CVE-2023-50671

In exiftags 1.01, nikonprop1 in nikon.c has a heap-based buffer overflow write of size 28 because snprintf can write to an unexpected address...

CVE-2023-49954

The CRM Integration in 3CX before 18.0.9.23 and 20 before 20.0.0.1494 allows SQL Injection via a first name, search string, or email address...

CVE-2023-49473

Shenzhen JF6000 Cloud Media Collaboration Processing Platform firmware version V1.2.0 and software version V2.0.0 build 6245 is vulnerable to Incorrect Access Control...

CVE-2018-18802

The Tubigan "Welcome to our Resort" 1.0 software allows CSRF via admin/modusers/controller.php?action=edit...

CVE-2021-33725

A vulnerability has been identified in SINEC NMS All versions V1.0 SP2 Update 1. The affected system allows to delete arbitrary files or directories under a user controlled path and does not correctly check if the relative path is still within the intended target directory...

CVE-2021-22988

On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, 14.1.x before 14.1.4, 13.1.x before 13.1.3.6, 12.1.x before 12.1.5.3, and 11.6.x before 11.6.5.3, TMUI, also referred to as the Configuration utility, has an authenticated remote command execution vulnerability in undisclosed page...

CVE-2021-22982

On BIG-IP DNS and GTM version 13.1.x before 13.1.0.4, and all versions of 12.1.x and 11.6.x, big3d does not securely handle and parse certain payloads resulting in a buffer overflow. Note: Software versions which have reached End of Software Development EoSD are not evaluated...

CVE-2016-10864

NETGEAR EX7000 V1.0.0.421.0.94 devices allow XSS via the SSID...

CVE-2019-11546

An issue was discovered in GitLab Community and Enterprise Edition before 11.8.9, 11.9.x before 11.9.10, and 11.10.x before 11.10.2. It has a Race Condition which could allow users to approve a merge request multiple times and potentially reach the approval count required to merge...

CVE-2019-11000

An issue was discovered in GitLab Enterprise Edition before 11.7.11, 11.8.x before 11.8.7, and 11.9.x before 11.9.7. It allows Information Disclosure...

CVE-2019-11943

A remote code execution vulnerability was identified in HPE Intelligent Management Center IMC PLAT earlier than version 7.3 E0506P09...

CVE-2019-11969

A remote code execution vulnerability was identified in HPE Intelligent Management Center IMC PLAT earlier than version 7.3 E0506P09...

CVE-2019-20777

An issue was discovered on LG mobile devices with Android OS 7.0, 7.1, 7.2, 8.0, 8.1, and 9.0 software. WapService mishandles OTA Provisioning on V40 and G7 devices. The LG ID is LVE-SMP-190006 July 2019...

CVE-2019-20025

Certain builds of NEC SV9100 software could allow an unauthenticated, remote attacker to log into a device running an affected release with a hardcoded username and password, aka a Static Credential Vulnerability. The vulnerability is due to an undocumented user account with manufacturer privileg...

CVE-2019-20538

An issue was discovered on Samsung mobile devices with P9.0 software. There is a heap overflow in the knoxkap driver. The Samsung ID is SVE-2019-14857 November 2019...

CVE-2019-20804

Gila CMS before 1.11.6 allows CSRF with resultant XSS via the admin/themes URI, leading to compromise of the admin account...

CVE-2020-10965

Teradici PCoIP Management Console 20.01.0 and 19.11.1 is vulnerable to unauthenticated password resets via login/resetadminpassword of the default admin account. This vulnerability only exists when the default admin account is not disabled. It is fixed in 20.01.1 and 19.11.2...

CVE-2020-24628

A remote code injection vulnerability was discovered in HPE KVM IP Console Switches versions: G2 4x1Ex32 Prior to 2.8.3...

CVE-2024-34947

Quanxun Huiju Network Technology Beijing Co.,Ltd IK-Q3000 3.7.10 x64 Build202401261655 was discovered to be vulnerable to an ICMP redirect attack...

CVE-2024-34334

ORDAT FOSS-Online before v2.24.01 was discovered to contain a SQL injection vulnerability via the forgot password function...