VIR Vulnerability Intelligence Relay

Search

Found 62,672 results in 2636ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2021-47980 high 7.1 7.1 22d ago Fuel CMS 1.4.13 contains a blind SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the 'col' parameter in the Activity Log i…
CVE-2021-47979 high 8.8 8.8 22d ago WordPress Plugin Backup and Restore 1.0.3 contains an arbitrary file deletion vulnerability that allows authenticated attackers to delete files by manipulating parameters in AJAX requests. Attackers …
CVE-2021-47977 high 7.5 7.5 22d ago WordPress Plugin Anti-Malware Security and Bruteforce Firewall 4.20.59 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the f…
CVE-2021-47976 high 8.8 8.8 22d ago TextPattern CMS 4.9.0-dev contains a remote code execution vulnerability that allows authenticated attackers to upload arbitrary PHP files by exploiting the plugin upload functionality. Attackers can…
CVE-2021-47975 high 7.2 7.2 22d ago WP Learn Manager 1.1.2 contains a stored cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts through the `fieldtitle` parameter. Attackers can submit …
CVE-2021-47974 high 7.8 7.8 22d ago VX Search 13.5.28 contains an unquoted service path vulnerability in both VX Search Server and VX Search Enterprise services that allows local attackers to escalate privileges. Attackers can place ma…
CVE-2021-47973 high 7.5 7.5 22d ago Sticky Notes Widget 3.0.6 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character strings into note fields. Attackers can gener…
CVE-2021-47972 high 7.5 7.5 22d ago Sticky Notes & Color Widgets 1.4.2 contains a denial of service vulnerability that allows attackers to crash the application by creating notes with excessively long character strings. Attackers can p…
CVE-2021-47971 high 7.5 7.5 22d ago My Notes Safe 5.3 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character strings into note fields. Attackers can generate a pa…
CVE-2021-47970 high 7.5 7.5 22d ago Macaron Notes 5.5 contains a denial of service vulnerability that allows attackers to crash the application by creating notes with excessively long character strings. Attackers can generate a payload…
CVE-2021-47969 high 7.5 7.5 22d ago Color Notes 1.4 contains a denial of service vulnerability that allows attackers to crash the application by pasting excessively long character strings into note fields. Attackers can generate a payl…
CVE-2021-47956 high 8.2 8.2 22d ago EgavilanMedia PHPCRUD 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the firstname parameter. Attackers…
CVE-2021-47954 high 8.2 8.2 22d ago LayerBB 1.1.4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the search_query parameter. Attackers can send…
CVE-2021-47952 critical 9.8 9.8 sles 22d ago python jsonpickle 2.0.0 contains a remote code execution vulnerability that allows attackers to execute arbitrary Python commands by deserializing malicious JSON payloads containing py/repr objects. …
CVE-2021-47942 high 7.5 7.5 hacs 22d ago Home Assistant Community Store (HACS) prior to 1.10.0 contains a path traversal vulnerability that allows unauthenticated attackers to read sensitive files by traversing directories via the /hacsfile…
CVE-2020-37247 high 7.8 7.8 22d ago Kite 4.2.0.1 U1 contains an unquoted service path vulnerability in the KiteService Windows service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers …
CVE-2020-37245 high 7.5 7.5 22d ago Supsystic Digital Publications 1.6.9 contains a path traversal vulnerability in the Folder input field that allows attackers to access files outside the web root by injecting directory traversal sequ…
CVE-2020-37244 high 8.2 8.2 22d ago Supsystic Membership 1.4.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'search' and 'sidx' p…
CVE-2020-37243 high 8.2 8.2 22d ago Supsystic Pricing Table 1.8.7 contains an SQL injection vulnerability in the 'sidx' GET parameter that allows unauthenticated attackers to execute arbitrary SQL queries through the getListForTbl acti…
CVE-2020-37242 high 8.2 8.2 22d ago Supsystic Ultimate Maps 1.1.12 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'sidx' GET parame…
CVE-2020-37239 critical 9.8 9.8 22d ago libbabl 0.1.62 contains a broken double free detection vulnerability that allows attackers to bypass memory safety checks by exploiting signature overwriting in freed chunks. Attackers can call babl_…
CVE-2020-37232 high 7.8 7.8 22d ago Advanced System Care Service 13.0.0.157 contains an unquoted service path vulnerability in the AdvancedSystemCareService13 service binary path that allows local attackers to escalate privileges. Atta…
CVE-2020-37231 high 7.8 7.8 22d ago Privacy Drive 3.17.0 contains an unquoted service path vulnerability in the pdsvc.exe service binary that allows local attackers to escalate privileges by exploiting the service startup process. Atta…
CVE-2020-37230 high 7.8 7.8 22d ago Syncplify.me Server! 5.0.37 contains an unquoted service path vulnerability in the SMWebRestServicev5 service that allows local attackers to escalate privileges by exploiting the unquoted binary path…
CVE-2020-37229 high 7.8 7.8 22d ago OKI sPSV Port Manager 1.0.41 contains an unquoted service path vulnerability in the sPSVOpLclSrv service that allows local attackers to escalate privileges by inserting executable files into the unqu…
CVE-2020-37228 critical 9.8 9.8 22d ago iDS6 DSSPro Digital Signage System 6.2 contains a CAPTCHA security bypass vulnerability that allows attackers to bypass authentication by requesting the autoLoginVerifyCode object. Attackers can retr…
CVE-2020-37227 high 8.8 8.8 22d ago HS Brand Logo Slider 2.1 contains an unrestricted file upload vulnerability that allows authenticated users to bypass client-side file extension validation by uploading arbitrary files. Attackers can…
CVE-2026-8657 high 8.2 8.2 22d ago Versions of the package jsondiffpatch before 0.7.6 are vulnerable to Prototype Pollution via the jsondiffpatch.patch() and jsondiffpatch/formatters/jsonpatch.patch() APIs. An attacker can perform pro…
CVE-2026-46703 critical 9.5 22d ago Boxlite: Path Traversal Vulnerability Leads to Arbitrary File Write on the Host
CVE-2026-46695 critical 9.5 22d ago BoxLite: Permission Bypass Allows Modification of Read-Only Files
CVE-2026-8700 high 7.3 7.3 FIX debian debian 23d ago Crypt::DSA versions before 1.20 for Perl generate seeds using rand. Seeds were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage.
CVE-2026-45665 high 8.1 8.1 openwebui 23d ago Open WebUI has Stored XSS in Banner Component via Improper Sanitization Order
CVE-2026-45315 high 8.7 8.7 openwebui 23d ago Open WebUI has stored XSS via attacker-controlled file extension in /api/v1/audio/transcriptions
CVE-2026-45301 high 8.1 8.1 openwebui 23d ago Open WebUI: Missing permission check in files API allows authenticated users to list, access and delete every uploaded file
CVE-2026-44570 high 8.3 8.3 openwebui 23d ago Open WebUI has inconsistent authorization controls within memories API
CVE-2026-44569 high 7.1 7.1 openwebui 23d ago Open WebUI's Insecure Message Access Breaks Authorization
CVE-2026-44566 critical 9.8 9.8 openwebui 23d ago Open WebUI Vulnerable to Arbitrary File Upload and Path Traversal
CVE-2026-44565 high 8.1 8.1 openwebui 23d ago Open WebUI Arbitrary File Write, Delete via Path Traversal
CVE-2026-44549 high 8.7 8.7 openwebui 23d ago Open WebUI has stored XSS in Excel file preview
CVE-2026-46367 high 7.6 7.6 23d ago phpMyFAQ before 4.1.2 contains a stored cross-site scripting vulnerability in Utils::parseUrl() that allows authenticated users to inject JavaScript via malformed URLs in comments. Attackers can craf…
CVE-2026-8696 critical 9.8 9.8 FIX debian debian radare 23d ago radare2 6.1.5 contains a use-after-free vulnerability in the gdbr_pids_list() function within the GDB client core that allows remote attackers to cause a denial of service or potentially execute arbi…
CVE-2026-45402 high 8.1 8.1 openwebui 23d ago Open WebUI: Cross-User File Access via Unchecked file_id in Folder Knowledge and Knowledge-Base Attach Endpoints
CVE-2026-45401 high 8.5 8.5 openwebui 23d ago Open WebUI has a SSRF Bypass via HTTP Redirect Following in Web-Fetch and Image-Load Endpoints (not addressed by CVE-2025-65958)
CVE-2026-45400 high 8.5 8.5 openwebui 23d ago Open WebUI has a Server-Side Request Forgery (SSRF) bypass in `validate_url`
CVE-2026-45395 high 7.2 7.2 openwebui 23d ago Open WebUI: Missing `workspace.tools` Authorization Check on Tool Update Endpoint Allows Privilege Escalation to Code Execution
CVE-2026-44721 high 7.3 7.3 openwebui 23d ago open-webui Vulnerable to Stored XSS via Model Description
CVE-2026-45675 high 8.1 8.1 openwebui 23d ago Open WebUI: LDAP and OAuth First-User Race Condition Allows Multiple Admin Accounts
CVE-2026-45399 high 7.1 7.1 openwebui 23d ago Open WebUI: Low-privilege authenticated users can enumerate and stop global background tasks, causing system-wide chat disruption
CVE-2026-45349 high 7.1 7.1 openwebui 23d ago Open WebUI has Broken Access Control for Completions API
CVE-2026-44556 high 7.1 7.1 openwebui 23d ago Open WebUI's responses passthrough endpoint lacks access control authorization
CVE-2026-44555 high 7.6 7.6 openwebui 23d ago Open WebUI's Base Model Routing Bypasses Access Control via Model Chaining
CVE-2026-44554 high 8.1 8.1 openwebui 23d ago Open WebUI has Knowledge Base Destruction and RAG Poisoning via Unauthorized Collection Overwrite
CVE-2026-8686 critical 9.1 9.1 freertosaws 23d ago Missing bounds validation in the MQTT v5.0 property parser in coreMQTT before 5.0.1 allows an MQTT broker to cause a denial of service by sending a crafted packet. To remediate this issue, users s…
CVE-2026-46408 high 7.6 7.6 23d ago Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.3, the checkout endpoint accepts a user-controlled cart_id and uses it to enter …
CVE-2026-46407 high 8.1 8.1 23d ago Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.3, the backend admin/auth-token endpoint allows an authenticated administrator t…
CVE-2026-46366 high 7.5 7.5 23d ago phpMyFAQ before 4.1.2 contains an information disclosure vulnerability in the getIdFromSolutionId() method that lacks permission filtering, allowing unauthenticated attackers to enumerate restricted …
CVE-2026-46364 critical 9.8 9.8 23d ago phpMyFAQ before 4.1.2 contains an unauthenticated SQL injection vulnerability in BuiltinCaptcha::garbageCollector() and BuiltinCaptcha::saveCaptcha() methods that interpolate unsanitized User-Agent h…
CVE-2026-46359 high 7.5 7.5 23d ago phpMyFAQ before 4.1.2 contains a sql injection vulnerability in CurrentUser::setTokenData that allows authenticated attackers to execute arbitrary SQL by injecting malicious OAuth token claims. Attac…
CVE-2026-45010 critical 9.1 9.1 23d ago phpMyFAQ before 4.1.2 contains an improper restriction of excessive authentication attempts vulnerability in the /admin/check endpoint, which accepts arbitrary user-id parameters without session bind…
CVE-2026-44826 high 7.5 7.5 23d ago Vvveb is a powerful and easy to use CMS with page builder to build websites, blogs or ecommerce stores. Prior to 1.0.8.2, Vvveb CMS does not validate the sign of the quantity parameter on the cart-ad…
CVE-2021-47966 high 8.2 8.2 23d ago PHP Timeclock 1.04 contains time-based and boolean-based blind SQL injection vulnerabilities in the login_userid parameter of login.php that allows unauthenticated attackers to extract database conte…
CVE-2021-47965 critical 9.8 9.8 23d ago WordPress Plugin WP Super Edit 2.5.4 and earlier contains an unrestricted file upload vulnerability in the FCKeditor component that allows attackers to upload dangerous file types without validation.…
CVE-2021-47964 high 8.8 8.8 23d ago Schlix CMS 2.2.6-6 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary PHP code by uploading malicious extension packages through the block manager…
CVE-2021-47963 high 7.2 7.2 23d ago Anote 1.0 contains a persistent cross-site scripting vulnerability that allows attackers to execute arbitrary code by injecting malicious payloads into markdown files stored within the application. A…
CVE-2021-47959 high 7.5 7.5 23d ago WordPress Plugin WPGraphQL 1.3.5 contains a denial of service vulnerability that allows unauthenticated attackers to exhaust server resources by sending batched GraphQL queries with duplicated fields…
CVE-2026-45578 high 8.8 8.8 wwbn 23d ago WWBN AVideo is an open source video platform. In 29.0 and earlier, there is a classic shell-metacharacter injection. The YPTSocket notification branch in plugin/Live/on_publish.php builds an execAsyn…
CVE-2026-46474 high 7.5 7.5 23d ago Trog::TOTP versions before 1.006 for Perl generate secrets using rand. Secrets were generated using Perl's built-in rand function, which is predictable and unsuitable for security usage.
CVE-2026-46491 high 8.0 23d ago SimpleSAMLphp casserver FileSystemTicketStore path traversal allows out-of-ticket-directory read/unserialize and conditional deletion
CVE-2026-44692 high 8.0 23d ago Authenticated Sharp users can download unrelated Laravel Storage objects through the generic download endpoint
CVE-2026-45364 high 7.3 7.3 23d ago Better Auth is an authentication and authorization library for TypeScript. Prior to 1.4.17 and 1.5.0-beta.9, Better Auth's HTTP rate limiter keyed each request by the exact textual IP address it rece…
CVE-2026-8695 critical 9.8 9.8 FIX debian debian radare 23d ago radare2 6.1.5 contains a use-after-free vulnerability in the gdbr_threads_list() function that allows remote attackers to trigger memory corruption by sending a valid qfThreadInfo response followed b…
CVE-2026-45539 high 7.4 7.4 23d ago Microsoft APM: Symlinks under `.apm/prompts/` and `.apm/agents/` are dereferenced during `apm install`, copying host-local file contents into the project tree
CVE-2026-45038 high 7.8 7.8 tabby 23d ago Tabby (formerly Terminus) is a highly configurable terminal emulator. Prior to 1.0.233, since Tabby does not escape control characters from file paths when dragging and dropping a file into it, code …
CVE-2026-45037 high 7.1 7.1 tabby 23d ago Tabby (formerly Terminus) is a highly configurable terminal emulator. Prior to 1.0.232, Tabby's terminal linkifier passes any detected URI directly to the operating system's protocol handler without …
CVE-2026-45036 high 7.0 7.0 tabby 23d ago Tabby (formerly Terminus) is a highly configurable terminal emulator. Prior to 1.0.233, Tabby before 1.0.233 automatically confirms ZMODEM protocol detection on all terminal session output without us…
CVE-2026-45035 high 8.8 8.8 tabby 23d ago Tabby (formerly Terminus) is a highly configurable terminal emulator. Prior to 1.0.233, Tabby registers itself as the handler for the tabby:// URL scheme on all platforms. The URL scheme handler supp…
CVE-2026-44774 critical 9.9 9.9 traefik 23d ago Traefik: Gateway API TraefikService backend accepts rest@internal, allowing unauthorized exposure of the REST provider despite providers.rest.insecure=false
CVE-2026-44717 critical 9.8 9.8 23d ago MCP Calculate Server is a mathematical calculation service based on MCP protocol and SymPy library. Prior to 0.1.1, the use of eval() to evaluate mathematical expressions without proper input sanitiz…
CVE-2026-44714 high 7.5 7.5 23d ago bitcoinj has a ScriptExecution P2PKH/P2WPKH Verification Bypass
CVE-2026-44641 high 7.1 7.1 23d ago Microsoft APM CLI's plugin.json component paths escape plugin root and copy arbitrary host files during install
CVE-2026-41258 critical 9.1 9.1 23d ago OpenMRS has Stored Velocity SSTI to RCE via ConceptReferenceRange
CVE-2026-45062 high 8.0 23d ago FrankenPHP: Unsafe Unicode Handling in CGI Path Splitting Allows Execution of Non-PHP Files
CVE-2026-44716 high 8.0 23d ago Pipecat: Path Traversal in Pipecat Runner `/files` Endpoint — Arbitrary File Read via `%2F`-Encoded Separator
CVE-2026-41147 high 8.7 8.7 23d ago NukeViet CMS: Stored Cross-Site Scripting (XSS) via insufficient server-side input sanitization in Request class
CVE-2026-46508 high 7.8 7.8 vercel 23d ago Turborepo is a high-performance build system for JavaScript and TypeScript codebases. Prior to 2.9.14000, the Turborepo LSP VS Code extension could execute shell commands derived from workspace-contr…
CVE-2026-45772 critical 9.8 9.8 vercel 23d ago Turbo: Unexpected local code execution during Yarn Berry detection
CVE-2026-35194 high 8.1 8.1 apache 23d ago Apache Flink: Remote code execution via SQL injection in code generation
CVE-2026-46483 high 7.0 7.0 FIX slesdebian debianwindows windows vim 23d ago Vim is an open source, command line text editor. Prior to 9.2.0479, a command injection vulnerability exists in tar#Vimuntar() in runtime/autoload/tar.vim when decompressing .tgz archives on Unix-lik…
CVE-2026-45736 high 7.5 7.5 FIX debian debianwindows windows ws_project 23d ago ws: Uninitialized memory disclosure
CVE-2026-39054 high 7.3 7.3 23d ago Oinone Pamirs 7.0.0 contains a command injection vulnerability in CommandHelper.executeCommands. The method starts a shell process and writes attacker-controlled command strings directly to the proce…
CVE-2026-38728 high 7.5 7.5 23d ago An issue in Nodemailer smtp_server before v.3.18.3 allows a remote attacker to cause a denial of service via the SMTPStream._write, lib/smtp-stream.js components
CVE-2026-34253 high 8.2 8.2 slesdebian debian 23d ago A buffer underflow vulnerability has been identified in the ogg123 utility from the vorbis-tools 1.4.3 package in function remotethread in remote.c. This vulnerability occurs in the remote control fu…
CVE-2026-41553 critical 10.0 10.0 dhtmlx 23d ago PDF Export Module used in DHTMLX's products Gantt and Scheduler is vulnerable to Remote Code Execution due to lack of "data" parameter sanitization. An unauthenticated attacker can inject the malicio…
CVE-2026-41552 high 7.5 7.5 dhtmlx 23d ago PDF Export Module used in DHTMLX's products Gantt and Scheduler is vulnerable to Path Traversal due to lack of HTML sanitization. An unauthenticated user could craft the html payload which could incl…
CVE-2026-41964 high 8.4 8.4 23d ago Permission control vulnerability in the web. Impact: Successful exploitation of this vulnerability may affect availability.
CVE-2026-6403 high 7.5 7.5 23d ago The Quick Playground plugin for WordPress is vulnerable to Path Traversal in versions up to and including 1.3.3. This is due to insufficient path validation in the qckply_zip_theme() function, which …
CVE-2026-6228 high 8.8 8.8 23d ago The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to Privilege Escalation in versions up to and including 3.28.36. This is due to insufficient authorization checks in the role field…
CVE-2026-5229 critical 9.8 9.8 23d ago The Form Notify plugin for WordPress is vulnerable to Authentication Bypass in versions up to and including 1.1.10. This is due to the plugin trusting user-controlled cookie data to determine which W…
CVE-2026-8398 critical 9.8 10.0 KEV disc-soft 23d ago Daemon Tools contains an unspecified vulnerability that has a high impact on confidentiality, integrity, and availability.
CVE-2026-4094 high 8.1 8.1 23d ago The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to unauthorized data loss due to a missing capability check on the 'admin_head' function in all versions up…