Lucene search
+L
CvelistMost viewed

367067 matches found

Cvelist
Cvelist
added 2024/11/04 10:4 a.m.56 views

CVE-2024-33033 Use After Free in ComputerVision

Memory corruption while processing IOCTL calls to unmap the buffers...

6.7CVSS0.00102EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/26 1:58 a.m.56 views

CVE-2024-9933 WatchTowerHQ <= 3.10.1 - Authentication Bypass to Administrator due to Missing Empty Value Check

The WatchTowerHQ plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 3.10.1. This is due to the 'watchtowerotatoken' default value is empty, and the not empty check is missing in the 'PasswordLessAccess::login' function. This makes it possible for...

9.8CVSS0.01935EPSS
Exploits2References3
Cvelist
Cvelist
added 2024/10/18 5:39 a.m.56 views

CVE-2024-38820 CVE-2024-38820: Spring Framework DataBinder Case Sensitive Match Exception

The fix for CVE-2022-22968 made disallowedFields patterns in DataBinder case insensitive. However, String.toLowerCase has some Locale dependent exceptions that could potentially result in fields not protected as expected...

3.1CVSS0.00631EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/10/16 7:55 a.m.56 views

CVE-2024-45219 Apache CloudStack: Uploaded and registered templates and volumes can be used to abuse KVM-based infrastructure

Account users in Apache CloudStack by default are allowed to upload and register templates for deploying instances and volumes for attaching them as data disks to their existing instances. Due to missing validation checks for KVM-compatible templates or volumes in CloudStack 4.0.0 through 4.18.2....

8.5CVSS0.01229EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/10/02 4:55 p.m.56 views

CVE-2024-20490 Cisco Nexus Dashboard Fabric Controller and Nexus Dashboard Orchestrator Information Disclosure Vulnerability

A vulnerability in a logging function of Cisco Nexus Dashboard Fabric Controller NDFC and Cisco Nexus Dashboard Orchestrator NDO could allow an attacker with access to a tech support file to view sensitive information. This vulnerability exists because HTTP proxy credentials could be recorded in ...

6.3CVSS0.00277EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/02 4:53 p.m.56 views

CVE-2024-20393 Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers Privilege Escalation Vulnerability

A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to elevate privileges on an affected device. This vulnerability exists because the web-based management interfa...

8.8CVSS0.00585EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/09/30 8:51 a.m.56 views

CVE-2024-45772 Apache Lucene Replicator: Security Vulnerability in Lucene Replicator - Deserialization Issue

Deserialization of Untrusted Data vulnerability in Apache Lucene Replicator. This issue affects Apache Lucene's replicator module: from 4.4.0 before 9.12.0. The deprecated org.apache.lucene.replicator.http package is affected. The org.apache.lucene.replicator.nrt package is not affected. Users ar...

5.1CVSS0.00582EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/09/14 7:31 p.m.56 views

CVE-2024-8862 h2oai h2o-3 JDBC Connection 1 getConnectionSafe deserialization

A vulnerability, which was classified as critical, has been found in h2oai h2o-3 3.46.0.4. This issue affects the function getConnectionSafe of the file /dtale/chart-data/1 of the component JDBC Connection Handler. The manipulation of the argument query leads to deserialization. The attack may be...

7.5CVSS0.01328EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/09/02 4:13 p.m.56 views

CVE-2024-42471 Arbitrary File Write via artifact extraction in actions/artifact

actions/artifact is the GitHub ToolKit for developing GitHub Actions. Versions of actions/artifact on the 2.x branch before 2.1.2 are vulnerable to arbitrary file write when using downloadArtifactInternal, downloadArtifactPublic, or streamExtractExternal for extracting a specifically crafted...

7.3CVSS0.03037EPSS
Exploits4References3
Cvelist
Cvelist
added 2024/08/28 6:28 a.m.56 views

CVE-2021-38120 Remote Code Execution using Bash command Injection in backup scheduling functionality in NetIQ Advance Authentication

A vulnerability identified in Advance Authentication that allows bash command Injection in administrative controlled functionality of backup due to improper handling in provided command parameters. This issue affects NetIQ Advance Authentication version before 6.3.5.1...

5.1CVSS0.00518EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/14 3:7 p.m.56 views

CVE-2024-39383 PoC sample of unknown vulnerability detected by EXPMON system

Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must op...

7.8CVSS0.02762EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/09 5:8 p.m.56 views

CVE-2023-31315

Improper validation in a model specific register MSR could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution...

7.5CVSS0.00622EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/08/08 2:44 p.m.56 views

CVE-2024-42354 Shopware vulnerable to Improper Access Control with ManyToMany associations in store-api

Shopware is an open commerce platform. The store-API works with regular entities and not expose all fields for the public API; fields need to be marked as ApiAware in the EntityDefinition. So only ApiAware fields of the EntityDefinition will be encoded to the final JSON. Prior to versions 6.6.5.1...

5.3CVSS0.00404EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/08/07 8:14 a.m.56 views

CVE-2024-5290

An issue was discovered in Ubuntu wpasupplicant that resulted in loading of arbitrary shared objects, which allows a local unprivileged attacker to escalate privileges to the user that wpasupplicant runs as usually root. Membership in the netdev group or access to the dbus interface of...

8.8CVSS0.00652EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/07/29 4:26 p.m.56 views

CVE-2024-42090 pinctrl: fix deadlock in create_pinctrl() when handling -EPROBE_DEFER

In the Linux kernel, the following vulnerability has been resolved: pinctrl: fix deadlock in createpinctrl when handling -EPROBEDEFER In createpinctrl, pinctrlmapsmutex is acquired before calling addsetting. If addsetting returns -EPROBEDEFER, createpinctrl calls pinctrlfree. However, pinctrlfree...

0.00189EPSS
Exploits0References8
Cvelist
Cvelist
added 2024/07/29 6:18 a.m.56 views

CVE-2024-41091 tun: add missing verification for short frame

In the Linux kernel, the following vulnerability has been resolved: tun: add missing verification for short frame The cited commit missed to check against the validity of the frame length in the tunxdpone path, which could cause a corrupted skb to be sent downstack. Even before the skb is...

0.00254EPSS
Exploits0References8
Cvelist
Cvelist
added 2024/07/18 8:33 a.m.56 views

CVE-2024-3242 Brizy – Page Builder <= 2.4.44 - Authenticated (Contributor+) Arbitrary File Upload

The Brizy – Page Builder plugin for WordPress is vulnerable to arbitrary file uploads due to missing file extension validation in the validateImageContent function called via storeImages in all versions up to, and including, 2.4.43. This makes it possible for authenticated attackers, with...

8.8CVSS0.00963EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/07/18 2:3 a.m.56 views

CVE-2024-6599 Meks Video Importer <= 1.0.12 - Missing Authorization to Authenticated (Subscriber+) API Keys Modification

The Meks Video Importer plugin for WordPress is vulnerable to unauthorized API key modification due to a missing capability check on the ajaxsavesettings function in all versions up to, and including, 1.0.12. This makes it possible for authenticated attackers, with Subscriber-level access and...

4.3CVSS0.00325EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/07/15 7:38 p.m.56 views

CVE-2024-39912 Enumeration of valid usernames in web-auth/webauthn-lib

web-auth/webauthn-lib is an open source set of PHP libraries and a Symfony bundle to allow developers to integrate that authentication mechanism into their web applications. The ProfileBasedRequestOptionsBuilder method returns allowedCredentials without any credentials if no username was found...

5.3CVSS0.00394EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/07/12 2:46 p.m.56 views

CVE-2024-39914 FOG has a command injection in /fog/management/export.php?filename=

FOG is a cloning/imaging/rescue suite/inventory management system. Prior to 1.5.10.34, packages/web/lib/fog/reportmaker.class.php in FOG was affected by a command injection via the filename parameter to /fog/management/export.php. This vulnerability is fixed in 1.5.10.34...

9.8CVSS0.23414EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/07/12 2:34 p.m.56 views

CVE-2024-39909 SQL Injection in the KubeClarity REST API

KubeClarity is a tool for detection and management of Software Bill Of Materials SBOM and vulnerabilities of container images and filesystems. A time/boolean SQL Injection is present in the following resource /api/applicationResources via the following parameter packageID. As it can be seen in...

6.5CVSS0.00443EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/07/07 3:22 p.m.56 views

CVE-2024-6229 Stored XSS in stangirard/quivr

A stored cross-site scripting XSS vulnerability exists in the 'Upload Knowledge' feature of stangirard/quivr, affecting the latest version. Users can upload files via URL, which allows the insertion of malicious JavaScript payloads. These payloads are stored on the server and executed whenever an...

6.8CVSS0.00341EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/07/03 12:26 p.m.56 views

CVE-2024-5672 Red Lion Europe: mbNET.mini vulnerable to OS command injection

A high privileged remote attacker can execute arbitrary system commands via GET requests due to improper neutralization of special elements used in an OS command...

7.2CVSS0.0122EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/06/22 5:0 a.m.56 views

CVE-2024-21514

This affects versions of the package opencart/opencart from 0.0.0. An SQL Injection issue was identified in the Divido payment extension for OpenCart, which is included by default in version 3.0.3.9. As an anonymous unauthenticated user, if the Divido payment module is installed it does not have ...

7.4CVSS0.1908EPSS
Exploits2References3
Cvelist
Cvelist
added 2024/06/20 10:16 p.m.56 views

CVE-2024-38359 Lightning Network Daemon Onion Bomb

The Lightning Network Daemon lnd - is a complete implementation of a Lightning Network node. A parsing vulnerability in lnd's onion processing logic and lead to a DoS vector due to excessive memory allocation. The issue was patched in lnd v0.17.0. Users should update to a version v0.17.0 to be...

6.5CVSS0.00572EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/06/18 2:37 a.m.56 views

CVE-2024-4375 Master Slider – Responsive Touch Slider <= 3.9.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via ms_layer Shortcode

The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'mslayer' shortcode in all versions up to, and including, 3.9.10 due to insufficient input sanitization and output escaping on the 'cssid' user supplied attribute. This...

6.4CVSS0.00322EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/06/13 1:59 p.m.56 views

CVE-2024-37309 Client initialized Session-Renegotiation DoS

CrateDB is a distributed SQL database. A high-risk vulnerability has been identified in versions prior to 5.7.2 where the TLS endpoint port 4200 permits client-initiated renegotiation. In this scenario, an attacker can exploit this feature to repeatedly request renegotiation of security parameter...

5.3CVSS0.00704EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/06/11 5:0 p.m.56 views

CVE-2024-30052 Visual Studio Remote Code Execution Vulnerability

...

4.7CVSS0.01354EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/06/10 4:15 p.m.56 views

CVE-2024-5102 Elevation of Privelage via symlinked file in Avast Antivirus

A sym-linked file accessed via the repair function in Avast Antivirus troubleshooting - repair feature, which attempts to delete a file in the current user's AppData directory as NT AUTHORITY\SYSTEM. A low-privileged user can make a pseudo-symlink and a junction folder and point to a file on the...

7.3CVSS0.00225EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/06/09 10:22 p.m.56 views

CVE-2024-5389 Insufficient Access Control in lunary-ai/lunary

In lunary-ai/lunary version 1.2.13, an insufficient granularity of access control vulnerability allows users to create, update, get, and delete prompt variations for datasets not owned by their organization. This issue arises due to the application not properly validating the ownership of dataset...

5.7CVSS0.00431EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/06/06 5:54 p.m.56 views

CVE-2024-5452 RCE via Property/Class Pollution in lightning-ai/pytorch-lightning

A remote code execution RCE vulnerability exists in the lightning-ai/pytorch-lightning library version 2.2.1 due to improper handling of deserialized user input and mismanagement of dunder attributes by the deepdiff library. The library uses deepdiff.Delta objects to modify application state base...

9.8CVSS0.26488EPSS
Exploits3References2
Cvelist
Cvelist
added 2024/06/05 12:45 p.m.56 views

CVE-2024-3469 GP Premium <= 2.4.0 - Reflected Cross-Site Scripting

The GP Premium plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the message parameter in all versions up to, and including, 2.4.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web script...

6.1CVSS6AI score0.00637EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/22 10:55 p.m.56 views

CVE-2024-29850

Veeam Backup Enterprise Manager allows account takeover via NTLM relay...

8.8CVSS8.8AI score0.00809EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/17 1:45 p.m.56 views

CVE-2023-52664 net: atlantic: eliminate double free in error handling logic

In the Linux kernel, the following vulnerability has been resolved: net: atlantic: eliminate double free in error handling logic Driver has a logic leak in ring data allocation/free, where aqringfree could be called multiple times on same ring, if system is under stress and got memory allocation...

6.6AI score0.00275EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/05/15 5:43 p.m.56 views

CVE-2024-25743

In the Linux kernel through 6.9, an untrusted hypervisor can inject virtual interrupts 0 and 14 at any point in time and can trigger the SIGFPE signal handler in userspace applications. This affects AMD SEV-SNP and AMD SEV-ES...

6.8AI score0.00245EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/05/13 2:33 p.m.56 views

CVE-2024-29895 Cacti command injection in cmd_realtime.php

Cacti provides an operational monitoring and fault management framework. A command injection vulnerability on the 1.3.x DEV branch allows any unauthenticated user to execute arbitrary command on the server when registerargcargv option of PHP is On. In cmdrealtime.php line 119, the $pollerid used ...

10CVSS10AI score0.94294EPSS
Exploits4References4
Cvelist
Cvelist
added 2024/05/08 3:6 p.m.56 views

CVE-2024-26579 Apache Inlong JDBC Vulnerability

Deserialization of Untrusted Data vulnerability in Apache InLong.This issue affects Apache InLong: from 1.7.0 through 1.11.0, the attackers can bypass using malicious parameters. Users are advised to upgrade to Apache InLong's 1.12.0 or cherry-pick 1, 2 to solve it. 1...

6.8AI score0.0113EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/05/03 10:13 a.m.56 views

CVE-2024-34072 Deserialization of Untrusted Data in sagemaker-python-sdk

sagemaker-python-sdk is a library for training and deploying machine learning models on Amazon SageMaker. The sagemaker.basedeserializers.NumpyDeserializer module before v2.218.0 allows potentially unsafe deserialization when untrusted data is passed as pickled object arrays. This consequently ma...

7.8CVSS8.2AI score0.00408EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/05/03 2:13 a.m.56 views

CVE-2023-44426 D-Link DIR-X3260 SetSysEmailSettings AccountPassword Command Injection Remote Code Execution Vulnerability

D-Link DIR-X3260 SetSysEmailSettings AccountPassword Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Although authentication is required to exploit this...

8CVSS8.6AI score0.01114EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/05/02 6:48 a.m.56 views

CVE-2024-32962 XML signature verification bypass due improper verification of signature / signature spoofing

xml-crypto is an xml digital signature and encryption library for Node.js. In affected versions the default configuration does not check authorization of the signer, it only checks the validity of the signature per section 3.2.2 of the w3 xmldsig-core-20080610 spec. As such, without additional...

10CVSS9.6AI score0.00833EPSS
Exploits1References7
Cvelist
Cvelist
added 2024/04/23 5:26 p.m.56 views

CVE-2024-31208 Synapse's V2 state resolution weakness allows DoS from remote room members

Synapse is an open-source Matrix homeserver. A remote Matrix user with malicious intent, sharing a room with Synapse instances before 1.105.1, can dispatch specially crafted events to exploit a weakness in the V2 state resolution algorithm. This can induce high CPU consumption and accumulate...

6.5CVSS6.5AI score0.01463EPSS
Exploits0References6
Cvelist
Cvelist
added 2024/04/09 6:59 p.m.56 views

CVE-2024-2340 Avada <= 7.11.6 - Unauthenticated Sensitive Information Exposure via Form Uploads Directory Listing

The Avada theme for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.11.6 via the '/wp-content/uploads/fusion-forms/' directory. This makes it possible for unauthenticated attackers to extract sensitive data uploaded via an Avada created form with ...

5.3CVSS5.4AI score0.27997EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/04/09 5:1 p.m.56 views

CVE-2024-26251 Microsoft SharePoint Server Spoofing Vulnerability

...

6.8CVSS6.9AI score0.01395EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/06 7:34 a.m.56 views

CVE-2024-0837 Element Pack Elementor Addons (Header Footer, Free Template Library, Grid, Carousel, Table, Parallax Animation, Register Form, Twitter Grid) <= 5.3.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'Custom Gallery' Widget

The Element Pack Elementor Addons Header Footer, Free Template Library, Grid, Carousel, Table, Parallax Animation, Register Form, Twitter Grid plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the image URL parameter in all versions up to, and including, 5.3.2 due to...

6.4CVSS5.8AI score0.00344EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/04/04 8:27 p.m.56 views

CVE-2024-30270 mailcow Path Traversal and Arbitrary Code Execution Vulnerability

mailcow: dockerized is an open source groupware/email suite based on docker. A security vulnerability has been identified in mailcow affecting versions prior to 2024-04. This vulnerability is a combination of path traversal and arbitrary code execution, specifically targeting the rspamdmaps...

6.2CVSS6.9AI score0.27346EPSS
Exploits2References3
Cvelist
Cvelist
added 2024/03/30 4:31 a.m.56 views

CVE-2024-2047 ElementsKit Elementor addons <= 3.0.6 - Authenticated (Contributor+) Local File Inclusion in render_raw

The ElementsKit Elementor addons plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.0.6 via the renderraw function. This makes it possible for authenticated attackers, with contributor-level access and above, to include and execute arbitrary files o...

8.8CVSS9.1AI score0.01482EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/03/28 12:48 p.m.56 views

CVE-2024-29896 Astro-Shield's Content-Security-Policy header generation in middleware could be compromised by malicious injections

Astro-Shield is a library to compute the subresource integrity hashes for your JS scripts and CSS stylesheets. When automated CSP headers generation for SSR content is enabled and the web application serves content that can be partially controlled by external users, then it is possible that the C...

7.5CVSS7.7AI score0.00591EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/03/20 4:31 a.m.56 views

CVE-2024-2672 Campcodes Online Job Finder System controller.php sql injection

A vulnerability was found in Campcodes Online Job Finder System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /admin/user/controller.php. The manipulation of the argument UESRID leads to sql injection. The attack may be launched remotely. The...

6.5CVSS7AI score0.00601EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/02/29 12:0 a.m.56 views

CVE-2024-24246

Heap Buffer Overflow vulnerability in qpdf 11.9.0 allows attackers to crash the application via the std::sharedcount function at /bits/sharedptrbase.h...

5.6AI score0.00436EPSS
Exploits1References4
Cvelist
Cvelist
added 2024/02/17 7:36 a.m.56 views

CVE-2024-1512 MasterStudy LMS WordPress Plugin – for Online Courses and Education <= 3.2.5 - Unauthenticated SQL Injection

The MasterStudy LMS WordPress Plugin – for Online Courses and Education plugin for WordPress is vulnerable to union based SQL Injection via the 'user' parameter of the /lms/stm-lms/order/items REST route in all versions up to, and including, 3.2.5 due to insufficient escaping on the user supplied...

9.8CVSS9.9AI score0.77729EPSS
Exploits1References2
Total number of security vulnerabilities5000