CentOS Web Panel Code Execution Vulnerability (CNVD-2020-43142)

CentOS Web Panel CWP is a free web hosting control panel that makes it easy to manage multiple servers Dedicated and VPS without having to access the servers via SSH. A code execution vulnerability in CentOS Web Panel version cwp-e17.0.9.8.923, which stems from the ajaxdashboard.php file not...

CentOS Web Panel Code Execution Vulnerability

CentOS Web Panel CWP is a free web hosting control panel that makes it easy to manage multiple servers Dedicated and VPS without having to access the servers via SSH. A code execution vulnerability in the CentOS Web Panel cwp-e version 17.0.9.8.923, which stems from the ajaxftpmanager.php file no...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Asset and Service Management (CVE-2020-4464)

Summary IBM WebSphere Application Server is shipped as a component of Maximo Asset Management, Maximo Asset Management Essentials, Maximo Industry Solutions including Maximo for Energy Optimization, Maximo for Government, Maximo for Nuclear Power, Maximo for Transportation, Maximo for Life...

Adobe Prelude out-of-bounds write vulnerability (CNVD-2020-43374)

Adobe Prelude is a video recording and capture tool designed for intuitive and efficient media organization and metadata entry, allowing you to quickly mark up and transcode video footage and quickly create rough cuts. An out-of-bounds write vulnerability exists in Adobe Prelude 9.0 and earlier...

Code Execution Vulnerability in WMCMS of Chongqing Yu Yue Optoelectronics Technology Co.

WMCMS is a set of PHP + MYSQL based on the core development, free + open source professional Chinese labeling station-building system. WMCMS has a code execution vulnerability that can be exploited by an attacker to gain administrative privileges on the web server...

CVE-2020-1654 Junos OS: SRX Series: processing a malformed HTTP message when ICAP redirect service is enabled may can lead to flowd process crash or remote code execution

On Juniper Networks SRX Series with ICAP Internet Content Adaptation Protocol redirect service enabled, processing a malformed HTTP message can lead to a Denial of Service DoS or Remote Code Execution RCE Continued processing of this malformed HTTP message may result in an extended Denial of...

CVE-2020-15515

The turn extension through 0.3.2 for TYPO3 allows Remote Code Execution...

CVE-2020-6089

An exploitable code execution vulnerability exists in the ANI file format parser of Leadtools 20. A specially crafted ANI file can cause a buffer overflow resulting in remote code execution. An attacker can provide a malicious file to trigger this vulnerability...

Security Bulletin: A Security Vulnerability has been Identified in Websphere Application Server Shipped with Predictive Customer Intelligence (CVE-2020-4448)

Summary Websphere Application Server is shipped with Predictive Customer Intelligence. Information about a security vulnerability affecting Websphere Application Server has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes...

OPENSUSE-SU-2020:0912-1 Security update for unbound

This update for unbound fixes the following issues: - CVE-2020-12662: Fixed an issue where unbound could have been tricked into amplifying an incoming query into a large number of queries directed to a target bsc1171889. - CVE-2020-12663: Fixed an issue where malformed answers from upstream name...

CVE-2020-9568

Adobe Bridge versions 10.0.1 and earlier version have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution...

VulnCheck KEV: CVE-2018-1000861

A code execution vulnerability exists in the Stapler web framework used by Jenkins...

Code Execution Vulnerability in Xunrui CMS

Xunrui CMS free open source system is based on PHP7 language using the latest CodeIgniter4 as the development framework for the production of web content management framework. XunRui CMS code execution vulnerabilities exist. An attacker can exploit the vulnerability to execute arbitrary code...

RHEL 6 : flash-plugin (RHSA-2020:2547)

The remote Redhat Enterprise Linux 6 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:2547 advisory. The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version...

Code Execution Vulnerability in Lenovo L78071 Development Edition by Lenovo (Beijing) Co.

Lenovo Beijing Co., Ltd. is an enterprise engaged in the research and development, production, repair and testing of electronic computers and their components. A code execution vulnerability exists in the Lenovo L78071 Development Edition of Lenovo Beijing Limited, which can be exploited by an...

Critical: Red Hat Security Advisory: flash-plugin security update

An update for flash-plugin is now available for Red Hat Enterprise Linux 6 Supplementary. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Microsoft Windows Runtime Elevation of Privilege Vulnerability (CNVD-2021-29547)

Microsoft Windows Runtime .net framework is an essential functional support library for the Windows operating system from Microsoft. An elevation of privilege vulnerability exists in Microsoft Windows Runtime, which arises from a program that does not properly handle objects in memory, and can be...

IBM WebSphere UploadFileArgument Directory Traversal Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of IBM WebSphere. Authentication is not required to exploit this vulnerability. The specific flaw exists within the BroadcastMessageManager class. The issue results from the lack of proper validation of...

Code Execution Vulnerability in Advantech WebAccessNode

Advantech WebAccessNode is a fully Internet Explorer based HMI/SCADA monitoring software. A code execution vulnerability exists in Advantech WebAccessNode, which can be exploited by an attacker to gain server administrator privileges...

Code execution vulnerability in imcat (CNVD-2020-32566)

Intimate Cat imcat is a general-purpose website system designed in PHP+MySQL architecture. A code execution vulnerability exists in imcat, which can be exploited by attackers to execute malicious code and gain administrative privileges on the server...