Lucene search
K
CvelistMost viewed

364875 matches found

Cvelist
Cvelist
•added 2026/05/06 7:8 a.m.•54 views

CVE-2026-35254

Vulnerability in the Oracle OCI CLI product of Oracle Open Source Projects. The supported versions that is affected is 3.77. Easily exploitable vulnerability allows unauthenticated attacker with network access to compromise Oracle OCI CLI. Successful attacks of this vulnerability can result in...

6.1CVSS0.00146EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/05/05 6:35 p.m.•54 views

CVE-2026-27960 OpenCTI privilege escalation and unauthenticated access via default admin account

OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. In versions 6.6.0 through 6.9.12, there is a privilege escalation vulnerability that can be exploited by unauthenticated attackers to query the API as any existing user, including the default admi...

9.8CVSS0.0048EPSS
Exploits1References1
Cvelist
Cvelist
•added 2026/05/05 3:28 p.m.•54 views

CVE-2025-61669 jupyter_server next parameter open redirect can redirect users to external domains

Jupyter Server is the backend for Jupyter web applications. In jupyterserver versions through 2.17.0, the next query parameter in the login flow is insufficiently validated in LoginFormHandler.redirectsafe, which allows redirects to arbitrary external domains via values such as ///example.com. An...

6.3CVSS0.00265EPSS
Exploits1References1
Cvelist
Cvelist
•added 2026/05/05 7:49 a.m.•54 views

CVE-2026-43868 Apache Thrift: Rust implementation vulnerable to CVE-2020-13949 pattern

Memory Allocation with Excessive Size Value vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue...

0.00665EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/05/05 2:26 a.m.•54 views

CVE-2026-6704 Blog Settings <= 1.0 - Reflected Cross-Site Scripting via 'page' Parameter

The Blog Settings plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.0. This is due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary w...

6.1CVSS0.00211EPSS
Exploits0References4
Cvelist
Cvelist
•added 2026/05/05 2:26 a.m.•54 views

CVE-2026-4730 Charts Ninja: Create Beautiful Graphs & Charts and Easily Add Them to Your Website <= 2.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'chartid' Shortcode Attribute

The Charts Ninja: Create Beautiful Graphs & Charts and Easily Add Them to Your Website plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'chartid' shortcode attribute in all versions up to, and including, 2.1.0 due to insufficient input sanitization and output escaping. Th...

6.4CVSS0.00188EPSS
Exploits0References4
Cvelist
Cvelist
•added 2026/05/05 12:0 a.m.•54 views

CVE-2026-39103

Buffer Overflow vulnerability in GPAC before commit v391dc7f4d234988ea0bc3cc294eb725eddf8f702 allows an attacker to cause a denial of service via the src/scenegraph/svgattributes.c, svgparsestrings, gfsvgparseattribute...

0.00111EPSS
Exploits0References2
Cvelist
Cvelist
•added 2026/05/04 8:45 a.m.•54 views

CVE-2026-7749 Totolink N300RH POST Request cstecgi.cgi setWanConfig buffer overflow

A security vulnerability has been detected in Totolink N300RH 3.2.4-B20220812. This affects the function setWanConfig of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument priDns leads to buffer overflow. The attack may be initiated remotely. The...

9CVSS0.00563EPSS
Exploits0References5
Cvelist
Cvelist
•added 2026/05/04 3:0 a.m.•54 views

CVE-2026-7725 PrefectHQ prefect GitRepository Pull storage.py argument injection

A vulnerability was found in PrefectHQ prefect up to 3.6.25.dev6. Affected by this issue is some unknown functionality of the file src/prefect/runner/storage.py of the component GitRepository Pull Handler. The manipulation of the argument commitsha/directories results in argument injection. It is...

6.5CVSS0.00247EPSS
Exploits0References8
Cvelist
Cvelist
•added 2026/05/04 12:39 a.m.•54 views

CVE-2026-7161 GeoVision GV-IP Device Utility Device Authentication insufficient encryption vulnerability

An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device Utility 9.0.5. Listening to broadcast packets can lead to credentials leak. An attacker can listen to broadcast messages to trigger this vulnerability. When interacting with variou...

9.3CVSS0.00214EPSS
Exploits0References2
Cvelist
Cvelist
•added 2026/05/02 10:15 p.m.•54 views

CVE-2026-7670 Jinher OA UserSel.aspx sql injection

A flaw has been found in Jinher OA 1.0. The affected element is an unknown function of the file /C6/JHSoft.Web.PlanSummarize/UserSel.aspx. This manipulation of the argument DeptIDList causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may b...

7.5CVSS0.00259EPSS
Exploits0References4
Cvelist
Cvelist
•added 2026/04/27 8:46 p.m.•54 views

CVE-2026-3087 shutil.unpack_archive() doesn't check for Windows absolute paths in ZIPs

If shutil.unpackarchive is given a ZIP archive with an absolute Windows path containing a drive C:\... then the archive will be extracted outside the target directory which is different than other operating systems. Only Windows is affected by this vulnerability...

6CVSS0.00531EPSS
Exploits1References10
Cvelist
Cvelist
•added 2026/04/24 6:29 p.m.•54 views

CVE-2026-41492 Unauthenticated Admin Token Disclosure Leading to Authentication Bypass via /debug/vars in Dgraph

Dgraph is an open source distributed GraphQL database. Prior to 25.3.3, Dgraphl exposes the process command line through the unauthenticated /debug/vars endpoint on Alpha. Because the admin token is commonly supplied via the --security "token=..." startup flag, an unauthenticated attacker can...

9.8CVSS0.02187EPSS
Exploits1References2
Cvelist
Cvelist
•added 2026/04/14 4:57 p.m.•54 views

CVE-2026-33825 Microsoft Defender Elevation of Privilege Vulnerability

...

7.8CVSS0.06749EPSS
Exploits3References1
Cvelist
Cvelist
•added 2026/04/13 5:15 p.m.•54 views

CVE-2026-6100 Use-after-free in lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile after re-use under memory pressure

Use-after-free UAF was possible in the lzma.LZMADecompressor, bz2.BZ2Decompressor, and gzip.GzipFile when a memory allocation fails with a MemoryError and the decompression instance is re-used. This scenario can be triggered if the process is under memory pressure. The fix cleans up the dangling...

9.1CVSS0.00579EPSS
Exploits0References8
Cvelist
Cvelist
•added 2026/04/09 5:57 p.m.•54 views

CVE-2026-39911 Hashgraph Guardian 3.5.1 Unsandboxed JavaScript Execution RCE

Hashgraph Guardian through version 3.5.1, fixed in commit 45fbe2f, contains an unsandboxed JavaScript execution vulnerability in the Custom Logic policy block worker that allows authenticated Standard Registry users to execute arbitrary code by passing user-supplied JavaScript expressions directl...

8.8CVSS0.00545EPSS
Exploits0References3
Cvelist
Cvelist
•added 2026/04/07 7:50 a.m.•54 views

CVE-2026-34197 Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ: Authenticated users could perform RCE via Jolokia MBeans

Improper Input Validation, Improper Control of Generation of Code 'Code Injection' vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ. Apache ActiveMQ Classic exposes the Jolokia JMX-HTTP bridge at /api/jolokia/ on the web console. The default Jolokia access policy permits exec operations o...

0.96666EPSS
Exploits13References1
Cvelist
Cvelist
•added 2026/03/31 8:32 a.m.•54 views

CVE-2026-5201 Gdk-pixbuf: gdk-pixbuf: denial of service via heap-based buffer overflow when processing a specially crafted jpeg image

A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color component counts when processing a specially crafted JPEG image. A remote attacker can exploit this flaw without user interaction, for...

7.5CVSS0.01069EPSS
Exploits1References25
Cvelist
Cvelist
•added 2026/03/27 9:8 p.m.•54 views

CVE-2026-33939 Handlebars.js has Denial of Service via Malformed Decorator Syntax in Template Compilation

Handlebars provides the power necessary to let users build semantic templates. In versions 4.0.0 through 4.7.8, when a Handlebars template contains decorator syntax referencing an unregistered decorator e.g. n, the compiled template calls lookupPropertydecorators, "n", which returns undefined. Th...

7.5CVSS0.00616EPSS
Exploits1References3
Cvelist
Cvelist
•added 2026/03/20 10:23 p.m.•54 views

CVE-2026-33186 gRPC-Go has an authorization bypass via missing leading slash in :path

gRPC-Go is the Go language implementation of gRPC. Versions prior to 1.79.3 have an authorization bypass resulting from improper input validation of the HTTP/2 :path pseudo-header. The gRPC-Go server was too lenient in its routing logic, accepting requests where the :path omitted the mandatory...

9.1CVSS0.01557EPSS
Exploits1References1
Cvelist
Cvelist
•added 2026/03/20 4:52 a.m.•54 views

CVE-2026-33017 Langflow has Unauthenticated Remote Code Execution via Public Flow Build Endpoint

Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prior to 1.9.0, the POST /api/v1/buildpublictmp/flowid/flow endpoint allows building public flows without requiring authentication. When the optional data parameter is supplied, the endpoint uses...

9.3CVSS0.98191EPSS
Exploits20References3
Cvelist
Cvelist
•added 2026/03/06 9:11 a.m.•54 views

CVE-2026-3589 WooCommerce < 10.5.3 - Arbitrary Admin User Creation via CSRF

The WooCommerce WordPress plugin from versions 5.4.0 to 10.5.2 does not properly handle batch requests, which could allow unauthenticated users to make a logged in admin call non store/WC REST endpoints, and create arbitrary admin users via a CSRF attack for example...

0.00126EPSS
Exploits0References2
Cvelist
Cvelist
•added 2026/03/05 7:42 p.m.•54 views

CVE-2026-28343 CKEditor: Cross-site scripting (XSS) in the HTML Support package

CKEditor 5 is a modern JavaScript rich-text editor with an MVC architecture. Starting in version 29.0.0 and prior to version 47.6.0, a cross-site scripting XSS vulnerability has been discovered in the General HTML Support feature. This vulnerability could be triggered by inserting specially craft...

6.4CVSS0.00268EPSS
Exploits0References3
Cvelist
Cvelist
•added 2026/03/05 5:53 a.m.•54 views

CVE-2025-69411 WordPress ionCube tester plus plugin <= 1.3 - Arbitrary File Download vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Robert Seyfriedsberger ionCube tester plus ioncube-tester-plus allows Path Traversal.This issue affects ionCube tester plus: from n/a through = 1.3...

7.5CVSS0.01609EPSS
Exploits0References1
Cvelist
Cvelist
•added 2026/02/23 8:33 p.m.•54 views

CVE-2026-23693 ElementsKit Elementor Addons < 3.7.9 Unauthenticated Mailchimp REST Endpoint

ElementsKit Elementor Addons – Advanced Widgets & Templates Addons for Elementor elementskit-lite WordPress plugin versions prior to 3.7.9 expose the REST endpoint /wp-json/elementskit/v1/widget/mailchimp/subscribe without authentication. The endpoint accepts client-supplied Mailchimp API...

10CVSS0.00384EPSS
Exploits0References3
Cvelist
Cvelist
•added 2026/02/13 6:27 p.m.•54 views

CVE-2026-2441

Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

0.2202EPSS
Exploits12References2
Cvelist
Cvelist
•added 2026/02/13 1:29 p.m.•54 views

CVE-2026-23112 nvmet-tcp: add bounds checks in nvmet_tcp_build_pdu_iovec

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: add bounds checks in nvmettcpbuildpduiovec nvmettcpbuildpduiovec could walk past cmd-req.sg when a PDU length or offset exceeds sgcnt and then use bogus sg-length/offset values, leading to copytoiter GPF/KASAN. Guard...

9.8CVSS0.00399EPSS
Exploits0References7
Cvelist
Cvelist
•added 2026/01/29 9:33 p.m.•54 views

CVE-2026-1340

A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution...

9.8CVSS0.8404EPSS
Exploits6References1
Cvelist
Cvelist
•added 2026/01/06 3:52 p.m.•54 views

CVE-2020-36915 Adtec Digital SignEdje Digital Signage Player v2.08.28 Default Credentials

Adtec Digital SignEdje Digital Signage Player v2.08.28 contains multiple hardcoded default credentials that allow unauthenticated remote access to web, telnet, and SSH interfaces. Attackers can exploit these credentials to gain root-level access and execute system commands across multiple Adtec...

8.7CVSS0.0033EPSS
Exploits1References6
Cvelist
Cvelist
•added 2025/12/30 10:41 p.m.•54 views

CVE-2023-54327 Tinycontrol LAN Controller 1.58a Authentication Bypass via Admin Password Change

Tinycontrol LAN Controller 1.58a contains an authentication bypass vulnerability that allows unauthenticated attackers to change admin passwords through a crafted API request. Attackers can exploit the /stm.cgi endpoint with a specially crafted authentication parameter to disable access controls...

9.8CVSS0.00621EPSS
Exploits2References4
Cvelist
Cvelist
•added 2025/12/24 7:28 p.m.•54 views

CVE-2019-25257 LogicalDOC Enterprise 7.7.4 Authenticated Command Execution via Binary Path Manipulation

LogicalDOC Enterprise 7.7.4 contains multiple authenticated OS command execution vulnerabilities that allow attackers to manipulate binary paths when changing system settings. Attackers can exploit these vulnerabilities by modifying configuration parameters like antivirus.command,...

8.7CVSS0.0035EPSS
Exploits1References3
Cvelist
Cvelist
•added 2025/12/11 7:11 a.m.•54 views

CVE-2025-14512 Glib: integer overflow in glib gio attribute escaping causes heap buffer overflow

A flaw was found in glib. This vulnerability allows a heap buffer overflow and denial-of-service DoS via an integer overflow in GLib's GIO GLib Input/Output escapebytestring function when processing malicious file or remote filesystem attribute values...

6.5CVSS0.00524EPSS
Exploits0References21
Cvelist
Cvelist
•added 2025/10/27 5:29 p.m.•54 views

CVE-2025-55752 Apache Tomcat: Directory traversal via rewrite with possible RCE if PUT is enabled

Relative Path Traversal vulnerability in Apache Tomcat. The fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the possibility that, for rewrite rules that rewrite query parameters to the URL, an attacker could manipulate the...

0.66535EPSS
Exploits4References1
Cvelist
Cvelist
•added 2025/08/28 7:36 p.m.•54 views

CVE-2025-6203 Vault unauthenticated denial of service through complex json payload

A malicious user may submit a specially-crafted complex payload that otherwise meets the default request size limit which results in excessive memory and CPU consumption of Vault. This may lead to a timeout in Vault’s auditing subroutine, potentially resulting in the Vault server to become...

7.5CVSS0.00697EPSS
Exploits0References1
Cvelist
Cvelist
•added 2025/08/19 12:0 a.m.•54 views

CVE-2025-50579

A CORS misconfiguration in Nginx Proxy Manager v2.12.3 allows unauthorized domains to access sensitive data, particularly JWT tokens, due to improper validation of the Origin header. This misconfiguration enables attackers to intercept tokens using a simple browser script and exfiltrate them to a...

0.00356EPSS
Exploits0References2
Cvelist
Cvelist
•added 2025/06/17 6:20 p.m.•54 views

CVE-2025-34509 Sitecore XM and XP Hardcoded Credentials

Sitecore Experience Manager XM and Experience Platform XP versions 10.1 to 10.1.4 rev. 011974 PRE, all versions of 10.2, 10.3 to 10.3.3 rev. 011967 PRE, and 10.4 to 10.4.1 rev. 011941 PRE contain a hardcoded user account. Unauthenticated and remote attackers can use this account to access...

7.5CVSS0.39961EPSS
Exploits6References2
Cvelist
Cvelist
•added 2025/06/10 4:23 a.m.•54 views

CVE-2025-3076 Elementor Pro <= 3.29.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘buttontext’ parameter in all versions up to, and including, 3.29.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS0.00169EPSS
Exploits0References2
Cvelist
Cvelist
•added 2025/05/30 5:37 p.m.•54 views

CVE-2025-5054 Race Condition in Canonical Apport

Race condition in Canonical apport up to and including 2.32.0 allows a local attacker to leak sensitive information via PID-reuse by leveraging namespaces. When handling a crash, the function checkglobalpidandforward, which detects if the crashing process resided in a container, was being called...

4.7CVSS0.00668EPSS
Exploits2References3
Cvelist
Cvelist
•added 2025/05/29 3:18 p.m.•54 views

CVE-2025-48472 FreeScout Vulnerable to Insufficient Authorization

FreeScout is a free self-hosted help desk and shared mailbox. Prior to version 1.8.179, there is no check to ensure that the user is disabling notifications for the mailbox to which they already have access. Moreover, the code explicitly implements functionality that if the user does not have...

6.9CVSS0.00351EPSS
Exploits1References2
Cvelist
Cvelist
•added 2025/05/01 11:0 p.m.•54 views

CVE-2025-4182 PCMan FTP Server BELL Command buffer overflow

A vulnerability was found in PCMan FTP Server 2.0.7. It has been rated as critical. Affected by this issue is some unknown functionality of the component BELL Command Handler. The manipulation leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the...

7.5CVSS0.0062EPSS
Exploits1References4
Cvelist
Cvelist
•added 2025/05/01 6:42 p.m.•54 views

CVE-2025-35996 KUNBUS Revolution Pi Improper Neutralization of Server-Side Includes (SSI) Within a Web Page

KUNBUS PiCtory version 2.11.1 and earlier are vulnerable when an authenticated remote attacker crafts a special filename that can be stored by API endpoints. That filename is later transmitted to the client in order to show a list of configuration files. Due to a missing escape or sanitization, t...

9CVSS0.12107EPSS
Exploits0References2
Cvelist
Cvelist
•added 2025/04/30 2:54 p.m.•54 views

CVE-2025-32972 The lesscss script service allows cache clearing without programming right

XWiki is a generic wiki platform. In versions starting from 6.1-milestone-1 to before 15.10.12, from 16.0.0-rc-1 to before 16.4.3, and from 16.5.0-rc-1 to before 16.8.0-rc-1, the script API of the LESS compiler in XWiki is incorrectly checking for rights when calling the cache cleaning API, makin...

2.7CVSS0.00412EPSS
Exploits0References3
Cvelist
Cvelist
•added 2025/04/29 4:9 p.m.•54 views

CVE-2025-23179 Ribbon Communications - CWE-798: Use of Hard-coded Credentials

CWE-798: Use of Hard-coded Credentials...

5.5CVSS0.00157EPSS
Exploits0References1
Cvelist
Cvelist
•added 2025/04/24 8:23 a.m.•54 views

CVE-2025-3776 Verification SMS with TargetSMS <= 1.5 - Unauthenticated Limited Remote Code Execution

The Verification SMS with TargetSMS plugin for WordPress is vulnerable to limited Remote Code Execution in all versions up to, and including, 1.5 via the 'targetvrajaxhandler' function. This is due to a lack of validation on the type of function that can be called. This makes it possible for...

8.3CVSS0.00745EPSS
Exploits1References3
Cvelist
Cvelist
•added 2025/04/16 9:0 a.m.•54 views

CVE-2025-3678 PCMan FTP Server HELP Command buffer overflow

A vulnerability, which was classified as critical, has been found in PCMan FTP Server 2.0.7. This issue affects some unknown processing of the component HELP Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the...

7.5CVSS0.00658EPSS
Exploits1References4
Cvelist
Cvelist
•added 2025/04/08 8:4 p.m.•54 views

CVE-2025-22871 Request smuggling due to acceptance of invalid chunked data in net/http

The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext...

0.00778EPSS
Exploits0References4
Cvelist
Cvelist
•added 2025/04/08 5:23 p.m.•54 views

CVE-2025-29822 Microsoft OneNote Security Feature Bypass Vulnerability

...

7.8CVSS0.00783EPSS
Exploits0References1
Cvelist
Cvelist
•added 2025/03/14 8:31 p.m.•54 views

CVE-2025-2308 HDF5 Scale-Offset Filter H5Z__scaleoffset_decompress_one_byte heap-based overflow

A vulnerability, which was classified as critical, was found in HDF5 1.14.6. This affects the function H5Zscaleoffsetdecompressonebyte of the component Scale-Offset Filter. The manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed...

5.3CVSS0.00364EPSS
Exploits1References4
Cvelist
Cvelist
•added 2025/02/28 9:2 p.m.•54 views

CVE-2025-27413 PwnDoc Arbitrary File Write to RCE using Path Traversal in template update from backup templates.json

PwnDoc is a penetration test reporting application. Prior to version 1.2.0, the backup restore functionality allows an administrator to import raw data into the database, including Path Traversal ../ sequences. This is problematic for the template update functionality as it uses the path from the...

6.5CVSS0.01079EPSS
Exploits1References6
Cvelist
Cvelist
•added 2025/02/19 4:42 p.m.•54 views

CVE-2025-27089 Overlapping policies allow update to non-allowed fields in directus

Directus is a real-time API and App dashboard for managing SQL database content. In affected versions if there are two overlapping policies for the update action that allow access to different fields, instead of correctly checking access permissions against the item they apply for the user is...

5.4CVSS0.0022EPSS
Exploits0References2
Total number of security vulnerabilities5000