fl-manager-components-datasets-torch (=0.1.0), fl-manager-components-formatters-pillow (=0.1.0) +11 more potentially affected by CVE-2026-24186 via nvflare (>=2.2.0 <=2.7.1)

nvflare PYPI version =2.2.0, =0.1.0, =0.2.0, =3.1.27, =3.1.27, =3.1.29, =3.1.31 Source cves: CVE-2026-24186 Source advisory: SNYK:PYTHON-NVFLARE-16318746...

Security Bulletin: NVIDIA FLARE SDK - April 2026

NVIDIA has released a software update for NVIDIA® FLARE™ SDK. To protect your system, clone or update this software to NVIDIA FLARE SDK v2.7.2 or later from NVIDIA/NVFlare on GitHub. Go to NVIDIA Product Security. Details The following table summarizes the potential vulnerabilities that this...

CVE-2020-24186

A Remote Code Execution vulnerability exists in the gVectors wpDiscuz plugin 7.0 through 7.0.4 for WordPress, which allows unauthenticated users to upload any type of file, including PHP files via the wmuUploadFiles AJAX action...

CVE-2024-24186

Jsish v3.5.0 commit 42c694c was discovered to contain a stack-overflow via the component IterGetKeysCallback at /jsish/src/jsiValue.c...

CVE-2024-45107 ZDI-CAN-24186: Adobe Acrobat Reader DC Doc Object Use-After-Free Information Disclosure Vulnerability

Acrobat Reader versions 20.005.30636, 24.002.20964, 24.001.30123, 24.002.20991 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue...

CVE-2024-45107 ZDI-CAN-24186: Adobe Acrobat Reader DC Doc Object Use-After-Free Information Disclosure Vulnerability

Acrobat Reader versions 20.005.30636, 24.002.20964, 24.001.30123, 24.002.20991 and earlier are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue...

CVE-2024-24186

creationtimestamp| type| source ---|---|--- 2024-02-07 15:26:30+00:00| seen| https://t.me/ctinow/180746 2024-02-10 08:16:20+00:00| seen| https://t.me/ctinow/182456 2024-03-01 19:47:05+00:00| seen| https://t.me/ctinow/197943...

CVE-2024-24186

Jsish v3.5.0 is affected by a stack overflow in the IterGetKeysCallback path (file /jsish/src/jsiValue.c). The issue is documented across multiple sources with a CRITICAL impact (CVSS: 9.8) and a network attack vector, no user interaction required. Technical details consistently point to the Iter...

Metasploit Wrap-Up

Containers that fail to Contain Our own Christophe De La Fuente added a module for CVE-2019-5736 based on the work of Adam Iwaniuk that breaks out of a Docker container by overwriting the runc binary of an image which is run in the user context whenever someone outside the container runs docker...

WordPress wpDiscuz 7.0.4 Shell Upload Exploit

This Metasploit module exploits an arbitrary file upload in the WordPress wpDiscuz plugin versions from 7.0.0 through 7.0.4. This flaw gave unauthenticated attackers the ability to upload arbitrary files, including PHP files, and achieve remote code execution on a vulnerable server. This module...

WordPress wpDiscuz 7.0.4 Shell Upload

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress wpDiscuz Unauthenticated File Upload Vulnerability', 'Description' = %q This module exploits an arbitrary file upload in the WordPress...

WordPress wpDiscuz Unauthenticated File Upload Vulnerability

This module exploits an arbitrary file upload in the WordPress wpDiscuz plugin versions = 7.0.0 and use exploit/unix/webapp/wpwpdiscuzunauthenticatedfileupload msf exploitwpwpdiscuzunauthenticatedfileupload show targets ...targets... msf exploitwpwpdiscuzunauthenticatedfileupload set TARGET msf...

CVE-2020-24186

creationtimestamp| type| source ---|---|--- 2021-06-25 21:29:57+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/wpwpdiscuzunauthenticatedfileupload.rb 2022-04-06 13:34:15+00:00| published-proof-of-concept| https://t.me/intelexch/11722 2022-06-2...

Exploit for Unrestricted Upload of File with Dangerous Type in Gvectors Wpdiscuz

POC CVE-2020-24186-wpDiscuz-7.0.4-RCE WordPress wpDiscuz 7.0...

Exploit for Unrestricted Upload of File with Dangerous Type in Gvectors Wpdiscuz

POC CVE-2020-24186-wpDiscuz-7.0.4-RCE WordPress wpDiscuz 7.0...

WordPress wpDiscuz 7.0.4 Plugin - Remote Code Execution (Unauthenticated) Exploit

Exploit Title: WordPress Plugin wpDiscuz 7.0.4 - Remote Code Execution Unauthenticated Exploit Author: Fellipe Oliveira Vendor Homepage: https://gvectors.com/ Software Link: https://downloads.wordpress.org/plugin/wpdiscuz.7.0.4.zip Version: wpDiscuz 7.0.4 Tested on: Debian9, Windows 7, Windows 10...

WordPress Plugin wpDiscuz 7.0.4 - Remote Code Execution (Unauthenticated)

Exploit Title: WordPress Plugin wpDiscuz 7.0.4 - Remote Code Execution Unauthenticated Date: 2021/06/08 Exploit Author: Fellipe Oliveira Vendor Homepage: https://gvectors.com/ Software Link: https://downloads.wordpress.org/plugin/wpdiscuz.7.0.4.zip Version: wpDiscuz 7.0.4 Tested on: Debian9,...

Wordpress Plugin wpDiscuz 7.0.4 - Arbitrary File Upload (Unauthenticated)

Exploit Title: Wordpress Plugin wpDiscuz 7.0.4 - Arbitrary File Upload Unauthenticated Google Dork: inurl:/wp-content/plugins/wpdiscuz/ Date: 2021-06-06 Original Author: Chloe Chamberland Exploit Author: Juampa Rodríguez aka UnD3sc0n0c1d0 Vendor Homepage: https://gvectors.com/ Software Link:...

Wordpress wpDiscuz 7.0.4 Plugin - Arbitrary File Upload (Unauthenticated) Exploit

Exploit Title: Wordpress Plugin wpDiscuz 7.0.4 - Arbitrary File Upload Unauthenticated Google Dork: inurl:/wp-content/plugins/wpdiscuz/ Original Author: Chloe Chamberland Exploit Author: Juampa Rodríguez aka UnD3sc0n0c1d0 Vendor Homepage: https://gvectors.com/ Software Link:...

WordPress wpDiscuz 7.0.4 Shell Upload

Exploit Title: Wordpress Plugin wpDiscuz 7.0.4 - Arbitrary File Upload Unauthenticated Google Dork: inurl:/wp-content/plugins/wpdiscuz/ Date: 2021-06-06 Original Author: Chloe Chamberland Exploit Author: Juampa Rodríguez aka UnD3sc0n0c1d0 Vendor Homepage: https://gvectors.com/ Software Link:...