Lucene search
K

30 matches found

NVD
NVD
added 2026/03/05 6:16 a.m.6 views

CVE-2026-28039

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in wpDataTables wpDataTables wpdatatables allows PHP Local File Inclusion.This issue affects wpDataTables: from n/a through = 6.5.0.1...

7.5CVSS0.00349EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2020-28039

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - isprotectedmeta in wp-includes/meta.php in WordPress before 5.5.2 allows arbitrary file deletion because it does not properly determine whether a meta key is...

9.1CVSS8.2AI score0.04059EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/04/26 5:31 a.m.9 views

CVE-2025-28039

TOTOLINK EX1200T V4.1.2cu.5232B20210713 was found to contain a pre-auth remote command execution vulnerability in the setUpgradeFW function through the FileName parameter...

9.8CVSS7.4AI score0.00919EPSS
Exploits1References1
Circl
Circl
added 2025/04/22 8:19 p.m.9 views

CVE-2025-28039

creationtimestamp| type| source ---|---|--- 2025-04-22 20:19:20+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lngitkv5l32j 2025-04-22 21:48:27+00:00| seen| https://mastodon.social/users/CyberSignaler/statuses/114383815074253600...

9.8CVSS6.9AI score0.00919EPSS
Exploits1References2
NVD
NVD
added 2025/04/22 6:15 p.m.26 views

CVE-2025-28039

TOTOLINK EX1200T V4.1.2cu.5232B20210713 was found to contain a pre-auth remote command execution vulnerability in the setUpgradeFW function through the FileName parameter...

9.8CVSS0.00919EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/04/22 12:0 a.m.7 views

CVE-2025-28039

TOTOLINK EX1200T V4.1.2cu.5232B20210713 was found to contain a pre-auth remote command execution vulnerability in the setUpgradeFW function through the FileName parameter...

7.3AI score0.00919EPSS
Exploits1References1
CVE
CVE
added 2025/04/22 12:0 a.m.60 views

CVE-2025-28039

CVE-2025-28039 affects TOTOLINK EX1200T (V4.1.2cu.5232_B20210713). A pre-auth remote command execution vulnerability exists in the setUpgradeFW function via the FileName parameter. CVSSv3.1: 9.8 (CRITICAL); Attack Vector: Network; Privileges Required: None; User Interaction: None; Impact: Confide...

9.8CVSS7.6AI score0.00919EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/04/22 12:0 a.m.15 views

CVE-2025-28039

TOTOLINK EX1200T V4.1.2cu.5232B20210713 was found to contain a pre-auth remote command execution vulnerability in the setUpgradeFW function through the FileName parameter...

0.00919EPSS
Exploits1References1
Circl
Circl
added 2024/03/18 10:21 a.m.7 views

CVE-2024-28039

creationtimestamp| type| source ---|---|--- 2024-03-18 10:21:33+00:00| seen| https://t.me/ctinow/210352 2024-03-18 10:26:56+00:00| seen| https://t.me/ctinow/210353...

5.8CVSS8.1AI score0.00726EPSS
Exploits0References2
NVD
NVD
added 2024/03/18 9:15 a.m.10 views

CVE-2024-28039

Improper restriction of XML external entity references vulnerability exists in FitNesse all releases, which allows a remote unauthenticated attacker to obtain sensitive information, alter data, or cause a denial-of-service DoS condition...

5.8CVSS6.6AI score0.00726EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/03/18 8:13 a.m.19 views

CVE-2024-28039

Improper restriction of XML external entity references vulnerability exists in FitNesse all releases, which allows a remote unauthenticated attacker to obtain sensitive information, alter data, or cause a denial-of-service DoS condition...

6.8AI score0.00726EPSS
Exploits0References4
CVE
CVE
added 2024/03/18 8:13 a.m.57 views

CVE-2024-28039

CVE-2024-28039 affects FitNesse (all releases) with an improper restriction of XML external entity references (CWE-611). A remote, unauthenticated attacker can potentially obtain sensitive information, alter data, or cause a denial-of-service (DoS). Public documents consistently describe the impa...

5.8CVSS6.8AI score0.00726EPSS
Exploits0References4
OSV
OSV
added 2023/06/23 10:15 a.m.6 views

CVE-2023-28039

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable...

6.7CVSS5.8AI score0.00168EPSS
Exploits0References1
CVE
CVE
added 2023/06/23 9:51 a.m.55 views

CVE-2023-28039

Dell BIOS contains an improper input validation vulnerability that could allow a local authenticated user with administrator privileges to modify a UEFI variable. The issue affects Dell BIOS firmware and is described across multiple sources (e.g., Dell KB article DSA-2023-099). No exploitation de...

6.7CVSS6.2AI score0.00168EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/06/23 9:51 a.m.12 views

CVE-2023-28039

Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with administrator privileges may potentially exploit this vulnerability in order to modify a UEFI variable...

5.1CVSS6.5AI score0.00168EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.30 views

Mageia: Security Advisory (MGASA-2021-0117)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.5CVSS7AI score0.00708EPSS
Exploits1References7
Circl
Circl
added 2021/03/05 8:47 p.m.7 views

CVE-2021-28039

creationtimestamp| type| source ---|---|--- 2021-03-05 20:47:59+00:00| seen| https://t.me/cibsecurity/24544...

6.5CVSS7.1AI score0.00424EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2021/03/05 6:15 p.m.39 views

CVE-2021-28039

An issue was discovered in the Linux kernel 5.9.x through 5.11.3, as used with Xen. In some less-common configurations, an x86 PV guest OS user can crash a Dom0 or driver domain via a large amount of I/O activity. The issue relates to misuse of guest physical addresses when a configuration has...

6.5CVSS6.8AI score0.00424EPSS
Exploits0References4
CVE
CVE
added 2021/03/05 12:0 a.m.130 views

CVE-2021-28039

CVE-2021-28039 affects the Linux kernel 5.9.x–5.11.3 (used with Xen). In some configurations, an x86 PV guest OS user can crash the Dom0 or a driver domain by generating a large amount of I/O. Root cause is the misuse of guest physical addresses when CONFIG_XEN_UNPOPULATED_ALLOC is set but CONFIG...

6.5CVSS5.9AI score0.00424EPSS
Exploits0References4Affected Software2
OpenVAS
OpenVAS
added 2020/11/11 12:0 a.m.21 views

Fedora: Security Advisory for wordpress (FEDORA-2020-b386fac43a)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

9.8CVSS7.1AI score0.16119EPSS
Exploits1References2
Rows per page
Query Builder