Lucene search
K

45724 matches found

NVD
NVD
added 2026/06/11 12:16 p.m.13 views

CVE-2026-1500

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user to cause denial of service due to uncontrolled resource consumption when processing ...

6.5CVSS0.00321EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/11 11:36 a.m.27 views

CVE-2026-7852 Unrestricted File Upload in Limatek's LimRAD NAC

Unrestricted upload of file with dangerous type vulnerability in Limatek System Inc. LimRAD NAC allows Remote Code Inclusion. This issue affects LimRAD NAC: before 5.5.7.3.9...

9.8CVSS0.00358EPSS
Exploits0References1
CVE
CVE
added 2026/06/11 11:36 a.m.36 views

CVE-2026-7852

CVE-2026-7852 describes an unrestricted upload of a file with a dangerous type in LimRAD NAC by Limatek System Inc., enabling Remote Code Inclusion. Affected product: LimRAD NAC prior to 5.5.7.3.9. The provided documents do not specify affected components beyond the product/version, nor any remed...

9.8CVSS5.6AI score0.00358EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/11 10:21 a.m.29 views

CVE-2026-1500 Allocation of Resources Without Limits or Throttling in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user to cause denial of service due to uncontrolled resource consumption when processing ...

6.5CVSS0.00321EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/11 10:21 a.m.9 views

CVE-2026-1500 Allocation of Resources Without Limits or Throttling in GitLab

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user to cause denial of service due to uncontrolled resource consumption when processing ...

6.5CVSS5.5AI score0.00321EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/11 8:59 a.m.13 views

CVE-2026-9067

The Schema & Structured Data for WP & AMP WordPress plugin before 1.60 does not check user capabilities on its frontend AJAX file-upload handlers and does not validate the actual content of uploaded files against the endpoint's intended media type, allowing unauthenticated users to upload any fil...

9.1CVSS5.5AI score0.00426EPSS
Exploits1References1
GithubExploit
GithubExploit
added 2026/06/11 6:57 a.m.79 views

Exploit for CVE-2025-6440

🧨 CVE-2025-6440 – WooCommerce Designer Pro Unrestricted File Upl...

9.8CVSS7.9AI score0.31827EPSS
Exploits12
GithubExploit
GithubExploit
added 2026/06/10 6:30 p.m.76 views

Exploit for CVE-2026-9067

POC & Xploit - Proof of Concept Directory Dokumentasi dan exp...

9.1CVSS5.8AI score0.00426EPSS
Exploits1
GithubExploit
GithubExploit
added 2026/06/10 3:42 p.m.55 views

Exploit for Improper Encoding or Escaping of Output in Cisco Catalyst_Sd-Wan_Manager

CVE-2026-20245 - Cisco SD-WAN Privilege Escalation Exploit !...

7.8CVSS6AI score0.09922EPSS
Exploits2
Vulnrichment
Vulnrichment
added 2026/06/10 6:0 a.m.10 views

CVE-2026-9067 Schema & Structured Data for WP & AMP < 1.60 - Unauthenticated Arbitrary Media Upload

The Schema & Structured Data for WP & AMP WordPress plugin before 1.60 does not check user capabilities on its frontend AJAX file-upload handlers and does not validate the actual content of uploaded files against the endpoint's intended media type, allowing unauthenticated users to upload any fil...

5.5AI score0.00426EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/10 2:59 a.m.9 views

CVE-2026-36722

An authenticated arbitrary file upload vulnerability in the /api/create-car-image component of bookcars v8.3 allows attackers to execute arbitrary code via uploading a crafted file...

5.4CVSS6AI score0.00217EPSS
Exploits0References1
NVD
NVD
added 2026/06/09 7:17 p.m.10 views

CVE-2026-36722

An authenticated arbitrary file upload vulnerability in the /api/create-car-image component of bookcars v8.3 allows attackers to execute arbitrary code via uploading a crafted file...

5.4CVSS0.00217EPSS
Exploits0References1
Snyk
Snyk
added 2026/06/09 10:23 a.m.7 views

Arbitrary File Upload

Overview Affected versions of this package are vulnerable to Arbitrary File Upload through the image decoding process. An attacker can cause the server process to crash by uploading a specially crafted TIFF file that triggers excessive memory allocation. Remediation Upgrade...

7.1CVSS5.4AI score0.00479EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 9:16 a.m.13 views

CVE-2026-33582

Unrestricted Upload of File with Dangerous Type vulnerability in Apache Answer. This issue affects Apache Answer: through 2.0.0. A crafted TIFF image could trigger excessive memory allocation during image decoding, allowing an authenticated user to cause the server process to crash. Users are...

6.5CVSS0.00479EPSS
Exploits0References2
Patchstack
Patchstack
added 2026/06/09 9:11 a.m.10 views

WordPress Advanced Google reCAPTCHA plugin <= 5.38 - Missing Authorization to Authenticated (Subscriber+) Arbitrary File Upload vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary File Upload vulnerability discovered by h0xilo in WordPress Plugin Advanced Google reCAPTCHA versions = 5.38...

8.8CVSS5.5AI score0.00449EPSS
Exploits0References1Affected Software1
GithubExploit
GithubExploit
added 2026/06/09 6:10 a.m.55 views

VulnBoard

VulnBoard “If you don’t know about attacks, you can’t defend...

5.7AI score
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/09 2:58 a.m.14 views

CVE-2026-11470

A vulnerability has been found in hs-web hsweb-framework up to 5.0.1. The affected element is the function denied of the file hsweb-system/hsweb-system-file/src/main/java/org/hswebframework/web/file/FileUploadProperties.java of the component File Upload. The manipulation of the argument filename...

6.5CVSS6AI score0.00301EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/09 2:58 a.m.13 views

CVE-2026-11474

A security flaw has been discovered in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected is an unknown function of the file service/RegisterService.php of the component Registration Endpoint. Performing a manipulation of the argument stimg results in...

7.5CVSS6.8AI score0.00288EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.11 views

PT-2026-48168

An authenticated arbitrary file upload vulnerability in the /api/create-car-image component of bookcars v8.3 allows attackers to execute arbitrary code via uploading a crafted file...

6AI score0.00217EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/09 12:0 a.m.8 views

CVE-2026-36722

An authenticated arbitrary file upload vulnerability in the /api/create-car-image component of bookcars v8.3 allows attackers to execute arbitrary code via uploading a crafted file...

6AI score0.00217EPSS
Exploits0References1
Rows per page
Query Builder