24h | 7d | 30d

Overview

  • ShowDoc
  • ShowDoc

29 Apr 2025
Published
19 Nov 2025
Updated

CVSS v4.0
CRITICAL (9.4)
EPSS
2.03%

KEV

Description

An unrestricted file upload vulnerability in ShowDoc caused by improper validation of file extension allows execution of arbitrary PHP, leading to remote code execution.This issue affects ShowDoc: before 2.8.7.

Statistics

  • 3 Posts
  • 3 Interactions

Last activity: 22 hours ago

Fediverse

Profile picture fallback

📢⚠️ Hackers are exploiting a 5-year-old #ShowDoc vulnerability (CVE-2025-0520) to deploy web shells, enabling RCE and full server takeover worldwide.

Read: hackread.com/showdoc-vulnerabi

#CyberSecurity #Vulnerability #CyberAttacks

  • 0
  • 0
  • 1
  • 22h ago

Bluesky

Profile picture fallback
📢⚠️ Hackers are exploiting a 5-year-old #ShowDoc vulnerability (CVE-2025-0520) to deploy web shells, enabling RCE and full server takeover worldwide. Read: hackread.com/showdoc-vuln... #CyberSecurity #Vulnerability #CyberAttacks
  • 1
  • 2
  • 0
  • 22h ago

Overview

  • TBK
  • DVR-4104

13 Apr 2024
Published
01 Aug 2024
Updated

CVSS v3.1
MEDIUM (6.3)
EPSS
83.86%

KEV

Description

A vulnerability was found in TBK DVR-4104 and DVR-4216 up to 20240412 and classified as critical. This issue affects some unknown processing of the file /device.rsp?opt=sys&cmd=___S_O_S_T_R_E_A_MAX___. The manipulation of the argument mdb/mdc leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-260573 was assigned to this vulnerability.

Statistics

  • 2 Posts
  • 1 Interaction

Last activity: 1 hour ago

Fediverse

Profile picture fallback

Attackers are exploiting CVE-2024-3721 in TBK DVRs to deploy Mirai variant Nexcorium.

It spreads via old exploits and default creds, persists on devices, and launches DDoS attacks. EoL TP-Link routers are also being targeted via known flaws.

🔗 Read → thehackernews.com/2026/04/mira

  • 0
  • 1
  • 0
  • 3h ago

Bluesky

Profile picture fallback
Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet thehackernews.com/2026/04/mira...
  • 0
  • 0
  • 0
  • 1h ago

Overview

  • Google
  • Chrome

20 Mar 2026
Published
21 Mar 2026
Updated

CVSS
Pending
EPSS
0.07%

KEV

Description

Out of bounds read and write in WebGL in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: Critical)

Statistics

  • 1 Post
  • 14 Interactions

Last activity: 2 hours ago

Fediverse

Profile picture fallback

Exploit code for a recently patched Chrome vulnerability has leaked online via a misconfigured server.

Security firm Breakglass believes the code is the work of a "professional exploit developer," and most intended for "sale or government use."

intel.breakglass.tech/post/cve

  • 7
  • 7
  • 0
  • 2h ago

Overview

  • Microsoft
  • Windows 10 Version 1607

14 Apr 2026
Published
17 Apr 2026
Updated

CVSS v3.1
MEDIUM (4.3)
EPSS
0.06%

KEV

Description

Exposure of sensitive information to an unauthorized actor in Windows Snipping Tool allows an unauthorized attacker to perform spoofing over a network.

Statistics

  • 1 Post
  • 7 Interactions

Last activity: 2 hours ago

Fediverse

Profile picture fallback

CVE-2026-33829 - kolejny ciekawy błąd w Windowsie.
Jeżeli masz zainstalowane "Narzędzie Wycinanie" (a najprawdopodobniej masz) - wystarczy, że wejdziesz na spreparowaną stronę internetową, żeby Twoje hasło do Windowsa (hash NTLM) popłynęło na serwer atakującego.

  • 5
  • 2
  • 0
  • 2h ago

Overview

  • FirebirdSQL
  • firebird

17 Apr 2026
Published
17 Apr 2026
Updated

CVSS v3.1
CRITICAL (10.0)
EPSS
0.08%

KEV

Description

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the external engine plugin loader concatenates a user-supplied engine name into a filesystem path without filtering path separators or .. components. An authenticated user with CREATE FUNCTION privileges can use a crafted ENGINE name to load an arbitrary shared library from anywhere on the filesystem via path traversal. The library's initialization code executes immediately during loading, before Firebird validates the module, achieving code execution as the server's OS account. This issue has been fixed in versions 5.0.4, 4.0.7 and 3.0.14.

Statistics

  • 1 Post
  • 4 Interactions

Last activity: 17 hours ago

Fediverse

Profile picture fallback

Hey, @cR0w, another ../ for you: vuldb.com/cve/CVE-2026-40342

  • 1
  • 3
  • 0
  • 17h ago

Overview

  • The GNU C Library
  • glibc

16 May 2025
Published
26 Feb 2026
Updated

CVSS
Pending
EPSS
0.04%

KEV

Description

Untrusted LD_LIBRARY_PATH environment variable vulnerability in the GNU C Library version 2.27 to 2.38 allows attacker controlled loading of dynamically shared library in statically compiled setuid binaries that call dlopen (including internal dlopen calls after setlocale or calls to NSS functions such as getaddrinfo).

Statistics

  • 1 Post
  • 2 Interactions

Last activity: 22 hours ago

Bluesky

Profile picture fallback
Analysis of CVE-2025-4802: glibc 2.27-2.38 fails to sanitize LD_LIBRARY_PATH before dlopen() in statically linked SUID binaries, allowing arbitrary library loading and LPE. allelesecurity.com/libc-vuln-an... Infosec
  • 1
  • 1
  • 0
  • 22h ago

Overview

  • kodcloud
  • KodExplorer

19 Apr 2026
Published
19 Apr 2026
Updated

CVSS v4.0
MEDIUM (5.1)
EPSS
Pending

KEV

Description

A security flaw has been discovered in kodcloud KodExplorer up to 4.52. Affected is the function initInstall of the file /app/controller/systemMember.class.php. Performing a manipulation of the argument path results in authorization bypass. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

Statistics

  • 1 Post
  • 2 Interactions

Last activity: 1 hour ago

Fediverse

Profile picture fallback

CVE-2026-6570 (MEDIUM): kodcloud KodExplorer (v4.0 – 4.52) suffers an auth bypass in initInstall, allowing remote unauthorized access. No fix yet — restrict access & monitor for updates. radar.offseq.com/threat/cve-20

  • 1
  • 1
  • 0
  • 1h ago

Overview

  • Pending

Pending
Published
Pending
Updated

CVSS
Pending
EPSS
Pending

KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

  • 1 Post
  • 2 Interactions

Last activity: Last hour

Fediverse

Profile picture fallback

apktool 3.0.2 is out!

- performance boosts
- CVE-2026-39973 fix
- bug fixes for splits & Meta apks

apktool.org/blog/apktool-3.0.2

  • 1
  • 1
  • 0
  • Last hour

Overview

  • NetScaler
  • ADC

23 Mar 2026
Published
31 Mar 2026
Updated

CVSS v4.0
CRITICAL (9.3)
EPSS
55.71%

Description

Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP leading to memory overread

Statistics

  • 2 Posts
  • 3 Interactions

Last activity: 21 hours ago

Fediverse

Profile picture fallback

NetScaler is doing it again. Third time in three years we're patching memory leaks that hand attackers your session tokens on a plate. CISA's already got it on the emergency list. If you run one, stop reading this and patch now.

cybersec.picussecurity.com/s/c

  • 1
  • 0
  • 0
  • 21h ago

Bluesky

Profile picture fallback
NetScaler is doing it again. Third time in three years we're patching memory leaks that hand attackers your session tokens on a plate. CISA's already got it on the emerg... https://cybersec.picussecurity.com/s/cve-2026-3055-cve-2026-4368-inside-the-netscaler-citrixbleed-3-memory-overread-26799
  • 0
  • 2
  • 0
  • 21h ago

Overview

  • NetScaler
  • ADC

23 Mar 2026
Published
24 Mar 2026
Updated

CVSS v4.0
HIGH (7.7)
EPSS
0.02%

KEV

Description

Race Condition in NetScaler ADC and NetScaler Gateway when appliance is configured as Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server leading to User Session Mixup

Statistics

  • 2 Posts
  • 3 Interactions

Last activity: 21 hours ago

Fediverse

Profile picture fallback

NetScaler is doing it again. Third time in three years we're patching memory leaks that hand attackers your session tokens on a plate. CISA's already got it on the emergency list. If you run one, stop reading this and patch now.

cybersec.picussecurity.com/s/c

  • 1
  • 0
  • 0
  • 21h ago

Bluesky

Profile picture fallback
NetScaler is doing it again. Third time in three years we're patching memory leaks that hand attackers your session tokens on a plate. CISA's already got it on the emerg... https://cybersec.picussecurity.com/s/cve-2026-3055-cve-2026-4368-inside-the-netscaler-citrixbleed-3-memory-overread-26799
  • 0
  • 2
  • 0
  • 21h ago
Showing 1 to 10 of 34 CVEs