CVE-2026-47100

Funnel Builder for WooCommerce Checkout prior to 3.15.0.3 contains a missing authorization vulnerability in the public checkout endpoint that allows unauthenticated attackers to invoke internal methods and write arbitrary data to the plugin's External Scripts global setting. Attackers can inject...

CVE-2026-47100

CVE-2026-47100 affects Funnel Builder for WooCommerce Checkout (FunnelKit) prior to version 3.15.0.3. The vulnerability is a missing authorization flaw in the public checkout AJAX flow (update_order_review) that allows an unauthenticated attacker to invoke internal methods and write to the plugin...

EulerOS Virtualization 2.10.1 : rsync (EulerOS-SA-2026-1145)

According to the versions of the rsync package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in rsync. When using the --safe-links option, the rsync client fails to properly verify if a symbolic link destinati...

EUVD-2025-202414

An unauthenticated remote attacker can abuse unsafe sscanf calls within the checkcookie function to write arbitrary data into fixed-size stack buffers which leads to full device compromise...

EUVD-2020-14827

Malware in sbrugna...

EUVD-2020-17940

Malware in sbrugna...

EUVD-2014-7052

Malware in sbrugna...

EUVD-2017-16779

Malware in sbrugna...

EUVD-2017-18378

Malware in sbrugna...

CVE-2014-7175

FarLinX X25 Gateway through 2014-09-25 allows attackers to write arbitrary data to fsUI.xyz via fsSaveUIPersistence.php...

MGASA-2022-0092 Updated kernel packages fix security vulnerabilities

This kernel update is based on upstream 5.15.25 and fixes at least the following security issues: A vulnerability in the Linux kernel since version 5.8 due to uninitialized variables. It enables anybody to write arbitrary data to arbitrary files, even if the file is ORDONLY, immutable or on a...

CVE-2020-22061

SUPERAntispyware v8.0.0.1050 was discovered to contain an issue in the component saskutil64.sys. This issue allows attackers to arbitrarily write data to the device via IOCTL 0x9C402140...

coreos-installer: incorrect signature verification on gzip-compressed install images

An improper signature verification vulnerability was found in coreos-installer. A specially crafted gzip installation image can bypass the image signature verification and as a consequence can lead to the installation of unsigned content. An attacker able to modify the original installation image...

GNU libmicrohttpd Buffer Overflow Vulnerability

GNU libmicrohttpd is a GNU open source application. Run the HTTP server as part of another application. A buffer overflow vulnerability exists in versions of libmicrohttpd prior to 0.9.71, which stems from the fact that a missing bounds check will result in a buffer overflow that can be exploited...

NETGEAR JGS516PE/GS116Ev2 Arbitrary Data Write Vulnerability

The NETGEAR JGS516PE/GS116Ev2 is a 16-port Gigabit Smart Managed Plus switch. An arbitrary data write vulnerability exists in the NETGEAR JGS516PE/GS116Ev2 version 2.6.0.43. The vulnerability stems from the TFTP firmware update mechanism not properly implementing firmware validation. A remote...

CVE-2020-35782

Certain NETGEAR devices are affected by lack of access control at the function level. This affects JGS516PE before 2.6.0.48, JGS524Ev2 before 2.6.0.48, JGS524PE before 2.6.0.48, and GS116Ev2 before 2.6.0.48. The TFTP firmware update mechanism does not properly implement firmware validations,...

CVE-2014-7175

FarLinX X25 Gateway through 2014-09-25 allows attackers to write arbitrary data to fsUI.xyz via fsSaveUIPersistence.php...

CVE-2020-8599

Trend Micro Apex One 2019 and OfficeScan XG server contain a vulnerable EXE file that could allow a remote attacker to write arbitrary data to an arbitrary path on affected installations and bypass ROOT login. Authentication is not required to exploit this vulnerability...

CVE-2020-8599

CVE-2020-8599 affects Trend Micro Apex One (2019) and OfficeScan XG servers. The issue is in a vulnerable EXE on the server that could let an unauthenticated remote attacker write arbitrary data to an arbitrary path and bypass ROOT login. The description indicates no authentication is required to...

CVE-2018-1000849

Alpine Linux version Versions prior to 2.6.10, 2.7.6, and 2.10.1 contains a Other/Unknown vulnerability in apk-tools Alpine Linux' package manager that can result in Remote Code Execution. This attack appear to be exploitable via A specially crafted APK-file can cause apk to write arbitrary data ...