|
2641
|
5.5 |
MEDIUM
Local
|
uutils
|
coreutils
|
The sort utility in uutils coreutils is vulnerable to a process panic when using the --files0-from option with inputs containing non-UTF-8 filenames. The implementation enforces UTF-8 encoding and ut…
|
CWE-248
Uncaught Exception
|
CVE-2026-35348
|
2026-04-25 03:57 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2642
|
- |
|
softbizscripts
|
dating_script
|
Multiple SQL injection vulnerabilities in Softbiz Dating 1.0 allow remote attackers to execute SQL commands via the (1) country and (2) sort_by parameters in (a) search_results.php; (3) browse parame…
|
NVD-CWE-Other
|
CVE-2006-3271
|
2026-04-25 03:56 |
2006-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2643
|
- |
|
softbizscripts
|
dating_script
|
Vulnerabilidad de múltiples inyección SQL en Softbiz Dating v1.0 permite a los atacantes remotos, ejecutar comandos SQL a través del parámetro (1) country y (2) sort_by en (a) search_results.php; par…
|
NVD-CWE-Other
|
CVE-2006-3271
|
2026-04-25 03:56 |
2006-06-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2644
|
- |
|
softbizscripts
|
image_gallery_script
|
Cross-site scripting (XSS) vulnerability in image_desc.php in Softbiz Image Gallery allows remote attackers to inject arbitrary web script or HTML via msg parameter. NOTE: the provenance of this inf…
|
NVD-CWE-Other
|
CVE-2006-1660
|
2026-04-25 03:56 |
2006-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2645
|
- |
|
softbizscripts
|
image_gallery_script
|
Multiple SQL injection vulnerabilities in Softbiz Image Gallery allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in image_desc.php, (2) provided parameter in template…
|
NVD-CWE-Other
|
CVE-2006-1659
|
2026-04-25 03:56 |
2006-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2646
|
- |
|
softbizscripts
|
faq_script
|
SQL injection vulnerability in Softbiz FAQ Script 1.1 and earler allows remote attackers to execute arbitrary SQL commands via the id parameter in (1) index.php, (2) faq_qanda.php, (3) refer_friend.p…
|
NVD-CWE-Other
|
CVE-2005-3938
|
2026-04-25 03:56 |
2005-12-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2647
|
- |
|
softbizscripts
|
resource_repository_script
|
Multiple SQL injection vulnerabilities in Softbiz Resource Repository Script 1.1 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) sbres_id parameter in (a) details_res…
|
NVD-CWE-Other
|
CVE-2005-3879
|
2026-04-25 03:56 |
2005-11-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2648
|
7.5 |
HIGH
Network
|
powerdns
|
authoritative
|
A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request to it.
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-33610
|
2026-04-25 03:53 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2649
|
6.5 |
MEDIUM
Network
|
powerdns
|
authoritative
|
Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees.
|
CWE-90
LDAP Injection
|
CVE-2026-33609
|
2026-04-25 03:52 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2650
|
9.8 |
CRITICAL
Network
|
powerdns
|
authoritative
|
An attacker can send a notify request that causes a new secondary domain to be added to the bind backend, but causes said backend to update its configuration to an invalid one, leading to the backend…
|
CWE-94
Code Injection
|
CVE-2026-33608
|
2026-04-25 03:52 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
