Lucene search
K
Vulncheck KevMost viewed

4985 matches found

VulnCheck KEV
VulnCheck KEV
added 2026/04/30 12:0 a.m.276 views

VulnCheck KEV: CVE-2025-71284

Synway SMG Gateway Management Software contains an OS command injection vulnerability in the RADIUS configuration endpoint at /en/9-2radius.php where the radiusaddress POST parameter is split and interpolated directly into a sed command without sanitization. An unauthenticated remote attacker can...

9.8CVSS6.3AI score0.05727EPSS
Exploits1References8
VulnCheck KEV
VulnCheck KEV
added 2026/04/24 12:0 a.m.267 views

VulnCheck KEV: CVE-2025-69985

FUXA 1.2.8 and prior contains an Authentication Bypass vulnerability leading to Remote Code Execution RCE. The vulnerability exists in the server/api/jwt-helper.js middleware, which improperly trusts the HTTP "Referer" header to validate internal requests. A remote unauthenticated attacker can...

9.8CVSS6.3AI score0.05633EPSS
Exploits7References32
VulnCheck KEV
VulnCheck KEV
added 2025/10/09 12:0 a.m.248 views

VulnCheck KEV: CVE-2025-22905

RE11S v1.11 was discovered to contain a command injection vulnerability via the command parameter at /goform/mp...

9.8CVSS5.8AI score0.04456EPSS
Exploits1References3
VulnCheck KEV
VulnCheck KEV
added 2026/04/07 12:0 a.m.191 views

VulnCheck KEV: CVE-2026-34424

Smart Slider 3 Pro version 3.5.1.35 for WordPress and Joomla contains a multi-stage remote access toolkit injected through a compromised update system that allows unauthenticated attackers to execute arbitrary code and commands. Attackers can trigger pre-authentication remote shell execution via...

9.8CVSS6.3AI score0.00551EPSS
Exploits0References6
VulnCheck KEV
VulnCheck KEV
added 2025/11/10 12:0 a.m.180 views

VulnCheck KEV: CVE-2006-4837

Multiple PHP remote file inclusion vulnerabilities in DCP-Portal SE 6.0 allow remote attackers to execute arbitrary PHP code via a URL in the root parameter in 1 library/lib.php and 2 library/editor/editor.php. NOTE: the same primary issue can be used for full path disclosure with an invalid...

7.5CVSS6.2AI score0.02736EPSS
Exploits1References2
VulnCheck KEV
VulnCheck KEV
added 2026/04/16 12:0 a.m.178 views

VulnCheck KEV: CVE-2026-33825

Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to elevate privileges locally...

7.8CVSS6.4AI score0.06749EPSS
Exploits3References4
VulnCheck KEV
VulnCheck KEV
added 2026/03/31 12:0 a.m.175 views

VulnCheck KEV: CVE-2025-11368

The LearnPress – WordPress LMS Plugin plugin for WordPress is vulnerable to Sensitive Information Disclosure in all versions up to, and including, 4.2.9.4. This is due to missing capability checks in the REST endpoint /wp-json/lp/v1/loadcontentviaajax which allows arbitrary callback execution of...

5.3CVSS6AI score0.00914EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2026/05/29 12:0 a.m.136 views

VulnCheck KEV: CVE-2026-0257

Authentication bypass vulnerabilities in the GlobalProtect portal and gateway of Palo Alto Networks PAN-OS® software allows the attacker to bypass security restrictions and establish an unauthorized VPN connection. Panorama and Cloud NGFW are not impacted by these issues...

9.1CVSS5.8AI score0.86678EPSS
Exploits9References10
VulnCheck KEV
VulnCheck KEV
added 2026/05/11 12:0 a.m.127 views

VulnCheck KEV: CVE-2026-43284

In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSGSPLICEPAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFLSHAREDFRAG after skbsplicefromiter, so later paths that may modify packet data ca...

8.8CVSS5.8AI score0.93235EPSS
Exploits31References2
VulnCheck KEV
VulnCheck KEV
added 2025/10/29 12:0 a.m.121 views

VulnCheck KEV: CVE-2024-51228

An issue in TOTOLINK-CX-A3002RU V1.0.4-B20171106.1512 and TOTOLINK-CX-N150RT V2.1.6-B20171121.1002 and TOTOLINK-CX-N300RT V2.1.6-B20170724.1420 and TOTOLINK-CX-N300RT V2.1.8-B20171113.1408 and TOTOLINK-CX-N300RT V2.1.8-B20191010.1107 and TOTOLINK-CX-N302RE V2.0.2-B20170511.1523 allows a remote...

6.8CVSS6.2AI score0.0379EPSS
Exploits0References120
VulnCheck KEV
VulnCheck KEV
added 2026/02/02 12:0 a.m.116 views

VulnCheck KEV: CVE-2010-0759

Directory traversal vulnerability in plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php in the Core Design Scriptegrator plugin 1.4.1 for Joomla! allows remote attackers to read, and possibly include and execute, arbitrary files via directory traversal sequences in the files...

7.5CVSS5.9AI score0.15242EPSS
Exploits1References2
VulnCheck KEV
VulnCheck KEV
added 2025/10/09 12:0 a.m.116 views

VulnCheck KEV: CVE-2024-1781

A vulnerability was found in Totolink X6000R AX3000 9.4.0cu.85220230719. It has been rated as critical. This issue affects the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component shttpd. The manipulation leads to command injection. The exploit has been disclosed to the public...

9.8CVSS5.4AI score0.14692EPSS
Exploits1References2
VulnCheck KEV
VulnCheck KEV
added 2026/05/11 12:0 a.m.112 views

VulnCheck KEV: CVE-2026-43500

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpcinputcallevent and the RESPONSE handler in rxrpcverifyresponse copy the skb to a linear one before calling into the security o...

7.8CVSS5.8AI score0.92766EPSS
Exploits20References2
VulnCheck KEV
VulnCheck KEV
added 2025/07/21 12:0 a.m.108 views

VulnCheck KEV: CVE-2024-34193

smanga 3.2.7 does not filter the file parameter at the PHP/get file flow.php interface, resulting in a path traversal vulnerability that can cause arbitrary file reading...

7.5CVSS5.8AI score0.00623EPSS
Exploits1References2
VulnCheck KEV
VulnCheck KEV
added 2026/05/29 12:0 a.m.106 views

VulnCheck KEV: CVE-2026-45247

Mirasvit Full Page Cache Warmer for Magento 2 before version 1.11.12 contains a PHP object injection vulnerability that allows unauthenticated attackers to achieve remote code execution by supplying a crafted serialized PHP object in the CacheWarmer cookie. Attackers can exploit the unrestricted...

9.8CVSS6.7AI score0.27546EPSS
Exploits1References3
VulnCheck KEV
VulnCheck KEV
added 2026/03/19 12:0 a.m.103 views

VulnCheck KEV: CVE-2026-27944

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.3, the /api/backup endpoint is accessible without authentication and discloses the encryption keys required to decrypt the backup in the X-Backup-Security response header. This allows an unauthenticated attacker to...

9.8CVSS5.8AI score0.22162EPSS
Exploits13References38
VulnCheck KEV
VulnCheck KEV
added 2025/07/13 12:0 a.m.100 views

VulnCheck KEV: CVE-2024-9001

A vulnerability was found in TOTOLINK T10 4.1.8cu.5207. It has been declared as critical. This vulnerability affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument command leads to os command injection. The attack can be initiated remotely. The...

8.8CVSS5.5AI score0.04035EPSS
Exploits1References6
VulnCheck KEV
VulnCheck KEV
added 2026/02/04 12:0 a.m.99 views

VulnCheck KEV: CVE-2025-14586

A vulnerability was determined in TOTOLINK X5000R 9.1.0cu.2089B20211224. Affected by this issue is the function snprintf of the file /cgi-bin/cstecgi.cgi?action=exportOvpn&type=user. This manipulation of the argument User causes os command injection. Remote exploitation of the attack is possible...

9.8CVSS5.6AI score0.0246EPSS
Exploits1References2
VulnCheck KEV
VulnCheck KEV
added 2025/06/23 12:0 a.m.94 views

VulnCheck KEV: CVE-2025-70974

Fastjson before 1.2.48 mishandles autoType because, when an @type key is in a JSON document, and the value of that key is the name of a Java class, there may be calls to certain public methods of that class. Depending on the behavior of those methods, there may be JNDI injection with an...

10CVSS5.8AI score0.3897EPSS
Exploits7References3
VulnCheck KEV
VulnCheck KEV
added 2026/05/29 12:0 a.m.93 views

VulnCheck KEV: CVE-2026-8732

The WP Maps Pro plugin for WordPress is vulnerable to Privilege Escalation via Administrator Account Creation in all versions up to, and including, 6.1.0. This is due to the wpgmptempaccessajax AJAX action being registered with wpajaxnopriv and protected only by a nonce check using the...

9.8CVSS5.7AI score0.09461EPSS
Exploits7References3
VulnCheck KEV
VulnCheck KEV
added 2026/05/16 12:0 a.m.93 views

VulnCheck KEV: CVE-2026-42945

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttprewritemodule module. This vulnerability exists when the rewrite directive is followed by a rewrite, if, or set directive and an unnamed Perl-Compatible Regular Expression PCRE capture for example, $1, $2 with a replacement strin...

9.2CVSS6.4AI score0.61469EPSS
Exploits40References2
VulnCheck KEV
VulnCheck KEV
added 2026/03/11 12:0 a.m.87 views

VulnCheck KEV: CVE-2025-57296

Tenda AC6 router firmware 15.03.05.19 contains a command injection vulnerability in the formSetIptv function, which processes requests to the /goform/SetIPTVCfg web interface. When handling the list and vlanId parameters, the subADBC0 helper function concatenates these user-supplied values into...

6.5CVSS6.2AI score0.03316EPSS
Exploits1References2
VulnCheck KEV
VulnCheck KEV
added 2026/01/30 12:0 a.m.83 views

VulnCheck KEV: CVE-2025-21756

In the Linux kernel, the following vulnerability has been resolved: vsock: Keep the binding until socket destruction Preserve sockets bindings; this includes both resulting from an explicit bind and those implicitly bound through autobind during connect. Prevents socket unbinding during a transpo...

7.8CVSS5.7AI score0.00844EPSS
Exploits3References2
VulnCheck KEV
VulnCheck KEV
added 2026/02/09 12:0 a.m.79 views

VulnCheck KEV: CVE-2009-2698

The udpsendmsg function in the UDP implementation in 1 net/ipv4/udp.c and 2 net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service NULL pointer dereference and system crash via vectors involving the MSGMORE flag and a UDP socket...

7.8CVSS6.1AI score0.0718EPSS
Exploits18References2
VulnCheck KEV
VulnCheck KEV
added 2025/12/23 12:0 a.m.78 views

VulnCheck KEV: CVE-2025-49844

Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate the garbage collector, trigger a use-after-free and potentially lead to remote code execution. The problem exists in all...

9.9CVSS7.2AI score0.86767EPSS
Exploits14References114
VulnCheck KEV
VulnCheck KEV
added 2026/02/09 12:0 a.m.76 views

VulnCheck KEV: CVE-2009-2692

The Linux kernel 2.6.0 through 2.6.30.4, and 2.4.4 through 2.4.37.4, does not initialize all function pointers for socket operations in protoops structures, which allows local users to trigger a NULL pointer dereference and gain privileges by using mmap to map page zero, placing arbitrary code on...

7.8CVSS6.4AI score0.14749EPSS
Exploits17References2
VulnCheck KEV
VulnCheck KEV
added 2026/04/08 12:0 a.m.75 views

VulnCheck KEV: CVE-2025-27817

A possible arbitrary file read and SSRF vulnerability has been identified in Apache Kafka Client. Apache Kafka Clients accept configuration data for setting the SASL/OAUTHBEARER connection with the brokers, including "sasl.oauthbearer.token.endpoint.url" and "sasl.oauthbearer.jwks.endpoint.url"...

7.5CVSS5.9AI score0.62368EPSS
Exploits2References2
VulnCheck KEV
VulnCheck KEV
added 2026/05/01 12:0 a.m.73 views

VulnCheck KEV: CVE-2026-31431

In the Linux kernel, the following vulnerability has been resolved: crypto: algifaead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algifaead since the source and destination...

7.8CVSS6AI score0.96267EPSS
Exploits228References5
VulnCheck KEV
VulnCheck KEV
added 2025/08/08 12:0 a.m.73 views

VulnCheck KEV: CVE-2025-8088

A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild and was discovered by Anton Cherepanov, Peter Košinár, and Peter Strýček from ESET...

8.8CVSS7.5AI score0.86192EPSS
Exploits43References41
VulnCheck KEV
VulnCheck KEV
added 2025/10/29 12:0 a.m.71 views

VulnCheck KEV: CVE-2025-11705

The Anti-Malware Security and Brute-Force Firewall plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 4.23.81 due to a missing capability check combined with an information exposure in several GOTMLS AJAX actions. This makes it possible for authenticat...

6.5CVSS5.9AI score0.00572EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2026/04/22 12:0 a.m.69 views

VulnCheck KEV: CVE-2024-32114

In Apache ActiveMQ 6.x, the default configuration doesn't secure the API web context where the Jolokia JMX REST API and the Message REST API are located. It means that anyone can use these layers without any required authentication. Potentially, anyone can interact with the broker using Jolokia J...

8.8CVSS5.7AI score0.0692EPSS
Exploits1References16
VulnCheck KEV
VulnCheck KEV
added 2025/12/31 12:0 a.m.66 views

VulnCheck KEV: CVE-2015-10145

Gargoyle router management utility versions 1.5.x contain an authenticated OS command execution vulnerability in /utility/runcommands.sh. The application fails to properly restrict or validate input supplied via the 'commands' parameter, allowing an authenticated attacker to execute arbitrary she...

8.8CVSS6.3AI score0.0063EPSS
Exploits1References5
VulnCheck KEV
VulnCheck KEV
added 2026/02/25 12:0 a.m.61 views

VulnCheck KEV: CVE-2024-3495

The Country State City Dropdown CF7 plugin for WordPress is vulnerable to SQL Injection via the ‘cnt’ and 'sid' parameters in versions up to, and including, 2.7.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes i...

9.8CVSS5.9AI score0.13618EPSS
Exploits1References2
VulnCheck KEV
VulnCheck KEV
added 2025/12/04 12:0 a.m.60 views

VulnCheck KEV: CVE-2025-55182

A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes...

10CVSS7.7AI score0.99562EPSS
Exploits387References364
VulnCheck KEV
VulnCheck KEV
added 2026/06/02 12:0 a.m.58 views

VulnCheck KEV: CVE-2026-7465

The Spectra Gutenberg Blocks – Website Builder for the Block Editor plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.19.25. This makes it possible for authenticated attackers, with Contributor-level access and above, to execute code on the server...

8.8CVSS6.1AI score0.01174EPSS
Exploits3References2
VulnCheck KEV
VulnCheck KEV
added 2026/04/21 12:0 a.m.58 views

VulnCheck KEV: CVE-2019-25714

Seeyon OA A8 contains an unauthenticated arbitrary file write vulnerability in the /seeyon/htmlofficeservlet endpoint that allows remote attackers to write arbitrary files to the web application root by sending specially crafted POST requests with custom base64-encoded payloads. Attackers can wri...

9.3CVSS6.2AI score0.00653EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2026/04/01 12:0 a.m.52 views

VulnCheck KEV: CVE-2026-24477

AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. If AnythingLLM prior to version 1.10.0 is configured to use Qdrant as the vector database with an API key, this QdrantApiKey could be exposed in plain text to unauthenticate...

8.7CVSS5.8AI score0.01566EPSS
Exploits1References2
VulnCheck KEV
VulnCheck KEV
added 2025/08/22 12:0 a.m.52 views

VulnCheck KEV: CVE-2024-48074

An authorized RCE vulnerability exists in the DrayTek Vigor2960 router version 1.4.4, where an attacker can place a malicious command into the table parameter of the doPPPoE function in the cgi-bin/mainfunction.cgi route, and finally the command is executed by the system function...

8CVSS5.8AI score0.00653EPSS
Exploits1References2
VulnCheck KEV
VulnCheck KEV
added 2026/06/09 12:0 a.m.51 views

VulnCheck KEV: CVE-2026-34910

A malicious actor with access to the network could exploit an Improper Input Validation vulnerability found in UniFi OS devices to execute a Command Injection...

10CVSS5.6AI score0.78555EPSS
Exploits2References4
VulnCheck KEV
VulnCheck KEV
added 2026/04/28 12:0 a.m.51 views

VulnCheck KEV: CVE-2026-41940

cPanel and WHM versions after 11.40 contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel...

9.8CVSS5.5AI score0.981EPSS
Exploits64References51
VulnCheck KEV
VulnCheck KEV
added 2025/12/19 12:0 a.m.51 views

VulnCheck KEV: CVE-2023-6360

The 'My Calendar' WordPress Plugin, version 3.4.22 is affected by an unauthenticated SQL injection vulnerability in the 'from' and 'to' parameters in the '/my-calendar/v1/events' rest route...

9.8CVSS5.9AI score0.63141EPSS
Exploits1References2
VulnCheck KEV
VulnCheck KEV
added 2026/05/21 12:0 a.m.49 views

VulnCheck KEV: CVE-2026-26980

Ghost is a Node.js content management system. Versions 3.24.0 through 6.19.0 allow unauthenticated attackers to perform arbitrary reads from the database. This issue has been fixed in version 6.19.1...

9.4CVSS6.1AI score0.69996EPSS
Exploits7References15
VulnCheck KEV
VulnCheck KEV
added 2025/10/19 12:0 a.m.49 views

VulnCheck KEV: CVE-2025-3987

A vulnerability was found in TOTOLINK N150RT 3.4.0-B20190525. It has been rated as critical. This issue affects some unknown processing of the file /boafrm/formWsc. The manipulation of the argument localPin leads to command injection. The attack may be initiated remotely. The exploit has been...

8.8CVSS5.6AI score0.08329EPSS
Exploits1References2
VulnCheck KEV
VulnCheck KEV
added 2026/06/12 12:0 a.m.47 views

VulnCheck KEV: CVE-2026-25939

FUXA is a web-based Process Visualization SCADA/HMI/Dashboard software. From 1.2.8 through version 1.2.10, an authorization bypass vulnerability in the FUXA allows an unauthenticated, remote attacker to create and modify arbitrary schedulers, exposing connected ICS/SCADA environments to follow-on...

9.3CVSS5.4AI score0.12047EPSS
Exploits1References3
VulnCheck KEV
VulnCheck KEV
added 2018/03/01 12:0 a.m.47 views

VulnCheck KEV: CVE-2016-6277

NETGEAR confirmed multiple routers allow unauthenticated web pages to pass form input directly to the command-line interface, permitting remote code execution...

9.3CVSS7.5AI score0.99781EPSS
Exploits8References1
VulnCheck KEV
VulnCheck KEV
added 2025/07/03 12:0 a.m.46 views

VulnCheck KEV: CVE-2025-29891

Bypass/Injection vulnerability in Apache Camel. This issue affects Apache Camel: from 4.10.0 before 4.10.2, from 4.8.0 before 4.8.5, from 3.10.0 before 3.22.4. Users are recommended to upgrade to version 4.10.2 for 4.10.x LTS, 4.8.5 for 4.8.x LTS and 3.22.4 for 3.x releases. This vulnerability is...

10CVSS7.2AI score0.99945EPSS
Exploits50References2
VulnCheck KEV
VulnCheck KEV
added 2026/05/13 12:0 a.m.43 views

VulnCheck KEV: CVE-2026-41176

Rclone is a command-line program to sync files and directories to and from different cloud storage providers. The RC endpoint options/set is exposed without AuthRequired: true, but it can mutate global runtime configuration, including the RC option block itself. Starting in version 1.45.0 and pri...

9.8CVSS5.8AI score0.34734EPSS
Exploits1References21
VulnCheck KEV
VulnCheck KEV
added 2026/05/07 12:0 a.m.43 views

VulnCheck KEV: CVE-2026-40466

Improper Input Validation, Improper Control of Generation of Code 'Code Injection' vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. An authenticated attacker may bypass the fix in CVE-2026-34197 by adding a connector using an HTTP Discovery transport...

8.8CVSS6.4AI score0.04783EPSS
Exploits13References19
VulnCheck KEV
VulnCheck KEV
added 2026/06/09 12:0 a.m.42 views

VulnCheck KEV: CVE-2026-34908

A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi OS devices to make unauthorized changes to the system...

10CVSS5.4AI score0.78555EPSS
Exploits3References4
VulnCheck KEV
VulnCheck KEV
added 2026/05/29 12:0 a.m.41 views

VulnCheck KEV: CVE-2026-41089

Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network...

9.8CVSS6.3AI score0.72253EPSS
Exploits31References2
Total number of security vulnerabilities4985