Lucene search
K

15 matches found

Positive Technologies
Positive Technologies
added 2026/05/21 12:0 a.m.12 views

PT-2026-42812

Name of the Vulnerable Software and Affected Versions ImageMagick affected versions not specified Description A race condition in the magick -distribute-cache service allows a remote attacker to hijack a file descriptor within the server process. Recommendations At the moment, there is no...

7.5CVSS5.5AI score0.00495EPSS
Exploits0References130
EUVD
EUVD
added 2026/05/15 7:46 a.m.19 views

EUVD-2026-30515

The Smartcat Translator for WPML plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'routeData' REST endpoint in all versions up to, and including, 3.1.77. This makes it possible for unauthenticated attackers to overwrite the plugin's...

6.5CVSS5.8AI score0.00262EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/05/15 12:0 a.m.8 views

WordPress plugin Smartcat Translator for WPML 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

6.5CVSS5.8AI score0.00262EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/22 6:31 p.m.5 views

EUVD-2026-25016

A vulnerability exists in the chroot utility of uutils coreutils when using the --userspec option. The utility resolves the user specification via getpwnam after entering the chroot but before dropping root privileges. On glibc-based systems, this can trigger the Name Service Switch NSS to load...

7.8CVSS6.1AI score0.00136EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/04/22 12:0 a.m.8 views

PT-2026-34504

Name of the Vulnerable Software and Affected Versions uutils coreutils affected versions not specified Description A flaw in the chroot utility occurs when the --userspec option is used. The utility calls the getPwnam function to resolve user specifications after entering the chroot environment b...

7.8CVSS6.2AI score0.00136EPSS
Exploits1References4
CVE
CVE
added 2026/03/26 11:37 a.m.8 views

CVE-2025-41368

CVE-2025-41368 affects Small HTTP Server v3.06.36 due to an unquoted service path in the executable at C:\Program Files (x86)\shttps_mg\http.exe. This misconfiguration enables a local attacker to place a malicious binary with the same name in a higher-priority directory, causing the service to ru...

8.7CVSS5.9AI score0.00613EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/06 4:41 p.m.3 views

CVE-2019-25266

Wondershare Application Framework Service 2.4.3.231 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated privileges. Attackers can exploit the unquoted service path by placing malicious executables in specific directory...

8.5CVSS6.2AI score0.00129EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-6899

Malware in sbrugna...

7.1CVSS6AI score0.0036EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/08/02 2:15 p.m.4 views

CVE-2023-26317

Xiaomi routers have an external interface that can lead to command injection. The vulnerability is caused by lax filtering of responses from external interfaces. Attackers can exploit this vulnerability to gain access to the router by hijacking the ISP or upper-layer routing...

9.8CVSS5.9AI score0.00948EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2020/09/23 1:15 a.m.4 views

CVE-2019-16007

A vulnerability in the inter-service communication of Cisco AnyConnect Secure Mobility Client for Android could allow an unauthenticated, local attacker to perform a service hijack attack on an affected device or cause a denial of service DoS condition. The vulnerability is due to the use of...

7.1CVSS6.5AI score0.0036EPSS
Exploits0References1
NVD
NVD
added 2020/09/23 1:15 a.m.33 views

CVE-2019-16007

A vulnerability in the inter-service communication of Cisco AnyConnect Secure Mobility Client for Android could allow an unauthenticated, local attacker to perform a service hijack attack on an affected device or cause a denial of service DoS condition. The vulnerability is due to the use of...

7.1CVSS0.0036EPSS
Exploits0References1
Prion
Prion
added 2020/09/23 1:15 a.m.26 views

Race condition

A vulnerability in the inter-service communication of Cisco AnyConnect Secure Mobility Client for Android could allow an unauthenticated, local attacker to perform a service hijack attack on an affected device or cause a denial of service DoS condition. The vulnerability is due to the use of...

5.8CVSS6.6AI score0.0036EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2020/09/23 12:26 a.m.20 views

CVE-2019-16007 Cisco AnyConnect Secure Mobility Client for Android Service Hijack Vulnerability

A vulnerability in the inter-service communication of Cisco AnyConnect Secure Mobility Client for Android could allow an unauthenticated, local attacker to perform a service hijack attack on an affected device or cause a denial of service DoS condition. The vulnerability is due to the use of...

5.9CVSS6.7AI score0.0036EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2020/09/23 12:26 a.m.9 views

CVE-2019-16007 Cisco AnyConnect Secure Mobility Client for Android Service Hijack Vulnerability

A vulnerability in the inter-service communication of Cisco AnyConnect Secure Mobility Client for Android could allow an unauthenticated, local attacker to perform a service hijack attack on an affected device or cause a denial of service DoS condition. The vulnerability is due to the use of...

5.9CVSS6.6AI score0.0036EPSS
Exploits0References1
Cisco
Cisco
added 2020/01/08 4:0 p.m.25 views

Cisco AnyConnect Secure Mobility Client for Android Service Hijack Vulnerability

A vulnerability in the inter-service communication of Cisco AnyConnect Secure Mobility Client for Android could allow an unauthenticated, local attacker to perform a service hijack attack on an affected device or cause a denial of service DoS condition. The vulnerability is due to the use of...

5.9CVSS1.9AI score0.0036EPSS
Exploits0References1
Rows per page
Query Builder