Lucene search
K

702 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.10 views

CVE-2026-36760

An issue in the fileMd5 parameter in the /a/file/upload endpoint of JeeSite v5.15.1 allows authenticated attackers with file upload permissions to execute a path traversal and write arbitrary files with whitelisted suffixes to arbitrary filesystem locations while chunked upload is enabled...

9.6CVSS5.7AI score0.00383EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/27 5:16 p.m.13 views

CVE-2026-44521

elFinder is an open-source file manager for web, written in JavaScript using jQuery UI. Prior to 2.1.68, an authenticated SQL injection vulnerability in the elFinder MySQL volume driver elFinderVolumeMySQL allows any logged-in user, including users with read-only access to the affected volume, to...

8.8CVSS5.9AI score0.00243EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2026/05/27 12:0 a.m.13 views

elFinder SQL注入漏洞

ElFinder is an open-source web file manager developed by Studio 42. Versions of ElFinder prior to 2.1.68 contained a SQL injection vulnerability. This vulnerability stemmed from an SQL injection flaw in the MySQL volume driver, allowing any logged-in user to inject SQL statements through a...

8.8CVSS5.9AI score0.00243EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/30 12:0 a.m.6 views

EUVD-2026-26393

An issue in the fileMd5 parameter in the /a/file/upload endpoint of JeeSite v5.15.1 allows authenticated attackers with file upload permissions to execute a path traversal and write arbitrary files with whitelisted suffixes to arbitrary filesystem locations while chunked upload is enabled...

9.6CVSS5.6AI score0.00383EPSS
Exploits0References2
Veracode
Veracode
added 2026/04/16 7:35 a.m.9 views

Arbitrary File Deletion

Gin-vue-admin is vulnerable to arbitrary file deletion. The vulnerability is due to improper validation of the FileMd5 parameter, which allows an attacker to manipulate file paths and delete arbitrary files or folders on the server...

9.1CVSS5.9AI score0.00506EPSS
Exploits1References3Affected Software1
SUSE CVE
SUSE CVE
added 2025/12/17 12:26 a.m.6 views

SUSE CVE-2025-68183

In the Linux kernel, the following vulnerability has been resolved: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr Currently when both IMA and EVM are in fix mode, the IMA signature will be reset to IMA hash if a program first stores IMA signature in security.ima and then...

6.1CVSS6.4AI score0.00168EPSS
Exploits0References28
OSV
OSV
added 2025/12/16 2:15 p.m.7 views

UBUNTU-CVE-2025-68183

In the Linux kernel, the following vulnerability has been resolved: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr Currently when both IMA and EVM are in fix mode, the IMA signature will be reset to IMA hash if a program first stores IMA signature in security.ima and then...

5.7AI score0.00168EPSS
Exploits0References22
SUSE CVE
SUSE CVE
added 2025/12/12 12:24 a.m.6 views

SUSE CVE-2025-66410

Gin-vue-admin is a backstage management system based on vue and gin. In 2.8.6 and earlier, attackers can delete any file on the server at will, causing damage or unavailability of server resources. Attackers can control the 'FileMd5' parameter to delete any file and folder...

9.1CVSS6.9AI score0.00506EPSS
Exploits1References2
CVE
CVE
added 2025/09/05 5:20 p.m.32 views

CVE-2025-39689

CVE-2025-39689 affects the Linux kernel’s ftrace filter handling. The issue arose because readers (set_ftrace_filter/set_ftrace_notrace) kept a pointer to the global tracer hash, unlike writers who copy the hash. The pointer could remain static across calls that release locks and update the globa...

7.8CVSS5.9AI score0.00168EPSS
Exploits0References12Affected Software1
NVD
NVD
added 2025/08/06 8:15 a.m.9 views

CVE-2025-21465

Information disclosure while processing the hash segment in an MBN file...

6.5CVSS0.00085EPSS
Exploits0References1
Microsoft KB
Microsoft KB
added 2025/07/08 2:0 p.m.10 views

End of support for Office 2016 and Office 2019

None None...

7.8CVSS7.2AI score0.0056EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2025/07/08 2:0 p.m.9 views

Description of the security update for Visual Studio 2015 Update 3: July 8, 2025 (KB5063035)

None None...

8.8CVSS7AI score0.00771EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2025/07/08 2:0 p.m.12 views

Description of the security update for PowerPoint 2016: July 8, 2025 (KB5002746)

None None...

7.8CVSS7AI score0.00381EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2025/04/08 7:0 a.m.26 views

Description of the security update for Office 2016: April 8, 2025 (KB5002669)

None None...

7.8CVSS7AI score0.01146EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2025/04/08 7:0 a.m.19 views

Description of the security update for OneNote 2016: April 8, 2025 (KB5002622)

None None...

7.8CVSS7AI score0.00783EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2025/04/08 7:0 a.m.37 views

Description of the security update for Office 2016: April 8, 2025 (KB5002588)

None None...

7.8CVSS7AI score0.00761EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2025/04/08 7:0 a.m.26 views

Description of the security update for Access 2016: April 8, 2025 (KB5002701)

None None...

7.8CVSS7AI score0.00761EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2025/04/08 7:0 a.m.24 views

Description of the security update for Office Online Server: April 8, 2025 (KB5002699)

None None...

7.8CVSS7AI score0.0211EPSS
Exploits4
Microsoft KB
Microsoft KB
added 2025/04/08 7:0 a.m.21 views

Description of the security update for Office 2016: April 8, 2025 (KB5002703)

None None...

7.8CVSS7AI score0.00761EPSS
Exploits0
Microsoft KB
Microsoft KB
added 2025/03/11 7:0 a.m.39 views

Description of the security update for Excel 2016: March 11, 2025 (KB5002696)

None None...

7.8CVSS7AI score0.00669EPSS
Exploits0
Rows per page
Query Builder