VYPR

CVEs

82,359 total · page 32 of 1,648

  • CVE-2026-41249HigJun 4, 2026
    risk 0.46cvss 8.2epss 0.00

    CoreShop is a Pimcore enhanced eCommerce solution. In versions 5.0.1 through 5.1.0-beta.1,, the GitHub Actions workflow (`.github/workflows/static.yml`) uses the `pull_request_target` trigger but dangerously checks out the unverified code from the pull request head (`ref: ${{…

  • CVE-2026-41237HigJun 4, 2026
    risk 0.49cvss epss 0.00

    Froxlor is open source server administration software. In version 2.3.6 and earlier, the LOC record regex uses `\s+` which matches newlines (allowing embedded newlines to pass), TLSA `matchingType=0` has no upper bound on hex data length, and all validators return raw input…

  • CVE-2026-41236HigJun 4, 2026
    risk 0.50cvss 8.8epss 0.00

    Froxlor is open source server administration software. Version 2.3.6 contains a symlink-following flaw in the root-owned SSH key synchronization path used for customer FTP users. The provisioning code appends public keys to `~/.ssh/authorized_keys` under a customer-controlled…

  • CVE-2026-41235HigJun 4, 2026
    risk 0.49cvss epss 0.00

    Froxlor is open source server administration software. Version 2.3.6 lets administrators configure `system.available_shells` as the approved shell list that customers may assign to FTP users. However, the server-side FTP account handlers do not enforce that whitelist when…

  • CVE-2026-41234HigJun 4, 2026
    risk 0.42cvss 7.6epss 0.00

    Froxlor is open source server administration software. Prior to version 2.3.7, the `DomainZones.add` API endpoint does not sanitize newline characters in TXT record content. An authenticated customer with DNS editing enabled can inject newlines into TXT record values, which…

  • CVE-2026-49279higJun 4, 2026
    risk 0.39cvss epss 0.00

    # AVideo: Stored XSS via `autoEvalCodeOnHTML` in MessageSQLite WebSocket Handler ## Summary AVideo has a stored XSS vulnerability in the WebSocket messaging system. The `MessageSQLite.php` handler only strips `autoEvalCodeOnHTML` from `$json['msg']`, but `msgToResourceId()`…

  • CVE-2026-50292HigJun 4, 2026
    risk 0.48cvss 7.4epss 0.01

    In libinput before 1.30.4 and 1.31.x before 1.31.3, libinput-device-group unescaped phys output can inject udev properties leading to arbitrary root code execution

  • CVE-2026-25551HigJun 4, 2026
    risk 0.51cvss 7.8epss 0.00

    Seagull Software BarTender 2021 R1 through 12.0.1 contains an insecure deserialization vulnerability that allows low-privileged local users to escalate privileges. The DataServiceSingleton .NET Remoting endpoint is bound to localhost on TCP port 7375 via BtSystem.Service.exe,…

  • CVE-2026-10796HigJun 4, 2026
    risk 0.42cvss 7.5epss 0.00

    nvm (Node Version Manager) through 0.40.4 executes arbitrary commands from version strings supplied by the configured Node.js/io.js mirror. Commands such as `nvm install` read the available versions from the mirror's index.tab and use the selected version, without sanitization,…

  • CVE-2025-69755HigJun 4, 2026
    risk 0.53cvss 8.2epss 0.00

    An issue in Neterbit NW-431F Router vNW-431F-20241014-IR03 allows a remote attacker to obtain sensitive information and execute arbitrary code via a crafted command to the at_command.asp interface

  • CVE-2025-67448HigJun 4, 2026
    risk 0.46cvss 7.1epss 0.00

    The SMS module in Neterbit NW-431F Router 20241014-IR03 and before is vulnerable to stored XSS. The application does not properly sanitize user input in SMS messages before storing and displaying them. An attacker can send an SMS containing a malicious XSS payload, which will be…

  • CVE-2026-49942HigJun 4, 2026
    risk 0.40cvss 7.3epss 0.00

    Net::CIDR::Set versions through 0.20 for Perl did not validate network masks. The mask portion of a network mask could contain Unicode digits such as the Arabic-Indic One (U+0661), or non-digits, which were ignored. This could allow network masks to accept larger networks. …

  • CVE-2026-49941HigJun 4, 2026
    risk 0.49cvss 7.5epss 0.00

    Net::CIDR::Set versions through 0.20 for Perl did not validate IP addresses. The add method called the _encode method to parse addresses. If the addresses did not look like netmasks or network ranges, then they were assumed to single IP addresses and passed back to itself as a…

  • CVE-2026-46741HigJun 4, 2026
    risk 0.49cvss 7.5epss 0.00

    Etsy::StatsD versions through 1.002002 for Perl allow metric injections. The metric names and values are not checked for newlines, colons or pipes. Metrics generated from untrusted sources could inject additional statsd metrics. Note that the git repository contains an…

  • CVE-2026-5228HigJun 4, 2026
    risk 0.57cvss 8.8epss 0.00

    Improper Access Control, Missing Authorization vulnerability in Kurt Software Studio WriteUp Mobile App allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WriteUp Mobile App: from 1.3.0 through 04062026.

  • CVE-2026-44393HigJun 4, 2026
    risk 0.48cvss 7.4epss 0.00

    An issue was discovered in OpenStack oslo.messaging 1.0.0 through 17.3.0. The oslo.messaging RabbitMQ driver does not perform TLS hostname verification when connecting to the message broker. When ssl_ca_file is configured, the driver enables certificate chain validation but does…

  • CVE-2026-43985HigJun 4, 2026
    risk 0.50cvss 8.8epss 0.00

    Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Versions prior to 2.17.1 expose `configUpdate` as a state-changing administrator endpoint, but the route does not enforce `POST` and does not use any anti-CSRF token. In the default form and JWT-based…

  • CVE-2026-43984HigJun 4, 2026
    risk 0.51cvss 8.9epss 0.00

    Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Versions prior to 2.17.1 expose `log_js_errors` to any authenticated user, including guest users when guest access is enabled. The endpoint writes attacker-controlled strings directly into the main…

  • CVE-2026-38570HigJun 4, 2026
    risk 0.49cvss 7.5epss 0.00

    bacnet_stack 1.3.1 contains an Out-of-bounds Read in bacnet_tag_number_decode which allows attackers to cause a denial of service.

  • CVE-2026-41065HigJun 4, 2026
    risk 0.51cvss epss 0.00

    Tautulli is a Python based monitoring and tracking tool for Plex Media Server. Versions prior to 2.17.1 are vulnerable to remote code execution via the newsletter custom template directory feature. On a fresh install before the setup wizard is completed, all management endpoints…

  • CVE-2026-36176HigJun 4, 2026
    risk 0.46cvss 7.1epss 0.00

    GNCC GP5 v7.1.76 was discovered to store pre-signed Backblaze B2 upload URLs (PUT requests) in plaintext to the serial console. This allows physically-proximate attackers to extract these active tokens to perform unauthorized operations via monitoring the serial UART interface.

  • CVE-2026-28318HigKEVJun 4, 2026
    risk 0.61cvss 7.5epss 0.11

    SolarWinds Serv-U is susceptible to specially crafted POST requests that crash the Serv-U service without authentication using Content-Encoding: deflate. Mitigation steps are provided to secure customer environments in the SolarWinds Trust Center if you are unable to deploy the…

  • CVE-2026-10863HigJun 4, 2026
    risk 0.46cvss 8.1epss 0.00

    A security issue was fixed in the correlations over-correlation endpoint where the order query parameter was accepted from user-controlled named request parameters. This allowed an authenticated user to override the server-defined ordering of over-correlating values. Depending…

  • CVE-2026-45730higJun 4, 2026
    risk 0.39cvss epss 0.00

    This vulnerability exists in Nuclio Dashboard's project management API, allowing any authenticated user (without membership in the target project) to bypass OPA authorization checks on write paths (`PUT /api/projects/{id}`, `DELETE /api/projects`) and modify or delete any…

  • CVE-2026-45337higJun 4, 2026
    risk 0.38cvss epss 0.00

    ### Am I affected? You are affected if all of the following are true: - You use `better-auth` at a version `>= 1.6.0, < 1.6.11`. - The `deviceAuthorization` plugin is enabled in your auth config (`deviceAuthorization()` in your `plugins` array). - A third party can observe a…

  • CVE-2026-45433HigJun 4, 2026
    risk 0.57cvss epss 0.00

    This vulnerability exists in GX Earth 2022 ONT models due to the presence of hardcoded RSA private key within the device firmware. A remote attacker could exploit this vulnerability by extracting the cryptographic private key from the firmware, which could lead to decryption of…

  • CVE-2025-59874HigJun 4, 2026
    risk 0.53cvss 8.1epss 0.00

    HCL Hive Telco Observability is affected by  a Required directives missing from the CSP issue is detected in keycloak component of the web application. Missing essential directives can leave a site vulnerable.

  • CVE-2025-46638HigJun 4, 2026
    risk 0.49cvss 7.5epss 0.00

    Dell BSAFE SSL-J contains an allocation of resources without limits or throttling vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to a Denial of Service (DoS).

  • CVE-2019-25745HigJun 4, 2026
    risk 0.53cvss 8.2epss 0.00

    WordPress Plugin Google Review Slider 6.1 contains a time-based blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'tid' parameter. Attackers can send GET requests to the admin interface with…

  • CVE-2019-25736HigJun 4, 2026
    risk 0.55cvss 8.4epss 0.00

    LabF nfsAxe 3.7 Ping Client contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload in the Host IP field. Attackers can craft a specially formatted input file with shellcode and overwrite the return address…

  • CVE-2019-25735HigJun 4, 2026
    risk 0.55cvss 8.4epss 0.00

    AllPlayer 7.4 contains a local buffer overflow vulnerability in URL handling that allows attackers to overwrite structured exception handling pointers by supplying an excessively long URL string. Attackers can craft a malicious URL, paste it into the Open URL dialog, and trigger…

  • CVE-2019-25733HigJun 4, 2026
    risk 0.55cvss 8.4epss 0.00

    NetShareWatcher 1.5.8.0 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input. Attackers can craft a payload with overwritten SEH and NSEH pointers through the Restrictions custom…

  • CVE-2019-25732HigJun 4, 2026
    risk 0.53cvss 8.2epss 0.00

    PHP EI-Tube Script 3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the search parameter. Attackers can send GET requests to the search endpoint with crafted SQL payloads in the…

  • CVE-2019-25730HigJun 4, 2026
    risk 0.53cvss 8.2epss 0.00

    Listing Hub CMS 1.0 contains a SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers can send GET requests to pages.php with crafted id values using error-based SQL…

  • CVE-2019-25728HigJun 4, 2026
    risk 0.53cvss 8.2epss 0.00

    Care2x 2.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL commands by manipulating the ck_config cookie parameter. Attackers can inject malicious SQL through the ck_config cookie in multiple endpoints including…

  • CVE-2019-25726HigJun 4, 2026
    risk 0.53cvss 8.2epss 0.00

    All in One Video Downloader 1.2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers can send requests to the admin interface with UNION-based SQL injection…

  • CVE-2026-45432HigJun 4, 2026
    risk 0.57cvss epss 0.00

    This vulnerability exists in GX Earth ONT models due to the transmission of user credentials in plaintext over HTTP in its web management interface. A remote attacker could exploit this vulnerability by intercepting network traffic to obtain sensitive authentication information,…

  • CVE-2026-45431HigJun 4, 2026
    risk 0.57cvss epss 0.00

    This vulnerability exists in GX Earth ONT models due to improper handling of user-supplied input in multiple diagnostic functions in its web management interface. An authenticated remote attacker could exploit this vulnerability by injecting arbitrary and executing OS commands…

  • CVE-2026-10843HigJun 4, 2026
    risk 0.47cvss 7.2epss 0.00

    A flaw was found in the OpenShift Cloud Credential Operator Mint-mode IAM policies for AWS. Operator credentials are provisioned with account-wide scope for destructive actions rather than being restricted to cluster-owned resources, enabling cross-scope impact after credential…

  • CVE-2026-10840HigJun 4, 2026
    risk 0.46cvss 7.1epss 0.00

    A flaw was found in the OpenShift Pipelines operator. The tekton-scheduler-rolebinding ClusterRoleBinding grants the system:authenticated group write access to Kueue and cert-manager custom resources via the tekton-scheduler-role ClusterRole. When Kueue or cert-manager CRDs are…

  • CVE-2025-52612HigJun 4, 2026
    risk 0.46cvss 7.1epss 0.00

    HCL iControl was affected by Export CSV - CSV Injection vulnerability. It is vulnerable to a reflected cross-site scripting vulnerability. This was caused by an insufficient sanitation of input parameters. .

  • CVE-2025-12694HigJun 4, 2026
    risk 0.55cvss epss 0.00

    A local privilege escalation vulnerability exists in Forcepoint VPN Client that allows a local non-administrative user to escalate privileges to SYSTEM. This issue affects VPN Client for Windows: versions 6.11.3 and prior.

  • CVE-2026-49771HigJun 4, 2026
    risk 0.49cvss 7.6epss 0.00

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in 10Web Photo Gallery by 10Web allows Blind SQL Injection. This issue affects Photo Gallery by 10Web: from n/a through 1.8.41.

  • CVE-2026-50213HigJun 4, 2026
    risk 0.49cvss 7.5epss 0.00

    The account validation endpoint /v1/User/validate returns comprehensive user profile data sheets, which can be crawled by iterating predictable identification strings.

  • CVE-2026-50210HigJun 4, 2026
    risk 0.49cvss 7.5epss 0.00

    The device encrypts data using AES-CBC with static zero-filled Initialization Vectors (IVs), making it susceptible to replay attacks and known-plaintext decryption.

  • CVE-2026-50209HigJun 4, 2026
    risk 0.51cvss 7.8epss 0.00

    Broadcast events allow malicious software to rewrite the device's default Mobile Device Management (MDM) endpoint address, shifting administrative ownership to an external attacker.

  • CVE-2026-50207HigJun 4, 2026
    risk 0.51cvss 7.8epss 0.00

    The system Binder boundary accepts unverified pass-through AT commands, giving local applications the power to read baseband files or disable cellular connectivity.

  • CVE-2026-3820HigJun 4, 2026
    risk 0.47cvss 7.2epss 0.00

    There is a vulnerability in the Supermicro BMC SMTP service at Supermicro AS-2115HS-TNR.  An attacker may obtain administrator privileges and inject specially crafted characters into the SMTP service configuration. This may cause the underlying system to execute unintended…

  • CVE-2026-50205HigJun 4, 2026
    risk 0.53cvss 8.2epss 0.00

    System log files output unencrypted SMTP server authentication passwords alongside sensitive employee corporate identification data.

  • CVE-2026-49203HigJun 4, 2026
    risk 0.54cvss 8.3epss 0.00

    Crucial management API endpoints for cellular eSIM allocation do not validate caller authorization, allowing remote profiles to be rewritten or deleted.