V
Scaner-VS
ENRU
HomeCatalogSourcesCWECAPECATT&CKMitigationsProductsVendorsDocs
Filters

All vulnerabilities

22 / 22
CWE: CWE-626×Clear all
4.0
CVE-2015-4025DEB
PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encoun…
2015-01-01
EPSS20.2%
pct 97
4.0
CVE-2015-4026DEB
The pcntl_exec implementation in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9…
2015-01-01
EPSS19.2%
pct 96
4.3
CVE-2014-5120DEB
gd_ctx.c in the GD component in PHP 5.4.x before 5.4.32 and 5.5.x before 5.5.16 does not ensure…
2014-01-01
EPSS16.9%
pct 96
7.5
CVE-2013-2186DEB
The DiskFileItem class in Apache Commons FileUpload, as used in Red Hat JBoss BRMS 5.3.1; JBoss…
2013-01-01
EPSS12.7%
pct 95
6.5
CVE-2018-8780AST
In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-pr…
2018-01-01Pre-auth
EPSS10.1%
pct 95
4.0
CVE-2015-2348DEB
The move_uploaded_file implementation in ext/standard/basic_functions.c in PHP before 5.4.39, 5…
2015-01-01
EPSS8.7%
pct 94
7.5
CVE-2013-2185CVE
The readObject method in the DiskFileItem class in Apache Tomcat and JBoss Web, as used in Red …
2013-01-01
EPSS7.2%
pct 93
3.7
CVE-2018-8779AST
In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-pr…
2018-01-01Pre-auth
EPSS7.2%
pct 93
4.0
CVE-2006-7243DEB
PHP before 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent at…
2006-01-01
EPSS5.4%
pct 91
5.3
CVE-2015-3412DEB
PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames l…
2015-01-01Pre-auth
EPSS4.0%
pct 89
6.5
CVE-2015-4598DEB
PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not ensure that pathnames …
2015-01-01Pre-auth
EPSS3.8%
pct 88
6.5
CVE-2015-3411DEB
PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames l…
2015-01-01Pre-auth
EPSS3.4%
pct 87
6.5
CVE-2019-15845AST
Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 mishandles path checking withi…
2019-01-01Pre-auth
EPSS3.3%
pct 86
7.3
CVE-2019-19959AST
ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involv…
2019-01-01Pre-auth
EPSS3.2%
pct 86
9.4
CVE-2019-17137CVE
This vulnerability allows network-adjacent attackers to bypass authentication on affected insta…
2019-01-01Pre-auth
EPSS2.7%
pct 84
4.3
CVE-2012-4522DEB
The rb_get_path_check function in file.c in Ruby 1.9.3 before patchlevel 286 and Ruby 2.0.0 bef…
2012-01-01
EPSS2.2%
pct 80
4.8
CVE-2024-3096ANC
In PHP  version 8.1.* before 8.1.28, 8.2.* before 8.2.18, 8.3.* before 8.3.5, if a password sto…
2024-01-01Pre-auth
EPSS1.5%
pct 70
9.8
CVE-2019-11936DEB
Various APC functions accept keys containing null bytes as input, leading to premature truncati…
2019-01-01Pre-auth
EPSS1.5%
pct 70
6.5
CVE-2020-7928DEB
A user authorized to perform database queries may trigger a read overrun and access arbitrary m…
2020-01-01
EPSS1.4%
pct 69
4.0
CVE-2009-2702DEB
KDE KSSL in kdelibs 3.5.4, 4.2.4, and 4.3 does not properly handle a '\0' character in a domain…
2009-01-01
EPSS1.2%
pct 65
8.8
CVE-2021-23960AST
Performing garbage collection on re-declared JavaScript variables resulted in a user-after-pois…
2021-01-01Pre-auth
EPSS1.2%
pct 64
4.4
CVE-2020-10773AST
A stack information leak flaw was found in s390/s390x in the Linux kernel’s memory manager func…
2020-01-01
EPSS0.4%
pct 28
Select a vulnerability on the left to open the preview.