260 matches found
ShopWind Remote Code Execution (CVE-2022-30453)
A remote code execution vulnerability exists in ShopWind. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Checkbox Survey Remote Code Execution (CVE-2021-27852)
A remote code execution vulnerability exists in Checkbox Survey. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
ChakraCore vulnerable to privilege escalation
ChakraCore allows an attacker to gain the same user rights as the current user, due to the way that the ChakraCore scripting engine handles objects in memory. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take...
PT-2022-2773 · Microsoft · Windows Print Spooler +1
Name of the Vulnerable Software and Affected Versions: Windows Print Spooler affected versions not specified Description: The issue is related to the Windows Print Spooler's insecure management of privileges, allowing an attacker to elevate their privileges. This can affect the system...
Spring Core Remote Code Execution (CVE-2022-22965)
A remote code execution vulnerability exists in Spring Core. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Extensis Portfolio Multiple Vulnerabilities (CVE-2022-24251; CVE-2022-24252; CVE-2022-24253; CVE-2022-24254)
Multiple vulnerabilities exist in Extensis Portfolio. Successful exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary commands on the affected system...
Apple Releases Security Updates for Multiple Products
Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the Apple security page and apply the necessary updates. This...
Microsoft Remote Desktop Client Remote Code Execution (CVE-2022-21990)
A remote code execution vulnerability exists in Microsoft Remote Desktop Client. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
TIBCO AuditSafe 授权问题漏洞
TIBCO AuditSafe is an audit trail application from TIBCO. An authorization issue vulnerability exists in TIBCO AuditSafe, which can be exploited by an attacker to execute API methods on an affected system...
Nagios XI Remote Code Execution (CVE-2021-40344)
A remote code execution vulnerability exists in Nagios XI. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Cisco Releases Security Updates for Multiple Products
Cisco has released security updates to address vulnerabilities in multiple Cisco products. An attacker could exploit some of these vulnerabilities to take control of an affected system. For updates addressing lower severity vulnerabilities, see the Cisco Security Advisories page. CISA encourages...
Tibco Eftl 信息泄露漏洞
Tibco Eftl is an add-on to Tibco Ftl and Tibco Enterprise Message Service™ from Tibco USA, Inc. Extending Tibco Ftl® messaging to platforms such as Web browsers and mobile devices, an information disclosure vulnerability exists in TIBCO eFTL, which stems from a client inheriting privileges from a...
Apache Log4j Remote Code Execution (CVE-2017-5645)
A remote code execution vulnerability exists in Apache Log4j. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
WordPress WooCommerce Gutenberg Blocks Plugin SQL Injection (CVE-2021-32789)
An SQL injection vulnerability exists in WordPress WooCommerce Gutenberg Blocks Plugin. Successful exploitation of this vulnerability could result in the execution of arbitrary SQL statements on the affected system...
SAP NetWeaver Remote Code Execution (CVE-2018-2380)
A remote code execution vulnerability exists in SAP NetWeaver. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
CVE-2021-36336
Wyse Management Suite 3.3.1 and below versions contain a deserialization vulnerability that could allow an unauthenticated attacker to execute code on the affected system...
CMSUno Remote Code Execution (CVE-2021-40889)
A remote code execution vulnerability exists in CMSUno. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Dell Networking OS10 Authentication Bypass Vulnerability
Dell Networking OS10 is a Linux-based network switch operating system from Dell DELL U.S.A. Dell Networking OS10 is vulnerable to an authentication bypass vulnerability that could be exploited by attackers to gain access to the affected system and perform operations...
Projectsend Directory Traversal (CVE-2021-40887)
A directory traversal vulnerability exists in Projectsend. Successful exploitation of this vulnerability could allow an attacker to access arbitrary files on the affected system...
Microsoft .NET Framework Remote Code Execution Vulnerability
Microsoft .NET Framework contains a remote code execution vulnerability when processing untrusted input that could allow an attacker to take control of an affected system...