CVE-2020-21359

An arbitrary file upload vulnerability in the Template Upload function of Maccms10 allows attackers bypass the suffix whitelist verification to execute arbitrary code via adding a character to the end of the uploaded file's name...

CVE-2021-32439

Buffer overflow in the stblAppendSize function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file...

The vulnerability of DIAScreen software for programmable logic controllers arises from buffer overflows in dynamic memory, allowing an attacker to execute arbitrary code.

The vulnerability of the software for programmable logic controllers DIAScreen arises from buffer overflow in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code write-off memory boundaries...

KLA12252 Multiple vulnerabilities in Mozilla Firefox

Multiple vulnerabilities were found in Mozilla Firefox. Malicious users can exploit these vulnerabilities to cause denial of service, spoof user interface, execute arbitrary code, obtain sensitive information, gain privileges. Below is a complete list of vulnerabilities: 1. A memory corruption...

Jeecg-boot CMS Arbitrary File Upload Vulnerability

Jeecg-Boot is an intelligent development platform based on code generator. Jeecg-boot CMS version 2.3 of /jeecg-boot/sys/common/upload is vulnerable to arbitrary file upload, which can be exploited by attackers to execute arbitrary code...

CVE-2020-28088

An arbitrary file upload vulnerability in /jeecg-boot/sys/common/upload of jeecg-boot CMS 2.3 allows attackers to execute arbitrary code...

CVE-2020-28088

An arbitrary file upload vulnerability in /jeecg-boot/sys/common/upload of jeecg-boot CMS 2.3 allows attackers to execute arbitrary code...

CVE-2021-1609 Cisco RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers Web Management Vulnerabilities

Multiple vulnerabilities in the web-based management interface of the Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an attacker to do the following: Execute arbitrary code Cause a denial of service DoS condition Execute arbitrary commands For more...

CVE-2021-34845

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

CVE-2020-19303

An arbitrary file upload vulnerability in /fileupload.php of hdcms 5.7 allows attackers to execute arbitrary code via a crafted file...

CVE-2020-19303

An arbitrary file upload vulnerability in /fileupload.php of hdcms 5.7 allows attackers to execute arbitrary code via a crafted file...

SourceCodester Learning Management System File Upload Vulnerability

SourceCodester Learning Management System is an online learning management system from SourceCodester, Inc. in the United States. A file upload vulnerability exists in SourceCodester Learning Management System, which can be exploited by an attacker to execute arbitrary code...

CVE-2021-25200

Arbitrary file upload vulnerability in SourceCodester Learning Management System v 1.0 allows attackers to execute arbitrary code, via the file upload to \lms\studentavatar.php...

Delta Electronics DIAScreen Type Obfuscation Vulnerability

A security vulnerability exists in Delta Electronics DIAScreen, a smartphone builder from Delta Electronics, Taiwan, China, which stems from the fact that DIAScreen is susceptible to type obfuscation and can be exploited by attackers to The vulnerability can be exploited to remotely execute...

Foxit PDF Reader has a use-after-release vulnerability

Foxit PDF Reader is a PDF reader. Foxit PDF Reader is vulnerable to a post-release exploit that could be used by remote attackers to execute arbitrary code on the target system...

CVE-2021-25200

Arbitrary file upload vulnerability in SourceCodester Learning Management System v 1.0 allows attackers to execute arbitrary code, via the file upload to \lms\studentavatar.php...

CVE-2021-25203

Arbitrary file upload vulnerability in Victor CMS v 1.0 allows attackers to execute arbitrary code via the file upload to \CMSsite-master\admin\includes\adminaddpost.php...

CVE-2021-25208

Arbitrary file upload vulnerability in SourceCodester Travel Management System v 1.0 allows attackers to execute arbitrary code via the file upload to updatepackage.php...

CVE-2021-30110

dttray.exe in Greyware Automation Products Inc Domain Time II before 5.2.b.20210331 allows remote attackers to execute arbitrary code via a URL to a malicious update in a spoofed response to the UDP query used to check for updates...

Ubuntu 16.04 ESM : GNU binutils vulnerabilities (USN-4336-2)

The remote Ubuntu 16.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4336-2 advisory. USN-4336-1 fixed several vulnerabilities in GNU binutils. This update provides the corresponding update for Ubuntu 16.04 ESM. Tenable has extracted the...