Lucene search
K

13 matches found

Cvelist
Cvelist
added 2026/06/10 9:29 p.m.33 views

CVE-2026-45624 ImageMagick: Heap Buffer Over-Read of a 4 bytes in distort operation.

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-47 and 7.1.2-22, when performing a polynomial distortion an out of bounds over-read of 24 bytes can occur when specifying specific arguments. This issue has been patched in...

5.1CVSS0.0012EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 3:41 a.m.22 views

CVE-2026-9185

CVE-2026-9185 affects the WordPress plugin 6Storage Rentals (versions

7.5CVSS5.5AI score0.00403EPSS
Exploits0References11
OSV
OSV
added 2026/05/27 9:35 p.m.5 views

GHSA-G794-3FMP-753H AsyncSSH `AuthorizedKeysFile %u` path traversal allows attacker-selected authorized keys to authenticate a traversal username

Summary AsyncSSH 2.22.0 expands the OpenSSH-compatible AuthorizedKeysFile %u token with the raw SSH username during pre-authentication server config reload. A server configured with a documented per-user key pattern such as AuthorizedKeysFile authorizedkeys/%u can be made to read an authorized-ke...

8.2CVSS5.8AI score0.00221EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/02/19 12:0 a.m.3 views

PT-2024-17837

Name of the Vulnerable Software and Affected Versions Loomio version 2.22.0 Description The issue allows executing arbitrary commands on the server due to the application being vulnerable to OS Command Injection. Recommendations For Loomio version 2.22.0, update to a version that fixes the OS...

10CVSS9AI score0.02756EPSS
Exploits1References10
CNNVD
CNNVD
added 2023/11/14 12:0 a.m.3 views

Microsoft Windows Installer Security Vulnerability

Microsoft Windows Installer is a component of the Windows operating system from Microsoft. It provides a standard basis for installing and uninstalling software. A security vulnerability exists in Microsoft Windows Installer. An attacker could exploit the vulnerability to gain elevated privileges...

7.8CVSS6.8AI score0.00677EPSS
Exploits0References3
Circl
Circl
added 2022/10/28 10:29 p.m.5 views

CVE-2022-43232

creationtimestamp| type| source ---|---|--- 2022-10-28 22:29:47+00:00| seen| https://t.me/cibsecurity/52250...

7.2CVSS7AI score0.00848EPSS
Exploits1References1
Circl
Circl
added 2022/02/23 4:16 p.m.6 views

CVE-2022-0727

creationtimestamp| type| source ---|---|--- 2022-02-23 16:16:32+00:00| seen| https://t.me/cibsecurity/37943...

5.5CVSS5.3AI score0.00667EPSS
Exploits1References1
OSV
OSV
added 2021/07/25 10:15 p.m.4 views

CVE-2021-37441

NCH Axon PBX v2.22 and earlier allows path traversal for file deletion via the logdelete?file=/.. substring...

8.8CVSS5.8AI score
Exploits0References2
OSV
OSV
added 2019/05/02 3:21 p.m.2 views

GHSA-4WJQ-69RC-8WCP Path Traversal in Apache Camel

Apache Camel's File is vulnerable to directory traversal. Camel 2.21.0 to 2.21.3, 2.22.0 to 2.22.2, 2.23.0 and the unsupported Camel 2.x 2.19 and earlier versions may be also affected...

7.5CVSS7AI score0.08482EPSS
Exploits1References9
RedHat Linux
RedHat Linux
added 2019/04/30 3:18 p.m.1 views

camel: Directory traversal in file producer

Apache Camel's File is vulnerable to directory traversal. Camel 2.21.0 to 2.21.3, 2.22.0 to 2.22.2, 2.23.0 and the unsupported Camel 2.x 2.19 and earlier versions may be also affected...

7.5CVSS5.7AI score0.08482EPSS
Exploits1References4
CNVD
CNVD
added 2018/02/23 12:0 a.m.2 views

eQ-3 AG HomeMatic CCU2 Open XML-RPC Port Vulnerability

The eQ-3 AG Homematic CCU2 is a central control unit for controlling smart home devices from eQ-3 Germany. A security vulnerability exists in the eQ-3 AG HomeMatic CCU2 version 2.29.22. An attacker can exploit the vulnerability by sending arbitrary XML-RPC requests to control attached BidCos...

9.8CVSS6.9AI score0.01479EPSS
Exploits0References1
CNVD
CNVD
added 2017/12/25 12:0 a.m.2 views

Horde Groupware SQL Injection Vulnerability

Horde Groupware is an enterprise browser based on the Communication Suite from Horde USA. The browser supports sending and receiving e-mail, managing and sharing calendars, contacts and tasks, and more. A SQL injection vulnerability exists in Horde Groupware 5.2.22 and earlier versions. A remote...

8.3AI score
Exploits0References1
CNVD
CNVD
added 2016/08/04 12:0 a.m.5 views

GNU glibc Information Disclosure Vulnerability

glibc is the implementation of the C library in most Linux operating systems. An information disclosure vulnerability exists in versions of GNU glibc prior to 2.22, which can be exploited by attackers to obtain sensitive information that may lead to further attacks...

7.5CVSS7.5AI score0.03361EPSS
Exploits0References1
Rows per page
Query Builder