74584 matches found
CVE-2022-26143
The TP-240 aka tp240dvr component in Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business Express through 8.1 allows remote attackers to obtain sensitive information and cause a denial of service performance degradation and excessive outbound traffic. This was exploited in the wild in February...
CVE-2022-20701
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned softwa...
CVE-2021-37976
Inappropriate implementation in Memory in Google Chrome prior to 94.0.4606.71 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Recent assessments: gwillcox-r7 at October 02, 2021 7:27pm UTC reported: More info will be available at...
CVE-2021-22894
A buffer overflow vulnerability exists in Pulse Connect Secure before 9.1R11.4 allows a remote authenticated attacker to execute arbitrary code as the root user via maliciously crafted meeting room. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: ...
CVE-2021-20020
A command execution vulnerability in SonicWall GMS 9.3 allows a remote unauthenticated attacker to locally escalate privilege to root. Recent assessments: wvu-r7 at April 29, 2021 9:39pm UTC reported: CVE-2021-20020? Seems to be Postgres running in trust mode on TCP port 5029, which essentially...
CVE-2020-1313
An elevation of privilege vulnerability exists when the Windows Update Orchestrator Service improperly handles file operations, aka ‘Windows Update Orchestrator Service Elevation of Privilege Vulnerability’. Recent assessments: bwatters-r7 at September 18, 2020 9:01pm UTC reported: This...
VU#498544 ZyXEL pre-authentication command injection in weblogin.cgi
” Multiple ZyXEL devices contain a pre-authentication command injection vulnerability, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable device. Multiple ZyXEL devices achieve authentication by using the weblogin.cgi CGI executable. This program fails to...
CVE-2020-8862
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of D-Link DAP-2610 Firmware v2.01RC067 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of passwords. The issue results from t...
CVE-2020-0610
A remote code execution vulnerability exists in Windows Remote Desktop Gateway RD Gateway when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests, aka ‘Windows Remote Desktop Gateway RD Gateway Remote Code Execution Vulnerability’. This CVE ID...
CVE-2017-6079
The HTTP web-management application on Edgewater Networks Edgemarc appliances has a hidden page that allows for user-defined commands such as specific iptables routes, etc., to be set. You can use this page as a web shell essentially to execute commands, though you get no feedback client-side fro...
CVE-2026-22844
A Command Injection vulnerability in Zoom Node Multimedia Routers MMRs before version 5.2.1716.0 may allow a meeting participant to conduct remote code execution of the MMR via network access...
CVE-2024-38107
Windows Power Dependency Coordinator Elevation of Privilege Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2024-1086
A use-after-free vulnerability in the Linux kernel’s netfilter: nftables component can be exploited to achieve local privilege escalation. The nftverdictinit function allows positive values as drop error within the hook verdict, and hence the nfhookslow function can cause a double free...
CVE-2023-34048
vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bounds write potentially leading to remote code execution. Recent assessments: ccondon-r7 at January 19, 2024...
CVE-2022-2856
Insufficient validation of untrusted input in Intents in Google Chrome on Android prior to 104.0.5112.101 allowed a remote attacker to arbitrarily browse to a malicious website via a crafted HTML page. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Valu...
CVE-2022-20703
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers could allow an attacker to do any of the following: Execute arbitrary code Elevate privileges Execute arbitrary commands Bypass authentication and authorization protections Fetch and run unsigned softwa...
CVE-2021-30551
Type confusion in V8 in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2021-3438
A potential buffer overflow in the software drivers for certain HP LaserJet products and Samsung product printers could lead to an escalation of privilege...
CVE-2021-25297
Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the file /usr/local/nagiosxi/html/includes/configwizards/switch/switch.inc.php due to improper sanitization of authenticated user-controlled input by a single HTTP request, which can lead to OS command...
CVE-2020-27932
A type confusion issue was addressed with improved state handling. This issue is fixed in macOS Big Sur 11.0.1, watchOS 7.1, iOS 12.4.9, watchOS 6.2.9, Security Update 2020-006 High Sierra, Security Update 2020-006 Mojave, iOS 14.2 and iPadOS 14.2, watchOS 5.3.9, macOS Catalina 10.15.7 Supplement...
CVE-2019-7195
This external control of file name or path vulnerability allows remote attackers to access or modify system files. To fix the vulnerability, QNAP recommend updating Photo Station to their latest versions. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker...
Google Chrome CVE-2019-5786 FileReader Use-After-Free Vulnerability
Google Chrome is prone to a use-after-free vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the browser. Failed attempts will likely cause a denial-of-service condition. Recent assessments: gwillcox-r7 at September 23, 2020 8:20pm UTC reported: This was...
CVE-2018-0171
A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service DoS condition, or to execute arbitrary code on an affected device. The...
CVE-2011-2462
Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via unknown vectors, as exploited in...
CVE-2010-2772
Siemens Simatic WinCC and PCS 7 SCADA system uses a hard-coded password, which allows local users to access a back-end database and gain privileges, as demonstrated in the wild in July 2010 by the Stuxnet worm, a different vulnerability than CVE-2010-2568. Recent assessments: Assessed Attacker...
CVE-2026-6226
The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to unauthenticated privilege escalation in versions up to and including 3.29.2. This is due to insecure form submission handling that accepts arbitrary form definitions from user input instead of securely loading them from the...
CVE-2024-0012
An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges to perform administrative actions, tamper with the configuration, or exploit other authenticated privilege...
CVE-2023-28434
Minio is a Multi-Cloud Object Storage framework. Prior to RELEASE.2023-03-20T20-16-18Z, an attacker can use crafted requests to bypass metadata bucket name checking and put an object into any bucket while processing PostPolicyBucket. To carry out this attack, the attacker requires credentials wit...
CVE-2022-26486
An unexpected message in the WebGPU IPC framework could lead to a use-after-free and exploitable sandbox escape. We have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox 97.0.2, Firefox ESR 91.6.1, Firefox for Android 97.3.0, Thunderbird 91.6.2, and Focus...
CVE-2022-27518
Unauthenticated remote arbitrary code execution...
CVE-2022-32894
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey 12.5.1. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively...
CVE-2022-25060
TP-LINK TL-WR840NESV6.20180709 was discovered to contain a command injection vulnerability via the component oalstartPing...
CVE-2021-42298
Microsoft Defender Remote Code Execution Vulnerability...
CVE-2021-38138
OneNav beta 0.9.12 allows XSS via the Add Link feature. PWNED by using remote execution script, automated for this vulnerability. NOTE: the vendor’s position is that there intentionally is not any XSS protection at present, because the attack risk is largely limited to a compromised account;...
CVE-2021-22506
Advance configuration exposing Information Leakage vulnerability in Micro Focus Access Manager product, affects all versions prior to version 5.0. The vulnerability could cause information leakage. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2021-3450
The X509VFLAGX509STRICT flag enables additional security checks of the certificates present in a certificate chain. It is not set by default. Starting from OpenSSL version 1.1.1h a check to disallow certificates in the chain that have explicitly encoded elliptic curve parameters was added as an...
CVE-2020-15568
TerraMaster TOS before 4.1.29 has Invalid Parameter Checking that leads to code injection as root. This is a dynamic class method invocation vulnerability in include/exportUser.php, in which an attacker can trigger a call to the exec method with for example OS commands in the opt parameter. Recen...
CVE-2020-9484 — PersistentManager Java deserialization vulnerability
When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a an attacker is able to control the contents and name of a file on the server; and b the server is configured to use the PersistenceManager with a FileStore; and c the...
CVE-2020-3259
A vulnerability in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to retrieve memory contents on an affected device, which could lead to the disclosure of confidential...
CVE-2020-5722
The HTTP interface of the Grandstream UCM6200 series is vulnerable to an unauthenticated remote SQL injection via crafted HTTP request. An attacker can use this vulnerability to execute shell commands as root on versions before 1.0.19.20 or inject HTML in password recovery emails in versions befo...
CVE-2018-10933
Description libssh versions 0.6 and above have an authentication bypass vulnerability in the server code. By presenting the server an SSH2MSGUSERAUTHSUCCESS message in place of the SSH2MSGUSERAUTHREQUEST message which the server would expect to initiate authentication, the attacker could...
CVE-2019-1132
Privilege Escalation on Windows 7, Server 2008, and Server 2008 R2 targeting win32k.sys Recent assessments: FULLSHADE at April 21, 2020 4:04am UTC reported: This vulnerability takes advantage of a null pointer dereference within the Windows win32k.sys driver, win32k.sys is notorious for including...
CVE-2019-9193
DISPUTED In PostgreSQL 9.3 through 11.2, the “COPY TO/FROM PROGRAM” function allows superusers and users in the ‘pgexecuteserverprogram’ group to execute arbitrary code in the context of the database’s operating system user. This functionality is enabled by default and can be abused to run...
CVE-2018-3949
An exploitable information disclosure vulnerability exists in the HTTP server functionality of the TP-Link TL-R600VPN. A specially crafted URL can cause a directory traversal, resulting in the disclosure of sensitive system files. An attacker can send either an unauthenticated or an authenticated...
CVE-2018-3948
An exploitable denial-of-service vulnerability exists in the URI-parsing functionality of the TP-Link TL-R600VPN HTTP server. A specially crafted URL can cause the server to stop responding to requests, resulting in downtime for the management portal. An attacker can send either an unauthenticate...
CVE-2018-17463
Incorrect side effect annotation in V8 in Google Chrome prior to 70.0.3538.64 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2016-5195
Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write COW feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka “Dirty COW.” Recent assessments:...
CVE-2016-0189
The Microsoft 1 JScript 5.8 and 2 VBScript 5.7 and 5.8 engines, as used in Internet Explorer 9 through 11 and other products, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka “Scripting Engine Memory Corruption...
CVE-2014-6287
The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server aks HFS or HttpFileServer 2.3x before 2.3c allows remote attackers to execute arbitrary programs via a %00 sequence in a search action. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed...
CVE-2012-4681
Multiple vulnerabilities in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 6 and earlier allow remote attackers to execute arbitrary code via a crafted applet that bypasses SecurityManager restrictions by 1 using com.sun.beans.finder.ClassFinder.findClass and leveraging an...