FUEL CMS 1.4.1 - Remote Code Execution

FUEL CMS 1.4.1 allows PHP Code Evaluation via the pages/select/ filter parameter or the preview/ data parameter. id: CVE-2018-16763 info: name: FUEL CMS 1.4.1 - Remote Code Execution author: pikpikcu severity: critical description: FUEL CMS 1.4.1 allows PHP Code Evaluation via the pages/select/...

HuangDou UTCMS V9 - OS Command Injection

A vulnerability, which was classified as critical, has been found in HuangDou UTCMS V9. Affected by this issue is some unknown functionality of the file app/modules/ut-cac/admin/cli.php. The manipulation of the argument o leads to os command injection.The attack may be launched remotely. The...

vBulletin <= 4.2.3 - SQL Injection

vBulletin versions 3.6.0 through 4.2.3 are vulnerable to an SQL injection vulnerability in the vBulletin core forumrunner addon. The vulnerability allows an attacker to execute arbitrary SQL queries and potentially access sensitive information from the database. id: CVE-2016-6195 info: name:...

OpenEMR <5.0.2 - Local File Inclusion

OpenEMR before 5.0.2 is vulnerable to local file inclusion via the fileName parameter in custom/ajaxdownload.php. An attacker can download any file that is readable by the web server user from server storage. If the requested file is writable for the web server user and the directory...

Cisco VPN Routers - Unauthenticated Arbitrary File Upload

A vulnerability in the web-based management interface of Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an unauthenticated, remote attacker to upload arbitrary files to an affected device. This vulnerability is due to insufficient authorization enforcement...

Netsweeper - Authentication Bypass

The Client Filter Admin portal in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to bypass authentication and subsequently create arbitrary profiles via a showdeny action to the default URL. id: CVE-2014-9618 info: name: Netsweeper - Authentication...

Kentico - Installer Privilege Escalation

Kentico 9.0 before 9.0.51 and 10.0 before 10.0.48 are susceptible to a privilege escalation attack. An attacker can obtain Global Administrator access by visiting CMSInstall/install.aspx and then navigating to the CMS Administration Dashboard. id: CVE-2017-17736 info: name: Kentico - Installer...

Eclipse Jetty ConcatServlet - Information Disclosure

Eclipse Jetty through 9.4.40, through 10.0.2, and through 11.0.2 is susceptible to information disclosure. Requests to the ConcatServlet with a doubly encoded path can access protected resources within the WEB-INF directory, thus enabling an attacker to potentially obtain sensitive information,...

WordPress Plugin DukaPress 2.5.2 - Directory Traversal

A directory traversal vulnerability in the dpimgresize function in php/dp-functions.php in the DukaPress plugin before 2.5.4 for WordPress allows remote attackers to read arbitrary files via a .. dot dot in the src parameter to lib/dpimage.php. id: CVE-2014-8799 info: name: WordPress Plugin...

CVE-2026-46331

creationtimestamp| type| source ---|---|--- 2026-06-26 13:26:58+00:00| seen| https://bsky.app/profile/infosecbriefly.bsky.social/post/3mp72c3a6uv2w 2026-06-26 13:35:18+00:00| seen| https://bsky.app/profile/cybernewsroom.bsky.social/post/3mp72qywylh2d 2026-06-26 13:38:12+00:00| seen|...

gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly

A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in mergehandshakepacket where incoming handshake fragments are matched and merged based solely on handshake type, without validating that the messagelength field remains...

CVE-2026-52958

A flaw was found in the Linux kernel's libceph component. This vulnerability, located within the osdmapdecode function, can lead to an out-of-bounds memory access. A remote attacker could exploit this by sending a specially crafted and corrupted osdmap message, where the maxosd value exceeds the...

CVE-2026-53004

A flaw was found in the Linux kernel's Stream Control Transmission Protocol SCTP implementation. An unprivileged local user could exploit an out-of-bounds write vulnerability in the sctpgetsockoptpeerauthchunks function. This occurs due to an incorrect size check, allowing the kernel to write pas...

CVE-2026-53068

A flaw was found in the Linux kernel's drm/komeda component, specifically within the AFBC framebuffer size validation. An integer overflow occurs when calculating the required buffer size, which could allow a local attacker to provide an undersized graphics memory object. This can lead to...

MantisBT <=2.30 - Arbitrary Password Reset/Admin Access

MantisBT through 2.3.0 allows arbitrary password reset and unauthenticated admin access via an empty confirmhash value to verify.php. id: CVE-2017-7615 THIS TEMPLATE IS ONLY FOR DETECTING To carry out further attacks, please see reference2 below. This template works by guessing user ID. MantisBT...

Gogs 0.5.5 - 0.12.2 - Remote Code Execution

Gogs 0.5.5 through 0.12.2 is susceptible to authenticated remote code execution via the git hooks functionality. There can be a privilege escalation if access to this feature is granted to a user who does not have administrative privileges. NOTE: Since this is mentioned in the documentation but n...

HPE Integrated Lights-out 4 (ILO4) <2.53 - Authentication Bypass

HPE Integrated Lights-out 4 iLO 4 prior to 2.53 was found to contain an authentication bypass and code execution vulnerability. id: CVE-2017-12542 info: name: HPE Integrated Lights-out 4 ILO4 2.53 - Authentication Bypass author: pikpikcu severity: critical description: HPE Integrated Lights-out 4...

Apache Tika < 1.1.8 - Header Command Injection

Apache Tika versions 1.7 to 1.17 allow clients to send carefully crafted headers to tika-server that could be used to inject commands into the command line of the server running tika-server. This vulnerability only affects those running tika-server on a server that is open to untrusted clients. i...

Monitorr 1.7.6m - Unauthenticated Remote Code Execution

Monitorr 1.7.6m is susceptible to a remote code execution vulnerability. Improper input validation and lack of authorization leads to arbitrary file uploads in the web application. An unauthorized attacker with web access to could upload and execute a specially crafted file, leading to remote cod...

CVE-2026-12244

NSD (the DNS server) is affected when configured as a secondary for a zone. A primary can crash NSD by sending an AXFR containing a DNS message with a specially crafted SVCB RR whose rdata size is 65512, which causes an (uint16_t) length to overflow while allocating space for the RR wrap (total s...