Lucene search
K

11 matches found

CVE
CVE
added 2026/06/29 1:47 p.m.17 views

CVE-2026-56124

CVE-2026-56124 affects phpUploader prior to 2.0.2. An unauthenticated information-disclosure flaw exists where the index model runs an unbounded SELECT and embeds the full JSON-encoded result set in an inline script, exposing uploader IP addresses, Argon2ID key hashes, internal filenames, and SHA...

8.7CVSS5.8AI score0.00365EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/29 1:47 p.m.7 views

EUVD-2026-40114

phpUploader before 2.0.2 contains an unauthenticated information disclosure vulnerability that allows remote attackers to access the full contents of the uploaded-files database table by visiting any page of the application. The index model executes an unbounded SELECT query and embeds the comple...

8.7CVSS5.8AI score0.00365EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-34899

Malicious code in bioql PyPI...

7.1CVSS6.8AI score0.00785EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/10/02 12:0 a.m.15 views

CVE-2023-28760

TP-Link AX1800 WiFi 6 Router Archer AX21 devices allow unauthenticated attackers on the LAN to execute arbitrary code as root via the dbdir field to minidlnad. The attacker obtains the ability to modify files.db, and that can be used to reach a stack-based buffer overflow in...

0.03138EPSS
Exploits1References2
OSV
OSV
added 2025/06/27 2:55 p.m.4 views

GHSA-JJ2R-455P-5GVF filebrowser Sets Insecure File Permissions

Summary The file access permissions for files uploaded to or created from File Browser are never explicitly set by the application. The same is true for the database used by File Browser. On standard servers where the umask configuration has not been hardened before, this makes all the stated fil...

5.5CVSS5.7AI score0.0019EPSS
Exploits1References6
BDU FSTEC
BDU FSTEC
added 2023/04/17 12:0 a.m.6 views

The vulnerability of the MiniDLNA service in the TPDLNA/files.db file of TP-Link Archer AX20 (AX1800) routers allows a hacker to execute arbitrary code.

The vulnerability of the MiniDLNA service in the TPDLNA/files.db file on TP-Link Archer AX20 AX1800 routers is caused by a buffer overflow in the stack. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

7.5CVSS6.2AI score0.03138EPSS
Exploits1References7
OSV
OSV
added 2015/12/17 7:59 p.m.2 views

DEBIAN-CVE-2015-5277

The getcontents function in nssfiles/files-XXX.c in the Name Service Switch NSS in GNU C Library aka glibc or libc6 before 2.20 might allow local users to cause a denial of service heap corruption or gain privileges via a long line in the NSS files database...

7.2CVSS7.2AI score0.00588EPSS
Exploits1References1
Prion
Prion
added 2015/12/17 7:59 p.m.17 views

Heap overflow

The getcontents function in nssfiles/files-XXX.c in the Name Service Switch NSS in GNU C Library aka glibc or libc6 before 2.20 might allow local users to cause a denial of service heap corruption or gain privileges via a long line in the NSS files database...

7.2CVSS6.7AI score0.00588EPSS
Exploits1References13Affected Software6
Debian CVE
Debian CVE
added 2015/12/17 7:0 p.m.30 views

CVE-2015-5277

The getcontents function in nssfiles/files-XXX.c in the Name Service Switch NSS in GNU C Library aka glibc or libc6 before 2.20 might allow local users to cause a denial of service heap corruption or gain privileges via a long line in the NSS files database...

7.2CVSS7.2AI score0.00588EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2015/12/17 12:0 a.m.36 views

CVE-2015-5277

The getcontents function in nssfiles/files-XXX.c in the Name Service Switch NSS in GNU C Library aka glibc or libc6 before 2.20 might allow local users to cause a denial of service heap corruption or gain privileges via a long line in the NSS files database...

7.2CVSS6.9AI score0.00588EPSS
Exploits1References2
Prion
Prion
added 2009/08/12 10:30 a.m.17 views

Design/Logic Flaw

download.php in X10media x10 Automatic Mp3 Search Engine Script 1.5.5 through 1.6 allows remote attackers to read arbitrary files via an encoded url parameter, as demonstrated by obtaining database credentials from includes/constants.php...

5CVSS7.2AI score0.06968EPSS
Exploits1References6Affected Software1
Rows per page
Query Builder