629 matches found
CVE-2026-57828
The Joomla extension Phoca Downloads is vulnerable to an authenticated arbitrary file upload that allows registered users uploading executable files and leads to full RCE...
EUVD-2026-43167
The Joomla extension Phoca Downloads is vulnerable to an authenticated arbitrary file upload that allows registered users uploading executable files and leads to full RCE...
CVE-2026-57828 Joomla Extension - phoca.cz - Authenticated file upload in RSFiles component < 6.1.3
The Joomla extension Phoca Downloads is vulnerable to an authenticated arbitrary file upload that allows registered users uploading executable files and leads to full RCE...
PT-2026-56777
Name of the Vulnerable Software and Affected Versions Balbooa Forms versions prior to 2.4.1 Description The Joomla extension Balbooa Forms contains a flaw in its frontend attachment upload functionality that allows unauthenticated users to upload arbitrary files. Because the system does not...
PYSEC-2026-557 Salesforce Uni2TS has a Code Injection vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in Salesforce Uni2TS on MacOS, Windows, Linux allows Leverage Executable Code in Non-Executable Files.This issue affects Uni2TS: through 1.2.0...
EUVD-2026-39447
The K2 article gallery upload path accepts a zip/tar archive, extracts it under /media/k2/galleries//, and only renames image files gif/jpg/jpeg/png/webp to safe names — non-image files including .php are extracted as-is and remain executable via direct HTTP access...
CVE-2026-48945 Joomla Extension - getk2.org - Privileged RCE vulnerability in K2 extension for Joomla < 2.26
The K2 article gallery upload path accepts a zip/tar archive, extracts it under /media/k2/galleries//, and only renames image files gif/jpg/jpeg/png/webp to safe names — non-image files including .php are extracted as-is and remain executable via direct HTTP access...
CVE-2026-48945 Joomla Extension - getk2.org - Privileged RCE vulnerability in K2 extension for Joomla < 2.26
The K2 article gallery upload path accepts a zip/tar archive, extracts it under /media/k2/galleries//, and only renames image files gif/jpg/jpeg/png/webp to safe names — non-image files including .php are extracted as-is and remain executable via direct HTTP access...
CVE-2026-48704 Warp Markdown notebook links may open executable local files
Warp is an agentic development environment. From 0.2023.10.24.08.03.stable00 until 0.2026.05.06.15.42.stable01, Warp may open executable local files through the operating system default file handler. A malicious Markdown document or project can contain a local-file link that appears as normal...
PT-2026-49010
Name of the Vulnerable Software and Affected Versions Avast Antivirus versions prior to VPS 25040308 AVG Antivirus versions prior to VPS 25040308 Norton Antivirus versions prior to VPS 25040308 Avast One versions prior to VPS 25040308 Avast Business Antivirus versions prior to VPS 25040308...
CVE-2026-48831
Wine ships a .desktop file that registers itself as a MIME handler for EXE files and several other Windows executable file types. In some configurations, handling of an EXE file causes that file to be blindly executed with the permissions of the invoker. This allows escaping Flatpak and Snap...
UBUNTU-CVE-2026-48831
Wine ships a .desktop file that registers itself as a MIME handler for EXE files and several other Windows executable file types. In some configurations, handling of an EXE file causes that file to be blindly executed with the permissions of the invoker. This allows escaping Flatpak and Snap...
CVE-2026-48831
CVE-2026-48831 concerns Wine, where a .desktop file registers as a MIME handler for EXE and other Windows executables. In certain configurations, handling an EXE can cause the file to be executed with the invoker’s permissions, enabling sandbox escapes for Flatpak and Snap, since MIME handlers ar...
CVE-2026-48831
Wine ships a .desktop file that registers itself as a MIME handler for EXE files and several other Windows executable file types. In some configurations, handling of an EXE file causes that file to be blindly executed with the permissions of the invoker. This allows escaping Flatpak and Snap...
CVE-2026-48831
Wine ships a .desktop file that registers itself as a MIME handler for EXE files and several other Windows executable file types. In some configurations, handling of an EXE file causes that file to be blindly executed with the permissions of the invoker. This allows escaping Flatpak and Snap...
EUVD-2021-34801
WordPress Plugin Download From Files version 1.48 and earlier contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by exploiting the AJAX fileupload action. Attackers can send POST requests to the admin-ajax.php endpoint with the...
PT-2026-36499
Name of the Vulnerable Software and Affected Versions WhatsApp for Windows versions prior to 2.3000.1032164386.258709 Description An attachment spoofing issue exists due to improper handling of hidden control characters in filenames. Specifically, the application fails to properly sanitize or...
CVE-2026-6844 Binutils: binutils: denial of service vulnerabilities in readelf via crafted elf files
A flaw was found in the readelf utility of the binutils package. A local attacker could exploit two Denial of Service DoS vulnerabilities by providing a specially crafted Executable and Linkable Format ELF file. One vulnerability, a resource exhaustion CWE-400, can lead to an out-of-memory...
CVE-2026-31843
The goodoneuz/pay-uz Laravel package = 2.2.24 contains a critical vulnerability in the /payment/api/editable/update endpoint that allows unauthenticated attackers to overwrite existing PHP payment hook files. The endpoint is exposed via Route::any without authentication middleware, enabling remot...
CVE-2016-20056 Spy Emergency build 23.0.205 Unquoted Service Path Privilege Escalation
Spy Emergency build 23.0.205 contains an unquoted service path vulnerability in the SpyEmrgHealth and SpyEmrgSrv services that allows local attackers to escalate privileges by inserting malicious executables. Attackers can place executable files in the unquoted service path and trigger service...