← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
103.203.175.90 - Document and Domain Research Intersect, PDFKIT.NET DMV
http://103.203.175.90:81/fdScript/RootOfEBooks/E%20Book%20collection%20-%202024%20-%20D/CSE%20%20IT%20AIDS%20ML/Raspberry%20Pi%20linux-@Computer_IT_Engineering.pdf
103.203.175.90
Indicators of Compromise (113 / 2188 total)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| CVE | CVE-2023-22518 | All versions of Confluence Data Center and Server are affected by this unexploited vulnerability. This Improper Authorization vulnerability allows an unauthenticated attacker to reset Confluence and create a Confluence instance administrator account. Using this account, an attacker can then perform all administrative actions that are available to Confluence instance administrator leading to - but not limited to - full loss of confidentiality, integrity and availability. Atlassian Cloud sites are not affected by this vulnerability. If your Confluence site is accessed via an atlassian.net domain, it is hosted by Atlassian and is not vulnerable to this issue. | 2026-02-11 | |
| CVE | CVE-2014-4113 | — | 2026-02-12 | |
| CVE | CVE-2014-6332 | — | 2026-02-12 | |
| CVE | CVE-2014-0160 | — | 2026-02-12 | |
| CVE | CVE-2017-11882 | — | 2026-02-12 | |
| CVE | CVE-2018-13379 | — | 2026-02-12 | |
| CVE | CVE-2019-11510 | — | 2026-02-12 | |
| CVE | CVE-2020-0796 | — | 2026-02-12 | |
| CVE | CVE-2020-1472 | — | 2026-02-12 | |
| CVE | CVE-2021-44228 | — | 2026-02-12 | |
| CVE | CVE-2022-22965 | — | 2026-02-12 | |
| CVE | CVE-2023-46805 | — | 2026-02-12 | |
| CVE | CVE-2024-3094 | — | 2026-02-12 | |
| CVE | CVE-2014-0160 | — | 2026-02-12 | |
| CVE | CVE-2017-11882 | — | 2026-02-12 | |
| CVE | CVE-2018-13379 | — | 2026-02-12 | |
| CVE | CVE-2019-11510 | — | 2026-02-12 | |
| CVE | CVE-2020-0796 | — | 2026-02-12 | |
| CVE | CVE-2020-1472 | — | 2026-02-12 | |
| CVE | CVE-2021-44228 | — | 2026-02-12 | |
| CVE | CVE-2022-22965 | — | 2026-02-12 | |
| CVE | CVE-2023-46805 | — | 2026-02-12 | |
| CVE | CVE-2024-3094 | — | 2026-02-12 | |
| CVE | CVE-2014-0160 | — | 2026-02-12 | |
| CVE | CVE-2017-11882 | — | 2026-02-12 | |
| CVE | CVE-2018-13379 | — | 2026-02-12 | |
| CVE | CVE-2019-11510 | — | 2026-02-12 | |
| CVE | CVE-2020-0796 | — | 2026-02-12 | |
| CVE | CVE-2020-1472 | — | 2026-02-12 | |
| CVE | CVE-2021-44228 | — | 2026-02-12 | |
| CVE | CVE-2022-22965 | — | 2026-02-12 | |
| CVE | CVE-2023-46805 | — | 2026-02-12 | |
| CVE | CVE-2024-3094 | — | 2026-02-12 | |
| CVE | CVE-2016-7262 | — | 2026-02-12 | |
| CVE | CVE-2025-13502 | — | 2026-02-12 | |
| CVE | CVE-2025-14174 | — | 2026-02-12 | |
| CVE | CVE-2025-31223 | — | 2026-02-12 | |
| CVE | CVE-2025-43265 | — | 2026-02-12 | |
| CVE | CVE-2025-43429 | — | 2026-02-12 | |
| CVE | CVE-2025-43434 | — | 2026-02-12 | |
| CVE | CVE-2025-43529 | — | 2026-02-12 | |
| CVE | CVE-2016-7262 | — | 2026-02-12 | |
| CVE | CVE-2025-13502 | — | 2026-02-12 | |
| CVE | CVE-2025-14174 | — | 2026-02-12 | |
| CVE | CVE-2025-31223 | — | 2026-02-12 | |
| CVE | CVE-2025-43265 | — | 2026-02-12 | |
| CVE | CVE-2025-43429 | — | 2026-02-12 | |
| CVE | CVE-2025-43434 | — | 2026-02-12 | |
| CVE | CVE-2025-43529 | — | 2026-02-12 | |
| CVE | CVE-2016-7262 | — | 2026-02-12 | |
| CVE | CVE-2025-13502 | — | 2026-02-12 | |
| CVE | CVE-2025-14174 | — | 2026-02-12 | |
| CVE | CVE-2025-31223 | — | 2026-02-12 | |
| CVE | CVE-2025-43265 | — | 2026-02-12 | |
| CVE | CVE-2025-43429 | — | 2026-02-12 | |
| CVE | CVE-2025-43434 | — | 2026-02-12 | |
| CVE | CVE-2025-43529 | — | 2026-02-12 | |
| CVE | CVE-2017-5754 | Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache. | 2026-02-12 | |
| CVE | CVE-2017-5754 | Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache. | 2026-02-12 | |
| CVE | CVE-1999-0095 | — | 2026-02-12 | |
| CVE | CVE-2019-10149 | — | 2026-02-12 | |
| CVE | CVE-1999-0095 | — | 2026-02-12 | |
| CVE | CVE-2019-10149 | — | 2026-02-12 | |
| CVE | CVE-1999-0095 | — | 2026-02-12 | |
| CVE | CVE-2025-26240 | — | 2026-02-13 | |
| CVE | CVE-2017-0144 | The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those described in CVE-2017-0143, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148. | 2026-02-13 | |
| CVE | CVE-2018-0802 | Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE is unique from CVE-2018-0797 and CVE-2018-0812. | 2026-02-13 | |
| CVE | CVE-2026-20700 | A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An attacker with memory write capability may be able to execute arbitrary code. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26. CVE-2025-14174 and CVE-2025-43529 were also issued in response to this report. | 2026-02-14 | |
| CVE | CVE-2026-20700 | A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An attacker with memory write capability may be able to execute arbitrary code. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26. CVE-2025-14174 and CVE-2025-43529 were also issued in response to this report. | 2026-02-14 | |
| CVE | CVE-2020-13804 | An issue was discovered in Foxit Reader and PhantomPDF before 9.7.2. It allows information disclosure of a hardcoded username and password in the DocuSign plugin. | 2026-02-14 | |
| CVE | CVE-2020-23741 | In AnyView (network police) network monitoring software 4.6.0.1, there is a local denial of service vulnerability in AnyView, attackers can use a constructed program to cause a computer crash (BSOD). | 2026-02-14 | |
| CVE | CVE-2018-19643 | Information leakage issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5. | 2026-02-14 | |
| CVE | CVE-2018-19642 | Denial of service issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5. | 2026-02-14 | |
| CVE | CVE-2022-28375 | Verizon 5G Home LVSKIHP OutDoorUnit (ODU) 3.33.101.0 does not property sanitize user-controlled parameters within the crtcswitchsimprofile function of the crtcrpc JSON listener. A remote attacker on the local network can inject shell metacharacters into /usr/lib/lua/5.1/luci/controller/rpc.lua to achieve remote code execution as root, | 2026-02-14 | |
| CVE | CVE-2005-3346 | Buffer overflow in the environment variable substitution code in main.c in OSH 1.7-14 allows local users to inject arbitrary environment variables, such as LD_PRELOAD, via pathname arguments of the form "$VAR/EVAR=arg", which cause the EVAR portion to be appended to a buffer returned by a getenv function call. | 2026-02-14 | |
| CVE | CVE-2026-20700 | A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An attacker with memory write capability may be able to execute arbitrary code. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26. CVE-2025-14174 and CVE-2025-43529 were also issued in response to this report. | 2026-02-14 | |
| CVE | CVE-1999-1472 | Internet Explorer 4.0 allows remote attackers to read arbitrary text and HTML files on the user's machine via a small IFRAME that uses Dynamic HTML (DHTML) to send the data to the attacker, aka the Freiburg text-viewing issue. | 2026-02-14 | |
| CVE | CVE-2025-1974 | A security issue was discovered in Kubernetes where under certain conditions, an unauthenticated attacker with access to the pod network can achieve arbitrary code execution in the context of the ingress-nginx controller. This can lead to disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.) | 2026-02-14 | |
| CVE | CVE-2025-1976 | Brocade Fabric OS versions starting with 9.1.0 have root access removed, however, a local user with admin privilege can potentially execute arbitrary code with full root privileges on Fabric OS versions 9.1.0 through 9.1.1d6. | 2026-02-14 | |
| CVE | CVE-2026-21533 | Improper privilege management in Windows Remote Desktop allows an authorized attacker to elevate privileges locally. | 2026-02-14 | |
| CVE | CVE-2025-14847 | Mismatched length fields in Zlib compressed protocol headers may allow a read of uninitialized heap memory by an unauthenticated client. This issue affects all MongoDB Server v7.0 prior to 7.0.28 versions, MongoDB Server v8.0 versions prior to 8.0.17, MongoDB Server v8.2 versions prior to 8.2.3, MongoDB Server v6.0 versions prior to 6.0.27, MongoDB Server v5.0 versions prior to 5.0.32, MongoDB Server v4.4 versions prior to 4.4.30, MongoDB Server v4.2 versions greater than or equal to 4.2.0, MongoDB Server v4.0 versions greater than or equal to 4.0.0, and MongoDB Server v3.6 versions greater than or equal to 3.6.0. | 2026-02-14 | |
| CVE | CVE-2025-14849 | Advantech WebAccess/SCADA is vulnerable to unrestricted file upload, which may allow an attacker to remotely execute arbitrary code. | 2026-02-14 | |
| CVE | CVE-2026-20700 | A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An attacker with memory write capability may be able to execute arbitrary code. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26. CVE-2025-14174 and CVE-2025-43529 were also issued in response to this report. | 2026-02-15 | |
| CVE | CVE-2026-21962 | Vulnerability in the Oracle HTTP Server, Oracle Weblogic Server Proxy Plug-in product of Oracle Fusion Middleware (component: Weblogic Server Proxy Plug-in for Apache HTTP Server, Weblogic Server Proxy Plug-in for IIS). Supported versions that are affected are 12.2.1.4.0, 14.1.1.0.0 and 14.1.2.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle HTTP Server, Oracle Weblogic Server Proxy Plug-in. While the vulnerability is in Oracle HTTP Server, Oracle Weblogic Server Proxy Plug-in, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle HTTP Server, Oracle Weblogic Server Proxy Plug-in accessible data as well as unauthorized access to critical data or complete access to all Oracle HTTP Server, Oracle Weblogic Server Proxy Plug-in accessible data. Note: Affected version for Weblogic Server Proxy Plug-in for IIS is 12.2.1.4.0 only. CVSS 3.1 Base Score 10.0 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N). | 2026-02-16 | |
| CVE | CVE-2026-20700 | A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An attacker with memory write capability may be able to execute arbitrary code. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26. CVE-2025-14174 and CVE-2025-43529 were also issued in response to this report. | 2026-02-16 | |
| CVE | CVE-1999-0519 | A NETBIOS/SMB share password is the default, null, or missing. | 2026-02-16 | |
| CVE | CVE-2026-21510 | Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network. | 2026-02-16 | |
| CVE | CVE-2026-23760 | SmarterTools SmarterMail versions prior to build 9511 contain an authentication bypass vulnerability in the password reset API. The force-reset-password endpoint permits anonymous requests and fails to verify the existing password or a reset token when resetting system administrator accounts. An unauthenticated attacker can supply a target administrator username and a new password to reset the account, resulting in full administrative compromise of the SmarterMail instance. NOTE: SmarterMail system administrator privileges grant the ability to execute operating system commands via built-in management functionality, effectively providing administrative (SYSTEM or root) access on the underlying host. | 2026-02-16 | |
| CVE | CVE-2026-21510 | Protection mechanism failure in Windows Shell allows an unauthorized attacker to bypass a security feature over a network. | 2026-02-16 | |
| CVE | CVE-2002-0953 | globals.php in PHP Address before 0.2f, with the PHP allow_url_fopen and register_globals variables enabled, allows remote attackers to execute arbitrary PHP code via a URL to the code in the LangCookie parameter. | 2026-02-19 | |
| CVE | CVE-2018-8453 | An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. | 2026-02-20 | |
| CVE | CVE-2026-23864 | Multiple denial of service vulnerabilities exist in React Server Components, affecting the following packages: react-server-dom-parcel, react-server-dom-turbopack, react-server-dom-webpack. The vulnerabilities are triggered by sending specially crafted HTTP requests to Server Function endpoints, and could lead to server crashes, out-of-memory exceptions or excessive CPU usage; depending on the vulnerable code path being exercised, the application configuration and application code. Strongly consider upgrading to the latest package versions to reduce risk and prevent availability issues in applications using React Server Components. | 2026-02-21 | |
| CVE | CVE-2026-21280 | Illustrator versions 29.8.3, 30.0 and earlier are affected by an Untrusted Search Path vulnerability that could result in arbitrary code execution in the context of the current user. If the application uses a search path to locate critical resources such as programs, an attacker could modify that search path to point to a malicious program, which the targeted application would then execute. Exploitation of this issue requires user interaction in that a victim must open a malicious file and scope is changed. | 2026-02-22 | |
| CVE | CVE-2025-54236 | Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue does not require user interaction. | 2026-02-22 | |
| CVE | CVE-2022-24101 | Acrobat Reader DC versions 20.001.20085 (and earlier), 20.005.3031x (and earlier) and 17.012.30205 (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | 2026-02-22 | |
| CVE | CVE-2026-22769 | Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credential vulnerability. This is considered critical as an unauthenticated remote attacker with knowledge of the hardcoded credential could potentially exploit this vulnerability leading to unauthorized access to the underlying operating system and root-level persistence. Dell recommends that customers upgrade or apply one of the remediations as soon as possible. | 2026-02-22 | |
| CVE | CVE-2026-2441 | Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High) | 2026-02-22 | |
| CVE | CVE-2025-49113 | Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated users because the _from parameter in a URL is not validated in program/actions/settings/upload.php, leading to PHP Object Deserialization. | 2026-02-22 | |
| CVE | CVE-2025-54236 | Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue does not require user interaction. | 2026-02-22 | |
| CVE | CVE-2026-22769 | Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credential vulnerability. This is considered critical as an unauthenticated remote attacker with knowledge of the hardcoded credential could potentially exploit this vulnerability leading to unauthorized access to the underlying operating system and root-level persistence. Dell recommends that customers upgrade or apply one of the remediations as soon as possible. | 2026-02-22 | |
| CVE | CVE-2026-1592 | Foxit PDF Editor Cloud (pdfonline) contains a stored cross-site scripting vulnerability in the Create New Layer feature. Unsanitized user input is embedded into the HTML output, allowing arbitrary JavaScript execution when the layer is referenced. This issue affects pdfonline.foxit.com: before 2026?02?03. | 2026-02-22 | |
| CVE | CVE-2025-54236 | Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue does not require user interaction. | 2026-02-22 | |
| CVE | CVE-2026-20700 | A memory corruption issue was addressed with improved state management. This issue is fixed in watchOS 26.3, tvOS 26.3, macOS Tahoe 26.3, visionOS 26.3, iOS 26.3 and iPadOS 26.3. An attacker with memory write capability may be able to execute arbitrary code. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals on versions of iOS before iOS 26. CVE-2025-14174 and CVE-2025-43529 were also issued in response to this report. | 2026-02-22 | |
| CVE | CVE-2019-9621 | Zimbra Collaboration Suite before 8.6 patch 13, 8.7.x before 8.7.11 patch 10, and 8.8.x before 8.8.10 patch 7 or 8.8.x before 8.8.11 patch 3 allows SSRF via the ProxyServlet component. | 2026-02-23 | |
| CVE | CVE-2021-22205 | An issue has been discovered in GitLab CE/EE affecting all versions starting from 11.9. GitLab was not properly validating image files that were passed to a file parser which resulted in a remote command execution. | 2026-02-23 | |
| CVE | CVE-2021-26855 | Microsoft Exchange Server Remote Code Execution Vulnerability | 2026-02-23 | |
| CVE | CVE-2021-31207 | Microsoft Exchange Server Security Feature Bypass Vulnerability | 2026-02-23 | |
| CVE | CVE-2022-26134 | In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Confluence Server or Data Center instance. The affected versions are from 1.3.0 before 7.4.17, from 7.13.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and from 7.18.0 before 7.18.1. | 2026-02-23 | |
| CVE | CVE-2023-38831 | RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to view a benign file within a ZIP archive. The issue occurs because a ZIP archive may include a benign file (such as an ordinary .JPG file) and also a folder that has the same name as the benign file, and the contents of the folder (which may include executable content) are processed during an attempt to access only the benign file. This was exploited in the wild in April through October 2023. | 2026-02-23 | |
| CVE | CVE-2018-13379 | An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests. | 2026-02-23 | |
| CVE | CVE-2025-49113 | Roundcube Webmail before 1.5.10 and 1.6.x before 1.6.11 allows remote code execution by authenticated users because the _from parameter in a URL is not validated in program/actions/settings/upload.php, leading to PHP Object Deserialization. | 2026-02-24 | |
| CVE | CVE-2015-1701 | Win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2003 SP2, Vista SP2, and Server 2008 SP2 allows local users to gain privileges via a crafted application, as exploited in the wild in April 2015, aka "Win32k Elevation of Privilege Vulnerability." | 2026-02-25 | |
| CVE | CVE-2017-0199 | Microsoft Office 2007 SP3, Microsoft Office 2010 SP2, Microsoft Office 2013 SP1, Microsoft Office 2016, Microsoft Windows Vista SP2, Windows Server 2008 SP2, Windows 7 SP1, Windows 8.1 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API." | 2026-02-27 |
References (1)