CVE-2022-45005

IP-COM EW9 V15.11.0.149732 was discovered to contain a command injection vulnerability in the cmdgetpingoutput function...

CVE-2020-15540

We-com OpenData CMS 2.0 allows SQL Injection via the username field on the administrator login page...

CVE-2020-15539

SQL injection can occur in We-com Municipality portal CMS 2.1.x via the cerca/ keywords field...

CVE-2020-15538

XSS can occur in We-com Municipality portal CMS 2.1.x via the cerca/ search bar...

CVE-2020-1375

An elevation of privilege vulnerability exists when Windows improperly handles COM object creation, aka 'Windows COM Server Elevation of Privilege Vulnerability'...

CVE-2020-8960

Western Digital mycloud.com before Web Version 2.2.0-134 allows XSS...

CVE-2020-11830

QualityProtect has a vulnerability to execute arbitrary system commands, affected product is com.oppo.qualityprotect V2.0...

CVE-2020-0685

An elevation of privilege vulnerability exists when Windows improperly handles COM object creation, aka 'Windows COM Server Elevation of Privilege Vulnerability'...

Malicious code in t43est-hello-user-test-npm-com-test (npm)

--- -= Per source details. Do not edit below this line.=-...

Malicious code in hello-user-test-npm-com-test (npm)

--- -= Per source details. Do not edit below this line.=-...

CVE-2019-1405

An elevation of privilege vulnerability exists when the Windows Universal Plug and Play UPnP service improperly allows COM object creation, aka 'Windows UPnP Service Elevation of Privilege Vulnerability'...

CVE-2019-5512

VMware Workstation 15.x before 15.0.3, 14.x before 14.1.6 running on Windows does not handle COM classes appropriately. Successful exploitation of this issue may allow hijacking of COM classes used by the VMX process, on a Windows host, leading to elevation of privilege...

CVE-2019-1478

An elevation of privilege vulnerability exists when Windows improperly handles COM object creation, aka 'Windows COM Server Elevation of Privilege Vulnerability'...

CVE-2018-21243

An issue was discovered in Foxit PhantomPDF before 8.3.6. It has COM object mishandling when Microsoft Word is used...

CVE-2010-4696

Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 allow remote attackers to execute arbitrary SQL commands via the 1 filterorder or 2 filterorderDir parameter in a comcontact action to index.php, a different vulnerability than CVE-2010-4166. NOTE: the provenance of this...

CVE-2005-4844

The CLSIDApprenticeICW control allows remote attackers to cause a denial of service Internet Explorer crash by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer...

CVE-2005-4845

The Java Plug-in 1.4.203 and 1.4.204 controls, and the 1.4.203 and 1.4.204 redirector controls, allow remote attackers to cause a denial of service Internet Explorer crash by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet...

CVE-2005-4842

The System Monitor Source Properties control allows remote attackers to cause a denial of service Internet Explorer crash by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer...

CVE-2005-4841

The Outlook Progress Ctl control allows remote attackers to cause a denial of service Internet Explorer crash by creating a COM object of the class associated with the control's CLSID, which is not intended for use within Internet Explorer...

Shinnku-com 安全漏洞

Shinnku-com is an application by the individual developer of Shinnku. A security vulnerability exists in Shinnku-com v7.1.0, which originates from an arbitrary file read in /api/music/v1/cover.ts...