Lucene search
K

212 matches found

NVD
NVD
added 2025/08/21 9:15 p.m.7 views

CVE-2010-20115

Arcane Software’s Vermillion FTP Daemon vftpd versions up to and including 1.31 contains a memory corruption vulnerability triggered by a malformed FTP PORT command. The flaw arises from an out-of-bounds array access during input parsing, allowing an attacker to manipulate stack memory and...

9.3CVSS0.0086EPSS
Exploits0References7
Cvelist
Cvelist
added 2025/08/21 8:15 p.m.10 views

CVE-2010-20115 Vermillion FTP <= 1.31 Daemon PORT Command Memory Corruption

Arcane Software’s Vermillion FTP Daemon vftpd versions up to and including 1.31 contains a memory corruption vulnerability triggered by a malformed FTP PORT command. The flaw arises from an out-of-bounds array access during input parsing, allowing an attacker to manipulate stack memory and...

9.3CVSS0.0086EPSS
Exploits0References7
CVE
CVE
added 2025/08/21 8:15 p.m.16 views

CVE-2010-20115

Vulnerability CVE-2010-20115 affects Vermillion FTP Daemon (vftpd) up to and including version 1.31. Root cause: memory corruption from an out-of-bounds array access during parsing of the FTP PORT command. Impact: potential arbitrary code execution with high confidentiality/integrity/availability...

9.3CVSS7.9AI score0.0086EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/08/21 12:0 a.m.5 views

PT-2025-34309 · Unknown · Vermillion Ftp Daemon

Name of the Vulnerable Software and Affected Versions: Vermillion FTP Daemon vftpd versions through 1.31 Description: The Vermillion FTP Daemon vftpd contains a memory corruption issue triggered by a malformed FTP PORT command. The flaw is due to an out-of-bounds array access during input parsing...

9.3CVSS7.2AI score0.0086EPSS
Exploits0References9
SUSE Linux
SUSE Linux
added 2025/08/01 8:37 a.m.3 views

Security update for kernel-livepatch-MICRO-6-0_Update_2

This update for kernel-livepatch-MICRO-6-0Update2 fixes the following issues: CVE-2024-50208: RDMA/bnxtre: Fix a bug while setting up Level-2 PBL pages bsc1233118 CVE-2024-50250: fsdax: daxunshareiter needs to copy entire blocks bsc1233227 CVE-2024-53146: NFSD: prevent a potential integer overflo...

8.5CVSS7.6AI score0.00262EPSS
Exploits0References46
SUSE Linux
SUSE Linux
added 2025/07/30 4:17 p.m.4 views

Security update for kernel-livepatch-MICRO-6-0-RT_Update_2

This update for kernel-livepatch-MICRO-6-0-RTUpdate2 fixes the following issues: CVE-2024-50208: RDMA/bnxtre: Fix a bug while setting up Level-2 PBL pages bsc1233118 CVE-2024-50250: fsdax: daxunshareiter needs to copy entire blocks bsc1233227 CVE-2024-53146: NFSD: prevent a potential integer...

8.5CVSS7.6AI score0.00262EPSS
Exploits0References46
SUSE Linux
SUSE Linux
added 2025/07/21 3:33 p.m.3 views

Security update for the Linux Kernel (Live Patch 4 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002322 fixes several issues. The following security issues were fixed: CVE-2024-53146: NFSD: Prevent a potential integer overflow bsc1234854. CVE-2024-53214: vfio/pci: Properly hide first-in-list PCIe extended capability bsc1235005. CVE-2024-53173:...

8.5CVSS8.1AI score0.00262EPSS
Exploits0References46
Ubuntu
Ubuntu
added 2025/05/26 12:39 p.m.17 views

USN-7524-1: Linux kernel (Raspberry Pi) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - Supe...

8.1CVSS7.6AI score0.03558EPSS
Exploits11
Tenable Nessus
Tenable Nessus
added 2025/05/26 12:0 a.m.17 views

Ubuntu 24.04 LTS : Linux kernel (Raspberry Pi) vulnerabilities (USN-7524-1)

"The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7524-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws i...

8.1CVSS7.6AI score0.03558EPSS
Exploits11References702
RedhatCVE
RedhatCVE
added 2025/05/22 9:10 p.m.6 views

CVE-2021-27990

Appspace 6.2.4 is vulnerable to a broken authentication mechanism where pages such as /medianet/mail.aspx can be called directly and the framework is exposed with layouts, menus and functionalities...

7.5CVSS7AI score0.01424EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:59 a.m.7 views

CVE-2018-21007

The woo-confirmation-email plugin before 3.2.0 for WordPress has no blocking of direct access to supportive xl folders inside uploads...

9.8CVSS7AI score0.01952EPSS
Exploits0References1
NVD
NVD
added 2025/04/25 6:15 a.m.33 views

CVE-2025-3923

The Prevent Direct Access – Protect WordPress Files plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.8.8 via the 'generateuniquestring' due to insufficient randomness of the generated file name. This makes it possible for unauthenticated...

5.3CVSS0.00333EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/04/25 5:25 a.m.5 views

CVE-2025-3861 Prevent Direct Access 2.8.6 - 2.8.8.2 - Incorrect Authorization to Authenticated (Contributor+) Multiple Media Actions

The Prevent Direct Access – Protect WordPress Files plugin for WordPress is vulnerable to unauthorized access and modification of data| due to a misconfigured capability check on the 'pdalitecustompermissioncheck' function in versions 2.8.6 to 2.8.8.2. This makes it possible for authenticated...

5.4CVSS5.2AI score0.00246EPSS
Exploits0References3
CVE
CVE
added 2025/04/25 5:25 a.m.71 views

CVE-2025-3861

CVE-2025-3861 affects the WordPress plugin Prevent Direct Access – Protect WordPress Files (versions 2.8.6–2.8.8.2). A misconfigured capability check in pda_lite_custom_permission_check allows authenticated users with Contributor+ privileges to access and modify the protection status of media. At...

5.4CVSS5.2AI score0.00246EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/04/25 5:25 a.m.26 views

CVE-2025-3861 Prevent Direct Access 2.8.6 - 2.8.8.2 - Incorrect Authorization to Authenticated (Contributor+) Multiple Media Actions

The Prevent Direct Access – Protect WordPress Files plugin for WordPress is vulnerable to unauthorized access and modification of data| due to a misconfigured capability check on the 'pdalitecustompermissioncheck' function in versions 2.8.6 to 2.8.8.2. This makes it possible for authenticated...

5.4CVSS0.00246EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2025/04/25 12:0 a.m.7 views

PT-2025-17883 · WordPress · Prevent Direct Access – Protect Wordpress Files

Name of the Vulnerable Software and Affected Versions: Prevent Direct Access – Protect WordPress Files plugin versions up to, and including, 2.8.8 Description: The issue allows unauthenticated attackers to extract sensitive data, including files protected by the plugin, due to insufficient...

5.3CVSS6AI score0.00333EPSS
Exploits0References9
CNNVD
CNNVD
added 2025/04/25 12:0 a.m.5 views

WordPress plugin Prevent Direct Access 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

5.4CVSS6.2AI score0.00246EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/04/25 12:0 a.m.4 views

WordPress plugin Prevent Direct Access 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...

5.3CVSS5.9AI score0.00333EPSS
Exploits0References5
OSV
OSV
added 2025/03/27 8:8 p.m.16 views

USN-7383-2 linux-realtime vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - Drivers core; - Ublk userspace block driver; -...

7.8CVSS6.7AI score0.00875EPSS
Exploits2References109
OSV
OSV
added 2024/12/27 2:15 p.m.3 views

DEBIAN-CVE-2024-53219

In the Linux kernel, the following vulnerability has been resolved: virtiofs: use pages instead of pointer for kernel direct IO When trying to insert a 10MB kernel module kept in a virtio-fs with cache disabled, the following warning was reported: ------------ cut here ------------ WARNING: CPU: ...

5.5CVSS5.9AI score0.00217EPSS
Exploits0References1
Rows per page
Query Builder