Lucene search
K
NucleiRecent

4143 matches found

Nuclei
Nuclei
•added 2026/06/26 6:13 p.m.•121 views

Sonatype Nexus Repository Manager 3 - Remote Code Execution

Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection id: CVE-2020-10199 info: name: Sonatype Nexus Repository Manager 3 - Remote Code Execution author: rootxharsh,iamnoooob,pdresearch severity: high description: Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection impact: |...

9CVSS7.3AI score0.99064EPSS
Exploits10References5
Nuclei
Nuclei
•added 2026/06/26 6:13 p.m.•197 views

Apache Struts2 S2-052 - Remote Code Execution

The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses an XStreamHandler with an instance of XStream for deserialization without any type of filtering, which can lead to remote code execution when deserializing XML payloads. id: CVE-2017-9805 info: name:...

8.1CVSS7.7AI score0.99461EPSS
Exploits23References5
Nuclei
Nuclei
•added 2026/06/25 5:45 a.m.•198 views

PAN-OS Management Web Interface - Command Injection

A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS administrator with access to the management web interface to perform actions on the firewall with root privileges. Cloud NGFW and Prisma Access are not impacted by this vulnerability. id: CVE-2024-9474 info...

7.2CVSS7.4AI score0.94766EPSS
Exploits14
Nuclei
Nuclei
•added 2026/06/25 5:45 a.m.•100 views

SimpleHelp <= 5.5.7 - Unauthenticated Path Traversal

SimpleHelp remote support software v5.5.7 and before is vulnerable to multiple path traversal vulnerabilities that enable unauthenticated remote attackers to download arbitrary files from the SimpleHelp host via crafted HTTP requests. These files include server configuration files containing...

9.1CVSS7.6AI score0.95151EPSS
Exploits2References2
Nuclei
Nuclei
•added 2026/06/25 5:45 a.m.•121 views

MagnusBilling - Remote Code Execution

Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote attackers to run arbitrary commands via unauthenticated HTTP request. id: CVE-2023-30258 info: name: MagnusBilling - Remote Code Execution author: gy741,mananispiwpiw severity: critical description: | Comman...

9.8CVSS7.6AI score0.9425EPSS
Exploits15References5
Nuclei
Nuclei
•added 2026/06/25 5:45 a.m.•184 views

SAP NetWeaver Visual Composer Metadata Uploader - Deserialization

SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect the confidentiality, integrity, and availabili...

10CVSS7.4AI score0.99359EPSS
Exploits18References4
Nuclei
Nuclei
•added 2026/06/25 5:45 a.m.•115 views

Netsweeper <=6.4.3 - Python Code Injection

Netsweeper through 6.4.3 allows unauthenticated remote code execution because webadmin/tools/unixlogin.php with certain Referer headers launches a command line with client-supplied parameters, and allows injection of shell metacharacters. id: CVE-2020-13167 info: name: Netsweeper =6.4.4 to mitiga...

9.8CVSS7.9AI score0.95415EPSS
Exploits2References5
Nuclei
Nuclei
•added 2026/06/25 5:45 a.m.•243 views

Rocket.Chat <=3.13 - NoSQL Injection

Rocket.Chat 3.11, 3.12 and 3.13 contains a NoSQL injection vulnerability which allows unauthenticated access to an API endpoint. An attacker can possibly obtain sensitive information from a database, modify data, and/or execute unauthorized administrative operations in the context of the affected...

9.8CVSS7.3AI score0.95242EPSS
Exploits16References6
Nuclei
Nuclei
•added 2026/06/25 5:45 a.m.•87 views

Jira <8.4.0 - Server-Side Request Forgery

Jira before 8.4.0 is susceptible to server-side request forgery. The /plugins/servlet/gadgets/makeRequest resource contains a logic bug in the JiraWhitelist class, which can allow an attacker to access the content of internal network resources and thus modify data, and/or execute unauthorized...

6.5CVSS6.8AI score0.94453EPSS
Exploits2References5
Nuclei
Nuclei
•added 2026/06/25 5:45 a.m.•20 views

ThinkPHP < 3.2.4 - Remote Code Execution

ThinkPHP before 3.2.4, as used in Open Source BMS v1.1.1 and other products, allows Remote Command Execution via the s parameter in index.php through the invokefunction functionality. id: CVE-2019-9082 info: name: ThinkPHP 3.2.4 - Remote Code Execution author: 0xanis severity: high description: |...

9.3CVSS7.5AI score0.97419EPSS
Exploits8References5
Nuclei
Nuclei
•added 2026/06/25 5:45 a.m.•88 views

Mitel MiCollab - Authentication Bypass

A vulnerability in the NuPoint Unified Messaging NPM component of Mitel MiCollab through 9.8 SP1 FP2 9.8.1.201 could allow an unauthenticated attacker to conduct a path traversal attack, due to insufficient input validation. A successful exploit could allow unauthorized access, enabling the...

9.8CVSS7.4AI score0.98067EPSS
Exploits3References3
Nuclei
Nuclei
•added 2026/06/25 5:45 a.m.•34 views

Grafana Post-Auth DuckDB - SQL Injection To File Read

The SQL Expressions experimental feature of Grafana allows for the evaluation of duckdb queries containing user input. These queries are insufficiently sanitized before being passed to duckdb, leading to a command injection and local file inclusion vulnerability. Any user with the VIEWER or highe...

9.9CVSS6.6AI score0.97781EPSS
Exploits10References3
Nuclei
Nuclei
•added 2026/06/25 5:45 a.m.•148 views

rConfig 3.9.4 - Cross-Site Scripting

rConfig 3.9.4 is vulnerable to reflected XSS. The configDevice.php file improperly validates user input. An attacker can exploit this vulnerability by crafting arbitrary JavaScript in the rid GET parameter of devicemgmnt.php id: CVE-2020-12259 info: name: rConfig 3.9.4 - Cross-Site Scripting...

5.4CVSS6.7AI score0.94767EPSS
Exploits0References5
Nuclei
Nuclei
•added 2026/06/25 1:31 a.m.•19 views

VMware vCenter Server - Out-of-Bounds Write

vCenter Server contains an out-of-bounds write caused by a vulnerability in the DCERPC protocol implementation. A malicious actor with network access can trigger remote code execution on vCenter Server. id: CVE-2023-34048 info: name: VMware vCenter Server - Out-of-Bounds Write author: ritikchaddh...

9.8CVSS8.1AI score0.99428EPSS
Exploits1References3
Nuclei
Nuclei
•added 2026/06/25 1:31 a.m.•308 views

ElasticSearch - Remote Code Execution

ElasticSearch before 1.3.8 and 1.4.x before 1.4.3 allows remote attackers to bypass the sandbox protection mechanism and execute arbitrary shell commands via a crafted script to the Groovy scripting engine. id: CVE-2015-1427 info: name: ElasticSearch - Remote Code Execution author: pikpikcu...

9.8CVSS7.8AI score0.99906EPSS
Exploits19References5
Nuclei
Nuclei
•added 2026/06/25 1:31 a.m.•117 views

Webmin <1.997 - Authenticated Remote Code Execution

Webmin before 1.997 is susceptible to authenticated remote code execution via software/apt-lib.pl, which lacks HTML escaping for a UI command. An attacker can perform command injection attacks and thereby execute malware, obtain sensitive information, modify data, and/or gain full control over a...

9.8CVSS7.9AI score0.96049EPSS
Exploits8References5
Nuclei
Nuclei
•added 2026/06/25 1:31 a.m.•61 views

FreePBX - Remote Code Execution

FreePBX 15, 16, and 17 contain a remote code execution caused by insufficiently sanitized user-supplied data in endpoints, letting unauthenticated attackers manipulate the database and execute code remotely, exploit requires no authentication. id: CVE-2025-57819 info: name: FreePBX - Remote Code...

10CVSS6.8AI score0.93286EPSS
Exploits21References4
Nuclei
Nuclei
•added 2026/06/25 1:31 a.m.•34 views

Microsoft SharePoint Server - Authentication Bypass

Improper authentication in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network. id: CVE-2025-49706 info: name: Microsoft SharePoint Server - Authentication Bypass author: daffainfo severity: medium description: | Improper authentication in Microsoft Offi...

9.8CVSS7AI score0.99979EPSS
Exploits41References5
Nuclei
Nuclei
•added 2026/06/25 1:31 a.m.•221 views

Dahua IPC/VTH/VTO - Authentication Bypass

The identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identity authentication by constructing malicious data packets. id: CVE-2021-33045 info: name: Dahua IPC/VTH/VTO - Authentication Bypass author: phantomowl severity:...

10CVSS7AI score0.99556EPSS
Exploits9References2
Nuclei
Nuclei
•added 2026/06/25 1:31 a.m.•61 views

Zoho ManageEngine Desktop Central - Remote Code Execution

Zoho ManageEngine Desktop Central contains an authentication bypass vulnerability that could allow an attacker to execute arbitrary code in the Desktop Central MSP server. id: CVE-2021-44515 info: name: Zoho ManageEngine Desktop Central - Remote Code Execution author: Adam Crosser severity:...

10CVSS7.9AI score0.99867EPSS
Exploits2References5
Nuclei
Nuclei
•added 2026/06/25 1:31 a.m.•141 views

Grafana 3.0.1-7.0.1 - Server-Side Request Forgery

Grafana 3.0.1 through 7.0.1 is susceptible to server-side request forgery via the avatar feature, which can lead to remote code execution. Any unauthenticated user/client can make Grafana send HTTP requests to any URL and return its result. This can be used to gain information about the network...

8.2CVSS7AI score0.99856EPSS
Exploits5References5
Nuclei
Nuclei
•added 2026/06/25 1:31 a.m.•67 views

Grafana Snapshot - Authentication Bypass

Grafana instances up to 7.5.11 and 8.1.5 allow remote unauthenticated users to view the snapshot associated with the lowest database key by accessing the literal paths /api/snapshot/:key or /dashboard/snapshot/:key. If the snapshot is in public mode, unauthenticated users can delete snapshots by...

9.8CVSS6.9AI score0.99888EPSS
Exploits1References5
Nuclei
Nuclei
•added 2026/06/25 1:31 a.m.•303 views

Kentico CMS Insecure Deserialization Remote Code Execution

Kentico CMS is susceptible to remote code execution via a .NET deserialization vulnerability. id: CVE-2019-10068 info: name: Kentico CMS Insecure Deserialization Remote Code Execution author: davidmckennirey severity: critical description: Kentico CMS is susceptible to remote code execution via a...

9.8CVSS7.9AI score0.96031EPSS
Exploits5References5
Nuclei
Nuclei
•added 2026/06/25 1:31 a.m.•41 views

SonicWall SRA 4600 VPN - SQL Injection

The SonicWall SRA 4600 VPN appliance is susceptible to a pre-authentication SQL injection vulnerability. id: CVE-2019-7481 info: name: SonicWall SRA 4600 VPN - SQL Injection author: darrenmartyn severity: high description: The SonicWall SRA 4600 VPN appliance is susceptible to a pre-authenticatio...

7.5CVSS7.4AI score0.99906EPSS
Exploits0References5
Nuclei
Nuclei
•added 2026/06/25 1:31 a.m.•59 views

Palo Alto Expedition - SQL Injection

An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expeditio...

9.2CVSS7.7AI score0.99597EPSS
Exploits3References4
Nuclei
Nuclei
•added 2026/06/25 1:31 a.m.•65 views

PaloAlto Networks Expedition - Remote Code Execution

An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls. id: CVE-2024-946...

9.9CVSS7.6AI score0.98423EPSS
Exploits0References4
Nuclei
Nuclei
•added 2026/06/25 1:31 a.m.•192 views

Oracle WebLogic Server - Remote Command Execution

The Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent - WLS Security is susceptible to remote command execution. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.1.0 and 12.2.1.2.0. This easily exploitable vulnerability allows unauthenticated attacke...

7.5CVSS7.5AI score0.99993EPSS
Exploits45References5
Nuclei
Nuclei
•added 2026/06/25 1:31 a.m.•35 views

Jira Server and Data Center - Information Disclosure

Jira Server and Data Center is susceptible to information disclosure. An attacker can enumerate users via the QueryComponentRendererValue!Default.jspa endpoint and thus potentially access sensitive information, modify data, and/or execute unauthorized operations, Affected versions are before...

5.3CVSS6.1AI score0.99209EPSS
Exploits1References5
Nuclei
Nuclei
•added 2026/06/23 5:8 a.m.•96 views

SPIP BigUp Plugin - Remote Code Execution

SPIP before 4.3.2, 4.2.16, and 4.1.18 is vulnerable to a command injection issue. A remote and unauthenticated attacker can execute arbitrary operating system commands by sending a crafted multipart file upload HTTP request. id: CVE-2024-8517 info: name: SPIP BigUp Plugin - Remote Code Execution...

9.8CVSS7.7AI score0.94618EPSS
Exploits7References5
Nuclei
Nuclei
•added 2026/06/23 5:8 a.m.•70 views

Zoho ManageEngine ADAudit Plus <7600 - XML Entity Injection/Remote Code Execution

Zoho ManageEngine ADAudit Plus before version 7060 is vulnerable to an unauthenticated XML entity injection attack that can lead to remote code execution. id: CVE-2022-28219 info: name: Zoho ManageEngine ADAudit Plus 7600 - XML Entity Injection/Remote Code Execution author: dwisiswant0 severity:...

9.8CVSS7.6AI score0.97011EPSS
Exploits6References5
Nuclei
Nuclei
•added 2026/06/23 5:8 a.m.•383 views

Wing FTP Server <= 7.4.3 - Remote Code Execution

Wing FTP Server versions prior to 7.4.4 are vulnerable to an unauthenticated remote code execution RCE flaw CVE-2025-47812. The vulnerability arises from improper NULL byte handling in the 'username' parameter during login, which allows Lua code injection into session files. These injected sessio...

10CVSS7.7AI score0.95343EPSS
Exploits23References2
Nuclei
Nuclei
•added 2026/06/23 5:8 a.m.•289 views

Zabbix - SAML SSO Authentication Bypass

When SAML SSO authentication is enabled non-default, session data can be modified by a malicious actor because a user login stored in the session was not verified. id: CVE-2022-23131 info: name: Zabbix - SAML SSO Authentication Bypass author: For3stCo1d,spac3wh1te severity: critical description:...

9.8CVSS7.5AI score0.95683EPSS
Exploits9References5
Nuclei
Nuclei
•added 2026/06/23 5:8 a.m.•533 views

Argus Surveillance DVR 4.0.0.0 - Local File Inclusion

Argus Surveillance DVR 4.0.0.0 devices allow unauthenticated local file inclusion, leading to file disclosure via a ..%2F in the WEBACCOUNT.CGI RESULTPAGE parameter. id: CVE-2018-15745 info: name: Argus Surveillance DVR 4.0.0.0 - Local File Inclusion author: gy741 severity: high description: |...

7.5CVSS7.1AI score0.97709EPSS
Exploits4References5
Nuclei
Nuclei
•added 2026/06/23 5:8 a.m.•54 views

SSL VPN Session Hijacking

An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication. id: CVE-2024-53704 info: name: SSL VPN Session Hijacking author: johnk3r severity: critical description: | An Improper Authentication vulnerability in the SSLVPN...

9.8CVSS7.6AI score0.95132EPSS
Exploits0References2
Nuclei
Nuclei
•added 2026/06/22 5:20 a.m.•113 views

Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 3.90 - Command Injection

A vulnerability, which was classified as critical, was found in Raisecom MSG1200, MSG2100E, MSG2200 and MSG2300 3.90. This affects an unknown part of the file listbaseconfig.php of the component Web Interface. The manipulation of the argument template leads to os command injection. It is possible...

9.8CVSS6.2AI score0.934EPSS
Exploits4References4
Nuclei
Nuclei
•added 2026/06/21 3:3 a.m.•100 views

Optergy Proton/Enterprise - Unauthenticated RCE via Backdoor Console

Optergy Proton/Enterprise devices allow Remote Root Code Execution via a Backdoor Console. id: CVE-2019-7276 info: name: Optergy Proton/Enterprise - Unauthenticated RCE via Backdoor Console author: daffainfo severity: critical description: | Optergy Proton/Enterprise devices allow Remote Root Cod...

10CVSS7.4AI score0.93384EPSS
Exploits7References4
Nuclei
Nuclei
•added 2026/06/19 11:10 a.m.•82 views

Apache Struts2 S2-012 RCE

Apache Struts Showcase App 2.0.0 through 2.3.13, as used in Struts 2 before 2.3.14.3, allows remote attackers to execute arbitrary OGNL code via a crafted parameter name that is not properly handled when invoking a redirect. id: CVE-2013-1965 info: name: Apache Struts2 S2-012 RCE author: pikpikcu...

9.3CVSS7.7AI score0.93813EPSS
Exploits1References5
Nuclei
Nuclei
•added 2026/06/19 11:10 a.m.•12 views

Splunk Enterprise & Cloud Platform - Unrestricted File Upload

In Splunk Enterprise versions below 10.2.4 and 10.0.7, and Splunk Cloud Platform versions below 10.4.2604.3 and 10.2.2510.14, an unauthenticated user could create or truncate arbitrary files through a PostgreSQL sidecar service endpoint.The vulnerability exists because the PostgreSQL sidecar...

9.8CVSS6.2AI score0.88171EPSS
Exploits5References2
Nuclei
Nuclei
•added 2026/06/19 11:10 a.m.•130 views

Zoho ManageEngine - Remote Code Execution

Zoho ManageEngine Password Manager Pro, PAM 360, and Access Manager Plus are susceptible to unauthenticated remote code execution via XML-RPC. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system without entering necessary...

9.8CVSS8.1AI score0.9994EPSS
Exploits5References5
Nuclei
Nuclei
•added 2026/06/19 11:10 a.m.•95 views

Spring - Remote Code Execution

Spring MVC and Spring WebFlux applications running on Java Development Kit 9+ are susceptible to remote code execution via data binding. It requires the application to run on Tomcat as a WAR deployment. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full...

9.8CVSS7.7AI score0.99677EPSS
Exploits102References6
Nuclei
Nuclei
•added 2026/06/18 12:13 p.m.•5 views

FUXA 1.3.0 - Unauthenticated ICS/SCADA Project Data Disclosure

FUXA v1.3.0 exposes full SCADA/HMI project configuration via GET /api/project without authentication, even when secureEnabled is true. The secureFnc middleware auto-generates a valid guest JWT when no token is provided, bypassing authentication. Exposed data includes server-side scripts, device...

5.2AI score0.00088EPSS
Exploits0References2
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•216 views

MOVEit Transfer - Remote Code Execution

In Progress MOVEit Transfer before 2021.0.6 13.0.6, 2021.1.4 13.1.4, 2022.0.4 14.0.4, 2022.1.5 14.1.5, and 2023.0.1 15.0.1, a SQL injection vulnerability has been found in the MOVEit Transfer web application that could allow an unauthenticated attacker to gain access to MOVEit Transfer's database...

9.8CVSS8.7AI score0.99934EPSS
Exploits15References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•124 views

Apache Druid Kafka Connect - Remote Code Execution

The vulnerability has the potential to enable a remote attacker with authentication to run any code on the system. This is due to unsafe deserialization that occurs during the configuration of the connector through the Kafka Connect REST API id: CVE-2023-25194 info: name: Apache Druid Kafka Conne...

8.8CVSS6.9AI score0.95302EPSS
Exploits8References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•267 views

Citrix Bleed - Leaking Session Tokens

Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Gateway VPN virtual server, ICA Proxy, CVPN, RDP Proxy or AAA ?virtual?server. id: CVE-2023-4966 info: name: Citrix Bleed - Leaking Session Tokens author: DhiyaneshDK severity: high description: | Sensiti...

9.4CVSS7.5AI score0.99999EPSS
Exploits15References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•54 views

GitLab - Account Takeover via Password Reset

An issue has been discovered in GitLab CE/EE affecting all versions from 16.1 prior to 16.1.6, 16.2 prior to 16.2.9, 16.3 prior to 16.3.7, 16.4 prior to 16.4.5, 16.5 prior to 16.5.6, 16.6 prior to 16.6.4, and 16.7 prior to 16.7.2 in which user account password reset emails could be delivered to a...

10CVSS8.3AI score0.94955EPSS
Exploits16References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•175 views

Adobe ColdFusion - Deserialization of Untrusted Data

Adobe ColdFusion versions 2018u17 and earlier, 2021u7 and earlier and 2023u1 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction. id: CVE-2023-38203 info: name:...

9.8CVSS8.9AI score0.97003EPSS
Exploits0References3
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•189 views

Ivanti Sentry - Authentication Bypass

A security vulnerability in MICS Admin Portal in Ivanti MobileIron Sentry versions 9.18.0 and below, which may allow an attacker to bypass authentication controls on the administrative interface due to an insufficiently restrictive Apache HTTPD configuration. id: CVE-2023-38035 info: name: Ivanti...

9.8CVSS8.8AI score0.99949EPSS
Exploits6References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•166 views

Ivanti ICS - Authentication Bypass

An authentication bypass vulnerability in the web component of Ivanti ICS 9.x, 22.x and Ivanti Policy Secure allows a remote attacker to access restricted resources by bypassing control checks. id: CVE-2023-46805 info: name: Ivanti ICS - Authentication Bypass author: DhiyaneshDK,daffainfo,geeknik...

9.1CVSS8.7AI score0.99999EPSS
Exploits23References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•131 views

Fortra GoAnywhere MFT - Remote Code Execution

Fortra GoAnywhere MFT is susceptible to remote code execution via unsafe deserialization of an arbitrary attacker-controlled object. This stems from a pre-authentication command injection vulnerability in the License Response Servlet. id: CVE-2023-0669 info: name: Fortra GoAnywhere MFT - Remote...

7.2CVSS8.9AI score0.99999EPSS
Exploits12References5
Nuclei
Nuclei
•added 2026/06/16 7:13 a.m.•108 views

IBM WebSphere Java Object Deserialization - Remote Code Execution

IBM Websphere Application Server 7, 8, and 8.5 have a deserialization vulnerability in the SOAP Connector port 8880 by default. id: CVE-2015-7450 info: name: IBM WebSphere Java Object Deserialization - Remote Code Execution author: wdahlenb severity: critical description: IBM Websphere Applicatio...

10CVSS7.1AI score0.97655EPSS
Exploits10References5
Total number of security vulnerabilities4143