CVE-2026-6797

A vulnerability was identified in Sanluan PublicCMS up to 6.202506.d. Affected by this vulnerability is the function ZipSecureFile.setMinflateRatio of the file common/src/main/java/com/publiccms/common/tools/DocToHtmlUtils.java. Such manipulation leads to resource consumption. It is possible to...

CVE-2014-4719

Cross-site scripting XSS vulnerability in the login panel svn/login/ in User-Friendly SVN aka USVN before 1.0.7 allows remote attackers to inject arbitrary web script or HTML via the username field...

CVE-2021-41393

Teleport before 4.4.11, 5.x before 5.2.4, 6.x before 6.2.12, and 7.x before 7.1.1 allows forgery of SSH host certificates in some situations...

CVE-2022-37144

The PlexTrac platform prior to API version 1.17.0 does not restrict excessive MFA TOTP submission attempts. An unauthenticated remote attacker in possession of a valid username and password can bruteforce their way past MFA protections to login as the targeted user...

CVE-2017-18482

cPanel before 62.0.4 allows resellers to use the WHM enqueuetransferitem API for queueing non-rearrange modules SEC-213...

CVE-2019-11834

cJSON before 1.7.11 allows out-of-bounds access, related to \x00 in a string literal...

CVE-2019-11973

A SQL injection code execution vulnerability was identified in HPE Intelligent Management Center IMC PLAT earlier than version 7.3 E0506P09...

CVE-2019-11949

A remote code execution vulnerability was identified in HPE Intelligent Management Center IMC PLAT earlier than version 7.3 E0506P09...

CVE-2020-10619

An attacker could use a specially crafted URL to delete files outside the WebAccess/NMS's versions prior to 3.0.2 control...

CVE-2024-39205

An issue in pyload-ng v0.5.0b3.dev85 running under python3.11 or below allows attackers to execute arbitrary code via a crafted HTTP request...

CVE-2023-25795

Auth. admin+ Cross-Site Scripting XSS vulnerability in WP-master.Ir Feed Changer & Remover plugin = 0.2 versions...

CVE-2023-40681

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Groundhogg Inc. Groundhogg plugin = 2.7.11.10 versions...

CVE-2017-18835

Certain NETGEAR devices are affected by reflected XSS. This affects M4300-28G before 12.0.2.15, M4300-52G before 12.0.2.15, M4300-28G-POE+ before 12.0.2.15, M4300-52G-POE+ before 12.0.2.15, M4300-8X8F before 12.0.2.15, M4300-12X12F before 12.0.2.15, M4300-24X24F before 12.0.2.15, M4300-24X before...

CVE-2023-45084

An issue exists in SoftIron HyperCloud where drive caddy removal and reinsertion without a reboot may erroneously cause the system to recognize the caddy as new media and wipe all data on the drives due to a missing synchronization flaw, which impacts data availability and integrity. This issue...

CVE-2017-18830

Certain NETGEAR devices are affected by vertical privilege escalation. This affects M4300-28G before 12.0.2.15, M4300-52G before 12.0.2.15, M4300-28G-POE+ before 12.0.2.15, M4300-52G-POE+ before 12.0.2.15, M4300-8X8F before 12.0.2.15, M4300-12X12F before 12.0.2.15, M4300-24X24F before 12.0.2.15,...

CVE-2019-16145

The breadcrumbs contributed module through 0.2.0 for Padrino Framework allows XSS via a caption...

CVE-2019-12985

Citrix SD-WAN 10.2.x before 10.2.3 and NetScaler SD-WAN 10.0.x before 10.0.8 have Improper Input Validation issue 1 of 6...

EUVD-2021-16427

Malware in sbrugna...

EUVD-2016-6250

Malware in sbrugna...

EUVD-2009-0944

Malware in sbrugna...