24 matches found
CVE-2013-1904
creationtimestamp| type| source ---|---|--- 2026-06-19 16:45:35+00:00| exploited| https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/2895e391-349d-4351-b274-f75a1d633be7 2026-06-23 14:04:08+00:00| exploited|...
CVE-2021-24217
creationtimestamp| type| source ---|---|--- 2026-06-19 12:48:06+00:00| exploited| https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/b4d293c6-01ac-4be3-99ba-fd4146b800cc 2026-06-23 14:04:02+00:00| exploited|...
VulnCheck KEV: CVE-2026-49060
Incorrect Privilege Assignment vulnerability in Hippoo Mobile App for WooCommerce allows Privilege Escalation. This issue affects Hippoo Mobile App for WooCommerce: from n/a through 1.9.4...
CVE-2026-6973
creationtimestamp| type| source ---|---|--- 2026-05-07 07:54:45+00:00| seen| https://ccb.belgium.be/advisories/warning-authenticated-remote-code-execution-vulnerability-ivanti-epmm-exploited-patch 2026-05-07 08:14:00+00:00| seen| https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus-2026-12...
CVE-2025-52572
Hikka, a Telegram userbot, has vulnerability affects all users on all versions of Hikka. Two scenarios are possible. 1. Web interface does not have an authenticated session: attacker can use his own Telegram account to gain RCE to the server by authorizing in the dangling web interface. 2. Web...
CVE-2025-6139
A vulnerability, which was classified as problematic, has been found in TOTOLINK T10 4.1.8cu.5207. Affected by this issue is some unknown functionality of the file /etc/shadow.sample. The manipulation leads to use of hard-coded password. The attack can only be initiated within the local network...
CVE-2024-5048
A vulnerability classified as critical was found in code-projects Budget Management 1.0. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument edit leads to sql injection. The attack can be launched remotely. The exploit has been...
CVE-2022-4959
A vulnerability classified as problematic was found in qkmc-rk redbbs 1.0. Affected by this vulnerability is an unknown functionality of the component Nickname Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the publi...
Linux Distros Unpatched Vulnerability : CVE-2024-53162
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: crypto: qat/qat4xxx - fix off by one in uofgetname The fwobjs array has numobjs elements so...
Linux Distros Unpatched Vulnerability : CVE-2024-23307
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Integer Overflow or Wraparound vulnerability in Linux Linux kernel kernel on Linux, x86, ARM md, raid, raid5 modules allows Forced Integer Overflow...
Linux Distros Unpatched Vulnerability : CVE-2024-26677
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rxrpc: Fix delayed ACKs to not set the reference serial number Fix the construction of delayed ACKs to not set the reference serial number as they can't be used...
Linux Distros Unpatched Vulnerability : CVE-2018-13347
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mpatch.c in Mercurial before 4.6.1 mishandles integer addition and subtraction, aka OVE-20180430-0002. CVE-2018-13347 Note that Nessus relies on the presence of...
Linux Distros Unpatched Vulnerability : CVE-2018-13346
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The mpatchapply function in mpatch.c in Mercurial before 4.6.1 incorrectly proceeds in cases where the fragment start is past the end of the original data, aka...
CVE-2024-11214
A vulnerability has been found in SourceCodester Best Employee Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/profile.php. The manipulation of the argument websiteimage leads to unrestricted upload. The attack can be initiated remotely...
webkitgtk: type confusion may lead to arbitrary code execution
A flaw was found in WebKitGTK. Processing malicious web content may lead to remote code execution due to a type confusion issue. This vulnerability is known to be actively exploited in the wild and was included in the CISA's KEV catalog...
AlmaLinux 9 : fence-agents (ALSA-2024:6726)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:6726 advisory. pypa/setuptools: Remote code execution via download functions in the packageindex module in pypa/setuptools CVE-2024-6345 Tenable has extracted the preceding...
Vulnerabilities in SICK LMS5xx
SICK received a report about multiple vulnerabilities in the SICK LMS5xx, that can be accessed via Ethernet. If exploited, this potentially allows a remote unauthenticated attacker to impact availabiltiy, integrity and confidentaility of the LMS5xx. SICK recommends making sure to run the product ...
Vulnerability fixed in Drupal
A vulnerability has been fixed in Drupal. A malicious party could potentially exploit the vulnerability to execute arbitrary PHP code execute under the application's permissions. To do so, the malicious party needs to upload a rogue .tar, .tar.gz, .bz2, or .tlz file uploaded to the Drupal server...
DRUPAL-CONTRIB-2020-017
This module enables you to build forms and surveys in Drupal. The Webform Node sub-module allows these forms to be associated with a Drupal node. The Webform Node module does not implement access checking in the same manner as other nodes and entities. As such, writers of custom modules which...
Razer: Source Code Disclosure
The tester discovered a PHP file with source code exposed. There was no known exploit...