Lucene search
+L

513 matches found

CNNVD
CNNVD
added 2026/02/20 12:0 a.m.10 views

WordPress plugin Upload Files Anywhere 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

7.5CVSS5.8AI score0.00362EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/20 12:0 a.m.6 views

PT-2026-21160

Name of the Vulnerable Software and Affected Versions vanquish Upload Files Anywhere versions prior to and including 2.8 Description The software contains a flaw related to improper limitation of a pathname to a restricted directory, specifically a 'Path Traversal' issue. This impacts the Upload...

5.3AI score0.00371EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/02/19 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2019-25355

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - gSOAP 2.8 contains a directory traversal vulnerability that allows unauthenticated attackers to access system files by manipulating HTTP path traversal...

8.7CVSS7.1AI score0.01206EPSS
Exploits1References2
OSV
OSV
added 2026/02/18 10:16 p.m.6 views

UBUNTU-CVE-2019-25355

gSOAP 2.8 contains a directory traversal vulnerability that allows unauthenticated attackers to access system files by manipulating HTTP path traversal techniques. Attackers can retrieve sensitive files like /etc/passwd by sending crafted GET requests with multiple '../' directory traversal...

8.7CVSS7.3AI score0.01206EPSS
Exploits1References6
CVE
CVE
added 2026/02/18 9:55 p.m.51 views

CVE-2019-25355

CVE-2019-25355 affects gSOAP 2.8, where an unauthenticated attacker can perform HTTP path traversal to access sensitive files (e.g., /etc/passwd) by sending crafted GET requests with multiple "../" sequences. Root cause is directory traversal in the HTTP path handling. Documented impact indicates...

8.7CVSS5.5AI score0.01206EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/11 12:0 a.m.13 views

PT-2026-7688

Top Password Firefox Password Recovery 2.8 contains a denial of service vulnerability that allows attackers to crash the application by overflowing input fields. Attackers can trigger the vulnerability by inserting 5000 characters into the User Name or Registration Code input fields...

7.5CVSS5.6AI score0.00282EPSS
Exploits0References4
Patchstack
Patchstack
added 2026/02/09 7:8 a.m.5 views

WordPress Upload Files Anywhere plugin <= 2.8 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Upload Files Anywhere versions = 2.8...

8.6CVSS5.5AI score0.00371EPSS
Exploits0Affected Software1
OPENSUSE Linux
OPENSUSE Linux
added 2026/02/04 12:0 a.m.2 views

patch-2.8-2.1 on GA media (moderate)

patch-2.8-2.1 on GA media Announcement ID: openSUSE-SU-2026:10140-1 Rating: moderate Cross-References: CVE-2021-45261 CVSS scores: CVE-2021-45261 SUSE : 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be...

3.3CVSS5.4AI score0.00705EPSS
Exploits1
Cvelist
Cvelist
added 2026/02/03 2:8 p.m.39 views

CVE-2026-24997 WordPress Wired Impact Volunteer Management plugin <= 2.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in Wired Impact Wired Impact Volunteer Management wired-impact-volunteer-management allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wired Impact Volunteer Management: from n/a through = 2.8...

5.3CVSS0.00176EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/03 2:8 p.m.3 views

CVE-2026-24997

Missing Authorization vulnerability in Wired Impact Wired Impact Volunteer Management wired-impact-volunteer-management allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wired Impact Volunteer Management: from n/a through = 2.8...

5.3AI score0.00176EPSS
Exploits0References2
CVE
CVE
added 2026/02/03 2:8 p.m.13 views

CVE-2026-24997

CVE-2026-24997 affects Wired Impact Volunteer Management (WordPress plugin) versions prior to 2.9, describing a Missing/Unauthorized Access vulnerability due to incorrectly configured access control. The CVE indicates unauthenticated access (no privileges required) with network attack vector and ...

5.3CVSS5.3AI score0.00176EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/01/31 12:0 a.m.6 views

RockyLinux 8 : gimp:2.8 (RLSA-2026:1574)

The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:1574 advisory. gimp: GIMP: Remote Code Execution via PNM file parsing integer overflow CVE-2025-14422 Tenable has extracted the preceding description block directly from the...

7.8CVSS7.4AI score0.00508EPSS
Exploits1References3
OSV
OSV
added 2026/01/30 10:11 a.m.8 views

RHSA-2026:1591 Red Hat Security Advisory: gimp:2.8 security update

Bulletin has no description...

7.8CVSS7.1AI score0.00508EPSS
Exploits1References9
OSV
OSV
added 2026/01/30 10:11 a.m.6 views

RHSA-2026:1588 Red Hat Security Advisory: gimp:2.8 security update

Bulletin has no description...

7.8CVSS5.8AI score0.00508EPSS
Exploits1References9
OSV
OSV
added 2026/01/30 10:11 a.m.5 views

RHSA-2026:1574 Red Hat Security Advisory: gimp:2.8 security update

Bulletin has no description...

7.8CVSS7.1AI score0.00508EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2026/01/29 12:0 a.m.6 views

AlmaLinux 8 : gimp:2.8 (ALSA-2026:1574)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:1574 advisory. gimp: GIMP: Remote Code Execution via PNM file parsing integer overflow CVE-2025-14422 Tenable has extracted the preceding description block directly from the...

7.8CVSS6AI score0.00508EPSS
Exploits1References3
Patchstack
Patchstack
added 2026/01/24 4:42 p.m.7 views

WordPress Wired Impact Volunteer Management plugin <= 2.8 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by hhhai in WordPress Plugin Wired Impact Volunteer Management versions = 2.8...

5.3CVSS5.3AI score0.00176EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.7 views

MiracleLinux 8 : gimp:2.8 (AXSA:2024-7549:01)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7549:01 advisory. gimp: PSD buffer overflow RCE CVE-2023-44442 gimp: psp off-by-one RCE CVE-2023-44444 Tenable has extracted the preceding description block directly...

7.8CVSS5.9AI score0.61427EPSS
Exploits0References3
OSV
OSV
added 2026/01/14 10:38 a.m.5 views

RHSA-2026:0356 Red Hat Security Advisory: gimp:2.8 security update

Bulletin has no description...

7.8CVSS6.9AI score0.00644EPSS
Exploits0References15
Patchstack
Patchstack
added 2026/01/12 2:7 p.m.11 views

WordPress Search & Go theme <= 2.8 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Search & Go versions = 2.8...

8.1CVSS7.1AI score0.00403EPSS
Exploits0Affected Software1
Rows per page
Query Builder