Lucene search
K
NvdMost viewed

364537 matches found

NVD
NVD
•added 2019/07/19 3:15 p.m.•48 views

CVE-2019-1167

A security feature bypass vulnerability exists in Windows Defender Application Control WDAC which could allow an attacker to bypass WDAC enforcement, aka 'Windows Defender Application Control Security Feature Bypass Vulnerability'...

4.1CVSS4.3AI score0.011EPSS
Exploits0References1
NVD
NVD
•added 2019/01/09 4:29 p.m.•48 views

CVE-2018-20679

An issue was discovered in BusyBox before 1.30.0. An out of bounds read in udhcp components consumed by the DHCP server, client, and relay allows a remote attacker to leak sensitive information from the stack by sending a crafted DHCP message. This is related to verification in udhcpgetoption in...

7.5CVSS7.1AI score0.07694EPSS
Exploits2References7
NVD
NVD
•added 2018/12/10 2:29 p.m.•48 views

CVE-2018-1000864

A denial of service vulnerability exists in Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in CronTab.java that allows attackers with Overall/Read permission to have a request handling thread enter an infinite loop...

6.5CVSS6.8AI score0.02751EPSS
Exploits0References3
NVD
NVD
•added 2018/09/18 2:29 p.m.•48 views

CVE-2018-11787

In Apache Karaf version prior to 3.0.9, 4.0.9, 4.1.1, when the webconsole feature is installed in Karaf, it is available at .../system/console and requires authentication to access it. One part of the console is a Gogo shell/console that gives access to the command line console of Karaf via a Web...

8.1CVSS8.1AI score0.02573EPSS
Exploits0References3
NVD
NVD
•added 2018/06/05 8:29 p.m.•48 views

CVE-2018-1000183

A exposure of sensitive information vulnerability exists in Jenkins GitHub Plugin 1.29.0 and older in GitHubServerConfig.java that allows attackers with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing...

6.5CVSS6.3AI score0.01013EPSS
Exploits0References1
NVD
NVD
•added 2018/01/23 6:29 p.m.•48 views

CVE-2017-17999

SQL injection vulnerability in RISE Ultimate Project Manager 1.9 allows remote attackers to execute arbitrary SQL commands via the search parameter to index.php/knowledgebase/getarticlesuggestion/...

9.8CVSS10AI score0.03344EPSS
Exploits5References2
NVD
NVD
•added 2017/08/29 1:29 p.m.•48 views

CVE-2017-10952

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 8.2.0.2051. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the save...

8.8CVSS8.7AI score0.07152EPSS
Exploits2References4
NVD
NVD
•added 2017/07/21 2:29 p.m.•48 views

CVE-2015-3421

The eshopcheckout function in checkout.php in the Wordpress Eshop plugin 6.3.11 and earlier does not validate variables in the "eshopcart" HTTP cookie, which allows remote attackers to perform cross-site scripting XSS attacks, or a path disclosure attack via crafted variables named after target P...

6.1CVSS6.1AI score0.01291EPSS
Exploits2References2
NVD
NVD
•added 2017/05/12 7:29 a.m.•48 views

CVE-2017-8912

CMS Made Simple CMSMS 2.1.6 allows remote authenticated administrators to execute arbitrary PHP code via the code parameter to admin/editusertag.php, related to the CreateTagFunction and CallUserTag functions. NOTE: the vendor reportedly has stated this is "a feature, not a bug...

7.2CVSS7.2AI score0.03111EPSS
Exploits4References2
NVD
NVD
•added 2017/04/17 4:59 p.m.•48 views

CVE-2017-5647

A bug in the handling of the pipelined requests in Apache Tomcat 9.0.0.M1 to 9.0.0.M18, 8.5.0 to 8.5.12, 8.0.0.RC1 to 8.0.42, 7.0.0 to 7.0.76, and 6.0.0 to 6.0.52, when send file was used, results in the pipelined request being lost when send file processing of the previous request completed. Thi...

7.5CVSS7.6AI score0.1684EPSS
Exploits0References34
NVD
NVD
•added 2016/05/16 10:59 a.m.•48 views

CVE-2015-6838

The xslextfunctionphp function in ext/xsl/xsltprocessor.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13, when libxml2 before 2.9.2 is used, does not consider the possibility of a NULL valuePop return value before proceeding with a free operation after the principal argument...

7.5CVSS8AI score0.07276EPSS
Exploits0References6
NVD
NVD
•added 2016/04/11 9:59 p.m.•48 views

CVE-2015-7502

Red Hat CloudForms 3.2 Management Engine CFME 5.4.4 and CloudForms 4.0 Management Engine CFME 5.5.0 do not properly encrypt data in the backend PostgreSQL database, which might allow local users to obtain sensitive data and consequently gain privileges by leveraging access to 1 database exports o...

5.1CVSS5.2AI score0.00341EPSS
Exploits0References3
NVD
NVD
•added 2014/03/11 7:37 p.m.•48 views

CVE-2013-2754

Cross-site request forgery CSRF vulnerability in Umisoft UMI.CMS before 2.9 build 21905 allows remote attackers to hijack the authentication of administrators for requests that add administrator accounts via a request to admin/users/add/user/do/...

6.8CVSS6.9AI score0.02286EPSS
Exploits5References5
NVD
NVD
•added 2014/01/21 4:6 p.m.•48 views

CVE-2013-7219

SQL injection vulnerability in vote.php in the 2Glux Sexy Polling comsexypolling component before 1.0.9 for Joomla! allows remote attackers to execute arbitrary SQL commands via the answerid parameter...

7.5CVSS8.3AI score0.02289EPSS
Exploits3References4
NVD
NVD
•added 2013/04/09 8:55 p.m.•48 views

CVE-2013-1800

The crack gem 0.3.1 and earlier for Ruby does not properly restrict casts of string values, which might allow remote attackers to conduct object-injection attacks and execute arbitrary code, or cause a denial of service memory and CPU consumption by leveraging Action Pack support for 1 YAML type...

7.5CVSS7.1AI score0.04952EPSS
Exploits1References6
NVD
NVD
•added 2012/11/23 8:55 p.m.•48 views

CVE-2011-4085

The servlets invoked by httpha-invoker in JBoss Enterprise Application Platform before 5.1.2, SOA Platform before 5.2.0, BRMS Platform before 5.3.0, and Portal Platform before 4.3 CP07 perform access control only for the GET and POST methods, which allow remote attackers to bypass authentication ...

6.8CVSS6.5AI score0.02953EPSS
Exploits3References11
NVD
NVD
•added 2011/01/28 9:0 p.m.•48 views

CVE-2010-4710

Cross-site scripting XSS vulnerability in the addItem method in the Menu widget in YUI before 2.9.0 allows remote attackers to inject arbitrary web script or HTML via a field that is added to a menu, related to documentation that specifies this field as a text field rather than an HTML field, a...

4.3CVSS5.6AI score0.0223EPSS
Exploits0References4
NVD
NVD
•added 2010/12/23 6:0 p.m.•48 views

CVE-2010-3972

Heap-based buffer overflow in the TELNETSTREAMCONTEXT::OnSendData function in ftpsvc.dll in Microsoft FTP Service 7.0 and 7.5 for Internet Information Services IIS 7.0, and IIS 7.5, allows remote attackers to execute arbitrary code or cause a denial of service daemon crash via a crafted FTP...

10CVSS8AI score0.94534EPSS
Exploits3References10
NVD
NVD
•added 2010/08/11 6:47 p.m.•48 views

CVE-2010-1882

Multiple buffer overflows in the MPEG Layer-3 Audio Codec for Microsoft DirectShow in l3codecx.ax in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allow remote attackers to execute arbitrary code via an MPEG Layer-3 audio stream in 1 a crafted media file or 2 crafted streaming content, aka...

9.3CVSS7.6AI score0.23415EPSS
Exploits0References3
NVD
NVD
•added 2010/02/12 7:30 p.m.•48 views

CVE-2010-0298

The x86 emulator in KVM 83 does not use the Current Privilege Level CPL and I/O Privilege Level IOPL in determining the memory access available to CPL3 code, which allows guest OS users to cause a denial of service guest OS crash or gain privileges on the guest OS by leveraging access to a 1 IO...

6.5CVSS7AI score0.02416EPSS
Exploits0References7
NVD
NVD
•added 2009/10/14 10:30 a.m.•48 views

CVE-2009-1547

Unspecified vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 allows remote attackers to execute arbitrary code via a crafted data stream header that triggers memory corruption, aka "Data Stream Header Corruption Vulnerability."...

9.3CVSS7.3AI score0.37436EPSS
Exploits8References3
NVD
NVD
•added 2007/02/12 8:28 p.m.•48 views

CVE-2007-0882

Argument injection vulnerability in the telnet daemon in.telnetd in Solaris 10 and 11 SunOS 5.10 and 5.11 misinterprets certain client "-f" sequences as valid requests for the login program to skip authentication, which allows remote attackers to log into certain accounts, as demonstrated by the...

10CVSS6.7AI score0.97848EPSS
Exploits13References19
NVD
NVD
•added 2006/07/18 3:47 p.m.•48 views

CVE-2006-3674

nNetObject.cpp in Armagetron Advanced 2.8.2 and earlier allows remote attackers to cause a denial of service CPU consumption via a large number handled by the idreqhandler function...

7.8CVSS6.6AI score0.02226EPSS
Exploits1References7
NVD
NVD
•added 2006/07/07 12:5 a.m.•48 views

CVE-2006-3425

FastPatch for a PatchLink Update Server PLUS before 6.1 P1 and 6.2.x before 6.2 SR1 P1, and b Novell ZENworks 6.2 SR1 and earlier, does not require authentication for dagent/proxyreg.asp, which allows remote attackers to list, add, or delete PatchLink Distribution Point PDP proxy servers via...

7.5CVSS7AI score0.0229EPSS
Exploits0References9
NVD
NVD
•added 2026/06/04 2:16 p.m.•47 views

CVE-2026-8037

OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an un-authenticated attacker to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in multiple command endpoints...

9.6CVSS0.29641EPSS
Exploits2References2
NVD
NVD
•added 2026/06/01 5:17 p.m.•47 views

CVE-2026-46243

In the Linux kernel, the following vulnerability has been resolved: smb: client: reject userspace cifs.spnego descriptions cifs.spnego key descriptions contain authority-bearing fields such as pid, uid, creduid, and upcalltarget that cifs.upcall treats as kernel-originating inputs. However,...

7.8CVSS0.00353EPSS
Exploits4References43
NVD
NVD
•added 2026/05/18 3:16 p.m.•47 views

CVE-2026-41949

Dify before version 1.14.2 contains an authorization bypass vulnerability in the file preview endpoint that allows any authenticated user to read up to 3,000 characters of any uploaded document across all tenants and workspaces using only the file's UUID. Attackers can access the...

8.2CVSS0.00435EPSS
Exploits1References6
NVD
NVD
•added 2026/05/18 9:16 a.m.•47 views

CVE-2026-5163

Mattermost versions 11.5.x = 11.5.1 fail to verify channel membership when processing AI-assisted message rewrites which allows an authenticated attacker to read the content of threads in private channels and direct messages they do not have access to via a crafted request to the post rewrite...

6.5CVSS0.00205EPSS
Exploits0References1
NVD
NVD
•added 2026/05/14 9:16 p.m.•47 views

CVE-2026-44666

HRConvert2 is a self-hosted, drag-and-drop & nosql file conversion server & share tool. Prior to 3.3.8, the sanitizeString function in convertCore.php is missing backtick and tab \t from its strip list. User input then reaches shellexec, where the shell interprets these characters and commands...

9.3CVSS0.00297EPSS
Exploits0References2
NVD
NVD
•added 2026/05/12 5:16 p.m.•47 views

CVE-2026-20793

Unchecked return value for some IntelR QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result ma...

4.8CVSS0.00096EPSS
Exploits0References1
NVD
NVD
•added 2026/05/12 2:17 p.m.•47 views

CVE-2026-45091

sealed-env is a cross-stack, zero-trust secret management library for Node.js and Java/Spring Boot. In sealed-env enterprise mode, versions 0.1.0-alpha.1 through 0.1.0-alpha.3 embedded the operator's literal TOTP secret in the JWS payload of every minted unseal token. JWS payload is base64-encode...

9.1CVSS0.00326EPSS
Exploits1References1
NVD
NVD
•added 2026/05/12 10:16 a.m.•47 views

CVE-2026-6813

The Continually plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 4.3.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and...

4.4CVSS0.00195EPSS
Exploits0References5
NVD
NVD
•added 2026/05/12 10:16 a.m.•47 views

CVE-2026-6001

Authorization bypass through User-Controlled key vulnerability in ABIS Technology Ltd. Co. BAPSİS allows Exploitation of Trusted Identifiers. This issue affects BAPSİS: before v.202604152042...

8.8CVSS0.00242EPSS
Exploits0References1
NVD
NVD
•added 2026/05/12 10:16 a.m.•47 views

CVE-2026-33862

A vulnerability has been identified in Teamcenter V2312 All versions V2312.0014, Teamcenter V2406 All versions V2406.0012, Teamcenter V2412 All versions V2412.0009, Teamcenter V2506 All versions V2506.0005, Teamcenter V2512 All versions. The affected application does not properly encode or filter...

8.5CVSS0.00192EPSS
Exploits0References1
NVD
NVD
•added 2026/05/12 9:16 a.m.•47 views

CVE-2026-6710

The Skysa Text Ticker App plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.4. This is due to missing or incorrect nonce validation on the SkysaAppsAdminAppPage function. This makes it possible for unauthenticated attackers to trick a site...

4.3CVSS0.00128EPSS
Exploits0References5
NVD
NVD
•added 2026/05/11 5:16 p.m.•47 views

CVE-2026-31253

The flash-attention training framework thru commit e724e2588cbe754beb97cf7c011b5e7e34119e62 2025-13-04 contains an insecure deserialization vulnerability CWE-502 in its checkpoint loading mechanism. The loadcheckpoint function in checkpoint.py and the checkpoint loading code in eval.py use...

7.3CVSS0.00218EPSS
Exploits0References2
NVD
NVD
•added 2026/05/11 10:16 a.m.•47 views

CVE-2026-6956

ATutor is vulnerable to Reflected XSS in /install/install.php endpoint. An attacker can provide a specially crafted URL that, when opened, results in arbitrary JavaScript execution in the victim's browser. Product is no longer actively supported. Maintainers of this project were notified early...

5.1CVSS0.00391EPSS
Exploits0References2
NVD
NVD
•added 2026/05/10 1:16 p.m.•47 views

CVE-2022-50963

uBidAuction 2.0.1 contains a reflected cross-site scripting vulnerability in the auctions/myAuctions/status/active module. The datecreated, datefrom, dateto, and createdat parameters in the filter functionality are not properly sanitized, allowing remote attackers to inject malicious scripts via...

6.1CVSS0.00247EPSS
Exploits0References4
NVD
NVD
•added 2026/05/08 3:16 p.m.•47 views

CVE-2026-41570

PHPUnit is a testing framework for PHP. In versions 12.5.21 and 13.1.5, PHPUnit forwards PHP INI settings to child processes used for isolated/PHPT test execution as -d name=value command-line arguments without neutralizing INI metacharacters. Because PHP's INI parser interprets " as a string...

7.8CVSS0.00191EPSS
Exploits0References2
NVD
NVD
•added 2026/05/06 12:16 p.m.•47 views

CVE-2026-43283

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ecbhf: Fix dmafreecoherent dma handle dmafreecoherent in error path takes priv-rxbuf.alloclen as the dma handle. This would lead to improper unmapping of the buffer. Change the dma handle to priv-rxbuf.allocphys...

8.8CVSS0.0012EPSS
Exploits0References8
NVD
NVD
•added 2026/05/05 4:16 p.m.•47 views

CVE-2026-7412

In Eclipse BaSyx Java Server SDK versions prior to 2.0.0-milestone-10, the Operation Delegation feature fails to validate the destination URI of delegated requests. An unauthenticated remote attacker can exploit this design flaw to force the BaSyx server to execute blind HTTP POST requests to...

8.6CVSS0.00516EPSS
Exploits0References2
NVD
NVD
•added 2026/05/04 9:16 p.m.•47 views

CVE-2026-42223

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.8, the GetSettings API handler api/settings/settings.go:24-65 serializes all settings structs to JSON and returns them to authenticated users. Many sensitive fields are tagged with protected:"true" - however, this tag...

6.5CVSS0.00295EPSS
Exploits1References2
NVD
NVD
•added 2026/05/04 5:16 p.m.•47 views

CVE-2026-37461

An out-of-bounds read in the ParseIP6Extended function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

7.5CVSS0.00335EPSS
Exploits0References3
NVD
NVD
•added 2026/04/15 6:17 p.m.•47 views

CVE-2026-5758

JavaScript is vulnerable to prototype pollution in Mafintosh's protocol-buffers-schema Version 3.6.0, where an attacker may alter the application logic, bypass security checks, cause a DoS or achieve remote code execution...

6.5CVSS0.00534EPSS
Exploits0References2
NVD
NVD
•added 2026/04/01 1:16 p.m.•47 views

CVE-2026-29014

MetInfo CMS versions 7.9, 8.0, and 8.1 contain an unauthenticated PHP code injection vulnerability that allows remote attackers to execute arbitrary code by sending crafted requests with malicious PHP code. Attackers can exploit insufficient input neutralization in the execution path to achieve...

9.8CVSS0.39688EPSS
Exploits4References5
NVD
NVD
•added 2026/02/05 5:16 p.m.•47 views

CVE-2020-37118

P5 FNIP-8x16A FNIP-4xSH 1.0.20 contains a cross-site request forgery vulnerability that allows attackers to perform administrative actions without user interaction. Attackers can craft malicious web pages to add new admin users, change passwords, and modify system configurations by tricking...

5.1CVSS0.0014EPSS
Exploits0References6
NVD
NVD
•added 2025/12/01 9:15 p.m.•47 views

CVE-2025-66205

Frappe is a full-stack web application framework. Prior to 15.86.0 and 14.99.2, a certain endpoint was vulnerable to error-based SQL injection due to lack of validation of parameters. Some information like version could be retrieved. This vulnerability is fixed in 15.86.0 and 14.99.2...

9.8CVSS0.00272EPSS
Exploits0References2
NVD
NVD
•added 2025/11/13 5:15 p.m.•47 views

CVE-2025-11538

A vulnerability exists in Keycloak's server distribution where enabling debug mode --debug insecurely defaults to binding the Java Debug Wire Protocol JDWP port to all network interfaces 0.0.0.0. This exposes the debug port to the local network, allowing an attacker on the same network segment to...

6.8CVSS0.00432EPSS
Exploits0References6
NVD
NVD
•added 2025/09/18 10:15 a.m.•47 views

CVE-2025-8565

The Privacy Policy Generator, Terms & Conditions Generator WordPress Plugin : WP Legal Pages plugin for WordPress is vulnerable to unauthorized access of functionality due to a missing capability check on the wplpgdprinstallpluginajaxhandler function in all versions up to, and including, 3.4.3...

8.1CVSS0.00257EPSS
Exploits0References2
NVD
NVD
•added 2025/08/04 11:15 p.m.•47 views

CVE-2025-46093

LiquidFiles before 4.1.2 supports FTP SITE CHMOD for mode 6777 setuid and setgid, which allows FTPDrop users to execute arbitrary code as root by leveraging the Actionscript feature and the sudoers configuration...

9.9CVSS0.0052EPSS
Exploits1References3
Total number of security vulnerabilities5000