Lucene search
K

257092 matches found

RedHat Linux
RedHat Linux
added yesterday4 views

mariadb: MariaDB Server: Arbitrary code execution via wsrep_notify_cmd

A flaw was found in MariaDB server. When the wsrepnotifycmd feature is enabled, a remote attacker could exploit this vulnerability by embedding shell commands in the name of a joiner node. This could lead to arbitrary code execution on the server, allowing the attacker to take full control of the...

10CVSS6.5AI score0.00447EPSS
Exploits0References6
CVE
CVE
added yesterday10 views

CVE-2026-34594

CVE-2026-34594 — Coolify Affected product: Coolify (open-source self-hosted platform for managing servers, apps, and databases). Vulnerability: In the Destination Network Management functionality, the network parameter is passed directly to shell commands without proper sanitization. This authent...

8.8CVSS6.6AI score
Exploits0References1
CVE
CVE
added yesterday10 views

CVE-2026-34597

CVE-2026-34597 affects Coolify prior to 4.0.0-beta.470. The vulnerability lies in how user-supplied build parameters for the Nixpacks build pack are handled: the install_command provided by a user is directly concatenated into a shell command string executed on the deployment host during the buil...

8.8CVSS6.2AI score
Exploits0References1
RedHat Linux
RedHat Linux
added yesterday5 views

Important: Red Hat Security Advisory: evince security update

An update for evince is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

8.4CVSS5.8AI score0.00555EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added yesterday4 views

atril: evince: xreader: PDF /GoToR action argv injection enables single-click RCE via --gtk-module dlopen

A flaw was found in Atril, Evince and Xreader. A malicious link inside a specially crafted PDF document can cause arbitrary code execution when clicked due to improper quoting of attacker-controlled PDF link-destination fields during remote go-to /GoToR actions. This issue allows an attacker to...

8.4CVSS6.6AI score0.00555EPSS
Exploits0References12
NVD
NVD
added yesterday6 views

CVE-2026-12912

A flaw was found in libtiff. A remote attacker could exploit this vulnerability by providing a specially crafted PixarLog-compressed TIFF image. This issue occurs when decoding Pixarlog codec images with the PIXARLOGDATAFMT8BITABGR output format and a specific stride value, leading to a heap-base...

7.3CVSS
Exploits0References5
NVD
NVD
added yesterday6 views

CVE-2026-56290

The Joomla extension Page Builder CK is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable files and leads to full RCE...

10CVSS
Exploits0References1
CVE
CVE
added yesterday12 views

CVE-2026-56290

CVE-2026-56290 affects the Joomla extension Page Builder CK (listed as Page Builder CK extension

10CVSS5.8AI score
Exploits0References1
EUVD
EUVD
added yesterday6 views

EUVD-2026-40121

The Joomla extension Page Builder CK is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable files and leads to full RCE...

10CVSS5.8AI score
Exploits0References1
Cvelist
Cvelist
added yesterday12 views

CVE-2026-56290 Joomla Extension - joomlack.fr - Unauthenticated file upload in Page Builder CK extension < 3.6.0

The Joomla extension Page Builder CK is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable files and leads to full RCE...

10CVSS
Exploits0References1
NVD
NVD
added yesterday7 views

CVE-2026-40521

FrontAccounting before 2.4.20 contains a path traversal vulnerability in the attachment upload handler that allows authenticated attackers to execute arbitrary code by uploading files with traversal sequences in the uniquename parameter. Attackers can supply path traversal sequences...

8.8CVSS
Exploits0References4
NVD
NVD
added yesterday6 views

CVE-2026-13165

SzafirHost verifies the downloaded native library archive with one JarFile parser reading the Central Directory but extracts native libraries with JarInputStream parser reading sequentially from local file headers. An attacker who controls the served archive can insert a malicious DLL/SO/DYLIB as...

8.6CVSS
Exploits0References2
EUVD
EUVD
added yesterday7 views

EUVD-2026-40083

FrontAccounting before 2.4.20 contains a path traversal vulnerability in the attachment upload handler that allows authenticated attackers to execute arbitrary code by uploading files with traversal sequences in the uniquename parameter. Attackers can supply path traversal sequences...

8.8CVSS6.6AI score
Exploits0References4
CVE
CVE
added yesterday12 views

CVE-2026-40521

FrontAccounting before 2.4.20 contains a path traversal vulnerability in the attachment upload handler. Authenticated attackers can upload files with traversal sequences in the unique_name parameter (eg ../../../shell.php) to write outside the attachments directory into the web root, enabling rem...

8.8CVSS6.6AI score
Exploits0References4
EUVD
EUVD
added yesterday6 views

EUVD-2026-40078

SzafirHost verifies the downloaded native library archive with one JarFile parser reading the Central Directory but extracts native libraries with JarInputStream parser reading sequentially from local file headers. An attacker who controls the served archive can insert a malicious DLL/SO/DYLIB as...

8.6CVSS6AI score
Exploits0References2
CVE
CVE
added yesterday12 views

CVE-2026-13165

SzafirHost is affected by a remote code execution vulnerability (CVE-2026-13165) in the way it validates versus extracts native libraries from archives. The application verifies the downloaded native library archive using JarFile (Central Directory) but extracts libraries with JarInputStream (seq...

8.6CVSS6AI score
Exploits0References2
RedhatCVE
RedhatCVE
added yesterday5 views

CVE-2026-56766

A flaw was found in Hydra. A malicious server can exploit a stack buffer overflow vulnerability in the NTLM authentication modules by sending a specially crafted NTLM Type-2 challenge. This can lead to an overflow of a stack buffer, potentially enabling remote code execution on systems that lack...

8.8CVSS6.5AI score0.00474EPSS
Exploits0References5
Nuclei
Nuclei
added yesterday15 views

FlipperCode Custom CSS, JS & PHP <= 2.0.7 - Remote Code Execution

Custom css-js-php WordPress plugin through 2.0.7 contains a command injection caused by unsanitized user input used in SQL query and passed to eval, letting unauthenticated attackers execute arbitrary PHP code on the server. id: CVE-2026-6433 info: name: FlipperCode Custom CSS, JS & PHP = 2.0.7 -...

7.3CVSS6.2AI score0.00753EPSS
Exploits1References4
Nuclei
Nuclei
added yesterday21 views

elFinder < 2.1.58 - Remote Code Execution

studio-42/elfinder before 2.1.58 contains a remote code execution caused by execution of PHP code in a .phar file, letting attackers execute arbitrary PHP code if the server parses .phar files as PHP, exploit requires server to parse .phar files as PHP. id: CVE-2021-23394 info: name: elFinder...

9.8CVSS8AI score0.19083EPSS
Exploits1References4
Nuclei
Nuclei
added yesterday36 views

Contact Form 7 Drag and Drop Multiple File Upload - Arbitrary File Upload

The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in all versions up to, and including, 1.3.8.9. This makes it possible for unauthenticated attackers to bypass the plugin's blacklist and...

9.8CVSS6.5AI score0.0509EPSS
Exploits2References3
Rows per page
Query Builder