Lucene search
K
CvelistMost viewed

365256 matches found

Cvelist
Cvelist
added 2026/05/05 11:24 a.m.53 views

CVE-2023-54342 Eclipse Equinox OSGi 3.8-3.18 Console Remote Code Execution

Eclipse Equinox OSGi versions 3.8 through 3.18 contain a remote code execution vulnerability in the console interface that allows unauthenticated attackers to execute arbitrary code by exploiting the fork command functionality. Attackers can establish a telnet connection to the OSGi console,...

9.8CVSS0.00455EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/05 2:26 a.m.53 views

CVE-2025-13618 Mentoring <= 1.2.8 - Unauthenticated Privilege Escalation in mentoring_process_registration

The Mentoring plugin for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.2.8. This is due to the plugin not properly restricting the roles that users can register with in the mentoringprocessregistration function. This makes it possible for unauthenticated...

9.8CVSS0.00336EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/05 2:26 a.m.54 views

CVE-2026-6701 addfreespace <= 0.1.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting via Settings Page

The addfreespace plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.1.3. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update settings and inject malicious web scrip...

4.3CVSS0.00158EPSS
Exploits0References11
Cvelist
Cvelist
added 2026/05/04 11:30 p.m.53 views

CVE-2026-7784 RTGS2017 NagaAgent Skills Endpoint extensions.py path traversal

A vulnerability has been found in RTGS2017 NagaAgent up to 5.1.0. This issue affects some unknown processing of the file apiserver/routes/extensions.py of the component Skills Endpoint. Such manipulation of the argument Name leads to path traversal. It is possible to launch the attack remotely. T...

7.5CVSS0.00501EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/04 6:45 a.m.53 views

CVE-2026-7741 CodeAstro Online Classroom studentlogin sql injection

A vulnerability was detected in CodeAstro Online Classroom 1.0. Impacted is an unknown function of the file /OnlineClassroom/studentlogin. Performing a manipulation of the argument sid results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be us...

6.5CVSS0.00192EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/04 2:45 a.m.53 views

CVE-2026-7724 PrefectHQ prefect Webhook/Notification validate_restricted_url toctou

A vulnerability has been found in PrefectHQ prefect up to 3.6.28.dev1. Affected by this vulnerability is the function validaterestrictedurl of the component Webhook/Notification. The manipulation leads to time-of-check time-of-use. It is possible to initiate the attack remotely. The attack is...

5CVSS0.0025EPSS
Exploits0References9
Cvelist
Cvelist
added 2026/04/24 8:0 a.m.53 views

CVE-2026-21728 Tempo query limit results in unbounded memory allocation

Tempo queries with large limits can cause large memory allocations which can impact the availability of the service, depending on its deployment strategy. Mitigation can be done by setting maxresultlimit in the search config, e.g. to 262144 2^18. Alternatively, automatically restart the service...

7.5CVSS0.00645EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/21 12:0 a.m.53 views

CVE-2026-31018

In Dolibarr ERP & CRM = 22.0.4, PHP code detection and editing permission enforcement in the Website module is not applied consistently to all input parameters, allowing an authenticated user restricted to HTML/JavaScript editing to inject PHP code through unprotected inputs during website page...

0.00273EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/15 11:32 p.m.53 views

CVE-2026-4197 D-Link DNS-1550-04 download_mgr.cgi RSS_Item_List command injection

A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected is the function...

6.5CVSS0.16779EPSS
Exploits1References14
Cvelist
Cvelist
added 2026/03/15 4:32 p.m.53 views

CVE-2026-4183 D-Link DIR-816 goahead form2WlanBasicSetup.cgi stack-based overflow

A security vulnerability has been detected in D-Link DIR-816 1.10CNB05. Affected is an unknown function of the file /goform/form2WlanBasicSetup.cgi of the component goahead. Such manipulation of the argument pskValue leads to stack-based buffer overflow. The attack can be executed remotely. The...

10CVSS0.01184EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/03/11 4:25 a.m.53 views

CVE-2026-2413 Ally – Web Accessibility & Usability <= 4.0.3 - Unauthenticated SQL Injection via URL Path

The Ally – Web Accessibility & Usability plugin for WordPress is vulnerable to SQL Injection via the URL path in all versions up to, and including, 4.0.3. This is due to insufficient escaping on the user-supplied URL parameter in the getglobalremediations method, where it is directly concatenated...

7.5CVSS0.02289EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/03/09 10:17 p.m.53 views

CVE-2026-28512 Pocket ID: OAuth redirect_uri validation bypass via userinfo/host confusion

Pocket ID is an OIDC provider that allows users to authenticate with their passkeys to your services. From 2.0.0 to before 2.4.0, a flaw in callback URL validation allowed crafted redirecturi values containing URL userinfo @ to bypass legitimate callback pattern checks. If an attacker can trick a...

7.1CVSS0.00204EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/06 12:0 a.m.53 views

CVE-2025-69651

GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an invalid pointer free when processing a crafted ELF binary with malformed relocation or symbol data. If dumprelocations returns early due to parsing errors, the internal allrelocations array may remain partially uninitialized...

0.0024EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/02/19 3:25 a.m.53 views

CVE-2025-13079 Popup Builder - Create highly converting, mobile friendly marketing popups. <= 4.4.2 - Improper Authorization to Unauthenticated Subscriber Removal via Predictable Tokens

The Popup Builder – Create highly converting, mobile friendly marketing popups. plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.4.2. This is due to the plugin generating predictable unsubscribe tokens using deterministic data. This makes it...

5.3CVSS0.00372EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/02/17 6:50 p.m.53 views

CVE-2026-24733 Apache Tomcat: Security constraint bypass with HTTP/0.9

Improper Input Validation vulnerability in Apache Tomcat. Tomcat did not limit HTTP/0.9 requests to the GET method. If a security constraint was configured to allow HEAD requests to a URI but deny GET requests, the user could bypass that constraint on GET requests by sending a specification inval...

0.00494EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/15 3:24 a.m.53 views

CVE-2026-1750 Ecwid by Lightspeed Ecommerce Shopping Cart <= 7.0.7 - Authenticated (Subscriber+) Privilege Escalation via ec_store_admin_access

The Ecwid by Lightspeed Ecommerce Shopping Cart plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 7.0.7. This is due to a missing capability check in the 'savecustomuserprofilefields' function. This makes it possible for authenticated attackers, with...

8.8CVSS0.00272EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/02 4:32 a.m.53 views

CVE-2026-1744 D-Link DSL-6641K sp_pppoe_user.js doSubmitPPP cross site scripting

A vulnerability was found in D-Link DSL-6641K N8.TR069.20131126. Affected by this issue is the function doSubmitPPP of the file sppppoeuser.js. The manipulation of the argument Username results in cross site scripting. The attack may be launched remotely. The exploit has been made public and coul...

4.8CVSS0.00408EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/01/28 5:9 p.m.53 views

CVE-2025-57793 SQL Injection Vulnerability in Explorance Blue

Explorance Blue versions prior to 8.14.9 contain a SQL injection vulnerability caused by insufficient validation of user-supplied input in a web application component. Crafted input can be executed as part of backend database queries. The issue is exploitable without authentication, significantly...

0.00325EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/01/27 9:17 a.m.53 views

CVE-2026-1467 Libsoup: libsoup: http header injection via specially crafted urls when an http proxy is configured

A flaw was found in libsoup, an HTTP client library. This vulnerability, known as CRLF Carriage Return Line Feed Injection, occurs when an HTTP proxy is configured and the library improperly handles URL-decoded input used to create the Host header. A remote attacker can exploit this by providing ...

5.8CVSS0.00312EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/01/23 2:15 p.m.53 views

CVE-2025-71150 ksmbd: Fix refcount leak when invalid session is found on session lookup

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix refcount leak when invalid session is found on session lookup When a session is found but its state is not SMB2SESSIONVALID, It indicates that no valid session was found, but it is missing to decrement the reference...

0.00118EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/01/13 10:51 p.m.53 views

CVE-2022-50912 ImpressCMS 1.4.4 - Unrestricted File Upload

ImpressCMS 1.4.4 contains a file upload vulnerability with weak extension sanitization that allows attackers to upload potentially malicious files. Attackers can bypass file upload restrictions by using alternative file extensions .php2.php6.php7.phps.pht to execute arbitrary PHP code on the serv...

9.8CVSS0.00983EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/12/15 11:39 p.m.53 views

CVE-2025-10881 CATPRODUCT File Parsing Heap-Based Overflow Vulnerability

A maliciously crafted CATPRODUCT file, when parsed through certain Autodesk products, can force a Heap-Based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process...

7.8CVSS0.00226EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/04 4:8 p.m.53 views

CVE-2025-40252 net: qlogic/qede: fix potential out-of-bounds read in qede_tpa_cont() and qede_tpa_end()

In the Linux kernel, the following vulnerability has been resolved: net: qlogic/qede: fix potential out-of-bounds read in qedetpacont and qedetpaend The loops in 'qedetpacont' and 'qedetpaend', iterate over 'cqe-lenlist' using only a zero-length terminator as the stopping condition. If the...

0.00179EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/10/01 7:57 p.m.53 views

CVE-2025-58769 auth0-PHP: Improper File Type Handling in Bulk User Import

auth0-PHP is an SDK for Auth0 Authentication and Management APIs. In versions 3.3.0 through 8.16.0, the Bulk User Import endpoint in applications built with the SDK does not validate the file-path wrapper or value. Without proper validation, affected applications may accept arbitrary file paths o...

3.3CVSS0.00329EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/09/19 3:26 p.m.53 views

CVE-2025-39859 ptp: ocp: fix use-after-free bugs causing by ptp_ocp_watchdog

In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: fix use-after-free bugs causing by ptpocpwatchdog The ptpocpdetach only shuts down the watchdog timer if it is pending. However, if the timer handler is already running, the timerdeletesync is not called. This leads to...

0.00136EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/09/16 9:8 p.m.53 views

CVE-2025-9708 Kubernetes C# Client: improper certificate validation in custom CA mode may lead to man-in-the-middle attacks

A vulnerability exists in the Kubernetes C client where the certificate validation logic accepts properly constructed certificates from any Certificate Authority CA without properly verifying the trust chain. This flaw allows a malicious actor to present a forged certificate and potentially...

6.8CVSS0.00288EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/11 6:57 p.m.53 views

CVE-2025-53857 Lack of Authorization on Get Channel Subscriptions for Autocomplete in Mattermost Confluence Plugin

Mattermost Confluence Plugin version 1.5.0 fails to check the access of the user to the channel which allows attackers to get channel subscription details without proper access to the channel via API call to the GET autocomplete/GetChannelSubscriptions endpoint...

3.7CVSS0.00206EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/27 9:43 p.m.53 views

CVE-2025-53098 Roo Code Vulnerable to Potential Remote Code Execution via Model Context Protocol

Roo Code is an AI-powered autonomous coding agent. The project-specific MCP configuration for the Roo Code agent is stored in the .roo/mcp.json file within the VS Code workspace. Because the MCP configuration format allows for execution of arbitrary commands, prior to version 3.20.3, it would hav...

8.1CVSS0.00571EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/24 12:0 a.m.53 views

CVE-2025-53021

A session fixation vulnerability in Moodle 3.x through 3.11.18 allows unauthenticated attackers to hijack user sessions via the sesskey parameter. The sesskey can be obtained without authentication and reused within the OAuth2 login flow, resulting in the victim's session being linked to the...

4.2CVSS0.00261EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/06/03 7:27 p.m.53 views

CVE-2025-35036 hibernate-validator insecure default Expression Language interpolation

Hibernate Validator before 6.2.0 and 7.0.0, by default and depending how it is used, may interpolate user-supplied input in a constraint violation message with Expression Language. This could allow an attacker to access sensitive information or execute arbitrary Java code. Hibernate Validator as ...

7.3CVSS0.00615EPSS
Exploits0References13
Cvelist
Cvelist
added 2025/05/27 12:29 p.m.53 views

CVE-2025-5262

A double-free could have occurred in vpxcodecencinitmulti after a failed allocation when initializing the encoder for WebRTC. This could have caused memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 139 and Thunderbird 128.11...

0.00375EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/05/24 3:37 a.m.53 views

CVE-2025-4603 eMagicOne Store Manager for WooCommerce <= 1.2.5 - Unauthenticated Arbitrary File Deletion

The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the deletefile function in all versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to delete arbitrary files...

9.1CVSS0.01206EPSS
Exploits2References7
Cvelist
Cvelist
added 2025/05/08 7:27 p.m.53 views

CVE-2025-46812 Trix vulnerable to Cross-site Scripting on copy & paste

Trix is a what-you-see-is-what-you-get rich text editor for everyday writing. Versions prior to 2.1.15 are vulnerable to XSS attacks when pasting malicious code. An attacker could trick a user to copy and paste malicious code that would execute arbitrary JavaScript code within the context of the...

5.1CVSS0.00602EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/05/04 10:0 p.m.53 views

CVE-2025-4251 PCMan FTP Server RMDIR Command buffer overflow

A vulnerability was found in PCMan FTP Server 2.0.7 and classified as critical. This issue affects some unknown processing of the component RMDIR Command Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may ...

7.5CVSS0.00612EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/05/02 3:55 p.m.53 views

CVE-2023-53088 mptcp: fix UaF in listener shutdown

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix UaF in listener shutdown As reported by Christoph after having refactored the passive socket initialization, the mptcp listener shutdown path is prone to an UaF issue. BUG: KASAN: use-after-free in...

0.00168EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/05/01 5:20 p.m.53 views

CVE-2025-46566 Dataease redshift JDBC Connection Remote Code Execution

DataEase is an open-source BI tool alternative to Tableau. Prior to version 2.10.9, authenticated users can complete RCE through the backend JDBC link. This issue has been patched in version 2.10.9...

7.7CVSS0.00594EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/04/30 5:14 p.m.53 views

CVE-2025-30390 Azure ML Compute Elevation of Privilege Vulnerability

...

9.9CVSS0.00776EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/20 12:0 a.m.53 views

CVE-2025-43921

GNU Mailman 2.1.39, as bundled in cPanel and WHM, allows unauthenticated attackers to create lists via the /mailman/create endpoint. NOTE: multiple third parties report that they are unable to reproduce this, regardless of whether cPanel or WHM is used...

5.3CVSS0.00403EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/03/31 9:39 p.m.53 views

CVE-2025-31680 Matomo Analytics - Moderately critical - Cross site request forgery - SA-CONTRIB-2025-008

Cross-Site Request Forgery CSRF vulnerability in Drupal Matomo Analytics allows Cross Site Request Forgery.This issue affects Matomo Analytics: from 0.0.0 before 1.24.0...

0.00167EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/12 9:19 p.m.53 views

CVE-2024-39365

Uncontrolled search path for the FPGA Support Package for the IntelR oneAPI DPC++/C++ Compiler software for Windows before version 2024.2 may allow an authenticated user to potentially enable escalation of privilege via local access...

6.7CVSS0.00195EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/05 5:31 p.m.53 views

CVE-2025-23419 TLS Session Resumption Vulnerability

When multiple server blocks are configured to share the same IP address and port, an attacker can use session resumption to bypass client certificate authentication requirements on these servers. This vulnerability arises when TLS Session Tickets...

5.3CVSS0.02646EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/21 1:57 p.m.53 views

CVE-2025-22716 WordPress Taskbuilder Plugin <= 3.0.6 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in taskbuilder Taskbuilder taskbuilder allows SQL Injection.This issue affects Taskbuilder: from n/a through = 3.0.6...

8.5CVSS0.00416EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/21 9:35 a.m.54 views

CVE-2025-23184 Apache CXF: Denial of Service vulnerability with temporary files

A potential denial of service vulnerability is present in versions of Apache CXF before 3.5.10, 3.6.5 and 4.0.6. In some edge cases, the CachedOutputStream instances may not be closed and, if backed by temporary files, may fill up the file system it applies to servers and clients...

5.9CVSS0.01941EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/21 12:0 a.m.53 views

CVE-2024-54794

The script input feature of SpagoBI 3.5.1 allows arbitrary code execution...

0.12829EPSS
Exploits3References2
Cvelist
Cvelist
added 2025/01/08 3:43 p.m.53 views

CVE-2025-22130 Soft Serve allows path traversal attacks

Soft Serve is a self-hostable Git server for the command line. Prior to 0.8.2 , a path traversal attack allows existing non-admin users to access and take over other user's repositories. A malicious user then can modify, delete, and arbitrarily repositories as if they were an admin user without...

5.3CVSS0.00665EPSS
Exploits0References3
Cvelist
Cvelist
added 2024/12/08 11:0 p.m.53 views

CVE-2024-12344 TP-Link VN020 F3v(T) FTP USER Command memory corruption

A vulnerability, which was classified as critical, was found in TP-Link VN020 F3vT TTV6.2.1021. This affects an unknown part of the component FTP USER Command Handler. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The exploit has been disclosed to th...

6.5CVSS0.01842EPSS
Exploits3References5
Cvelist
Cvelist
added 2024/12/02 2:32 p.m.53 views

CVE-2024-38827 Spring Security Authorization Bypass for Case Sensitive Comparisons

The usage of String.toLowerCase and String.toUpperCase has some Locale dependent exceptions that could potentially result in authorization rules not working properly...

4.8CVSS0.00385EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/19 5:0 a.m.53 views

CVE-2024-21539

Versions of the package @eslint/plugin-kit before 0.2.3 are vulnerable to Regular Expression Denial of Service ReDoS due to improper input sanitization. An attacker can increase the CPU usage and crash the program by exploiting this vulnerability...

7.5CVSS0.00482EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/11/18 3:45 a.m.53 views

CVE-2024-38828 CVE-2024-38828: DoS via Spring MVC controller method with byte[] parameter

Spring MVC controller methods with an @RequestBody byte method parameter are vulnerable to a DoS attack...

5.3CVSS0.00729EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/04 10:4 a.m.53 views

CVE-2024-33033 Use After Free in ComputerVision

Memory corruption while processing IOCTL calls to unmap the buffers...

6.7CVSS0.00102EPSS
Exploits0References1
Total number of security vulnerabilities5000