10 matches found
CVE-2025-56422
A deserialization vulnerability in LimeSurvey before v6.15.0+250623 allows a remote attacker to execute arbitrary code on the server...
PT-2025-44141
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.15.0-rc2-g3ee3f6e1202e 335 Description The Linux kernel contains a flaw within the drm/msm subsystem related to Shared Surface Private Pointer SSPP validation. The current code validates SSPP for both the curre...
PT-2025-31083
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.15.0-rc1-00009-g926217bc7d7d Description A flaw exists in the Linux kernel related to the aspeed lpc-snoop driver. Specifically, the driver does not prevent disabling channels that are not currently enabled,...
CVE-2025-5952
A vulnerability, which was classified as critical, has been found in Zend.To up to 6.10-6 Beta. This issue affects the function exec of the file NSSDropoff.php. The manipulation of the argument file1 leads to os command injection. The attack may be initiated remotely. The exploit has been disclos...
Atlassian Confluence 6.14.x < 6.14.3 / 6.15.x < 6.15.5 stored cross-site-scripting (SXSS) Vulnerability
According to its self-reported version number, the Atlassian Confluence application running on the remote host is 6.14.x prior to 6.14.3, or 6.15.x prior to 6.15.5. It is, therefore, affected by a stored cross-site-scripting SXSS vulnerability. due to improper validation of user-supplied input...
Mongoose Web Server < 6.16 Buffer Overflow Vulnerability
Mongoose Web Server is prone to a heap-based buffer overflow in mqparsehttp. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is...
Evernote Cross-Site Scripting Vulnerability
Evernote Impression Notes is a suite of note-taking software for the macOS platform from the American company Evernote. The software creates, manages, synchronizes, searches and shares notes anytime, anywhere. A cross-site scripting vulnerability exists in Evernote version 6.15 Windows. The...
TikiWiki Calendar RCE Vulnerability - Active Check
Tiki Wiki CMS Groupware is prone to a remote code execution RCE vulnerability SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Tiki Wiki CMS Calendar 14.2 / 12.5 LTS / 9.11 LTS / 6.15 - Remote Code Execution
Exploit for php platform in category web applications Exploit Title: Tiki-Calendar-RCE Google Dork: inurl:tiki-calendar.php Date: 2015-12-16 Exploit Author: Dany Ouellet Vendor Homepage: https://tiki.org/article414-Important-Security-Fix-for-all-versions-of-Tiki Software Link:...
creLoaded <= 6.15 (HTMLAREA) Automated Perl Exploit
No description provided by source. !/usr/bin/perl creLoaded = 6.15 HTMLAREA automated perl exploit hacked up by kaneda [email protected] Rather simple exploit, but still an exploit nonetheless. Attempts to upload php script and utilise that to execute commands, and show off a fake shell. C...