Command Execution Vulnerability in Zendo Open Source Edition (CNVD-2020-71672)

Zendo Open Source Edition is a research and development project management software. Zendo Open Source Edition suffers from a command execution vulnerability that can be exploited by an attacker to gain control of the server...

Command execution vulnerability exists in UCMS (CNVD-2020-71677)

UCMS is a simple open source content management system. UCMS suffers from a command execution vulnerability that can be exploited by attackers to gain server privileges...

Apache OpenOffice Code Execution Vulnerability

Apache OpenOffice is the United States Apache Apache Software Foundation of an open source office software suite. The suite contains text documents, spreadsheets, presentations, drawings, databases and so on. Apache OpenOffice has a code execution vulnerability that can be exploited by an attacke...

Code Execution Vulnerability in Netgear WMS5316

The NETGEAR WMS5316, Wireless Controller is an easy-to-use device that simplifies the creation and management of wireless networks. A code execution vulnerability exists in the Netgear WMS5316. An attacker could exploit the vulnerability to gain server privileges...

Code execution vulnerability in XYHCMS backend Fr***.cl***.php file

Xing Yunhai CMS XYHCMS is a completely open source CMS content management system. A code execution vulnerability exists in the XYHCMS backend Fr.cl.php file. Attackers can use this vulnerability to obtain server privileges...

MGASA-2020-0436 Updated f2fs-tools packages fix security vulnerability

An exploitable code execution vulnerability exists in the file system checking functionality of fsck.f2fs 1.12.0. A specially crafted f2fs file can cause a logic flaw and out-of-bounds heap operations, resulting in code execution. An attacker can provide a malicious file to trigger this...

Code Execution Vulnerability in UCMS

UCMS is a content management system written in PHP. A code execution vulnerability exists in UCMS, which can be exploited by an attacker to gain administrative privileges on the server...

Schneider Electric Unity Pro 安全漏洞

Schneider Electric EcoStruxure Control Expert is the universal programming, commissioning and operating software for the Modicon M340, M580, M580S, Premium, Momentum and Quantum series. A command execution vulnerability exists in Schneider Electric EcoStruxure Control Expert. The vulnerability...

CVE-2020-11851

Arbitrary code execution vulnerability on Micro Focus ArcSight Logger product, affecting all version prior to 7.1.1. The vulnerability could be remotely exploited resulting in the execution of arbitrary code...

Security Updates for Microsoft SharePoint Server 2016 (November 2020)

The Microsoft SharePoint Server 2016 installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities : - An Information Disclosure Vulnerability exists in Microsoft SharePoint. CVE-2020-16979, CVE-2020-17017 - A Spoofing Vulnerability exists in...

CVE-2020-17107

HEVC Video Extensions Remote Code Execution Vulnerability...

CVE-2020-17065

Microsoft Excel Remote Code Execution Vulnerability...

CVE-2020-16982

Azure Sphere Unsigned Code Execution Vulnerability...

CVE-2020-7129

A remote execution of arbitrary commands vulnerability was discovered in Aruba Airwave Software versions: Prior to 1.3.2...

Oracle WebLogic Remote Code Execution (CVE-2020-14882; CVE-2020-14750; CVE-2020-14825; CVE-2020-14883)

A remote code execution vulnerability exists in Oracle WebLogic. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Synology SRM lbd service Command Execution Vulnerability

Summary An exploitable command execution vulnerability exists in the lbd service functionality of Qualcomm lbd 1.1, as present in Synology SRM 1.2.3 RT2600ac 8017-5. A specially crafted debug command can overwrite arbitrary files with controllable content, resulting in remote code execution. An...

Command Execution Vulnerability in Swift Text-to-Speech Software

Swift Text to Speech Software is a speech synthesis software that converts text to speech. It is suitable for a variety of scenarios such as shopping mall store advertisements, audio production, audible reading and so on. A command execution vulnerability exists in Swift Text to Speech Software,...

CVE-2020-24632

A remote execution of arbitrary commandss vulnerability was discovered in Aruba Airwave Software versions: Prior to 1.3.2...

Command injection

An arbitrary command execution vulnerability exists in the fopen function of file writes of UCMS v1.4.8, where an attacker can gain access to the server...

Command Execution Vulnerability in BIMe Data Collaboration Platform UE***.Net Component

Dongchen Gongyuan ProBIM was founded in 2014 as a software provider specializing in BIM cloud services. A command execution vulnerability exists in the UE.Net component of the BIMe data collaboration platform, which can be exploited by an attacker to gain control of the server...