194 matches found
CVE-2026-3459
The vulnerability CVE-2026-3459 affects the WordPress plugin Drag and Drop Multiple File Upload for Contact Form 7. The flaw, in the dnd_upload_cf7_upload function, arises from insufficient file type validation for a multi‑file upload field with ‘*’ as accepted types, impacting versions up to 1.3...
Cisco Catalyst SD-WAN Manager(Cisco SD-WAN vManage) 信息泄露漏洞
Cisco Catalyst SD-WAN Manager Cisco SD-WAN vManage is a highly customizable dashboard provided by the American company Cisco. It simplifies and automates the deployment, configuration, management, and operation of Cisco SD-WAN. Cisco Catalyst SD-WAN Manager has a vulnerability related to...
CVE-2026-2026
A vulnerability has been identified where weak file permissions in the Nessus Agent directory on Windows hosts could allow unauthorized access, potentially permitting Denial of Service DoS attacks...
CVE-2026-2026
A vulnerability has been identified where weak file permissions in the Nessus Agent directory on Windows hosts could allow unauthorized access, potentially permitting Denial of Service DoS attacks...
CVE-2026-2026 Improper Access Control Allows Denial of Service
A vulnerability has been identified where weak file permissions in the Nessus Agent directory on Windows hosts could allow unauthorized access, potentially permitting Denial of Service DoS attacks...
Tenable Nessus Agent < 11.0.4 / 11.1.x < 11.1.2 DoS (TNS-2026-05)
According to its self-reported version, the Tenable Nessus Agent running on the remote host is prior to 11.0.4 or 11.1.x prior to 11.1.2. It is, therefore, affected by a vulnerability as referenced in the TNS-2026-05 advisory. - A vulnerability has been identified where weak file permissions in t...
📄 Malwarebytes Anti-Malware 2.x Privilege Escalation
This advisory hosts useful analysis of older research from 2016, when Google's Project Zero discovered multiple security issues in MalwareBytes Anti-Malware version 2.x. The software suffered from a combination of security flaws that allowed attackers to remotely tamper with...
CVE-2021-47852 Rockstar Service - Insecure File Permissions
Rockstar Games Launcher 1.0.37.349 contains a privilege escalation vulnerability that allows authenticated users to modify the service executable with weak permissions. Attackers can replace the RockstarService.exe with a malicious binary to create a new administrator user and gain elevated syste...
CVE-2022-26250
Synaman v5.1 and below was discovered to contain weak file permissions which allows authenticated attackers to escalate privileges...
EUVD-2020-7516
Malware in sbrugna...
EUVD-2006-7144
Malware in sbrugna...
EUVD-2018-13409
Malware in sbrugna...
EUVD-2013-3642
Malware in sbrugna...
EUVD-2016-6040
Malware in sbrugna...
EUVD-2015-1341
Malware in sbrugna...
EUVD-2022-39148
Malicious code in bioql PyPI...
EUVD-2023-44894
Malicious code in bioql PyPI...
EUVD-2021-29909
Malicious code in bioql PyPI...
windows-privesc-check
It is an offensive tool for Windows privilege escalation checking. The tool, windows-privesc-check, is a standalone executable that runs on Windows systems, attempting to find misconfigurations that could allow local unprivileged users to escalate privileges to other users or access local apps. I...
CVE-2024-9648 WP ULike Pro <= 1.9.3 - Unauthenticated Limited Arbitrary File Upload
The WP ULike Pro plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation in the WPUlikeProFileUploader class in all versions up to, and including, 1.9.3. This makes it possible for unauthenticated attackers to upload limited arbitrary files like .php2...