Lucene search
+L
CvelistMost viewed

367123 matches found

Cvelist
Cvelist
added 2026/05/07 6:14 p.m.57 views

CVE-2026-42214 Improper Control of Generation of Code ('Code Injection') in dail8859/NotepadNext

Notepad Next is a cross-platform, reimplementation of Notepad++. Prior to version 0.14, NotepadNext's detectLanguageFromExtension function interpolates a file's extension directly into a Lua script without sanitization. An attacker can craft a filename whose extension contains Lua code, which...

7.8CVSS0.00242EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/05/07 4:9 p.m.57 views

CVE-2026-7413 Persistent undocumented backdoor access in Yarbo robot

A hidden, persistent backdoor was found in Yarbo firmware v2.3.9 that provides remote, unauthenticated or weakly authenticated access to privileged functionality. The backdoor is undocumented, cannot be disabled via user-facing settings, and survives factory reset and ordinary firmware updates...

7.2CVSS0.00577EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/05/07 12:45 p.m.57 views

CVE-2026-8093 Memory safety bugs fixed in Firefox 150.0.2

Memory safety bugs present in Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150.0.2 and Thunderbird 150.0.2...

0.00323EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/06 6:57 p.m.57 views

CVE-2026-0300 PAN-OS: Unauthenticated user initiated Buffer Overflow Vulnerability in User-ID™ Authentication Portal

A buffer overflow vulnerability in the User-ID™ Authentication Portal aka Captive Portal service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets. T...

9.3CVSS0.32074EPSS
Exploits6References1
Cvelist
Cvelist
added 2026/05/06 3:46 p.m.57 views

CVE-2026-6787 Usage of a hard-coded cryptographic key in WatchGuard Agent allows inclusion of code into existing process

Use of Hard-coded Cryptographic Key vulnerability in WatchGuard Agent on Windows allows Inclusion of Code in Existing Process.This issue affects WatchGuard Agent: before 1.25.03.0000...

8.5CVSS0.00108EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/05 6:47 a.m.57 views

CVE-2026-40797 WordPress WebinarIgnition plugin <= 4.08.253 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Saleswonder LLC WebinarIgnition allows Blind SQL Injection. This issue affects WebinarIgnition: from n/a through 4.08.253...

9.3CVSS0.00339EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/05 2:26 a.m.57 views

CVE-2025-13618 Mentoring <= 1.2.8 - Unauthenticated Privilege Escalation in mentoring_process_registration

The Mentoring plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.2.8. This is due to the plugin not properly restricting the roles that users can register with in the mentoringprocessregistration function. This makes it possible for unauthenticated...

9.8CVSS0.00336EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/04 5:44 p.m.57 views

CVE-2026-41572 Note Mark: Unauthenticated read of notes and assets in soft-deleted public books

Note Mark is an open-source note-taking application. Prior to version 0.19.3, after a note-mark owner soft-deletes a public book, its notes and uploaded assets stay readable at /api/notes/id, /api/notes/id/content, the slug URL, and the asset endpoints. Unauthenticated callers who hold the note I...

5.3CVSS0.00194EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/04 8:30 a.m.57 views

CVE-2026-7748 Totolink N300RH POST Request cstecgi.cgi setUpgradeFW buffer overflow

A weakness has been identified in Totolink N300RH 3.2.4-B20220812. Affected by this issue is the function setUpgradeFW of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Executing a manipulation of the argument FileName can lead to buffer overflow. The attack can be launched...

9CVSS0.00463EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/04 2:0 a.m.57 views

CVE-2026-7721 Totolink WA300 cstecgi.cgi NTPSyncWithHost command injection

A security vulnerability has been detected in Totolink WA300 5.2cu.7112B20190227. This affects the function NTPSyncWithHost of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument hostTime leads to command injection. The attack can be executed remotely. The exploit has been disclosed...

6.5CVSS0.00916EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/03 1:30 p.m.57 views

CVE-2026-7698 Tiandy Easy7 Integrated Management Platform updateDbBackupInfo os command injection

A vulnerability was identified in Tiandy Easy7 Integrated Management Platform 7.17.0. Affected by this vulnerability is an unknown functionality of the file /Easy7/rest/systemInfo/updateDbBackupInfo. Such manipulation of the argument week leads to os command injection. The attack can be executed...

7.5CVSS0.01655EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/02 10:0 p.m.57 views

CVE-2026-7669 sgl-project SGLang HuggingFace Transformer hf_transformers_utils.py get_tokenizer code injection

A vulnerability was detected in sgl-project SGLang up to 0.5.9. Impacted is the function gettokenizer of the file python/sglang/srt/utils/hftransformersutils.py of the component HuggingFace Transformer Handler. The manipulation of the argument trustremotecode with the input False as part of Boole...

6.3CVSS0.00368EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/21 12:41 p.m.57 views

CVE-2026-6785 Memory safety bugs fixed in Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird ESR 140.10, Firefox 150 and Thunderbird 150

Memory safety bugs present in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This...

0.00513EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/04/21 1:30 a.m.57 views

CVE-2026-40244 OpenEXR has integer overflow in DWA setupChannelData planarUncRle pointer arithmetic (missed variant of CVE-2026-34589)

OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. In versions 3.4.0 through 3.4.9, 3.3.0 through 3.3.9, and 3.2.0 through 3.2.7, internaldwacompressor.h:1722 performs curc-width curc-height in int32...

8.4CVSS0.00427EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/31 9:50 p.m.57 views

CVE-2026-34605 SiYuan: Reflected XSS via SVG namespace prefix bypass in SanitizeSVG ( getDynamicIcon, unauthenticated )

SiYuan is a personal knowledge management system. From version 3.6.0 to before version 3.6.2, the SanitizeSVG function introduced in version 3.6.0 to fix XSS in the unauthenticated /api/icon/getDynamicIcon endpoint can be bypassed by using namespace-prefixed element names such as . The Go HTML5...

8.6CVSS0.00469EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/03/06 12:0 a.m.57 views

CVE-2025-69651

GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an invalid pointer free when processing a crafted ELF binary with malformed relocation or symbol data. If dumprelocations returns early due to parsing errors, the internal allrelocations array may remain partially uninitialized...

0.0024EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/03/06 12:0 a.m.57 views

CVE-2025-69652

GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an abort SIGABRT when processing a crafted ELF binary with malformed DWARF abbrev or debug information. Due to incomplete state cleanup in processdebuginfo, an invalid debuginfop state may propagate into DWARF attribute parsing...

0.00173EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/03/03 1:21 a.m.57 views

CVE-2026-2269 Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin <= 7.0.0.3 - Authenticated (Administrator+) Server-Side Request Forgery to Arbitrary File Upload

The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 7.0.0.3 via the downloadurl function. This makes it possible for authenticated attackers, with...

7.2CVSS0.00655EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/19 8:27 a.m.57 views

CVE-2026-25388 WordPress Ads Pro plugin <= 5.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in scripteo Ads Pro ap-plugin-scripteo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ads Pro: from n/a through = 5.0...

5.4CVSS0.00209EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/17 6:50 p.m.57 views

CVE-2026-24733 Apache Tomcat: Security constraint bypass with HTTP/0.9

Improper Input Validation vulnerability in Apache Tomcat. Tomcat did not limit HTTP/0.9 requests to the GET method. If a security constraint was configured to allow HEAD requests to a URI but deny GET requests, the user could bypass that constraint on GET requests by sending a specification inval...

0.00494EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/28 2:32 a.m.57 views

CVE-2026-1506 D-Link DIR-615 MAC Filter Configuration adv_mac_filter.php os command injection

A vulnerability was determined in D-Link DIR-615 4.10. Impacted is an unknown function of the file /advmacfilter.php of the component MAC Filter Configuration. This manipulation of the argument mac causes os command injection. The attack is possible to be carried out remotely. The exploit has bee...

8.6CVSS0.05071EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/01/13 10:51 p.m.57 views

CVE-2022-50912 ImpressCMS 1.4.4 - Unrestricted File Upload

ImpressCMS 1.4.4 contains a file upload vulnerability with weak extension sanitization that allows attackers to upload potentially malicious files. Attackers can bypass file upload restrictions by using alternative file extensions .php2.php6.php7.phps.pht to execute arbitrary PHP code on the serv...

9.8CVSS0.00983EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/12/30 12:11 p.m.57 views

CVE-2023-54234 scsi: mpi3mr: Fix missing mrioc->evtack_cmds initialization

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix missing mrioc-evtackcmds initialization Commit c1af985d27da "scsi: mpi3mr: Add Event acknowledgment logic" introduced an array mrioc-evtackcmds but initialization of the array elements was missed. They are just...

0.00166EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/04 4:8 p.m.57 views

CVE-2025-40252 net: qlogic/qede: fix potential out-of-bounds read in qede_tpa_cont() and qede_tpa_end()

In the Linux kernel, the following vulnerability has been resolved: net: qlogic/qede: fix potential out-of-bounds read in qedetpacont and qedetpaend The loops in 'qedetpacont' and 'qedetpaend', iterate over 'cqe-lenlist' using only a zero-length terminator as the stopping condition. If the...

0.00179EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/11/19 8:33 p.m.57 views

CVE-2025-47914 Malformed constraint may cause denial of service in golang.org/x/crypto/ssh/agent

SSH Agent servers do not validate the size of messages when processing new identity requests, which may cause the program to panic if the message is malformed due to an out of bounds read...

0.00517EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/08/28 7:36 p.m.57 views

CVE-2025-6203 Vault unauthenticated denial of service through complex json payload

A malicious user may submit a specially-crafted complex payload that otherwise meets the default request size limit which results in excessive memory and CPU consumption of Vault. This may lead to a timeout in Vault’s auditing subroutine, potentially resulting in the Vault server to become...

7.5CVSS0.00697EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/19 12:0 a.m.57 views

CVE-2025-50579

A CORS misconfiguration in Nginx Proxy Manager v2.12.3 allows unauthorized domains to access sensitive data, particularly JWT tokens, due to improper validation of the Origin header. This misconfiguration enables attackers to intercept tokens using a simple browser script and exfiltrate them to a...

0.00356EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/10 2:33 p.m.57 views

CVE-2024-34711 GeoServer has improper ENTITY_RESOLUTION_ALLOWLIST URI validation in XML Processing (SSRF)

GeoServer is an open source server that allows users to share and edit geospatial data. An improper URI validation vulnerability exists that enables an unauthorized attacker to perform XML External Entities XEE attack, then send GET request to any HTTP server. By default, GeoServer use...

9.3CVSS0.00262EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/10 4:23 a.m.57 views

CVE-2025-3076 Elementor Pro <= 3.29.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘buttontext’ parameter in all versions up to, and including, 3.29.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS0.00169EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/05/30 5:37 p.m.57 views

CVE-2025-5054 Race Condition in Canonical Apport

Race condition in Canonical apport up to and including 2.32.0 allows a local attacker to leak sensitive information via PID-reuse by leveraging namespaces. When handling a crash, the function checkglobalpidandforward, which detects if the crashing process resided in a container, was being called...

4.7CVSS0.00668EPSS
Exploits2References3
Cvelist
Cvelist
added 2025/05/19 7:28 p.m.57 views

CVE-2025-47949 samlify SAML Signature Wrapping attack

samlify is a Node.js library for SAML single sign-on. A Signature Wrapping attack has been found in samlify prior to version 2.10.0, allowing an attacker to forge a SAML Response to authenticate as any user. An attacker would need a signed XML document by the identity provider. Version 2.10.0 fix...

9.9CVSS0.00458EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/04/08 8:4 p.m.57 views

CVE-2025-22871 Request smuggling due to acceptance of invalid chunked data in net/http

The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext...

0.00778EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/02/19 4:42 p.m.57 views

CVE-2025-27089 Overlapping policies allow update to non-allowed fields in directus

Directus is a real-time API and App dashboard for managing SQL database content. In affected versions if there are two overlapping policies for the update action that allow access to different fields, instead of correctly checking access permissions against the item they apply for the user is...

5.4CVSS0.0022EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/02/05 5:31 p.m.57 views

CVE-2025-23419 TLS Session Resumption Vulnerability

When multiple server blocks are configured to share the same IP address and port, an attacker can use session resumption to bypass client certificate authentication requirements on these servers. This vulnerability arises when TLS Session Tickets...

5.3CVSS0.02646EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/14 7:57 p.m.57 views

CVE-2024-55894 TYPO3 Cross-Site Request Forgery in Backend User Module

TYPO3 is a free and open source Content Management Framework. A vulnerability has been identified in the backend user interface functionality involving deep links. Specifically, this functionality is susceptible to Cross-Site Request Forgery CSRF. Additionally, state-changing actions in downstrea...

4.3CVSS0.00239EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/01/10 3:29 p.m.57 views

CVE-2025-22599 WeGIA has a Cross-Site Scripting (XSS) Reflected endpoint `home.php` parameter `msg_c`

WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting XSS vulnerability was identified in the home.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the msgc parameter. This vulnerability is fixed in 3.2.8...

6.4CVSS0.004EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/01/04 1:41 p.m.57 views

CVE-2024-10957 UpdraftPlus: WP Backup & Migration Plugin 1.23.8 - 1.24.11 - Unauthenticated PHP Object Injection

The UpdraftPlus: WP Backup & Migration Plugin plugin for WordPress is vulnerable to PHP Object Injection in all versions from 1.23.8 to 1.24.11 via deserialization of untrusted input in the 'recursiveunserializedreplace' function. This makes it possible for unauthenticated attackers to inject a P...

8.8CVSS0.00712EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/12/18 12:44 p.m.57 views

CVE-2024-48889

An Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability CWE-78 in FortiManager version 7.6.0, version 7.4.4 and below, version 7.2.7 and below, version 7.0.12 and below, version 6.4.14 and below and FortiManager Cloud version 7.4.4 and below,...

7.2CVSS0.01684EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/16 8:2 p.m.57 views

CVE-2024-55949 Privilege escalation in IAM import API in MinIO

MinIO is a high-performance, S3 compatible object store, open sourced under GNU AGPLv3 license. Minio is subject to a privilege escalation in IAM import API, all users are impacted since MinIO commit 580d9db85e04f1b63cc2909af50f0ed08afa965f. This issue has been addressed in commit...

9.3CVSS0.00716EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/12/10 8:6 p.m.57 views

CVE-2024-49105 Remote Desktop Client Remote Code Execution Vulnerability

...

8.4CVSS0.01507EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/09 8:54 p.m.57 views

CVE-2024-54149 Winter CMS Modules allows a sandbox bypass in Twig templates leading to data modification and deletion

Winter is a free, open-source content management system CMS based on the Laravel PHP framework. Winter CMS prior to versions 1.2.7, 1.1.11, and 1.0.476 allow users with access to the CMS templates sections that modify Twig files to bypass the sandbox placed on Twig files and modify resources such...

8.4CVSS0.00405EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/12/09 12:0 a.m.57 views

CVE-2024-40582

Pentaminds CuroVMS v2.0.1 was discovered to contain exposed sensitive information...

0.00303EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/12/08 11:0 p.m.57 views

CVE-2024-12344 TP-Link VN020 F3v(T) FTP USER Command memory corruption

A vulnerability, which was classified as critical, was found in TP-Link VN020 F3vT TTV6.2.1021. This affects an unknown part of the component FTP USER Command Handler. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The exploit has been disclosed to th...

6.5CVSS0.01842EPSS
Exploits3References5
Cvelist
Cvelist
added 2024/11/20 2:32 p.m.57 views

CVE-2024-52471 WordPress Extensions for Elementor plugin <= 2.0.37 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in petesheppard84 Extensions for Elementor allows Reflected XSS.This issue affects Extensions for Elementor: from n/a through 2.0.37...

7.1CVSS0.00265EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/15 3:17 p.m.57 views

CVE-2024-49758 LibreNMS has a stored XSS in ExamplePlugin with Device's Notes

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. User with Admin role can add Notes to a device, the application did not properly sanitize the user input, when the ExamplePlugin enable, if java script code is inside the device's Notes, its will be trigger. This...

4.8CVSS0.00332EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/11/14 11:0 a.m.57 views

CVE-2024-10571 Chartify – WordPress Chart Plugin <= 2.9.5 - Unauthenticated Local File Inclusion via source

The Chartify – WordPress Chart Plugin plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.9.5 via the 'source' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the server, allowing the executio...

9.8CVSS0.04841EPSS
Exploits3References3
Cvelist
Cvelist
added 2024/11/13 12:0 a.m.57 views

CVE-2024-50854

Tenda G3 v3.0 v15.11.0.20 was discovered to contain a stack overflow via the formSetPortMapping function...

0.00531EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/10/29 11:20 a.m.57 views

CVE-2024-49665 WordPress Web Bricks Addons for Elementor plugin <= 1.1.1 - Stored Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Web Bricks Web Bricks Addons for Elementor allows Stored XSS.This issue affects Web Bricks Addons for Elementor: from n/a through 1.1.1...

6.5CVSS0.00263EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/15 3:56 p.m.57 views

CVE-2024-48913 Hono vulnerable to bypass of CSRF Middleware by a request without Content-Type header.

Hono, a web framework, prior to version 4.6.5 is vulnerable to bypass of cross-site request forgery CSRF middleware by a request without Content-Type header. Although the CSRF middleware verifies the Content-Type Header, Hono always considers a request without a Content-Type header to be safe. Th...

5.9CVSS0.00304EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/10/01 7:30 a.m.57 views

CVE-2024-7432 Unseen Blog <= 1.0.0 - Authenticated (Contributor+) PHP Object Injection

The Unseen Blog theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.0.0 via deserialization of untrusted input. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject a PHP Object. No known POP chain is...

8.8CVSS0.00624EPSS
Exploits0References2
Total number of security vulnerabilities5000