|
671
|
6.5 |
MEDIUM
Network
|
joomlaworks
|
k2
|
The K2 frontend article-save handler accepts an `attachment[N][existing]` POST field that is concatenated with `JPATH_SITE/` and passed to `JFile::copy()`. `JPath::clean` does NOT strip `..`, and the…
New
|
CWE-22
Path Traversal
|
CVE-2026-48944
|
2026-06-27 02:43 |
2026-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
672
|
5.3 |
MEDIUM
Network
|
joomlaworks
|
k2
|
The K2 article gallery upload path accepts a zip/tar archive, extracts it under `/media/k2/galleries/<id>/`, and only renames image files (gif/jpg/jpeg/png/webp) to safe names — non-image files (incl…
New
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-48945
|
2026-06-27 02:43 |
2026-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
673
|
6.3 |
MEDIUM
Network
|
joomlaworks
|
k2
|
The K2 frontend article-attachment upload path accepts files whose extension is `.php`, and Apache's standard mod_php matches `\.php$` and executes them under the K2 web user. A K2 Author can upload …
New
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-48946
|
2026-06-27 02:43 |
2026-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
674
|
8.4 |
HIGH
Local
|
deno
|
deno
|
Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.7.14, Deno's permission system enforces filesystem and execution restrictions by comparing the requested path against the path su…
New
|
CWE-41
CWE-176
Improper Resolution of Path Equivalence
Improper Handling of Unicode Encoding
|
CVE-2026-49401
|
2026-06-27 02:43 |
2026-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
675
|
3.4 |
LOW
Network
|
joomlaworks
|
k2
|
A Joomla user with K2 "create item" rights (Author tier by default) can submit an article whose `embedVideo` POST field contains a raw `<script>` tag; K2 stores it verbatim and renders it unescaped t…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-48940
|
2026-06-27 02:41 |
2026-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
676
|
8.1 |
HIGH
Network
|
deno
|
deno
|
Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.7.10, Deno's node:child_process implementation provided an escapeShellArg() helper used when callers passed shell: true to spawn …
New
|
CWE-78
OS Command
|
CVE-2026-49402
|
2026-06-27 02:33 |
2026-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
677
|
5.5 |
MEDIUM
Local
|
deno
|
deno
|
Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.7.12, when Deno was run in BYONM mode (nodeModulesDir: "manual"), the module resolver did not validate that a package's resolved …
New
|
CWE-22
Path Traversal
|
CVE-2026-49406
|
2026-06-27 02:29 |
2026-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
678
|
6.5 |
MEDIUM
Local
|
deno
|
deno
|
Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.8.0, the Node.js compatibility TCP path checked the permission against the original hostname string before resolution and then di…
New
|
CWE-284
NVD-CWE-noinfo
Improper Access Control
|
CVE-2026-49411
|
2026-06-27 02:27 |
2026-06-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
679
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Nil-pointer dereference in CreateCustomVolumeFromBackup in LXD up to version 6.8 and 5.21 on Linux allows an authenticated user with can_create_storage_volumes permissions to cause a denial of servic…
New
|
CWE-476
NULL Pointer Dereference
|
CVE-2026-9639
|
2026-06-27 02:16 |
2026-06-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
680
|
9.8 |
CRITICAL
Network
|
-
|
-
|
An unauthenticated
stack-based buffer overflow vulnerability exists in vlsvr in GeoVision
GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by
insufficient length validation wh…
New
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-57881
|
2026-06-27 02:16 |
2026-06-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
