TencentOS Server 3: gimp:2.8 (TSSA-2026:0324)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0324 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities...

Ivanti Virtual Traffic Manager (vTM) < 22.9R4 OS Command Injection (CVE-2026-8051)

The version of Ivanti Virtual Traffic Manager vTM running on the remote host is prior to 22.9R4. It is, therefore, affected by an OS command injection vulnerability: - OS command injection in Ivanti Virtual Traffic Manager before version 22.9r4 allows a remote authenticated attacker with admin...

CVE-2026-8507

Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl have out-of-bounds OOB write flaws. When parsing a PKCS12 file, with a = 1 GiB OCTET STRING or BIT STRING attribute on a SAFEBAG, via info or infoashash, a heap out-of-bounds write would be triggered with remote-code-execution potential RCE du...

UBUNTU-CVE-2026-8507

Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl have out-of-bounds OOB write flaws. When parsing a PKCS12 file, with a = 1 GiB OCTET STRING or BIT STRING attribute on a SAFEBAG, via info or infoashash, a heap out-of-bounds write would be triggered with remote-code-execution potential RCE du...

CVE-2026-8507

Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl have out-of-bounds OOB write flaws. When parsing a PKCS12 file, with a = 1 GiB OCTET STRING or BIT STRING attribute on a SAFEBAG, via info or infoashash, a heap out-of-bounds write would be triggered with remote-code-execution potential RCE du...

CVE-2026-8507

CVE-2026-8507 affects Crypt::OpenSSL::PKCS12 up to version 1.94 (Perl). The vulnerability stems from a signed integer overflow in size calculations for a 1 GiB+ OCTET STRING/BIT STRING attribute in SAFEBAGs when using info() or info_as_hash(), which can trigger a heap out-of-bounds write and remo...

CVE-2026-8507 Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl have out-of-bounds (OOB) write flaws

Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl have out-of-bounds OOB write flaws. When parsing a PKCS12 file, with a = 1 GiB OCTET STRING or BIT STRING attribute on a SAFEBAG, via info or infoashash, a heap out-of-bounds write would be triggered with remote-code-execution potential RCE du...

CVE-2026-8507 Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl have out-of-bounds (OOB) write flaws

Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl have out-of-bounds OOB write flaws. When parsing a PKCS12 file, with a = 1 GiB OCTET STRING or BIT STRING attribute on a SAFEBAG, via info or infoashash, a heap out-of-bounds write would be triggered with remote-code-execution potential RCE du...

EUVD-2026-30708

Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl have out-of-bounds OOB write flaws. When parsing a PKCS12 file, with a = 1 GiB OCTET STRING or BIT STRING attribute on a SAFEBAG, via info or infoashash, a heap out-of-bounds write would be triggered with remote-code-execution potential RCE du...

CVE-2026-8507

Crypt::OpenSSL::PKCS12 versions through 1.94 for Perl have out-of-bounds OOB write flaws. When parsing a PKCS12 file, with a = 1 GiB OCTET STRING or BIT STRING attribute on a SAFEBAG, via info or infoashash, a heap out-of-bounds write would be triggered with remote-code-execution potential RCE du...

MillieRCE

MillieRCE Millie is an advanced browser-based remote code exec...

HTB-Blue-Writeup

Blue — EternalBlue MS17-010 Platform: TryHackMe OS:...

Incorrect Privilege Assignment

Overview Affected versions of this package are vulnerable to Incorrect Privilege Assignment in the pre-auth logic that enables an attacker to activate the default-disabled POJO import feature. The attacker can then upload and import a malicious Java POJO leading to execution of arbitrary code by...

Exploit for Code Injection in Flowiseai Flowise

CVE-2025-59528-Flowis...

CVE-2018-25332

GitBucket 4.23.1 contains an unauthenticated remote code execution vulnerability that allows attackers to execute arbitrary commands by exploiting weak secret token generation and insecure file upload functionality. Attackers can brute-force the Blowfish encryption key, upload a malicious JAR...

CVE-2018-25332

CVE-2018-25332 - GitBucket 4.23.1 Unauthenticated Remote Code Execution Affected software: GitBucket 4.23.1. Vulnerability: An unauthenticated remote code execution flaw exists due to weak secret token generation and insecure file upload functionality. Adversaries can brute-force the Blowfish enc...

EUVD-2018-21853

GitBucket 4.23.1 contains an unauthenticated remote code execution vulnerability that allows attackers to execute arbitrary commands by exploiting weak secret token generation and insecure file upload functionality. Attackers can brute-force the Blowfish encryption key, upload a malicious JAR...

CVE-2018-25332 GitBucket 4.23.1 Unauthenticated Remote Code Execution

GitBucket 4.23.1 contains an unauthenticated remote code execution vulnerability that allows attackers to execute arbitrary commands by exploiting weak secret token generation and insecure file upload functionality. Attackers can brute-force the Blowfish encryption key, upload a malicious JAR...

CVE-2018-25332 GitBucket 4.23.1 Unauthenticated Remote Code Execution

GitBucket 4.23.1 contains an unauthenticated remote code execution vulnerability that allows attackers to execute arbitrary commands by exploiting weak secret token generation and insecure file upload functionality. Attackers can brute-force the Blowfish encryption key, upload a malicious JAR...

CVE-2018-25324 Simple Fields 0.2-0.3.5 Local File Inclusion via wp_abspath

Simple Fields 0.2 through 0.3.5 WordPress Plugin contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by injecting null bytes into the wpabspath parameter on PHP versions before 5.3.4. Attackers can supply malicious wpabspath values to...