Lucene search
K
NucleiRecent

4143 matches found

Nuclei
Nuclei
added 2026/06/16 7:13 a.m.56 views

Drupal - Remote Code Execution

Drupal 8.5.x before 8.5.11 and Drupal 8.6.x before 8.6.10 V contain certain field types that do not properly sanitize data from non-form sources, which can lead to arbitrary PHP code execution in some cases. id: CVE-2019-6340 info: name: Drupal - Remote Code Execution author: madrobot severity:...

8.1CVSS8.8AI score0.92017EPSS
Exploits22References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.82 views

Atlassian Confluence Server - Local File Inclusion

Atlassian Confluence Server allows remote attackers to view restricted resources via local file inclusion in the /s/ endpoint. id: CVE-2021-26085 info: name: Atlassian Confluence Server - Local File Inclusion author: princechaddha severity: medium description: Atlassian Confluence Server allows...

5.3CVSS5.6AI score0.99937EPSS
Exploits6References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.80 views

VMware vCenter Server - Arbitrary File Upload

VMware vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to execute code on vCenter Server by uploading a specially crafted file. id: CVE-2021-22005 info: name: VMware...

9.8CVSS8.7AI score0.99999EPSS
Exploits11References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.83 views

Apache <= 2.4.48 Mod_Proxy - Server-Side Request Forgery

Apache 2.4.48 and below contain an issue where uri-path can cause modproxy to forward the request to an origin server chosen by the remote user. id: CVE-2021-40438 info: name: Apache = 2.4.48 ModProxy - Server-Side Request Forgery author: pdteam severity: critical description: Apache 2.4.48 and...

9CVSS7.5AI score0.99999EPSS
Exploits5References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.205 views

FortiLogger 4.4.2.2 - Arbitrary File Upload

FortiLogger 4.4.2.2 is affected by arbitrary file upload issues. Attackers can send a "Content-Type: image/png" header to Config/SaveUploadedHotspotLogoFile and then Assets/temp/hotspot/img/logohotspot.asp. id: CVE-2021-3378 info: name: FortiLogger 4.4.2.2 - Arbitrary File Upload author:...

9.8CVSS8.5AI score0.97512EPSS
Exploits8References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.221 views

VMware vSphere Client (HTML5) - Remote Code Execution

The vSphere Client HTML5 contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with...

10CVSS9.6AI score0.99999EPSS
Exploits13References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.51 views

Fortinet FortiNAC - Arbitrary File Write

Fortinet FortiNAC is susceptible to arbitrary file write. An external control of the file name or path can allow an attacker to execute unauthorized code or commands via specifically crafted HTTP request, thus making it possible to obtain sensitive information, modify data, and/or execute...

9.8CVSS8.8AI score0.99815EPSS
Exploits7References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.101 views

Hitachi Pentaho Business Analytics Server - Remote Code Execution

Hitachi Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x, is susceptible to remote code execution via server-side template injection. Certain web services can set property values which contain Spring templates that are interpreted downstream, thereby...

8.8CVSS9.1AI score0.9767EPSS
Exploits6References3
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.85 views

Fortinet - Authentication Bypass

Fortinet contains an authentication bypass vulnerability via using an alternate path or channel in FortiOS 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy 7.2.0 and 7.0.0 through 7.0.6, and FortiSwitchManager 7.2.0 and 7.0.0. An attacker can perform operations on the administrative...

9.8CVSS8.6AI score0.99984EPSS
Exploits25References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.140 views

IBM Aspera Faspex <=4.4.2 PL1 - Remote Code Execution

IBM Aspera Faspex through 4.4.2 Patch Level 1 is susceptible to remote code execution via a YAML deserialization flaw. This can allow an attacker to send a specially crafted obsolete API call and thereby execute arbitrary code, obtain sensitive data, and/or execute other unauthorized operations...

9.8CVSS9.2AI score0.99968EPSS
Exploits5References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.70 views

vBulletin 5.0.0-5.5.4 - Remote Command Execution

vBulletin 5.0.0 through 5.5.4 is susceptible to a remote command execution vulnerability via the widgetConfig parameter in an ajax/render/widgetphp routestring request. An attacker can execute malware, obtain sensitive information, modify data, and/or gain full control over a compromised system...

9.8CVSS9.2AI score0.99728EPSS
Exploits27References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.195 views

strapi CMS <3.0.0-beta.17.5 - Admin Password Reset

strapi CMS before 3.0.0-beta.17.5 allows admin password resets because it mishandles password resets within packages/strapi-admin/controllers/Auth.js and packages/strapi-plugin-users-permissions/controllers/Auth.js. id: CVE-2019-18818 info: name: strapi CMS 3.0.0-beta.17.5 - Admin Password Reset...

9.8CVSS8.2AI score0.97639EPSS
Exploits13References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.66 views

Pulse Connect Secure SSL VPN Arbitrary File Read

Pulse Secure Pulse Connect Secure PCS 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4 all contain an arbitrary file reading vulnerability that could allow unauthenticated remote attackers to send a specially crafted URI to gain improper access. id: CVE-2019-11510 info: name: Pulse...

10CVSS8.8AI score0.99999EPSS
Exploits22References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.80 views

Synacor Zimbra Collaboration <8.7.11p10 - XML External Entity Injection

Synacor Zimbra Collaboration Suite 8.7.x before 8.7.11p10 has an XML external entity injection XXE vulnerability via the mailboxd component. id: CVE-2019-9670 info: name: Synacor Zimbra Collaboration 8.7.11p10 - XML External Entity Injection author: ree4pwn severity: critical description: Synacor...

9.8CVSS8.4AI score0.99986EPSS
Exploits4References7
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.155 views

F5 BIG-IP iControl - REST Auth Bypass RCE

F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all 12.1.x and 11.6.x versions, may allow undisclosed requests to bypass iControl REST authentication. id: CVE-2022-1388 info: name: F5 BIG-IP...

9.8CVSS8.7AI score0.99956EPSS
Exploits63References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.57 views

Spring Data Commons - Remote Code Execution

Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements. An unauthenticated remote malicious user or attacker can supply specially crafted request parameters...

9.8CVSS9AI score0.95649EPSS
Exploits9References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.181 views

Webmin <= 1.920 - Unauthenticated Remote Command Execution

Webmin =1.920. is vulnerable to an unauthenticated remote command execution via the parameter 'old' in passwordchange.cgi. id: CVE-2019-15107 info: name: Webmin = 1.920 - Unauthenticated Remote Command Execution author: bp0lr severity: critical description: Webmin =1.920. is vulnerable to an...

10CVSS8.9AI score0.99766EPSS
Exploits38References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.51 views

Kibana Timelion - Arbitrary Code Execution

Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. An attacker with access to the Timelion application could send a request that will attempt to execute javascript code. This could possibly lead to an attacker executing arbitrary commands...

10CVSS8.9AI score0.95338EPSS
Exploits12References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.76 views

Citrix ADC and Gateway - Directory Traversal

Citrix Application Delivery Controller ADC and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0 are susceptible to directory traversal vulnerabilities. id: CVE-2019-19781 info: name: Citrix ADC and Gateway - Directory Traversal author: organiccrap,geeknik severity: critical description: Citrix Applicatio...

9.8CVSS8.8AI score0.99999EPSS
Exploits48References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.274 views

Oracle WebLogic Server - Remote Command Execution

The Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: Web Services allows unauthenticated attackers with network access via HTTP to compromise Oracle WebLogic Server. Versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. id: CVE-2019-2725 info: name: Oracle WebLogic...

9.8CVSS7.9AI score0.99964EPSS
Exploits35References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.58 views

WSO2 Management - Arbitrary File Upload & Remote Code Execution

Certain WSO2 products allow unrestricted file upload with resultant remote code execution. This affects WSO2 API Manager 2.2.0 and above through 4.0.0; WSO2 Identity Server 5.2.0 and above through 5.11.0; WSO2 Identity Server Analytics 5.4.0, 5.4.1, 5.5.0, and 5.6.0; WSO2 Identity Server as Key...

10CVSS9.1AI score0.99999EPSS
Exploits22References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.74 views

Apache Struts <=2.5.20 - Remote Code Execution

Apache Struts 2.0.0 to 2.5.20 forced double OGNL evaluation when evaluated on raw user input in tag attributes, which may lead to remote code execution. id: CVE-2019-0230 info: name: Apache Struts =2.5.20 - Remote Code Execution author: geeknik severity: critical description: Apache Struts 2.0.0 ...

9.8CVSS8.9AI score0.97399EPSS
Exploits15References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.110 views

rConfig 3.9.2 - Remote Code Execution

rConfig 3.9.2 is susceptible to a remote code execution vulnerability. An attacker can directly execute system commands by sending a GET request to ajaxServerSettingsChk.php because the rootUname parameter is passed to the exec function without filtering, which can lead to command execution. id:...

10CVSS9.6AI score0.97702EPSS
Exploits11References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.60 views

eMerge E3 1.00-06 - Remote Code Execution

Linear eMerge E3-Series devices are susceptible to remote code execution vulnerabilities. id: CVE-2019-7256 info: name: eMerge E3 1.00-06 - Remote Code Execution author: pikpikcu severity: critical description: | Linear eMerge E3-Series devices are susceptible to remote code execution...

10CVSS9.4AI score0.97136EPSS
Exploits16References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.98 views

D-Link Routers - Remote Code Execution

D-Link products such as DIR-655C, DIR-866L, DIR-652, and DHP-1565 contain an unauthenticated remote code execution vulnerability. The issue occurs when the attacker sends an arbitrary input to a "PingTest" device common gateway interface that could lead to common injection. An attacker who...

10CVSS9.2AI score0.99996EPSS
Exploits5References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.159 views

ManageEngine - Remote Command Execution

Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow remote code execution due to use of Apache xmlsec aka XML Security for Java 1.4.1, because the xmlsec XSLT features, by design in that version, make the application responsible for certain security...

9.8CVSS9.4AI score0.99753EPSS
Exploits15References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.875 views

WordPress <5.8.3 - SQL Injection

WordPress before 5.8.3 is susceptible to SQL injection through multiple plugins or themes due to improper sanitization in WPQuery, An attacker can potentially obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site. id:...

8CVSS6.7AI score0.97795EPSS
Exploits14References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.121 views

Apache Spark UI - Remote Command Injection

Apache Spark UI is susceptible to remote command injection. ACLs can be enabled via the configuration option spark.acls.enable. With an authentication filter, this checks whether a user has access permissions to view or modify the application. If ACLs are enabled, a code path in HttpSecurityFilte...

8.8CVSS8.5AI score0.92984EPSS
Exploits12References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.153 views

Sophos Firewall <=18.5 MR3 - Remote Code Execution

Sophos Firewall version v18.5 MR3 and older contains an authentication bypass vulnerability in the User Portal and Webadmin which could allow a remote attacker to execute code. id: CVE-2022-1040 info: name: Sophos Firewall =18.5 MR4 to mitigate this vulnerability. reference: -...

9.8CVSS9AI score0.99796EPSS
Exploits9References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.209 views

Cacti <=1.2.22 - Remote Command Injection

Cacti through 1.2.22 is susceptible to remote command injection. There is insufficient authorization within the remote agent when handling HTTP requests with a custom Forwarded-For HTTP header. An attacker can send a specially crafted HTTP request to the affected instance and execute arbitrary OS...

9.8CVSS9.2AI score0.99826EPSS
Exploits48References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.46 views

VMware Workspace ONE Access - Server-Side Template Injection

VMware Workspace ONE Access is susceptible to a remote code execution vulnerability due to a server-side template injection flaw. An unauthenticated attacker with network access could exploit this vulnerability by sending a specially crafted request to a vulnerable VMware Workspace ONE or Identit...

10CVSS9.4AI score0.99997EPSS
Exploits25References4
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.213 views

ZK Framework - Information Disclosure

ZK Framework 9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2 and 8.6.4.1 is susceptible to information disclosure. An attacker can access sensitive information via a crafted POST request to the component AuUploader and thereby possibly obtain additional sensitive information, modify data, and/or execute...

7.5CVSS8AI score0.95335EPSS
Exploits5References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.92 views

Adobe ColdFusion 8.0/8.0.1/9.0/9.0.1 LFI

Multiple directory traversal vulnerabilities in the administrator console in Adobe ColdFusion 9.0.1 and earlier allow remote attackers to read arbitrary files via the locale parameter to 1 CFIDE/administrator/settings/mappings.cfm, 2 logging/settings.cfm, 3 datasources/index.cfm, 4...

9.8CVSS8.7AI score0.99721EPSS
Exploits13References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.73 views

Fortinet FortiOS - Credentials Disclosure

Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests due to improper limitation of a...

9.8CVSS8.4AI score0.99999EPSS
Exploits22References3
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.142 views

Buffalo WSR-2533DHPL2 - Path Traversal

Buffalo WSR-2533DHPL2 firmware version = 1.02 and WSR-2533DHP3 firmware version = 1.24 are susceptible to a path traversal vulnerability that could allow unauthenticated remote attackers to bypass authentication in their web interfaces. id: CVE-2021-20090 info: name: Buffalo WSR-2533DHPL2 - Path...

9.8CVSS8.3AI score0.99983EPSS
Exploits5References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.96 views

ForgeRock OpenAM <7.0 - Remote Code Execution

ForgeRock AM server before 7.0 has a Java deserialization vulnerability in the jato.pageSession parameter on multiple pages. The exploitation does not require authentication, and remote code execution can be triggered by sending a single crafted /ccversion/ request to the server. The vulnerabilit...

10CVSS9.6AI score0.99999EPSS
Exploits8References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.75 views

PHP CGI v5.3.12/5.4.2 Remote Code Execution

sapi/cgi/cgimain.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script aka php-cgi, does not properly handle query strings that lack an = equals sign character, which allows remote attackers to execute arbitrary code by placing command-line options in the query string,...

9.8CVSS8AI score0.99998EPSS
Exploits42References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.97 views

Exchange Server - Remote Code Execution

Microsoft Exchange Server is vulnerable to a remote code execution vulnerability. This CVE ID is unique from CVE-2021-31196, CVE-2021-31206. id: CVE-2021-34473 info: name: Exchange Server - Remote Code Execution author: arcc,intx0x80,dwisiswant0,r3dg33k severity: critical description: | Microsoft...

10CVSS8.7AI score0.99999EPSS
Exploits78References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.103 views

Sophos Web Appliance - Remote Code Execution

A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older than version 4.3.10.4 allows execution of arbitrary code. id: CVE-2023-1671 info: name: Sophos Web Appliance - Remote Code Execution author: Co5mos severity: critical description: | A pre-auth...

9.8CVSS9AI score0.99999EPSS
Exploits10References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.270 views

Adobe Commerce & Magento - CosmicSting

Adobe Commerce versions 2.4.7, 2.4.6-p5, 2.4.5-p7, 2.4.4-p8 and earlier are affected by an Improper Restriction of XML External Entity Reference 'XXE' vulnerability that could result in arbitrary code execution. id: CVE-2024-34102 info: name: Adobe Commerce & Magento - CosmicSting author:...

9.8CVSS9AI score0.99994EPSS
Exploits26References2
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.248 views

Atlassian Confluence - Remote Code Execution

A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated attacker to achieve RCE on an affected instance. Customers using an affected version must take immediate action. Most recent supported versions of Confluence Data Center and Server...

10CVSS8.7AI score0.99984EPSS
Exploits32References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.75 views

Atlassian Confluence Server - Improper Authorization

All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. There is no impact to confidentiality as an attacker cannot exfiltrate any instance data. Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an...

10CVSS8.6AI score0.99999EPSS
Exploits14References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.67 views

D-Link NAS - Command Injection via Name Parameter

A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. It has been declared as critical. Affected by this vulnerability is the function cgiuseradd of the file /cgi-bin/accountmgr.cgi?cmd=cgiuseradd. The manipulation of the argument name leads to os command...

9.8CVSS7.6AI score0.97432EPSS
Exploits11References3
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.264 views

CraftCMS < 4.4.15 - Unauthenticated Remote Code Execution

Craft CMS is a platform for creating digital experiences. This is a high-impact, low-complexity attack vector leading to Remote Code Execution RCE. Users running Craft installations before 4.4.15 are encouraged to update to at least that version to mitigate the issue. This issue has been fixed in...

10CVSS8.4AI score0.92918EPSS
Exploits10References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.79 views

JetBrains TeamCity < 2023.05.4 - Remote Code Execution

In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible id: CVE-2023-42793 info: name: JetBrains TeamCity 2023.05.4 - Remote Code Execution author: iamnoooob,rootxharsh,pdresearch severity: critical description: | In JetBrains TeamCity before...

9.8CVSS8.7AI score0.99979EPSS
Exploits17References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.47 views

Ivanti vTM - Authentication Bypass

Incorrect implementation of an authentication algorithm in Ivanti vTM other than versions 22.2R1 or 22.7R2 allows a remote unauthenticated attacker to bypass authentication of the admin panel. id: CVE-2024-7593 info: name: Ivanti vTM - Authentication Bypass author: gy741 severity: critical...

9.8CVSS8.8AI score0.99987EPSS
Exploits4References3
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.107 views

ServiceNow - Incomplete Input Validation

ServiceNow has addressed an input validation vulnerability that was identified in the Washington DC, Vancouver, and earlier Now Platform releases. This vulnerability could enable an unauthenticated user to remotely execute code within the context of the Now Platform. The vulnerability is addresse...

9.8CVSS8.8AI score0.99628EPSS
Exploits4References4
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.253 views

WordPress Paid Memberships Pro <2.9.8 - Blind SQL Injection

WordPress Paid Memberships Pro plugin before 2.9.8 contains a blind SQL injection vulnerability in the 'code' parameter of the /pmpro/v1/order REST route. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of th...

9.8CVSS8.8AI score0.9246EPSS
Exploits6References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.155 views

Check Point Quantum Gateway - Information Disclosure

Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available. id: CVE-2024-24919 info: name: Check Poi...

8.6CVSS8.2AI score0.99978EPSS
Exploits52References5
Nuclei
Nuclei
added 2026/06/16 7:13 a.m.55 views

Embedthis GoAhead <3.6.5 - Remote Code Execution

description: Embedthis GoAhead before 3.6.5 allows remote code execution if CGI is enabled and a CGI program is dynamically linked. id: CVE-2017-17562 info: name: Embedthis GoAhead 3.6.5 - Remote Code Execution author: geeknik severity: high description: | description: Embedthis GoAhead before...

8.1CVSS8.1AI score0.96327EPSS
Exploits15References5
Total number of security vulnerabilities4143