Lucene search
K

15 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:32 p.m.9 views

CVE-2026-6891

Improper handling of symbolic links in the installer of My Image Garden for macOS Version 3.6.8 or earlier may allow a local attacker with login privileges to exploit a specially crafted symbolic link during installation to modify permissions of files for which they would not normally have...

5.1CVSS5.5AI score0.00123EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/28 11:59 p.m.15 views

CVE-2026-6891

Improper handling of symbolic links in the installer of My Image Garden for macOS Version 3.6.8 or earlier may allow a local attacker with login privileges to exploit a specially crafted symbolic link during installation to modify permissions of files for which they would not normally have...

5.1CVSS5.8AI score0.00123EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/02/14 12:24 a.m.3 views

SUSE CVE-2026-25949

Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.8, there is a potential vulnerability in Traefik managing STARTTLS requests. An unauthenticated client can bypass Traefik entrypoint respondingTimeouts.readTimeout by sending the 8-byte Postgres SSLRequest STARTTLS prelude and then...

7.5CVSS5.6AI score0.00709EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/02/12 8:1 p.m.5 views

CVE-2026-25949

Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.8, there is a potential vulnerability in Traefik managing STARTTLS requests. An unauthenticated client can bypass Traefik entrypoint respondingTimeouts.readTimeout by sending the 8-byte Postgres SSLRequest STARTTLS prelude and then...

7.5CVSS5.6AI score0.00709EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/17 12:0 a.m.7 views

PT-2025-51882

Name of the Vulnerable Software and Affected Versions AWS SDK for PHP versions prior to 3.368.0 Description A missing cryptographic key commitment in the AWS SDK for PHP could allow a user with write access to an S3 bucket to introduce a new Encryption Data Key EDK that decrypts to different...

6CVSS6.3AI score0.00176EPSS
Exploits0References7
EUVD
EUVD
added 2025/10/21 3:30 p.m.6 views

EUVD-2025-35179

A vulnerability was detected in DCMTK up to 3.6.7. The impacted element is the function DcmQueryRetrieveConfig::readPeerList of the file /dcmqrcnf.cc of the component dcmqrscp. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit is now publ...

4.8CVSS6.2AI score0.00255EPSS
Exploits1References8
OSV
OSV
added 2025/10/21 3:15 p.m.4 views

DEBIAN-CVE-2022-4981

A vulnerability was detected in DCMTK up to 3.6.7. The impacted element is the function DcmQueryRetrieveConfig::readPeerList of the file /dcmqrcnf.cc of the component dcmqrscp. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit is now publ...

5.5CVSS4.2AI score0.00255EPSS
Exploits1References1
OSV
OSV
added 2025/10/21 3:15 p.m.4 views

UBUNTU-CVE-2022-4981

A vulnerability was detected in DCMTK up to 3.6.7. The impacted element is the function DcmQueryRetrieveConfig::readPeerList of the file /dcmqrcnf.cc of the component dcmqrscp. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit is now publ...

5.5CVSS5.3AI score0.00255EPSS
Exploits1References3
Cvelist
Cvelist
added 2025/10/21 3:2 p.m.13 views

CVE-2022-4981 DCMTK dcmqrscp dcmqrcnf.cc readPeerList null pointer dereference

A vulnerability was detected in DCMTK up to 3.6.7. The impacted element is the function DcmQueryRetrieveConfig::readPeerList of the file /dcmqrcnf.cc of the component dcmqrscp. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit is now publ...

4.8CVSS0.00255EPSS
Exploits1References5
CVE
CVE
added 2025/10/15 8:26 a.m.18 views

CVE-2025-10486

The CVE-2025-10486 entry concerns the WordPress Content Writer plugin. Publicly exposed log files allowed unauthenticated attackers to view sensitive information from all versions up to and including 3.6.8. The issue is categorized as unauthenticated information disclosure with a Network attack v...

5.3CVSS5.4AI score0.00296EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/10/10 7:17 p.m.7 views

CVE-2025-11371

In the default installation and configuration of Gladinet CentreStack and TrioFox, there is an unauthenticated Local File Inclusion Flaw that allows unintended disclosure of system files. Exploitation of this vulnerability has been observed in the wild. This issue impacts Gladinet CentreStack and...

6.2CVSS6.7AI score0.92094EPSS
Exploits4References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:8 a.m.9 views

CVE-2023-6837

Multiple WSO2 products have been identified as vulnerable to perform user impersonatoin using JIT provisioning. In order for this vulnerability to have any impact on your deployment, following conditions must be met: An IDP configured for federated authentication and JIT provisioning enabled with...

8.5CVSS8.4AI score0.0046EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:37 a.m.8 views

CVE-2012-3689

WebKit in Apple Safari before 6.0 does not properly handle drag-and-drop events, which allows user-assisted remote attackers to bypass the Same Origin Policy via a crafted web site...

5.8CVSS6.4AI score0.01274EPSS
Exploits0References1
Circl
Circl
added 2022/07/27 6:49 p.m.17 views

CVE-2022-36896

creationtimestamp| type| source ---|---|--- 2022-07-27 18:49:54+00:00| seen| https://t.me/cibsecurity/47097 2025-10-20 00:24:59+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3m3lkgwesphe2...

6.5CVSS6.6AI score0.00605EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/07/04 12:0 a.m.5 views

WordPress plugin Import any XML or CSV File 代码问题漏洞

WordPress is a blogging platform developed using the PHP language. WordPress Import any XML or CSV File plugin versions prior to 3.6.8 are vulnerable to arbitrary file uploads, which originate from accepting all zip files and automatically extracting the zip file without validating the extracted...

7.2CVSS5.8AI score0.01374EPSS
Exploits2References2
Rows per page
Query Builder