CVE-2025-67946

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in scriptsbundle AdForest adforest allows PHP Local File Inclusion.This issue affects AdForest: from n/a through = 6.0.11...

Wordfence Intelligence Weekly WordPress Vulnerability Report (January 12, 2026 to January 18, 2026)

Did you know Wordfence runs aBug Bounty Program for all WordPress plugin and themes at no cost to vendors? Researchers can earn up to $31,200 per vulnerability , for all in-scope vulnerabilities submitted to our Bug Bounty Program! Find a vulnerability, submit the details directly to us, and we...

SUSE CVE-2021-47853

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

Azure Linux 3.0 Security Update: kernel (CVE-2024-42243)

"The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-42243 advisory. - In the Linux kernel, the following vulnerability has been resolved: mm/filemap: make MAXPAGECACHEORDER...

Azure Linux 3.0 Security Update: kernel (CVE-2024-43837)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-43837 advisory. - In the Linux kernel, the following vulnerability has been resolved: bpf: Fix null pointer dereference in...

📄 Malwarebytes Anti-Malware 2.x Privilege Escalation

This advisory hosts useful analysis of older research from 2016, when Google's Project Zero discovered multiple security issues in MalwareBytes Anti-Malware version 2.x. The software suffered from a combination of security flaws that allowed attackers to remotely tamper with...

Azure Linux 3.0 Security Update: kernel (CVE-2024-56675)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-56675 advisory. - In the Linux kernel, the following vulnerability has been resolved: bpf: Fix UAF via mismatching...

phpPgAdmin contains a remote command execution vulnerability

phpPgAdmin 7.13.0 contains a remote command execution vulnerability that allows authenticated attackers to execute arbitrary system commands through SQL query manipulation. Attackers can create a custom table, upload a malicious .txt file, and use the COPY FROM PROGRAM command to execute operatin...

GHSA-86GH-C8R8-XWHQ phpPgAdmin contains a remote command execution vulnerability

phpPgAdmin 7.13.0 contains a remote command execution vulnerability that allows authenticated attackers to execute arbitrary system commands through SQL query manipulation. Attackers can create a custom table, upload a malicious .txt file, and use the COPY FROM PROGRAM command to execute operatin...

CVE-2021-47868

WIN-PACK PRO 4.8 contains an unquoted service path vulnerability in the WPCommandFileService that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files \WINPAKPRO\WPCommandFileService Service.exe to inject malicious co...

CVE-2021-47859

ActivIdentity 8.2 contains an unquoted service path vulnerability in the ac.sharedstore service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path in C:\Program Files\Common Files\ActivIdentity\ to inject malicious executables and...

CVE-2021-47853

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

DEBIAN-CVE-2021-47853

phpPgAdmin 7.13.0 contains a remote command execution vulnerability that allows authenticated attackers to execute arbitrary system commands through SQL query manipulation. Attackers can create a custom table, upload a malicious .txt file, and use the COPY FROM PROGRAM command to execute operatin...

CVE-2021-47748

Hasura GraphQL 1.3.3 contains a remote code execution vulnerability that allows attackers to execute arbitrary shell commands through SQL query manipulation. Attackers can inject commands into the runsql endpoint by crafting malicious GraphQL queries that execute system commands through...

CVE-2021-47748

Hasura GraphQL 1.3.3 contains a remote code execution vulnerability that allows attackers to execute arbitrary shell commands through SQL query manipulation. Attackers can inject commands into the runsql endpoint by crafting malicious GraphQL queries that execute system commands through...

CVE-2021-47853

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

CVE-2021-47869 BRAdmin Professional 3.75 - 'BRA_Scheduler' Unquoted Service Path

Brother BRAdmin Professional 3.75 contains an unquoted service path vulnerability in the BRAScheduler service that allows local users to potentially execute arbitrary code. Attackers can place a malicious executable named 'BRAdmin' in the C:\Program Files x86\Brother\ directory to gain local syst...

EUVD-2026-3636

phpPgAdmin 7.13.0 contains a remote command execution vulnerability that allows authenticated attackers to execute arbitrary system commands through SQL query manipulation. Attackers can create a custom table, upload a malicious .txt file, and use the COPY FROM PROGRAM command to execute operatin...

CVE-2021-47853

...

CVE-2021-47853

Removed by vendor...