Lucene search
K

1137 matches found

UbuntuCve
UbuntuCve
added 2026/03/16 10:16 p.m.3 views

CVE-2026-21991

A DTrace component, dtprobed, allows arbitrary file creation through crafted USDT provider names...

5.5CVSS6AI score0.00181EPSS
Exploits0References1
CVE
CVE
added 2026/03/16 9:36 p.m.16 views

CVE-2026-21991

The CVE-2026-21991 issue affects the DTrace component dtprobed, specifically its handling of USDT probes, enabling arbitrary file creation through crafted provider names. Multiple connected advisories confirm dtprobed as the vulnerable element and describe the risk of code execution as a worst-ca...

5.5CVSS5.9AI score0.00181EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2026/03/16 9:36 p.m.5 views

CVE-2026-21991

A DTrace component, dtprobed, allows arbitrary file creation through crafted USDT provider names...

5.5CVSS5.4AI score0.00181EPSS
Exploits0
Cvelist
Cvelist
added 2026/03/16 9:36 p.m.25 views

CVE-2026-21991

A DTrace component, dtprobed, allows arbitrary file creation through crafted USDT provider names...

5.5CVSS0.00181EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/16 9:36 p.m.9 views

CVE-2026-21991

A DTrace component, dtprobed, allows arbitrary file creation through crafted USDT provider names...

5.5CVSS5.9AI score0.00181EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.3 views

PT-2026-25827

A DTrace component, dtprobed, allows arbitrary file creation through crafted USDT provider names...

5.5CVSS5.9AI score0.00181EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.8 views

Oracle Linux 安全漏洞

Oracle Linux is an open and complete operating environment provided by Oracle Corporation in the United States. It offers virtualization, management, and cloud-native computing tools, as well as an operating system. There is a security vulnerability in Oracle Linux, which can be exploited through...

5.5CVSS5.9AI score0.00181EPSS
Exploits0References1
NVD
NVD
added 2026/03/09 9:15 a.m.5 views

CVE-2025-41757

A low-privileged remote attacker can abuse the backup restore functionality of UBR ubr-restore which runs with elevated privileges and does not validate the contents of the backup archive to create or overwrite arbitrary files anywhere on the system...

8.8CVSS0.00542EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/09 8:16 a.m.4 views

CVE-2025-41757 Arbitrary Write with ubr-restore

A low-privileged remote attacker can abuse the backup restore functionality of UBR ubr-restore which runs with elevated privileges and does not validate the contents of the backup archive to create or overwrite arbitrary files anywhere on the system...

8.8CVSS5.9AI score0.00542EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2026/03/03 12:0 a.m.7 views

Trend Micro Cleaner One Pro Link Following Denial-of-Service Vulnerability

This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Trend Micro Cleaner One Pro. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exist...

5CVSS6.2AI score
Exploits0References1
Packet Storm
Packet Storm
added 2026/02/11 12:0 a.m.392 views

📄 Qualys Security Advisory - Exim 21Nails Advisory

Qualys audited central parts of the Exim mail server and discovered 21 vulnerabilities, with 11 being local vulnerabilities and 10 being remote vulnerabilities. This is older research from 2021 that was missing from the archive. Qualys Security Advisory 21Nails: Multiple vulnerabilities in Exim...

10CVSS5.6AI score0.99961EPSS
Exploits82
OSV
OSV
added 2026/02/03 9:17 p.m.10 views

CVE-2026-25510 CI4MS Vulnerable to Remote Code Execution (RCE) via Arbitrary File Creation and Save in File Editor

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.28.5.0, an authenticated user with file editor permissions can achieve Remote Code Execution RCE by leveraging the file creation and sav...

9.9CVSS6.1AI score0.00805EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/02/03 9:17 p.m.6 views

CVE-2026-25510 CI4MS Vulnerable to Remote Code Execution (RCE) via Arbitrary File Creation and Save in File Editor

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.28.5.0, an authenticated user with file editor permissions can achieve Remote Code Execution RCE by leveraging the file creation and sav...

9.9CVSS6AI score0.00805EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/02/03 9:17 p.m.34 views

CVE-2026-25510 CI4MS Vulnerable to Remote Code Execution (RCE) via Arbitrary File Creation and Save in File Editor

CI4MS is a CodeIgniter 4-based CMS skeleton that delivers a production-ready, modular architecture with RBAC authorization and theme support. Prior to version 0.28.5.0, an authenticated user with file editor permissions can achieve Remote Code Execution RCE by leveraging the file creation and sav...

9.9CVSS0.00805EPSS
Exploits1References2
CVE
CVE
added 2026/02/03 9:17 p.m.23 views

CVE-2026-25510

CVE-2026-25510 affects CI4MS, a CodeIgniter 4–based CMS skeleton. The vulnerability exists in the /backend/fileeditor/createFile and /backend/fileeditor/save endpoints, where an authenticated user with file editor permissions can upload and save files (including PHP) and execute arbitrary code on...

9.9CVSS6.1AI score0.00805EPSS
Exploits1References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/02/03 3:11 a.m.8 views

CVE-2025-13348

An improper access control vulnerability exists in ASUS Secure Delete Driver of ASUS Business Manager. This vulnerability can be triggered by a local user sending a specially crafted request, potentially leading to the creation of arbitrary files in a specified path. Refer to the "Security Update...

8.5CVSS5.7AI score0.00104EPSS
Exploits0References1
OSV
OSV
added 2026/02/02 9:52 p.m.8 views

GHSA-GP56-F67F-M4PX CI4MS Vulnerable to Remote Code Execution (RCE) via Arbitrary File Creation and Save in File Editor

Summary A critical vulnerability has been identified in CI4MS that allows an authenticated user with file editor permissions to achieve Remote Code Execution RCE. By leveraging the file creation and save endpoints, an attacker can upload and execute arbitrary PHP code on the server. Vulnerability...

9.9CVSS6.5AI score0.00805EPSS
Exploits1References4
Github Security Blog
Github Security Blog
added 2026/02/02 9:52 p.m.11 views

CI4MS Vulnerable to Remote Code Execution (RCE) via Arbitrary File Creation and Save in File Editor

Summary A critical vulnerability has been identified in CI4MS that allows an authenticated user with file editor permissions to achieve Remote Code Execution RCE. By leveraging the file creation and save endpoints, an attacker can upload and execute arbitrary PHP code on the server. Vulnerability...

9.9CVSS6.5AI score0.00805EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2026/02/02 8:50 p.m.6 views

GHSA-M7J5-R2P5-C39R picklescan vulnerable to arbitrary file create using logging.FileHandler

Summary Unsafe pickle deserialization allows unauthenticated attackers to perform Arbitrary File Creation. By chaining the logging.FileHandler class, an attacker can bypass RCE-focused blocklists to create empty files on the server. The vulnerability allows creating zero-byte files in arbitrary...

6.9CVSS5.8AI score0.00288EPSS
Exploits1References5
Github Security Blog
Github Security Blog
added 2026/02/02 8:50 p.m.12 views

picklescan vulnerable to arbitrary file create using logging.FileHandler

Summary Unsafe pickle deserialization allows unauthenticated attackers to perform Arbitrary File Creation. By chaining the logging.FileHandler class, an attacker can bypass RCE-focused blocklists to create empty files on the server. The vulnerability allows creating zero-byte files in arbitrary...

5.8AI score
Exploits0References5Affected Software1
Rows per page
Query Builder