6323 matches found
Cross site scripting
Stored Cross Site Scripting XSS vulnerability in the add contact function CiviCRM 5.59.alpha1, allows attackers to execute arbitrary code in first/second name field...
Cisco Small Business Denial of Service Vulnerability (CNVD-2023-40906)
Cisco Small Business is a switch from the American company Cisco Cisco. A denial of service vulnerability exists in Cisco Small Business Series Switches, which arises from a device authentication error on requests sent to the web interface, and can be exploited by an unauthenticated, remote...
CVE-2023-20189 Cisco Small Business Series Switches Buffer Overflow Vulnerabilities
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service DoS condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due t...
CVE-2023-20160 Cisco Small Business Series Switches Buffer Overflow Vulnerabilities
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service DoS condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due t...
CVE-2023-20024 Cisco Small Business Series Switches Buffer Overflow Vulnerabilities
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service DoS condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due t...
CVE-2023-20159 Cisco Small Business Series Switches Buffer Overflow Vulnerabilities
Multiple vulnerabilities in the web-based user interface of certain Cisco Small Business Series Switches could allow an unauthenticated, remote attacker to cause a denial of service DoS condition or execute arbitrary code with root privileges on an affected device. These vulnerabilities are due t...
Ubuntu: Security Advisory (USN-6078-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2023-29862
An issue found in Agasio-Camera device version not specified allows a remote attacker to execute arbitrary code via the check and authLevel parameters...
Code injection
An issue found in Agasio-Camera device version not specified allows a remote attacker to execute arbitrary code via the check and authLevel parameters...
Microsoft Office 2019 Multiple RCE Vulnerabilities (May 2023) - Mac OS X
This host is missing an important security update for Microsoft Office 2019 on Mac OS X according to Microsoft security update May 2023 SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holder...
Mozilla Firefox 安全漏洞
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox. An attacker can exploit this vulnerability to execute arbitrary code...
CVE-2023-0851
Buffer overflow in CPCA Resource Download process of Office / Small Office Multifunction Printers and Laser Printers which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. :Satera LBP660C Series/LBP620C Series/MF740C...
CVE-2023-31148
An Improper Input Validation vulnerability in the Schweitzer Engineering Laboratories Real-Time Automation Controller SEL RTAC Web Interface could allow a remote authenticated attacker to execute arbitrary code. See SEL Service Bulletin dated 2022-11-15 for more details...
CVE-2021-28999
SQL Injection vulnerability in CMS Made Simple through 2.2.15 allows remote attackers to execute arbitrary commands via the m1sortby parameter to modules/News/function.adminarticlestab.php...
CVE-2021-28999
CMS Made Simple suffers an SQL injection in the m1_sortby parameter of modules/News/function.admin_articlestab.php, affecting versions up to 2.2.15. Root cause: improper validation allows remote command execution. Impact: high confidentiality, integrity, and availability (per CVSS) with remote at...
CVE-2020-22755
File upload vulnerability in MCMS 5.0 allows attackers to execute arbitrary code via a crafted thumbnail. A different vulnerability than CVE-2022-31943...
Huawei EulerOS: Security Advisory for libndp (EulerOS-SA-2023-1746)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.2.0 : libndp (EulerOS-SA-2023-1746)
According to the versions of the libndp package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - Buffer overflow in the ndpmsgoptdnssldomain function in libndp allows remote routers to cause a denial of service crash and possib...
CVE-2023-30013
TOTOLINK X5000R V9.1.0u.6118B20201102 and V9.1.0u.6369B20230113 contain a command insertion vulnerability in setting/setTracerouteCfg. This vulnerability allows an attacker to execute arbitrary commands through the "command" parameter...
CVE-2023-30090
Semcms Shop v4.2 was discovered to contain an arbitrary file uplaod vulnerability via the component SEMCMSUpfile.php. This vulnerability allows attackers to execute arbitrary code via uploading a crafted PHP file...