Lucene search
K

609 matches found

EUVD
EUVD
added 2026/06/29 5:19 p.m.9 views

EUVD-2026-40166

ruoyi-vue-pro through 2026.05, fixed in commit c779a47, contains a missing authorization vulnerability in the CRM module's GET /admin-api/crm/follow-up-record/get endpoint that allows authenticated users to read any follow-up record by iterating sequential numeric IDs. Attackers can exploit this ...

7.1CVSS5.9AI score0.00231EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/21 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-39199

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - snes9x 1.63 allows an out-of-bounds write and denial of service via a crafted .ups file. CVE-2026-39199 Note that Nessus relies on the presence of the package a...

2.9CVSS5.8AI score0.00125EPSS
Exploits0References3
NVD
NVD
added 2026/06/17 6:17 p.m.14 views

CVE-2026-39199

snes9x 1.63 allows an out-of-bounds write and denial of service via a crafted .ups file...

2.9CVSS0.00125EPSS
Exploits0References3
OSV
OSV
added 2026/06/17 6:17 p.m.2 views

DEBIAN-CVE-2026-39199

snes9x 1.63 allows an out-of-bounds write and denial of service via a crafted .ups file...

2.9CVSS5.8AI score0.00125EPSS
Exploits0References1
OSV
OSV
added 2026/06/17 6:17 p.m.4 views

UBUNTU-CVE-2026-39199

snes9x 1.63 allows an out-of-bounds write and denial of service via a crafted .ups file...

2.9CVSS5.8AI score0.00125EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/17 12:0 a.m.21 views

CVE-2026-39199

snes9x 1.63 allows an out-of-bounds write and denial of service via a crafted .ups file...

2.9CVSS0.00125EPSS
Exploits0References3
Debian CVE
Debian CVE
added 2026/06/17 12:0 a.m.5 views

CVE-2026-39199

snes9x 1.63 allows an out-of-bounds write and denial of service via a crafted .ups file...

2.9CVSS5.8AI score0.00125EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/17 12:0 a.m.18 views

PT-2026-50249

Name of the Vulnerable Software and Affected Versions snes9x version 1.63 Description An out-of-bounds write occurs when loading a ROM alongside a crafted .ups patch file, which can lead to a denial of service and cause the emulator to crash. Recommendations At the moment, there is no information...

2.9CVSS5.8AI score0.00125EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/08 1:55 a.m.9 views

CVE-2024-58348

WordPress Background Image Cropper version 1.2 contains a remote code execution vulnerability that allows unauthenticated attackers to upload arbitrary files by accessing the ups.php endpoint. Attackers can upload PHP files through the file upload form in the plugin directory to execute arbitrary...

9.8CVSS6.7AI score0.00838EPSS
Exploits0References4Affected Software1
Cvelist
Cvelist
added 2026/06/08 1:55 a.m.47 views

CVE-2024-58348 WordPress Background Image Cropper 1.2 Remote Code Execution

WordPress Background Image Cropper version 1.2 contains a remote code execution vulnerability that allows unauthenticated attackers to upload arbitrary files by accessing the ups.php endpoint. Attackers can upload PHP files through the file upload form in the plugin directory to execute arbitrary...

9.8CVSS0.00838EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:19 p.m.10 views

CVE-2026-10065

A weakness has been identified in Shibby Tomato 1.28. This vulnerability affects the function getupsfield of the file tomatodata.cgi. Executing a manipulation of the argument Date can lead to stack-based buffer overflow. It is possible to launch the attack remotely. This project is superseded by...

9CVSS8.3AI score0.00438EPSS
Exploits0References1
NVD
NVD
added 2026/06/05 6:16 p.m.13 views

CVE-2025-71318

NetMan 204 fails to enforce authentication on its administrative pages and command endpoints. A remote, unauthenticated attacker can directly request administrative pages such as administration.html, administration-commands.html, and configuration.html to disclose sensitive information including...

9.8CVSS0.00533EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/05 5:49 p.m.9 views

CVE-2025-71318 NetMan 204 Missing Authentication for Administrative Functions

NetMan 204 fails to enforce authentication on its administrative pages and command endpoints. A remote, unauthenticated attacker can directly request administrative pages such as administration.html, administration-commands.html, and configuration.html to disclose sensitive information including...

9.8CVSS5.5AI score0.00533EPSS
Exploits0References3
CVE
CVE
added 2026/06/05 5:49 p.m.20 views

CVE-2025-71318

CVE-2025-71318 concerns NetMan 204, where authentication is not enforced on administrative pages and command endpoints. A remote, unauthenticated attacker can directly access pages (e.g., administration.html, administration-commands.html, configuration.html) to disclose sensitive details such as ...

9.8CVSS5.5AI score0.00533EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.10 views

RIELLO UPS NetMan 信任管理问题漏洞

Riello UPS NetMan is a network adapter developed by the Italian company Riello UPS. The Riello UPS NetMan 204 has a vulnerability related to trust management. This vulnerability stems from a hardcoded backdoor account with a username and password of “eurek”. Unauthenticated remote attackers can...

9.8CVSS5.4AI score0.00432EPSS
Exploits0References3
CVE
CVE
added 2026/05/29 3:15 p.m.20 views

CVE-2026-10066

The CVE concerns Shibby Tomato versions up to 1.28, specifically the UPS Service component. It affects the function sub_9068 in tomatoups.cgi, causing a stack-based buffer overflow that can be triggered remotely. The project is superseded by FreshTomato and targets products no longer supported by...

9CVSS7.6AI score0.00438EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/29 3:15 p.m.10 views

CVE-2026-10066

A security vulnerability has been detected in Shibby Tomato up to 1.28. This issue affects the function sub9068 of the file tomatoups.cgi of the component UPS Service. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. This project is superseded by...

9CVSS7.6AI score0.00438EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/29 3:15 p.m.10 views

CVE-2026-10066 Shibby Tomato UPS Service tomatoups.cgi sub_9068 stack-based overflow

A security vulnerability has been detected in Shibby Tomato up to 1.28. This issue affects the function sub9068 of the file tomatoups.cgi of the component UPS Service. The manipulation leads to stack-based buffer overflow. The attack can be initiated remotely. This project is superseded by...

9CVSS7.6AI score0.00438EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/05/29 3:0 p.m.43 views

CVE-2026-10065 Shibby Tomato tomatodata.cgi get_ups_field stack-based overflow

A weakness has been identified in Shibby Tomato 1.28. This vulnerability affects the function getupsfield of the file tomatodata.cgi. Executing a manipulation of the argument Date can lead to stack-based buffer overflow. It is possible to launch the attack remotely. This project is superseded by...

9CVSS0.00438EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/29 3:0 p.m.8 views

CVE-2026-10065

A weakness has been identified in Shibby Tomato 1.28. This vulnerability affects the function getupsfield of the file tomatodata.cgi. Executing a manipulation of the argument Date can lead to stack-based buffer overflow. It is possible to launch the attack remotely. This project is superseded by...

9CVSS7.8AI score0.00438EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder