Lucene search
K

6 matches found

Cvelist
Cvelist
added 2026/03/25 6:49 p.m.20 views

CVE-2026-27602 Modoboa has an OS Command Injection

Modoboa is a mail hosting and management platform. Prior to version 2.7.1, execcmd in modoboa/lib/sysutils.py always runs subprocess calls with shell=True. Since domain names flow directly into shell command strings without any sanitization, a Reseller or SuperAdmin can include shell metacharacte...

7.2CVSS0.00566EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2026/01/23 7:46 a.m.5 views

CVE-2026-24515

In libexpat before 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data...

2.9CVSS7.8AI score0.0017EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/01/06 12:0 a.m.5 views

PT-2026-1404

Name of the Vulnerable Software and Affected Versions FastDup – Fastest WordPress Migration & Duplicator plugin versions prior to 2.7 Description The FastDup plugin for WordPress has a path traversal issue affecting versions up to 2.7. Authenticated attackers with Contributor-level access or high...

6.5CVSS6.3AI score0.00318EPSS
Exploits0References7
CNNVD
CNNVD
added 2023/03/20 12:0 a.m.19 views

Kozea CairoSVG 代码问题漏洞

Kozea CairoSVG is a Python based software from the Kozea community that converts SVG files to PDF, EPS, PS and PNG files. A code issue vulnerability exists in Kozea CairoSVG versions prior to 2.7.0, which stems from the fact that Cairo can send requests to an external host when processing SVG...

9.9CVSS7.5AI score0.00722EPSS
Exploits0References5
OSV
OSV
added 2019/04/17 2:29 p.m.4 views

ALPINE-CVE-2019-9495

The implementations of EAP-PWD in hostapd and wpasupplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpasupplicant with EAP-PWD support are vulnerable. The ability to install and execute applications is necessary for a successful...

3.7CVSS7AI score0.03449EPSS
Exploits0References1
CNVD
CNVD
added 2015/09/09 12:0 a.m.4 views

FFmpeg allocate_buffers denial of service vulnerability

FFmpeg is a complete solution for recording, converting and streaming audio and video from the FFmpeg team. A security vulnerability exists in the 'allocatebuffers' function in the libavcodec/alac.c file in versions of FFmpeg prior to 2.7.2, which stems from the program's failure to initialize...

7.5CVSS9.1AI score0.02412EPSS
Exploits0References1
Rows per page
Query Builder