Lucene search
K

18 matches found

OSV
OSV
added last week2 views

DEBIAN-CVE-2026-40941

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a package import signature validation bypass allows which allows self-signed packages. This issue has been fixed in version 1.2.31...

6.5CVSS5.7AI score0.00159EPSS
Exploits0References1
NVD
NVD
added last week10 views

CVE-2026-40941

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a package import signature validation bypass allows which allows self-signed packages. This issue has been fixed in version 1.2.31...

7.1CVSS0.00159EPSS
Exploits0References3
Debian CVE
Debian CVE
added last week5 views

CVE-2026-40941

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have a package import signature validation bypass allows which allows self-signed packages. This issue has been fixed in version 1.2.31...

7.1CVSS5.8AI score0.00159EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/25 12:0 a.m.6 views

PT-2026-52628

Name of the Vulnerable Software and Affected Versions Cacti versions prior to 1.2.31 Description Cacti is an open source performance and fault management framework. The software contains a package import signature validation bypass that allows the use of self-signed packages. Recommendations Upda...

7.1CVSS5.8AI score0.00159EPSS
Exploits0References6
NVD
NVD
added 2026/06/24 11:16 p.m.9 views

CVE-2026-39899

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Path Traversal via filename parameter in packageimport.php. This issue has been fixed in version 1.2.31...

6.9CVSS0.00261EPSS
Exploits0References2
OSV
OSV
added 2026/06/24 11:16 p.m.2 views

UBUNTU-CVE-2026-39899

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Path Traversal via filename parameter in packageimport.php. This issue has been fixed in version 1.2.31...

6.9CVSS5.7AI score0.00261EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2026/06/24 10:33 p.m.4 views

CVE-2026-39899

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior are vulnerable to Path Traversal via filename parameter in packageimport.php. This issue has been fixed in version 1.2.31...

6.9CVSS5.7AI score0.00261EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/24 12:0 a.m.6 views

PT-2026-52134

Name of the Vulnerable Software and Affected Versions Cacti versions prior to 1.2.31 Description Cacti is an open source performance and fault management framework. The software contains a path traversal flaw in the 'package import.php' endpoint, where the filename parameter is not properly...

6.9CVSS5.8AI score0.00261EPSS
Exploits0References6
OSV
OSV
added 2026/04/16 10:9 a.m.5 views

MAL-2026-2790 Malicious code in package-with-import-assertions (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 607b154dcfd87f209bf01efe33fdd864fe77432b9c7a246b4520d137236afe1c The package package-with-import-assertions was found to contain malicious code...

5.7AI score
Exploits0
GithubExploit
GithubExploit
added 2024/08/29 6:27 a.m.532 views

Exploit for Improper Input Validation in Cacti

CVE-2024-25641 - Cacti 1.2.26 - Arbitrary file write to RCE 🌵...

9.1CVSS8.7AI score0.86303EPSS
Exploits17
GithubExploit
GithubExploit
added 2024/08/27 1:19 a.m.652 views

Exploit for Improper Input Validation in Cacti

CVE-2024-25641-RCE-Automated-Exploit-Cacti-1.2.26 Fully auto...

9.1CVSS9.6AI score0.86303EPSS
Exploits17
Citrix
Citrix
added 2024/07/13 12:0 a.m.5 views

After importing of an OVF package from a VMware environment Virtual Machine Fails to Boot with STOP 7B or 'Device Does Not Exist'

After importing of an OVF package from a VMware environment, a Windows virtual machine fails with a STOP 0x0000007B error, or a Linux virtual machine does not boot because a device /dev/sda1 for example does not exist. On a Windows virtual machine a STOP 0x0000007B error occurs. On a Linux virtua...

7.1AI score
Exploits0
SUSE CVE
SUSE CVE
added 2024/05/15 2:32 a.m.4 views

SUSE CVE-2024-25641

Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, an arbitrary file write vulnerability, exploitable through the "Package Import" feature, allows authenticated users having the "Import Templates" permission to execute arbitrary PHP code on the web...

7.2CVSS7.7AI score0.86303EPSS
Exploits17References5
OSV
OSV
added 2024/05/14 3:5 p.m.3 views

DEBIAN-CVE-2024-25641

Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, an arbitrary file write vulnerability, exploitable through the "Package Import" feature, allows authenticated users having the "Import Templates" permission to execute arbitrary PHP code on the web...

7.2CVSS9.3AI score0.86303EPSS
Exploits17References1
OSV
OSV
added 2024/05/14 3:5 p.m.1 views

UBUNTU-CVE-2024-25641

Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, an arbitrary file write vulnerability, exploitable through the "Package Import" feature, allows authenticated users having the "Import Templates" permission to execute arbitrary PHP code on the web...

9.1CVSS7.7AI score0.86303EPSS
Exploits17References5
Cvelist
Cvelist
added 2024/05/13 1:28 p.m.40 views

CVE-2024-25641 Cacti RCE vulnerability when importing packages

Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, an arbitrary file write vulnerability, exploitable through the "Package Import" feature, allows authenticated users having the "Import Templates" permission to execute arbitrary PHP code on the web...

9.1CVSS9.6AI score0.86303EPSS
Exploits17References4
Vulnrichment
Vulnrichment
added 2024/05/13 1:28 p.m.111 views

CVE-2024-25641 Cacti RCE vulnerability when importing packages

Cacti provides an operational monitoring and fault management framework. Prior to version 1.2.27, an arbitrary file write vulnerability, exploitable through the "Package Import" feature, allows authenticated users having the "Import Templates" permission to execute arbitrary PHP code on the web...

9.1CVSS7.5AI score0.86303EPSS
Exploits17References4
OSV
OSV
added 2022/12/14 12:15 a.m.5 views

CVE-2022-40264

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in ICONICS/Mitsubishi Electric GENESIS64 versions 10.96 to 10.97.2 allows an unauthenticated attacker to create, tamper with or destroy arbitrary files by getting a legitimate user import a project package...

7.1CVSS5.9AI score0.00299EPSS
Exploits0References4
Rows per page
Query Builder