Lucene search
K

15 matches found

CNNVD
CNNVD
added 2026/05/26 12:0 a.m.10 views

WordPress plugin SW Core 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

7.5CVSS5.8AI score0.00418EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/18 1:58 p.m.10 views

CVE-2026-44565

Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.6.10, when uploading an audio file, the name of the file is derived from the original HTTP upload request and is not validated or sanitized. This allows for users to upload files with nam...

8.1CVSS5.8AI score0.00454EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/03/05 12:0 a.m.9 views

WordPress plugin Yungen 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

8.1CVSS5.8AI score0.00445EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/05 12:0 a.m.8 views

WordPress plugin OsTende 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

8.1CVSS5.8AI score0.00403EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/05 12:0 a.m.9 views

WordPress plugin Woopy 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

8.1CVSS5.8AI score0.00519EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/05 12:0 a.m.7 views

WordPress plugin Avventure 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

8.1CVSS5.8AI score0.00403EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/05 12:0 a.m.20 views

WordPress plugin Marcell 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

8.1CVSS5.8AI score0.00403EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/20 12:0 a.m.8 views

WordPress plugin Eleblog 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

8.1CVSS5.8AI score0.00549EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.9 views

WordPress plugin Piqes has a security vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...

8.1CVSS5.8AI score0.00512EPSS
Exploits0References1
OSV
OSV
added 2024/06/28 7:15 p.m.7 views

DEBIAN-CVE-2024-27629

An issue in dc2niix before v.1.0.20240202 allows a local attacker to execute arbitrary code via the generated file name is not properly escaped and injected into a system call when certain types of compression are used...

7.8CVSS6AI score0.00206EPSS
Exploits0References1
OSV
OSV
added 2024/06/28 7:15 p.m.1 views

UBUNTU-CVE-2024-27629

An issue in dc2niix before v.1.0.20240202 allows a local attacker to execute arbitrary code via the generated file name is not properly escaped and injected into a system call when certain types of compression are used...

7.8CVSS6.2AI score0.00206EPSS
Exploits0References3
OSV
OSV
added 2024/02/09 12:0 a.m.2 views

UBUNTU-CVE-2024-20328

A vulnerability in the VirusEvent feature of ClamAV could allow a local attacker to inject arbitrary commands with the privileges of the application service account.The vulnerability is due to unsafe handling of file names. A local attacker could exploit this vulnerability by supplying a file nam...

5.3CVSS7.4AI score0.84841EPSS
Exploits0References4
CNNVD
CNNVD
added 2023/10/31 12:0 a.m.51 views

phpMyFAQ 跨站脚本漏洞

phpMyFAQ is a multi-language, fully database-driven FAQ system. A cross-site scripting vulnerability exists in versions prior to phpMyFAQ 3.2.2, which stems from the lack of effective filtering and escaping of user-supplied data in the FileName parameter of the file attachment upload function, an...

5.4CVSS6.1AI score0.00414EPSS
Exploits1References3
OSV
OSV
added 2016/12/09 10:59 p.m.1 views

DEBIAN-CVE-2016-6321

Directory traversal vulnerability in the safernamesuffix function in GNU tar 1.14 through 1.29 might allow remote attackers to bypass an intended protection mechanism and write to arbitrary files via vectors related to improper sanitization of the filename parameter, aka POINTYFEATHER...

7.5CVSS7.7AI score0.15155EPSS
Exploits3References1
Positive Technologies
Positive Technologies
added 2015/10/09 12:0 a.m.3 views

PT-2016-3297 · Gnu +3 · Gnu Tar +3

Name of the Vulnerable Software and Affected Versions: GNU tar versions 1.14 through 1.29 Description: The issue is related to a directory traversal vulnerability in the safer name suffix function. This vulnerability might allow remote attackers to bypass an intended protection mechanism and writ...

7.8CVSS7.7AI score0.15155EPSS
Exploits5References50
Rows per page
Query Builder