Command Injection

fribidi is vulnerable to command injection. The vulnerability exists in fribidi which allows an attacker to inject and execute arbitrary codes...

Remote Code Execution (RCE)

Slurm is vulnerable to remote code execution. The vulnerability exists because the user restrictions are not properly handled which allows an attacker to inject arbitrary codes...

Command Injection

git is vulnerable to Command Injection. The vulnerability exists in the fetch function in lib.rb because remote parameter does not properly sanitize which allows a malicious attacker to inject and execute arbitrary codes...

CVE-2022-25620

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in Group Functionality of Profelis IT Consultancy SambaBox allows AUTHENTICATED user to cause execute arbitrary codes on the vulnerable server. This issue affects: Profelis IT Consultancy SambaBox 4.0 versio...

CVE-2020-7007

In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the attacker may execute arbitrary codes or target the device, causing it to go out of service...

Design/Logic Flaw

In Moxa EDS-G516E Series firmware, Version 5.2 or lower, the attacker may execute arbitrary codes or target the device, causing it to go out of service...

Remote Code Execution (RCE)

Charka Core is vulnerable to Remote Code Execution. This is due to an improper type-check when the engine handles objects in memory. This allows an attacker to execute arbitrary codes with user permission. If the user has admin rights, the attacker can potentially take control of the system...

Code Injection

ansible-tower is vulnerable to code injection vulnerability. The users who have access to create variables for a job template could execute arbitrary codes on the Tower server...

CVE-2017-16772

Improper input validation vulnerability in SYNOPHOTOFlickrMultiUpload in Synology Photo Station before 6.8.3-3463 and before 6.3-2971 allows remote authenticated users to execute arbitrary codes via the progid parameter...

HUAWEI MobiConnect 23.9.17.216 - Privilege Escalation

A local privilege escalation vulnerability has been discovered in the official HUAWEI MobiConnect 23.009.17.00.216 software. The local security vulnerability allows an attackers to gain higher access privileges by execution of arbitrary codes in connection with dll hijacking. The security risk of...

ZTE Datacard MF19 Privilege Escalation / DLL Hijacking

/ Exploit Title:ZTE Datacard MF19 0V1.0.0B04 PCWMOBILISALGV1.0.0B03 mobilis Insecure Permissions Local Privilege Escalation & PoC Local crash & DLL Hijacking Exploit mmsdllr.dll, mediaplayerdll.dll Date: 1/01/2015 Author: Hadji Samir [email protected] Link...

ZTE Ucell 3G Modem App - Privilege Escalation Vulnerability

Document Title: =============== ZTE Ucell 3G Modem App - Privilege Escalation Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1387 Release Date: ============= 2014-12-24 Vulnerability Laboratory ID VL-ID: ===================================...

WordPress Usernoise Plugin 3.7.8 - Persistent XSS

Usernoise plugin is prone to a persistent XSS vulnerability, because the user input is not being properly handled when a feedback is submitted. The affected area is the Wordpress admin dashboard. The vulnerability accepts arbitrary codes, including JavaScript. And all JavaScript code is executed...

docuFORM Mercury WebApp Multiple Cross-Site Scripting Vulnerabilities

This host is running docuFORM Mercury WebApplication is prone to multiple cross-site scripting vulnerabilities. OpenVAS Vulnerability Test $Id: secpoddocuformmercurywebappxssvuln.nasl 7019 2017-08-29 11:51:27Z teissa $ docuFORM Mercury WebApp Multiple Cross-Site Scripting Vulnerabilities Authors:...

Microsoft PowerPoint 2007 OfficeArt Atom RCE Vulnerability

Microsoft Office Power Point is prone to a remote code execution RCE vulnerability. This VT has been deprecated and replaced by the VT with the OID: 1.3.6.1.4.1.25623.1.0.902411. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...

Microsoft Windows Media Player '.mpg' Buffer Overflow Vulnerability

Windows Media Player is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

RealNetworks RealPlayer Multiple Code Execution Vulnerabilities (Linux)

This host is installed with RealPlayer which is prone to multiple code execution vulnerabilities. OpenVAS Vulnerability Test $Id: secpodrealplayermultcodeexecvulnlin.nasl 5401 2017-02-23 09:46:07Z teissa $ RealNetworks RealPlayer Multiple Code Execution Vulnerabilities Linux Authors: Antu Sanadi...

StoneTrip Ston3D Standalone Player Code Execution Vulnerability (Linux)

This host is installed with StoneTrip Ston3D Standalone Player and is prone to Code Execution vulnerability. OpenVAS Vulnerability Test $Id: gbston3dprdtscodeexecvulnlin.nasl 4869 2016-12-29 11:01:45Z teissa $ StoneTrip Ston3D Standalone Player Code Execution Vulnerability Linux Authors: Nikita M...

StoneTrip Ston3D Products Code Execution Vulnerability

StoneTrip Ston3D products is prone to a code execution vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Sonic Spot Audioactive Player Buffer Overflow Vulnerability

Sonic Spot Audioactive Player is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...