Lucene search
K
NvdMost viewed

364155 matches found

NVD
NVD
added 2006/11/22 12:7 a.m.44 views

CVE-2006-6038

SQL injection vulnerability in editpoll.php in Powie's PHP Forum pForum 1.29a and earlier allows remote attackers to execute arbitrary SQL commands via the id parameter...

7.5CVSS8.5AI score0.01202EPSS
Exploits1References5
NVD
NVD
added 2006/07/31 11:4 p.m.44 views

CVE-2006-3942

The server driver srv.sys in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to cause a denial of service system crash via an SMBCOMTRANSACTION SMB message that contains a string without null character termination, which leads to a NULL dereference in the...

7.8CVSS6.6AI score0.75742EPSS
Exploits4References14
NVD
NVD
added 2006/05/20 12:2 a.m.44 views

CVE-2006-2492

Buffer overflow in Microsoft Word in Office 2000 SP3, Office XP SP3, Office 2003 Sp1 and SP2, and Microsoft Works Suites through 2006, allows user-assisted attackers to execute arbitrary code via a malformed object pointer, as originally reported by ISC on 20060519 for a zero-day attack...

8.8CVSS7.5AI score0.48387EPSS
Exploits2References18
NVD
NVD
added 2006/05/10 2:10 a.m.44 views

CVE-2006-0027

Unspecified vulnerability in Microsoft Exchange allows remote attackers to execute arbitrary code via e-mail messages with crafted 1 vCal or 2 iCal Calendar properties...

7.5CVSS7.5AI score0.78679EPSS
Exploits2References12
NVD
NVD
added 2005/06/07 4:0 a.m.44 views

CVE-2005-1869

PHP remote file inclusion vulnerability in startlobby.php in MWChat 6.x allows remote attackers to execute arbitrary PHP code via the CONFIGMWCHATLibs parameter...

7.5CVSS7.5AI score0.01878EPSS
Exploits1References5
NVD
NVD
added 2005/05/02 4:0 a.m.44 views

CVE-2005-0862

Multiple PHP remote file inclusion vulnerabilities in PHPOpenChat 3.0.1 and earlier allow remote attackers to execute arbitrary PHP code via the phpbbrootpath parameter to 1 pocloginform.php or 2 phpbb/poc.php, the pocrootpath parameter to 3 phpbb/poc.php, 4 phpnuke/ENGLISHpoc.php, 5...

7.5CVSS7.7AI score0.10918EPSS
Exploits1References10
NVD
NVD
added 2026/05/15 8:16 p.m.43 views

CVE-2026-45399

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.0, any authenticated user with low privileges can enumerate active background tasks across the system and stop tasks belonging to other users via the GET /api/tasks and POST...

7.1CVSS0.0027EPSS
Exploits1References1
NVD
NVD
added 2026/05/14 7:16 p.m.43 views

CVE-2026-45147

SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, POST /api/tag/getTag is registered with model.CheckAuth only, omitting both model.CheckAdminRole and model.CheckReadonly, despite the handler performing a configuration write that is normally guarded by both. Any...

4.3CVSS0.00152EPSS
Exploits0References1
NVD
NVD
added 2026/05/14 3:16 p.m.43 views

CVE-2026-44216

Wasmtime is a runtime for WebAssembly. From 30.0.0 to 36.0.8, 43.0.2, and 44.0.1, Wasmtime's allocation logic for a WebAssembly table contained checked arithmetic which panicked on overflow. This overflow is possible to trigger, and thus panic, when a table with an extremely large size is...

7.5CVSS0.00319EPSS
Exploits0References4
NVD
NVD
added 2026/05/13 6:16 p.m.43 views

CVE-2026-44007

vm2 is an open source vm/sandbox for Node.js. Prior to 3.11.1, when a NodeVM is created with nesting: true, sandbox code can unconditionally require'vm2' regardless of the outer VM's require configuration — including require: false. With access to vm2, the sandbox constructs a new inner NodeVM wi...

9.9CVSS0.009EPSS
Exploits1References5
NVD
NVD
added 2026/05/13 4:16 p.m.43 views

CVE-2026-44292

protobufjs compiles protobuf definitions into JavaScript JS functions. Prior to 7.5.6 and 8.0.2, protobufjs generated message constructors copied enumerable properties from a provided properties object without filtering the proto key. If an application constructed a message from an...

5.3CVSS0.00264EPSS
Exploits0References1
NVD
NVD
added 2026/05/13 4:16 p.m.43 views

CVE-2026-44291

protobufjs compiles protobuf definitions into JavaScript JS functions. Prior to 7.5.6 and 8.0.2, protobufjs used plain objects with inherited prototypes for internal type lookup tables used by generated encode and decode functions. If Object.prototype had already been polluted, those lookup table...

8.1CVSS0.00499EPSS
Exploits0References1
NVD
NVD
added 2026/05/13 4:16 p.m.43 views

CVE-2026-43480

In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: acp3x-rt5682-max9836: Add missing error check for clock acquisition The acp3x5682init function did not check the return value of clkget, which could lead to dereferencing error pointers in rt5682clkenable. Fix this by:...

5.5CVSS0.00114EPSS
Exploits0References8
NVD
NVD
added 2026/05/12 11:16 p.m.43 views

CVE-2026-5371

The MonsterInsights – Google Analytics Dashboard for WordPress Website Stats Made Easy plugin for WordPress is vulnerable to unauthorized access and modification of data due to a missing capability checks on the getadsaccesstoken and resetexperience functions in all versions up to, and including,...

7.1CVSS0.00349EPSS
Exploits0References4
NVD
NVD
added 2026/05/12 10:16 p.m.43 views

CVE-2026-44871

Command injection vulnerabilities exist in the command line interface CLI service accessed by the PAPI protocol of AOS-8 and AOS-10 Operating Systems. Successful exploitation of these vulnerabilities could allow an authenticated remote attacker to execute arbitrary commands on the underlying...

8.8CVSS0.01226EPSS
Exploits0References1
NVD
NVD
added 2026/05/12 6:17 p.m.43 views

CVE-2026-42141

Xibo is an open source digital signage platform with a web content management system and Windows display player software. Prior to 4.4.1, an authenticated Server-Side Request Forgery SSRF vulnerability in the Xibo CMS allows users with Library upload permissions to make arbitrary HTTP requests fr...

7.7CVSS0.00369EPSS
Exploits1References1
NVD
NVD
added 2026/05/12 6:16 a.m.43 views

CVE-2026-41530

The automatic folder creation feature of Lhaz and Lhaz+ provided by Chitora soft contains a path traversal vulnerability. When the affected product is configured with the automatic folder creation feature enabled, and a product user tries to extract an archive file which has a crafted file name,...

4.6CVSS0.0015EPSS
Exploits0References2
NVD
NVD
added 2026/05/11 7:16 p.m.43 views

CVE-2026-42866

Tookie is a advanced OSINT information gathering tool. Prior to 4.1fix, modules/modules.py's writetxt, writecsv, writejson, and commented-but-shipping scanfile helpers open their output as openf"user.", where user comes unsanitized from the -u CLI flag or any line of a -U usernames file. A userna...

6.7CVSS0.00145EPSS
Exploits0References1
NVD
NVD
added 2026/05/11 5:16 p.m.43 views

CVE-2026-31250

CosyVoice thru commit 6e01309e01bc93bbeb83bdd996b1182a81aaf11e 2025-30-21 contains an insecure deserialization vulnerability CWE-502 in its averagemodel.py model averaging tool. The script loads PyTorch checkpoint files epoch.pt for model averaging using torch.load without enabling the...

7.3CVSS0.00222EPSS
Exploits0References2
NVD
NVD
added 2026/05/09 9:16 a.m.43 views

CVE-2026-3828

Some Hikvision switch products discontinued since December 2023 are vulnerable to authenticated remote command execution due to insufficient input validation. Attackers with valid credentials can exploit this flaw by sending crafted packets containing malicious commands to affected devices, leadi...

7.2CVSS0.00842EPSS
Exploits0References1
NVD
NVD
added 2026/05/09 4:16 a.m.43 views

CVE-2026-41163

bubblewrap is a low-level unprivileged sandboxing tool. From version 0.11.0 to before version 0.11.2, if bubblewrap is installed in setuid mode then the user can use ptrace to attach to bubblewrap and control the unprivileged part of the sandbox setup phase. This allows the attacker to arbitraril...

8.7CVSS0.00274EPSS
Exploits0References5
NVD
NVD
added 2026/05/08 4:16 p.m.43 views

CVE-2026-42793

Allocation of Resources Without Limits or Throttling vulnerability in absinthe-graphql absinthe allows unauthenticated denial of service via atom table exhaustion when parsing attacker-controlled GraphQL SDL. Multiple Blueprint.Draft.convert/2 implementations in Absinthe's SDL language modules ca...

8.2CVSS0.00613EPSS
Exploits1References4
NVD
NVD
added 2026/05/08 3:16 p.m.43 views

CVE-2026-43431

In the Linux kernel, the following vulnerability has been resolved: xhci: Fix NULL pointer dereference when reading portli debugfs files Michal reported and debgged a NULL pointer dereference bug in the recently added portli debugfs files Oops is caused when there are more port registers counted ...

5.5CVSS0.00107EPSS
Exploits0References2
NVD
NVD
added 2026/05/06 10:16 a.m.43 views

CVE-2026-43108

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: pd-mapper: Fix element length in servreglocpfrreqei It looks element length declared in servreglocpfrreqei for reason not matching servreglocpfrreq's reason field due which we could observe decoding error on PD crash...

5.5CVSS0.00114EPSS
Exploits0References4
NVD
NVD
added 2026/03/31 2:15 a.m.43 views

CVE-2026-3300

The Everest Forms Pro plugin for WordPress is vulnerable to Remote Code Execution via PHP Code Injection in all versions up to, and including, 1.9.12. This is due to the Calculation Addon's processfilter function concatenating user-submitted form field values into a PHP code string without proper...

9.8CVSS0.40992EPSS
Exploits1References3
NVD
NVD
added 2026/02/11 10:15 p.m.43 views

CVE-2024-50617

Vulnerabilities in the File Download and Get File handler components in CIPPlanner CIPAce before 9.17 allow attackers to download unauthorized files. An authenticated user can easily change the file id parameter or pass the physical file path in the URL query string to retrieve the files. Retriev...

7.5CVSS0.00232EPSS
Exploits0References1
NVD
NVD
added 2025/10/20 4:15 p.m.43 views

CVE-2025-40017

In the Linux kernel, the following vulnerability has been resolved: media: iris: Fix memory leak by freeing untracked persist buffer One internal buffer which is allocated only once per session was not being freed during session close because it was not being tracked as part of internal buffer li...

0.00214EPSS
Exploits0References3
NVD
NVD
added 2025/10/09 4:16 a.m.43 views

CVE-2025-27041

Transient DOS while processing video packets received from video firmware...

5.5CVSS0.00072EPSS
Exploits0References1
NVD
NVD
added 2025/10/02 4:15 p.m.43 views

CVE-2025-60662

Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the wanSpeed parameter in the fromAdvSetMacMtuWan function...

7.5CVSS0.00458EPSS
Exploits1References1
NVD
NVD
added 2025/09/09 2:15 a.m.43 views

CVE-2025-42925

Due to the lack of randomness in assigning Object Identifiers in the SAP NetWeaver AS JAVA IIOP service, an authenticated attacker with low privileges could predict the identifiers by conducting a brute force search. By leveraging knowledge of several identifiers generated close to the same time,...

4.3CVSS0.00218EPSS
Exploits0References2
NVD
NVD
added 2025/08/18 6:15 p.m.43 views

CVE-2025-55299

VaulTLS is a modern solution for managing mTLS mutual TLS certificates. Prior to 0.9.1, user accounts created through the User web UI have an empty but not NULL password set, attackers can use this to login with an empty password. This is combined with that fact, that previously disabling the...

9.4CVSS0.00216EPSS
Exploits0References2
NVD
NVD
added 2025/07/23 9:15 p.m.43 views

CVE-2025-53942

authentik is an open-source Identity Provider that emphasizes flexibility and versatility, with support for a wide set of protocols. In versions 2025.4.4 and earlier, as well as versions 2025.6.0-rc1 through 2025.6.3, deactivated users who registered through OAuth/SAML or linked their accounts to...

7.4CVSS0.00489EPSS
Exploits0References4
NVD
NVD
added 2025/07/17 8:15 p.m.43 views

CVE-2024-41921

A code injection vulnerability has been discovered in the Robot Operating System ROS 'rostopic' command-line tool, affecting ROS distributions Noetic Ninjemys and earlier. The vulnerability lies in the 'echo' verb, which allows a user to introspect a ROS topic and accepts a user-provided Python...

7.8CVSS0.0019EPSS
Exploits0References1
NVD
NVD
added 2025/06/10 1:15 a.m.43 views

CVE-2025-42989

RFC inbound processing�does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. On successful exploitation the attacker could critically impact both integrity and availability of the application...

9.6CVSS0.00414EPSS
Exploits0References2
NVD
NVD
added 2025/06/05 2:15 p.m.43 views

CVE-2025-5661

A vulnerability, which was classified as problematic, was found in code-projects Traffic Offense Reporting System 1.0. This affects an unknown part of the file /save-settings.php of the component Setting Handler. The manipulation of the argument sitename leads to cross site scripting. It is...

5.4CVSS0.00268EPSS
Exploits1References5
NVD
NVD
added 2025/05/25 11:15 p.m.43 views

CVE-2025-5158

A vulnerability was found in H3C SecCenter SMP-E1114P02 up to 20250513. It has been declared as problematic. This vulnerability affects the function downloadSoftware of the file /cfgFile/downloadSoftware. The manipulation of the argument filename leads to path traversal. The attack can be initiat...

7.5CVSS0.00651EPSS
Exploits0References4
NVD
NVD
added 2025/05/20 6:15 p.m.43 views

CVE-2025-46725

Langroid is a Python framework to build large language model LLM-powered applications. Prior to version 0.53.15, LanceDocChatAgent uses pandas eval through computefromdocs. As a result, an attacker may be able to make the agent run malicious commands through QueryPlan.dataframecalc compromising t...

9.8CVSS0.00482EPSS
Exploits0References2
NVD
NVD
added 2025/05/17 6:15 a.m.43 views

CVE-2025-4190

The CSV Mass Importer WordPress plugin through 1.2 does not properly validate uploaded files, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to for example in multisite setup...

7.2CVSS0.00489EPSS
Exploits3References1
NVD
NVD
added 2025/05/16 4:15 p.m.43 views

CVE-2025-48146

Cross-Site Request Forgery CSRF vulnerability in Michael Lups SEO Flow by LupsOnline lupsonline-link-netwerk allows Stored XSS.This issue affects SEO Flow by LupsOnline: from n/a through = 2.2.1...

7.1CVSS0.00116EPSS
Exploits0References1
NVD
NVD
added 2025/05/13 7:15 a.m.43 views

CVE-2025-4317

The TheGem theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the thegemgetlogourl function in all versions up to, and including, 5.10.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary...

8.8CVSS0.01055EPSS
Exploits1References3
NVD
NVD
added 2025/05/09 5:15 p.m.43 views

CVE-2025-4480

A vulnerability was found in code-projects Simple College Management System 1.0. It has been declared as critical. This vulnerability affects the function input of the component Add New Student. The manipulation of the argument name/branch leads to stack-based buffer overflow. It is possible to...

7.8CVSS0.00292EPSS
Exploits1References5
NVD
NVD
added 2025/05/07 8:15 a.m.43 views

CVE-2025-4171

The WZ Followed Posts – Display what visitors are reading plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wfp' shortcode in all versions up to, and including, 3.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This mak...

6.4CVSS0.00203EPSS
Exploits0References2
NVD
NVD
added 2025/05/05 9:15 a.m.43 views

CVE-2025-2905

Due to the improper configuration of XML parser, user-supplied XML is parsed without applying sufficient restrictions, enabling XML External Entity XXE resolution in multiple WSO2 Products. A successful XXE attack could allow a remote, unauthenticated attacker to: Read sensitive files from the...

9.1CVSS0.01146EPSS
Exploits0References1
NVD
NVD
added 2025/05/02 10:15 p.m.43 views

CVE-2025-21572

OpenGrok 1.13.25 has a reflected Cross-Site Scripting XSS issue when producing the history view page. This happens through improper handling of path segments. The application reflects unsanitized user input into the HTML output...

6.1CVSS0.00202EPSS
Exploits0References1
NVD
NVD
added 2025/05/02 10:15 a.m.43 views

CVE-2025-0072

Use After Free vulnerability in Arm Ltd Valhall GPU Kernel Driver, Arm Ltd Arm 5th Gen GPU Architecture Kernel Driver allows a local non-privileged user process to perform improper GPU memory processing operations to gain access to already freed memory. This issue affects Valhall GPU Kernel Drive...

7.8CVSS0.00354EPSS
Exploits0References1
NVD
NVD
added 2025/04/30 7:15 p.m.43 views

CVE-2025-46331

OpenFGA is a high-performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar. OpenFGA v1.8.10 to v1.3.6 Helm chart = openfga-0.2.28, docker = v.1.8.10 are vulnerable to authorization bypass when certain Check and ListObject calls are executed. Th...

9.8CVSS0.00327EPSS
Exploits0References2
NVD
NVD
added 2025/04/25 3:15 p.m.43 views

CVE-2025-46618

In JetBrains TeamCity before 2025.03.1 stored XSS was possible on Data Directory tab...

6.1CVSS0.2515EPSS
Exploits0References1
NVD
NVD
added 2025/04/24 5:15 p.m.43 views

CVE-2025-31324

SAP NetWeaver Visual Composer Metadata Uploader is not protected with a proper authorization, allowing unauthenticated agent to upload potentially malicious executable binaries that could severely harm the host system. This could significantly affect the confidentiality, integrity, and availabili...

10CVSS0.99359EPSS
Exploits18References6
NVD
NVD
added 2025/04/22 3:15 a.m.43 views

CVE-2025-1731

An incorrect permission assignment vulnerability in the PostgreSQL commands of the Zyxel USG FLEX H series uOS firmware versions from V1.20 through V1.31 could allow an authenticated local attacker with low privileges to gain access to the Linux shell and escalate their privileges by crafting...

7.8CVSS0.0093EPSS
Exploits2References2
NVD
NVD
added 2025/04/17 9:15 p.m.43 views

CVE-2025-29449

An issue in twonav v.2.1.18-20241105 allows a remote attacker to obtain sensitive information via the link identification function...

6.5CVSS0.00338EPSS
Exploits1References1
Total number of security vulnerabilities5000