Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7 matches found

CVE
CVEadded 2025/06/09 3:56 p.m.39 views

CVE-2025-28945

CVE-2025-28945 affects the Valen - Sport, Fashion WooCommerce WordPress Theme (

8.1CVSS7.2AI score0.00547EPSS
Exploits0References1
Tenable Nessus
Tenable Nessusadded 2018/11/05 12:0 a.m.252 views

lighttpd < 1.4.28 Insecure Temporary File Creation

According to its banner, the version of lighttpd running on the remote host is prior to 1.4.28. Therefore, it may be, affected by the following vulnerability : - The configuration file for the FastCGI PHP support for lighttpd before 1.4.28 on Debian GNU/Linux creates a socket file with a...

1.9CVSS7.1AI score0.0004EPSS
Exploits1References2
NVD
NVDadded 2013/03/21 5:55 p.m.10 views

CVE-2013-1427

The configuration file for the FastCGI PHP support for lighttpd before 1.4.28 on Debian GNU/Linux creates a socket file with a predictable name in /tmp, which allows local users to hijack the PHP control socket and perform unauthorized actions such as forcing the use of a different version of PHP...

1.9CVSS6.2AI score0.0004EPSS
Exploits1References4
securityvulns
securityvulnsadded 2013/03/19 12:0 a.m.119 views

[SECURITY] [DSA 2649-1] lighttpd security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2649-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez March 15, 2013 http://www.debian.org/security/faq -...

1.9CVSS1.2AI score0.0004EPSS
Exploits1
Tenable Nessus
Tenable Nessusadded 2013/03/17 12:0 a.m.22 views

Debian DSA-2649-1 : lighttpd - fixed socket name in world-writable directory

Stefan Buhler discovered that the Debian specific configuration file for lighttpd webserver FastCGI PHP support used a fixed socket name in the world-writable /tmp directory. A symlink attack or a race condition could be exploited by a malicious user on the same machine to take over the PHP contr...

1.9CVSS5.3AI score0.0004EPSS
Exploits1References3
Debian
Debianadded 2013/03/15 9:33 p.m.29 views

[SECURITY] [DSA 2649-1] lighttpd security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2649-1 [email protected] http://www.debian.org/security/ Yves-Alexis Perez March 15, 2013 http://www.debian.org/security/faq -...

1.9CVSS5.8AI score0.0004EPSS
Exploits1
OpenVAS
OpenVASadded 2013/03/15 12:0 a.m.23 views

Debian Security Advisory DSA 2649-1 (lighttpd - fixed socket name in world-writable directory)

Stefan Bühler discovered that the Debian specific configuration file for lighttpd webserver FastCGI PHP support used a fixed socket name in the world-writable /tmp directory. A symlink attack or a race condition could be exploited by a malicious user on the same machine to take over the PHP contr...

1.9CVSS6.4AI score0.0004EPSS
Exploits1References1
Rows per page
Query Builder