Lucene search
+L

47 matches found

OSV
OSV
added 2024/07/16 12:15 p.m.16 views

UBUNTU-CVE-2022-48829

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes iattr::iasize is a lofft, so these NFSv3 procedures must be careful to deal with incoming client size values that are larger than s64max without corrupting the value...

5.5CVSS6.6AI score0.00254EPSS
Exploits0References7
OSV
OSV
added 2024/03/13 4:15 p.m.4 views

CVE-2024-28683

DedeCMS v5.7 was discovered to contain a cross-site scripting XSS vulnerability via create file...

6.1CVSS5.7AI score0.00472EPSS
Exploits1References1
NVD
NVD
added 2024/03/13 4:15 p.m.20 views

CVE-2024-28683

DedeCMS v5.7 was discovered to contain a cross-site scripting XSS vulnerability via create file...

6.1CVSS6.1AI score0.00472EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/03/13 12:0 a.m.13 views

CVE-2024-28683

DedeCMS v5.7 was discovered to contain a cross-site scripting XSS vulnerability via create file...

6.2AI score0.00472EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/03/13 12:0 a.m.25 views

CVE-2024-28683

DedeCMS v5.7 was discovered to contain a cross-site scripting XSS vulnerability via create file...

6.1AI score0.00472EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/03/13 12:0 a.m.4 views

Desdev DedeCMS Security Breach

Desdev DedeCMS Dream Weaving Content Management System is a PHP-based open-source content management system CMS of China Zhuozhuo network Desdev company. The system has the functions of content publishing, content management, content editing and content retrieval. A security vulnerability exists ...

6.1CVSS6AI score0.00472EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/03/13 12:0 a.m.5 views

PT-2024-22525 · Dedecms · Dedecms

Name of the Vulnerable Software and Affected Versions: DedeCMS version 5.7 Description: A cross-site scripting XSS issue was found in DedeCMS via the create file functionality. This allows an attacker to inject malicious scripts into the website, potentially leading to unauthorized access or...

6.1CVSS6AI score0.00472EPSS
Exploits1References5
Prion
Prion
added 2022/10/07 10:15 p.m.15 views

Path traversal

Panini Everest Engine 2.0.4 allows unprivileged users to create a file named Everest.exe in the %PROGRAMDATA%\Panini folder. This leads to privilege escalation because a service, running as SYSTEM, uses the unquoted path of %PROGRAMDATA%\Panini\Everest Engine\EverestEngine.exe and therefore a...

4.3CVSS7.7AI score0.00582EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2021/11/05 12:0 a.m.3 views

PT-2021-23172 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.7.0 TensorFlow versions 2.6.1 and earlier TensorFlow versions 2.5.2 and earlier TensorFlow versions 2.4.4 and earlier Description: In affected versions, if tf.summary.create file writer is called with non-scalar...

6.8CVSS5.4AI score0.0023EPSS
Exploits1References14
OSV
OSV
added 2020/10/16 1:15 p.m.6 views

CVE-2019-18795

The BASS Audio Library 2.4.14 under Windows is prone to a BASSStreamCreateFile out of bounds read vulnerability via a crafted .wav file. An attacker can exploit this issues to gain access to sensitive information that may aid in further attacks. A failure in exploitation leads to denial of servic...

6.5CVSS5.8AI score0.0129EPSS
Exploits0References2
OSV
OSV
added 2020/10/16 1:15 p.m.7 views

CVE-2019-18794

The BASS Audio Library 2.4.14 under Windows is prone to a BASSStreamCreateFile Use after Free vulnerability via a crafted .ogg file. An attacker can exploit this to gain access to sensitive information that may aid in further attacks. A failure in exploitation leads to denial of service...

6.5CVSS6.6AI score0.01085EPSS
Exploits0References2
Metasploit
Metasploit
added 2020/02/01 12:41 a.m.42 views

Windscribe WindscribeService Named Pipe Privilege Escalation

The Windscribe VPN client application for Windows makes use of a Windows service WindscribeService.exe which exposes a named pipe \.\pipe\WindscribeService allowing execution of programs with elevated privileges. Windscribe versions prior to 1.82 do not validate user-supplied program names,...

7.8CVSS7.4AI score0.09905EPSS
Exploits4
OSV
OSV
added 2019/12/12 8:15 p.m.1 views

DEBIAN-CVE-2019-19770

In the Linux kernel 4.19.83, there is a use-after-free read in the debugfsremove function in fs/debugfs/inode.c which is used to remove a file or directory in debugfs that was previously created with a call to another debugfs function such as debugfscreatefile. NOTE: Linux kernel developers dispu...

8.2CVSS6.4AI score0.02447EPSS
Exploits1References1
CNVD
CNVD
added 2018/07/02 12:0 a.m.7 views

OneFileCMS Arbitrary PHP Code Execution Vulnerability

OneFileCMS is a lightweight CMS system. The system runs on PHP and JavaScript and includes features such as document editing, file uploading and file management. A security vulnerability exists in the onefilecms.php file in OneFileCMS version 2012-04-14 and earlier. The vulnerability can be...

8.8CVSS9AI score0.01217EPSS
Exploits1References1
CNVD
CNVD
added 2017/06/08 12:0 a.m.5 views

Fastspot BigTree CMS SQL Injection Vulnerability (CNVD-2017-08707)

Fastspot BigTree CMS is the United States Fastspot company based on PHP and MySQL open source content management system CMS. A SQL injection vulnerability exists in Fastspot BigTree CMS 4.2.18 and earlier versions. A remote attacker can exploit this vulnerability to execute arbitrary SQL commands...

8.8CVSS8.6AI score0.01066EPSS
Exploits0References1
Exploit DB
Exploit DB
added 2015/09/07 12:0 a.m.28 views

Linux/x86 - Create file with permission 7775 and exit Shell Generator

Linux/x86 - Create file with permission 7775 and exit Shell Generator. Shellcode exploit for linx86 platform !/bin/python from sys import argv """ Shellcode Generator... Create file with permission 7775 --------------------------------------------------------------------------------- Disassembly ...

0.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

Telnet-Ftp Service Server 1.x - Multiple Vulnerabilities (Post Auth)

No description provided by source. / Telnet-Ftp Service Server v1.x ------------------------------ Multiple Vulnerability: -Remote Creat File -Remote Delet File -Remote Creat Directory -Remote Delet Directory -Remote Get File -Remote Crash...

7.1AI score
Exploits0
Kitploit
Kitploit
added 2014/06/03 7:12 p.m.197 views

Simple SQLi Dumper v5.1 - Tool to find bugs, errors or vulnerabilities in MySQL database

SSDp is an usefull penetration tool to find bugs, errors or vulnerabilities in MySQL database. Functions SQL Injection Operation System Function Dump Database Extract Database Schema Search Columns Name Read File read only Create File read only Brute Table & Column Download Simple SQLi Dumper v5....

8AI score
Exploits0
0day.today
0day.today
added 2013/05/26 12:0 a.m.33 views

XOOPS 2.5.6 CSRF Vulnerability

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

7.1AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2011/08/29 12:0 a.m.15 views

BitDefender IS2011 - FV Buffer Overflow Vulnerability

Document Title: =============== BitDefender IS2011 - FV Buffer Overflow Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=147 Release Date: ============= 2011-08-29 Vulnerability Laboratory ID VL-ID: ==================================== 147...

Exploits0
Rows per page
Query Builder