Exploit for CVE-2026-2636

CVE-2026-2636 CVE-2026-2636 poc win1123h2...

CVE-2026-2636

creationtimestamp| type| source ---|---|--- 2026-02-25 19:01:59+00:00| seen| https://bsky.app/profile/coreimpact.bsky.social/post/3mfpelqtb7q2s 2026-02-26 08:59:46+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3mfqtfnr2s2u2 2026-02-26...

MiracleLinux 7 : kernel-3.10.0-514.16.1.el7 (AXSA:2017-1648:04)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-1648:04 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operatin...

MiracleLinux 7 : python-paramiko-2.1.1-4.el7 (AXSA:2018-2636:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2018-2636:01 advisory. python-paramiko: Authentication bypass in transport.py CVE-2018-7750 Tenable has extracted the preceding description block directly from the MiracleLinux...

MiracleLinux 4 : kernel-2.6.32-696.1.1.el6 (AXSA:2017-1639:03)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2017-1639:03 advisory. The kernel package contains the Linux kernel vmlinuz, the core of any Linux operating system. The kernel handles the basic functions of the operatin...

EUVD-2026-2636

EUVD-2026-2636...

ECHO-A45D-041F-2636

Bulletin has no description...

CVE-2024-11716

While assignment of a user to a team bracket in CTFd should be possible only once, at the registration, a flaw in logic implementation allows an authenticated user to reset it's bracket and then pick a new one, joining another team while a competition is already ongoing. This issue impacts releas...

CVE-2025-2636

creationtimestamp| type| source ---|---|--- 2025-04-11 04:49:37+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/11385 2025-04-11 05:43:38+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lmjcrdhepi2a 2025-04-11 07:48:41+00:00| seen|...

CVE-2025-2636 InstaWP Connect <= 0.1.0.85 - Unauthenticated Local PHP File Inclusion

The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 0.1.0.85 via the 'instawp-database-manager' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files ...

WordPress InstaWP Connect plugin <= 0.1.0.85 - Unauthenticated Local PHP File Inclusion vulnerability

Unauthenticated Local PHP File Inclusion vulnerability discovered by Cheng Liu in WordPress Plugin InstaWP Connect versions = 0.1.0.85...

CVE-2024-11716

While assignment of a user to a team bracket in CTFd should be possible only once, at the registration, a flaw in logic implementation allows an authenticated user to reset it's bracket and then pick a new one, joining another team while a competition is already ongoing. This issue impacts releas...

Amazon Linux 2 : systemd (ALAS-2024-2636)

The version of systemd installed on the remote host is prior to 219-78. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2636 advisory. An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the...

CVE-2024-2636

creationtimestamp| type| source ---|---|--- 2024-03-19 14:26:52+00:00| seen| https://t.me/ctinow/211523 2024-03-19 14:26:57+00:00| seen| https://t.me/ctinow/211526...

CVE-2024-2636

An Unrestricted Upload of File vulnerability has been found on Cegid Meta4 HR, that allows an attacker to upload malicios files to the server via '/config/espanol/updatepassword.jsp' file. Modifying the 'M4NEWPASSWORD' parameter, an attacker could store a malicious JSP file inside the file...

CVE-2024-2636 Multiple vulnerabilities on Meta4 HR from Cegid

An Unrestricted Upload of File vulnerability has been found on Cegid Meta4 HR, that allows an attacker to upload malicios files to the server via '/config/espanol/updatepassword.jsp' file. Modifying the 'M4NEWPASSWORD' parameter, an attacker could store a malicious JSP file inside the file...

CVE-2024-2636

The CVE-2024-2636 issue affects Cegid Meta4 HR and is an Unrestricted Upload of File vulnerability. An attacker can upload malicious files via the path /config/espanol/update_password.jsp by modifying the M4_NEW_PASSWORD parameter, enabling a potentially executed JSP file when loaded by the appli...

CVE-2024-2636 Multiple vulnerabilities on Meta4 HR from Cegid

An Unrestricted Upload of File vulnerability has been found on Cegid Meta4 HR, that allows an attacker to upload malicios files to the server via '/config/espanol/updatepassword.jsp' file. Modifying the 'M4NEWPASSWORD' parameter, an attacker could store a malicious JSP file inside the file...

Code injection

Studio Network Solutions ShareBrowser before 7.0 on macOS mishandles signature verification, aka PMP-2636...

CVE-2023-44077

Studio Network Solutions ShareBrowser for macOS is affected by CVE-2023-44077. The issue is a mishandling of signature verification in ShareBrowser versions prior to 7.0, which is the root cause described across Red Hat, NVD, CNNVD, and PT-2024-13170 sources. The vulnerability impacts ShareBrowse...