Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

33 matches found

Tenable Nessus
Tenable Nessusadded 2025/09/02 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2019-11038

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When using the gdImageCreateFromXbm function in the GD Graphics Library aka LibGD 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2...

5.3CVSS5.5AI score0.1054EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2022/11/09 12:0 a.m.26 views

CentOS 8 : php:8.0 (CESA-2022:7624)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2022:7624 advisory. - php: Use after free due to phpfilterfloat failing for ints CVE-2021-21708 - php: Uninitialized array in pgqueryparams leading to RCE CVE-2022-31625...

9.8CVSS7.7AI score0.01479EPSS
Exploits2References3
OpenVAS
OpenVASadded 2022/01/28 12:0 a.m.29 views

Mageia: Security Advisory (MGASA-2014-0162)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS7.2AI score0.30772EPSS
Exploits1References9
OpenVAS
OpenVASadded 2022/01/28 12:0 a.m.25 views

Mageia: Security Advisory (MGASA-2014-0258)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS8.3AI score0.2611EPSS
Exploits0References7
OpenVAS
OpenVASadded 2022/01/28 12:0 a.m.25 views

Mageia: Security Advisory (MGASA-2013-0176)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS5.8AI score0.13058EPSS
Exploits1References6
OpenVAS
OpenVASadded 2022/01/28 12:0 a.m.22 views

Mageia: Security Advisory (MGASA-2013-0172)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS5.8AI score0.13058EPSS
Exploits1References5
OpenVAS
OpenVASadded 2022/01/28 12:0 a.m.28 views

Mageia: Security Advisory (MGASA-2014-0367)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS7.9AI score0.30214EPSS
Exploits1References6
OpenVAS
OpenVASadded 2022/01/28 12:0 a.m.18 views

Mageia: Security Advisory (MGASA-2014-0178)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

5CVSS8.8AI score0.01128EPSS
Exploits1References7
OpenVAS
OpenVASadded 2022/01/28 12:0 a.m.23 views

Mageia: Security Advisory (MGASA-2013-0264)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS6AI score0.09892EPSS
Exploits4References7
OpenVAS
OpenVASadded 2022/01/28 12:0 a.m.21 views

Mageia: Security Advisory (MGASA-2013-0233)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS8AI score0.19022EPSS
Exploits0References6
OpenVAS
OpenVASadded 2022/01/28 12:0 a.m.25 views

Mageia: Security Advisory (MGASA-2013-0216)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS8AI score0.19022EPSS
Exploits0References6
Tenable Nessus
Tenable Nessusadded 2020/03/02 12:0 a.m.46 views

openSUSE Security Update : cacti / cacti-spine (openSUSE-2020-272)

This update for cacti, cacti-spine fixes the following issues : cacti-spine was updated to version 1.2.9. Security issues fixed : - CVE-2009-4112: Fixed a privilege escalation bsc1122535. - CVE-2018-20723: Fixed a cross-site scripting XSS vulnerability bsc1122245. - CVE-2018-20724: Fixed a...

9CVSS6.8AI score0.42974EPSS
Exploits9References23
OpenVAS
OpenVASadded 2020/01/23 12:0 a.m.41 views

Huawei EulerOS: Security Advisory for php (EulerOS-SA-2018-1224)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.1AI score0.52703EPSS
Exploits0References2
Exploit DB
Exploit DBadded 2019/12/06 12:0 a.m.330 views

Verot 2.0.3 - Remote Code Execution

Exploit Title: Verot 2.0.3 - Remote Code Execution Date: 2019-12-05 Exploit Author: Jinny Ramsmark Vendor Homepage: https://www.verot.net/phpclassupload.htm Software Link: https://github.com/verot/class.upload.php Version: '; $quality = "85"; $baseurl = "http://lorempixel.com"; echo "-=Imagejpeg...

9.8CVSS9.8AI score0.50575EPSS
Exploits7
Debian CVE
Debian CVEadded 2019/06/18 11:28 p.m.36 views

CVE-2019-11038

When using the gdImageCreateFromXbm function in the GD Graphics Library aka LibGD 2.2.5, as used in the PHP GD extension in PHP versions 7.1.x below 7.1.30, 7.2.x below 7.2.19 and 7.3.x below 7.3.6, it is possible to supply data that will cause the function to use the value of uninitialized...

5.3CVSS5.4AI score0.1054EPSS
Exploits1
ATTACKERKB
ATTACKERKBadded 2019/02/20 12:0 a.m.103 views

Wordpress Post Meta Entry RCE

Exploiting a local file inclusion vulnerability and directory traversal vulnerability in Wordpress versions 5.0.0 and prior to v4.9.9 can result in RCE. Recent assessments: space-r7 at May 09, 2019 5:57pm UTC reported: Details This exploit requires authentication and either the php-imagick or...

8.8CVSS3.8AI score0.9373EPSS
Exploits10References11
Tenable Nessus
Tenable Nessusadded 2017/09/27 12:0 a.m.32 views

FreeBSD : php-gd and gd -- Buffer over-read into uninitialized memory (5033e2fc-98ec-4ef5-8e0b-87cfbbc73081)

PHP developers report : The GIF decoding function gdImageCreateFromGifCtx in gdgifin.c in the GD Graphics Library aka libgd, as used in PHP before 5.6.31 and 7.x before 7.1.7, does not zero colorMap arrays before use. A specially crafted GIF image could use the uninitialized tables to read 700...

6.5CVSS6.5AI score0.30217EPSS
Exploits0References3
myhack58
myhack58added 2014/12/13 12:0 a.m.23 views

Burrow position: special upload tips, bypassing the PHP picture Converter to achieve remote code execution RCE-a vulnerability warning-the black bar safety net

I use a special image upload tips, bypassing the PHP GD library for image conversion processing, and ultimately successfully achieve remote code execution. The way it is. I was testing the site on whether there is asql injectionvulnerabilities, inadvertently I'm on the site personal page found a...

1.1AI score
Exploits0
Amazon
Amazonadded 2013/12/17 12:0 a.m.75 views

Critical: php

Issue Overview: The asn1timetotimet function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse 1 notBefore and 2 notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of...

7.5CVSS8.2AI score0.40224EPSS
Exploits8
Kitploit
Kitploitadded 2013/11/04 3:21 a.m.134 views

[FoxOne] Free OSINT Tool - Server Reconnaissance Scanner

FoxOne is a free OSINT tool, described by the author th3j35t3r as a Non-Invasive and Non-Detectable Server Reconnaissance Scanner. Bypassing API limitations and currently detecting 6500+ vulnerable server paths/files – without ever touching the target server. Very good for getting hold of intel o...

9.8AI score
Exploits0
Rows per page
Query Builder