Lucene search
+L

5 matches found

vulncheck_kev
vulncheck_kev
added 2026/04/15 12:0 a.m.22 views

VulnCheck KEV: CVE-2018-14028

In WordPress 4.9.7, plugins uploaded via the admin area are not verified as being ZIP files. This allows for PHP files to be uploaded. Once a PHP file is uploaded, the plugin extraction fails, but the PHP file remains in a predictable wp-content/uploads location, allowing for an attacker to then...

7.2CVSS6AI score0.17722EPSS
In wildExploits0References2
osv
osv
added 2026/02/28 2:50 a.m.5 views

GHSA-945P-3JHM-6RCP malcontent: Nested archive extraction failure can drop content from scan inputs

Previously, malcontent would remove nested archives which failed to extract which could potentially leave malicious content. A better approach is to preserve these archives so that malcontent can attempt a best-effort scan of the archive bytes. Fix:...

6.9CVSS5.9AI score0.00222EPSS
Exploits0References5
github
github
added 2026/02/28 2:50 a.m.8 views

malcontent: Nested archive extraction failure can drop content from scan inputs

Previously, malcontent would remove nested archives which failed to extract which could potentially leave malicious content. A better approach is to preserve these archives so that malcontent can attempt a best-effort scan of the archive bytes. Fix:...

6.9CVSS5.9AI score0.00222EPSS
Exploits0References5Affected Software1
cvelist
cvelist
added 2026/02/27 9:28 p.m.24 views

CVE-2026-28407 malcontent's nested archive extraction failure can drop content from scan inputs

malcontent is software for discovering supply-chain compromises through context, differential analysis, and YARA. Prior to version 1.21.0, malcontent would remove nested archives which failed to extract which could potentially leave malicious content. A better approach is to preserve these archiv...

6.9CVSS0.00222EPSS
Exploits0References3
cnnvd
cnnvd
added 2023/12/12 12:0 a.m.7 views

Elastic Security Breach

Elastic is the Netherlands Elastic company's set of open source distributed RESTful search engine built on Lucene . The product is mainly used in cloud computing and supports data indexing using JSON over HTTP. A security vulnerability exists in Elastic Agent and Beats versions 7.0.0 through...

6.8CVSS7AI score0.00589EPSS
Exploits0References2
Rows per page
Query Builder