Lucene search
K

9 matches found

OSV
OSV
added 2026/06/30 8:53 a.m.6 views

SUSE-SU-2026:2692-1 Security update for docker

This update for docker fixes the following issues - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265782. - CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for validation bypass...

9.6CVSS7.8AI score0.00781EPSS
Exploits0References9
OSV
OSV
added 2026/06/25 12:44 p.m.7 views

SUSE-SU-2026:22285-1 Security update for docker

This update for docker fixes the following issues - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265782. - CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for validation bypass...

9.6CVSS7.3AI score0.00781EPSS
Exploits0References9
Metasploit
Metasploit
added 2026/04/02 7:2 p.m.211 views

HTTP Fetch, Windows Upload/Execute, Bind TCP Stager (No NX or Win7)

Fetch and execute an x86 payload from an HTTP server. Uploads an executable and runs it staged. Listen for a connection No NX Module Options msf use payload/cmd/windows/http/x86/upexec/bindnonxtcp msf payloadbindnonxtcp show actions ...actions... msf payloadbindnonxtcp set ACTION msf...

6AI score
Exploits0
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2007-2606

Malware in sbrugna...

8.3CVSS6.4AI score0.0055EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/09/19 12:0 a.m.4 views

SuperMicro MBD-X12STW 安全漏洞

The SuperMicro MBD-X12STW is a server motherboard from SuperMicro, Inc. A security vulnerability exists in the SuperMicro MBD-X12STW that stems from a flaw in the BMC firmware validation logic, which could result in specially crafted firmware being uploaded for execution...

7.2CVSS9.3AI score0.00301EPSS
Exploits0References1
ICS
ICS
added 2025/08/12 6:0 a.m.11 views

AVEVA PI Integrator

RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose sensitive information, or upload and execute files. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:...

7.1CVSS7.5AI score0.00278EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2025/03/20 7:26 p.m.14 views

CVE-2025-24801

GLPI is a free asset and IT management software package. An authenticated user can upload and force the execution of .php files located on the GLPI server. This vulnerability is fixed in 10.0.18...

8.8CVSS6.9AI score0.17467EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/06/07 1:51 a.m.13 views

CVE-2020-36701

The Page Builder: KingComposer plugin for WordPress is vulnerable to Arbitrary File Uploads in versions up to, and including, 2.9.3 via the 'processbulkaction' function in the 'kingcomposer/includes/kc.extensions.php' file. This makes it possible for authenticated users with author level...

8.8CVSS7.2AI score0.01531EPSS
Exploits1References4
Packet Storm
Packet Storm
added 2004/08/26 12:0 a.m.22 views

gallery-php.txt

!/usr/bin/php 17-August-2004 ++ Vulnerability description ++ Gallery http://gallery.sf.net/ is a PHP image gallery script. Having permission to upload photos in some album and the temporal directory is in the webtree, then it is possible to create a file with any extension and content. Tested in ...

7.4AI score
Exploits0
Rows per page
Query Builder