Lucene search
K

862278 matches found

Packet Storm News
Packet Storm News
added 2026/12/29 12:0 a.m.281 views

GNUnet P2P Framework 0.26.2

GNUnet is a peer-to-peer framework with focus on providing security. All peer-to-peer messages in the network are confidential and authenticated. The framework provides a transport abstraction layer and can currently encapsulate the network traffic in UDP IPv4 and IPv6, TCP IPv4 and IPv6, HTTP, o...

6.8AI score
Exploits0
NVD
NVD
added 48 minutes ago4 views

CVE-2026-15158

The Blocksy Companion plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 2.1.46 via the saveattachments function. This is due to the Custom Fonts extension registering a wpcheckfiletypeandext filter that approves any filename containing .woff2 or .tt...

9.8CVSS
Exploits0References3
CVE
CVE
added 1 hour ago1 views

CVE-2026-56291 Joomla Extension - balbooa.com - Unauthenticated file upload in Balbooa Forms extension < 2.4.1

The Joomla extension Balbooa Forms is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable files and leads to full RCE...

10CVSS
Exploits0References2
Cvelist
Cvelist
added 1 hour ago0 views

CVE-2026-56291 Joomla Extension - balbooa.com - Unauthenticated file upload in Balbooa Forms extension < 2.4.1

The Joomla extension Balbooa Forms is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable files and leads to full RCE...

10CVSS
Exploits0References2
Cvelist
Cvelist
added 1 hour ago2 views

CVE-2026-14372 Bit Form <= 3.1.1 - Authenticated (Subscriber+) Arbitrary File Deletion via '_old' Parameter

The Bit Form – Contact Form, Payment Forms, Multi Step Forms, Calculator & Custom Form Builder plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the deleteFiles function in all versions up to, and including, 3.1.1 This makes it possible for...

7.1CVSS
Exploits0References13
CVE
CVE
added 1 hour ago1 views

CVE-2026-14372 Bit Form <= 3.1.1 - Authenticated (Subscriber+) Arbitrary File Deletion via '_old' Parameter

The Bit Form – Contact Form, Payment Forms, Multi Step Forms, Calculator & Custom Form Builder plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the deleteFiles function in all versions up to, and including, 3.1.1 This makes it possible for...

7.1CVSS
Exploits0References13
CVE
CVE
added 1 hour ago2 views

CVE-2026-56289 Loop with Unreachable Exit Condition in GNU patch

GNU patch is vulnerable to a denial of service DoS due to improper validation of hunk single block of changes in diff line offsets in unified-diff input. A specially crafted patch can specify an extremely large line number, causing the application to enter an effectively infinite processing loop...

4.6CVSS
Exploits0References3
Cvelist
Cvelist
added 1 hour ago2 views

CVE-2026-56289 Loop with Unreachable Exit Condition in GNU patch

GNU patch is vulnerable to a denial of service DoS due to improper validation of hunk single block of changes in diff line offsets in unified-diff input. A specially crafted patch can specify an extremely large line number, causing the application to enter an effectively infinite processing loop...

4.6CVSS
Exploits0References3
CVE
CVE
added 1 hour ago1 views

CVE-2026-56288 NULL Pointer Dereference in GNU patch

GNU patch is vulnerable to a NULL pointer dereference when processing a specially crafted unified-diff patch file. Improper handling of consecutive end-of-file newline markers can corrupt internal hunk single block of changes in diff data structures, causing the application to pass a NULL pointer...

4.6CVSS
Exploits0References3
Cvelist
Cvelist
added 1 hour ago1 views

CVE-2026-56288 NULL Pointer Dereference in GNU patch

GNU patch is vulnerable to a NULL pointer dereference when processing a specially crafted unified-diff patch file. Improper handling of consecutive end-of-file newline markers can corrupt internal hunk single block of changes in diff data structures, causing the application to pass a NULL pointer...

4.6CVSS
Exploits0References3
Patchstack
Patchstack
added 2 hours ago2 views

WordPress Simple Coherent Form plugin <= 2.4.13 - Unauthenticated Arbitrary File Deletion vulnerability

Unauthenticated Arbitrary File Deletion vulnerability discovered by CHOIGYEONGMIN in WordPress Plugin Simple Coherent Form versions = 2.4.13...

9.1CVSS0.0074EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2 hours ago2 views

WordPress Jssor Slider by jssor.com plugin <= 3.1.24 - Unauthenticated Arbitrary File Read vulnerability

Unauthenticated Arbitrary File Read vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin Jssor Slider by jssor.com versions = 3.1.24...

7.5CVSS0.00692EPSS
Exploits0References1Affected Software1
RedHat Linux
RedHat Linux
added 2 hours ago2 views

gstreamer1-plugins-good: GStreamer: Heap buffer overflow in WavPack decoder via integer overflow

A flaw was found in GStreamer's WavPack audio decoder in gst-plugins-good. When processing a specially crafted WavPack file, an integer overflow in the buffer size calculation 4 blocksamples channels in gstwavpackdechandleframe causes a very small heap allocation. The WavPack library then writes...

7.6CVSS0.003EPSS
Exploits0References4
GithubExploit
GithubExploit
added 2 hours ago7 views

POC

OWASP Vulnerability Learning Lab Spring Boot 3 ⚠️ WARNIN...

6.2AI score
Exploits0
Cvelist
Cvelist
added 2 hours ago3 views

CVE-2026-15158 Blocksy Companion <= 2.1.46 - Unauthenticated Arbitrary File Upload via 'blc-review-images[]' Parameter

The Blocksy Companion plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 2.1.46 via the saveattachments function. This is due to the Custom Fonts extension registering a wpcheckfiletypeandext filter that approves any filename containing .woff2 or .tt...

9.8CVSS
Exploits0References3
CVE
CVE
added 2 hours ago4 views

CVE-2026-15158

Blocksy Companion

9.8CVSS
Exploits0References3
EUVD
EUVD
added 2 hours ago2 views

EUVD-2026-42549

The Blocksy Companion plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 2.1.46 via the saveattachments function. This is due to the Custom Fonts extension registering a wpcheckfiletypeandext filter that approves any filename containing .woff2 or .tt...

9.8CVSS
Exploits0References3
GithubExploit
GithubExploit
added 2 hours ago8 views

exploitarium

https://discord.gg/WytKH65ZR join up for research, help, documen...

9.2CVSS7.3AI score0.00732EPSS
Exploits11
NVD
NVD
added 2 hours ago5 views

CVE-2026-7558

The Age Verification & Identity Verification by Token of Trust plugin for WordPress is vulnerable to unauthorized access in all versions up to and including 4.0.2. This is due to the handleexporttable function being registered on the WordPress 'init' hook, which fires for all requests, including...

5.3CVSS
Exploits0References8
NVD
NVD
added 2 hours ago3 views

CVE-2026-8996

The Backup and Staging by WP Time Capsule plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.22.26 via the downloadrecentdecryptedfilewptc. This makes it possible for authenticated attackers, with subscriber-level access and above, to...

6.5CVSS
Exploits0References8
Rows per page
Query Builder