CVE-2022-44794

An issue was discovered in Object First Ootbi BETA build 1.0.7.712. Management protocol has a flow which allows a remote attacker to execute arbitrary Bash code with root privileges. The command that sets the hostname doesn't validate input parameters. As a result, arbitrary data goes directly to...

CVE-2020-29069

getflagiplocaldb in server/mhn/ui/utils.py in Modern Honey Network MHN through 2020-11-23 allows attackers to cause a denial-of-service via an IP address that is absent from a local geolocation database, because the code tries to uppercase a return value even if that value is not a string...

CVE-2020-8739

Use of potentially dangerous function in Intel BIOS platform sample code for some IntelR Processors may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2020-12839

ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkExpirationDate.php...

CVE-2019-17003

Scanning a QR code that contained a javascript: URL would have resulted in the Javascript being executed...

CVE-2014-5248

Cross-site scripting XSS vulnerability in MyBB before 1.6.15 allows remote attackers to inject arbitrary web script or HTML via vectors related to video MyCode...

CVE-2019-15679

TightVNC code version 1.3.10 contains heap buffer overflow in InitialiseRFBConnection function, which can potentially result code execution. This attack appear to be exploitable via network connectivity...

CVE-2019-13458

An issue was discovered in Open Ticket Request System OTRS 7.0.x through 7.0.8, and Community Edition 5.0.x through 5.0.36 and 6.0.x through 6.0.19. An attacker who is logged into OTRS as an agent user with appropriate permissions can leverage OTRS notification tags in templates in order to...

CVE-2010-4007

Oracle Mojarra uses an encrypted View State without a Message Authentication Code MAC, which makes it easier for remote attackers to perform successful modifications of the View State via a padding oracle attack, a related issue to CVE-2010-2057...

GNU C Library Code Problem Vulnerability

The GNU C Library is an open source, free C language compiler from the GNU community released under the LGPL license. A code issue vulnerability exists in GNU C Library, which can be exploited by an attacker to cause dynamic shared library loading...

ABB多款产品 代码问题漏洞

ABB ASPECT-Enterprise is a scalable building energy management and control solution.ABB NEXUS Series is a monitoring and control management system.ABB MATRIX Series is an embedded IoT ASPECT control engine designed to provide flexible field control for medium to large field control applications. ...

Broadcom Automic Automation Agent 代码问题漏洞

Broadcom Automic Automation Agent is a Broadcom agent for enterprise-level task automation that supports cross-platform job scheduling, process orchestration, and IT O&M automation for automated management of complex business scenarios. A code issue vulnerability exists in Broadcom Automic...

CVE-2023-2334

The edd-google-sheet-connector-pro WordPress plugin before 1.4, Easy Digital Downloads Google Sheet Connector WordPress plugin before 1.6.6 does not have CSRF check when updating its Access Code, which could allow attackers to make logged in admin change the access code to an arbitrary one via a...

Adobe Dreamweaver Arbitrary Code Vulnerability (APSB25-35) - Windows

Adobe Dreamweaver is prone to an arbitrary code vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:dreamweaver"...

Adobe Dreamweaver Arbitrary Code Vulnerability (APSB25-35) - Mac OS X

Adobe Dreamweaver is prone to an arbitrary code vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:dreamweaver"...

Vulnerabilities fixed in Microsoft Developer Tools

Microsoft has fixed vulnerabilities in several Developer Tools. A malicious party can exploit the vulnerabilities to carry out attacks that can lead to the following categories of damage: - Circumvention of a security measure - Execution of arbitrary code user privileges - Access to sensitive dat...

Microsoft Windows 代码问题漏洞

Microsoft Windows is a suite of operating systems for use on personal devices from the U.S.-based Microsoft Corporation Microsoft. A code issue vulnerability exists in Microsoft Windows. An attacker could exploit this vulnerability to gain elevated privileges. The following products and versions...

CVE-2025-31218

This issue was addressed by removing the vulnerable code. This issue is fixed in macOS Sequoia 15.5. An app may be able to observe the hostnames of new network connections...

MTSoftware C-Lodop 代码问题漏洞

MTSoftware C-Lodop is a cloud-based Web printing control from China-based MTSoftware that supports cross-browser silent printing and complex report design. A code issue vulnerability exists in MTSoftware C-Lodop version 6.6.1.1, which stems from the presence of unquoted search paths in the...

MAL-2025-4240 Malicious code in solana-test-suite (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 637014df713a194c727be0c3c8a6883b80fa29c7e66be089dd3bb82e49b915b4 Packages that seem to be created by a legit bug bounty hunter. Designed to look like created by different organisations, they contain a couple of data...