QNAP QTS and QuTS Hero - OS Command Injection

An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later...

CVE-2026-2647

creationtimestamp| type| source ---|---|--- 2026-02-28 01:38:23+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mfv3ofkqt22u...

CVE-2026-2647

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CGA-2647-6XPM-GM59

Bulletin has no description...

MiracleLinux 4 : rh-mysql56-mysql-5.6.39-1.AXS4.1 (AXSA:2018-2638:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-2638:01 advisory. mysql: sha256password authentication DoS via long password CVE-2018-2696 mysql: Server : Partition unspecified vulnerability CPU Jan 2018...

MiracleLinux 7 : rh-mysql56-mysql-5.6.39-1.el7.1 (AXSA:2018-2639:01)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2018-2639:01 advisory. mysql: sha256password authentication DoS via long password CVE-2018-2696 mysql: Server : Partition unspecified vulnerability CPU Jan 2018...

EUVD-2026-2647

EUVD-2026-2647...

CVE-2020-2647

Vulnerability in the Oracle Solaris product of Oracle Systems component: Kernel. Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris...

CVE-2025-2647

A vulnerability was found in PHPGurukul Art Gallery Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /search.php. The manipulation of the argument Search leads to sql injection. The attack may be launched remotely. The exploit...

CVE-2025-2647

creationtimestamp| type| source ---|---|--- 2025-03-23 12:30:27+00:00| published-proof-of-concept| Telegram/SimtlYSWAu4a50RNZLq43tlMg6yM1hAsbeUI0zQMoQeEfU 2025-03-23 13:58:40+00:00| seen| https://t.me/cvedetector/20897...

CVE-2025-2647 PHPGurukul Art Gallery Management System search.php sql injection

A vulnerability was found in PHPGurukul Art Gallery Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /search.php. The manipulation of the argument Search leads to sql injection. The attack may be launched remotely. The exploit...

CVE-2025-2647

The CVE-2025-2647 entry covers a SQL injection in PHPGurukul Art Gallery Management System 1.0, specifically in /search.php when processing the Search parameter. Multiple sources confirm remote exploitation is possible and that the exploit has been disclosed publicly. The related documents consis...

CVE-2025-2647 PHPGurukul Art Gallery Management System search.php sql injection

A vulnerability was found in PHPGurukul Art Gallery Management System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /search.php. The manipulation of the argument Search leads to sql injection. The attack may be launched remotely. The exploit...

CVE-2024-2647

creationtimestamp| type| source ---|---|--- 2025-02-14 09:46:59+00:00| seen| Telegram/Wvrd8-zomoL4k8WJJbF4EChJwd2LV21O2l8M7DuhkYtUQ8...

Amazon Linux 2 : python-dns (ALAS-2024-2647)

The version of python-dns installed on the remote host is prior to 1.12.0-4.20150617git465785f. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2024-2647 advisory. eventlet before 0.35.2, as used in dnspython before 2.6.0, allows remote attackers to interfere with DNS nam...

RHEL 6 / 7 : rh-mysql57-mysql (RHSA-2018:0586)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0586 advisory. - mysql: Server: InnoDB unspecified vulnerability CPU Jan 2018 CVE-2018-2565 - mysql: Server: GIS unspecified vulnerability CPU Jan 2018...

RHEL 6 / 7 : rh-mysql56-mysql (RHSA-2018:0587)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:0587 advisory. MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The...

CVE-2024-2647

CVE-2024-2647 affects Netentsec NS-ASG Application Security Gateway (v6.3). The issue is a SQL injection in the /admin/singlelogin.php endpoint caused by improper handling of the loginId parameter. Attacks can be remote, and disclosures exist publicly. Multiple sources corroborate the vulnerabili...

openSUSE: Security Advisory for tiff (SUSE-SU-2022:2647-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2023-2647

creationtimestamp| type| source ---|---|--- 2023-05-11 12:15:22+00:00| seen| https://t.me/cibsecurity/63870...