Sun, May 17 · 01:16 PM CDTCVE-2018-25320
9.8/10 · Must read/watchNVDvuln
Summary
ACL Analytics versions 11.x through 13.0.0.579 contain an arbitrary code execution vulnerability that allows attackers to execute arbitrary commands by leveraging the EXECUTE function. Attackers can use bitsadmin to download malicious PowerShell scripts and execute them with system privileges to establish reverse shell
CVECVE-2018-25320
SeverityCRITICAL
TypeNEW
PublishedSun, May 17 · 01:16 PM CDT
ModifiedSun, May 17 · 01:16 PM CDT
CVE-2018-25332
9.8/10 · Must read/watchNVDvuln
Summary
GitBucket 4.23.1 contains an unauthenticated remote code execution vulnerability that allows attackers to execute arbitrary commands by exploiting weak secret token generation and insecure file upload functionality. Attackers can brute-force the Blowfish encryption key, upload a malicious JAR plugin via the git-lfs end
CVECVE-2018-25332
SeverityCRITICAL
TypeNEW
PublishedSun, May 17 · 01:16 PM CDT
ModifiedSun, May 17 · 01:16 PM CDT
CVE-2018-25335
9.8/10 · Must read/watchNVDvuln
Summary
WordPress Plugin Peugeot Music 1.0 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by sending POST requests to the upload.php endpoint. Attackers can upload files with arbitrary extensions by manipulating the 'name' parameter to execute code from the uploa
CVECVE-2018-25335
SeverityCRITICAL
TypeNEW
PublishedSun, May 17 · 01:16 PM CDT
ModifiedSun, May 17 · 01:16 PM CDT
CVE-2026-31718
9.8/10 · Must read/watchNVDvuln
Summary
In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in __ksmbd_close_fd() via durable scavenger When a durable file handle survives session disconnect (TCP close without SMB2_LOGOFF), session_fd_check() sets fp->conn = NULL to preserve the handle for later reconnection. However
CVECVE-2026-31718
SeverityCRITICAL
TypeUPDATED
PublishedFri, May 01 · 02:16 PM CDT
ModifiedSun, May 17 · 04:16 PM CDT
CVE-2021-3825
9.6/10 · Must read/watchNVDvuln
Summary
On 2.1.15 version and below of Lider module in LiderAhenk software is leaking it's configurations via an unsecured API. An attacker with an access to the configurations API could get valid LDAP credentials.
CVECVE-2021-3825
SeverityCRITICAL
TypeUPDATED
PublishedFri, Oct 01 · 03:15 PM CDT
ModifiedMon, May 18 · 09:16 AM CDT
CVE-2026-31709
8.8/10 · Worth your timeNVDvuln
Summary
In the Linux kernel, the following vulnerability has been resolved: smb: client: validate the whole DACL before rewriting it in cifsacl build_sec_desc() and id_mode_to_cifs_acl() derive a DACL pointer from a server-supplied dacloffset and then use the incoming ACL to rebuild the chmod/chown security descriptor. The ori
CVECVE-2026-31709
SeverityHIGH
TypeUPDATED
PublishedFri, May 01 · 02:16 PM CDT
ModifiedSun, May 17 · 04:16 PM CDT
CVE-2026-7498
8.8/10 · Worth your timeNVDvuln
Summary
Improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Basamak Information Technology Consulting and Organization Trade Ltd. Co. DernekWeb allows Stored XSS. This issue affects DernekWeb: through 30122025.
CVECVE-2026-7498
SeverityHIGH
TypeNEW
PublishedMon, May 18 · 09:16 AM CDT
ModifiedMon, May 18 · 09:16 AM CDT
CVE-2026-8775
8.8/10 · Worth your timeNVDvuln
Summary
A flaw has been found in Edimax BR-6428NS 1.10. This affects the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. This manipulation of the argument L2TPUserName causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been published and may b
CVECVE-2026-8775
SeverityHIGH
TypeNEW
PublishedMon, May 18 · 02:16 AM CDT
ModifiedMon, May 18 · 02:16 AM CDT
CVE-2026-8776
8.8/10 · Worth your timeNVDvuln
Summary
A vulnerability has been found in Edimax BR-6428NS 1.10. This vulnerability affects the function formPPTPSetup of the file /goform/formPPTPSetup of the component POST Request Handler. Such manipulation of the argument pptpUserName leads to buffer overflow. It is possible to launch the attack remotely. The exploit has b
CVECVE-2026-8776
SeverityHIGH
TypeNEW
PublishedMon, May 18 · 02:16 AM CDT
ModifiedMon, May 18 · 02:16 AM CDT
CVE-2026-6346
8.7/10 · Worth your timeNVDvuln
Summary
Mattermost versions 11.5.x <= 11.5.1, 10.11.x <= 10.11.13, 11.4.x <= 11.4.3 fail to sanitize sensitive configuration fields before including them in support packet generation, which allows a Mattermost System Admin or any party with access to a support packet to obtain sensitive credentials in plaintext via downloading
CVECVE-2026-6346
SeverityHIGH
TypeNEW
PublishedMon, May 18 · 09:16 AM CDT
ModifiedMon, May 18 · 09:16 AM CDT
CVE-2018-25322
8.4/10 · Worth your timeNVDvuln
Summary
Allok Fast AVI MPEG Splitter 1.2 contains a stack based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious license name string. Attackers can craft a payload with 780 bytes of junk data followed by structured shellcode and place it in the License Name field to t
CVECVE-2018-25322
SeverityHIGH
TypeNEW
PublishedSun, May 17 · 01:16 PM CDT
ModifiedSun, May 17 · 01:16 PM CDT
CVE-2018-25323
8.4/10 · Worth your timeNVDvuln
Summary
Allok AVI DivX MPEG to DVD Converter 2.6.1217 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious payload. Attackers can craft a text file with a specially crafted buffer containing shellcode and SEH chain overwrite values,
CVECVE-2018-25323
SeverityHIGH
TypeNEW
PublishedSun, May 17 · 01:16 PM CDT
ModifiedSun, May 17 · 01:16 PM CDT
CVE-2018-25328
8.4/10 · Worth your timeNVDvuln
Summary
VX Search 10.6.18 contains a local buffer overflow vulnerability that allows attackers to overwrite the instruction pointer by supplying an oversized string in the directory field. Attackers can craft a malicious input file containing 271 bytes of junk data followed by a return address to execute arbitrary code with ap
CVECVE-2018-25328
SeverityHIGH
TypeNEW
PublishedSun, May 17 · 01:16 PM CDT
ModifiedSun, May 17 · 01:16 PM CDT
CVE-2026-31712
8.3/10 · Worth your timeNVDvuln
Summary
In the Linux kernel, the following vulnerability has been resolved: ksmbd: require minimum ACE size in smb_check_perm_dacl() Both ACE-walk loops in smb_check_perm_dacl() only guard against an under-sized remaining buffer, not against an ACE whose declared `ace->size` is smaller than the struct it claims to describe: if
CVECVE-2026-31712
SeverityHIGH
TypeUPDATED
PublishedFri, May 01 · 02:16 PM CDT
ModifiedSun, May 17 · 04:16 PM CDT
CVE-2018-25330
8.2/10 · Worth your timeNVDvuln
Summary
Joomla! extension EkRishta 2.10 contains persistent cross-site scripting and SQL injection vulnerabilities that allow attackers to inject malicious code through profile fields and POST parameters. Attackers can inject script payloads in profile information fields like Address that execute when users visit the profile,
CVECVE-2018-25330
SeverityHIGH
TypeNEW
PublishedSun, May 17 · 01:16 PM CDT
ModifiedSun, May 17 · 01:16 PM CDT
CVE-2018-25333
8.2/10 · Worth your timeNVDvuln
Summary
Nordex N149/4.0-4.5 Wind Turbine Web Server 4.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the login parameter in login.php. Attackers can submit crafted POST requests with SQL injection payloads in the login field t
CVECVE-2018-25333
SeverityHIGH
TypeNEW
PublishedSun, May 17 · 01:16 PM CDT
ModifiedSun, May 17 · 01:16 PM CDT
CVE-2018-25338
8.2/10 · Worth your timeNVDvuln
Summary
Zechat 1.5 contains a SQL injection vulnerability in the hashtag parameter that allows unauthenticated attackers to extract database information using union-based techniques. Attackers can exploit the hashtag parameter with union-based payloads to retrieve table and column names.
CVECVE-2018-25338
SeverityHIGH
TypeNEW
PublishedSun, May 17 · 01:16 PM CDT
ModifiedSun, May 17 · 01:16 PM CDT
CVE-2018-25339
8.2/10 · Worth your timeNVDvuln
Summary
Zechat 1.5 contains a SQL injection vulnerability in the v parameter that allows unauthenticated attackers to extract database information using time-based blind techniques. Attackers can exploit the v parameter with sleep-based blind injection to confirm vulnerability and extract data.
CVECVE-2018-25339
SeverityHIGH
TypeNEW
PublishedSun, May 17 · 01:16 PM CDT
ModifiedSun, May 17 · 01:16 PM CDT
CVE-2026-8092
8.1/10 · Worth your timeNVDvuln
Summary
Memory safety bugs present in Firefox ESR 115.35.1, Firefox ESR 140.10.1 and Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150.0.2, Firefox ESR 140.10.
CVECVE-2026-8092
SeverityHIGH
TypeUPDATED
PublishedThu, May 07 · 01:16 PM CDT
ModifiedMon, May 18 · 08:16 AM CDT
CVE-2026-8093
8.1/10 · Worth your timeNVDvuln
Summary
Memory safety bugs present in Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 150.0.2 and Thunderbird 150.0.2.
CVECVE-2026-8093
SeverityHIGH
TypeUPDATED
PublishedThu, May 07 · 01:16 PM CDT
ModifiedMon, May 18 · 08:16 AM CDT
CVE-2025-38584
7.8/10 · Worth your timeNVDvuln
Summary
In the Linux kernel, the following vulnerability has been resolved: padata: Fix pd UAF once and for all There is a race condition/UAF in padata_reorder that goes back to the initial commit. A reference count is taken at the start of the process in padata_do_parallel, and released at the end in padata_serial_worker. Thi
CVECVE-2025-38584
SeverityHIGH
TypeUPDATED
PublishedTue, Aug 19 · 05:15 PM CDT
ModifiedSun, May 17 · 04:16 PM CDT
CVE-2026-23171
7.8/10 · Worth your timeNVDvuln
Summary
In the Linux kernel, the following vulnerability has been resolved: bonding: fix use-after-free due to enslave fail after slave array update Fix a use-after-free which happens due to enslave failure after the new slave has been added to the array. Since the new slave can be used for Tx immediately, we can use it after
CVECVE-2026-23171
SeverityHIGH
TypeUPDATED
PublishedSat, Feb 14 · 04:15 PM CST
ModifiedSun, May 17 · 04:16 PM CDT
CVE-2026-31449
7.8/10 · Worth your timeNVDvuln
Summary
In the Linux kernel, the following vulnerability has been resolved: ext4: validate p_idx bounds in ext4_ext_correct_indexes ext4_ext_correct_indexes() walks up the extent tree correcting index entries when the first extent in a leaf is modified. Before accessing path[k].p_idx->ei_block, there is no validation that p_id
CVECVE-2026-31449
SeverityHIGH
TypeUPDATED
PublishedWed, Apr 22 · 02:16 PM CDT
ModifiedSun, May 17 · 04:16 PM CDT
CVE-2026-31488
7.8/10 · Worth your timeNVDvuln
Summary
In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Do not skip unrelated mode changes in DSC validation Starting with commit 17ce8a6907f7 ("drm/amd/display: Add dsc pre-validation in atomic check"), amdgpu resets the CRTC state mode_changed flag to false when recomputing the DSC config
CVECVE-2026-31488
SeverityHIGH
TypeUPDATED
PublishedWed, Apr 22 · 02:16 PM CDT
ModifiedSun, May 17 · 04:16 PM CDT
CVE-2026-31489
7.8/10 · Worth your timeNVDvuln
Summary
In the Linux kernel, the following vulnerability has been resolved: spi: meson-spicc: Fix double-put in remove path meson_spicc_probe() registers the controller with devm_spi_register_controller(), so teardown already drops the controller reference via devm cleanup. Calling spi_controller_put() again in meson_spicc_rem
CVECVE-2026-31489
SeverityHIGH
TypeUPDATED
PublishedWed, Apr 22 · 02:16 PM CDT
ModifiedSun, May 17 · 04:16 PM CDT
