Lucene search
K

193924 matches found

BDU FSTEC
BDU FSTEC
added yesterday9 views

The vulnerability of the Kerberos protocol for Windows operating systems allows attackers to increase their privileges.

The vulnerability of the Kerberos protocol for Windows operating systems is related to errors in the mechanism for handling relative pathnames to the directory. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

9CVSS6.1AI score0.02593EPSS
Exploits1References2
GithubExploit
GithubExploit
added yesterday9 views

Exploit for CVE-2026-8713

CVE-2026-8713 — Avada Fusion Builder WordPress Exploit Pre-Aut...

9.1CVSS6.1AI score0.01193EPSS
Exploits1
GithubExploit
GithubExploit
added yesterday10 views

Exploit for Unrestricted Upload of File with Dangerous Type in Joomlic Icagenda

CVE-2026-48939 — iCagenda Joomla RCE Exploit Pre-Auth Arbitrary...

10CVSS5.9AI score0.00522EPSS
Exploits3
GithubExploit
GithubExploit
added yesterday9 views

libextractor-ole2-rce

Stack-Based Buffer Overflow in GNU libextractor ≤ 1.14 OLE2 P...

7AI score
Exploits0
GithubExploit
GithubExploit
added yesterday10 views

Exploit for CVE-2026-14628

Path Traversal Demo - Case Study : CVE-2026-14628 A minimal,...

6.9CVSS6.5AI score0.00551EPSS
Exploits1
NVD
NVD
added yesterday6 views

CVE-2026-59510

AIL Framework contains a path traversal vulnerability in its PDF object handling. Prior to commit 14c618fce4d1df02358717c48ea903706abecdf2, the PDF.getfilepath function constructed a file path by joining the configured PDF storage directory with a path derived from a PDF object identifier, withou...

7.1CVSS
Exploits0References1
Cvelist
Cvelist
added yesterday8 views

CVE-2026-59510 Authenticated Path Traversal in AIL Framework PDF Object Handling Enables Potential Arbitrary File Read

AIL Framework contains a path traversal vulnerability in its PDF object handling. Prior to commit 14c618fce4d1df02358717c48ea903706abecdf2, the PDF.getfilepath function constructed a file path by joining the configured PDF storage directory with a path derived from a PDF object identifier, withou...

7.1CVSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-59510

AIL Framework contains a path traversal vulnerability in its PDF object handling. Prior to commit 14c618fce4d1df02358717c48ea903706abecdf2, the PDF.getfilepath function constructed a file path by joining the configured PDF storage directory with a path derived from a PDF object identifier, withou...

7.1CVSS5.9AI score
Exploits0References2
CVE
CVE
added yesterday8 views

CVE-2026-59510

The CVE concerns AIL Framework’s PDF object handling. The vulnerable code in PDF.get_filepath() joined the configured PDF storage directory with a path derived from a PDF object identifier without ensuring the final path stayed inside the PDF_FOLDER. Authenticated attackers could supply crafted i...

7.1CVSS5.9AI score
Exploits0References1
EUVD
EUVD
added yesterday8 views

EUVD-2026-41775

AIL Framework contains a path traversal vulnerability in its PDF object handling. Prior to commit 14c618fce4d1df02358717c48ea903706abecdf2, the PDF.getfilepath function constructed a file path by joining the configured PDF storage directory with a path derived from a PDF object identifier, withou...

7.1CVSS5.9AI score
Exploits0References1
GithubExploit
GithubExploit
added yesterday21 views

pi-xpi

XPI Security tools for Pi Agent: casefile tracking, web searc...

6.2AI score
Exploits0
RedhatCVE
RedhatCVE
added yesterday2 views

CVE-2026-53359

A flaw was found in the Linux kernel's Kernel-based Virtual Machine KVM x86 shadow paging mechanism. This vulnerability occurs when a page directory entry PDE mapping is changed from outside the guest, leading to an unexpected role mismatch in shadow paging. This mismatch can cause a use-after-fr...

7CVSS6.2AI score0.00176EPSS
Exploits0References4
GithubExploit
GithubExploit
added yesterday19 views

Exploit for Unrestricted Upload of File with Dangerous Type in Ollyo Sp_Page_Builder

CVE-2026-48908 — SP Page Builder Joomla Unauthenticated RCE...

10CVSS6.8AI score0.00734EPSS
Exploits4
Nuclei
Nuclei
added yesterday67 views

DedeCMS 5.7.87 - Directory Traversal

Directory traversal vulnerability in DedeCMS 5.7.87 allows reading sensitive files via the $activepath parameter. id: CVE-2023-2059 info: name: DedeCMS 5.7.87 - Directory Traversal author: pussycat0x severity: medium description: | Directory traversal vulnerability in DedeCMS 5.7.87 allows readin...

5.3CVSS6.1AI score0.02406EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday69 views

Milesight Routers - Information Disclosure

A critical security vulnerability has been identified in Milesight Industrial Cellular Routers, compromising the security of sensitive credentials and permitting unauthorized access. This vulnerability stems from a misconfiguration that results in directory listing being enabled on the router...

7.5CVSS7.2AI score0.60176EPSS
Exploits5References5
Nuclei
Nuclei
added yesterday38 views

Joomla! Component Online Market 2.x - Local File Inclusion

A directory traversal vulnerability in the Online Market commarket component 2.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. dot dot in the controller parameter to index.php. id: CVE-2010-1722 info: name: Joomla! Component Onlin...

6.8CVSS6.1AI score0.09471EPSS
Exploits2References4
Nuclei
Nuclei
added yesterday78 views

Geddy <13.0.8 - Local File Inclusion

Geddy prior to version 13.0.8 contains a directory traversal vulnerability in lib/app/index.js that allows remote attackers to read arbitrary files via a ..%2f dot dot encoded slash in the PATHINFO to the default URI. id: CVE-2015-5688 info: name: Geddy 13.0.8 - Local File Inclusion author:...

5CVSS7.4AI score0.09385EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday68 views

Rstudio Shiny Server <1.5.16 - Local File Inclusion

Rstudio Shiny Server prior to 1.5.16 is vulnerable to local file inclusion and source code leakage. This can be exploited by appending an encoded slash to the URL. id: CVE-2021-3374 info: name: Rstudio Shiny Server 1.5.16 - Local File Inclusion author: geeknik severity: medium description: Rstudi...

5.3CVSS6.2AI score0.14252EPSS
Exploits1References5
Nuclei
Nuclei
added yesterday47 views

WordPress Videos sync PDF <=1.7.4 - Local File Inclusion

WordPress Videos sync PDF 1.7.4 and prior does not validate the p parameter before using it in an include statement, which could lead to local file inclusion. id: CVE-2022-1392 info: name: WordPress Videos sync PDF =1.7.5 or apply the vendor-provided patch to mitigate the vulnerability. reference...

7.5CVSS7AI score0.11088EPSS
Exploits2References5
Nuclei
Nuclei
added yesterday44 views

Barco Control Room Management Suite <=2.9 Build 0275 - Local File Inclusion

Barco Control Room Management through Suite 2.9 Build 0275 is vulnerable to local file inclusion that could allow attackers to access sensitive information and components. Requests must begin with the "GET /...." substring. id: CVE-2022-26233 info: name: Barco Control Room Management Suite =2.9...

7.5CVSS7.1AI score0.15028EPSS
Exploits3References5
Rows per page
Query Builder