702 matches found
CVE-2026-36760
An issue in the fileMd5 parameter in the /a/file/upload endpoint of JeeSite v5.15.1 allows authenticated attackers with file upload permissions to execute a path traversal and write arbitrary files with whitelisted suffixes to arbitrary filesystem locations while chunked upload is enabled...
CVE-2026-44521
elFinder is an open-source file manager for web, written in JavaScript using jQuery UI. Prior to 2.1.68, an authenticated SQL injection vulnerability in the elFinder MySQL volume driver elFinderVolumeMySQL allows any logged-in user, including users with read-only access to the affected volume, to...
elFinder SQL注入漏洞
ElFinder is an open-source web file manager developed by Studio 42. Versions of ElFinder prior to 2.1.68 contained a SQL injection vulnerability. This vulnerability stemmed from an SQL injection flaw in the MySQL volume driver, allowing any logged-in user to inject SQL statements through a...
EUVD-2026-26393
An issue in the fileMd5 parameter in the /a/file/upload endpoint of JeeSite v5.15.1 allows authenticated attackers with file upload permissions to execute a path traversal and write arbitrary files with whitelisted suffixes to arbitrary filesystem locations while chunked upload is enabled...
Arbitrary File Deletion
Gin-vue-admin is vulnerable to arbitrary file deletion. The vulnerability is due to improper validation of the FileMd5 parameter, which allows an attacker to manipulate file paths and delete arbitrary files or folders on the server...
SUSE CVE-2025-68183
In the Linux kernel, the following vulnerability has been resolved: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr Currently when both IMA and EVM are in fix mode, the IMA signature will be reset to IMA hash if a program first stores IMA signature in security.ima and then...
UBUNTU-CVE-2025-68183
In the Linux kernel, the following vulnerability has been resolved: ima: don't clear IMADIGSIG flag when setting or removing non-IMA xattr Currently when both IMA and EVM are in fix mode, the IMA signature will be reset to IMA hash if a program first stores IMA signature in security.ima and then...
SUSE CVE-2025-66410
Gin-vue-admin is a backstage management system based on vue and gin. In 2.8.6 and earlier, attackers can delete any file on the server at will, causing damage or unavailability of server resources. Attackers can control the 'FileMd5' parameter to delete any file and folder...
CVE-2025-39689
CVE-2025-39689 affects the Linux kernel’s ftrace filter handling. The issue arose because readers (set_ftrace_filter/set_ftrace_notrace) kept a pointer to the global tracer hash, unlike writers who copy the hash. The pointer could remain static across calls that release locks and update the globa...
CVE-2025-21465
Information disclosure while processing the hash segment in an MBN file...
Description of the security update for Visual Studio 2015 Update 3: July 8, 2025 (KB5063035)
None None...
End of support for Office 2016 and Office 2019
None None...
Description of the security update for PowerPoint 2016: July 8, 2025 (KB5002746)
None None...
Description of the security update for Office 2016: April 8, 2025 (KB5002588)
None None...
Description of the security update for Office 2016: April 8, 2025 (KB5002669)
None None...
Description of the security update for Office Online Server: April 8, 2025 (KB5002699)
None None...
Description of the security update for Access 2016: April 8, 2025 (KB5002701)
None None...
Description of the security update for Office 2016: April 8, 2025 (KB5002703)
None None...
Description of the security update for OneNote 2016: April 8, 2025 (KB5002622)
None None...
Description of the security update for Excel 2016: March 11, 2025 (KB5002696)
None None...