Lucene search
K
RedhatcveRecent

206304 matches found

RedhatCVE
RedhatCVE
added 2026/06/11 2:59 p.m.12 views

CVE-2026-45556

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, POST /waf///rule//save accepts a configfilename form field that is passed straight through to configmod.masterslaveuploadandrestart... as the destination path. The validation chai...

9.9CVSS5.5AI score0.00372EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 2:59 p.m.9 views

CVE-2026-45558

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, the HAProxy section-save endpoints POST /api/service/haproxy//section/ and the PUT / global / defaults variants accept a JSON option field that is not validated, not escaped, and ...

9.9CVSS6.5AI score0.00439EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 2:59 p.m.12 views

CVE-2026-41728

Spring Data REST's JSON Patch application/json-patch+json implementation does not apply the write-access filter to intermediate path segments when resolving a multi-segment JSON Pointer. Affected versions: Spring Data REST 3.7.0 through 3.7.19; 4.3.0 through 4.3.16; 4.4.0 through 4.4.14; 4.5.0...

7.5CVSS5.4AI score0.00306EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 2:59 p.m.9 views

CVE-2026-45552

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, the install blueprint declares only bp.beforerequest → @jwtrequired app/routes/install/routes.py:36-39. The individual endpoints installexporter, installwaf, installgeoip,...

9.9CVSS5.5AI score0.00267EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 2:59 p.m.9 views

CVE-2026-49069

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WPZOOM Portfolio allows Reflected XSS. This issue affects WPZOOM Portfolio: from n/a through 1.4.21...

7.1CVSS5.4AI score0.00142EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 2:59 p.m.10 views

CVE-2026-45564

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, POST /config/versions////save interpolates the URL-path configver parameter directly into a config-version path that ends up at os.systemf"dos2unix -q cfg". configver is not run...

8.8CVSS5.5AI score0.00304EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 2:59 p.m.10 views

CVE-2026-45550

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, PUT /smon/check app/routes/smon/routes.py:117-138 gates only on roxywicommon.checkusergroupforflask — which validates that the caller has some group, not that the target checkid...

9.1CVSS5.7AI score0.00196EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 2:59 p.m.31 views

CVE-2026-41003

An attacker able to influence values in RelyingPartyRegistration may be able to run arbitrary code on HTML forms generated by Spring Security filters. Affected versions: Spring Security 5.7.0 through 5.7.23; 5.8.0 through 5.8.25; 6.3.0 through 6.3.16; 6.4.0 through 6.4.16; 6.5.0 through 6.5.10;...

7.6CVSS5.8AI score0.00204EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 2:59 p.m.9 views

CVE-2025-10238

During an internal security assessment, a potential out-of-bounds write vulnerability was discovered in the BIOS of some ThinkPad products could allow a privileged local user to execute code in System Management Mode SMM...

8.4CVSS5.7AI score0.00121EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 2:59 p.m.9 views

CVE-2025-10237

During an internal security assessment, a potential vulnerability was discovered in some ThinkPad embedded controller firmware that could allow a privileged local user to perform arbitrary reads or writes to privileged memory regions...

8.4CVSS5.6AI score0.00077EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 2:59 p.m.11 views

CVE-2026-41732

JsonPulsarHeaderMapper matched type headers against trusted packages using a prefix check, meaning that trusting any package implicitly trusted all of its subpackages. Additionally, an empty trusted-packages configuration fell back to trusting all packages rather than applying a safe default...

8.1CVSS5.4AI score0.00347EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 2:59 p.m.12 views

CVE-2026-41852

A flaw was found in Spring Framework. A vulnerability in the Spring Expression Language SpEL evaluation logic allows an attacker to invoke arbitrary zero-argument methods, even in restricted contexts. This can lead to the execution of unintended application logic, potentially resulting in a Denia...

5.3CVSS6AI score0.00164EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/11 2:59 p.m.11 views

CVE-2026-50266

A flaw was found in OpenStack Neutron. A project manager can exploit this vulnerability by creating or updating a port on a shared network and setting the deviceowner to a specific value. This bypasses default access controls, allowing the project manager to obtain trusted network-service port...

6.6CVSS5.1AI score0.00262EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/06/11 2:59 p.m.9 views

CVE-2026-42570

A flaw was found in devalue, a JavaScript library used for serializing values. Due to quirks in some JavaScript engines, the devalue.parse function could be exploited by a remote attacker when deserializing specially crafted sparse arrays. This could lead to excessive memory consumption, resultin...

7.5CVSS5.4AI score0.00384EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/11 2:59 p.m.10 views

CVE-2026-40993

An attacker with write permissions to the database table managed by JdbcAssertingPartyMetadataRepository saml2assertingpartymetadata may be able to store malicious serialized payloads in the columns containing the collection of verification or encryption credentials verificationcredentials and...

7.3CVSS5.4AI score0.00198EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 2:59 p.m.10 views

CVE-2026-41860

CWE-326 in BOSH allows a local attacker to steal Basic-auth credentials or redirect UAA token requests via MITM. HttpRequestHelpercreateasyncendpoint and sendhttpgetrequestsynchronous hard-code OpenSSL::SSL::VERIFYNONE, enabling an attacker to intercept traffic between bosh-monitor and the BOSH...

8.8CVSS5.4AI score0.00074EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 9:49 a.m.9 views

CVE-2026-11850

An integer underflow vulnerability was found in MIT krb5 in the berval2tldata function in plugins/kdb/ldap/libkdbldap/ldapprincipal2.c. The function performs an unsigned subtraction bvlen - 2 without a prior bounds check. When bvlen is 0 or 1, the subtraction wraps to a large value which is then...

5CVSS4.8AI score0.00261EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/11 8:59 a.m.13 views

CVE-2026-8071

The Anti-Spam by CleanTalk. Spam protection WordPress plugin before 6.79 does not properly sanitize content within a custom shortcode used in its email-encoding feature, allowing unauthenticated attackers to inject arbitrary web scripts into approved comments that will execute when any user...

8.8CVSS5.7AI score0.00296EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 8:59 a.m.14 views

CVE-2026-29114

A vulnerability has been found in some Dahua products. An attacker may obtain the device’s CA root certificate. If that CA is installed and trusted on client systems, the attacker could issue fraudulent certificates trusted by those clients and undermine the certificate trust chain...

2.3CVSS5.4AI score0.0019EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 8:59 a.m.10 views

CVE-2026-49270

A flaw was found in Apache ActiveMQ. An unauthenticated attacker can exploit this vulnerability when brokers are configured with a network connector with syncDurableSubs set to true. By sending a BrokerInfo command, the attacker can receive a list of all durable topic subscriptions, including...

7.5CVSS5.6AI score0.00328EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/11 8:59 a.m.14 views

CVE-2026-9067

The Schema & Structured Data for WP & AMP WordPress plugin before 1.60 does not check user capabilities on its frontend AJAX file-upload handlers and does not validate the actual content of uploaded files against the endpoint's intended media type, allowing unauthenticated users to upload any fil...

9.1CVSS5.5AI score0.00426EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/11 8:59 a.m.14 views

CVE-2026-9060

The Store Locator WordPress plugin before 1.6.6 does not sanitize and escape one of its settings before storing it and outputting it on the Store Locator WordPress plugin before 1.6.6 admin page, allowing high-privileged users such as administrators to perform Stored Cross-Site Scripting attacks...

3.5CVSS5.5AI score0.00138EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 8:59 a.m.15 views

CVE-2026-3326

The Xstore WordPress theme before 9.7.3 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection...

8.6CVSS5.6AI score0.00282EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 8:59 a.m.9 views

CVE-2026-49157

A flaw was found in Apache ActiveMQ. The default authorization settings for Jolokia, a management interface, incorrectly allowed non-administrative web-login accounts to access and execute critical broker management operations. This could enable a low-privilege attacker to perform actions typical...

8.8CVSS5.7AI score0.00424EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/11 8:59 a.m.12 views

CVE-2026-45505

A flaw was found in Apache ActiveMQ. This vulnerability allows an authenticated attacker to bypass a previous fix for CVE-2026-34197 by using non-parenthesized discovery wrappers. By crafting a malicious discovery URI, the attacker can trigger the VM transport's brokerConfig parameter to load a...

8.8CVSS6.3AI score0.00577EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/11 8:59 a.m.10 views

CVE-2026-9019

The Easy Image Collage plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'gridpropertiesborderColor' and 'gridimagesNattachmenturl' Parameters in all versions up to, and including, 1.13.6 due to insufficient input sanitization and output escaping. This makes it possible for...

6.4CVSS5.6AI score0.00195EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 8:59 a.m.12 views

CVE-2026-24720

An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of resource. We ha...

6.5CVSS5.5AI score0.0028EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 8:59 a.m.10 views

CVE-2026-24716

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

7.2CVSS5.5AI score0.00331EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 8:59 a.m.11 views

CVE-2026-11815

An attacker who intercepts and tampers with traffic between the client application and the API Gateway server could potentially deserialize arbitrary objects. This vulnerability could lead to broken security expectations or remote code execution...

5.3CVSS6AI score0.00317EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 8:59 a.m.12 views

CVE-2026-29115

A vulnerability has been found in some Dahua products could allow an authenticated remote attacker to send a specially crafted packet, triggering an exception that causes the system to reboot unexpectedly, resulting in a denial of service...

6.9CVSS5.4AI score0.00362EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 8:59 a.m.9 views

CVE-2026-8853

The MW WP Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'memo' parameter in all versions up to, and including, 5.1.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with editor-level access and above,...

4.4CVSS5.7AI score0.00201EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 8:59 a.m.10 views

CVE-2026-8613

The aThemes Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'titletag' Widget Setting in all versions up to, and including, 1.1.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.7AI score0.002EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 8:59 a.m.13 views

CVE-2026-26241

A buffer overflow vulnerability has been reported to affect File Station 5. The remote attackers can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5243 and later...

9.1CVSS5.8AI score0.00318EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 8:59 a.m.13 views

CVE-2026-26240

A buffer overflow vulnerability has been reported to affect File Station 5. The remote attackers can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5243 and later...

9.1CVSS5.8AI score0.00318EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 8:59 a.m.11 views

CVE-2026-24717

A path traversal vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the...

6.5CVSS5.5AI score0.00392EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 8:59 a.m.10 views

CVE-2025-62851

A path traversal vulnerability has been reported to affect License Center. If a local attacker gains an administrator account, they can then exploit the vulnerability to read the contents of unexpected files or system data. We have already fixed the vulnerability in the following version: License...

6.9CVSS5.5AI score0.00259EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 8:59 a.m.12 views

CVE-2026-3018

The Newsletters plugin for WordPress is vulnerable to time-based SQL Injection via the ‘wpmlsubscriberid’ parameter in all versions up to, and including, 4.13 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

7.5CVSS5.8AI score0.01382EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 8:59 a.m.10 views

CVE-2025-66280

An integer overflow or wraparound vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to compromise the security of the system. We have already fixed the vulnerability in the...

7.2CVSS5.5AI score0.00435EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 8:59 a.m.12 views

CVE-2026-26237

A missing authorization vulnerability has been reported to affect QuMagie. The remote attackers can then exploit the vulnerability to access unauthorized data or perform unauthorized actions. We have already fixed the vulnerability in the following version: QuMagie 2.9.0 and later...

8.7CVSS5.5AI score0.00322EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 8:59 a.m.12 views

CVE-2026-22899

A NULL pointer dereference vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following version: File Station 5...

6.5CVSS5.5AI score0.0028EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 8:59 a.m.11 views

CVE-2025-8444

The Animation Addons for Elementor – GSAP Powered Elementor Addons & Website Templates plugin for WordPress is vulnerable to DOM-Based Stored Cross-Site Scripting via the multiple parameters in all versions up to, and including, 2.6.7 due to insufficient input sanitization and output escaping. Th...

6.4CVSS5.7AI score0.00155EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 8:59 a.m.10 views

CVE-2025-66281

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. The remote attackers can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the following versions: QTS 5.2.9.3410 build...

7.2CVSS5.5AI score0.00456EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 8:59 a.m.12 views

CVE-2026-26239

A buffer overflow vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5208 and later...

8.7CVSS5.8AI score0.00292EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 8:59 a.m.10 views

CVE-2026-22893

A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS...

8.6CVSS6AI score0.00988EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 8:59 a.m.10 views

CVE-2025-66279

A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS...

8.6CVSS6AI score0.01049EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 8:59 a.m.12 views

CVE-2026-29116

A vulnerability has been found in some Dahua products could allow an unauthenticated remote attacker to send a specially crafted packet, triggering an exception that causes the system to reboot unexpectedly, resulting in a denial of service...

8.7CVSS5.4AI score0.00395EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 8:59 a.m.10 views

CVE-2025-6254

The Doctreat Core plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.6.8. This is due to the doctreatprocessregistration function not properly restricting the roles that a user can register with. This makes it possible for unauthenticated attackers ...

9.8CVSS5.5AI score0.00494EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/11 8:59 a.m.13 views

CVE-2026-24719

A command injection vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to execute arbitrary commands. We have already fixed the vulnerability in the following versions: QTS...

8.6CVSS6AI score0.00977EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 8:59 a.m.11 views

CVE-2026-24724

An incorrect authorization vulnerability has been reported to affect File Station 6. If a remote attacker gains a user account, they can then exploit the vulnerability to bypass intended access restrictions. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.52...

8.6CVSS5.5AI score0.00259EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/11 8:59 a.m.9 views

CVE-2026-46605

A flaw was found in Apache ActiveMQ server. An authenticated attacker with proper permissions could exploit an incomplete authorization vulnerability to remove existing destinations. This could lead to a Denial of Service DoS by disrupting message delivery and processing. Mitigation Mitigation fo...

6.5CVSS5.6AI score0.00335EPSS
Exploits0References5
Total number of security vulnerabilities206304