CVE-2021-22747

Improper Check for Unusual or Exceptional Conditions vulnerability exists in Triconex Model 3009 MP installed on Tricon V11.3.x systems that could cause module reset when TCM receives malformed TriStation packets while the write-protect keyswitch is in the program position. This CVE ID is unique...

CVE-2021-3013

ripgrep before 13 on Windows allows attackers to trigger execution of arbitrary programs from the current working directory via the -z/--search-zip or --pre flag...

CVE-2021-29563

TensorFlow is an end-to-end open source platform for machine learning. An attacker can cause a denial of service by exploiting a CHECK-failure coming from the implementation of tf.rawops.RFFT. Eigen code operating on an empty matrix can trigger on an assertion and will cause program termination...

CVE-2021-23139

A null pointer vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 could allow an attacker to crash the CGI program on affected installations...

CVE-2020-5595

TCP/IP function included in the firmware of Mitsubishi Electric GOT2000 series CoreOS with version -Y and earlier installed in GT27 Model, GT25 Model, and GT23 Model contains a buffer overflow vulnerability, which may allow a remote attacker to stop the network functions of the products or execut...

CVE-2020-36660

A vulnerability was found in paxswill EVE Ship Replacement Program 0.12.11. It has been rated as problematic. This issue affects some unknown processing of the file src/evesrp/views/api.py of the component User Information Handler. The manipulation leads to information disclosure. The attack may ...

CVE-2020-35769

miniserv.pl in Webmin 1.962 on Windows mishandles special characters in query arguments to the CGI program...

CVE-2020-8950

The AUEPLauncher service in Radeon AMD User Experience Program Launcher through 1.0.0.1 on Windows allows elevation of privilege by placing a crafted file in %PROGRAMDATA%\AMD\PPC\upload and then creating a symbolic link in %PROGRAMDATA%\AMD\PPC\temp that points to an arbitrary folder with an...

CVE-2020-5653

Buffer overflow vulnerability in TCP/IP function included in the firmware of MELSEC iQ-R series RJ71EIP91 EtherNet/IP Network Interface Module First 2 digits of serial number are '02' or before, RJ71PN92 PROFINET IO Controller Module First 2 digits of serial number are '01' or before, RD81DL96 Hi...

CVE-2020-5597

TCP/IP function included in the firmware of Mitsubishi Electric GOT2000 series CoreOS with version -Y and earlier installed in GT27 Model, GT25 Model, and GT23 Model contains a null pointer dereference vulnerability, which may allow a remote attacker to stop the network functions of the products ...

CVE-2020-14232

A vulnerability in the input parameter handling of HCL Notes v9 could potentially be exploited by an authenticated attacker resulting in a stack buffer overflow. This could allow the attacker to crash the program or inject code into the system which would execute with the privileges of the...

CVE-2020-5600

TCP/IP function included in the firmware of Mitsubishi Electric GOT2000 series CoreOS with version -Y and earlier installed in GT27 Model, GT25 Model, and GT23 Model contains a resource management error vulnerability, which may allow a remote attacker to stop the network functions of the products...

CVE-2020-14109

There is command injection in the meshd program in the routing system, resulting in command execution under administrator authority on Xiaomi router AX3600 with ROM version = 1.1.12...

CVE-2020-8736

Improper access control in subsystem for the IntelR Computing Improvement Program before version 2.4.5718 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2020-25231

A vulnerability has been identified in LOGO! 8 BM incl. SIPLUS variants All versions V8.3, LOGO! Soft Comfort All versions V8.3. The encryption of program data for the affected devices uses a static key. An attacker could use this key to extract confidential information from protected program fil...

CVE-2020-19824

An issue in MPV v.0.29.1 fixed in v0.30 allows attackers to execute arbitrary code and crash program via the aoc parameter...

CVE-2020-13661

Telerik Fiddler through 5.0.20202.18177 allows attackers to execute arbitrary programs via a hostname with a trailing space character, followed by --utility-and-browser --utility-cmd-prefix= and the pathname of a locally installed program. The victim must interactively choose the Open On Browser...

What the Take Command 2025 Survey Tells Us About the State of Security

The Take Command 2025 Virtual Cybersecurity Summit wasn’t just about sharing insights, it was about listening. After the live sessions wrapped, we surveyed attendees to understand where their security programs stand today, what challenges they’re facing, and what they found most valuable during t...

CVE-2010-1239

Foxit Reader before 3.2.1.0401 allows remote attackers to 1 execute arbitrary local programs via a certain "/Type /Action /S /Launch" sequence, and 2 execute arbitrary programs embedded in a PDF document via an unspecified "/Launch /Action" sequence, a related issue to CVE-2009-0836...

CVE-2012-6640

Cross-site scripting XSS vulnerability in Horde Internet Mail Program IMP before 5.0.22, as used in Horde Groupware Webmail Edition before 4.0.9, allows remote attackers to inject arbitrary web script or HTML via a crafted SVG image attachment, a different vulnerability than CVE-2012-5565...