CVE-2026-10072

DreamMaker developed by Interinfo has an Arbitrary File Upload vulnerability, allowing privileged remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...

CVE-2026-10072

creationtimestamp| type| source ---|---|--- 2026-05-29 16:08:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmywblz34b27...

CVE-2018-10072

windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers to cause a denial of service BSOD via a 0x953827bf DeviceIoControl call...

CVE-2013-10072

creationtimestamp| type| source ---|---|--- 2025-10-31 17:56:37+00:00| seen| Telegram/3ziLwmzX0vJv-wXQv6H3SlBOSEp8TPbVYextNLtOH8D64i0...

CVE-2025-10072

creationtimestamp| type| source ---|---|--- 2025-09-08 01:36:23+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lyc2vl4g4u2h...

CVE-2025-10072

A vulnerability was found in Portabilis i-Educar up to 2.10. This issue affects some unknown processing of the file /matricula/IDSTUDENT/enturmar/. Performing manipulation results in improper access controls. It is possible to initiate the attack remotely. The exploit has been made public and cou...

Oracle Linux 9 : firefox (ELSA-2025-10072)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-10072 advisory. 128.12.0-1.0.1 - Fix firefox-oracle-default-prefs.js for new nss Orabug: 37079773 - Add firefox-oracle-default-prefs.js and remove the corresponding R...

CVE-2024-10072

A vulnerability, which was classified as critical, has been found in ESAFENET CDG 5. This issue affects the function actionAddEncryptPolicyGroup of the file /com/esafenet/servlet/policy/EncryptPolicyService.java. The manipulation of the argument checklist leads to sql injection. The attack may be...

CVE-2015-10072

A vulnerability classified as problematic was found in NREL api-umbrella-web 0.7.1. This vulnerability affects unknown code of the component Flash Message Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 0.8.0 is able to address...

Linux Distros Unpatched Vulnerability : CVE-2014-10072

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In utils.c in zsh before 5.0.6, there is a buffer overflow when scanning very long directory paths for symbolic links. CVE-2014-10072 Note that Nessus relies on...

CVE-2024-10072

creationtimestamp| type| source ---|---|--- 2024-10-17 19:59:30+00:00| seen| https://t.me/cvedetector/8201...

CVE-2024-10072 ESAFENET CDG EncryptPolicyService.java actionAddEncryptPolicyGroup sql injection

A vulnerability, which was classified as critical, has been found in ESAFENET CDG 5. This issue affects the function actionAddEncryptPolicyGroup of the file /com/esafenet/servlet/policy/EncryptPolicyService.java. The manipulation of the argument checklist leads to sql injection. The attack may be...

CVE-2019-10072

creationtimestamp| type| source ---|---|--- 2024-01-15 08:41:07+00:00| seen| https://t.me/ctinow/168208...

K17321505: Apache Tomcat vulnerability CVE-2019-10072

Security Advisory Description The fix for CVE-2019-0199 was incomplete and did not address HTTP/2 connection window exhaustion on write in Apache Tomcat versions 9.0.0.M1 to 9.0.19 and 8.5.0 to 8.5.40 . By not sending WINDOWUPDATE messages for the connection window stream 0 clients were able to...

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2022-10072)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-10072 advisory. - proc: procskipspaces shouldn't think it is working on C strings Linus Torvalds Orabug: 34883027 CVE-2022-4378 - proc: avoid integer type confusion i...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-5.16.1.3)

The version of AOS installed on the remote host is prior to 5.16.1.3. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-5.16.1.3 advisory. - When using the Apache JServ Protocol AJP, care must be taken when trusting incoming connections to Apache Tomcat. Tomcat...

SUSE SLES11 Security Update : zsh (SUSE-SU-2022:14910-1)

The remote SUSE Linux SLES11 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:14910-1 advisory. - zsh before 5.0.7 allows evaluation of the initial values of integer variables imported from the environment instead of treating them as...

SUSE: Security Advisory (SUSE-SU-2022:14910-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Mageia: Security Advisory (MGASA-2019-0260)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Vulnerability in Apache Tomcat affects IBM Platform Symphony

Summary This interim fix provides instructions on upgrading Apache Tomcat from v6.0.43 to v8.5.41 in IBM Platform Symphony 7.1 Fix Pack 1 in order to address security vulnerabilities CVE-2019-0199 and CVE-2019-10072 in Apache Tomcat. Vulnerability Details CVE-ID: CVE-2019-0199 DESCRIPTION: Apache...