43681 matches found
CVE-2025-15467 Stack buffer overflow in CMS (Auth)EnvelopedData parsing
Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When parsing CMS...
CVE-2025-15467
Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When parsing CMS...
CVE-2025-15467
CVE-2025-15467 describes a stack buffer overflow in OpenSSL when parsing CMS AuthEnvelopedData/EnvelopedData with AEAD ciphers (e.g., AES-GCM). The issue occurs when the ASN.1 IV parameter is copied into a fixed-size stack buffer without length checks, allowing a crafted CMS message with an overs...
CVE-2025-15467
Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When parsing CMS...
CVE-2021-47900 Gila CMS < 2.0.0 - Remote Code Execution
Gila CMS versions prior to 2.0.0 contain a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands through manipulated HTTP headers. Attackers can inject PHP code in the User-Agent header with shellexec to run system commands by sending craft...
CVE-2021-47900
Gila CMS
CVE-2021-47900
Gila CMS versions prior to 2.0.0 contain a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands through manipulated HTTP headers. Attackers can inject PHP code in the User-Agent header with shellexec to run system commands by sending craft...
EUVD-2021-34749
Gila CMS versions prior to 2.0.0 contain a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands through manipulated HTTP headers. Attackers can inject PHP code in the User-Agent header with shellexec to run system commands by sending craft...
CVE-2020-36942 Victor CMS 1.0 - File Upload To RCE
Victor CMS 1.0 contains a file upload vulnerability that allows authenticated users to upload malicious PHP files through the profile image upload feature. Attackers can upload a PHP shell to the /img directory and execute system commands by accessing the uploaded file via web browser...
CVE-2020-36942
CVE-2020-36942 affects Victor CMS 1.0: authenticated users can upload PHP files via the profile image upload, enabling a PHP shell in the /img directory and browser-based command execution. The entry notes high impact to confidentiality, integrity, and availability. The documents do not provide a...
openssl: Out-of-bounds read & write in RFC 3211 KEK Unwrap
A flaw was found in the OpenSSL CMS implementation RFC 3211 KEK Unwrap. This vulnerability allows memory corruption, an application level denial of service, or potential execution of attacker-supplied code via crafted CMS messages using password-based encryption PWRI...
PT-2026-5028
Name of the Vulnerable Software and Affected Versions Ghost versions 5.43.0 through 5.12.04 Ghost versions 6.0.0 through 6.14.0 Ghost Portal versions 2.29.1 through 2.51.4 Ghost Portal versions 2.52.0 through 2.57.0 Description Ghost is a content management system. An attacker can create a...
PT-2026-5009
Name of the Vulnerable Software and Affected Versions GnuPG versions prior to 2.5.17 Description A specially crafted CMS S/MIME EnvelopedData message with an oversized wrapped session key can lead to a stack-based buffer overflow in gpg-agent during PKDECRYPT--kem=CMS handling. This can result in...
PT-2026-4931
Gila CMS versions prior to 2.0.0 contain a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands through manipulated HTTP headers. Attackers can inject PHP code in the User-Agent header with shell exec to run system commands by sending...
PT-2026-5042
Name of the Vulnerable Software and Affected Versions DNN formerly DotNetNuke versions 9.0.0 through 9.13.9 DNN formerly DotNetNuke versions 10.0.0 through 10.1.x Description DNN formerly DotNetNuke is an open-source web content management platform. A module friendly name can include scripts that...
UBUNTU-CVE-2025-15467
Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When parsing CMS...
Gila CMS security vulnerability
Gila CMS is a set of open-source content management systems CMS developed by Gila CMS Inc., based on PHP and MySQL. Versions of Gila CMS prior to 2.0.0 contained security vulnerabilities; these vulnerabilities stemmed from unvalidated HTTP headers, which could allow unauthorized attackers to...
PT-2026-5039
DNN formerly DotNetNuke is an open-source web content management platform CMS in the Microsoft ecosystem. Starting in version 9.0.0 and prior to versions 9.13.10 and 10.2.0, a content editor could inject scripts in module headers/footers that would run for other users. Versions 9.13.10 and 10.2.0...
PT-2026-5043
Name of the Vulnerable Software and Affected Versions DNN formerly DotNetNuke versions prior to 9.13.10 DNN formerly DotNetNuke versions prior to 10.2.0 Description DNN formerly DotNetNuke is an open-source web content management platform. Prior to versions 9.13.10 and 10.2.0, the module title...
OpenSSL -- Multiple vulnerabilities
The OpenSSL project reports: Improper validation of PBMAC1 parameters in PKCS12 MAC verification CVE-2025-11187 Stack buffer overflow in CMS AuthEnvelopedData parsing CVE-2025-15467 NULL dereference in SSLCIPHERfind function on unknown cipher ID CVE-2025-15468 "openssl dgst" one-shot codepath...