74584 matches found
CVE-2021-22204
Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2017-8759
Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to execute code remotely via a malicious document or application, aka “.NET Framework Remote Code Execution Vulnerability.” Recent assessments: hrbrmstr at May 12, 2020 7:51pm UTC reported: This CVE made ...
Microsoft Internet Explorer Use-After-Free Vulnerability
Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object in an Office document, as exploited in the wild with a...
CVE-2014-0964
IBM WebSphere Application Server WAS 6.1.0.0 through 6.1.0.47 and 6.0.2.0 through 6.0.2.43 allows remote attackers to cause a denial of service via crafted TLS traffic, as demonstrated by traffic from a CVE-2014-0160 vulnerability-assessment tool. Recent assessments: Assessed Attacker Value: 0...
CVE-2023-28205
A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.4.1, iOS 15.7.5 and iPadOS 15.7.5, iOS 16.4.1 and iPadOS 16.4.1, macOS Ventura 13.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report...
CVE-2022-21999
Windows Print Spooler Elevation of Privilege Vulnerability Recent assessments: space-r7 at March 11, 2022 9:07pm UTC reported: This is a useful vulnerability; however, an existing session on the target is required, and escalation of privileges can sometimes depend on luck. To achieve the director...
CVE-2021-27850
A critical unauthenticated remote code execution vulnerability was found all recent versions of Apache Tapestry. The affected versions include 5.4.5, 5.5.0, 5.6.2 and 5.7.0. The vulnerability I have found is a bypass of the fix for CVE-2019-0195. Recap: Before the fix of CVE-2019-0195 it was...
CVE-2017-17215
Huawei HG532 with some customized versions has a remote code execution vulnerability. An authenticated attacker could send malicious packets to port 37215 to launch attacks. Successful exploit could lead to the remote execution of arbitrary code. Recent assessments: Assessed Attacker Value: 0...
CVE-2022-26186
TOTOLINK N600R V4.3.0cu.7570B20200620 was discovered to contain a command injection vulnerability via the exportOvpn interface at cstecgi.cgi...
CVE-2021-26605
An improper input validation vulnerability in the service of ezPDFReader allows attacker to execute arbitrary command. This issue occurred when the ezPDF launcher received and executed crafted input values through JSON-RPC communication. Recent assessments: Assessed Attacker Value: 0 Assessed...
CVE-2021-22707
A CWE-798: Use of Hard-coded Credentials vulnerability exists in EVlink City EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1, EVlink Parking EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1, and EVlink Smart Wallbox EVB1A all versions prior to R8 V3.4.0.1 that could allow an attacker t...
CVE-2021-26858
Microsoft Exchange Server Remote Code Execution Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2022-26210
Totolink A830R V5.9c.4729B20191112, A3100R V4.1.2cu.5050B20200504, A950RG V4.1.2cu.5161B20200903, A800R V4.1.2cu.5137B20200730, A3000RU V5.9c.5185B20201128, and A810R V4.1.2cu.5182B20201026 were discovered to contain a command injection vulnerability in the function setUpgradeFW, via the FileName...
CVE-2021-38000
Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 95.0.4638.69 allowed a remote attacker to arbitrarily browser to a malicious URL via a crafted HTML page. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2021-34523
Microsoft Exchange Server Elevation of Privilege Vulnerability Recent assessments: cbeek-r7 at November 22, 2024 9:11am UTC reported: CVE-2021-34523 is a privilege escalation vulnerability in Microsoft Exchange Server that arises due to improper validation of PowerShell remoting requests. This...
CVE-2025-67707
ArcGIS Server versions 11.5 and earlier on Windows and Linux do not sufficiently validate uploaded files, enabling a remote unauthenticated attacker to upload arbitrary files to the server’s designated upload directories. However, the server’s architecture enforces controls that restrict uploaded...
CVE-2021-31805
The fix issued for CVE-2020-17530 was incomplete. So from Apache Struts 2.0.0 to 2.5.29, still some of the tag’s attributes could perform a double evaluation if a developer applied forced OGNL evaluation by using the %... syntax. Using forced OGNL evaluation on untrusted user input can lead to a...
CVE-2020-19229
Jeesite 1.2.7 uses the apache shiro version 1.2.3 affected by CVE-2016-4437. Because of this version of the java deserialization vulnerability, an attacker could exploit the vulnerability to execute arbitrary commands via the rememberMe parameter. Recent assessments: Assessed Attacker Value: 0...
CVE-2021-30657 — Malicious applications may bypass Gatekeeper checks
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.3, Security Update 2021-002 Catalina. A malicious application may bypass Gatekeeper checks. Apple is aware of a report that this issue may have been actively exploited.. Recent assessments: space-r...
PEEL-CSRF
The request appears to be vulnerable to cross-site request forgery CSRF attacks against unauthenticated functionality. This is unlikely to constitute a security vulnerability in its own right, however, it may facilitate the exploitation of other vulnerabilities affecting application users. The...
CVE-2017-5930
The AliasHandler component in PostfixAdmin before 3.0.2 allows remote authenticated domain admins to delete protected aliases via the delete parameter to delete.php, involving a missing permission check. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker...
CVE-2024-47374
Improper Neutralization of Input During Web Page Generation XSS or ‘Cross-site Scripting’ vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Stored XSS.This issue affects LiteSpeed Cache: from n/a through 6.5.0.2. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value:...
CVE-2021-21224
Type confusion in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Recent assessments: gwillcox-r7 at June 17, 2021 3:06pm UTC reported: According to...
CVE-2019-1458
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka ‘Win32k Elevation of Privilege Vulnerability’. Recent assessments: gwillcox-r7 at October 19, 2020 5:31pm UTC reported: Known as WizardOpium for its use in the...
CVE-2024-4577
In PHP versions 8.1. before 8.1.29, 8.2. before 8.2.20, 8.3. before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use “Best-Fit” behavior to replace characters in command line given to Win32 API functions. PHP CGI module may...
CVE-2021-25094
The Tatsu WordPress plugin before 3.3.12 addcustomfont action can be used without prior authentication to upload a rogue zip file which is uncompressed under the WordPress’s upload directory. By adding a PHP shell with a filename starting with a dot “.”, this can bypass extension control...
CVE-2021-43141
Cross Site Scripting XSS vulnerability exists in Sourcecodester Simple Subscription Website 1.0 via the id parameter in planapplication...
CVE-2020-0605
A remote code execution vulnerability exists in .NET software when the software fails to check the source markup of a file.An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user, aka ‘.NET Framework Remote Code Execution Vulnerability’...
CVE-2019-19781
An issue was discovered in Citrix Application Delivery Controller ADC and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0. They allow Directory Traversal. Recent assessments: kevthehermit at February 22, 2020 12:29am UTC reported: AWS had pre built AMIs for these appliances built and supplied to the...
Exim EHLO crash bug
Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer overflow in stringvformat in string.c involving a long EHLO command. Recent assessments: wchen-r7 at October 04, 2019 10:50pm UTC reported: CVE-2019-16928: Exim EHLO...
CVE-2019-1579 RCE in PAN-OS with GlobalProtect Portal or Gateway Interface
Remote Code Execution in PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11-h1 and earlier, and PAN-OS 8.1.2 and earlier with GlobalProtect Portal or GlobalProtect Gateway Interface enabled may allow an unauthenticated remote attacker to execute arbitrary code. Recent assessments: bcook-r7 at June 05, 2020...
CVE-2019-7256
Linear eMerge E3-Series devices allow Command Injections. Recent assessments: h00die-gr3y at December 03, 2022 12:46pm UTC reported: Building Automation and Access Control systems are at the heart of many critical infrastructures, and their security is vital. Executing attacks on these systems ma...
CVE-2017-9248
Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity before 10.0.6412.0 does not properly protect Telerik.Web.UI.DialogParametersEncryptionKey or the MachineKey, which makes it easier for remote attackers to defeat cryptographic protection mechanisms, leadi...
CVE-2017-0213
Windows COM Aggregate Marshaler in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016 allows an elevation privilege vulnerability when an attacker runs a speciall...
CVE-2022-45045
Multiple Xiongmai NVR devices, including MBD6304T V4.02.R11.00000117.10001.131900.00000 and NBD6808T-PL V4.02.R11.C7431119.12001.130000.00000, allow authenticated users to execute arbitrary commands as root, as exploited in the wild starting in approximately 2019. A remote and authenticated...
CVE-2022-29499
The Service Appliance component in Mitel MiVoice Connect through 19.2 SP3 allows remote code execution because of incorrect data validation. The Service Appliances are SA 100, SA 400, and Virtual SA. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value:...
CVE-2021-36798
A Denial-of-Service DoS vulnerability was discovered in Team Server in HelpSystems Cobalt Strike 4.2 and 4.3. It allows remote attackers to crash the C2 server thread and block beacons' communication with it...
CVE-2021-34448
Scripting Engine Memory Corruption Vulnerability Recent assessments: gwillcox-r7 at July 14, 2021 5:02pm UTC reported: Looking at Microsoft’s advisory at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34448 shows very little information other than that this is a scripting engine...
CVE-2021-29425
In Apache Commons IO before 2.7, When invoking the method FileNameUtils.normalize with an improper input string, like “//../foo”, or “\..\foo”, the result would be the same value, thus possibly providing access to files in the parent directory, but not further above thus “limited” path traversal,...
CVE-2020-1027
An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka ‘Windows Kernel Elevation of Privilege Vulnerability’. This CVE ID is unique from CVE-2020-0913, CVE-2020-1000, CVE-2020-1003. Recent assessments: gwillcox-r7 at November 22, 2020 2:27...
CVE-2018-8453
“An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory” – MITRE description. Recent assessments: jrobles-r7 at June 17, 2019 6:51pm UTC reported: The handling of objects in memory allowed for a double-free of a memory region...
CVE-2021-35394
Realtek Jungle SDK version v2.x up to v3.4.14B provides a diagnostic tool called ‘MP Daemon’ that is usually compiled as ‘UDPServer’ binary. The binary is affected by multiple memory corruption vulnerabilities and an arbitrary command injection vulnerability that can be exploited by remote...
CVE-2021-31181
Microsoft SharePoint Remote Code Execution Vulnerability Recent assessments: zeroSteiner at June 09, 2021 3:31pm UTC reported: The EditingPageParser.VerifyControlOnSafeList method fails to properly validate user-supplied data. This can be leveraged by an attacker to leak sensitive information in...
CVE-2020-6457
Use after free in speech recognizer in Google Chrome prior to 81.0.4044.113 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
Serv-U FTP Server prepareinstallation Privilege Escalation
A privilege escalation vulnerability exists in SolarWinds Serv-U before 15.1.7 for Linux. Recent assessments: pbarry-r7 at November 21, 2019 6:58pm UTC reported: Sounds like this vuln appears in a LOT of versions of the software. Probably should update to v15.1.7+. Assessed Attacker Value: 5...
CVE-2015-7465
Cross-site request forgery CSRF vulnerability in Lifecycle Query Engine LQE in IBM Jazz Reporting Service JRS 6.0 before 6.0.0-Rational-CLM-ifix005 allows remote authenticated users to hijack the authentication of arbitrary users for requests that insert XSS sequences. Recent assessments: Assesse...
CVE-2014-2321
webshellcmd.gch on ZTE F460 and F660 cable modems allows remote attackers to obtain administrative access via sendcmd requests, as demonstrated by using “set TelnetCfg” commands to enable a TELNET service with specified credentials. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker...
CVE-2023-36434
Windows IIS Server Elevation of Privilege Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2022-24785
Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates. A path traversal vulnerability impacts npm server users of Moment.js between versions 1.0.1 and 2.29.1, especially if a user-provided locale string is directly used to switch moment locale. This...
CVE-2020-29574
An SQL injection vulnerability in the WebAdmin of Cyberoam OS through 2020-12-04 allows unauthenticated attackers to execute arbitrary SQL statements remotely. Recent assessments: ccondon-r7 at March 30, 2021 10:42pm UTC reported: Interesting, this slid under the radar a bit. I’m not seeing any...