Lucene search
K

7 matches found

CVE
CVE
added 2026/03/25 6:49 p.m.19 views

CVE-2026-27602

Modoboa contains an OS command injection vulnerability (CWE-like) due to exec_cmd paths using subprocess with shell=True and unsanitized domain/input values. In modoboa/lib/sysutils.py and related sinks (DKIM domain handling, mailbox rename, sa-learn, doveadm, rrdtool, webmail operations), domain...

7.2CVSS5.9AI score0.00566EPSS
Exploits1References3Affected Software1
EUVD
EUVD
added 2026/03/13 9:31 p.m.5 views

EUVD-2026-11983

Missing Authorization vulnerability in Ex-Themes WP Food wp-food allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Food: from n/a through 2.7.1...

5.3CVSS5.8AI score0.00176EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/13 12:0 a.m.6 views

SFTPGo 路径遍历漏洞

SFTPGo is a fully functional and highly configurable SFTP server developed by the Italian developer Nicola Murino. Versions of SFTPGo prior to 2.7.1 contained a path traversal vulnerability, which was caused by improper validation of dynamic group paths. This vulnerability could lead to path...

5.3CVSS7.3AI score0.00309EPSS
Exploits0References1
OSV
OSV
added 2025/02/13 7:15 a.m.4 views

CVE-2024-47265

Improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in encrypted share umount functionality in Synology Active Backup for Business before 2.7.1-13234, 2.7.1-23234 and 2.7.1-3234 allows remote authenticated users to write specific files via unspecified vector...

6.5CVSS5.8AI score0.00365EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/09/12 12:0 a.m.6 views

Apache Airflow 信息泄露漏洞

Apache Airflow is the United States Apache Apache Foundation's set of open source platform for creating, managing and monitoring workflow. The platform is scalable and dynamic monitoring and other characteristics. An information disclosure vulnerability exists in Apache Airflow versions prior to...

6.5CVSS5.9AI score0.01476EPSS
Exploits0References4
CNNVD
CNNVD
added 2022/02/07 12:0 a.m.7 views

Wordpress Plugin WPLegalPages 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an open source application plugin for WordPress. A cross-site scripting vulnerability exists i...

5.4CVSS5.6AI score0.006EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2017/11/17 12:0 a.m.5 views

PT-2017-14610

Name of the Vulnerable Software and Affected Versions PJSIP versions prior to 2.7.1 Description An issue was discovered in the ioqueue component of Teluu pjproject pjlib and pjlib-util in PJSIP. The ioqueue component may issue a double key unregistration after an attacker initiates a socket...

9.8CVSS7AI score0.0462EPSS
Exploits4References26
Rows per page
Query Builder