Lucene search
+L

1392 matches found

Patchstack
Patchstack
added 2026/02/15 10:35 p.m.9 views

WordPress Magic Login Mail or QR Code plugin <= 2.05 - Unauthenticated Privilege Escalation via Insecure QR Code File Storage vulnerability

Unauthenticated Privilege Escalation via Insecure QR Code File Storage vulnerability discovered by ifoundbug in WordPress Plugin Magic Login Mail or QR Code versions = 2.05...

8.1CVSS5.6AI score0.00466EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2026/02/12 8:16 p.m.6 views

CVE-2019-25344

Wondershare MobileGo 8.5.0 contains an insecure file permissions vulnerability that allows local users to modify executable files in the application directory. Attackers can replace the original MobileGo.exe with a malicious executable to create a new user account and add it to the Administrators...

7.8CVSS5.8AI score0.00162EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/02/12 7:2 p.m.32 views

CVE-2019-25344 MobileGo 8.5.0 - Insecure File Permissions

Wondershare MobileGo 8.5.0 contains an insecure file permissions vulnerability that allows local users to modify executable files in the application directory. Attackers can replace the original MobileGo.exe with a malicious executable to create a new user account and add it to the Administrators...

8.5CVSS0.00162EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/02/12 7:2 p.m.6 views

CVE-2019-25344 MobileGo 8.5.0 - Insecure File Permissions

Wondershare MobileGo 8.5.0 contains an insecure file permissions vulnerability that allows local users to modify executable files in the application directory. Attackers can replace the original MobileGo.exe with a malicious executable to create a new user account and add it to the Administrators...

8.5CVSS5.5AI score0.00162EPSS
Exploits1References4
CVE
CVE
added 2026/02/12 7:2 p.m.14 views

CVE-2019-25343

CVE-2019-25343 affects NextVPN 4.10, where insecure file permissions enable local users to modify executable files with full rights. By replacing system executables, an attacker may obtain SYSTEM or Administrator privileges through unauthorized modification. CVSS metrics indicate high impact and ...

8.5CVSS5.5AI score0.00108EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/12 7:2 p.m.28 views

CVE-2019-25343 NextVPN 4.10 - Insecure File Permissions

NextVPN 4.10 contains an insecure file permissions vulnerability that allows local users to modify executable files with full access rights. Attackers can replace system executables with malicious files to gain SYSTEM or Administrator privileges through unauthorized file modification...

8.5CVSS0.00108EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/12 7:2 p.m.6 views

CVE-2019-25343 NextVPN 4.10 - Insecure File Permissions

NextVPN 4.10 contains an insecure file permissions vulnerability that allows local users to modify executable files with full access rights. Attackers can replace system executables with malicious files to gain SYSTEM or Administrator privileges through unauthorized file modification...

8.5CVSS5.5AI score0.00108EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/02/12 1:58 p.m.30 views

CVE-2025-14014 Insecure File Upload in NTN Informatics' Smart Panel

Unrestricted Upload of File with Dangerous Type vulnerability in NTN Information Processing Services Computer Software Hardware Industry and Trade Ltd. Co. Smart Panel allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Smart Panel: before 20251215...

9.8CVSS0.00385EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/02/12 1:58 p.m.3 views

CVE-2025-14014 Insecure File Upload in NTN Informatics' Smart Panel

Unrestricted Upload of File with Dangerous Type vulnerability in NTN Information Processing Services Computer Software Hardware Industry and Trade Ltd. Co. Smart Panel allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Smart Panel: before 20251215...

9.8CVSS5.8AI score0.00385EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/12 12:0 a.m.9 views

PT-2026-7880

Wondershare MobileGo 8.5.0 contains an insecure file permissions vulnerability that allows local users to modify executable files in the application directory. Attackers can replace the original MobileGo.exe with a malicious executable to create a new user account and add it to the Administrators...

8.5CVSS5.5AI score0.00162EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/02/12 12:0 a.m.8 views

Vm3Max NextVPN 安全漏洞

Vm3Max NextVPN is a VPN proxy application developed by Vm3Max Corporation. Version 4.10 of Vm3Max NextVPN contains a security vulnerability. This vulnerability stems from insecure file permissions, which may allow local users to modify executable files in order to obtain SYSTEM or Administrator...

8.5CVSS5.8AI score0.00108EPSS
Exploits0References3
OSV
OSV
added 2026/02/03 4:15 a.m.4 views

CVE-2026-0383

A vulnerability in Brocade Fabric OS could allow an authenticated, local attacker with privileges to access the Bash shell to access insecurely stored file contents including the history command...

7.8CVSS5.8AI score0.00198EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/03 3:55 a.m.31 views

CVE-2026-0383 Information disclosure in Brocade Fabric OS before 9.2.1c2, 9.2.2 through 9.2.2a and 10.0.0

A vulnerability in Brocade Fabric OS could allow an authenticated, local attacker with privileges to access the Bash shell to access insecurely stored file contents including the history command...

8.2CVSS0.00198EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/02/02 12:0 a.m.10 views

Alibaba Cloud Linux 3 : 0019: open-vm-tools (ALINUX3-SA-2026:0019)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2026:0019 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-22247: VMware Tools contains an insecure...

6.1CVSS5.5AI score0.00255EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/01/30 12:0 a.m.8 views

Interinfo DreamMaker security vulnerabilities

Interinfo DreamMaker is an application developed by Interinfo Corporation in China. Versions of Interinfo DreamMaker prior to October 22, 2025, contained security vulnerabilities. These vulnerabilities stemmed from the file upload function not restricting dangerous file types, which could lead to...

10CVSS5.8AI score0.00336EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/28 9:17 p.m.6 views

CVE-2026-23592

Insecure file operations in HPE Aruba Networking Fabric Composer’s backup functionality could allow authenticated attackers to achieve remote code execution. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system...

7.2CVSS6.5AI score0.00777EPSS
Exploits0References1
NVD
NVD
added 2026/01/27 6:15 p.m.6 views

CVE-2026-23592

Insecure file operations in HPE Aruba Networking Fabric Composer’s backup functionality could allow authenticated attackers to achieve remote code execution. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system...

7.2CVSS0.00777EPSS
Exploits0References1
CVE
CVE
added 2026/01/27 5:57 p.m.14 views

CVE-2026-23592

CVE-2026-23592 affects HPE Aruba Networking Fabric Composer. Insecure file operations in the backup functionality could allow authenticated attackers to achieve remote code execution and run arbitrary commands on the underlying OS. No remediation details are provided in the supplied documents.

7.2CVSS6.5AI score0.00777EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/27 5:57 p.m.22 views

CVE-2026-23592 Insecure File Handling allows Remote Code Execution in Backup Functionality

Insecure file operations in HPE Aruba Networking Fabric Composer’s backup functionality could allow authenticated attackers to achieve remote code execution. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system...

7.2CVSS0.00777EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/01/27 5:57 p.m.3 views

CVE-2026-23592

Insecure file operations in HPE Aruba Networking Fabric Composer’s backup functionality could allow authenticated attackers to achieve remote code execution. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system...

7.2CVSS6.5AI score0.00777EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder