Lucene search
K

364870 matches found

NVD
NVD
added 2026/06/05 8:17 p.m.13 views

CVE-2026-45300

The AsyncHttpClient AHC library allows Java applications to easily execute HTTP requests and asynchronously process HTTP responses. Versions on the 2.x branch prior to 2.15.0 and the 3.x branch prior to 3.0.10 leak Cookie headers to cross-origin redirect targets. When following a redirect to a...

7.4CVSS0.00322EPSS
Exploits1References3
NVD
NVD
added 2026/06/05 8:17 p.m.14 views

CVE-2026-25620

An encrypted password command injection vulnerability exists in the Captive Portal application framework of Arista Edge Threat Management - Arista Next Generation Firewall NGFW. This issue uniquely affects version 17.4.0; earlier software releases are not exposed...

7CVSS0.0988EPSS
Exploits0References1
NVD
NVD
added 2026/06/05 8:17 p.m.14 views

CVE-2026-25621

A Reports application infrastructure vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall NGFW due to insecure input validation. This issue uniquely affects version 17.4.0; earlier software releases are not exposed...

7CVSS0.00222EPSS
Exploits0References1
NVD
NVD
added 2026/06/05 8:17 p.m.17 views

CVE-2026-25622

A Captive Portal Custom Handler command injection vulnerability exists in Arista Edge Threat Management - Arista Next Generation Firewall NGFW. On affected platforms, an administrative account logged into the user interface can exploit this input handling behavior to execute arbitrary platform...

7CVSS0.0988EPSS
Exploits0References1
NVD
NVD
added 2026/06/05 8:17 p.m.13 views

CVE-2026-25623

An input validation command execution vulnerability exists in the browser management pipeline of Arista Edge Threat Management - Arista Next Generation Firewall NGFW. Authenticated administrators can leverage this exposure to obtain underlying terminal script code processing execution permissions...

7CVSS0.05951EPSS
Exploits0References1
NVD
NVD
added 2026/06/05 8:17 p.m.17 views

CVE-2026-11414

A hard-coded cryptographic key is used by Altium Enterprise Server to sign file download URLs in the Vault service. Because the key is identical across all installations, an unauthenticated network attacker who can reach the server can forge valid download signatures and retrieve files from the...

10CVSS0.00478EPSS
Exploits0References1
NVD
NVD
added 2026/06/05 8:17 p.m.12 views

CVE-2026-11419

A path traversal vulnerability exists in the Altium Enterprise Server Vault Service UploadController due to improper validation of a user-controlled path component in image upload requests. An authenticated user can supply a crafted absolute path so that the configured storage root is discarded,...

9.4CVSS0.00548EPSS
Exploits0References1
NVD
NVD
added 2026/06/05 8:17 p.m.18 views

CVE-2026-11420

Two path traversal vulnerabilities in the Network Installation Service NIS of Altium Enterprise Server allow an unauthenticated network attacker to write arbitrary files to any writable location on the server filesystem and to read package archive files from the server. No authentication, session...

10CVSS0.00709EPSS
Exploits0References1
NVD
NVD
added 2026/06/05 8:17 p.m.13 views

CVE-2026-11400

An untrusted search path issue in the GlobalDatabasePlugin in the AWS Advanced JDBC Wrapper for Amazon Aurora PostgreSQL will allow a remote authenticated low-privilege actor to escalate privileges to those of another Amazon RDS user, including rdssuperuser, via a crafted function created by the...

8.6CVSS0.00305EPSS
Exploits0References3
NVD
NVD
added 2026/06/05 8:17 p.m.13 views

CVE-2026-11401

An untrusted search path issue in the GlobalDatabasePlugin in the AWS Advanced Go Wrapper for Amazon Aurora PostgreSQL will allow a remote authenticated low-privilege actor to escalate privileges to those of another Amazon RDS user, including rdssuperuser, via a crafted function created by the...

8.6CVSS0.00305EPSS
Exploits0References3
NVD
NVD
added 2026/06/05 7:16 p.m.10 views

CVE-2026-5415

The WP Captcha PRO the premium version of the Advanced Google reCAPTCHA plugin, both have the same slug plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 5.38. This is due to the ajaxruntool AJAX handler relying solely on a nonce check...

8.8CVSS0.00393EPSS
Exploits1References2
NVD
NVD
added 2026/06/05 7:16 p.m.13 views

CVE-2026-46496

HAX CMS helps manage microsite universe with PHP or NodeJs backends. A stored cross-site scripting XSS vulnerability exists in versions prior to 26.0.0 due to improper sanitization of the component. The component allows javascript: URIs in the source attribute, which are executed when the page is...

9.3CVSS0.0023EPSS
Exploits0References1
NVD
NVD
added 2026/06/05 7:16 p.m.12 views

CVE-2026-46511

HAX CMS helps manage microsite universe with PHP or NodeJs backends. Prior to version 26.0.0, an attack chain utilizing Stored XSS alongside dynamic token exposure in the /system/api/connectionSettings endpoint allows an authenticated attacker to perform a complete cross-tenant account takeover...

8.7CVSS0.00275EPSS
Exploits0References1
NVD
NVD
added 2026/06/05 7:16 p.m.19 views

CVE-2026-5411

The WP Captcha PRO the premium version of the Advanced Google reCAPTCHA plugin, both have the same slug plugin for WordPress is vulnerable to arbitrary file upload in all versions up to, and including, 5.38. This is due to a capability check in the saveajax function of the licensing module,...

8.8CVSS0.00449EPSS
Exploits0References2
NVD
NVD
added 2026/06/05 7:16 p.m.15 views

CVE-2026-46394

HAX CMS helps manage microsite universe with PHP or NodeJs backends. Prior to version 26.0.0, an OS command injection vulnerability exists in the Git.php library of the HAXcms PHP backend. The application constructs shell command strings using unsanitized input and executes them via procopen. An...

7.7CVSS0.00768EPSS
Exploits1References1
NVD
NVD
added 2026/06/05 7:16 p.m.17 views

CVE-2026-46391

HAX CMS helps manage microsite universe with PHP or NodeJs backends. Starting in version 9.0.1 and prior to version 26.0.0 of @haxtheweb/open-apis, multiple functions conduct substring-only matching to validate hostnames to which basic authorization should be sent. An attacker can append the...

8.7CVSS0.00457EPSS
Exploits0References1
NVD
NVD
added 2026/06/05 7:16 p.m.13 views

CVE-2026-46392

HAX CMS helps manage microsite universe with PHP or NodeJs backends. Prior to version 26.0.0 of HAX CMS PHP, the saveFile endpoint validates upload extensions case-insensitively and writes the filename to disk verbatim, but the .htaccess rule that forces Content-Disposition: attachment on HTML...

8.7CVSS0.00223EPSS
Exploits0References1
NVD
NVD
added 2026/06/05 7:16 p.m.14 views

CVE-2026-46393

HAX CMS helps manage microsite universe with PHP or NodeJs backends. An authenticated Server-Side Request Forgery SSRF vulnerability in versions prior to 26.0.0 allows authenticated users to fetch arbitrary internal or local resources and write the responses to a web-accessible directory, enablin...

7.1CVSS0.00238EPSS
Exploits0References1
NVD
NVD
added 2026/06/05 7:16 p.m.17 views

CVE-2026-46395

HAX CMS helps manage microsite universe with PHP or NodeJs backends. Prior to version 26.0.0, the hmacBase64 function in the HAXcms Node.js backend contains two critical cryptographic implementation errors that together allow any unauthenticated attacker to extract the system’s private signing ke...

9.3CVSS0.00295EPSS
Exploits1References1
NVD
NVD
added 2026/06/05 7:16 p.m.15 views

CVE-2026-46399

HAX CMS helps manage microsite universe with PHP or NodeJs backends. The PHP version of HAX CMS prior to version 26.0.0 has an authenticated file overwrite vulnerability. An attacker can exploit this vulnerability to configure malicious Git filter commands and achieve code execution on the HAX CM...

9.4CVSS0.00291EPSS
Exploits0References1
NVD
NVD
added 2026/06/05 7:16 p.m.15 views

CVE-2026-46396

HAX CMS helps manage microsite universe with PHP or NodeJs backends. A stored cross-site scripting XSS vulnerability exists in versions prior to 26.0.0 due to improper sanitization of elements. The application allows javascript: URIs in the src attribute, which are executed when a malicious page ...

9.3CVSS0.0023EPSS
Exploits0References1
NVD
NVD
added 2026/06/05 7:16 p.m.15 views

CVE-2026-46389

UDS Identity Config builds the Keycloak configuration image realm, plugins, theme, truststore, JARs consumed by UDS Core's Identity deployment. In versions 0.11.0 through 0.26.0, a logic error in the client-kubernetes-secret Keycloak client authenticator shipped by uds-identity-config and consume...

10CVSS0.00341EPSS
Exploits0References2
NVD
NVD
added 2026/06/05 7:16 p.m.15 views

CVE-2026-46390

HAX CMS helps manage microsite universe with PHP or NodeJs backends. Starting in version 2.0.0 and prior to version 26.0.0, the gitlist plugin is exposed to unauthenticated users, allowing unauthenticated browsing of git repositories and git history. Version 26.0.0 patches the issue...

6.9CVSS0.0027EPSS
Exploits0References1
NVD
NVD
added 2026/06/05 7:16 p.m.12 views

CVE-2026-10580

The Hippoo Mobile App for WooCommerce plugin for WordPress is vulnerable to Authentication Bypass leading to Administrator Account Takeover in all versions up to and including 1.9.4. This is due to a logic conflation in HippooPermissions::getuserpermissions, which returns the same null sentinel f...

9.8CVSS0.02841EPSS
Exploits1References9
NVD
NVD
added 2026/06/05 6:17 p.m.14 views

CVE-2026-50733

Markdown Preview Enhanced before 0.8.28 parses WaveDrom diagrams by evaluating untrusted markdown content with eval, allowing arbitrary JavaScript execution. The flaw affects every render path - the live preview window.eval and presentation mode plus HTML export the bundled WaveDrom.ProcessAll/ev...

8.8CVSS0.00362EPSS
Exploits0References3
NVD
NVD
added 2026/06/05 6:17 p.m.14 views

CVE-2026-49492

Markdown Preview Enhanced before 0.8.28 opens external files and links from the preview through a shell and does not validate untrusted inputs taken from the markdown document - the diagram filename attribute, imported file paths, and the latexengine code-chunk attribute. On Windows, a crafted...

8.8CVSS0.0034EPSS
Exploits0References2
NVD
NVD
added 2026/06/05 6:17 p.m.12 views

CVE-2026-49493

Markdown Preview Enhanced before 0.8.28 parses Bitfield fenced code blocks with interpretJS, which evaluates the block content as code via vm.runInNewContext, allowing arbitrary code execution. A crafted markdown document containing a malicious bitfield code block executes attacker-controlled cod...

8.8CVSS0.00327EPSS
Exploits0References2
NVD
NVD
added 2026/06/05 6:17 p.m.12 views

CVE-2026-45750

Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Prior to version 2.3.2, the GET /ssh/filemanager/ssh/resolvePath endpoint in the Termix File Manager component unsafely processes the path parameter and embeds it into a shell command...

9CVSS0.00294EPSS
Exploits1References2
NVD
NVD
added 2026/06/05 6:17 p.m.12 views

CVE-2026-45748

Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. The POST /ssh/tunnel/connect endpoint in Termix prior to version 2.3.2 builds an SSH tunnel command by interpolating user-controlled host record fields endpointIP, endpointUsername,...

9.8CVSS0.01729EPSS
Exploits1References2
NVD
NVD
added 2026/06/05 6:17 p.m.15 views

CVE-2026-45749

Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. The POST /users/totp/disable and POST /users/totp/backup-codes endpoints in Termix prior to version 2.3.2 accept the account password as a sole authentication factor for MFA-critical...

8.1CVSS0.00324EPSS
Exploits1References2
NVD
NVD
added 2026/06/05 6:17 p.m.17 views

CVE-2026-45745

Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Starting in version 1.7.0, Termix Desktop Electron disables TLS certificate validation, allowing a machine-in-the-middle attacker to intercept and modify HTTPS traffic to the configured...

8CVSS0.00168EPSS
Exploits1References1
NVD
NVD
added 2026/06/05 6:17 p.m.12 views

CVE-2026-45746

Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Prior to version 2.3.2, the File Manager functionality in Termix contains a critical Broken Access Control vulnerability due to improper validation of the sessionId parameter. The backend...

9CVSS0.00387EPSS
Exploits1References1
NVD
NVD
added 2026/06/05 6:17 p.m.17 views

CVE-2026-45744

Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Prior to version 2.3.2, the GET /ssh/filemanager/ssh/resolvePath endpoint in Termix is vulnerable to OS command injection. The endpoint uses double-quote escaping for shell command...

9.9CVSS0.02008EPSS
Exploits1References2
NVD
NVD
added 2026/06/05 6:17 p.m.15 views

CVE-2026-45743

Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. 16 file-manager endpoints in Termix prior to version 2.3.2 do not verify that the requesting user owns the SSH session identified by sessionId. An authenticated attacker who knows or...

8.1CVSS0.00282EPSS
Exploits1References2
NVD
NVD
added 2026/06/05 6:17 p.m.11 views

CVE-2026-45327

TinyIce is a streaming server for audio and video. In versions 0.8.95 through 2.4.1, missing authentication on WebRTC ingest endpoint allows unauthenticated stream injection. Version 2.5.0 fixes the issue by requiring either HTTP Basic auth or a ?password= query parameter, comparing the supplied...

8.2CVSS0.00357EPSS
Exploits0References3
NVD
NVD
added 2026/06/05 6:17 p.m.17 views

CVE-2026-45290

Cloudburst Network provides network components used within Cloudburst projects. A vulnerability in versions prior to 1.0.0.CR3-20260417.085727-30 impacts publicly accessible software depending on the affected versions of Network and allows an attacker to exploit a vulnerability in Network to stal...

7.5CVSS0.00278EPSS
Exploits0References1
NVD
NVD
added 2026/06/05 6:17 p.m.16 views

CVE-2026-45291

Cloudburst Network provides network components used within Cloudburst projects. A vulnerability in versions prior to 1.0.0.CR3-20260418.124334-32 impacts publicly accessible software depending on the affected versions of Network and allows an attacker to exploit a bug in Network to close the pare...

7.5CVSS0.00263EPSS
Exploits0References1
NVD
NVD
added 2026/06/05 6:17 p.m.14 views

CVE-2026-36500

An issue in the cluster-admin:backup-datastore component of Controller v12.0.5 allows attackers to execute a directory traversal via a crafted request...

9.1CVSS0.00686EPSS
Exploits0References2
NVD
NVD
added 2026/06/05 6:17 p.m.10 views

CVE-2026-36501

An issue in the Externalizable.readExternal component of Controller v12.0.5 allows attackers to cause a Denial of Service DoS via a crafted input...

7.5CVSS0.00278EPSS
Exploits0References2
NVD
NVD
added 2026/06/05 6:17 p.m.13 views

CVE-2026-2379

On affected platforms with hardware IPSec support running Arista EOS with certain IPsec features enabled, EOS may exhibit unexpected behavior in specific cases. Physical interface flaps and certain agent restarts can cause IPsec tunnel re-establishment with existing Security Associations, resulti...

8.2CVSS0.00226EPSS
Exploits0References1
NVD
NVD
added 2026/06/05 6:17 p.m.12 views

CVE-2026-11341

A flaw has been found in D-Link DWR-M920 up to 1.1.50. The impacted element is the function sub412DA0 of the file /boafrm/formIMEISetup. This manipulation of the argument IMEIvalue causes os command injection. The attack can be initiated remotely. The exploit has been published and may be used...

6.5CVSS0.01044EPSS
Exploits0References6
NVD
NVD
added 2026/06/05 6:17 p.m.11 views

CVE-2026-11342

A vulnerability has been found in code-projects Hotel and Tourism Reservation System 1.0. This affects an unknown function of the file /details.php. Such manipulation of the argument room leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and...

7.5CVSS0.00263EPSS
Exploits0References6
NVD
NVD
added 2026/06/05 6:17 p.m.13 views

CVE-2026-11344

A vulnerability was found in code-projects Vehicle Management System 1.0. This impacts an unknown function of the file newdriver.php of the component New Driver Registration Form. Performing a manipulation of the argument photo results in unrestricted upload. The attack may be initiated remotely...

7.5CVSS0.00366EPSS
Exploits0References6
NVD
NVD
added 2026/06/05 6:16 p.m.13 views

CVE-2025-71317

NetMan 204 contains a hard-coded backdoor account with the username and password 'eurek' that grants administrative access. A remote, unauthenticated attacker can authenticate through the cgi-bin/login.cgi endpoint for example /cgi-bin/login.cgi?username=eurek&password=eurek, which due to lax...

9.8CVSS0.00432EPSS
Exploits0References3
NVD
NVD
added 2026/06/05 6:16 p.m.13 views

CVE-2025-71318

NetMan 204 fails to enforce authentication on its administrative pages and command endpoints. A remote, unauthenticated attacker can directly request administrative pages such as administration.html, administration-commands.html, and configuration.html to disclose sensitive information including...

9.8CVSS0.00533EPSS
Exploits0References3
NVD
NVD
added 2026/06/05 5:17 p.m.15 views

CVE-2026-8714

A denial-of-service vulnerability exists in the RTSP server component of TP-Link Tapo C520WS v2 due to improper handling of syntactically invalid input. Crafted inputs can trigger a processing error, causing the RTSP service to enter non-responsive state. Successful exploitation may cause the RTS...

7.1CVSS0.00206EPSS
Exploits0References3
NVD
NVD
added 2026/06/05 5:17 p.m.14 views

CVE-2026-7473

On affected platforms running Arista EOS where a tunnel decapsulation configuration—such as VXLAN Virtual Extensible LAN, decap-groups, or a GRE Generic Routing Encapsulation tunnel interface—is present, the switch will incorrectly decapsulate and forward other unexpected tunneled packet with a...

6.9CVSS0.00836EPSS
Exploits1References3
NVD
NVD
added 2026/06/05 5:16 p.m.20 views

CVE-2026-48112

7-Zip is a file archiver with a high compression ratio. Versions 9.18 through 26.00 contain a heap out-of-bounds read in 7-Zip Ar handler BSD SYMDEF parser. A 4-byte heap out-of-bounds read exists in the Unix ar archive parser in 7-Zip. When parsing a BSD-style .SYMDEF symbol table, the...

6.5CVSS0.00267EPSS
Exploits1References1
NVD
NVD
added 2026/06/05 5:16 p.m.15 views

CVE-2026-48111

7-Zip is a file archiver with a high compression ratio. Versions 9.21 through 26.00 contain an off-by-one out-of-bounds read vulnerability in the ParseDepedencyExpression function of the UEFI firmware image parserCPP/7zip/Archive/UefiHandler.cpp. The function validates an attacker-controlled opco...

7.1CVSS0.00225EPSS
Exploits1References1
NVD
NVD
added 2026/06/05 5:16 p.m.20 views

CVE-2026-48103

7-Zip is a file archiver with a high compression ratio. Versions 9.34 through 26.00 contain an off-by-one heap out-of-bounds read in the WIM Windows Imaging archive handler's security descriptor lookup. In CHandler::GetSecurity CPP/7zip/Archive/Wim/WimHandler.cpp, the per-image SecurOffsets table...

7.1CVSS0.00225EPSS
Exploits1References1
Total number of security vulnerabilities364870