74784 matches found
CVE-2019-1340
An elevation of privilege vulnerability exists in Windows AppX Deployment Server that allows file creation in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka ‘Microsoft Windows Elevation of Privilege Vulnerability’. This CVE ID is unique...
CVE-2019-1132
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka ‘Win32k Elevation of Privilege Vulnerability’. Recent assessments: FULLSHADE at April 21, 2020 4:04am UTC reported: This vulnerability takes advantage of a null...
CVE-2018-18472
Western Digital WD My Book Live and WD My Book Live Duo all versions have a root Remote Command Execution bug via shell metacharacters in the /api/1.0/rest/languageconfiguration language parameter. It can be triggered by anyone who knows the IP address of the affected device, as exploited in the...
Cisco Prime Infrastructure HA HealthMonitor TarArchive Directory Traversal Remote Code Execution
A vulnerability in the web-based management interface of Cisco Prime Infrastructure PI and Cisco Evolved Programmable Network EPN Manager could allow an authenticated, remote attacker to execute code with root-level privileges on the underlying operating system. This vulnerability exist because t...
CVE-2019-2616
Vulnerability in the BI Publisher formerly XML Publisher component of Oracle Fusion Middleware subcomponent: BI Publisher Security. Supported versions that are affected are 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access...
CVE-2019-0862
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka ‘Scripting Engine Memory Corruption Vulnerability’. This CVE ID is unique from CVE-2019-0739, CVE-2019-0752, CVE-2019-0753. Recent assessments: Assessed Attacker...
CVE-2019-10692
In the wp-google-maps plugin before 7.11.18 for WordPress, includes/class.rest-api.php in the REST API does not sanitize field names before a SELECT statement. Recent assessments: rootOptional at March 09, 2020 9:03pm UTC reported: This CVE is fairly obscure due to it being present in the WordPre...
Ruby on Rails DoubleTap Development Mode secret_key_base Vulnerability
Ruby on Rails versions including 5.2.2.1 and prior are vulnerable to a predicatble secretkeybase in development mode, which could be used to recreated a signed message, such as a serialized object, and gain remote code execution. Recent assessments: wchen-r7 at September 12, 2019 6:07pm UTC...
CVE-2019-1003029
A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.53 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/GroovySandbox.java, src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java that allows attackers with...
CVE-2019-1003030
A sandbox bypass vulnerability exists in Jenkins Pipeline: Groovy Plugin 2.63 and earlier in pom.xml, src/main/java/org/jenkinsci/plugins/workflow/cps/CpsGroovyShell.java that allows attackers able to control pipeline scripts to execute arbitrary code on the Jenkins master JVM. Recent assessments...
CVE-2018-8401
An elevation of privilege vulnerability exists when the DirectX Graphics Kernel DXGKRNL driver improperly handles objects in memory, aka “DirectX Graphics Kernel Elevation of Privilege Vulnerability.” This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from...
CVE-2018-0167
Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery Protocol LLDP subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service DoS condition or execute arbitrary code with elevated...
CVE-2018-0151
A vulnerability in the quality of service QoS subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition or execute arbitrary code with elevated privileges. The vulnerability is due to incorrect bounds...
CVE-2017-11826
Microsoft Office 2010, SharePoint Enterprise Server 2010, SharePoint Server 2010, Web Applications, Office Web Apps Server 2010 and 2013, Word Viewer, Word 2007, 2010, 2013 and 2016, Word Automation Services, and Office Online Server allow remote code execution when the software fails to properly...
CVE-2017-6737
A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute code. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the affected device. The vulnerability is due to a...
CVE-2017-6739
A vulnerability in the SNMP implementation of could allow an authenticated, remote attacker to cause a reload of the affected system or to remotely execute code. An attacker could exploit this vulnerability by sending a crafted SNMP packet to the affected device. The vulnerability is due to a...
CVE-2017-8538
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, and Windows Server 2016, Microsoft...
CVE-2017-5030
Incorrect handling of complex species in V8 in Google Chrome prior to 57.0.2987.98 for Linux, Windows, and Mac and 57.0.2987.108 for Android allowed a remote attacker to execute arbitrary code via a crafted HTML page. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assess...
CVE-2016-0185
Media Center in Microsoft Windows Vista SP2, Windows 7 SP1, and Windows 8.1 allows remote attackers to execute arbitrary code via a crafted Media Center link aka .mcl file, aka “Windows Media Center Remote Code Execution Vulnerability.” Recent assessments: Assessed Attacker Value: 0 Assessed...
CVE-2015-5317
The Fingerprints pages in Jenkins before 1.638 and LTS before 1.625.2 might allow remote attackers to obtain sensitive job and build name information via a direct request. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2015-2502
Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka “Memory Corruption Vulnerability,” as exploited in the wild in August 2015. Recent assessments: gwillcox-r7 at November 23, 2020...
CVE-2015-2384
Microsoft Internet Explorer 11 allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted web site, aka “Internet Explorer Memory Corruption Vulnerability,” a different vulnerability than CVE-2015-2383 and CVE-2015-2425. Recent assessments:...
CVE-2014-4077
Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Office 2007 SP3, when IMJPDCT.EXE aka IME for Japanese is installed, allow remote attackers to bypass a sandbox protection mechanism via a crafted PDF document, aka “Microsoft IME Japanese...
CVE-2014-2817
Microsoft Internet Explorer 6 through 11 allows remote attackers to gain privileges via a crafted web site, aka “Internet Explorer Elevation of Privilege Vulnerability.” Recent assessments: gwillcox-r7 at November 22, 2020 3:25am UTC reported: Reported as exploited in the wild as part of Google’s...
CVE-2013-5065 Microsoft NDProxy.sys Privilege Escalation
NDProxy.sys in the kernel in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a crafted application, as exploited in the wild in November 2013. Recent assessments: wchen-r7 at September 12, 2019 6:07pm UTC reported: Xp recently broke a local kernel...
Symantec Web Gateway upload_file Remote Code Execution Vulnerability
The file-management scripts in the management GUI in Symantec Web Gateway 5.0.x before 5.0.3 allow remote attackers to upload arbitrary code to a designated pathname, and possibly execute this code, via unspecified vectors. Recent assessments: wchen-r7 at September 12, 2019 6:07pm UTC reported:...
CVE-2008-0655
Multiple unspecified vulnerabilities in Adobe Reader and Acrobat before 8.1.2 have unknown impact and attack vectors...
CVE-2007-3010
masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server R7.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the user parameter during a ping action. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker...
CVE-2006-2492
Buffer overflow in Microsoft Word in Office 2000 SP3, Office XP SP3, Office 2003 Sp1 and SP2, and Microsoft Works Suites through 2006, allows user-assisted attackers to execute arbitrary code via a malformed object pointer, as originally reported by ISC on 20060519 for a zero-day attack. Recent...
CVE-2026-43284
In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSGSPLICEPAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFLSHAREDFRAG after skbsplicefromiter, so later paths that may modify packet data ca...
CVE-2025-24054
External control of file name or path in Windows NTLM allows an unauthorized attacker to perform spoofing over a network. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2025-24989
An improper access control vulnerability in Power Pages allows an unauthorized attacker to elevate privileges over a network potentially bypassing the user registration control. This vulnerability has already been mitigated in the service and all affected customers have been notified. This update...
CVE-2024-9380
An OS command injection vulnerability in the admin web console of Ivanti CSA before version 5.0.2 allows a remote authenticated attacker with admin privileges to obtain remote code execution. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2024-7971
Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap corruption via a crafted HTML page. Chromium security severity: High Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2024-4671
Use after free in Visuals in Google Chrome prior to 124.0.6367.201 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High Recent assessments: Assessed Attacker Value: 0 Assessed Attacker...
CVE-2023-7102
Use of a Third Party library produced a vulnerability in Barracuda Networks Inc. Barracuda ESG Appliance which allowed Parameter Injection.This issue affected Barracuda ESG Appliance, from 5.1.3.001 through 9.2.1.001, until Barracuda removed the vulnerable logic...
CVE-2023-32439
A type confusion issue was addressed with improved checks. This issue is fixed in iOS 16.5.1 and iPadOS 16.5.1, iOS 15.7.7 and iPadOS 15.7.7, macOS Ventura 13.4.1, Safari 16.5.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this...
CVE-2023-29360
Microsoft Streaming Service Elevation of Privilege Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2022-41049
Windows Mark of the Web Security Feature Bypass Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2022-31199
Remote code execution vulnerabilities exist in the Netwrix Auditor User Activity Video Recording component affecting both the Netwrix Auditor server and agents installed on monitored systems. The remote code execution vulnerabilities exist within the underlying protocol used by the component, and...
CVE-2022-22706
Arm Mali GPU Kernel Driver allows a non-privileged user to achieve write access to read-only memory pages. This affects Midgard r26p0 through r31p0, Bifrost r0p0 through r35p0, and Valhall r19p0 through r35p0. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed...
CVE-2022-0090
An issue has been discovered affecting GitLab versions prior to 14.4.5, between 14.5.0 and 14.5.3, and between 14.6.0 and 14.6.1. GitLab is configured in a way that it doesn't ignore replacement references with git sub-commands, allowing a malicious user to spoof the contents of their commits in...
CVE-2022-23178
An issue was discovered on Crestron HD-MD4X2-4K-E 1.0.0.2159 devices. When the administrative web interface of the HDMI switcher is accessed unauthenticated, user credentials are disclosed that are valid to authenticate to the web interface. Specifically, aj.html sends a JSON document with uname...
CVE-nu11-101821
Description: The useremail parameter appears to be vulnerable to SQL injection attacks Time-based Blind. A single quote was submitted in the useremail parameter, and a general error message was returned. Two single quotes were then submitted and the error message disappeared. Recent assessments:...
CVE-2021-39144
XStream is a simple library to serialize objects to XML and back again. In affected versions this vulnerability may allow a remote attacker has sufficient rights to execute commands of the host only by manipulating the processed input stream. No user is affected, who followed the recommendation t...
CVE-2021-29449
Pi-hole is a Linux network-level advertisement and Internet tracker blocking application. Multiple privilege escalation vulnerabilities were discovered in version 5.2.4 of Pi-hole core. See the referenced GitHub security advisory for details. Recent assessments: h00die at May 31, 2021 11:59am UTC...
CVE-2021-26134
RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. Recent assessments: femkebolle at November 22, 2023 3:56pm UTC reported: As ...
CVE-2020-13671
Drupal core does not properly sanitize certain filenames on uploaded files, which can lead to files being interpreted as the incorrect extension and served as the wrong MIME type or executed as PHP for certain hosting configurations. This issue affects: Drupal Drupal Core 9.0 versions prior to...
CVE-2020-26592
RESERVED This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. Recent assessments: pbarry-r7 at November 19, 2020 5:47pm UTC reported:...
CVE-2020-24557
A vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 on Microsoft Windows may allow an attacker to manipulate a particular product folder to disable the security temporarily, abuse a specific Windows function and attain privilege escalation. An attacker must first...