Lucene search
+L

1223 matches found

EUVD
EUVD
added 2026/02/26 10:33 p.m.6 views

EUVD-2026-8813

Copyparty vulnerable to reflected XSS via setck parameter...

5.4CVSS5.2AI score0.00163EPSS
Exploits0References4
NVD
NVD
added 2026/02/26 2:16 a.m.8 views

CVE-2026-27948

Copyparty is a portable file server. In versions prior to 1.20.9, an XSS allows for reflected cross-site scripting via URL-parameter ?setck=.... Version 1.20.9 fixes the issue...

6.1CVSS0.00163EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/26 12:0 a.m.12 views

PT-2026-22101

Name of the Vulnerable Software and Affected Versions Copyparty versions prior to 1.20.9 Description Copyparty is a portable file server susceptible to a cross-site scripting issue. A successful exploit allows for reflected cross-site scripting through the URL parameter ?setck=.... Recommendation...

5.4CVSS5.8AI score0.00163EPSS
Exploits0References9
Snyk
Snyk
added 2026/02/24 8:16 p.m.3 views

Improper Neutralization of Equivalent Special Elements

Overview Affected versions of this package are vulnerable to Improper Neutralization of Equivalent Special Elements in matcher.go‎, when matching filenames using the tryfiles directive, which does not properly handle backslashes. An attacker can bypass security protections by exploiting glob...

8.2CVSS6.2AI score0.00323EPSS
Exploits1References2
Amazon
Amazon
added 2026/02/18 12:0 a.m.49 views

Important: kernel6.12

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject duplicate device on updates CVE-2025-38678 In the Linux kernel, the following vulnerability has been resolved: tcpmetrics: use dstdevnetrcu CVE-2025-40075 In the Linux kernel, the...

5.5CVSS6.4AI score0.00519EPSS
Exploits4
Packet Storm
Packet Storm
added 2026/02/18 12:0 a.m.190 views

📄 Rejetto HTTP File Server 2.3m Unauthenticated Remote Code Execution

Proof of concept exploit for an unauthenticated remote code execution vulnerability in Rejetto HTTP File Server version 2.3m that leverages template injection...

9.8CVSS6.5AI score0.99485EPSS
Exploits20
RedHat Linux
RedHat Linux
added 2026/02/16 6:4 p.m.9 views

kernel: smb: client: Fix use-after-free in cifs_fill_dirent

A use-after-free flaw was found in cifsfilldirent in fs/cifs/readdir.c in smb client in the Linux Kernel. This flaw could allow an attacker to crash the system due to race problem. This vulnerability could even lead to a kernel information leak problem...

7CVSS5.8AI score0.00181EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/02/09 6:34 p.m.34 views

CVE-2026-25231 FileRise affected by an Unauthenticated File Read Due to Insufficient Access Control

FileRise is a self-hosted web file manager / WebDAV server. Versions prior to 3.3.0, the application contains an unauthenticated file read vulnerability due to the lack of access control on the /uploads directory. Files uploaded to this directory can be accessed directly by any user who knows or...

7.5CVSS0.00373EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/02/09 1:33 a.m.5 views

CVE-2026-2205

A vulnerability was identified in WeKan up to 8.20. This affects an unknown part of the file server/publications/cards.js of the component Meteor Publication Handler. Such manipulation leads to information disclosure. The attack may be performed from remote. Upgrading to version 8.21 is able to...

5.3CVSS4.7AI score0.00235EPSS
Exploits0References1
NVD
NVD
added 2026/02/08 2:15 a.m.12 views

CVE-2026-2205

A vulnerability was identified in WeKan up to 8.20. This affects an unknown part of the file server/publications/cards.js of the component Meteor Publication Handler. Such manipulation leads to information disclosure. The attack may be performed from remote. Upgrading to version 8.21 is able to...

5.3CVSS0.00235EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/02/08 1:9 a.m.9 views

CVE-2026-2207

A weakness has been identified in WeKan up to 8.20. This issue affects some unknown processing of the file server/publications/activities.js of the component Activity Publication Handler. Executing a manipulation can lead to information disclosure. It is possible to launch the attack remotely...

6.9CVSS5.3AI score0.00342EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/02/06 11:16 p.m.1 views

CVE-2020-37079 Wing FTP Server < 6.2.7 - Cross-site Request Forgery

Wing FTP Server versions prior to 6.2.7 contain a cross-site request forgery CSRF vulnerability in the web administration interface that allows attackers to delete admin users. Attackers can craft a malicious HTML page with a hidden form to submit a request that deletes the administrative user...

5.1CVSS5.3AI score0.0017EPSS
Exploits1References4
CVE
CVE
added 2026/02/05 8:32 p.m.16 views

CVE-2026-1962

CVE-2026-1962 affects WeKan up to 8.20, in the Attachment Migration component (server/attachmentMigration.js). The issue is an improper access control in an unknown function, potentially exploitable remotely. A fix is available: upgrade to WeKan 8.21; patch identifier 053bf1dfb76ef230db162c64a6ed...

9.8CVSS4.8AI score0.00323EPSS
Exploits0References6Affected Software1
Debian CVE
Debian CVE
added 2026/02/04 4:8 p.m.7 views

CVE-2026-23093

In the Linux kernel, the following vulnerability has been resolved: ksmbd: smbd: fix dmaunmapsg nents The dmaunmapsg functions should be called with the same nents as the dmamapsg, not the value the map function returned...

5.5CVSS5.1AI score0.00123EPSS
Exploits0
GithubExploit
GithubExploit
added 2026/01/25 10:51 p.m.269 views

Exploit for Code Injection in Rejetto Http_File_Server

No d...

10CVSS8.2AI score0.99323EPSS
Exploits23
OSV
OSV
added 2026/01/23 2:15 p.m.8 views

CVE-2025-71151 cifs: Fix memory and information leak in smb3_reconfigure()

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory and information leak in smb3reconfigure In smb3reconfigure, if smb3syncsessionctxpasswords fails, the function returns immediately without freeing and erasing the newly allocated newpassword and newpassword2. Thi...

5.5CVSS5.2AI score0.00114EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 7 : samba-4.10.16-15.el7 (AXSA:2021-1874:03)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1874:03 advisory. samba: Negative idmap cache entries can cause incorrect group entries in the Samba file server process token CVE-2021-20254 Tenable has extracted the precedi...

6.8CVSS8.3AI score0.01616EPSS
Exploits0References2
CNVD
CNVD
added 2026/01/19 12:0 a.m.4 views

Microsoft Windows SMB Server Elevation of Privilege Vulnerability (CNVD-2026-10678)

Microsoft Windows SMB Server is a network file-sharing protocol from Microsoft. It allows applications on a computer to read and write files and request services from server programs on a computer network. An elevation of privilege vulnerability exists in Microsoft Windows SMB Server due to...

7.5CVSS5.9AI score0.00784EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/14 11:17 p.m.9 views

CVE-2025-68786

In the Linux kernel, the following vulnerability has been resolved: ksmbd: skip lock-range check on equal size to avoid size==0 underflow When size equals the current isize including 0, the code used to call checklockrangefilp, isize, size - 1, WRITE, which computes size - 1 and can underflow for...

6.1AI score0.00168EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/09 12:32 p.m.8 views

CVE-2023-4118

A vulnerability, which was classified as problematic, was found in Cute Http File Server 2.0. This affects an unknown part of the component Search. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may ...

6.1CVSS5.8AI score0.00466EPSS
Exploits0References1
Rows per page
Query Builder