We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
This is a free service provided by THREATINT.
It is hosted in Europe 
It contains information on publicly disclosed Cybersecurity vulnerabilities based on data from the CVE® Program, please see the official CVE website and CVE List V5 on GitHub. Whenever applicable we also show information from the Known Exploited Vulnerabilities Catalog provided by US CISA as the authoritative source of vulnerabilities that have been exploited in the wild.
CVE-2025-9691: Campcodes Online Shopping System login.php sql injection: A vulnerability has been found in Campcodes Online Shopping System 1.0. This impacts an unknown function of the file /login.php. Such manipulation of the argument Password leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2012-10062: XAMPP WebDAV PHP Upload Authentication Bypass RCE: A vulnerability in XAMPP, developed by Apache Friends, version 1.7.3's default WebDAV configuration allows remote authenticated attackers to upload and execute arbitrary PHP code. The WebDAV service, accessible via /webdav/, accepts HTTP PUT requests using default credentials. This permits attackers to upload a malicious PHP payload and trigger its execution via a...
CVE-2010-10017: WM Downloader 3.1.2.2 Buffer Overflow via Malformed M3U File: WM Downloader version 3.1.2.2 is vulnerable to a buffer overflow when processing a specially crafted .m3u playlist file. The application fails to properly validate input length, allowing an attacker to overwrite structured exception handler (SEH) records and execute arbitrary code. Exploitation occurs locally when a user opens the malicious file, and th...
CVE-2011-10032: Sunway Forcecontrol SNMP NetDBServer.exe Opcode 0x57: Sunway ForceControl version 6.1 SP3 and earlier contains a stack-based buffer overflow vulnerability in the SNMP NetDBServer service, which listens on TCP port 2001. The flaw is triggered when the service receives a specially crafted packet using opcode 0x57 with an overly long payload. Due to improper bounds checking during packet parsing, attacker-controlled ...
CVE-2009-20008: Green Dam < 3.174 URL Processing Buffer Overflow: Green Dam Youth Escort version 3.17 is vulnerable to a stack-based buffer overflow when processing overly long URLs. The flaw resides in the URL filtering component, which fails to properly validate input length before copying user-supplied data into a fixed-size buffer. A remote attacker can exploit this vulnerability by enticing a user to visit a specially crafte...
CVE-2024-28835: Gnutls: potential crash during chain building/verification: A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the "certtool --verify-chain" command.
CVE-2024-2947: Cockpit: command injection when deleting a sosreport with a crafted name: A flaw was found in Cockpit. Deleting a sosreport with a crafted name via the Cockpit web interface can lead to a command injection vulnerability, resulting in privilege escalation. This issue affects Cockpit versions 270 and newer.
CVE-2024-2905: Rpm-ostree: world-readable /etc/shadow file: A security vulnerability has been discovered within rpm-ostree, pertaining to the /etc/shadow file in default builds having the world-readable bit enabled. This issue arises from the default permissions being set at a higher level than recommended, potentially exposing sensitive authentication data to unauthorized access.
CVE-2025-34164: NetSupport Manager < 14.12.0000 Heap-Based Buffer Overflow: A heap-based buffer overflow vulnerability in NetSupport Manager 14.x versions prior to 14.12.0000 allows a remote, unauthenticated attacker to cause a denial of service (DoS) or potentially result in arbitrary code execution.
CVE-2025-34165: NetSupport Manager < 14.12.0000 Stack-Based Buffer Overflow: A stack-based buffer overflow vulnerability in NetSupport Manager 14.x versions prior to 14.12.0000 allows a remote, unauthenticated attacker to cause a denial of service (DoS) or potentially leak a limited amount of memory.
CVE-2025-57819 Sangoma FreePBX: Sangoma FreePBX contains an authentication bypass vulnerability due to insufficiently sanitized user-supplied data allows unauthenticated access to FreePBX Administrator leading to arbitrary database manipulation and remote code execution.
CVE-2025-7775 Citrix NetScaler: Citrix NetScaler ADC and NetScaler Gateway contain a memory overflow vulnerability that could allow for remote code execution and/or denial of service.
CVE-2025-48384 Git Git: Git contains a link following vulnerability that stems from Git’s inconsistent handling of carriage return characters in configuration files.
CVE-2024-8069 Citrix Session Recording: Citrix Session Recording contains a deserialization of untrusted data vulnerability that allows limited remote code execution with privilege of a NetworkService Account access. Attacker must be an authenticated user on the same intranet as the session recording server.
CVE-2024-8068 Citrix Session Recording: Citrix Session Recording contains an improper privilege management vulnerability that could allow for privilege escalation to NetworkService Account access. An attacker must be an authenticated user in the same Windows Active Directory domain as the session recording server domain.
Support options
