Lucene search
K

14 matches found

Cvelist
Cvelist
added 2026/06/02 9:32 p.m.31 views

CVE-2021-4481 Dräger Protector Software Local Privilege Escalation via Insecure File Permissions

Dräger Protector Software prior to version 6.4.2 contains a local privilege escalation vulnerability due to insecure file system permissions that allows local attackers to execute arbitrary code with elevated privileges. Attackers can replace binaries or loaded modules on the host system to execu...

8.3CVSS0.00107EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/02 12:0 a.m.12 views

PT-2026-45861

Name of the Vulnerable Software and Affected Versions Dräger Protector Software versions prior to 6.4.2 Description Insecure file system permissions allow local attackers to execute arbitrary code with elevated privileges. This is achieved by replacing binaries or loaded modules on the host syste...

8.3CVSS6.2AI score0.00107EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/02/05 6:47 a.m.27 views

CVE-2026-1246 ShortPixel Image Optimizer <= 6.4.2 - Authenticated (Editor+) Arbitrary File Read via 'loadFile' Parameter

The ShortPixel Image Optimizer plugin for WordPress is vulnerable to Arbitrary File Read via path traversal in the 'loadFile' parameter in all versions up to, and including, 6.4.2 due to insufficient path validation and sanitization in the 'loadLogFile' AJAX action. This makes it possible for...

4.9CVSS0.00519EPSS
Exploits0References5
VulnCheck KEV
VulnCheck KEV
added 2026/01/18 12:0 a.m.6 views

VulnCheck KEV: CVE-2024-4443

The Business Directory Plugin – Easy Listing Directories for WordPress plugin for WordPress is vulnerable to time-based SQL Injection via the ‘listingfields’ parameter in all versions up to, and including, 6.4.2 due to insufficient escaping on the user supplied parameter and lack of sufficient...

9.8CVSS5.9AI score0.10272EPSS
In wildExploits1References62
CVE
CVE
added 2025/10/16 6:33 a.m.15 views

CVE-2025-55089

Eclipse ThreadX FileX RAM disk driver (FileX) prior to version 6.4.2 contains a buffer overflow in the RAM disk path that can be triggered by crafted network packets via NetX Duo HTTP PUT handling. The overflow arises when the RAM-disk buffer is written without validating that the destination poi...

9.8CVSS6.9AI score0.00466EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2025/10/16 12:0 a.m.5 views

Eclipse ThreadX FileX 缓冲区错误漏洞

Eclipse ThreadX FileX is a high-performance, FAT-compatible file system from the Eclipse ThreadX open source. A buffer error vulnerability exists in Eclipse ThreadX FileX versions prior to 6.4.2, which stems from a buffer overflow in the FileX RAM disk driver that could lead to remote code...

9.8CVSS8.1AI score0.00466EPSS
Exploits1References1
NVD
NVD
added 2025/09/02 2:15 p.m.3 views

CVE-2025-46047

A User enumeration vulnerability in the /CredentialsServlet/ForgotPassword endpoint in Silverpeas 6.4.1 and 6.4.2 allows remote attackers to determine valid usernames via the Login parameter...

6.5CVSS0.00331EPSS
Exploits3References2
OSV
OSV
added 2024/11/22 4:15 p.m.4 views

DEBIAN-CVE-2024-52804

Tornado is a Python web framework and asynchronous networking library. The algorithm used for parsing HTTP cookies in Tornado versions prior to 6.4.2 sometimes has quadratic complexity, leading to excessive CPU consumption when parsing maliciously-crafted cookie headers. This parsing occurs in th...

7.5CVSS7.2AI score0.01051EPSS
Exploits0References1
OSV
OSV
added 2024/11/22 4:15 p.m.7 views

AZL-53624 CVE-2024-52804 affecting package python-tornado 6.2.0-1

Tornado is a Python web framework and asynchronous networking library. The algorithm used for parsing HTTP cookies in Tornado versions prior to 6.4.2 sometimes has quadratic complexity, leading to excessive CPU consumption when parsing maliciously-crafted cookie headers. This parsing occurs in th...

7.5CVSS7.3AI score0.01051EPSS
Exploits0References1
OSV
OSV
added 2024/02/02 4:15 p.m.4 views

CVE-2023-47562

An OS command injection vulnerability has been reported to affect Photo Station. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following version: Photo Station 6.4.2 2023/12/15 and later...

8.8CVSS5.8AI score0.01111EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/12/19 12:0 a.m.3 views

Wavelink Avalanche Security Vulnerability

Wavelink Avalanche is a mobile device management system from Wavelink, Inc. in the United States. A security vulnerability exists in Wavelink Avalanche version 6.4.2. An attacker could exploit this vulnerability by sending specially crafted packets to the mobile device server, which could result ...

9.8CVSS7.2AI score0.06782EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/12/19 12:0 a.m.4 views

Wavelink Avalanche Security Vulnerability

Wavelink Avalanche is a mobile device management system from Wavelink, Inc. in the United States. A security vulnerability exists in Wavelink Avalanche version 6.4.2. An attacker could exploit this vulnerability by sending specially crafted packets to the mobile device server, which could result ...

9.8CVSS7.2AI score0.06782EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/12/19 12:0 a.m.2 views

Wavelink Avalanche Security Vulnerability

Wavelink Avalanche is a mobile device management system from Wavelink, Inc. in the United States. A security vulnerability exists in Wavelink Avalanche version 6.4.2. An attacker could exploit this vulnerability by sending specially crafted packets to the mobile device server, which could result ...

9.8CVSS7.2AI score0.06782EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/03/27 12:0 a.m.3 views

WordPress plugin Complianz 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

5.4CVSS6.5AI score0.00558EPSS
Exploits2References2
Rows per page
Query Builder