5352 matches found
CVE-2020-18264
Cross Site Request Forgery CSRF in Simple-Log v1.6 allows remote attackers to gain privilege and execute arbitrary code via the component "Simple-Log/admin/admin.php?act=acteditmember"...
CVE-2020-18265
Cross Site Request Forgery CSRF in Simple-Log v1.6 allows remote attackers to gain privilege and execute arbitrary code via the component "Simple-Log/admin/admin.php?act=actaddmember"...
CVE-2020-18264
Cross Site Request Forgery CSRF in Simple-Log v1.6 allows remote attackers to gain privilege and execute arbitrary code via the component "Simple-Log/admin/admin.php?act=acteditmember"...
CVE-2021-1503
A vulnerability in Cisco Webex Network Recording Player for Windows and MacOS and Cisco Webex Player for Windows and MacOS could allow an attacker to execute arbitrary code on an affected system. This vulnerability is due to insufficient validation of values in Webex recording files that are in...
CVE-2021-1502 Cisco Webex Network Recording Player and Webex Player Memory Corruption Vulnerability
A vulnerability in Cisco Webex Network Recording Player for Windows and MacOS and Cisco Webex Player for Windows and MacOS could allow an attacker to execute arbitrary code on an affected system. The vulnerability is due to insufficient validation of values within Webex recording files formatted ...
Cisco Webex Network Webex Player Buffer Overflow Vulnerability
Cisco Webex Network Webex Player is a player for playing video conference recordings from Cisco USA. A buffer overflow vulnerability exists in Cisco Webex Network Recording Player and Cisco Webex Player, which can be exploited by an attacker to execute arbitrary code on an affected system...
CVE-2021-23180
A flaw was found in htmldoc in v1.9.12 and before. Null pointer dereference in fileextension,in file.c may lead to execute arbitrary code and denial of service...
CVE-2021-22519
The CVE-2021-22519 entry concerns Micro Focus SiteScope and lists vulnerable versions (11.40, 11.41, and 2018.05/11.50, 2018.08/11.51, 2018.11/11.60, 2019.02/11.70, 2019.05/11.80, 2019.08/11.90, 2019.11/11.91, 2020.05/11.92, 2020.10/11.93). It is described as an Execute arbitrary code vulnerabili...
Ubuntu: Security Advisory (USN-4964-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora: Security Advisory for python-impacket (FEDORA-2021-ab09c9a7a1)
The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Apple macOS QuartzCore Type Confusion Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Apple macOS. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the QuartzCore Framework...
emlog cross-site scripting vulnerability
emlog is a PHP and MySQL based blog and CMS builder. A cross-site scripting vulnerability exists in emlog version 6.0.0. The vulnerability can be exploited to execute arbitrary code by adding a specially crafted script as a link to a new blog post...
CVE-2020-21844
GNU LibreDWG 0.10 is affected by: memcpy-param-overlap. The impact is: execute arbitrary code remote. The component is: read2004sectionheader ../../src/decode.c:2580...
Code injection
GNU LibreDWG 0.10 is affected by: memcpy-param-overlap. The impact is: execute arbitrary code remote. The component is: read2004sectionheader ../../src/decode.c:2580...
CVE-2020-21844
CVE-2020-21844 affects GNU LibreDWG 0.10. The vulnerability is in memcpy-param-overlap in the read_2004_section_header function (../../src/decode.c:2580), exposing remote code execution. The connected records confirm the affected component and exact location, but do not provide further exploit sp...
Google Chrome Security Updates (stable-channel-update-for-desktop_20-2021-04) - Linux
Google Chrome is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:google:chrome"; ifdescription...
Security Bulletin: A security vulnerability in Node.js xmldom and msgpack5 module affects IBM Cloud Pak for Multicloud Management Managed Service
Summary A security vulnerability in Node.js xmldom and msgpack5 module affects IBM Cloud Pak for Multicloud Management Managed Service. Vulnerability Details CVEID: CVE-2021-21366 DESCRIPTION: Node.js xmldom module could allow a remote attacker to bypass security restrictions, caused by improper...
CVE-2021-27413
Omron CX-One Versions 4.60 and prior, including CX-Server Versions 5.0.29.0 and prior, are vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code...
CVE-2021-27413
Omron CX-One Versions 4.60 and prior, including CX-Server Versions 5.0.29.0 and prior, are vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code...
Microsoft Internet Explorer Scripting Engine Memory Corruption (CVE-2021-26419)
A memory corruption vulnerability exists in Microsoft Internet Explorer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...