Exploit for CVE-2026-42167

CVE-2026-42167 Master Exploit Tool A professional security re...

CLSA-2026-1777539688 sysstat: Fix of 2 CVEs

CVE-2022-39377: sizet overflow in allocatestructures sacommon.c may cause buffer overflow leading to RCE - CVE-2023-33204: integer overflow in checkoverflow common.c - incomplete fix for CVE-2022-39377...

EyouCMS 注入漏洞

EyouCMS is an open-source content management system CMS developed by Eyou Corporation in China, based on ThinkPHP. EyouCMS versions 1.7.9 and earlier have a vulnerability related to injection attacks. This vulnerability arises from improper handling of the sortasc parameter in the GetSortData...

CVE-2025-56099

OS Command Injection vulnerability in Ruijie RG-YST AP3.01B11P280YST250F allowing attackers to execute arbitrary commands via a crafted POST request to the pwdmodify in file /usr/lib/lua/luci/modules/common.lua...

EUVD-2025-25713

Malicious code in bioql PyPI...

CVE-2025-50722

Insecure Permissions vulnerability in sparkshop v.1.1.7 allows a remote attacker to execute arbitrary code via the Common.php component...

CVE-2025-50722

Insecure Permissions vulnerability in sparkshop v.1.1.7 allows a remote attacker to execute arbitrary code via the Common.php component...

CVE-2023-0935

A vulnerability was found in DolphinPHP up to 1.5.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file common.php of the component Incomplete Fix CVE-2021-46097. The manipulation of the argument id leads to os command injection. The attack ca...

kernel: asix: fix uninit-value in asix_mdio_read()

In the Linux kernel, the following vulnerability has been resolved: asix: fix uninit-value in asixmdioread asixreadcmd may read less than sizeofsmsr bytes and in this case smsr will be uninitialized. Fail log: BUG: KMSAN: uninit-value in asixcheckhostenable drivers/net/usb/asixcommon.c:82 inline...

CVE-2023-36321

Connected Vehicle Systems Alliance COVESA up to v2.18.8 was discovered to contain a buffer overflow via the component /shared/dltcommon.c...

CVE-2023-42280

mee-admin 1.5 is vulnerable to Directory Traversal. The download method in the CommonFileController.java file does not verify the incoming data, resulting in arbitrary file reading...

SUSE CVE-2018-19517

An issue was discovered in sysstat 12.1.1. The remapstruct function in sacommon.c has an out-of-bounds read during a memset call, as demonstrated by sadf...

Top 5 ransomware detection techniques: Pros and cons of each

In the fight against ransomware, much of the discussion revolves around prevention and response. Actually detecting the ransomware, however, is just as important to securing your business. To understand why, just consider the following example. Lets say youre a farmer taking care of a flock of...

PT-2022-19825 · Onlyoffice · Onlyoffice Document Server +1

Name of the Vulnerable Software and Affected Versions: Onlyoffice Document Server versions 6.0.0 and below Onlyoffice Core versions 6.1.0.26 and below Description: A stack overflow issue was discovered in the DesktopEditor/common/File.cpp component. Recommendations: For Onlyoffice Document Server...

sysstat: memory corruption due to an integer overflow in remap_struct in sa_common.c

An integer overflow vulnerability was found in sysstat in the way the sadf command processes the contents of data files created by the sar command. A local attacker could exploit this flaw by creating a specially crafted file with malformed data that, when loaded by a victim, causes the applicati...

Grav Input Validation Error Vulnerability

Grav is an extensible CMS Content Management System for personal blogs, small content publishing platforms and one-page product presentations. An input validation error vulnerability exists in the Common/Grav.php file in Grav versions prior to 1.6.23. The vulnerability stems from a web-based syst...

GHSA-536Q-8GXX-M782 Cross-Site Scripting in dojo

Versions of dojo prior to 1.4.2 are vulnerable to DOM-based Cross-Site Scripting XSS. The package does not sanitize URL parameters in the testCommon.js and runner.html test files, allowing attackers to execute arbitrary JavaScript in the victim's browser. Recommendation Upgrade to version 1.4.2 o...

SQL Injection Vulnerability in Global.common.php of DM Enterprise Website System

DM enterprise building system is developed by php + mysql a set of specialized in small and medium-sized enterprise website construction of open source cms. DM enterprise website builder system global.common.php suffers from SQL injection vulnerability. Attackers can use the vulnerability to obta...

Catfish CMS controller/Common.php page has a stored cross-site scripting vulnerability

Catfish catfish CMS is open source PHP content management system. A cross-site scripting vulnerability exists in the Catfish CMS controller/Common.php page. An attacker can insert malicious js code to obtain user cookies and other information, resulting in user hijacking...

PT-2011-1038 · Linux +1 · Libcgroup-Debuginfo +4

Name of the Vulnerable Software and Affected Versions: libcgroup versions prior to 0.37.1 libcgroup-pam version 0.36.1 libcgroup-devel version 0.36.1 libcgroup-debuginfo version 0.36.1 Description: The issue concerns multiple vulnerabilities in the libcgroup package, which can lead to a breach of...