111255+ vulnerabilities with CVSS scores, EPSS exploit predictions, and CISA KEV status. Updated daily.
AVideo versions prior to 20.1 disclose absolute filesystem paths via multiple public API endpoints. Returned metadata includes full server paths to media files, revealing underlying …
AVideo versions prior to 20.1 expose sensitive user information through an unauthenticated public API endpoint. Responses include emails, usernames, administrative status, and last login times, …
AVideo versions prior to 20.1 contain an open redirect vulnerability caused by insufficient validation of the siteRedirectUri parameter during user registration. Attackers can redirect users …
AVideo versions prior to 20.1 are vulnerable to an open redirect flaw due to missing validation of the cancelUri parameter during user login. An attacker …
AVideo versions prior to 20.1 contain an insecure direct object reference vulnerability allowing users with upload permissions to modify the rotation metadata of any video. …
AVideo versions prior to 20.1 permit any authenticated user to upload comment images to videos owned by other users. The endpoint validates authentication but omits …
AVideo versions prior to 20.1 allow any authenticated user to upload files into directories belonging to other users due to an insecure direct object reference. …
AVideo versions prior to 20.1 are vulnerable to an insecure direct object reference (IDOR) that allows any authenticated user to delete media files belonging to …
AVideo versions prior to 20.1 with the ImageGallery plugin enabled is vulnerable to unauthenticated file upload and deletion. Plugin endpoints responsible for managing gallery images …
Missing cryptographic key commitment in the AWS SDK for C++ may allow a user with write access to the S3 bucket to introduce a new …
Missing cryptographic key commitment in the Amazon S3 Encryption Client for .NET may allow a user with write access to the S3 bucket to introduce …
A local file inclusion (LFI) vulnerability in RiteCMS v3.1.0 allows attackers to read arbitrary files on the host via a directory traversal in the admin_language_file …
A Cross-Site Request Forgery (CSRF) in the page creation/editing function of RiteCMS v3.1.0 allows attackers to arbitrarily create pages via a crafted POST request.
Incorrect access control in the /templates/ component of RiteCMS v3.1.0 allows attackers to access sensitive files via directory traversal.
A reflected cross-site scripting (XSS) vulnerability in RiteCMS v3.1.0 allows attackers to execute arbitrary code in the context of a user's browser via a crafted …
RiteCMS v3.1.0 was discovered to use insecure encryption to store passwords.
CSRF vulnerability in narda miteq Uplink Power Contril Unit UPC2 v.1.17 allows a remote attacker to execute arbitrary code via the Web-based management interface and …
ChurchCRM is an open-source church management system. Prior to version 6.5.3, a SQL injection vulnerability exists in the `src/ListEvents.php` file. When filtering events by type, …
ChurchCRM is an open-source church management system. Prior to version 5.21.0, a pre-authentication remote code execution vulnerability in ChurchCRM's setup wizard allows unauthenticated attackers to …
The Ultimate Member plugin for WordPress is vulnerable to Profile Privacy Setting Bypass in all versions up to, and including, 2.11.0. This is due to …
The Live Composer – Free WordPress Website Builder plugin for WordPress is vulnerable to multiple Stored Cross-Site Scripting vulnerabilities via DOM manipulation in all versions …
Mattermost Desktop App versions <6.0.0 fail to enable the Hardened Runtime on the Mattermost Desktop App when packaged for Mac App Store which allows an …
Mattermost versions 10.11.x <= 10.11.5, 11.0.x <= 11.0.4, 10.12.x <= 10.12.2 fail to invalidate remote cluster invite tokens when using the legacy (version 1) protocol …
Mattermost Desktop App versions <6.0.0 fail to sanitize sensitive information from Mattermost logs and clear data on server deletion which allows an attacker with access …
The Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the …
Mattermost versions 11.0.x <= 11.0.4, 10.12.x <= 10.12.2, 10.11.x <= 10.11.6 fail to check WebSocket request field for proper UTF-8 format, which allows attacker to …
Miniconda3 macOS installers before 23.11.0-1 contain a local privilege escalation vulnerability when installed outside the user's home directory. During installation, world-writable files are created and …
Anaconda3 macOS installers before 2024.06-1 contain a local privilege escalation vulnerability when installed outside the user's home directory. During installation, world-writable files are created and …
RiteCMS v3.1.0 was discovered to contain an authenticated remote code execution (RCE) vulnerability via the parse_special_tags() function.
A Cross-site scripting (XSS) vulnerability in Create/Update Item Kit(s) in Open Source Point of Sale v3.4.1 allows remote attackers to inject arbitrary web script or …
A Cross-site scripting (XSS) vulnerability in Create/Update Customer(s) in Open Source Point of Sale v3.4.1 allows remote attackers to inject arbitrary web script or HTML …
KeePassXC-Browser thru 1.9.9.2 autofills or prompts to fill stored credentials into documents rendered under a browser-enforced CSP directive and iframe attribute sandbox, allowing attacker-controlled script …
A SQL injection vulnerability was found in the '/cts/admin/?page=zone' file of ITSourcecode COVID Tracking System Using QR-Code v1.0. The reason for this issue is that …
An Insecure Direct Object Reference (IDOR) in Pagekit CMS v1.0.18 allows attackers to escalate privileges.
An authenticated arbitrary file upload vulnerability in the /storage/poc.php component of Pagekit CMS v1.0.18 allows attackers to execute arbitrary code via uploading a crafted PHP …
A Cross-site scripting (XSS) vulnerability in Create/Update Item(s) Module in Open Source Point of Sale v3.4.1 allows remote attackers to inject arbitrary web script or …
The OTA firmware update mechanism in Netun Solutions HelpFlash IoT (firmware v18_178_221102_ASCII_PRO_1R5_50) uses hard-coded WiFi credentials identical across all devices and does not authenticate update …
There is a username enumeration via local user login in Entrinsik Informer v5.10.1 which allows malicious users to enumerate users by entering an OTP code …
An issue was discovered in the Portrait Dell Color Management application through 3.3.008 for Dell monitors, It creates a temporary folder, with weak permissions, during …
The Portrait Dell Color Management application 3.3.8 for Dell monitors has Insecure Permissions,
Successful exploitation of this vulnerability could allow an attacker to gain unauthorized access to sensitive information.
A vulnerability in the Spam Quarantine feature of Cisco AsyncOS Software for Cisco Secure Email Gateway and Cisco Secure Email and Web Manager could allow …
An attacker can bypass authorization checks and force a Step CA ACME or SCEP provisioner to create certificates without completing certain protocol authorization checks.
Successful exploitation of these vulnerabilities could allow an attacker to modify firmware and gain full access to the device.
A vulnerability exists in NGINX Ingress Controller's nginx.org/rewrite-target annotation validation. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
In jose4j before 0.9.6, an attacker can cause a Denial-of-Service (DoS) condition by crafting a malicious JSON Web Encryption (JWE) token with an exceptionally high …
In python-jose 3.3.0 (specifically jwe.decrypt), a vulnerability allows an attacker to cause a Denial-of-Service (DoS) condition by crafting a malicious JSON Web Encryption (JWE) token …
Netaxis API Orchestrator (APIO) before 0.19.3 allows server side template injection (SSTI).
CSRF in Ercom Cryptobox administration console allows attacker to trigger some actions on behalf of a Cryptobox administrator. The attack requires the administrator to browse …
Mattermost versions 10.11.x <= 10.11.4 fail to validate redirect URLs on the /error page, which allows an attacker to redirect a victim to a malicious …
Free website and port scanning — find vulnerabilities before attackers do.