Lucene search
K

25 matches found

CVE
CVE
added 2026/03/16 1:2 a.m.18 views

CVE-2026-4204

Affected products: D-Link DNS-120, DNR-202L, DNS-315L, DNS-320/320L/320LW, DNS-321, DNR-322L, DNS-323, DNS-325/326/327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05, DNS-1550-04. Root cause: The CGI endpoints in /cgi-bin/gui_mgr.cgi (cgi_myfavorite_add/…/cgi_mycloud_au...

9.8CVSS6.3AI score0.03394EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/01/26 12:0 a.m.6 views

PT-2026-4750

The web interface offers a functionality to export the internal SQLite database. After executing the database export, an automatic download is started and the device reboots. After rebooting, the exported database is deleted and cannot be accessed anymore. However, it was noticed that sometimes t...

5.9CVSS5.8AI score0.00572EPSS
Exploits0References4
NVD
NVD
added 2025/12/05 5:16 p.m.7 views

CVE-2025-66550

Nextcloud Calendar is a calendar app for Nextcloud. Prior to 4.7.17 and 5.2.4, when a malicious user creates a calendar event with a crafted attachment that links to a download link of a file on the same Nextcloud server, the file would be downloaded without the user confirming the action. This...

5.7CVSS0.00277EPSS
Exploits0References4
Packet Storm
Packet Storm
added 2025/12/02 12:0 a.m.240 views

📄 WhatsApp Android Contact Gating Bypass

WhatsApp Android has a contact gating bypass in groups that leads to interaction-less media download. Background To prevent security issues and spam, WhatsApp for Android requires some form of user interaction to automatically download files from non-contacts: a. After adding someone as a contact...

6.9AI score
Exploits0
OSV
OSV
added 2025/06/11 12:15 p.m.2 views

UBUNTU-CVE-2025-5986

A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf files to the user's desktop or home directory without prompting, even if auto-saving is disabled. This behavior can be abused to fill the disk with garbage data e.g. using /dev/urandom on Linux or to...

6.5CVSS6.6AI score0.00466EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/05/13 12:0 a.m.3 views

PT-2025-21186 · Mozilla +5 · Thunderbird +5

Name of the Vulnerable Software and Affected Versions: Thunderbird versions prior to 128.10.1 Thunderbird versions prior to 138.0.1 Description: A crafted HTML email using mailbox:/// links can trigger automatic, unsolicited downloads of .pdf files to the user's desktop or home directory without...

9.1CVSS6.6AI score0.08917EPSS
Exploits1References137
OSV
OSV
added 2022/04/21 6:15 p.m.4 views

CVE-2020-14118

An intent redirection vulnerability in the Mi App Store product. This vulnerability is caused by the Mi App Store does not verify the validity of the incoming data, can cause the app store to automatically download and install apps...

6.1CVSS6.4AI score0.00525EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2019/01/10 12:0 a.m.5 views

The vulnerability of the Microsoft Lync for Mac instant messaging program, related to message processing errors, allows a hacker to redirect users to malicious websites or automatically download certain types of files from a list of safe file types.

The vulnerability of the Microsoft Lync for Mac instant messaging program exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to redirect users to malicious websites or automatically download certain file types as safe files through a...

7.5CVSS7.2AI score0.38177EPSS
Exploits5References5Affected Software1
CNVD
CNVD
added 2017/03/30 12:0 a.m.3 views

Security Bypass Vulnerabilities in Multiple Game Engine Products

ioquake3 and others are open source, free, cross-platform Quake 3-based FPS game engines. A security vulnerability exists in the auto-downloading feature in several game engine products, which stems from the program's failure to adequately restrict content. An attacker can exploit the vulnerabili...

9.3CVSS7.2AI score0.01291EPSS
Exploits0References1
OSV
OSV
added 2017/03/14 10:59 p.m.17 views

CVE-2017-6903

In ioquake3 before 2017-03-14, the auto-downloading feature has insufficient content restrictions. This also affects Quake III Arena, OpenArena, OpenJK, iortcw, and other id Tech 3 aka Quake 3 engine forks. A malicious auto-downloaded file can trigger loading of crafted auto-downloaded files as...

7.8CVSS7.6AI score
Exploits0References10
UbuntuCve
UbuntuCve
added 2017/03/14 10:59 p.m.13 views

CVE-2017-6903

In ioquake3 before 2017-03-14, the auto-downloading feature has insufficient content restrictions. This also affects Quake III Arena, OpenArena, OpenJK, iortcw, and other id Tech 3 aka Quake 3 engine forks. A malicious auto-downloaded file can trigger loading of crafted auto-downloaded files as...

9.3CVSS7.1AI score0.01291EPSS
Exploits0References10
OSV
OSV
added 2017/03/14 10:59 p.m.3 views

UBUNTU-CVE-2017-6903

In ioquake3 before 2017-03-14, the auto-downloading feature has insufficient content restrictions. This also affects Quake III Arena, OpenArena, OpenJK, iortcw, and other id Tech 3 aka Quake 3 engine forks. A malicious auto-downloaded file can trigger loading of crafted auto-downloaded files as...

7.8CVSS7.2AI score0.01291EPSS
Exploits0References11
Debian CVE
Debian CVE
added 2017/03/14 10:0 p.m.10 views

CVE-2017-6903

In ioquake3 before 2017-03-14, the auto-downloading feature has insufficient content restrictions. This also affects Quake III Arena, OpenArena, OpenJK, iortcw, and other id Tech 3 aka Quake 3 engine forks. A malicious auto-downloaded file can trigger loading of crafted auto-downloaded files as...

9.3CVSS7.5AI score0.01291EPSS
Exploits0
Cvelist
Cvelist
added 2017/03/14 10:0 p.m.20 views

CVE-2017-6903

In ioquake3 before 2017-03-14, the auto-downloading feature has insufficient content restrictions. This also affects Quake III Arena, OpenArena, OpenJK, iortcw, and other id Tech 3 aka Quake 3 engine forks. A malicious auto-downloaded file can trigger loading of crafted auto-downloaded files as...

7.5AI score0.01291EPSS
Exploits0References10
Kitploit
Kitploit
added 2016/09/27 2:30 p.m.18 views

Windows-Exploit-Suggester v3.2 - Compares a targets patch levels against the Microsoft vulnerability database

This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public exploits and Metasploit modules available for the missing bulletins. It requires the 'systeminfo' comman...

7.9AI score
Exploits0References1
The Hacker News
The Hacker News
added 2015/09/11 8:48 p.m.13 views

Here's How to Stop Windows 7 or 8 from Downloading Windows 10 Automatically

Yesterday we reported you that Microsoft is auto-downloading Windows 10 installation files — between 3.5GB and 6GB — onto users' PCs even if they have not opted into the upgrade. Microsoft plans to deploy Windows 10 on over 1 Billion devices worldwide, and this auto-downloading Windows 10 could b...

6.6AI score
Exploits0
Kitploit
Kitploit
added 2015/05/21 11:7 p.m.23 views

SMBMap - Samba Share Enumerator

SMBMap allows users to enumerate samba share drives across an entire domain. List share drives, drive permissions, share contents, upload/download functionality, file name auto-download pattern matching, and even execute remote commands. This tool was designed with pen testing in mind, and is...

8AI score
Exploits0References9
myhack58
myhack58
added 2012/02/10 12:0 a.m.25 views

Android webkit XSS cross-domain Auto-Download vulnerability-vulnerability warning-the black bar safety net

Android Multiple Vulnerabilities Author: www.80vul.com Email:5up3rh3igmail.com Release Date: 2012/2/8 References: http://www.80vul.com/android/android-0days.txt Ph4nt0m Webzine 0x06 has been releasedhttp://www.80vul.com/webzine0x06/,there three papers on the android application security about the...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2008/09/07 12:0 a.m.36 views

Google Chrome Auto download exploit ..

Hello,, Google Chrome Auto download exploit .. Discovered By : HACKERS PAL Copy rights : HACKERS PAL Website : http://www.soqor.net Email Address : [email protected] Tested Successfully on Google Chrome Build 1798 html head titleChrome Auto download Exploit .. By HACKERS PAL/title script functio...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2008/09/06 12:0 a.m.24 views

google-download2.txt

Hello,, Google Chrome Auto download exploit .. Discovered By : HACKERS PAL Copy rights : HACKERS PAL Website : http://www.soqor.net Email Address : [email protected] Tested Successfully on Google Chrome Build 1798 Chrome Auto download Exploit .. By HACKERS PAL function softdownload...

7.4AI score
Exploits0
Rows per page
Query Builder