5353 matches found
CVE-2022-26149
MODX Revolution through 2.8.3-pl allows remote authenticated administrators to execute arbitrary code by uploading an executable file, because the Uploadable File Types setting can be changed by an administrator...
CVE-2021-3700
CVE-2021-3700 affects usbredir: use-after-free in usbredirparser_serialize() within usbredirparser.c for versions prior to 0.11.0. Impact described as possible denial of service and potentially arbitrary code execution. Remediation present in multiple advisories: upgrade usbredir to a newer relea...
CVE-2022-25073
TL-WR841Nv14US0.9.14.18 routers were discovered to contain a stack overflow in the function dmfillObjByStr. This vulnerability allows unauthenticated attackers to execute arbitrary code...
CVE-2022-24356
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader Foxit reader 11.0.1.0719 macOS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw...
CVE-2021-46631
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...
CVE-2021-46642
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within th...
CVE-2021-46036
An arbitrary file upload vulnerability in the component /ms/file/uploadTemplate.do of MCMS v5.2.4 allows attackers to execute arbitrary code...
Privilege escalation
An arbitrary file upload vulnerability in the component /ms/file/uploadTemplate.do of MCMS v5.2.4 allows attackers to execute arbitrary code...
CVE-2021-46036
An arbitrary file upload vulnerability in the component /ms/file/uploadTemplate.do of MCMS v5.2.4 allows attackers to execute arbitrary code...
Magnolia CMS has an unspecified vulnerability (CNVD-2022-13385)
Magnolia CMS is an application of the Swiss company Magnolia. Magnolia CMS, a website building framework, is provided with a security vulnerability that can be exploited by attackers to execute arbitrary code via a crafted CSV XLS file...
Apache Cassandra Code Injection Vulnerability
Apache Cassandra is a distributed Nosql database from the American Apache Apache Foundation. Apache Cassandra suffers from a code injection vulnerability that stems from a network system or product failing to properly filter specific elements of externally entered data during the construction of ...
Adobe Illustrator Buffer Overflow Vulnerability (CNVD-2022-15940)
Adobe Illustrator is a vector-based image creation software from Adobe. Adobe Illustrator is vulnerable to a buffer overflow vulnerability that could be exploited to execute arbitrary code in the context of the current user...
Huawei EulerOS: Security Advisory for libX11 (EulerOS-SA-2022-1072)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.6.6 : cpio (EulerOS-SA-2022-1114)
According to the versions of the cpio package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The cpiosafernamesuffix function in util.c in cpio 2.11 allows remote attackers to cause a denial of service out-of-bounds write via...
CVE-2022-20708
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned softwa...
CVE-2022-20700 Cisco Small Business RV Series Routers Vulnerabilities
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned softwa...
CVE-2022-20702 Cisco Small Business RV Series Routers Vulnerabilities
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned softwa...
CVE-2022-20702 Cisco Small Business RV Series Routers Vulnerabilities
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned softwa...
CVE-2022-20704 Cisco Small Business RV Series Routers Vulnerabilities
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned softwa...
CVE-2022-20703 Cisco Small Business RV Series Routers Vulnerabilities
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned softwa...