Lucene search
K
CvelistMost viewed

364749 matches found

Cvelist
Cvelist
added 2026/05/06 10:24 a.m.52 views

CVE-2025-59851 HCL DFXAnalytics is affected by an Insecure Security Header configuration vulnerability

HCL DFXAnalytics is affected by a Using Components with Known Vulnerabilities flaw where the application utilizes unpatched libraries or sub-components, which could allow an attacker to identify and exploit publicly known security vulnerabilities to gain unauthorized access or compromise the...

3.7CVSS0.00206EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/06 7:40 a.m.52 views

CVE-2026-43106 cachefiles: fix incorrect dentry refcount in cachefiles_cull()

In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix incorrect dentry refcount in cachefilescull The patch mentioned below changed cachefilesburyobject to expect 2 references to the 'rep' dentry. Three of the callers were changed to use startremovingdentry which tak...

7.8CVSS0.00112EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/05/06 7:40 a.m.52 views

CVE-2026-43091 xfrm: Wait for RCU readers during policy netns exit

In the Linux kernel, the following vulnerability has been resolved: xfrm: Wait for RCU readers during policy netns exit xfrmpolicyfini frees the policybydst hash tables after flushing the policy work items and deleting all policies, but it does not wait for concurrent RCU readers to leave their...

7.8CVSS0.00128EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/05 11:25 a.m.52 views

CVE-2026-43535 OpenClaw < 2026.4.14 - Authorization Context Reuse in Collect-Mode Queue Batches

OpenClaw before 2026.4.14 contains an authorization context reuse vulnerability in collect-mode queue batches that allows messages from different senders to inherit the final sender's authorization context. Attackers can exploit this by sending multiple queued messages to drain batches using a mo...

7.6CVSS0.0022EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/05/05 2:26 a.m.53 views

CVE-2026-6701 addfreespace <= 0.1.3 - Cross-Site Request Forgery to Stored Cross-Site Scripting via Settings Page

The addfreespace plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.1.3. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to update settings and inject malicious web scrip...

4.3CVSS0.00158EPSS
Exploits0References11
Cvelist
Cvelist
added 2026/05/04 6:38 p.m.52 views

CVE-2026-42235 n8n: XSS via MCP OAuth client

n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, an unauthenticated attacker could register a malicious MCP OAuth client with a crafted clientname. If a victim user authorized the OAuth consent dialog and a second user subsequently revoked that...

8.8CVSS0.00332EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/04 4:55 p.m.52 views

CVE-2026-40682 Apache OpenNLP: XXE via Dictionary Parsing in DictionaryEntryPersistor

XML External Entity XXE via Unsanitized Dictionary Parsing in Apache OpenNLP DictionaryEntryPersistor Versions Affected: before 2.5.9, before 3.0.0-M3 Description: The DictionaryEntryPersistor class initializes a static SAXParserFactory at class-load time without enabling FEATURESECUREPROCESSING ...

0.00515EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/04 4:33 p.m.52 views

CVE-2026-24781 vm2: Sandbox Breakout Through Inspect

vm2 is an open source vm/sandbox for Node.js. Prior to version 3.11.0, VM2 suffers from a sandbox breakout vulnerability through the inspect function. This allows attackers to write code which can escape from the VM2 sandbox and execute arbitrary commands on the host system. This issue has been...

9.8CVSS0.01155EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/05/04 3:53 p.m.52 views

CVE-2026-42372 D-Link DIR-605L A1 Hardcoded Telnet Backdoor Credentials

D-Link DIR-605L Hardware Revision A1 End-of-Life, EOL contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static password "wrgn35dlwbrdir605l" read from /etc/alphaconfig/imagesign. The custom telnetd binary...

8.8CVSS0.003EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/05/04 5:42 a.m.52 views

CVE-2026-29200

A critical IDOR vulnerability has been discovered in Comet Backup affecting all versions from 20.11.0 to 26.1.1 and 26.2.1. The vulnerability allows a tenant administrator to impersonate any end-user account of other tenants on the same server via a vulnerable API call...

9.9CVSS0.00297EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/04 3:15 a.m.52 views

CVE-2026-7727 Shandong Hoteam Software PDM Product Data Management System DataService GetQueryMachineGridOnePageData sql injection

A vulnerability was determined in Shandong Hoteam Software PDM Product Data Management System up to 8.3.9. This affects the function GetQueryMachineGridOnePageData of the file /Base/BaseService.asmx/DataService. This manipulation of the argument SortOrder causes sql injection. The attack can be...

7.5CVSS0.00259EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/04 1:15 a.m.52 views

CVE-2026-7718 Totolink WA300 POST Request cstecgi.cgi setWebWlanIdx command injection

A vulnerability was identified in Totolink WA300 5.2cu.7112B20190227. Impacted is the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument webWlanIdx leads to command injection. The attack may be initiated remotely. The...

6.5CVSS0.00916EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/05/03 4:0 a.m.52 views

CVE-2026-7678 YunaiV yudao-cloud GoViewDataServiceImpl.java getDataBySQL sql injection

A vulnerability was identified in YunaiV yudao-cloud up to 2026.01. This affects the function getDataBySQL of the file yudao-module-report-biz/src/main/java/io/github/ruoyi/report/service/impl/GoViewDataServiceImpl.java. Such manipulation leads to sql injection. It is possible to launch the attac...

6.5CVSS0.00196EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/03 1:30 a.m.52 views

CVE-2026-7674 Shenzhen Libituo Technology LBT-T300-HW1 Web Management start_single_service buffer overflow

A flaw has been found in Shenzhen Libituo Technology LBT-T300-HW1 up to 1.2.8. This issue affects the function startsingleservice of the component Web Management Interface. Executing a manipulation of the argument vpnpptpserver/vpnl2tpserver can lead to buffer overflow. The attack can be executed...

9CVSS0.00481EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/27 9:20 a.m.52 views

CVE-2026-41409 Apache MINA: CWE-502 Deserialization of Untrusted Data

The fix for CVE-2024-52046 in Apache MINA AbstractIoBuffer.getObject was incomplete. The classname allowlist of classes allowed to be deserialized was applied too late after a static initializer in a class to be read might already have been executed. Affected versions are Apache MINA 2.0.0 =...

9.8CVSS0.00451EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/27 12:0 a.m.52 views

CVE-2026-7069 D-Link DIR-825 miniupnpd upnpsoap.c AddPortMapping buffer overflow

A security flaw has been discovered in D-Link DIR-825 up to 3.00b32. This impacts the function AddPortMapping of the file upnpsoap.c of the component miniupnpd. Performing a manipulation of the argument NewPortMappingDescription results in buffer overflow. The attack needs to be approached within...

8.6CVSS0.01384EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/04/24 2:45 p.m.52 views

CVE-2026-31650 mmc: vub300: fix use-after-free on disconnect

In the Linux kernel, the following vulnerability has been resolved: mmc: vub300: fix use-after-free on disconnect The vub300 driver maintains an explicit reference count for the controller and its driver data and the last reference can in theory be dropped after the driver has been unbound. This...

0.00115EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/04/24 8:0 a.m.52 views

CVE-2026-21728 Tempo query limit results in unbounded memory allocation

Tempo queries with large limits can cause large memory allocations which can impact the availability of the service, depending on its deployment strategy. Mitigation can be done by setting maxresultlimit in the search config, e.g. to 262144 2^18...

7.5CVSS0.00645EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/21 8:35 p.m.52 views

CVE-2026-35250

...

2.3CVSS0.0011EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/04/17 2:55 a.m.52 views

CVE-2026-5052 Vault Vulnerable to Server-Side Request Forgery in ACME Challenge Validation via Attacker-Controlled DNS

Vault’s PKI engine’s ACME validation did not reject local targets when issuing http-01 and tls-alpn-01 challenges. This may lead to these requests being sent to local network targets, potentially leading to information disclosure. Fixed in Vault Community Edition 2.0.0 and Vault Enterprise 2.0.0,...

5.3CVSS0.00332EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/06 5:26 p.m.52 views

CVE-2026-35209 defu: Prototype pollution via `__proto__` key in defaults argument

defu is software that allows uers to assign default properties recursively. Prior to version 6.1.5, applications that pass unsanitized user input e.g. parsed JSON request bodies, database records, or config files from untrusted sources as the first argument to defu are vulnerable to prototype...

7.5CVSS0.00398EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/01 8:36 a.m.52 views

CVE-2026-23411 apparmor: fix race between freeing data and fs accessing it

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix race between freeing data and fs accessing it AppArmor was putting the reference to iprivate data on its end after removing the original entry from the file system. However the inode can aand does live beyond that...

7.8CVSS0.00145EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/04/01 12:30 a.m.52 views

CVE-2026-35054 XenForo Stored Cross-Site Scripting via BB Code Rendering

XenForo before 2.3.9 is vulnerable to stored cross-site scripting XSS related to BB code rendering. An attacker can inject malicious scripts through BB code that are stored and executed when other users view the content...

6.4CVSS0.00138EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/31 8:32 a.m.52 views

CVE-2026-5201 Gdk-pixbuf: gdk-pixbuf: denial of service via heap-based buffer overflow when processing a specially crafted jpeg image

A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper validation of color component counts when processing a specially crafted JPEG image. A remote attacker can exploit this flaw without user interaction, for...

7.5CVSS0.01069EPSS
Exploits1References25
Cvelist
Cvelist
added 2026/03/15 11:32 p.m.52 views

CVE-2026-4197 D-Link DNS-1550-04 download_mgr.cgi RSS_Item_List command injection

A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected is the function...

6.5CVSS0.16779EPSS
Exploits1References14
Cvelist
Cvelist
added 2026/03/15 11:2 p.m.52 views

CVE-2026-4195 D-Link DNS-1550-04 wizard_mgr.cgi command injection

A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This affects an unknown function of the file...

6.5CVSS0.03499EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/03/09 10:13 p.m.52 views

CVE-2026-28281 InstantCMS has Multiple CSRF Vulnerabilities

InstantCMS is a free and open source content management system. Prior to 2.18.1, InstantCMS does not validate CSRF tokens, which allows attackers grant moderator privileges to users, execute scheduled tasks, move posts to trash, and accept friend requests on behalf of the user. This vulnerability...

7.1CVSS0.00127EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/03/06 12:0 a.m.52 views

CVE-2025-69651

GNU Binutils thru 2.46 readelf contains a vulnerability that leads to an invalid pointer free when processing a crafted ELF binary with malformed relocation or symbol data. If dumprelocations returns early due to parsing errors, the internal allrelocations array may remain partially uninitialized...

0.0024EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/02/04 4:8 p.m.52 views

CVE-2026-23082 can: gs_usb: gs_usb_receive_bulk_callback(): unanchor URL on usb_submit_urb() error

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: unanchor URL on usbsubmiturb error In commit 7352e1d5932a "can: gsusb: gsusbreceivebulkcallback: fix URB memory leak", the URB was re-anchored before usbsubmiturb in gsusbreceivebulkcallback ...

0.00123EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/02/03 2:35 p.m.52 views

CVE-2026-1207 Potential SQL injection via raster lookups on PostGIS

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. Raster lookups on RasterField only implemented on PostGIS allows remote attackers to inject SQL via the band index parameter. Earlier, unsupported Django series such as 5.0.x, 4.1.x, and 3.2.x were not evaluate...

0.09436EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/10/27 5:29 p.m.52 views

CVE-2025-55752 Apache Tomcat: Directory traversal via rewrite with possible RCE if PUT is enabled

Relative Path Traversal vulnerability in Apache Tomcat. The fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the possibility that, for rewrite rules that rewrite query parameters to the URL, an attacker could manipulate the...

0.66535EPSS
Exploits4References1
Cvelist
Cvelist
added 2025/09/19 3:26 p.m.52 views

CVE-2025-39859 ptp: ocp: fix use-after-free bugs causing by ptp_ocp_watchdog

In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: fix use-after-free bugs causing by ptpocpwatchdog The ptpocpdetach only shuts down the watchdog timer if it is pending. However, if the timer handler is already running, the timerdeletesync is not called. This leads to...

0.00136EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/20 5:2 p.m.52 views

CVE-2025-9234 Scada-LTS maintenance_events.shtm cross site scripting

A vulnerability was detected in Scada-LTS up to 2.7.8.1. The affected element is an unknown function of the file maintenanceevents.shtm. The manipulation of the argument Alias results in cross site scripting. The attack can be executed remotely. The exploit is now public and may be used...

5.1CVSS0.00256EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/08/15 5:10 p.m.52 views

CVE-2025-55285 @backstage/plugin-scaffolder-backend Template Secret Leakage in Logs in Scaffolder When Using `fetch:template`

@backstage/plugin-scaffolder-backend is the backend for the default Backstage software templates. Prior to version 2.1.1, duplicate logging of the input values in the fetch:template action in the Scaffolder meant that some of the secrets were not properly redacted. If $ secrets.x is not passed...

2.6CVSS0.0021EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/09 9:2 p.m.52 views

CVE-2025-8775 Qiyuesuo Eelectronic Signature Platform Scheduled Task upload execute unrestricted upload

A vulnerability was found in Qiyuesuo Eelectronic Signature Platform up to 4.34 and classified as critical. Affected by this issue is the function execute of the file /api/code/upload of the component Scheduled Task Handler. The manipulation of the argument File leads to unrestricted upload. The...

6.5CVSS0.00377EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/06/24 12:0 a.m.52 views

CVE-2025-53021

A session fixation vulnerability in Moodle 3.x through 3.11.18 allows unauthenticated attackers to hijack user sessions via the sesskey parameter. The sesskey can be obtained without authentication and reused within the OAuth2 login flow, resulting in the victim's session being linked to the...

4.2CVSS0.00261EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/06/21 2:40 a.m.52 views

CVE-2025-52485 DNN.PLATFORM Allows Stored Cross-Site Scripting (XSS) in Activity Feed

DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. In versions 6.0.0 to before 10.0.1, DNN.PLATFORM allows a specially crafted request to inject scripts in the Activity Feed Attachments endpoint which will then render in the feed. This issue...

5.1CVSS0.00178EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/06/10 4:23 a.m.52 views

CVE-2025-3076 Elementor Pro <= 3.29.0 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘buttontext’ parameter in all versions up to, and including, 3.29.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS0.00169EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/06/04 5:31 p.m.52 views

CVE-2025-5600 TOTOLINK EX1200T cstecgi.cgi setLanguageCfg stack-based overflow

A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200T 4.1.2cu.5232B20210713. This issue affects the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument LangType leads to stack-based buffer overflow. The attack may be initiated...

10CVSS0.00995EPSS
Exploits1References5
Cvelist
Cvelist
added 2025/05/13 9:38 a.m.52 views

CVE-2025-40555

A vulnerability has been identified in APOGEE PXC+TALON TC Series BACnet All versions. Affected devices start sending unsolicited BACnet broadcast messages after processing a specific BACnet createObject request. This could allow an attacker residing in the same BACnet network to send a specially...

5.3CVSS0.00179EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/05/02 3:55 p.m.52 views

CVE-2023-53088 mptcp: fix UaF in listener shutdown

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix UaF in listener shutdown As reported by Christoph after having refactored the passive socket initialization, the mptcp listener shutdown path is prone to an UaF issue. BUG: KASAN: use-after-free in...

0.00168EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/04/30 5:14 p.m.52 views

CVE-2025-30390 Azure ML Compute Elevation of Privilege Vulnerability

...

9.9CVSS0.00776EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/04/20 12:0 a.m.52 views

CVE-2025-43921

GNU Mailman 2.1.39, as bundled in cPanel and WHM, allows unauthenticated attackers to create lists via the /mailman/create endpoint. NOTE: multiple third parties report that they are unable to reproduce this, regardless of whether cPanel or WHM is used...

5.3CVSS0.00379EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/04/11 11:11 a.m.52 views

CVE-2025-2541 WP Project Manager <= 2.6.22 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload

The WP Project Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.6.22 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and...

6.4CVSS0.00268EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/04/11 1:45 a.m.52 views

CVE-2025-0121 Cortex XDR Agent: Local Windows User Can Crash the Agent

A null pointer dereference vulnerability in the Palo Alto Networks Cortex® XDR agent on Windows devices allows a low-privileged local Windows user to crash the agent. Additionally, malware can use this vulnerability to perform malicious activity without Cortex XDR being able to detect it...

6.8CVSS0.0015EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/03/31 9:39 p.m.52 views

CVE-2025-31680 Matomo Analytics - Moderately critical - Cross site request forgery - SA-CONTRIB-2025-008

Cross-Site Request Forgery CSRF vulnerability in Drupal Matomo Analytics allows Cross Site Request Forgery.This issue affects Matomo Analytics: from 0.0.0 before 1.24.0...

0.00167EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/05 5:31 p.m.52 views

CVE-2025-23419 TLS Session Resumption Vulnerability

When multiple server blocks are configured to share the same IP address and port, an attacker can use session resumption to bypass client certificate authentication requirements on these servers. This vulnerability arises when TLS Session Tickets...

5.3CVSS0.02646EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/01/24 6:34 p.m.52 views

CVE-2024-52807 XXE vulnerability in XSLT parsing in `org.hl7.fhir.publisher`

The HL7 FHIR IG publisher is a tool to take a set of inputs and create a standard FHIR IG. Prior to version 1.7.4, XSLT transforms performed by various components are vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from...

8.6CVSS0.00547EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/01/21 12:0 a.m.52 views

CVE-2024-54794

The script input feature of SpagoBI 3.5.1 allows arbitrary code execution...

0.12829EPSS
Exploits3References2
Cvelist
Cvelist
added 2025/01/20 3:43 p.m.52 views

CVE-2025-23044 Cross-Site Request Forgery (CSRF) allows creating admin account with POST request

PwnDoc is a penetration test report generator. There is no CSRF protection in pwndoc, allowing attackers to send requests on a logged-in user's behalf. This includes GET and POST requests due to the missing SameSite= attribute on cookies and the ability to refresh cookies. Commit...

6.8CVSS0.00239EPSS
Exploits1References2
Total number of security vulnerabilities5000