Lucene search
K
EuvdMost viewed

417610 matches found

EUVD
EUVD
added 2026/05/14 1:8 p.m.22 views

EUVD-2026-28800

Absinthe: Quadratic fragment-name uniqueness check...

8.7CVSS5.8AI score0.00624EPSS
Exploits1References5
EUVD
EUVD
added 2026/05/13 6:30 p.m.22 views

EUVD-2026-30023

In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Disable LPM on ST1000DM010-2EP102 According to a user report, the ST1000DM010-2EP102 has problems with LPM, causing random system freezes. The drive belongs to the same BarraCuda family as the ST2000DM008-2FR102...

5.8AI score0.00114EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/13 6:30 p.m.23 views

EUVD-2026-30025

In the Linux kernel, the following vulnerability has been resolved: liveupdate: luofile: remember retrieve status LUO keeps track of successful retrieve attempts on a LUO file. It does so to avoid multiple retrievals of the same file. Multiple retrievals cause problems because once the file is...

5.6AI score0.00102EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/13 1:27 p.m.22 views

EUVD-2026-29953

The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to blind SQL Injection via the 'rid' parameter in all versions up to, and including, 5.9.8.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQ...

6.5CVSS5.9AI score0.00269EPSS
Exploits0References6
EUVD
EUVD
added 2026/05/13 5:29 a.m.22 views

EUVD-2025-209822

The ilGhera Support System for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'getticketcontentcallback' function in all versions up to, and including, 1.3.0. This makes it possible for unauthenticated attackers to view any...

5.3CVSS5.8AI score0.00256EPSS
Exploits0References6
EUVD
EUVD
added 2026/05/12 3:31 p.m.22 views

EUVD-2026-29460

CWE-22: Improper Limitation of a Pathname to a Restricted Directory “Path Traversal” vulnerability that could cause unauthorized access to sensitive files when user-supplied input is improperly handled during server-side file path processing...

7.1CVSS5.8AI score0.00303EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/12 3:31 p.m.22 views

EUVD-2026-29466

Other issue in the JavaScript Engine component. This vulnerability was fixed in Firefox 150.0.3...

5.8AI score0.00298EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/12 12:32 p.m.22 views

EUVD-2026-29422

The Motors – Car Dealership & Classified Listings plugin for WordPress is vulnerable to Payment Bypass via insecure user meta update in all versions up to, and including, 1.4.103 This is due to the stmsaveuserextrafields function updating sensitive user meta fields from POST data without verifyin...

4.3CVSS5.8AI score0.00222EPSS
Exploits0References7
EUVD
EUVD
added 2026/05/12 3:31 a.m.22 views

EUVD-2026-29371

SAP S/4HANA SAP Enterprise Search for ABAP contains a SQL injection vulnerability that allows an authenticated attacker to inject malicious SQL statements through user-controlled input. The application directly concatenates this malicious user input into SQL queries, which are then passed to the...

9.6CVSS5.9AI score0.00466EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/10 3:31 p.m.22 views

EUVD-2022-55969

Aero CMS 0.0.1 contains a PHP code injection vulnerability that allows authenticated attackers to execute arbitrary PHP code by uploading malicious files through the image parameter. Attackers can upload PHP files with embedded code to the admin posts.php endpoint with source=addpost parameter, a...

8.8CVSS6.1AI score0.00347EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/10 3:31 p.m.22 views

EUVD-2022-55987

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the news/manage module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via crafted GET requests...

6.1CVSS5.7AI score0.00252EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/10 3:31 p.m.22 views

EUVD-2021-34790

Opencart TMD Vendor System 3.x contains a blind SQL injection vulnerability that allows unauthenticated attackers to extract database information by injecting SQL code through the productid parameter. Attackers can craft malicious SQL queries using time-based or content-based blind injection...

8.8CVSS5.9AI score0.00276EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/09 7:40 p.m.22 views

EUVD-2026-28927

Net::IMAP implements Internet Message Access Protocol IMAP client functionality in Ruby. Prior to versions 0.4.24, 0.5.14, and 0.6.4, symbol arguments to commands are vulnerable to a CRLF Injection / IMAP Command injection via Symbol arguments passed to IMAP commands. This issue has been patched ...

5.8CVSS5.7AI score0.00813EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/09 12:0 p.m.22 views

EUVD-2026-28912

A vulnerability was detected in Open5GS up to 2.7.7. This affects the function ogssbiclientsendviascporsepp in the library lib/sbi/client.c of the component NF. Performing a manipulation results in out-of-bounds read. The attack is possible to be carried out remotely. The patch is named...

6.9CVSS5.8AI score0.00519EPSS
Exploits1References7
EUVD
EUVD
added 2026/05/08 3:31 p.m.22 views

EUVD-2026-28629

In the Linux kernel, the following vulnerability has been resolved: net: ipa: fix event ring index not programmed for IPA v5.0+ For IPA v5.0+, the event ring index field moved from CHCCNTXT0 to CHCCNTXT1. The v5.0 register definition intended to define this field in the CHCCNTXT1 fmask array but...

5.7AI score0.00353EPSS
Exploits0References6
EUVD
EUVD
added 2026/05/08 12:31 a.m.22 views

EUVD-2026-28448

Improper access control in Azure Managed Instance for Apache Cassandra allows an authorized attacker to execute code over a network...

9.9CVSS6AI score0.00711EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/07 9:30 p.m.22 views

EUVD-2026-28423

Well-crafted inputs reaching ParseAddress, ParseAddressList, and ParseDate were able to trigger excessive CPU exhaustion and memory allocations...

5.8AI score0.00784EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/07 9:30 p.m.22 views

EUVD-2026-28422

The "go bug" command writes to two files with predictable names in the system temporary directory for example, "/tmp". An attacker with access to the temporary directory can create a symlink in one of these names, causing "go bug" to overwrite the target of the symlink...

5.8AI score0.00179EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/06 9:31 p.m.22 views

EUVD-2026-28199

OpenClaw before 2026.4.20 contains a server-side request forgery vulnerability in QQBot direct media upload that skips URL validation. Attackers can bypass SSRF protections by sending crafted image URLs to uploadC2CMedia and uploadGroupMedia endpoints to relay unintended requests...

6.3CVSS5.8AI score0.00236EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/06 6:30 p.m.22 views

EUVD-2026-27864

A vulnerability in the REST API of Cisco Slido could have allowed an authenticated, remote attacker to access the social profile data of other users or affect quiz and poll results. Cisco has addressed this vulnerability in Cisco Slido and no customer action is needed. This vulnerability existed...

5.4CVSS5.8AI score0.00168EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/06 12:30 p.m.22 views

EUVD-2026-27660

In the Linux kernel, the following vulnerability has been resolved: media: chips-media: wave5: Fix Null reference while testing fluster When multi instances are created/destroyed, many interrupts happens and structures for decoder are removed. "struct vpuinstance" this structure is shared for all...

5.8AI score0.00119EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/06 12:30 p.m.22 views

EUVD-2026-27804

In the Linux kernel, the following vulnerability has been resolved: ntb: ntbhwswitchtec: Fix array-index-out-of-bounds access Number of MW LUTs depends on NTB configuration and can be set to MAXMWS, This patch protects against invalid index out of bounds access to mwsizes When invalid access prin...

5.8AI score0.00126EPSS
Exploits0References9
EUVD
EUVD
added 2026/05/06 12:30 p.m.22 views

EUVD-2026-27716

In the Linux kernel, the following vulnerability has been resolved: mux: mmio: fix regmap leak on probe failure The mmio regmap that may be allocated during probe is never freed. Switch to using the device managed allocator so that the regmap is released on probe failures e.g. probe deferral and ...

5.7AI score0.00126EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/06 2:38 a.m.22 views

EUVD-2026-27516

An off-by-one error CWE-193 in the ConsumeUnit16Array and ConsumeUnit64Array functions in Velocidex Velociraptor before version 0.76.5 on Windows and Linux allows a local attacker to cause a Denial of Service DoS via a process crash by providing a specially crafted .evtx file to the parseevtx VQL...

4.4CVSS5.8AI score0.00142EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/04 8:30 p.m.22 views

EUVD-2026-27143

A security flaw has been discovered in Open5GS up to 2.7.7. Affected is the function udmnudrdrhandlesubscriptionauthentication of the file /src/udm/nudr-handler.c of the component authentication-subscription Endpoint. Performing a manipulation results in denial of service. Remote exploitation of...

5.3CVSS5.4AI score0.00358EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/04 4:55 p.m.22 views

EUVD-2026-27003

XML External Entity XXE via Unsanitized Dictionary Parsing in Apache OpenNLP DictionaryEntryPersistor Versions Affected: before 2.5.9, before 3.0.0-M3 Description: The DictionaryEntryPersistor class initializes a static SAXParserFactory at class-load time without enabling FEATURESECUREPROCESSING ...

5.8AI score0.00515EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/04 5:45 a.m.22 views

EUVD-2026-26896

mutt before 2.3.2 sometimes truncates the hashpasswd by one byte for IMAP authcram MD5 digest...

3.7CVSS5.8AI score0.00162EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/03 4:25 a.m.22 views

EUVD-2026-26815

The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via POST parameter key names in the submitnexform function in versions up to, and including, 9.1.11 due to insufficient input sanitization and output escaping. This makes it...

7.2CVSS6AI score0.00243EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/02 11:16 a.m.22 views

EUVD-2026-26779

The Geo Mashup plugin for WordPress is vulnerable to Time-Based SQL Injection via the 'mapposttype' parameter in all versions up to, and including, 1.13.18. This is due to the SearchResults hook explicitly calling stripslashesdeep$POST which removes WordPress magic quotes protection, followed by...

7.5CVSS5.9AI score0.00311EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/02 7:46 a.m.22 views

EUVD-2026-26757

The Royal Elementor Addons plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 1.7.1057. This is due to insufficient validation of user-supplied URLs in the rendercsvdata function, which can be bypassed by including 'docs.google.com/spreadsheets' in...

7.2CVSS5.9AI score0.00379EPSS
Exploits0References10
EUVD
EUVD
added 2026/04/28 7:6 a.m.22 views

EUVD-2024-55560

Penetration Testing engineers at Amazon have identified a security flaw related to request handling in the web server component that could, under certain conditions, lead to unintended access to protected functions. The manufacturer has released patch firmware for the flaw, please refer to the...

8.7CVSS5.3AI score0.00193EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/21 9:31 p.m.22 views

EUVD-2026-24382

Vulnerability in the PeopleSoft Enterprise SCM Purchasing product of Oracle PeopleSoft component: Purchasing. The supported version that is affected is 9.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise PeopleSoft Enterprise SCM...

6.5CVSS5.7AI score0.00261EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/03 4:33 a.m.22 views

EUVD-2026-9277

The User Registration & Membership – Custom Registration Form Builder, Custom Login Form, User Profile, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to improper privilege management in all versions up to, and including, 5.1.2. This is due to the plugin accepting a...

9.8CVSS5.9AI score0.25532EPSS
Exploits2References2
EUVD
EUVD
added 2026/02/14 4:27 p.m.22 views

EUVD-2026-5858

In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF in bindernetlinkreport Oneway transactions sent to frozen targets via binderproctransaction return a BRTRANSACTIONPENDINGFROZEN error but they are still treated as successful since the target is expected to thaw a...

5.3AI score0.0012EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/27 9:12 a.m.22 views

EUVD-2026-4827

Out-of-bounds Write vulnerability in gerstrong Commander-Genius.This issue affects Commander-Genius: before Release refs/pull/358/merge...

7.5CVSS5.9AI score0.00263EPSS
Exploits0References1
EUVD
EUVD
added 2026/01/15 8:15 p.m.22 views

EUVD-2026-2712

A Buffer Over-read vulnerability in the routing protocol daemon rpd of Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause a Denial-of-Service DoS. When an affected device receives a BGP update with a set of specific optional transitive...

8.7CVSS6.3AI score0.00367EPSS
Exploits0References4
EUVD
EUVD
added 2026/01/10 2:41 a.m.22 views

EUVD-2026-1468

React Router is a router for React. In @react-router/node versions 7.0.0 through 7.9.3, @remix-run/deno prior to version 2.17.2, and @remix-run/node prior to version 2.17.2, if createFileSessionStorage is being used from @react-router/node or @remix-run/node/@remix-run/deno in Remix v2 with an...

9.1CVSS6.1AI score0.16104EPSS
Exploits0References2
EUVD
EUVD
added 2026/01/09 11:15 a.m.22 views

EUVD-2026-1736

The Woodpecker for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'formname' parameter of the woodpecker-connector shortcode in all versions up to, and including, 3.0.4 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS4.6AI score0.00197EPSS
Exploits0References6
EUVD
EUVD
added 2025/12/31 5:23 a.m.22 views

EUVD-2025-205883

Cross-Site Request Forgery CSRF vulnerability in mg12 WP-EasyArchives allows Stored XSS.This issue affects WP-EasyArchives: from n/a through 3.1.2...

7.1CVSS6.1AI score0.00094EPSS
Exploits0References2
EUVD
EUVD
added 2025/12/13 6:30 p.m.22 views

EUVD-2025-203207

The WP to LinkedIn Auto Publish plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via PostMessage in all versions up to, and including, 1.9.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web...

6.1CVSS5.2AI score0.00204EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/11 5:32 p.m.22 views

EUVD-2025-202754

A vulnerability has been found in SourceCodester Real Estate Property Listing App 1.0. The impacted element is an unknown function of the file /admin/property.php. Such manipulation of the argument image leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has...

5.8CVSS4.8AI score0.00384EPSS
Exploits1References6
EUVD
EUVD
added 2025/11/04 11:19 a.m.22 views

EUVD-2025-37758

The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +21 Modules – All in One Solution formerly WooLentor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 3.2.5 via the 'loadtemplate' function. This makes it possible for unauthenticated...

9.8CVSS6.8AI score0.00776EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/22 3:31 p.m.22 views

EUVD-2025-35382

Insertion of Sensitive Information Into Sent Data vulnerability in Blockspare Blockspare blockspare allows Retrieve Embedded Sensitive Data.This issue affects Blockspare: from n/a through = 3.2.13.2...

6.4AI score0.00253EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.22 views

EUVD-2020-5638

Malware in sbrugna...

9.8CVSS9.3AI score0.02365EPSS
Exploits3References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.22 views

EUVD-2016-7712

Malware in sbrugna...

6.5CVSS6.6AI score0.01016EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.22 views

EUVD-2021-21631

Malware in sbrugna...

5.5CVSS4.5AI score0.01699EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.22 views

EUVD-2021-0966

Malware in sbrugna...

8.6CVSS7.4AI score0.03468EPSS
Exploits2References13
EUVD
EUVD
added 2025/10/07 12:30 a.m.22 views

EUVD-2021-11114

Malware in sbrugna...

6.5CVSS6.5AI score0.01341EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.22 views

EUVD-2020-18456

Malware in sbrugna...

6.5CVSS6.8AI score0.08825EPSS
Exploits3References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.22 views

EUVD-2016-10061

Malware in sbrugna...

7.5CVSS7.6AI score0.00902EPSS
Exploits0References2
Total number of security vulnerabilities5000