Lucene search
K
NvdMost viewed

363875 matches found

NVD
NVD
•added 2018/11/14 6:29 p.m.•44 views

CVE-2018-9537

In CAacDecoderDecodeFrame of aacdecode.cpp, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution in the media server with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions:...

9.3CVSS9.1AI score0.01539EPSS
Exploits0References2
NVD
NVD
•added 2018/09/10 7:29 p.m.•44 views

CVE-2018-14635

When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP address, bypassing IP address validation. A potential denial of service could occur if an IP address, conflicting with existing guests or routers, is then assigned from...

6.5CVSS6.3AI score0.02527EPSS
Exploits0References7
NVD
NVD
•added 2018/09/06 2:29 p.m.•44 views

CVE-2018-14632

An out of bound write can occur when patching an Openshift object using the 'oc patch' functionality in OpenShift Container Platform before 3.7. An attacker can use this flaw to cause a denial of service attack on the Openshift master api service which provides cluster management...

7.7CVSS7.3AI score0.01952EPSS
Exploits0References7
NVD
NVD
•added 2018/08/13 9:47 p.m.•44 views

CVE-2018-10636

CNCSoft Version 1.00.83 and prior with ScreenEditor Version 1.00.54 has multiple stack-based buffer overflow vulnerabilities that could cause the software to crash due to lacking user input validation before copying data from project files onto the stack. Which may allow an attacker to gain remot...

9.3CVSS9.5AI score0.09536EPSS
Exploits0References2
NVD
NVD
•added 2018/06/19 9:29 p.m.•44 views

CVE-2018-10811

strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable...

7.5CVSS7.5AI score0.07124EPSS
Exploits0References9
NVD
NVD
•added 2018/06/13 4:29 p.m.•44 views

CVE-2018-11688

Ignite Realtime Openfire before 3.9.2 is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability via a crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site,...

6.1CVSS6.2AI score0.0242EPSS
Exploits2References7
NVD
NVD
•added 2017/10/24 6:29 p.m.•44 views

CVE-2016-10517

networking.c in Redis before 3.2.7 allows "Cross Protocol Scripting" because it lacks a check for POST and Host: strings, which are not valid in the Redis protocol but commonly occur when an attack triggers an HTTP request to the Redis TCP port...

7.4CVSS7.3AI score0.02147EPSS
Exploits0References4
NVD
NVD
•added 2017/08/30 7:29 p.m.•44 views

CVE-2017-12069

An XXE vulnerability has been identified in OPC Foundation UA .NET Sample Code before 2017-03-21 and Local Discovery Server LDS before 1.03.367. Among the affected products are Siemens SIMATIC PCS7 All versions V8.1 and earlier, SIMATIC WinCC All versions V7.4 SP1, SIMATIC WinCC Runtime...

8.2CVSS8.1AI score0.02904EPSS
Exploits0References4
NVD
NVD
•added 2015/10/26 5:59 p.m.•44 views

CVE-2015-5286

OpenStack Image Service Glance before 2014.2.4 juno and 2015.1.x before 2015.1.2 kilo allows remote authenticated users to bypass the storage quota and cause a denial of service disk consumption by deleting images that are being uploaded using a token that expires during the process. NOTE: this...

6.8CVSS6.2AI score0.02376EPSS
Exploits0References4
NVD
NVD
•added 2014/05/05 5:6 p.m.•44 views

CVE-2013-7003

Multiple cross-site scripting XSS vulnerabilities in LiveZilla before 5.1.2.0 allow remote attackers to inject arbitrary web script or HTML via the 1 full name field, 2 company field, or 3 filename to chat.php...

4.3CVSS5.6AI score0.01854EPSS
Exploits2References4
NVD
NVD
•added 2014/04/11 1:55 a.m.•44 views

CVE-2014-2746

net/IOService.java in Tigase before 5.2.1 does not properly restrict the processing of compressed XML elements, which allows remote attackers to cause a denial of service resource consumption via a crafted XMPP stream, aka an "xmppbomb" attack...

7.8CVSS6.5AI score0.02994EPSS
Exploits0References6
NVD
NVD
•added 2013/10/24 3:48 a.m.•44 views

CVE-2013-5180

The srandomdev function in Libc in Apple Mac OS X before 10.9, when the kernel random-number generator is unavailable, produces predictable values instead of the intended random values, which makes it easier for context-dependent attackers to defeat cryptographic protection mechanisms by leveragi...

4.3CVSS5.8AI score0.01086EPSS
Exploits0References1
NVD
NVD
•added 2013/08/19 11:55 p.m.•44 views

CVE-2012-5575

Apache CXF 2.5.x before 2.5.10, 2.6.x before CXF 2.6.7, and 2.7.x before CXF 2.7.4 does not verify that a specified cryptographic algorithm is allowed by the WS-SecurityPolicy AlgorithmSuite definition before decrypting, which allows remote attackers to force CXF to use weaker cryptographic...

6.4CVSS5.6AI score0.06322EPSS
Exploits0References21
NVD
NVD
•added 2012/11/23 7:55 p.m.•44 views

CVE-2010-1330

The regular expression engine in JRuby before 1.4.1, when $KCODE is set to 'u', does not properly handle characters immediately after a UTF-8 character, which allows remote attackers to conduct cross-site scripting XSS attacks via a crafted string...

4.3CVSS5.6AI score0.02218EPSS
Exploits1References7
NVD
NVD
•added 2010/06/15 2:4 p.m.•44 views

CVE-2010-2263

nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows, allows remote attackers to obtain source code or unparsed content of arbitrary files under the web document root by appending ::$DATA to the URI...

5CVSS6.9AI score0.71926EPSS
Exploits4References4
NVD
NVD
•added 2010/05/12 4:5 p.m.•44 views

CVE-2010-1482

Cross-site scripting XSS vulnerability in admin/editprefs.php in the backend in CMS Made Simple CMSMS before 1.7.1 might allow remote attackers to inject arbitrary web script or HTML via the dateformatstring parameter...

4.3CVSS5.6AI score0.01085EPSS
Exploits3References4
NVD
NVD
•added 2010/01/25 7:30 p.m.•44 views

CVE-2010-0386

The default configuration of Sun Java System Application Server 7 and 7 2004Q2 enables the HTTP TRACE method, which makes it easier for remote attackers to steal cookies and authentication credentials via a cross-site tracing XST attack, a related issue to CVE-2004-2763 and CVE-2005-3398...

8.1CVSS6.5AI score0.01692EPSS
Exploits0References1
NVD
NVD
•added 2010/01/13 8:30 p.m.•44 views

CVE-2009-4490

minihttpd 1.19 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator...

5CVSS7.6AI score0.1027EPSS
Exploits2References2
NVD
NVD
•added 2009/10/22 6:30 p.m.•44 views

CVE-2009-1991

Unspecified vulnerability in the Oracle Text component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.4 allows remote authenticated users to affect confidentiality and integrity, related to CTXSYS.DRVXTABC. NOTE: the previous information was obtained from the October 2009 CPU. Oracle...

3.6CVSS6.5AI score0.01712EPSS
Exploits0References6
NVD
NVD
•added 2009/09/22 10:30 a.m.•44 views

CVE-2009-3288

The sgbuildindirect function in drivers/scsi/sg.c in Linux kernel 2.6.28-rc1 through 2.6.31-rc8 uses an incorrect variable when accessing an array, which allows local users to cause a denial of service kernel OOPS and NULL pointer dereference, as demonstrated by using xcdroast to duplicate a CD...

4.9CVSS6AI score0.00438EPSS
Exploits2References5
NVD
NVD
•added 2009/04/15 10:30 a.m.•44 views

CVE-2009-0991

Unspecified vulnerability in the Listener component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, and 11.1.0.7 allows remote attackers to affect availability via unknown vectors, a different vulnerability than CVE-2009-1970...

5CVSS6AI score0.07578EPSS
Exploits7References7
NVD
NVD
•added 2006/07/31 11:4 p.m.•44 views

CVE-2006-3942

The server driver srv.sys in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to cause a denial of service system crash via an SMBCOMTRANSACTION SMB message that contains a string without null character termination, which leads to a NULL dereference in the...

7.8CVSS6.6AI score0.75742EPSS
Exploits4References14
NVD
NVD
•added 2006/05/10 2:10 a.m.•44 views

CVE-2006-0027

Unspecified vulnerability in Microsoft Exchange allows remote attackers to execute arbitrary code via e-mail messages with crafted 1 vCal or 2 iCal Calendar properties...

7.5CVSS7.5AI score0.78679EPSS
Exploits2References12
NVD
NVD
•added 2005/06/07 4:0 a.m.•44 views

CVE-2005-1869

PHP remote file inclusion vulnerability in startlobby.php in MWChat 6.x allows remote attackers to execute arbitrary PHP code via the CONFIGMWCHATLibs parameter...

7.5CVSS7.5AI score0.01878EPSS
Exploits1References5
NVD
NVD
•added 2005/05/02 4:0 a.m.•44 views

CVE-2005-0862

Multiple PHP remote file inclusion vulnerabilities in PHPOpenChat 3.0.1 and earlier allow remote attackers to execute arbitrary PHP code via the phpbbrootpath parameter to 1 pocloginform.php or 2 phpbb/poc.php, the pocrootpath parameter to 3 phpbb/poc.php, 4 phpnuke/ENGLISHpoc.php, 5...

7.5CVSS7.7AI score0.10918EPSS
Exploits1References10
NVD
NVD
•added 2026/05/18 3:16 p.m.•43 views

CVE-2026-41949

Dify before version 1.14.2 contains an authorization bypass vulnerability in the file preview endpoint that allows any authenticated user to read up to 3,000 characters of any uploaded document across all tenants and workspaces using only the file's UUID. Attackers can access the...

8.2CVSS0.00435EPSS
Exploits1References6
NVD
NVD
•added 2026/05/15 8:16 p.m.•43 views

CVE-2026-45399

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, any authenticated user with low privileges can enumerate active background tasks across the system and stop tasks belonging to other users via the GET /api/tasks and POST...

7.1CVSS0.0027EPSS
Exploits1References1
NVD
NVD
•added 2026/05/14 7:16 p.m.•43 views

CVE-2026-45147

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, POST /api/tag/getTag is registered with model.CheckAuth only, omitting both model.CheckAdminRole and model.CheckReadonly, despite the handler performing a configuration write that is normally guarded by both. Any...

4.3CVSS0.00152EPSS
Exploits0References1
NVD
NVD
•added 2026/05/14 3:16 p.m.•43 views

CVE-2026-44216

Wasmtime is a runtime for WebAssembly. From 30.0.0 to 36.0.8, 43.0.2, and 44.0.1, Wasmtime's allocation logic for a WebAssembly table contained checked arithmetic which panicked on overflow. This overflow is possible to trigger, and thus panic, when a table with an extremely large size is...

7.5CVSS0.00319EPSS
Exploits0References4
NVD
NVD
•added 2026/05/13 6:16 p.m.•43 views

CVE-2026-44007

vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.1, when a NodeVM is created with nesting: true, sandbox code can unconditionally require'vm2' regardless of the outer VM's require configuration — including require: false. With access to vm2, the sandbox constructs a new inner NodeVM wi...

9.9CVSS0.009EPSS
Exploits1References5
NVD
NVD
•added 2026/05/13 4:16 p.m.•43 views

CVE-2026-44292

protobufjs compiles protobuf definitions into JavaScript JS functions. Prior to 7.5.6 and 8.0.2, protobufjs generated message constructors copied enumerable properties from a provided properties object without filtering the proto key. If an application constructed a message from an...

5.3CVSS0.00264EPSS
Exploits0References1
NVD
NVD
•added 2026/05/13 4:16 p.m.•43 views

CVE-2026-44291

protobufjs compiles protobuf definitions into JavaScript JS functions. Prior to 7.5.6 and 8.0.2, protobufjs used plain objects with inherited prototypes for internal type lookup tables used by generated encode and decode functions. If Object.prototype had already been polluted, those lookup table...

8.1CVSS0.00499EPSS
Exploits0References1
NVD
NVD
•added 2026/05/13 4:16 p.m.•43 views

CVE-2026-43480

In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: acp3x-rt5682-max9836: Add missing error check for clock acquisition The acp3x5682init function did not check the return value of clkget, which could lead to dereferencing error pointers in rt5682clkenable. Fix this by:...

5.5CVSS0.00114EPSS
Exploits0References8
NVD
NVD
•added 2026/05/12 11:16 p.m.•43 views

CVE-2026-5371

The MonsterInsights – Google Analytics Dashboard for WordPress Website Stats Made Easy plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability checks on the getadsaccesstoken and resetexperience functions in all versions up to, and including,...

7.1CVSS0.00349EPSS
Exploits0References4
NVD
NVD
•added 2026/05/12 10:16 p.m.•43 views

CVE-2026-44871

Command injection vulnerabilities exist in the command line interface CLI service accessed by the PAPI protocol of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying...

8.8CVSS0.01226EPSS
Exploits0References1
NVD
NVD
•added 2026/05/12 6:17 p.m.•43 views

CVE-2026-42141

Xibo is an open source digital signage platform with a web content management system and Windows display player software. Prior to 4.4.1, an authenticated Server-Side Request Forgery SSRF vulnerability in the Xibo CMS allows users with Library upload permissions to make arbitrary HTTP requests fr...

7.7CVSS0.00369EPSS
Exploits1References1
NVD
NVD
•added 2026/05/11 7:16 p.m.•43 views

CVE-2026-42866

Tookie is a advanced OSINT information gathering tool. Prior to 4.1fix, modules/modules.py's writetxt, writecsv, writejson, and commented-but-shipping scanfile helpers open their output as openf"user.", where user comes unsanitized from the -u CLI flag or any line of a -U usernames file. A userna...

6.7CVSS0.00145EPSS
Exploits0References1
NVD
NVD
•added 2026/05/11 5:16 p.m.•43 views

CVE-2026-31250

CosyVoice thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e 2025-30-21 contains an insecure deserialization vulnerability CWE-502 in its averagemodel.py model averaging tool. The script loads PyTorch checkpoint files epoch.pt for model averaging using torch.load without enabling the...

7.3CVSS0.00222EPSS
Exploits0References2
NVD
NVD
•added 2026/05/09 9:16 a.m.•43 views

CVE-2026-3828

Some Hikvision switch products discontinued since December 2023 are vulnerable to authenticated remote command execution due to insufficient input validation. Attackers with valid credentials can exploit this flaw by sending crafted packets containing malicious commands to affected devices, leadi...

7.2CVSS0.00842EPSS
Exploits0References1
NVD
NVD
•added 2026/05/09 4:16 a.m.•43 views

CVE-2026-41163

bubblewrap is a low-level unprivileged sandboxing tool. From version 0.11.0 to before version 0.11.2, if bubblewrap is installed in setuid mode then the user can use ptrace to attach to bubblewrap and control the unprivileged part of the sandbox setup phase. This allows the attacker to arbitraril...

8.7CVSS0.00274EPSS
Exploits0References5
NVD
NVD
•added 2026/05/08 4:16 p.m.•43 views

CVE-2026-42793

Allocation of Resources Without Limits or Throttling vulnerability in absinthe-graphql absinthe allows unauthenticated denial of service via atom table exhaustion when parsing attacker-controlled GraphQL SDL. Multiple Blueprint.Draft.convert/2 implementations in Absinthe's SDL language modules ca...

8.2CVSS0.00613EPSS
Exploits1References4
NVD
NVD
•added 2026/05/06 10:16 a.m.•43 views

CVE-2026-43108

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pd-mapper: Fix element length in servreglocpfrreqei It looks element length declared in servreglocpfrreqei for reason not matching servreglocpfrreq's reason field due which we could observe decoding error on PD crash...

5.5CVSS0.00114EPSS
Exploits0References4
NVD
NVD
•added 2026/05/05 12:16 p.m.•43 views

CVE-2023-54345

Frappe Framework ERPNext 13.4.0 contains a sandbox escape vulnerability in RestrictedPython that allows authenticated users with System Manager role to execute arbitrary code by exploiting frame introspection. Attackers can create a server script via the /app/server-script endpoint and access the...

8.8CVSS0.00609EPSS
Exploits1References8
NVD
NVD
•added 2026/03/31 2:15 a.m.•43 views

CVE-2026-3300

The Everest Forms Pro plugin for WordPress is vulnerable to Remote Code Execution via PHP Code Injection in all versions up to, and including, 1.9.12. This is due to the Calculation Addon's processfilter function concatenating user-submitted form field values into a PHP code string without proper...

9.8CVSS0.40992EPSS
Exploits1References3
NVD
NVD
•added 2026/02/11 10:15 p.m.•43 views

CVE-2024-50617

Vulnerabilities in the File Download and Get File handler components in CIPPlanner CIPAce before 9.17 allow attackers to download unauthorized files. An authenticated user can easily change the file id parameter or pass the physical file path in the URL query string to retrieve the files. Retriev...

7.5CVSS0.00232EPSS
Exploits0References1
NVD
NVD
•added 2025/10/20 4:15 p.m.•43 views

CVE-2025-40017

In the Linux kernel, the following vulnerability has been resolved: media: iris: Fix memory leak by freeing untracked persist buffer One internal buffer which is allocated only once per session was not being freed during session close because it was not being tracked as part of internal buffer li...

0.00214EPSS
Exploits0References3
NVD
NVD
•added 2025/10/02 4:15 p.m.•43 views

CVE-2025-60662

Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the wanSpeed parameter in the fromAdvSetMacMtuWan function...

7.5CVSS0.00458EPSS
Exploits1References1
NVD
NVD
•added 2025/09/17 7:15 a.m.•43 views

CVE-2025-9972

Certain models of Industrial Cellular Gateway developed by Planet Technology have an OS Command Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary OS commands and execute them on the device...

9.8CVSS0.02244EPSS
Exploits0References3
NVD
NVD
•added 2025/09/09 2:15 a.m.•43 views

CVE-2025-42925

Due to the lack of randomness in assigning Object Identifiers in the SAP NetWeaver AS JAVA IIOP service, an authenticated attacker with low privileges could predict the identifiers by conducting a brute force search. By leveraging knowledge of several identifiers generated close to the same time,...

4.3CVSS0.00218EPSS
Exploits0References2
NVD
NVD
•added 2025/08/18 6:15 p.m.•43 views

CVE-2025-55299

VaulTLS is a modern solution for managing mTLS mutual TLS certificates. Prior to 0.9.1, user accounts created through the User web UI have an empty but not NULL password set, attackers can use this to login with an empty password. This is combined with that fact, that previously disabling the...

9.4CVSS0.00216EPSS
Exploits0References2
Total number of security vulnerabilities5000