ShowDoc Vulnerability Patched in 2020 Now Used in Active Server Takeovers

Hackers are exploiting a 5-year-old ShowDoc vulnerability CVE-2025-0520 to deploy web shells, enabling RCE and full server takeover worldwide...

CVE-2021-0520

In several functions of MemoryFileSystem.cpp and related files, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

EUVD-2026-0520

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

Linux Distros Unpatched Vulnerability : CVE-2017-0520

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An elevation of privilege vulnerability in the Qualcomm crypto engine driver could enable a local malicious application to execute arbitrary code within the...

CVE-2024-0520

creationtimestamp| type| source ---|---|--- 2025-08-20 21:02:36+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lwud7aeoyh2c...

Important Photon OS Security Update - PHSA-2025-5.0-0520

Updates of 'frr' packages of Photon OS have been released...

CVE-2025-0520

An unrestricted file upload vulnerability in ShowDoc caused by improper validation of file extension allows execution of arbitrary PHP, leading to remote code execution.This issue affects ShowDoc: before 2.8.7...

CVE-2025-0520

creationtimestamp| type| source ---|---|--- 2025-04-29 20:12:44+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/13918 2025-04-29 23:31:43+00:00| seen| https://t.me/cvedetector/24050 2025-04-29 23:50:45+00:00| seen|...

CVE-2025-0520

CVE-2025-0520 describes an unrestricted file upload vulnerability in ShowDoc caused by improper validation of file extensions, allowing execution of arbitrary PHP and remote code execution on affected installations. The issue affects ShowDoc versions before 2.8.7. Multiple connected sources corro...

CVE-2025-0520 ShowDoc < 2.8.7 Unauthenticated File Upload Remote Code Execution

An unrestricted file upload vulnerability in ShowDoc caused by improper validation of file extension allows execution of arbitrary PHP, leading to remote code execution.This issue affects ShowDoc: before 2.8.7...

CVE-2024-0520

A vulnerability in mlflow/mlflow version 8.2.1 allows for remote code execution due to improper neutralization of special elements used in an OS command 'Command Injection' within the mlflow.data.httpdatasetsource.py module. Specifically, when loading a dataset from a source URL with an HTTP...

Photon OS 4.0: Vim PHSA-2023-4.0-0520

An update of the vim package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0520. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid20415...

Photon OS 3.0: U PHSA-2023-3.0-0520

An update of the u package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-3.0-0520. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid203877;...

Photon OS 4.0: Squid PHSA-2023-4.0-0520

An update of the squid package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0520. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 3.0: Nss PHSA-2023-3.0-0520

An update of the nss package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-3.0-0520. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid20388...

a2 (>=0.1.0 <=0.3.17), abnativ (>=1.1.0 <=1.2.9) +337 more potentially affected by CVE-2024-0520 via mlflow (>=0.8.2 <=2.8.1)

mlflow PYPI version =0.8.2, =0.1.0, =1.1.0, =0.0.5, =0.1.0, =0.1.0, =1.7.0, =1.7.0, =1.8.0, =1.7.0, =1.7.0, =0.1.1, =0.1.5 - anovos =1.1.0 - apache-submarine =0.6.0 and more Source cves: CVE-2024-0520 Source advisory: OSV:GHSA-5Q6C-FFVG-XCM9...

CVE-2024-0520

A vulnerability in mlflow/mlflow version 8.2.1 allows for remote code execution due to improper neutralization of special elements used in an OS command 'Command Injection' within the mlflow.data.httpdatasetsource.py module. Specifically, when loading a dataset from a source URL with an HTTP...

a2 (>=0.1.0 <=0.3.17), abnativ (>=1.1.0 <=1.2.9) +337 more potentially affected by CVE-2024-0520 via mlflow (>=0.8.2 <=2.8.1)

mlflow PYPI version =0.8.2, =0.1.0, =1.1.0, =0.0.5, =0.1.0, =0.1.0, =1.7.0, =1.7.0, =1.8.0, =1.7.0, =1.7.0, =0.1.1, =0.1.5 - anovos =1.1.0 - apache-submarine =0.6.0 and more Source cves: CVE-2024-0520 Source advisory: OSV:PYSEC-2024-239...

SUSE: Security Advisory (SUSE-SU-2024:0520-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Important Photon OS Security Update - PHSA-2023-4.0-0520

Updates of 'vim', 'squid' packages of Photon OS have been released...