Lucene search
K

89 matches found

OSV
OSV
added 2026/05/01 6:23 p.m.5 views

ECHO-4358-8DA1-DCB5

Bulletin has no description...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:7 p.m.6 views

CVE-2026-4358

A specially crafted aggregation query with $lookup by an authenticated user with write privileges can cause a double-free or use-after-free memory issue in the slot-based execution SBE engine when an in-memory hash table is spilled to disk...

6.4CVSS6AI score0.00342EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/03/20 12:0 a.m.5 views

MongoDB 7.0.x < 7.0.31 / 8.0.x < 8.0.20 / 8.2.x < 8.2.6 / 8.3.0-rc0 Double Free (SERVER-118849)

The version of MongoDB installed on the remote host is 7.0 prior to 7.0.31, 8.0 prior to 8.0.20, 8.2 prior to 8.2.6, and 8.3.0-rc0. It is, therefore, affected by a vulnerability as referenced in the SERVER-118849 advisory. - A specially crafted aggregation query with $lookup by an authenticated...

7.5CVSS6AI score0.00342EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/03/19 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-4358

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A specially crafted aggregation query with $lookup by an authenticated user with write privileges can cause a double-free or use-after-free memory issue in the...

7.5CVSS6.1AI score0.00342EPSS
Exploits1References2
OSV
OSV
added 2026/03/17 8:16 p.m.5 views

UBUNTU-CVE-2026-4358

A specially crafted aggregation query with $lookup by an authenticated user with write privileges can cause a double-free or use-after-free memory issue in the slot-based execution SBE engine when an in-memory hash table is spilled to disk...

7.5CVSS6AI score0.00342EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.14 views

EUVD-2012-4302

Malware in sbrugna...

9.3CVSS6.3AI score0.0252EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/05/23 12:9 a.m.5 views

CVE-2022-4358

The WP RSS By Publishers WordPress plugin through 0.1 does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users such as admin...

7.2CVSS7.4AI score0.00983EPSS
Exploits2References1
Circl
Circl
added 2025/05/06 6:39 p.m.8 views

CVE-2025-4358

creationtimestamp| type| source ---|---|--- 2025-05-06 18:39:54+00:00| exploited| https://t.me/cvedetector/24618 2025-05-15 07:33:25+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/16456...

9.8CVSS7.2AI score0.00438EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/05/06 1:31 p.m.12 views

CVE-2025-4358 PHPGurukul Company Visitor Management System admin-profile.php sql injection

A vulnerability classified as critical has been found in PHPGurukul Company Visitor Management System 2.0. Affected is an unknown function of the file /admin-profile.php. The manipulation of the argument adminname/mobilenumber leads to sql injection. It is possible to launch the attack remotely...

7.5CVSS8.9AI score0.00438EPSS
Exploits1References5
Exploit DB
Exploit DB
added 2025/03/28 12:0 a.m.225 views

Progress Telerik Report Server 2024 Q1 (10.0.24.305) - Authentication Bypass

Exploit Title: Progress Telerik Report Server 2024 Q1 10.0.24.305 - Authentication Bypass Fofa Dork: title="Telerik Report Server" Date: 2024-09-22 Exploit Author: VeryLazyTech GitHub: https://github.com/verylazytech/CVE-2024-4358 Vendor Homepage: https://www.telerik.com/report-server Software...

9.8CVSS9.7AI score0.97482EPSS
Exploits14
Packet Storm
Packet Storm
added 2024/09/01 12:0 a.m.212 views

Telerik Report Server Auth Bypass

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Telerik Report Server Auth Bypass', 'Description' = %q This module exploits an authentication bypass vulnerability in Telerik Report Server...

9.9CVSS7.2AI score0.97482EPSS
Exploits14
GithubExploit
GithubExploit
added 2024/08/24 10:9 a.m.349 views

Exploit for Authentication Bypass by Spoofing in Telerik Report_Server_2024

PoC exploit for CVE-2024-4358 and CVE-2024-1800, a deserializati...

9.9CVSS10AI score0.97482EPSS
Exploits14
Metasploit
Metasploit
added 2024/06/13 7:55 p.m.432 views

Telerik Report Server Auth Bypass and Deserialization RCE

This module chains an authentication bypass vulnerability CVE-2024-4358 with a deserialization vulnerability CVE-2024-1800 to obtain remote code execution against Telerik Report Server version 10.0.24.130 and prior. The authentication bypass flaw allows an unauthenticated user to create a new use...

9.9CVSS8.9AI score0.97482EPSS
Exploits14
Packet Storm
Packet Storm
added 2024/06/13 12:0 a.m.293 views

Telerik Report Server Authentication Bypass / Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'rex/zip' class MetasploitModule 'Telerik Report Server Auth Bypass and Deserialization RCE', 'Description' = %q This module chains an authentication bypass...

9.9CVSS7AI score0.97482EPSS
Exploits14
GithubExploit
GithubExploit
added 2024/06/09 6:30 a.m.447 views

Exploit for Authentication Bypass by Spoofing in Telerik Report_Server_2024

This is a PoC exploit for CVE-2024-4358, an authentication bypas...

9.8CVSS9.6AI score0.97482EPSS
Exploits14
OSV
OSV
added 2024/06/06 12:25 p.m.9 views

CGA-928J-4358-26F4

Bulletin has no description...

5.3CVSS6.9AI score0.01208EPSS
Exploits0
GithubExploit
GithubExploit
added 2024/06/05 1:5 a.m.429 views

Exploit for Authentication Bypass by Spoofing in Telerik Report_Server_2024

CVE-2024-4358MassExploit Modified tools from @sinsinology to...

9.8CVSS9.8AI score0.97482EPSS
Exploits14
Tenable Nessus
Tenable Nessus
added 2024/06/05 12:0 a.m.33 views

Progress Telerik Report Server Authentication Bypass (CVE-2024-4358) (Direct Check)

Binary data telerikreportservercve-2024-4358.nbin...

9.8CVSS9.7AI score0.97482EPSS
Exploits14References2
GithubExploit
GithubExploit
added 2024/06/04 4:7 p.m.476 views

Exploit for Authentication Bypass by Spoofing in Telerik Report_Server_2024

CVE-2024-4358 / CVE-2024-1800 Telerik Report Server deserializ...

9.9CVSS10AI score0.97482EPSS
Exploits14
The Hacker News
The Hacker News
added 2024/06/04 2:43 p.m.35 views

Telerik Report Server Flaw Could Let Attackers Create Rogue Admin Accounts

Progress Software has rolled out updates to address a critical security flaw impacting the Telerik Report Server that could be potentially exploited by a remote attacker to bypass authentication and create rogue administrator users. The issue, tracked as CVE-2024-4358, carries a CVSS score of 9.8...

9.9CVSS8.5AI score0.97482EPSS
Exploits14
Rows per page
Query Builder