Lucene search
K

88 matches found

OSV
OSV
added 2026/02/14 11:42 p.m.11 views

CLSA-2026-1771112524 Update of alt-php

Update ca-certificates database to 20260129: - mozilla\certdata.h,nssckbi.h: Update Mozilla certificate authority bundle of the version 2.82. - The following certificates were updated: Certificate "GlobalSign Root CA" Certificate "Entrust.net Premium 2048 Secure Server CA" Certificate "Comodo AAA...

5.8AI score
Exploits0References1
OSV
OSV
added 2026/02/13 6:4 p.m.10 views

CLSA-2026-1771005847 Update of alt-php

Update ca-certificates database to 20260129: - mozilla\certdata.h,nssckbi.h: Update Mozilla certificate authority bundle of the version 2.82. - The following certificates were updated: Certificate "GlobalSign Root CA" Certificate "Entrust.net Premium 2048 Secure Server CA" Certificate "Comodo AAA...

5.8AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/26 10:6 a.m.2 views

CVE-2025-59106 Web Server Running with Root Privileges in dormakaba access manager

The binary serving the web server and executing basically all actions launched from the Web UI is running with root privileges. This is against the least privilege principle. If an attacker is able to execute code on the system via other vulnerabilities it is possible to directly execute commands...

6AI score0.00684EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/01/26 10:6 a.m.3 views

CVE-2025-59106

The binary serving the web server and executing basically all actions launched from the Web UI is running with root privileges. This is against the least privilege principle. If an attacker is able to execute code on the system via other vulnerabilities it is possible to directly execute commands...

8.8CVSS6AI score0.00684EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/01/26 10:6 a.m.31 views

CVE-2025-59106 Web Server Running with Root Privileges in dormakaba access manager

The binary serving the web server and executing basically all actions launched from the Web UI is running with root privileges. This is against the least privilege principle. If an attacker is able to execute code on the system via other vulnerabilities it is possible to directly execute commands...

0.00684EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/26 12:0 a.m.11 views

Dormakaba Access Manager security vulnerabilities

The Dormakaba Access Manager is a smart hardware controller developed by the Dormakaba company in the United States. There is a security vulnerability in the Dormakaba Access Manager, which stems from the Web server binary running with root privileges, potentially leading to an increase in...

8.8CVSS5.8AI score0.00684EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2012-4535

Malware in sbrugna...

3.3CVSS6.4AI score0.00618EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-0375

Malware in sbrugna...

6.1CVSS6.2AI score0.00879EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2016-0916

Malware in sbrugna...

7.2CVSS7AI score0.00434EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2016-2697

Malware in sbrugna...

7.8CVSS7.7AI score0.00535EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/10/04 12:56 a.m.8 views

CVE-2025-60449

An information disclosure vulnerability has been discovered in SeaCMS 13.1. The vulnerability exists in the adminsafe.php component located in the /btcoan/ directory. This security flaw allows authenticated administrators to scan and download not only the application’s source code but also...

4.9CVSS6.5AI score0.00342EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/10/03 12:0 a.m.10 views

CVE-2025-60449

An information disclosure vulnerability has been discovered in SeaCMS 13.1. The vulnerability exists in the adminsafe.php component located in the /btcoan/ directory. This security flaw allows authenticated administrators to scan and download not only the application’s source code but also...

0.00342EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/10/03 12:0 a.m.5 views

SeaCMS 安全漏洞

SeaCMS is a free, open source web content management system written in PHP by SeaCMS, Inc. The system is primarily designed to manage video-on-demand resources. A security vulnerability exists in SeaCMS version 13.1, which stems from an information leak in the adminsafe.php component that could...

4.9CVSS6.5AI score0.00342EPSS
Exploits1References1
CVE
CVE
added 2025/10/03 12:0 a.m.17 views

CVE-2025-60449

SeaCMS 13.1 contains an information disclosure in the admin_safe.php component under /btcoan/. The vulnerability permits authenticated administrators to scan and download the application’s source code and potentially any file on the server’s root directory. Documents do not specify a CVE exploita...

4.9CVSS6.2AI score0.00342EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/10/03 12:0 a.m.6 views

PT-2025-40527

Name of the Vulnerable Software and Affected Versions SeaCMS version 13.1 Description An information disclosure issue exists in SeaCMS 13.1. The flaw is located in the admin safe.php component within the /btcoan/ directory. Authenticated administrators can scan and download the application’s sour...

4.9CVSS6.3AI score0.00342EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/10/30 7:42 a.m.19 views

CVE-2024-9632 Xorg-x11-server: tigervnc: heap-based buffer overflow privilege escalation vulnerability

A flaw was found in the X.org server. Due to improperly tracked allocation size in XkbSetCompatMap, a local attacker may be able to trigger a buffer overflow condition via a specially crafted payload, leading to denial of service or local privilege escalation in distributions where the X.org serv...

7.8CVSS0.00894EPSS
Exploits0References17
Positive Technologies
Positive Technologies
added 2024/04/15 12:0 a.m.6 views

PT-2024-26681 · Mlflow · Mlflow

Name of the Vulnerable Software and Affected Versions: mlflow/mlflow affected versions not specified Description: The issue arises from the is local uri function's failure to properly handle URIs with empty or 'file' schemes, leading to the misclassification of URIs as non-local. Attackers can...

9.3CVSS9.1AI score0.00733EPSS
Exploits1References13
OSV
OSV
added 2023/08/05 2:15 a.m.5 views

CVE-2023-33367

A SQL injection vulnerability exists in Control ID IDSecure 4.7.26.0 and prior, allowing unauthenticated attackers to write PHP files on the server's root directory, resulting in remote code execution...

9.8CVSS6.1AI score0.01068EPSS
Exploits0References2
NVD
NVD
added 2023/08/05 2:15 a.m.21 views

CVE-2023-33367

A SQL injection vulnerability exists in Control ID IDSecure 4.7.26.0 and prior, allowing unauthenticated attackers to write PHP files on the server's root directory, resulting in remote code execution...

9.8CVSS10AI score0.01068EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/08/05 12:0 a.m.4 views

Control ID IDSecure SQL Injection Vulnerability

Control ID IDSecure is software from Control ID that controls access to personnel and vehicles in companies of all sizes. A security vulnerability exists in Control ID IDSecure version 4.7.26.0 and prior versions that stems from the presence of a SQL injection vulnerability. An attacker can explo...

9.8CVSS8.8AI score0.01068EPSS
Exploits0References3
Rows per page
Query Builder