36731+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.
npm package `expr-eval` is vulnerable to Prototype Pollution. An attacker with access to express eval interface can use JavaScript prototype-based inheritance model to achieve arbitrary …
A vulnerability was detected in code-projects Simple Online Hotel Reservation System 1.0. This issue affects some unknown processing of the file /admin/edit_account.php. Performing a manipulation …
A security vulnerability has been detected in code-projects Simple Online Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /add_query_reserve.php. Such manipulation …
Memos is a privacy-first, lightweight note-taking service that uses Access Tokens to authenticate application access. When a user changes their password, the existing list of …
A vulnerability exists in QuickCMS version 6.8 where sensitive admin credentials are hardcoded in a configuration file and stored in plaintext. This flaw allows attackers …
Rockwell Automation Arena® suffers from a stack-based buffer overflow vulnerability. The specific flaw exists within the parsing of DOE files. Local attackers are able to …
Authorization Bypass Through User-Controlled Key, Weak Password Recovery Mechanism for Forgotten Password, Authentication Bypass by Assumed-Immutable Data vulnerability in Optimus Software Brokerage Automation allows Exploiting …
Improper neutralization of special elements used in an OS command ('OS Command Injection') issue exists in NCP-HG100 1.4.48.16 and earlier. If exploited, a remote attacker …
The Creta Testimonial Showcase WordPress plugin before 1.2.4 is vulnerable to Local File Inclusion. This makes it possible for authenticated attackers, with editor-level access and …
IQ-Support developed by IQ Service International has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Relative Path Traversal to download arbitrary system …
The SNORDIAN's H5PxAPIkatchu plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'insert_data' AJAX endpoint in all versions up to, and including, 0.4.17 …
Use after free in Internals in Google Chrome on iOS prior to 127.0.6533.88 allowed a remote attacker who convinced a user to engage in specific …
Inappropriate implementation in DevTools in Google Chrome prior to 126.0.6478.182 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. …
Apollo Federation is an architecture for declaratively composing APIs into a unified graph. A vulnerability in versions of Apollo Federation's composition logic prior to 2.9.5, …
SSH clients receiving SSH_AGENT_SUCCESS when expecting a typed response will panic and cause early termination of the client process.
IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server (formerly known as NIM master) service (nimesis) could allow a remote attacker …
A vulnerability was found in Sonarr 4.0.15.2940. The impacted element is an unknown function of the file C:\ProgramData\Sonarr\bin\Sonarr.Console.exe of the component Service. Performing manipulation results …
A vulnerability has been found in Radarr 5.28.0.10274. The affected element is an unknown function of the file C:\ProgramData\Radarr\bin\Radarr.Console.exe of the component Service. Such manipulation …
A stack buffer overflow vulnerability exists in the D-Link DIR-816A2 router firmware DIR-816A2_FWv1.10CNB05_R1B011D88210.img in the upload.cgi module, which handles firmware version information. The vulnerability occurs …
Vega is a visualization grammar, a declarative format for creating, saving, and sharing interactive visualization designs. In Vega prior to version 6.2.0, applications meeting 2 …
Dell Alienware Command Center 6.x (AWCC), versions prior to 6.10.15.0, contains an Insecure Temporary File vulnerability. A low privileged attacker with local access could potentially …
Dell Alienware Command Center 6.x (AWCC), versions prior to 6.10.15.0, contain a Detection of Error Condition Without Action vulnerability. A low privileged attacker with local …
An issue in Intermesh BV GroupOffice vulnerable before v.25.0.47 and 6.8.136 allows a remote attacker to execute arbitrary code via the dbToApi() and eval() in …
The issue was addressed by refusing external connections by default. This issue is fixed in Compressor 4.11.1. An unauthenticated user on the same network as …
A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1_FW102B02 within the `prog.cgi` and `rc` binaries. The `sub_432F60` function in `prog.cgi` stores user-supplied …
A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1_FW102B02 within the `prog.cgi` and `rc` binaries. The `sub_4438A4` function in `prog.cgi` stores user-supplied …
A vulnerability was detected in SourceCodester Patients Waiting Area Queue Management System 1.0. The affected element is the function getPatientAppointment of the file /php/api_patient_checkin.php. Performing …
Certain HP LaserJet Pro printers may be vulnerable to information disclosure leading to credential exposure by altering the scan/send destination address and/or modifying the LDAP …
A stack-based buffer overflow vulnerability exists in the makeRequest.cgi binary of Linksys RE7000 routers (Firmware FW_v2.0.15_211230_1012). The arplookup function parses lines from /proc/net/arp using sscanf("%16s …
A stack-based buffer overflow exists in the validate_static_route function of the httpd binary on Linksys E1200 v2 routers (Firmware E1200_v2.0.11.001_us.tar.gz). The function improperly concatenates user-supplied …
A stack-based buffer overflow vulnerability exists in the libshared.so library of Cisco Linksys E1200 v2 routers (Firmware E1200_v2.0.11.001_us.tar.gz). The functions get_mac_from_ip and get_ip_from_mac use sscanf …
A stack-based buffer overflow exists in the httpd binary of Linksys E1200 v2 routers (Firmware E1200_v2.0.11.001_us.tar.gz). The apply_cgi and block_cgi functions copy user-supplied input from …
A stack-based buffer overflow exists in the get_merge_ipaddr function of the httpd binary on Linksys E1200 v2 routers (Firmware E1200_v2.0.11.001_us.tar.gz). The function concatenates up to …
A vulnerability in Cisco Catalyst Center Virtual Appliance could allow an authenticated, remote attacker to elevate privileges to Administrator on an affected system. This vulnerability …
A security vulnerability has been detected in cameasy Liketea 1.0.0. Impacted is the function list of the file laravel/app/Http/Controllers/Front/StoreController.php of the component API Endpoint. Such …
MaxKB is an open-source AI assistant for enterprise. In versions prior to 2.3.1, a user can access internal network services such as databases through Python …
Inefficient regular expression complexity in certain Zoom Workplace Clients before version 6.5.10 may allow an unauthenticated user to conduct an escalation of privilege via network …
Improper authorization handling in Zoom Workplace for Android before version 6.5.10 may allow an unauthenticated user to conduct an escalation of privilege via network access.
Improper verification of cryptographic signature in the installer for Zoom Workplace VDI Client for Windows may allow an authenticated user to conduct an escalation of …
pgAdmin <= 9.9 is affected by a vulnerability in the LDAP authentication mechanism allows bypassing TLS certificate verification.
pgAdmin <= 9.9 is affected by an LDAP injection vulnerability in the LDAP authentication flow that allows an attacker to inject special LDAP characters in …
The AI Engine plugin for WordPress is vulnerable to PHP Object Injection via PHAR Deserialization in all versions up to, and including, 3.1.8 via deserialization …
The Import any XML, CSV or Excel File to WordPress (WP All Import) plugin for WordPress is vulnerable to Remote Code Execution in all versions …
The LifterLMS – WP LMS for eLearning, Online Courses, & Quizzes plugin for WordPress is vulnerable to privilege escalation. This is due to the plugin …
File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Versions …
Symfony is a PHP framework for web and console applications and a set of reusable PHP components. Symfony's HttpFoundation component defines an object-oriented layer for …
Evervault is a payment security solution. A vulnerability was identified in the `evervault-go` SDK’s attestation verification logic in versions of `evervault-go` prior to 1.3.2 that …
A flaw has been found in DinukaNavaratna Dee Store 1.0. Affected is an unknown function. Executing manipulation can lead to missing authorization. The attack may …
An improper permissions vulnerability was reported in Lenovo App Store that could allow a local authenticated user to execute code with elevated privileges during installation …
Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability. A low privileged …
Free website and port scanning — find vulnerabilities before attackers do.