4985 matches found
VulnCheck KEV: CVE-2025-0288
Various Paragon Software products contain an arbitrary kernel memory vulnerability within biontdrv.sys, facilitated by the memmove function, which does not validate or sanitize user controlled input, allowing an attacker the ability to write arbitrary kernel memory and perform privilege escalatio...
VulnCheck KEV: CVE-2022-40843
The Tenda AC1200 V-W15Ev2 V15.11.0.101576 router is vulnerable to improper authorization / improper session management that allows the router login page to be bypassed. This leads to authenticated attackers having the ability to read the routers syslog.log file which contains the MD5 password...
VulnCheck KEV: CVE-2021-45422
Reprise License Manager 14.2 is affected by a reflected cross-site scripting vulnerability in the /goform/activateprocess "count" parameter via GET. No authentication is required...
VulnCheck KEV: CVE-2024-42009
RoundCube Webmail contains a cross-site scripting vulnerability. This vulnerability could allow a remote attacker to steal and send emails of a victim via a crafted e-mail message that abuses a Desanitization issue in messagebody in program/actions/mail/show.php...
VulnCheck KEV: CVE-2025-49113
RoundCube Webmail contains a deserialization of untrusted data vulnerability that allows remote code execution by authenticated users because the from parameter in a URL is not validated in program/actions/settings/upload.php...
VulnCheck KEV: CVE-2024-31839
Cross Site Scripting vulnerability in tiagorlampert CHAOS v.5.0.1 allows a remote attacker to escalate privileges via the sendCommandHandler function in the handler.go component...
VulnCheck KEV: CVE-2025-3054
The WP User Frontend Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the uploadfiles function in all versions up to, and including, 4.1.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to...
VulnCheck KEV: CVE-2022-31161
Roxy-WI is a Web interface for managing HAProxy, Nginx and Keepalived servers. Prior to version 6.1.1.0, the system command can be run remotely via the subprocessexecute function without processing the inputs received from the user in the /app/options.py file. Version 6.1.1.0 contains a patch...
VulnCheck KEV: CVE-2023-4490
The WP Job Portal WordPress plugin before 2.0.6 does not sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by unauthenticated users...
VulnCheck KEV: CVE-2025-39475
Path Traversal: '.../...//' vulnerability in Frenify Arlo arlo allows PHP Local File Inclusion.This issue affects Arlo: from n/a through = 6.0.3...
VulnCheck KEV: CVE-2021-39312
The True Ranker plugin = 2.2.2 for WordPress allows arbitrary files, including sensitive configuration files such as wp-config.php, to be accessed via the src parameter found in the /admin/vendor/datatables/examples/resources/examples.php file...
VulnCheck KEV: CVE-2025-21480
Multiple Qualcomm chipsets contain an incorrect authorization vulnerability. This vulnerability allows for memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands...
VulnCheck KEV: CVE-2025-5419
Google Chromium V8 contains an out-of-bounds read and write vulnerability that could allow a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome,...
VulnCheck KEV: CVE-2025-21479
Multiple Qualcomm chipsets contain an incorrect authorization vulnerability. This vulnerability allows for memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands...
VulnCheck KEV: CVE-2025-35939
Craft CMS contains an external control of assumed-immutable web parameter vulnerability. This vulnerability could allow an unauthenticated client to introduce arbitrary values, such as PHP code, to a known local file location on the server. This vulnerability could be chained with...
VulnCheck KEV: CVE-2025-27038
Multiple Qualcomm chipsets contain a use-after-free vulnerability. This vulnerability allows for memory corruption while rendering graphics using Adreno GPU drivers in Chrome...
VulnCheck KEV: CVE-2025-3935
ConnectWise ScreenConnect contains an improper authentication vulnerability. This vulnerability could allow a ViewState code injection attack, which could allow remote code execution if machine keys are compromised...
VulnCheck KEV: CVE-2025-47601
Missing Authorization vulnerability in Christiaan Pieterse MaxiBlocks maxi-blocks allows Privilege Escalation.This issue affects MaxiBlocks: from n/a through = 2.1.0...
VulnCheck KEV: CVE-2025-31125
Vite Vitejs contains an improper access control vulnerability that exposes content of non-allowed files using ?inline&import or ?raw?import. Only apps explicitly exposing the Vite dev server to the network using --host or server.host config option are affected...
VulnCheck KEV: CVE-2025-48925
The TeleMessage service through 2025-05-05 relies on the client side e.g., the TM SGNL app to do MD5 hashing, and then accepts the hash as the authentication credential...
VulnCheck KEV: CVE-2025-48926
The admin panel in the TeleMessage service through 2025-05-05 allows attackers to discover usernames, e-mail addresses, passwords, and telephone numbers...
VulnCheck KEV: CVE-2023-39780
ASUS RT-AX55 devices contain an OS command injection vulnerability that could allow a remote, authenticated attacker to execute arbitrary commands. As represented by CVE-2023-41346...
VulnCheck KEV: CVE-2025-48929
The TeleMessage service through 2025-05-05 implements authentication through a long-lived credential e.g., not a token with a short expiration time that can be reused at a later date if discovered by an adversary...
VulnCheck KEV: CVE-2025-48927
TeleMessage TM SGNL contains an initialization of a resource with an insecure default vulnerability. This vulnerability relies on how the Spring Boot Actuator is configured with an exposed heap dump endpoint at a /heapdump URI...
VulnCheck KEV: CVE-2025-48930
The TeleMessage service through 2025-05-05 stores certain cleartext information in memory, even though memory content may be accessible to an adversary through various avenues...
VulnCheck KEV: CVE-2025-48928
TeleMessage TM SGNL contains an exposure of core dump file to an unauthorized control sphere Vulnerability. This vulnerability is based on a JSP application in which the heap content is roughly equivalent to a "core dump" in which a password previously sent over HTTP would be included in this dum...
VulnCheck KEV: CVE-2024-9047
The WordPress File Upload plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 4.24.11 via wfufiledownloader.php. This makes it possible for unauthenticated attackers to read or delete files outside of the originally intended directory. Successful...
VulnCheck KEV: CVE-2018-20526
Roxy Fileman 1.4.5 allows unrestricted file upload in upload.php...
VulnCheck KEV: CVE-2024-7314
anji-plus AJ-Report is affected by an authentication bypass vulnerability. A remote and unauthenticated attacker can append ";swagger-ui" to HTTP requests to bypass authentication and execute arbitrary Java on the victim server. Exploitation evidence was observed by the Shadowserver Foundation on...
VulnCheck KEV: CVE-2015-4455
Unrestricted file upload vulnerability in includes/upload.php in the Aviary Image Editor Add-on For Gravity Forms plugin 3.0 beta for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in...
VulnCheck KEV: CVE-2024-56145
Craft CMS contains a code injection vulnerability. Users with affected versions are vulnerable to remote code execution if their php.ini configuration has registerargcargv enabled...
VulnCheck KEV: CVE-2015-5531
Directory traversal vulnerability in Elasticsearch before 1.6.1 allows remote attackers to read arbitrary files via unspecified vectors related to snapshot API calls...
VulnCheck KEV: CVE-2025-48827
vBulletin 5.0.0 through 5.7.5 and 6.0.0 through 6.0.3 allows unauthenticated users to invoke protected API controllers' methods when running on PHP 8.1 or later, as demonstrated by the /api.php?method=protectedMethod pattern, as exploited in the wild in May 2025...
VulnCheck KEV: CVE-2025-48828
Certain vBulletin versions might allow attackers to execute arbitrary PHP code by abusing Template Conditionals in the template engine. By crafting template code in an alternative PHP function invocation syntax, such as the "vardump""test" syntax, attackers can bypass security checks and...
VulnCheck KEV: CVE-2025-47558
Missing Authorization vulnerability in RomanCode MapSVG mapsvg allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects MapSVG: from n/a through 8.6.13...
VulnCheck KEV: CVE-2020-3187
A vulnerability in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and obtain read and delete access to sensitive files on a...
VulnCheck KEV: CVE-2000-0984
The HTTP server in Cisco IOS 12.0 through 12.1 allows local users to cause a denial of service crash and reload via a URL containing a "?/" string...
VulnCheck KEV: CVE-2025-47696
A vulnerability exists in the WordPress Blog Designer PRO for WordPress plugin that allows for disclosure of sensitive local files such as those that are used to store credentials...
VulnCheck KEV: CVE-2025-4322
The Motors theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.6.67. This is due to the theme not properly validating a user's identity prior to updating their password. This makes it possible for unauthenticated attackers to...
VulnCheck KEV: CVE-2025-2775
SysAid On-Prem contains an improper restriction of XML external entity reference vulnerability in the Checkin processing functionality, allowing for administrator account takeover and file read primitives...
VulnCheck KEV: CVE-2023-45878
GibbonEdu Gibbon version 25.0.1 and before allows Arbitrary File Write because rubricsvisualisesaveAjax.phps does not require authentication. The endpoint accepts the img, path, and gibbonPersonID parameters. The img parameter is expected to be a base64 encoded image. If the path parameter is...
VulnCheck KEV: CVE-2018-0150
A vulnerability in Cisco IOS XE Software could allow an unauthenticated, remote attacker to log in to a device running an affected release of Cisco IOS XE Software with the default username and password that are used at initial boot, aka a Static Credential Vulnerability. The vulnerability is due...
VulnCheck KEV: CVE-2018-0160
A vulnerability in Simple Network Management Protocol SNMP subsystem of Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service DoS condition. The vulnerability is due to improper management of memory resources, referred to as a double free. An...
VulnCheck KEV: CVE-2024-27443
Zimbra Collaboration contains a cross-site scripting XSS vulnerability in the CalendarInvite feature of the Zimbra webmail classic user interface. An attacker can exploit this vulnerability via an email message containing a crafted calendar header, leading to the execution of arbitrary...
VulnCheck KEV: CVE-2024-11182
MDaemon Email Server contains a cross-site scripting XSS vulnerability that allows a remote attacker to load arbitrary JavaScript code via an HTML e-mail message...
VulnCheck KEV: CVE-2025-2776
SysAid On-Prem contains an improper restriction of XML external entity reference vulnerability in the Server URL processing functionality, allowing for administrator account takeover and file read primitives...
VulnCheck KEV: CVE-2025-2777
SysAid On-Prem versions = 23.3.40 are vulnerable to an unauthenticated XML External Entity XXE vulnerability in the lshw processing functionality, allowing for administrator account takeover and file read primitives...
VulnCheck KEV: CVE-2025-4664
Insufficient policy enforcement in Loader in Google Chrome prior to 136.0.7103.113 allowed a remote attacker to leak cross-origin data via a crafted HTML page. Chromium security severity: High...
VulnCheck KEV: CVE-2025-30400
Microsoft Windows DWM Core Library contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally...
VulnCheck KEV: CVE-2025-32701
Microsoft Windows Common Log File System CLFS Driver contains a use-after-free vulnerability that allows an authorized attacker to elevate privileges locally...