60081 matches found
CVE-2025-24983
Use after free in Windows Win32 Kernel Subsystem allows an authorized attacker to elevate privileges locally. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2024-40890
UNSUPPORTED WHEN ASSIGNED A post-authentication command injection vulnerability in the CGI program of the legacy DSL CPE Zyxel VMG4325-B10A firmware version 1.00AAFR.4C020170615 could allow an authenticated attacker to execute operating system OS commands on an affected device by sending a crafte...
CVE-2024-43047
Memory corruption while maintaining memory maps of HLOS memory. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2024-38014
Windows Installer Elevation of Privilege Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2024-38217
Windows Mark of the Web Security Feature Bypass Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2023-48365
Qlik Sense Enterprise for Windows before August 2023 Patch 2 allows unauthenticated remote code execution, aka QB-21683. Due to improper validation of HTTP headers, a remote attacker is able to elevate their privilege by tunneling HTTP requests, allowing them to execute HTTP requests on the backe...
CVE-2023-37580
Zimbra Collaboration ZCS 8 before 8.8.15 Patch 41 allows XSS in the Zimbra Classic Web Client. Recent assessments: ccondon-r7 at January 28, 2024 7:36pm UTC reported: Per Google’s Threat Analysis Group TAG, this bug was exploited as a zero-day and has been used by at least four different threat...
CVE-2022-30974
compile in regexp.c in Artifex MuJS through 1.2.0 results in stack consumption because of unlimited recursion, a different issue than CVE-2019-11413...
CVE-2022-29303
SolarView Compact ver.6.00 was discovered to contain a command injection vulnerability via confmail.php. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2022-22948
The vCenter Server contains an information disclosure vulnerability due to improper permission of files. A malicious actor with non-administrative access to the vCenter Server may exploit this issue to gain access to sensitive information. Recent assessments: Assessed Attacker Value: 0 Assessed...
CVE-2022-23178
An issue was discovered on Crestron HD-MD4X2-4K-E 1.0.0.2159 devices. When the administrative web interface of the HDMI switcher is accessed unauthenticated, user credentials are disclosed that are valid to authenticate to the web interface. Specifically, aj.html sends a JSON document with uname...
CVE-2021-21324
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI before version 9.5.4 there is an Insecure Direct Object Reference IDOR on “Solutions”. This vulnerability gives an unauthorized user the abili...
CVE-2021-21255
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI version 9.5.3, it was possible to switch entities with IDOR from a logged in user. This is fixed in version 9.5.4. Recent assessments: indevi0...
CVE-2020-9907
A memory corruption issue was addressed by removing the vulnerable code. This issue is fixed in iOS 13.6 and iPadOS 13.6, tvOS 13.4.8. An application may be able to execute arbitrary code with kernel privileges. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed...
CVE-2020-15408
An issue was discovered in Pulse Secure Pulse Connect Secure before 9.1R8. An authenticated attacker can access the admin page console via the end-user web interface because of a rewrite. Recent assessments: wvu-r7 at July 28, 2020 6:20pm UTC reported: I wonder if this has SSRF-to-RCE potential...
CVE-2020-11530
A blind SQL injection vulnerability is present in Chop Slider 3, a WordPress plugin. The vulnerability is introduced in the id GET parameter supplied to getscript/index.php, and allows an attacker to execute arbitrary SQL queries in the context of the WP database user. Recent assessments: h00die ...
CVE-2020-0970
A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka ‘Scripting Engine Memory Corruption Vulnerability’. This CVE ID is unique from CVE-2020-0968. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assess...
CVE-2020-10204
Sonatype Nexus Repository before 3.21.2 allows Remote Code Execution. Recent assessments: ericalexanderorg at April 03, 2020 1:18pm UTC reported: Wording on this and eludes to an authenticated RCE, but they consider an anonymous user authenticated. Nexus servers store artifacts that could be...
CVE-2020-10181
goform/formEMR30 in Sumavision Enhanced Multimedia Router EMR 3.0.4.27 allows creation of arbitrary users with elevated privileges administrator on a device, as demonstrated by a setString=newuseradministrator123456 request. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value:...
CVE-2020-10225
An unauthenticated file upload vulnerability has been identified in admin/gallery.php in PHPGurukul Job Portal 1.0. The vulnerability could be exploited by an unauthenticated remote attacker to upload content to the server, including PHP files, which could result in command execution. Recent...
CVE-2019-17517
The Bluetooth Low Energy implementation on Dialog Semiconductor SDK through 5.0.4 for DA14580/1/2/3 devices does not properly restrict the L2CAP payload length, allowing attackers in radio range to cause a buffer overflow via a crafted Link Layer packet. Recent assessments: pbarry25 at April 25,...
Backport of the fix for CVE-2017-3137 leads to assertion failure in validator.c:1858
The Debian backport of the fix for CVE-2017-3137 leads to assertion failure in validator.c:1858; Affects Debian versions 9.9.5.dfsg-9+deb8u15; 9.9.5.dfsg-9+deb8u18; 9.10.3.dfsg.P4-12.3+deb9u5; 9.11.5.P4+dfsg-5.1 No ISC releases are affected. Other packages from other distributions who did similar...
CVE-2019-3010
Vulnerability in the Oracle Solaris product of Oracle Systems component: XScreenSaver. The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While t...
CVE-2019-13608
Citrix StoreFront Server before 1903, 7.15 LTSR before CU4 3.12.4000, and 7.6 LTSR before CU8 3.0.8000 allows XXE attacks. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2019-15752
Docker Desktop Community Edition before 2.1.0.1 allows local users to gain privileges by placing a Trojan horse docker-credential-wincred.exe file in %PROGRAMDATA%\DockerDesktop\version-bin\ as a low-privilege user, and then waiting for an admin or service user to authenticate with Docker, restar...
CVE-2019-7238
Sonatype Nexus Repository Manager before 3.15.0 has Incorrect Access Control. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2018-18492: Mozilla Firefox Select Element Use-After-Free
Firefox is a free and open-source web browser developed by the Mozilla Foundation. A use-after-free vulnerability can occur after deleting a selection element due to a weak reference to the select element in the options collection, which gets garbage collected, and results in a potentially...
CVE-2018-12122
Node.js: All versions prior to Node.js 6.15.0, 8.14.0, 10.14.0 and 11.3.0: Slowloris HTTP Denial of Service: An attacker can cause a Denial of Service DoS by sending headers very slowly keeping HTTP or HTTPS connections and associated resources alive for a long period of time. Recent assessments:...
CVE-2018-14667
The RichFaces Framework 3.X through 3.3.4 is vulnerable to Expression Language EL injection via the UserResource resource. A remote, unauthenticated attacker could exploit this to execute arbitrary code using a chain of java serialized objects via org.ajax4jsf.resource.UserResource$UriData. Recen...
CVE-2017-12234
Multiple vulnerabilities in the implementation of the Common Industrial Protocol CIP feature in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerabilities are due to the...
CVE-2017-0022
Microsoft XML Core Services MSXML in Windows 10 Gold, 1511, and 1607; Windows 7 SP1; Windows 8.1; Windows RT 8.1; Windows Server 2008 SP2 and R2 SP1; Windows Server 2012 Gold and R2; Windows Server 2016; and Windows Vista SP2 improperly handles objects in memory, allowing attackers to test for...
CVE-2015-1770
Microsoft Office 2013 SP1 and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted Office document, aka “Microsoft Office Uninitialized Memory Use Vulnerability.” Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2015-1130
The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges via unspecified vectors. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2015-0320
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0313, CVE-2015-0315, and...
CVE-2015-0322
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0313, CVE-2015-0315, and...
CVE-2013-2423
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 7, allows remote attackers to affect integrity via unknown vectors related to HotSpot. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented...
CVE-2013-0641
Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.4, 10.x before 10.1.6, and 11.x before 11.0.02 allows remote attackers to execute arbitrary code via a crafted PDF document, as exploited in the wild in February 2013. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value...
CVE-2012-0151
The Authenticode Signature Verification function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly validate the digest of a signed portable executable P...
CVE-2026-33579
OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in the /pair approve command path that fails to forward caller scopes into the core approval check. A caller with pairing privileges but without admin privileges can approve pending device requests asking for broader scopes...
CVE-2026-27651
When the ngxmailauthhttpmodule module is enabled on NGINX Plus or NGINX Open Source, undisclosed requests can cause worker processes to terminate. This issue may occur when 1 CRAM-MD5 or APOP authentication is enabled, and 2 the authentication server permits retry by returning the Auth-Wait...
CVE-2025-26633
Improper neutralization in Microsoft Management Console allows an unauthorized attacker to bypass a security feature locally. Recent assessments: cbeek-r7 at March 26, 2025 11:31am UTC reported: CVE-2025-26633, nicknamed “MSC EvilTwin”, is a security feature bypass vulnerability in Microsoft...
CVE-2024-51567
upgrademysqlstatus in databases/views.py in CyberPanel aka Cyber Panel before 5b08cd6 allows remote attackers to bypass authentication and execute arbitrary commands via /dataBases/upgrademysqlstatus by bypassing secMiddleware which is only for a POST request and using shell metacharacters in the...
CVE-2024-43573
Windows MSHTML Platform Spoofing Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2024-28987
The SolarWinds Web Help Desk WHD software is affected by a hardcoded credential vulnerability, allowing remote unauthenticated user to access internal functionality and modify data. Recent assessments: sfewer-r7 at November 22, 2024 4:16pm UTC reported: SolarWinds Web Help Desk is described as an...
CVE-2024-38213
Windows Mark of the Web Security Feature Bypass Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2024-38178
Scripting Engine Memory Corruption Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2024-29824
An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code. Recent assessments: cdelafuente-r7 at July 23, 2024 8:10am UTC reported: Ivanti Endpoint Manager EPM versions 2022 SU5 a...
CVE-2024-29059
.NET Framework Information Disclosure Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2023-41266
A path traversal vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and earlier, November 2022 Patch 10 and earlier, and August 2022 Patch 12 and earlier allows an unauthenticated remote attacker to generate an anonymous...
CVE-2022-22265
An improper check or handling of exceptional conditions in NPU driver prior to SMR Jan-2022 Release 1 allows arbitrary memory write and code execution. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...