CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2020-15860 Parallels Remote Application Server (RAS) 17.1.1 has a Business Logic Error causing remote code execution. It allows an authenticated user to execute any application in the backend operating system th... | 9.9 | CRITICAL | — | 0 |
| CVE-2017-16325 Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the ... | 9.9 | CRITICAL | — | 0 |
| CVE-2019-5138 An exploitable command injection vulnerability exists in encrypted diagnostic script functionality of the Moxa AWK-3131A firmware version 1.13. A specially crafted diagnostic script file can cause arb... | 9.9 | CRITICAL | — | 0 |
| CVE-2015-5951 A file upload issue exists in the specid parameter in Thomson Reuters FATCH before 5.2, which allows malicious users to upload arbitrary PHP files to the web root and execute system commands. | 9.9 | CRITICAL | — | 0 |
| CVE-2019-10940 A vulnerability has been identified in SINEMA Server (All versions < V14.0 SP2 Update 1). Incorrect session validation could allow an attacker with a valid session, with low privileges, to perform fir... | 9.9 | CRITICAL | — | 0 |
| CVE-2019-16872 Portainer before 1.22.1 has Incorrect Access Control (issue 1 of 4). | 9.9 | CRITICAL | — | 0 |
| CVE-2019-10458 Jenkins Puppet Enterprise Pipeline 1.3.1 and earlier specifies unsafe values in its custom Script Security whitelist, allowing attackers able to execute Script Security protected scripts to execute ar... | 9.9 | CRITICAL | — | 0 |
| CVE-2019-10759 safer-eval before 1.3.4 are vulnerable to Arbitrary Code Execution. A payload using constructor properties can escape the sandbox and execute arbitrary code. | 9.9 | CRITICAL | — | 0 |
| CVE-2019-10760 safer-eval before 1.3.2 are vulnerable to Arbitrary Code Execution. A payload using constructor properties can escape the sandbox and execute arbitrary code. | 9.9 | CRITICAL | — | 0 |
| CVE-2019-10306 A sandbox bypass vulnerability in Jenkins ontrack Plugin 3.4 and earlier allowed attackers with control over ontrack DSL definitions to execute arbitrary code on the Jenkins master JVM. | 9.9 | CRITICAL | — | 0 |
| CVE-2019-1003034 A sandbox bypass vulnerability exists in Jenkins Job DSL Plugin 1.71 and earlier in job-dsl-core/src/main/groovy/javaposse/jobdsl/dsl/AbstractDslScriptLoader.groovy, job-dsl-plugin/build.gradle, job-d... | 9.9 | CRITICAL | — | 0 |
| CVE-2019-11898 Unauthorized APE administration privileges can be achieved by reverse engineering one of the APE service tools. The service tool is discontinued with Bosch Access Professional Edition (APE) 3.8. | 9.9 | CRITICAL | — | 0 |
| CVE-2020-11011 In Phproject before version 1.7.8, there's a vulnerability which allows users with access to file uploads to execute arbitrary code. This is patched in version 1.7.8. | 9.9 | CRITICAL | — | 0 |
| CVE-2018-18556 A privilege escalation issue was discovered in VyOS 1.1.8. The default configuration also allows operator users to execute the pppd binary with elevated (sudo) permissions. Certain input parameters ar... | 9.9 | CRITICAL | — | 0 |
| CVE-2018-3875 An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The video-core process incor... | 9.9 | CRITICAL | — | 0 |
| CVE-2018-3874 An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the de... | 9.9 | CRITICAL | — | 0 |
| CVE-2018-3872 An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process inc... | 9.9 | CRITICAL | — | 0 |
| CVE-2018-3866 An exploitable buffer overflow vulnerability exists in the samsungWifiScan handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process... | 9.9 | CRITICAL | — | 0 |
| CVE-2018-3904 An exploitable buffer overflow vulnerability exists in the camera 'update' feature of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process... | 9.9 | CRITICAL | — | 0 |
| CVE-2019-1003031 A sandbox bypass vulnerability exists in Jenkins Matrix Project Plugin 1.13 and earlier in pom.xml, src/main/java/hudson/matrix/FilterScript.java that allows attackers with Job/Configure permission to... | 9.9 | CRITICAL | — | 0 |
| CVE-2018-3905 An exploitable buffer overflow vulnerability exists in the camera "create" feature of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-c... | 9.9 | CRITICAL | — | 0 |
| CVE-2018-3878 Multiple exploitable buffer overflow vulnerabilities exist in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The vide... | 9.9 | CRITICAL | — | 0 |
| CVE-2018-3917 On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process insecurely extracts the fields from the "shard" table of its SQLite database, leading to a buffer o... | 9.9 | CRITICAL | — | 0 |
| CVE-2017-16346 An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c368 the value for the s_mac key is copied using strcpy to the... | 9.9 | CRITICAL | — | 0 |
| CVE-2017-16345 An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c318 the value for the s_port key is copied using strcpy to th... | 9.9 | CRITICAL | — | 0 |
| CVE-2018-3863 On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on th... | 9.9 | CRITICAL | — | 0 |
| CVE-2018-3919 An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.2... | 9.9 | CRITICAL | — | 0 |
| CVE-2019-1003032 A sandbox bypass vulnerability exists in Jenkins Email Extension Plugin 2.64 and earlier in pom.xml, src/main/java/hudson/plugins/emailext/ExtendedEmailPublisher.java, src/main/java/hudson/plugins/ema... | 9.9 | CRITICAL | — | 0 |
| CVE-2020-7055 An issue was discovered in Elementor 2.7.4. Arbitrary file upload is possible in the Elementor Import Templates function, allowing an attacker to execute code via a crafted ZIP archive. | 9.9 | CRITICAL | — | 0 |
| CVE-2017-16338 An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01bad0 the value for the host key is copied using strcpy to the ... | 9.9 | CRITICAL | — | 0 |
| CVE-2017-14444 An exploitable buffer overflow vulnerability exists in Insteon Hub running firmware version 1012. The HTTP server implementation incorrectly handles the URL parameter during a firmware update request,... | 9.9 | CRITICAL | — | 0 |
| CVE-2017-16339 An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01bb1c the value for the uri key is copied using strcpy to the b... | 9.9 | CRITICAL | — | 0 |
| CVE-2024-33109 Directory Traversal in the web interface of the Tiptel IP 286 with firmware version 2.61.13.10 allows attackers to overwrite arbitrary files on the phone via the Ringtone upload function. | 9.9 | CRITICAL | — | 0 |
| CVE-2020-36837 The ThemeGrill Demo Importer plugin for WordPress is vulnerable to authentication bypass due to a missing capability check on the reset_wizard_actions function in versions 1.3.4 through 1.6.1. This ma... | 9.9 | CRITICAL | — | 0 |
| CVE-2017-16340 An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c0e8 the value for the s_dport key is copied using strcpy to t... | 9.9 | CRITICAL | — | 0 |
| CVE-2026-25212 An issue was discovered in Percona PMM before 3.7. Because an internal database user retains specific superuser privileges, an attacker with pmm-admin rights can abuse the "Add data source" feature to... | 9.9 | CRITICAL | — | 0 |
| CVE-2026-33873 Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.9.0, the Agentic Assistant feature in Langflow executes LLM-generated Python code during its validatio... | 9.9 | CRITICAL | — | 0 |
| CVE-2017-16341 An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c224 the value for the s_vol_play key is copied using strcpy t... | 9.9 | CRITICAL | — | 0 |
| CVE-2026-33579 OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the /pair approve command path that fails to forward caller scopes into the core approval check. A caller with pairing privil... | 9.9 | CRITICAL | — | 0 |
| CVE-2025-69403 Unrestricted Upload of File with Dangerous Type vulnerability in Bravis-Themes Bravis Addons bravis-addons allows Using Malicious Files.This issue affects Bravis Addons: from n/a through <= 1.3.0. | 9.9 | CRITICAL | — | 0 |
| CVE-2026-33396 OneUptime is an open-source monitoring and observability platform. Prior to version 10.0.35, a low-privileged authenticated user (ProjectMember) can achieve remote command execution on the Probe conta... | 9.9 | CRITICAL | — | 0 |
| CVE-2025-49844 Redis is an open source, in-memory database that persists on disk. Versions 8.2.1 and below allow an authenticated user to use a specially crafted Lua script to manipulate the garbage collector, trigg... | 9.9 | CRITICAL | — | 0 |
| CVE-2021-38163 SAP NetWeaver (Visual Composer 7.0 RT) versions - 7.30, 7.31, 7.40, 7.50, without restriction, an attacker authenticated as a non-administrative user can upload a malicious file over a network and tri... | 9.9 | CRITICAL | KEV | 0 |
| CVE-2026-25366 Improper Control of Generation of Code ('Code Injection') vulnerability in Themeisle Woody ad snippets insert-php allows Code Injection.This issue affects Woody ad snippets: from n/a through <= 2.7.1. | 9.9 | CRITICAL | — | 0 |
| CVE-2017-16342 An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c254 the value for the s_vol_dim_delta key is copied using str... | 9.9 | CRITICAL | — | 0 |
| CVE-2026-32306 OneUptime is a solution for monitoring and managing online services. Prior to 10.0.23, the telemetry aggregation API accepts user-controlled aggregationType, aggregateColumnName, and aggregationTimest... | 9.9 | CRITICAL | — | 0 |
| CVE-2025-66956 Insecure Access Control in Contact Plan, E-Mail, SMS and Fax components in Asseco SEE Live 2.0 allows remote attackers to access and execute attachments via a computable URL. | 9.9 | CRITICAL | — | 0 |
| CVE-2026-30860 WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.2.12, a remote code execution (RCE) vulnerability exists in the application's da... | 9.9 | CRITICAL | — | 0 |
| CVE-2026-24848 OpenEMR is a free and open source electronic health records and medical practice management application. In 7.0.4 and earlier, the disposeDocument() method in EtherFaxActions.php allows authenticated ... | 9.9 | CRITICAL | — | 0 |
| CVE-2026-30861 WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. From version 0.2.5 to before version 0.2.10, an unauthenticated remote code execution (RCE) vulnera... | 9.9 | CRITICAL | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.