7AI score0.0044EPSS
Exploits1References3
cvelist
cvelist
•added 2022/10/19 9:20 p.m.•56 views

CVE-2022-41741 NGINX ngx_http_mp4_module vulnerability CVE-2022-41741

NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngxhttpmp4module that might allow a local attacker to corrupt NGINX worker memory, resulting in...

7CVSS7.8AI score0.00756EPSS
Exploits2References7
cvelist
cvelist
•added 2022/09/29 6:10 p.m.•56 views

CVE-2022-39266 isolated-vm has vulnerable CachedDataOptions in API

isolated-vm is a library for nodejs which gives the user access to v8's Isolate interface. In versions 4.3.6 and prior, if the untrusted v8 cached data is passed to the API through CachedDataOptions, attackers can bypass the sandbox and run arbitrary code in the nodejs process. Version 4.3.7...

9.6CVSS9.9AI score0.01076EPSS
Exploits0References4
cvelist
cvelist
•added 2022/09/23 6:28 p.m.•56 views

CVE-2022-32226

An improper access control vulnerability exists in Rocket.Chat v5, v4.8.2 and v4.7.5 due to input data in the getUsersOfRoom Meteor server method is not type validated, so that MongoDB query operator objects are accepted by the server, so that instead of a matching rid String a$regex query can be...

4.9AI score0.00658EPSS
Exploits1References1
cvelist
cvelist
•added 2022/09/21 11:35 p.m.•56 views

CVE-2022-39975

The Layout module in Liferay Portal v7.3.3 through v7.4.3.34, and Liferay DXP 7.3 before update 10, and 7.4 before update 35 does not check user permission before showing the preview of a "Content Page" type page, allowing attackers to view unpublished "Content Page" pages via URL manipulation...

4.8AI score0.00466EPSS
Exploits0References1
cvelist
cvelist
•added 2022/09/21 3:46 p.m.•56 views

CVE-2022-41249

A cross-site request forgery CSRF vulnerability in Jenkins SCM HttpClient Plugin 1.5 and earlier allows attackers to connect to an attacker-specified HTTP server using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins...

8.9AI score0.0039EPSS
Exploits0References2
cvelist
cvelist
•added 2022/09/13 6:10 p.m.•56 views

CVE-2022-39202 IRC mode parameter confusion in matrix-appservice-irc

matrix-appservice-irc is an open source Node.js IRC bridge for Matrix. The Internet Relay Chat IRC protocol allows you to specify multiple modes in a single mode command. Due to a bug in the underlying matrix-org/node-irc library, affected versions of matrix-appservice-irc perform parsing of such...

4.3CVSS6.7AI score0.00681EPSS
Exploits0References3
cvelist
cvelist
•added 2022/09/13 4:55 p.m.•56 views

CVE-2022-36020 Bypass of Cross-Site Scripting Protection in typo3/html-sanitizer

The typo3/html-sanitizer package is an HTML sanitizer, written in PHP, aiming to provide XSS-safe markup based on explicitly allowed tags, attributes and values. Due to a parsing issue in the upstream package masterminds/html5, malicious markup used in a sequence with special HTML comments cannot...

6.1CVSS6.1AI score0.00633EPSS
Exploits0References4
cvelist
cvelist
•added 2022/07/14 2:56 p.m.•56 views

CVE-2022-29593

relaycgi.cgi on Dingtian DT-R002 2CH relay devices with firmware 3.1.276A allows an attacker to replay HTTP post requests without the need for authentication or a valid signed/authorized request...

6.1AI score0.12907EPSS
Exploits5References3
cvelist
cvelist
•added 2022/04/19 8:37 p.m.•56 views

CVE-2022-21445

...

9.8CVSS9.5AI score0.62478EPSS
Exploits1References1
cvelist
cvelist
•added 2022/04/15 7:5 p.m.•57 views

CVE-2022-26832 .NET Framework Denial of Service Vulnerability

...

7.5CVSS7.8AI score0.0328EPSS
Exploits0References1
cvelist
cvelist
•added 2022/03/08 12:0 a.m.•56 views

CVE-2022-24716 Path traversal in Icinga Web 2

Icinga Web 2 is an open source monitoring web interface, framework and command-line interface. Unauthenticated users can leak the contents of files of the local system accessible to the web-server user, including icingaweb2 configuration files with database credentials. This issue has been resolv...

7.5CVSS7.6AI score0.89378EPSS
Exploits8References4
cvelist
cvelist
•added 2022/03/01 12:0 a.m.•56 views

CVE-2022-24720 Improper Input Validation in image_processing

imageprocessing is an image processing wrapper for libvips and ImageMagick/GraphicsMagick. Prior to version 1.12.2, using the apply method from imageprocessing to apply a series of operations that are coming from unsanitized user input allows the attacker to execute shell commands. This method is...

9.8CVSS9.7AI score0.02595EPSS
Exploits1References3
cvelist
cvelist
•added 2022/02/28 9:6 a.m.•56 views

CVE-2022-0377 LearnPress < 4.1.5 - Arbitrary Image Renaming

Users of the LearnPress WordPress plugin before 4.1.5 can upload an image as a profile avatar after the registration. After this process the user crops and saves the image. Then a "POST" request that contains user supplied name of the image is sent to the server for renaming and cropping of the...

5AI score0.03205EPSS
Exploits5References3
cvelist
cvelist
•added 2022/02/08 10:0 p.m.•56 views

CVE-2022-0524 Business Logic Errors in publify/publify

Business Logic Errors in GitHub repository publify/publify prior to 9.2.7...

6.5CVSS7.8AI score0.01567EPSS
Exploits1References2
cvelist
cvelist
•added 2022/02/04 10:32 p.m.•56 views

CVE-2022-23584 Use after free in `DecodePng` in Tensorflow

Tensorflow is an Open Source Machine Learning Framework. A malicious user can cause a use after free behavior when decoding PNG images. After png::CommonFreeDecode&decode gets called, the values of decode.width and decode.height are in an unspecified state. The fix will be included in TensorFlow...

7.6CVSS7.8AI score0.00725EPSS
Exploits1References3
cvelist
cvelist
•added 2021/12/26 9:48 p.m.•56 views

CVE-2021-45707

An issue was discovered in the nix crate 0.16.0 and later before 0.20.2, 0.21.x before 0.21.2, and 0.22.x before 0.22.2 for Rust. unistd::getgrouplist has an out-of-bounds write if a user is in more than 16 /etc/groups groups...

9.8AI score0.0165EPSS
Exploits0References3
cvelist
cvelist
•added 2021/12/22 6:6 p.m.•56 views

CVE-2021-21894

A directory traversal vulnerability exists in the Web Manager FsTFtp functionality of Lantronix PremierWave 2050 8.9.0.0R4 in QEMU. A specially crafted HTTP request can lead to arbitrary file overwrite FsTFtp file disclosure. An attacker can make an authenticated HTTP request to trigger this...

9.1CVSS9.2AI score0.02399EPSS
Exploits1References1
cvelist
cvelist
•added 2021/12/03 8:5 p.m.•56 views

CVE-2021-23758 Deserialization of Untrusted Data

All versions of package ajaxpro.2 are vulnerable to Deserialization of Untrusted Data due to the possibility of deserialization of arbitrary .NET classes, which can be abused to gain remote code execution...

8.1CVSS10AI score0.88768EPSS
Exploits2References3
cvelist
cvelist
•added 2021/11/23 11:55 p.m.•56 views

CVE-2021-43780 Server-Side Request Forgery (SSRF) in Redash

Redash is a package for data visualization and sharing. In versions 10.0 and priorm the implementation of URL-loading data sources like JSON, CSV, or Excel is vulnerable to advanced methods of Server Side Request Forgery SSRF. These vulnerabilities are only exploitable on installations where a...

6.8CVSS9.2AI score0.01005EPSS
Exploits0References2
cvelist
cvelist
•added 2021/11/08 3:24 a.m.•56 views

CVE-2021-31599

An issue was discovered in Hitachi Vantara Pentaho through 9.1 and Pentaho Business Intelligence Server through 7.x. A reports .prpt file allows the inclusion of BeanShell scripts to ease the production of complex reports. An authenticated user can run arbitrary code...

8.8CVSS8.8AI score0.02266EPSS
Exploits3References2
cvelist
cvelist
•added 2021/09/20 5:30 p.m.•56 views

CVE-2021-32838 Regular Expression Denial of Service in flask-restx

Flask-RESTX pypi package flask-restx is a community driven fork of Flask-RESTPlus. Flask-RESTX before version 0.5.1 is vulnerable to ReDoS Regular Expression Denial of Service in emailregex. This is fixed in version 0.5.1...

7.5CVSS7.6AI score0.01804EPSS
Exploits0References7
cvelist
cvelist
•added 2021/08/12 10:25 p.m.•56 views

CVE-2021-37691 Division by zero in LSH in TensorFlow Lite

TensorFlow is an end-to-end open source platform for machine learning. In affected versions an attacker can craft a TFLite model that would trigger a division by zero error in LSH implementation. We have patched the issue in GitHub commit 0575b640091680cfb70f4dd93e70658de43b94f9. The fix will be...

5.5CVSS6.1AI score0.00152EPSS
Exploits0References2
cvelist
cvelist
•added 2021/07/14 1:44 p.m.•56 views

CVE-2021-33212

A Cross-site scripting XSS vulnerability in the "View in Browser" feature in Elements-IT HTTP Commander 5.3.3 allows remote authenticated users to inject arbitrary web script or HTML via a crafted SVG image...

5.3AI score0.00745EPSS
Exploits1References2
cvelist
cvelist
•added 2021/06/21 12:0 a.m.•56 views

CVE-2021-29063

A Regular Expression Denial of Service ReDOS vulnerability was discovered in Mpmath v1.0.0 through v1.2.1 when the mpmathify function is called...

7.6AI score0.041EPSS
Exploits1References9
cvelist
cvelist
•added 2021/06/17 10:40 p.m.•56 views

CVE-2021-32693 Authentication granted with multiple firewalls

Symfony is a PHP framework for web and console applications and a set of reusable PHP components. A vulnerability related to firewall authentication is in Symfony starting with version 5.3.0 and prior to 5.3.2. When an application defines multiple firewalls, the token authenticated by one of the...

6.8CVSS8.9AI score0.01388EPSS
Exploits0References4
cvelist
cvelist
•added 2021/06/17 9:15 p.m.•56 views

CVE-2021-32694 Malicious Android application can crash the Nextcloud Android Client

Nextcloud Android app is the Android client for Nextcloud. In versions prior to 3.15.1, a malicious application on the same device is possible to crash the Nextcloud Android Client due to an uncaught exception. The vulnerability is patched in version 3.15.1...

4.1CVSS5.5AI score0.00967EPSS
Exploits1References3
cvelist
cvelist
•added 2021/06/02 11:52 a.m.•56 views

CVE-2020-14335

A flaw was found in Red Hat Satellite, which allows a privileged attacker to read OMAPI secrets through the ISC DHCP of Smart-Proxy. This flaw allows an attacker to gain control of DHCP records from the network. The highest threat from this vulnerability is to system availability...

5.8AI score0.00249EPSS
Exploits0References1
Total number of security vulnerabilities5000