Lucene search
K

418351 matches found

EUVD
EUVD
•added 2026/06/17 6:35 p.m.•9 views

EUVD-2026-37462

Contributor PHP Object Injection in Avada = 3.15.3 versions...

8.8CVSS5.4AI score0.00482EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•9 views

EUVD-2026-37682

Quanos SCHEMA ST4 on-premises contains a local privilege escalation vulnerability in the Client Update Service. The update service runs as NT AUTHORITY\SYSTEM and exposes a .NET Remoting interface over a named pipe without sufficient access controls or authorization. A local authenticated...

8.4CVSS5.5AI score0.00126EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•9 views

EUVD-2026-37552

The JetEngine plugin for WordPress is vulnerable to SQL injection in all versions up to and including 3.8.10.1. The listingloadmore AJAX handler accepts a filteredquery parameter that is intentionally excluded from the HMAC query signature check to support front-end filter integration. However,...

7.5CVSS5.7AI score0.00322EPSS
Exploits0References7
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•10 views

EUVD-2026-37681

Quanos SCHEMA ST4 on-premises contains a local privilege escalation vulnerability in the Client Update Service due to insecure deserialization in the .NET Remoting service. The service is configured with TypeFilterLevel.Full and is bound to local interfaces only through named pipes. A local...

8.4CVSS6.3AI score0.00273EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•13 views

EUVD-2026-37561

In createSessionInternal of PackageInstallerService.java, there is a possible method to remove a DPC app from a managed device without DO consent due to desync from persistence. This could lead to local escalation of privilege if a user can install a malicious app with no additional execution...

10CVSS5.6AI score0.00123EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•11 views

EUVD-2026-37560

A Path Traversal vulnerability affecting SOLIDWORKS Visualize from SOLIDWORKS Desktop Release 2024 through SOLIDWORKS Desktop Release 2026 could allow an attacker to write arbitrary files on the server...

9.8CVSS5.5AI score0.0038EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•9 views

EUVD-2026-37570

In tryStartActivity of NfcDispatcher.java, there is a possible automatic special app access permission assignment due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

10CVSS5.6AI score0.00165EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•11 views

EUVD-2026-37565

In multiple places, there is a possible persistent denial of service due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

10CVSS5.6AI score0.00122EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•10 views

EUVD-2026-37586

The Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 30.0.2 via the RegistryUserRole parameter. This is due to the plugin's admin menu being registered at the editposts...

8.8CVSS5.3AI score0.00408EPSS
Exploits0References7
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•8 views

EUVD-2026-37568

In NFC, there is a possible way to spoof an NFC event due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

10CVSS5.6AI score0.00148EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•10 views

EUVD-2026-37564

In Package Manager, there is a possible device lock controller bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

10CVSS5.6AI score0.00218EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•9 views

EUVD-2026-37575

In setAllowedCarriers of PhoneInterfaceManager.java, there is a possible way to disable carrier restrictions due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

10CVSS5.6AI score0.00155EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•9 views

EUVD-2026-37569

A vulnerability in nltk.app.wordnetapp up to version 3.9.3 allows unauthenticated remote shutdown of the local WordNet Browser HTTP server when started in its default mode. The server listens on all interfaces and processes a specific unauthenticated GET request /SHUTDOWN%20THE%20SERVER to...

7.5CVSS5.5AI score0.00325EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•8 views

EUVD-2026-37680

Open redirection vulnerability in the authentication system allows an attacker to use manipulated values in the X-Forwarded-Host header to alter the URLs generated by the application. A successful exploit could redirect authenticated users to malicious sites following login procedures or...

5.1CVSS5.4AI score0.0042EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•13 views

EUVD-2026-37585

The Counter Box – Add Countdowns, Timers & Dynamic Counters to WordPress plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 2.0.13 via deserialization of untrusted input . This makes it possible for authenticated attackers, with administrator-level...

6.6CVSS6.1AI score0.00535EPSS
Exploits0References7
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•11 views

EUVD-2026-37525

Use after free in DigitalCredentials in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

9.6CVSS5.4AI score0.00251EPSS
Exploits0References3
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•11 views

EUVD-2026-37526

Use after free in File Input in Google Chrome on Linux prior to 149.0.7827.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS5.5AI score0.00301EPSS
Exploits0References3
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•10 views

EUVD-2026-37527

Use after free in Passwords in Google Chrome on Android prior to 149.0.7827.155 allowed a remote attacker to execute arbitrary code via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS6AI score0.00387EPSS
Exploits0References3
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•11 views

EUVD-2026-37524

Use after free in Digital Credentials in Google Chrome prior to 149.0.7827.155 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS5.5AI score0.00323EPSS
Exploits0References3
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•11 views

EUVD-2026-37522

Use after free in WebShare in Google Chrome on Windows prior to 149.0.7827.155 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Critical...

8.3CVSS5.4AI score0.00279EPSS
Exploits0References3
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•6 views

EUVD-2025-210209

Unauthenticated Local File Inclusion in Mission = 1.22 versions...

8.1CVSS5.1AI score0.00435EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•13 views

EUVD-2025-210237

Unauthenticated Privilege Escalation in Support Ticket Management System = 1.9 versions...

9.8CVSS5.1AI score0.0045EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•10 views

EUVD-2026-37554

In SettingsLib, there is a possible way to disable system components due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

7.8CVSS5.6AI score0.0008EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•9 views

EUVD-2025-210176

Unauthenticated Local File Inclusion in Gita = 1.11 versions...

8.1CVSS5.1AI score0.00435EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•6 views

EUVD-2025-210172

Unauthenticated Local File Inclusion in Top Dog = 1.0.5 versions...

8.1CVSS5.2AI score0.00435EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•6 views

EUVD-2025-210208

Unauthenticated Local File Inclusion in Abelle = 1.22 versions...

8.1CVSS5.1AI score0.00435EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•7 views

EUVD-2025-210235

Unauthenticated Local File Inclusion in Resurs = 1.3 versions...

8.1CVSS5.1AI score0.00435EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•6 views

EUVD-2025-210236

Unauthenticated Local File Inclusion in Tipsy = 1.1 versions...

8.1CVSS5.1AI score0.00435EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•11 views

EUVD-2026-37555

In Contacts Provider, there is a possible way to access an incoming call's phone number and associated metadata due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

3.3CVSS5.6AI score0.00065EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•9 views

EUVD-2025-210229

Subscriber SQL Injection in Events Schedule - WordPress Events Calendar Plugin = 2.7.2 versions...

8.5CVSS5.7AI score0.00342EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•8 views

EUVD-2025-210234

Unauthenticated Local File Inclusion in Orpheus = 1.3 versions...

8.1CVSS5.1AI score0.00348EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•11 views

EUVD-2025-210233

Unauthenticated Local File Inclusion in Snowy = 1.13 versions...

8.1CVSS5.1AI score0.00348EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•10 views

EUVD-2025-210182

Unauthenticated Local File Inclusion in ITactics = 1.0 versions...

8.1CVSS5.1AI score0.00348EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•8 views

EUVD-2025-210177

Unauthenticated Local File Inclusion in Grecko = 5.17 versions...

8.1CVSS5.1AI score0.00435EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•12 views

EUVD-2025-210180

Unauthenticated Local File Inclusion in Eros = 1.3 versions...

8.1CVSS5.1AI score0.00435EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•8 views

EUVD-2025-210174

Unauthenticated Cross Site Scripting XSS in Grand Car Rental = 3.7 versions...

7.1CVSS5AI score0.0018EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•7 views

EUVD-2025-210171

Unauthenticated Local File Inclusion in Putter = 1.17 versions...

8.1CVSS5.1AI score0.00435EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•8 views

EUVD-2025-210179

Unauthenticated Local File Inclusion in Choreo = 1.6 versions...

8.1CVSS5.1AI score0.00435EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•8 views

EUVD-2025-210175

Unauthenticated Local File Inclusion in Printo = 1.11 versions...

8.1CVSS5.1AI score0.00435EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•10 views

EUVD-2025-210184

Unauthenticated Local File Inclusion in Truemag = 4.3.14.2 versions...

8.1CVSS5.1AI score0.00435EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•9 views

EUVD-2025-210206

Unauthenticated Arbitrary File Deletion in Car Zone = 3.7 versions...

8.6CVSS5.1AI score0.00533EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•7 views

EUVD-2025-210183

Unauthenticated Local File Inclusion in Roneous = 2.1.5 versions...

8.1CVSS5.1AI score0.00474EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•10 views

EUVD-2025-210178

Unauthenticated Local File Inclusion in WineShop = 3.17 versions...

8.1CVSS5.1AI score0.00435EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•7 views

EUVD-2025-210204

Unauthenticated Local File Inclusion in Wanium = 1.9.8 versions...

8.1CVSS5.1AI score0.00435EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•10 views

EUVD-2025-210232

Unauthenticated Local File Inclusion in Quirky = 1.23 versions...

8.1CVSS5.1AI score0.00435EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•9 views

EUVD-2025-210181

Unauthenticated Local File Inclusion in Spike = 1.2 versions...

8.1CVSS5.1AI score0.00435EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•5 views

EUVD-2025-210173

Unauthenticated Local File Inclusion in Medeus = 1.14 versions...

8.1CVSS5.1AI score0.00435EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•10 views

EUVD-2025-210231

Unauthenticated Local File Inclusion in Gat = 1.16 versions...

8.1CVSS5.1AI score0.00348EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•10 views

EUVD-2025-210227

Unauthenticated Local File Inclusion in Ingenioso = 1.14.0 versions...

8.1CVSS5.1AI score0.00435EPSS
Exploits0References2
EUVD
EUVD
•added 2026/06/17 6:35 p.m.•11 views

EUVD-2025-210194

Unauthenticated Local File Inclusion in Nexio = 1.10.0 versions...

8.1CVSS5.1AI score0.00435EPSS
Exploits0References2
Total number of security vulnerabilities418351