59 matches found
CVE-2026-20098
A vulnerability in the Certificate Management feature of Cisco Meeting Management could allow an authenticated, remote attacker to upload arbitrary files, execute arbitrary commands, and elevate privileges to root on an affected system. This vulnerability is due to improper input validation in...
EUVD-2000-0013
Malware in sbrugna...
EUVD-2004-1944
Malware in sbrugna...
EUVD-2011-1213
Malware in sbrugna...
EUVD-2009-4865
Malware in sbrugna...
CVE-2024-24117
Insecure Permissions vulnerability in Ruijie RG-NBS2009G-P RGOS v.10.41P2 Release 9736 allows a remote attacker to gain privileges via the login check state component...
KLA70412 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions, cause denial of service, gain privileges, obtain sensitive information, spoof user interface, read local...
CVE-2023-38758
Cross Site Scripting vulnerability in wger Project wger Workout Manager v.2.2.0a3 allows a remote attacker to gain privileges via the licenseauthor field in the add-ingredient function in the templates/ingredients/view.html, models/ingredients.py, and views/ingredients.py components...
SUSE CVE-2005-2876
umount in util-linux 2.8 to 2.12q, 2.13-pre1, and 2.13-pre2, and other packages such as loop-aes-utils, allows local users with unmount permissions to gain privileges via the -r remount option, which causes the file system to be remounted with just the read-only flag, which effectively clears the...
KLA20154 Multiple vulnerabilities in Microsoft Windows
Multiple vulnerabilities were found in Microsoft Windows. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, obtain sensitive information, execute arbitrary code, bypass security restrictions. Below is a complete list of vulnerabilities: 1. A denial of...
CVE-2022-37706
enlightenmentsys in Enlightenment before 0.25.4 allows local users to gain privileges because it is setuid root, and the system library function mishandles pathnames that begin with a /dev/.. substring...
CVE-2021-45786
In maccms v10, an attacker can log in through /index.php/user/login in the "col" and "openid" parameters to gain privileges...
KLA12226 Multiple vulnerabilities in Microsoft Products (ESU)
Multiple vulnerabilities were found in Microsoft Products Extended Security Update. Malicious users can exploit these vulnerabilities to obtain sensitive information, spoof user interface, execute arbitrary code, cause denial of service, bypass security restrictions, gain privileges. Below is a...
CVE-2020-23449
newbee-mall all versions are affected by incorrect access control to remotely gain privileges through NewBeeMallIndexConfigServiceImpl.java. Unauthorized changes can be made to any user information through the userID...
File Upload Vulnerability in OpenLab Programming Network Teaching and Exam Platform of Shanghai Rigel Software Co.
OpenLab is a comprehensive teaching management and experiment platform for program design teaching, daily practice, on-line experiment, unit test, mid-term and final exam. A file upload vulnerability exists in the OpenLab Programming Network Teaching and Testing Platform of Shanghai Rigel Softwar...
Logic Flaw Vulnerability in eXtplorer Login Interface
eXtplorer is a file management based on PHP and ExtJS development of the text based on PHP and ExtJS development of the file management of the file management device manager . A logic flaw vulnerability exists in the eXtplorer login interface, which can be exploited by an attacker to gain server...
KLA11485 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to cause denial of service, spoof user interface, gain privileges, bypass security restrictions, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A deni...
KLA11336 Multiple vulnerabilities in Mozilla Thunderbird
Multiple serious vulnerabilities were found in Mozilla Thunderbird. Malicious users can exploit these vulnerabilities to cause denial of service, gain privileges, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Multiple use-after-free vulnerabilities can be exploited...
CVE-2018-14850
Stored XSS vulnerabilities in Tiki before 18.2, 15.7 and 12.14 allow an authenticated user injecting JavaScript to gain administrator privileges if an administrator opens a wiki page and moves the mouse pointer over a modified link or thumb image...
CVE-2018-7904
Huawei 1288H V5 and 288H V5 with software of V100R005C00 have a JSON injection vulnerability. An authenticated, remote attacker can launch a JSON injection to modify the password of administrator. Due to insufficient verification of the input, this could be exploited to obtain the management...