Lucene search
K
NvdMost viewed

363464 matches found

NVD
NVD
added 2022/12/13 7:15 p.m.74 views

CVE-2022-44702

Windows Terminal Remote Code Execution Vulnerability...

7.8CVSS0.01365EPSS
Exploits0References2
NVD
NVD
added 2022/08/22 7:15 p.m.74 views

CVE-2022-32777

An information disclosure vulnerability exists in the cookie functionality of WWBN AVideo 11.6 and dev master commit 3f7c0364. The session cookie and the pass cookie miss the HttpOnly flag, making them accessible via JavaScript. The session cookie also misses the secure flag, which allows the...

7.5CVSS0.01983EPSS
Exploits0References2
NVD
NVD
added 2022/01/28 10:15 p.m.74 views

CVE-2021-44410

A denial of service vulnerability exists in the cgiserver.cgi JSON command parser functionality of reolink RLC-410W v3.0.0.13620121102. A specially-crafted HTTP request can lead to a reboot. UpgradePrepare param is not object. An attacker can send an HTTP request to trigger this vulnerability...

8.6CVSS0.01207EPSS
Exploits1References1
NVD
NVD
added 2021/11/18 5:15 p.m.74 views

CVE-2021-35534

Insufficient security control vulnerability in internal database access mechanism of Hitachi Energy Relion 670/650/SAM600-IO, Relion 650, GMS600, PWC600 allows attacker who successfully exploited this vulnerability, of which the product does not sufficiently restrict access to an internal databas...

9CVSS0.01666EPSS
Exploits0References3
NVD
NVD
added 2021/11/03 6:15 p.m.74 views

CVE-2021-23820

This affects all versions of package json-pointer. A type confusion vulnerability can lead to a bypass of CVE-2020-7709 when the pointer components are arrays...

9.8CVSS0.01813EPSS
Exploits1References3
NVD
NVD
added 2021/09/15 2:15 p.m.74 views

CVE-2020-19150

Improper Access Control in Jfinal CMS v4.7.1 and earlier allows remote attackers to obtain sensitive information or cause a denial of service via the 'FileManager.delete' function in the component 'modules/filemanager/FileManagerController.java'...

8.1CVSS0.03379EPSS
Exploits1References1
NVD
NVD
added 2021/09/15 1:15 p.m.74 views

CVE-2021-40845

The web part of Zenitel AlphaCom XE Audio Server through 11.2.3.10, called AlphaWeb XE, does not restrict file upload in the Custom Scripts section at php/index.php. Neither the content nor extension of the uploaded files is checked, allowing execution of PHP code under the /cmd directory...

8.8CVSS0.04609EPSS
Exploits7References4
NVD
NVD
added 2020/04/22 4:15 p.m.74 views

CVE-2018-21120

Certain NETGEAR devices are affected by CSRF. This affects WAC120 before 2.1.7, WAC505 before 5.0.5.4, WAC510 before 5.0.5.4, WNAP320 before 3.7.11.4, WNAP210v2 before 3.7.11.4, WNDAP350 before 3.7.11.4, WNDAP360 before 3.7.11.4, WNDAP660 before 3.7.11.4, WNDAP620 before 2.1.7, WND930 before 2.1....

8CVSS6.1AI score0.00459EPSS
Exploits0References1
NVD
NVD
added 2019/12/17 8:15 p.m.74 views

CVE-2019-19241

In the Linux kernel before 5.4.2, the iouring feature leads to requests that inadvertently have UID 0 and full capabilities, aka CID-181e448d8709. This is related to fs/io-wq.c, fs/iouring.c, and net/socket.c. For example, an attacker can bypass intended restrictions on adding an IPv4 address to...

7.8CVSS7.3AI score0.01087EPSS
Exploits2References6
NVD
NVD
added 2026/05/13 10:16 p.m.73 views

CVE-2026-45158

OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.8, unsanitized user input is passed to the DHCP configuration of the configured interface, which is processed by a shell script, allowing remote code execution as root on the underlying operating system. This vulnerability i...

9.1CVSS0.00531EPSS
Exploits0References1
NVD
NVD
added 2024/10/22 3:15 p.m.73 views

CVE-2024-26272

Cross-site request forgery CSRF vulnerability in the content page editor in Liferay Portal 7.3.2 through 7.4.3.107, and Liferay DXP 2023.Q4.0 through 2023.Q4.2, 2023.Q3.1 through 2023.Q3.5, 7.4 GA through update 92 and 7.3 GA through update 35 allows remote attackers to 1 change user passwords, 2...

8.8CVSS0.00342EPSS
Exploits0References1
NVD
NVD
added 2024/08/28 8:15 p.m.73 views

CVE-2024-45054

Hwameistor is an HA local storage system for cloud-native stateful workloads. This ClusterRole has verbs of resources. If a malicious user can access the worker node which has hwameistor's deployment, he/she can abuse these excessive permissions to do whatever he/she likes to the whole cluster,...

6.7CVSS0.00252EPSS
Exploits0References5
NVD
NVD
added 2023/12/22 5:15 p.m.73 views

CVE-2023-49790

The Nextcloud iOS Files app allows users of iOS to interact with Nextcloud, a self-hosted productivity platform. Prior to version 4.9.2, the application can be used without providing the 4 digit PIN code. Nextcloud iOS Files app should be upgraded to 4.9.2 to receive the patch. No known workaroun...

4.3CVSS0.00288EPSS
Exploits0References3
NVD
NVD
added 2023/09/05 9:15 p.m.73 views

CVE-2023-39515

Cacti is an open source operational monitoring and fault management framework. Affected versions are subject to a Stored Cross-Site-Scripting XSS Vulnerability allows an authenticated user to poison data stored in the cacti's database. These data will be viewed by administrative cacti accounts an...

6.1CVSS5.6AI score0.00703EPSS
Exploits1References6
NVD
NVD
added 2023/07/06 4:15 p.m.73 views

CVE-2023-37260

league/oauth2-server is an implementation of an OAuth 2.0 authorization server written in PHP. Starting in version 8.3.2 and prior to version 8.5.3, servers that passed their keys to the CryptKey constructor as as string instead of a file path will have had that key included in a LogicException...

8.2CVSS8.2AI score0.00783EPSS
Exploits0References3
NVD
NVD
added 2023/07/06 4:15 p.m.73 views

CVE-2023-36830

SQLFluff is a SQL linter. Prior to version 2.1.2, in environments where untrusted users have access to the config files, there is a potential security vulnerability where those users could use the librarypath config value to allow arbitrary python code to be executed via macros. For many users wh...

7.8CVSS7.1AI score0.0039EPSS
Exploits1References2
NVD
NVD
added 2023/04/21 6:15 p.m.73 views

CVE-2023-26557

io.finnet tss-lib before 2.0.0 can leak the lambda value of a private key via a timing side-channel attack because it relies on Go big.Int, which is not constant time for Cmp, modular exponentiation, or modular inverse. An example leak is in crypto/paillier/paillier.go. bnb-chain/tss-lib and...

7.5CVSS7.5AI score0.00864EPSS
Exploits0References4
NVD
NVD
added 2022/12/16 4:15 p.m.73 views

CVE-2022-20522

In getSlice of ProviderModelSlice.java, there is a missing permission check. This could lead to local escalation of privilege from the guest user with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID:...

7.8CVSS0.00156EPSS
Exploits0References1
NVD
NVD
added 2022/06/14 10:15 p.m.73 views

CVE-2022-31066

EdgeX Foundry is an open source project for building a common open framework for Internet of Things edge computing. Prior to version 2.1.1, the /api/v2/config endpoint exposes message bus credentials to local unauthenticated users. In security-enabled mode, message bus credentials are supposed to...

5.9CVSS0.00308EPSS
Exploits0References3
NVD
NVD
added 2021/12/15 7:15 p.m.73 views

CVE-2021-1001

In PVInitVideoEncoder of mp4encapi.cpp, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-12Android...

5.5CVSS0.00117EPSS
Exploits0References1
NVD
NVD
added 2019/02/06 4:29 p.m.73 views

CVE-2019-1003010

A cross-site request forgery vulnerability exists in Jenkins Git Plugin 3.9.1 and earlier in src/main/java/hudson/plugins/git/GitTagAction.java that allows attackers to create a Git tag in a workspace and attach corresponding metadata to a build record...

4.3CVSS4.4AI score0.01145EPSS
Exploits0References3
NVD
NVD
added 2026/05/09 3:16 a.m.72 views

CVE-2026-8207

Gibbon versions before v30.0.01 are affected by an authenticated SQL Injection vulnerability by abusing the Tracking/graphing https://github.com/GibbonEdu/core/blob/c431e25fdc874adece5d2dc7e408e9aa2d1abadb/modules/Tracking/graphing.phpL145 feature. Successful exploitation requires Teacher or high...

7CVSS0.00226EPSS
Exploits0References2
NVD
NVD
added 2025/09/04 10:42 a.m.72 views

CVE-2025-58357

5ire is a cross-platform desktop artificial intelligence assistant and model context protocol client. Version 0.13.2 contains a vulnerability in the chat page's script gadgets that enables content injection attacks through multiple vectors: malicious prompt injection pages, compromised MCP server...

9.6CVSS0.00597EPSS
Exploits1References2
NVD
NVD
added 2025/05/06 9:16 p.m.72 views

CVE-2025-46573

passport-wsfed-saml2 provides passport strategy for both WS-fed and SAML2 protocol. A vulnerability present starting in version 3.0.5 up to and including version 4.6.3 allows an attacker to impersonate any user during SAML authentication by tampering with a valid SAML response. This can be done b...

8.6CVSS0.00326EPSS
Exploits0References2
NVD
NVD
added 2025/04/15 6:15 p.m.72 views

CVE-2025-33028

In WinZip through 29.0, there is a Mark-of-the-Web Bypass Vulnerability because of an incomplete fix for CVE-2024-8811. This vulnerability allows attackers to bypass the Mark-of-the-Web protection mechanism on affected installations of WinZip. User interaction is required to exploit this...

6.1CVSS0.00477EPSS
Exploits0References3
NVD
NVD
added 2025/03/27 5:15 p.m.72 views

CVE-2023-52982

In the Linux kernel, the following vulnerability has been resolved: fscache: Use waitonbit to wait for the freeing of relinquished volume The freeing of relinquished volume will wake up the pending volume acquisition by using wakeupbit, however it is mismatched with waitvarevent used in...

5.5CVSS0.0021EPSS
Exploits0References2
NVD
NVD
added 2024/10/21 8:15 p.m.72 views

CVE-2022-48994

In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: Fix function prototype mismatch in sndseqexpandvarevent With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to make sure...

5.5CVSS0.00235EPSS
Exploits0References8
NVD
NVD
added 2024/07/31 4:15 p.m.72 views

CVE-2024-39694

Duende IdentityServer is an OpenID Connect and OAuth 2.x framework for ASP.NET Core. It is possible for an attacker to craft malicious Urls that certain functions in IdentityServer will incorrectly treat as local and trusted. If such a Url is returned as a redirect, some browsers will follow it t...

4.7CVSS0.00504EPSS
Exploits0References6
NVD
NVD
added 2024/05/01 1:15 p.m.72 views

CVE-2024-27063

In the Linux kernel, the following vulnerability has been resolved: leds: trigger: netdev: Fix kernel panic on interface rename trig notify Commit d5e01266e7f5 "leds: trigger: netdev: add additional specific link speed mode" in the various changes, reworked the way to set the LINKUP mode in commi...

5.5CVSS7.2AI score0.00222EPSS
Exploits0References4
NVD
NVD
added 2024/03/21 2:52 a.m.72 views

CVE-2024-27918

Coder allows oragnizations to provision remote development environments via Terraform. Prior to versions 2.6.1, 2.7.3, and 2.8.4, a vulnerability in Coder's OIDC authentication could allow an attacker to bypass the CODEROIDCEMAILDOMAIN verification and create an account with an email not in the...

8.2CVSS8.3AI score0.00965EPSS
Exploits0References5
NVD
NVD
added 2023/12/17 1:15 a.m.72 views

CVE-2023-6888

A vulnerability classified as critical was found in PHZ76 RtspServer 1.0.0. This vulnerability affects the function ParseRequestLine of the file RtspMesaage.cpp. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the publ...

9.8CVSS0.0096EPSS
Exploits1References4
NVD
NVD
added 2023/07/03 5:15 p.m.72 views

CVE-2023-36814

Products.CMFCore are the key framework services for the Zope Content Management Framework CMF. The use of Python's marshal module to handle unchecked input in a public method on PortalFolder objects can lead to an unauthenticated denial of service and crash situation. The code in question is...

7.5CVSS7.6AI score0.00723EPSS
Exploits0References2
NVD
NVD
added 2023/06/05 7:15 a.m.72 views

CVE-2023-3099

A vulnerability classified as critical was found in KylinSoft youker-assistant on KylinOS. Affected by this vulnerability is the function deletefile in the library dbus.SystemBus of the component Arbitrary File Handler. The manipulation leads to improper access controls. It is possible to launch...

7.1CVSS5.4AI score0.00306EPSS
Exploits1References3
NVD
NVD
added 2023/04/19 12:15 a.m.72 views

CVE-2023-29515

XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user who can create a space can become admin of that space through App Within Minutes. The admin right implies the script right and thus allows JavaScript injection. The vulnerability can ...

7.7CVSS7.7AI score0.00567EPSS
Exploits1References3
NVD
NVD
added 2023/04/04 10:15 p.m.72 views

CVE-2023-29003

SvelteKit is a web development framework. The SvelteKit framework offers developers an option to create simple REST APIs. This is done by defining a +server.js file, containing endpoint handlers for different HTTP methods. SvelteKit provides out-of-the-box cross-site request forgery CSRF protecti...

8.8CVSS8.9AI score0.00557EPSS
Exploits1References3
NVD
NVD
added 2023/03/14 5:15 a.m.72 views

CVE-2023-23857

Due to missing authentication check, SAP NetWeaver AS for Java - version 7.50, allows an unauthenticated attacker to attach to an open interface and make use of an open naming and directory API to access services which can be used to perform unauthorized operations affecting users and services...

9.9CVSS9.5AI score0.00544EPSS
Exploits0References2
NVD
NVD
added 2022/10/31 8:15 p.m.72 views

CVE-2022-41657

Delta Electronics InfraSuite Device Master Versions 00.00.01a and prior allow attacker provided data already serialized into memory to be used in file operation application programmable interfaces APIs. This could create arbitrary files, which could be used in API operations and could ultimately...

9.8CVSS0.20898EPSS
Exploits0References1
NVD
NVD
added 2022/07/01 8:15 p.m.72 views

CVE-2022-25900

All versions of package git-clone are vulnerable to Command Injection due to insecure usage of the --upload-pack feature of git...

10CVSS0.03227EPSS
Exploits1References2
NVD
NVD
added 2021/10/01 2:15 p.m.72 views

CVE-2021-41648

An un-authenticated SQL Injection exists in PuneethReddyHC online-shopping-system-advanced through the /action.php prId parameter. Using a post request does not sanitize the user input...

7.5CVSS0.10013EPSS
Exploits4References5
NVD
NVD
added 2021/05/28 5:15 p.m.72 views

CVE-2021-32642

radsecproxy is a generic RADIUS proxy that supports both UDP and TLS RadSec RADIUS transports. Missing input validation in radsecproxy's naptr-eduroam.sh and radsec-dynsrv.sh scripts can lead to configuration injection via crafted radsec peer discovery DNS records. Users are subject to Informatio...

9.4CVSS0.01331EPSS
Exploits0References4
NVD
NVD
added 2020/05/14 9:15 p.m.72 views

CVE-2020-0101

In BnCrypto::onTransact of ICrypto.cpp, there is a possible information disclosure due to uninitialized data. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-8.0 Android-8.1...

5.5CVSS5.1AI score0.0014EPSS
Exploits0References1
NVD
NVD
added 2018/06/13 4:29 p.m.72 views

CVE-2018-12320

There is a use after free in radare2 2.6.0 in ranalbbfree in libr/anal/bb.c via a crafted Java binary file...

7.8CVSS7.7AI score0.01021EPSS
Exploits0References2
NVD
NVD
added 2026/05/08 8:16 p.m.71 views

CVE-2026-7807

SmarterTools SmarterMail builds prior to 9560 contain a local file inclusion vulnerability in the /api/v1/report/summary/type API endpoint that allows authenticated users to read arbitrary .json files on the system. Attackers can exploit this vulnerability combined with weak encryption algorithms...

8.8CVSS0.00296EPSS
Exploits0References2
NVD
NVD
added 2026/05/02 12:16 p.m.71 views

CVE-2026-6320

The Salon Booking System – Free Version plugin for WordPress is vulnerable to Arbitrary File Read in versions up to, and including, 10.30.25. This is due to the public booking flow accepting attacker-controlled file-field values and later using those stored values as trusted paths for email...

7.5CVSS0.00373EPSS
Exploits0References2
NVD
NVD
added 2026/04/29 2:16 p.m.71 views

CVE-2026-42519

A missing permission check in Jenkins Script Security Plugin 1399.ve6a66547f6e1 and earlier allows attackers with Overall/Read permission to enumerate pending and approved Script Security classpaths...

4.3CVSS0.00174EPSS
Exploits0References1
NVD
NVD
added 2025/05/11 11:15 a.m.71 views

CVE-2025-4539

A vulnerability was found in Hainan ToDesk 4.7.6.3. It has been declared as critical. This vulnerability affects unknown code in the library profapi.dll of the component DLL File Parser. The manipulation leads to uncontrolled search path. It is possible to launch the attack on the local host. The...

7.3CVSS0.00171EPSS
Exploits0References5
NVD
NVD
added 2024/11/12 5:15 p.m.71 views

CVE-2024-52010

Zoraxy is a general purpose HTTP reverse proxy and forwarding tool. A command injection vulnerability in the Web SSH feature allows an authenticated attacker to execute arbitrary commands as root on the host. Zoraxy has a Web SSH terminal feature that allows authenticated users to connect to SSH...

8.6CVSS0.01442EPSS
Exploits0References3
NVD
NVD
added 2024/11/11 6:15 a.m.71 views

CVE-2024-51793

Unrestricted Upload of File with Dangerous Type vulnerability in Ateeq Rafeeq RepairBuddy computer-repair-shop allows Upload a Web Shell to a Web Server.This issue affects RepairBuddy: from n/a through = 3.8115...

10CVSS0.01794EPSS
Exploits4References2
NVD
NVD
added 2024/08/25 9:15 a.m.71 views

CVE-2024-8147

A vulnerability was found in code-projects Pharmacy Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /index.php?action=editPharmacist. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The...

8.8CVSS0.00611EPSS
Exploits1References5
NVD
NVD
added 2024/08/21 10:15 p.m.71 views

CVE-2024-28987

The SolarWinds Web Help Desk WHD software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data...

9.1CVSS0.93299EPSS
Exploits5References4
Total number of security vulnerabilities5000