2026-02-26 Daily Vulns
NEW:
| CVE | vendor-product | description | metric | Referenceurl | title | GithubURL | |
|---|---|---|---|---|---|---|---|
| CVE-2006-3730 | n/a - n/a | Integer overflow in Microsoft Internet Explorer 6 on Windows XP SP2 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a 0x7fffffff argument to the setSlice method on a WebViewFolderIcon ActiveX object, which leads to an invalid memory copy. | CNA n/a CVSS3.1: 8.8 - HIGH | 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 | Exploitation: pocAutomatable: noTechnical Impact: total | undefined | github |
| CVE-2020-14381 | n/a - kernel | A flaw was found in the Linux kernel’s futex implementation. This flaw allows a local attacker to corrupt system memory or escalate their privileges when creating a futex on a filesystem that is about to be unmounted. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. | CNA n/a CVSS3.1: 7.8 - HIGH | 0 1 | Exploitation: noneAutomatable: noTechnical Impact: total | undefined | github |
| CVE-2019-25391 | Ashopsoftware - Ashop Shopping Cart Software | Ashop Shopping Cart Software contains a time-based blind SQL injection vulnerability that allows attackers to manipulate database queries through the blacklistitemid parameter. Attackers can send POST requests to the admin/bannedcustomers.php endpoint with crafted SQL payloads using SLEEP functions to extract sensitive database information. | CVSS4.0: 8.8 - HIGH CVSS3.1: 8.2 - HIGH | 0 1 | Exploitation: pocAutomatable: yesTechnical Impact: partial | Ashop Shopping Cart Software Lastest Latest SQL Injection via bannedcustomers.php | github |
This post is licensed under CC BY 4.0 by the author.