9 matches found
SUSE-SU-2026:2692-1 Security update for docker
This update for docker fixes the following issues - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265782. - CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for validation bypass...
SUSE-SU-2026:22285-1 Security update for docker
This update for docker fixes the following issues - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE bsc1265782. - CVE-2026-39821: golang.org/x/net/idna: failure to reject ASCII-only Punycode-encoded labels allows for validation bypass...
HTTP Fetch, Windows Upload/Execute, Bind TCP Stager (No NX or Win7)
Fetch and execute an x86 payload from an HTTP server. Uploads an executable and runs it staged. Listen for a connection No NX Module Options msf use payload/cmd/windows/http/x86/upexec/bindnonxtcp msf payloadbindnonxtcp show actions ...actions... msf payloadbindnonxtcp set ACTION msf...
EUVD-2007-2606
Malware in sbrugna...
SuperMicro MBD-X12STW 安全漏洞
The SuperMicro MBD-X12STW is a server motherboard from SuperMicro, Inc. A security vulnerability exists in the SuperMicro MBD-X12STW that stems from a flaw in the BMC firmware validation logic, which could result in specially crafted firmware being uploaded for execution...
AVEVA PI Integrator
RISK EVALUATION Successful exploitation of these vulnerabilities could allow an attacker to disclose sensitive information, or upload and execute files. 2. RECOMMENDED PRACTICES CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities, such as:...
CVE-2025-24801
GLPI is a free asset and IT management software package. An authenticated user can upload and force the execution of .php files located on the GLPI server. This vulnerability is fixed in 10.0.18...
CVE-2020-36701
The Page Builder: KingComposer plugin for WordPress is vulnerable to Arbitrary File Uploads in versions up to, and including, 2.9.3 via the 'processbulkaction' function in the 'kingcomposer/includes/kc.extensions.php' file. This makes it possible for authenticated users with author level...
gallery-php.txt
!/usr/bin/php 17-August-2004 ++ Vulnerability description ++ Gallery http://gallery.sf.net/ is a PHP image gallery script. Having permission to upload photos in some album and the temporal directory is in the webtree, then it is possible to create a file with any extension and content. Tested in ...