Lucene search
K

49 matches found

CNNVD
CNNVD
added 2024/09/10 12:0 a.m.4 views

phpok 安全漏洞

phpok is an extension-enabled enterprise website builder from the phpok team. A security vulnerability exists in phpok v3.0, which originates from an arbitrary file read vulnerability via component /autoload/file.php...

7.5CVSS6.9AI score0.01018EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2024/09/10 12:0 a.m.9 views

CVE-2024-44867

phpok v3.0 was discovered to contain an arbitrary file read vulnerability via the component /autoload/file.php...

7.6AI score0.01018EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/09/10 12:0 a.m.14 views

CVE-2024-44867

phpok v3.0 was discovered to contain an arbitrary file read vulnerability via the component /autoload/file.php...

0.01018EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/06/19 12:0 a.m.24 views

Fedora 40 : composer (2024-9ed24c98cd)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-9ed24c98cd advisory. Version 2.7.7 2024-06-10 Security: Fixed command injection via malicious git branch name GHSA-47f6-5gq3-vx9c / CVE-2024-35241 Security: Fixed multip...

8.8CVSS8AI score0.03282EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2024/04/25 11:11 p.m.3 views

SUSE CVE-2024-26925

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: release mutex after nftgcseqend from abort path The commit mutex should not be released during the critical section between nftgcseqbegin and nftgcseqend, otherwise, async GC worker could collect expired...

7CVSS6.5AI score0.00258EPSS
Exploits0References19
OSV
OSV
added 2024/04/25 6:15 a.m.0 views

DEBIAN-CVE-2024-26925

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: release mutex after nftgcseqend from abort path The commit mutex should not be released during the critical section between nftgcseqbegin and nftgcseqend, otherwise, async GC worker could collect expired...

5.5CVSS5.7AI score0.00258EPSS
Exploits0References1
OSV
OSV
added 2024/04/25 6:15 a.m.13 views

UBUNTU-CVE-2024-26925

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: release mutex after nftgcseqend from abort path The commit mutex should not be released during the critical section between nftgcseqbegin and nftgcseqend, otherwise, async GC worker could collect expired...

5.5CVSS6.2AI score0.00258EPSS
Exploits0References31
SUSE CVE
SUSE CVE
added 2023/02/15 5:59 a.m.6 views

SUSE CVE-2010-1168

The Safe aka Safe.pm module before 2.25 for Perl allows context-dependent attackers to bypass intended 1 Safe::reval and 2 Safe::rdo access restrictions, and inject and execute arbitrary code, via vectors involving implicitly called methods and implicitly blessed objects, as demonstrated by the a...

7.5CVSS7.5AI score0.03715EPSS
Exploits2References8
CNNVD
CNNVD
added 2022/03/28 12:0 a.m.7 views

WordPress plugin WordPress File Upload Free and Pro 路径遍历漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL server set up a personal blog site . WordPress plugin is an open source WordPress application plugin . A path traversal vulnerability exists in the WordPress Fil...

8.8CVSS6AI score0.02849EPSS
Exploits2References3
OSV
OSV
added 2022/02/14 12:15 p.m.4 views

CVE-2022-0214

The Custom Popup Builder WordPress plugin before 1.3.1 autoload data from its popup on every pages, as such data can be sent by unauthenticated user, and is not validated in length, this could cause a denial of service on the blog...

7.5CVSS5.8AI score
Exploits0References1
OpenVAS
OpenVAS
added 2022/01/28 12:0 a.m.20 views

Mageia: Security Advisory (MGASA-2015-0017)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.5AI score0.03167EPSS
Exploits4References8
OSV
OSV
added 2021/07/21 3:15 p.m.3 views

CVE-2021-25698

The OpenSSL component of the Teradici PCoIP Standard Agent prior to version 21.07.0 was compiled without the no-autoload-config option, which allowed an attacker to elevate to the privileges of the running process via placing a specially crafted dll in a build configuration directory...

7.8CVSS7.1AI score0.00406EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2020/01/06 12:0 a.m.75 views

Fedora 31 : php (2019-a54a622670)

PHP version 7.3.13 18 Dec 2019 Bcmath: - Fixed bug php78878 Buffer underflow in bcshiftaddsub. CVE-2019-11046. cmb Core: - Fixed bug php78862 link silently truncates after a null byte on Windows. CVE-2019-11044. cmb - Fixed bug php78863 DirectoryIterator class silently truncates after a null byte...

9.8CVSS6.9AI score0.08818EPSS
Exploits5References7
RedhatCVE
RedhatCVE
added 2019/11/14 3:7 p.m.23 views

CVE-2019-18680

A flaw was found in the Linux kernel's implementation of RDS over TCP. A system that has the rdstcp kernel module that is loaded through an autoload via a local process running listen, or manual loading, could possibly cause a kernel panic. Mitigation While this is a network protocol being...

7.8CVSS0.6AI score0.03638EPSS
Exploits1References3
Fedora
Fedora
added 2019/06/28 5:21 a.m.48 views

[SECURITY] Fedora 29 Update: php-brumann-polyfill-unserialize-1.0.3-1.fc29

Backports unserialize options introduced in PHP 7.0 to older PHP versions. This was originally designed as a Proof of Concept for Symfony Issue 21090. You can use this package in projects that rely on PHP versions older than P HP 7.0. In case you are using PHP 7.0+ the original unserialize will b...

9.8CVSS2.6AI score0.05586EPSS
Exploits0
OSV
OSV
added 2018/06/26 7:29 p.m.13 views

CVE-2018-12712

An issue was discovered in Joomla! 2.5.0 through 3.8.8 before 3.8.9. The autoload code checks classnames to be valid, using the "classexists" function in PHP. In PHP 5.3, this function validates invalid names as valid, which can result in a Local File Inclusion...

8.8CVSS8.7AI score
Exploits0References3
Joomla! Vulnerable Extensions List
Joomla! Vulnerable Extensions List
added 2018/04/23 12:0 a.m.44 views

[20180601] - Core - Local File Inclusion with PHP 5.3

Our autoload code checks classnames to be valid, using the "classexists" function in PHP. In PHP 5.3 this function validates invalid names as valid, which can result in a Local File Inclusion...

8.8CVSS1.7AI score0.02319EPSS
Exploits0Affected Software1
Fedora
Fedora
added 2016/08/01 4:40 p.m.31 views

[SECURITY] Fedora 24 Update: php-doctrine-common-2.5.3-1.fc24

The Doctrine Common project is a library that provides extensions to core P HP functionality. Autoloader: /usr/share/php/Doctrine/Common/autoload.php...

7.8CVSS2.3AI score0.00381EPSS
Exploits0
securityvulns
securityvulns
added 2015/05/12 12:0 a.m.74 views

[ MDVSA-2015:167 ] glpi

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Mandriva Linux Security Advisory MDVSA-2015:167 http://www.mandriva.com/en/support/security/ Package : glpi Date : March 30, 2015 Affected: Business Server 2.0 Problem Description: Updated glpi package fixes security vulnerabilities: Due to a bug in...

7.5CVSS7.1AI score0.03167EPSS
Exploits4
ATTACKERKB
ATTACKERKB
added 2015/04/14 6:59 p.m.5 views

CVE-2014-8360

Directory traversal vulnerability in inc/autoload.function.php in GLPI before 0.84.8 allows remote attackers to include and execute arbitrary local files via a .. dot dot underscore in an item type to the getItemForItemtype, as demonstrated by the itemtype parameter in ajax/common.tabs.php...

7.5CVSS6AI score0.02845EPSS
Exploits0References6
Rows per page
Query Builder