36709+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.
AVideo versions prior to 20.1 disclose absolute filesystem paths via multiple public API endpoints. Returned metadata includes full server paths to media files, revealing underlying …
AVideo versions prior to 20.1 expose sensitive user information through an unauthenticated public API endpoint. Responses include emails, usernames, administrative status, and last login times, …
AVideo versions prior to 20.1 contain an insecure direct object reference vulnerability allowing users with upload permissions to modify the rotation metadata of any video. …
AVideo versions prior to 20.1 permit any authenticated user to upload comment images to videos owned by other users. The endpoint validates authentication but omits …
AVideo versions prior to 20.1 allow any authenticated user to upload files into directories belonging to other users due to an insecure direct object reference. …
A local file inclusion (LFI) vulnerability in RiteCMS v3.1.0 allows attackers to read arbitrary files on the host via a directory traversal in the admin_language_file …
Incorrect access control in the /templates/ component of RiteCMS v3.1.0 allows attackers to access sensitive files via directory traversal.
CSRF vulnerability in narda miteq Uplink Power Contril Unit UPC2 v.1.17 allows a remote attacker to execute arbitrary code via the Web-based management interface and …
ChurchCRM is an open-source church management system. Prior to version 6.5.3, a SQL injection vulnerability exists in the `src/ListEvents.php` file. When filtering events by type, …
Miniconda3 macOS installers before 23.11.0-1 contain a local privilege escalation vulnerability when installed outside the user's home directory. During installation, world-writable files are created and …
Anaconda3 macOS installers before 2024.06-1 contain a local privilege escalation vulnerability when installed outside the user's home directory. During installation, world-writable files are created and …
RiteCMS v3.1.0 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the parse_special_tags() function.
A Cross-site scripting (XSS) vulnerability in Create/Update Customer(s) in Open Source Point of Sale v3.4.1 allows remote attackers to inject arbitrary web script or HTML …
KeePassXC-Browser thru 1.9.9.2 autofills or prompts to fill stored credentials into documents rendered under a browser-enforced CSP directive and iframe attribute sandbox, allowing attacker-controlled script …
A SQL injection vulnerability was found in the '/cts/admin/?page=zone' file of ITSourcecode COVID Tracking System Using QR-Code v1.0. The reason for this issue is that …
A Cross-site scripting (XSS) vulnerability in Create/Update Item(s) Module in Open Source Point of Sale v3.4.1 allows remote attackers to inject arbitrary web script or …
An issue was discovered in the Portrait Dell Color Management application through 3.3.008 for Dell monitors, It creates a temporary folder, with weak permissions, during …
The Portrait Dell Color Management application 3.3.8 for Dell monitors has Insecure Permissions,
A vulnerability exists in NGINX Ingress Controller's nginx.org/rewrite-target annotation validation. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
In jose4j before 0.9.6, an attacker can cause a Denial-of-Service (DoS) condition by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high …
A vulnerability in the application software of multiple Radiometer products may allow remote code execution and unauthorized device management when specific internal conditions are met. …
A vulnerability exists in multiple Radiometer products that allow an attacker with physical access to the analyzer possibility to extract credential information. The vulnerability is …
Authorization Bypass Through User-Controlled Key vulnerability in GG Soft Software Services Inc. PaperWork allows Exploitation of Trusted Identifiers.This issue affects PaperWork: from 5.2.0.9427 before 6.0.
The Ninja Forms – The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up …
ListCheck.exe developed by Acer has a Local Privilege Escalation vulnerability. Authenticated local attackers can replace ListCheck.exe with a malicious executable of the same name, which …
Fuji Electric Monitouch V-SFT-6 is vulnerable to an out-of-bounds write while processing a specially crafted project file, which may allow an attacker to execute arbitrary …
An input neutralization vulnerability in the Server MOTD component of Crafty Controller allows a remote, unauthenticated attacker to perform stored XSS via server MOTD modification.
Out of bounds read and write in V8 in Google Chrome prior to 143.0.7499.147 allowed a remote attacker to potentially exploit heap corruption via a …
Use after free in WebGPU in Google Chrome prior to 143.0.7499.147 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. …
SIPGO is a library for writing SIP services in the GO language. Starting in version 0.3.0 and prior to version 1.0.0-alpha-1, a nil pointer dereference …
An out-of-bounds read vulnerability exists in the JPEGBITSCodec::InternalCode functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to an information leak. An …
An out-of-bounds read vulnerability exists in the JPEGBITSCodec::InternalCode functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to an information leak. An …
An out-of-bounds read vulnerability exists in the Overlay::GrabOverlayFromPixelData functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to an information leak. An …
An out-of-bounds read vulnerability exists in the RLECodec::DecodeByStreams functionality of Grassroot DICOM 3.024. A specially crafted DICOM file can lead to leaking heap data. An …
Expr is an expression language and expression evaluation for Go. Prior to version 1.17.7, several builtin functions in Expr, including `flatten`, `min`, `max`, `mean`, and …
@vitejs/plugin-rs provides React Server Components (RSC) support for Vite. Prior to version 0.5.8, the `/__vite_rsc_findSourceMapURL` endpoint in `@vitejs/plugin-rsc` allows unauthenticated arbitrary file read during development …
systeminformation is a System and OS information library for node.js. In versions prior to 5.27.14, the `fsSize()` function in systeminformation is vulnerable to OS command …
nopCommerce 4.90.0 is vulnerable to Cross Site Request Forgery (CSRF) via the Schedule Tasks functionality.
Server-Side Request Forgery (SSRF) vulnerability in Ctera Portal 8.1.x (8.1.1417.24) allows remote attackers to induce the server to make arbitrary HTTP requests via a crafted …
NVIDIA Resiliency Extension for Linux contains a vulnerability in the checkpointing core, where an attacker may cause a race condition. A successful exploit of this …
NVIDIA NeMo Framework for all platforms contains a vulnerability where malicious data created by an attacker may cause a code injection. A successful exploit of …
NVIDIA Resiliency Extension for Linux contains a vulnerability in log aggregation, where an attacker could cause predictable log-file names. A successful exploit of this vulnerability …
NVIDIA NeMo Framework contains a vulnerability in model loading that could allow an attacker to exploit improper control mechanisms if a user loads a maliciously …
Spip 4.1.10 contains a file upload vulnerability that allows attackers to upload malicious SVG files with embedded external links. Attackers can trick administrators into clicking …
D-Link DAP-1325 firmware version 1.01 contains a broken access control vulnerability that allows unauthenticated attackers to download device configuration settings without authentication. Attackers can exploit …
FileRise is a self-hosted web file manager / WebDAV server. Versions prior to 2.7.1 are vulnerable to Stored Cross-Site Scripting (XSS) due to unsafe handling …
Exposure of Private Personal Information to an Unauthorized Actor vulnerability in RTI Connext Professional (Core Libraries) allows Sniffing Network Traffic.This issue affects Connext Professional: from …
WaveView client allows users to execute restricted set of predefined commands and scripts on the connected WaveStore Server. A malicious attacker with high-privileges is able …
Authorization Bypass Through User-Controlled Key vulnerability in Menulux Software Inc. Mobile App allows Exploitation of Trusted Identifiers.This issue affects Mobile App: before 9.5.8.
The WPCOM Member plugin for WordPress is vulnerable to authentication bypass via brute force in all versions up to, and including, 1.7.16. This is due …
Free website and port scanning — find vulnerabilities before attackers do.