Lucene search
K

56 matches found

Circl
Circl
added 2026/06/01 1:35 p.m.10 views

CVE-2026-10250

creationtimestamp| type| source ---|---|--- 2026-06-01 13:35:41+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mna74nz7qw2t...

7.5CVSS7.1AI score0.00263EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/01 10:45 a.m.32 views

CVE-2026-10250 itsourcecode Online Blood Bank Management System campsdetails.php sql injection

A security flaw has been discovered in itsourcecode Online Blood Bank Management System 1.0. The affected element is an unknown function of the file /admin/campsdetails.php. Performing a manipulation of the argument hospital results in sql injection. The attack is possible to be carried out...

7.5CVSS0.00263EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/01 10:45 a.m.8 views

CVE-2026-10250

A security flaw has been discovered in itsourcecode Online Blood Bank Management System 1.0. The affected element is an unknown function of the file /admin/campsdetails.php. Performing a manipulation of the argument hospital results in sql injection. The attack is possible to be carried out...

7.5CVSS6.9AI score0.00263EPSS
Exploits0References6Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 12:19 p.m.7 views

CVE-2018-10250

iCMS V7.0.8 has XSS via the admincp.php keywords parameter in a weixincategory action, aka a WeChat Classified Management keyword search...

5.4CVSS5.9AI score0.00637EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:51 a.m.6 views

CVE-2020-10250

BWA DiREX-Pro 1.2181 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the PKG parameter to uninstall.php3...

10CVSS8.1AI score0.02629EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-26142

Malicious code in bioql PyPI...

10CVSS6.6AI score0.00759EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2025/09/13 12:23 p.m.13 views

CVE-2025-10250

A weakness has been identified in DJI Mavic Spark, Mavic Air and Mavic Mini 01.00.0500. Affected is an unknown function of the component Telemetry Channel. Executing manipulation can lead to use of hard-coded cryptographic key . The attacker needs to be present on the local network. A high...

5CVSS6AI score0.00226EPSS
Exploits0References1
Circl
Circl
added 2025/09/11 2:9 p.m.11 views

CVE-2025-10250

creationtimestamp| type| source ---|---|--- 2025-09-11 14:09:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lykwfcijgr2c...

5CVSS5.8AI score0.00226EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/08/30 6:18 p.m.4 views

CVE-2025-34160

AnyShare contains a critical unauthenticated remote code execution vulnerability in the ServiceAgent API exposed on port 10250. The endpoint /api/ServiceAgent/startservice accepts user-supplied input via POST and fails to sanitize command-like payloads. An attacker can inject shell syntax that is...

10CVSS8.5AI score0.00759EPSS
Exploits0References1
NVD
NVD
added 2025/08/27 10:15 p.m.3 views

CVE-2025-34160

AnyShare contains a critical unauthenticated remote code execution vulnerability in the ServiceAgent API exposed on port 10250. The endpoint /api/ServiceAgent/startservice accepts user-supplied input via POST and fails to sanitize command-like payloads. An attacker can inject shell syntax that is...

10CVSS0.00759EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2025/08/27 9:22 p.m.3 views

CVE-2025-34160 AnyShare ServiceAgent API Unauthenticated RCE

AnyShare contains a critical unauthenticated remote code execution vulnerability in the ServiceAgent API exposed on port 10250. The endpoint /api/ServiceAgent/startservice accepts user-supplied input via POST and fails to sanitize command-like payloads. An attacker can inject shell syntax that is...

10CVSS8AI score0.00759EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/08/27 9:22 p.m.8 views

CVE-2025-34160 AnyShare ServiceAgent API Unauthenticated RCE

AnyShare contains a critical unauthenticated remote code execution vulnerability in the ServiceAgent API exposed on port 10250. The endpoint /api/ServiceAgent/startservice accepts user-supplied input via POST and fails to sanitize command-like payloads. An attacker can inject shell syntax that is...

10CVSS0.00759EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2025/08/27 9:22 p.m.6 views

CVE-2025-34160

AnyShare contains a critical unauthenticated remote code execution vulnerability in the ServiceAgent API exposed on port 10250. The endpoint /api/ServiceAgent/startservice accepts user-supplied input via POST and fails to sanitize command-like payloads. An attacker can inject shell syntax that is...

10CVSS6.6AI score0.00759EPSS
Exploits0References6
CVE
CVE
added 2025/08/27 9:22 p.m.20 views

CVE-2025-34160

CVE-2025-34160 affects AnyShare via the ServiceAgent API exposed on port 10250. The endpoint "/api/ServiceAgent/start_service" accepts POST input and fails to sanitize command-like payloads, enabling unauthenticated remote code execution (RCE) when an attacker injects shell syntax that is execute...

10CVSS8AI score0.00759EPSS
In wildExploits0References5
Positive Technologies
Positive Technologies
added 2025/08/27 12:0 a.m.4 views

PT-2025-34943 · Anyshare · Anyshare

Name of the Vulnerable Software and Affected Versions: AnyShare affected versions not specified Description: AnyShare contains a critical unauthenticated remote code execution issue in the ServiceAgent API exposed on port 10250. The /api/ServiceAgent/start service endpoint accepts user-supplied...

10CVSS7.7AI score0.00759EPSS
Exploits0References10
VulnCheck KEV
VulnCheck KEV
added 2025/07/11 12:0 a.m.6 views

VulnCheck KEV: CVE-2025-34160

AnyShare contains a critical unauthenticated remote code execution vulnerability in the ServiceAgent API exposed on port 10250. The endpoint /api/ServiceAgent/startservice accepts user-supplied input via POST and fails to sanitize command-like payloads. An attacker can inject shell syntax that is...

10CVSS6.5AI score0.00759EPSS
In wildExploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 7:50 a.m.6 views

CVE-2019-10250

UCWeb UC Browser 7.0.185.1002 on Windows uses HTTP for downloading certain PDF modules, which allows MITM attacks...

5.9CVSS7AI score0.00723EPSS
Exploits1References1
SUSE CVE
SUSE CVE
added 2023/02/15 4:1 a.m.2 views

SUSE CVE-2020-8551

The Kubelet component in versions 1.15.0-1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via the kubelet API, including the unauthenticated HTTP read-only API typically served on port 10255, and the authenticated HTTPS API typically served on...

5.3CVSS6.8AI score0.01141EPSS
Exploits0References3
OSV
OSV
added 2022/02/15 1:57 a.m.23 views

GHSA-QHM4-JXV7-J9PQ Allocation of Resources Without Limits or Throttling and Uncontrolled Memory Allocation in Kubernetes

The Kubelet component in versions 1.15.0-1.15.9, 1.16.0-1.16.6, and 1.17.0-1.17.2 has been found to be vulnerable to a denial of service attack via the kubelet API, including the unauthenticated HTTP read-only API typically served on port 10255, and the authenticated HTTPS API typically served on...

4.3CVSS6.3AI score0.01141EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.26 views

Mageia: Security Advisory (MGASA-2017-0474)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.3AI score0.05981EPSS
Exploits12References10
Rows per page
Query Builder