74872 matches found
CVE-2020-10225
An unauthenticated file upload vulnerability has been identified in admin/gallery.php in PHPGurukul Job Portal 1.0. The vulnerability could be exploited by an unauthenticated remote attacker to upload content to the server, including PHP files, which could result in command execution. Recent...
CVE-2019-20500
D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability via the Save Configuration functionality in the Web interface, using shell metacharacters in the admin.cgi?action=configsave configBackup or downloadServerip parameter. Recent assessments: Assessed...
CVE-2020-3158
A vulnerability in the High Availability HA service of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to access a sensitive part of the system with a high-privileged account. The vulnerability is due to a system account that has a default and static password...
CVE-2019-17517
The Bluetooth Low Energy implementation on Dialog Semiconductor SDK through 5.0.4 for DA14580/1/2/3 devices does not properly restrict the L2CAP payload length, allowing attackers in radio range to cause a buffer overflow via a crafted Link Layer packet. Recent assessments: pbarry25 at April 25,...
CVE-2019-3010
Vulnerability in the Oracle Solaris product of Oracle Systems component: XScreenSaver. The supported version that is affected is 11. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to compromise Oracle Solaris. While t...
CVE-2019-1303
An elevation of privilege vulnerability exists when the Windows AppX Deployment Server improperly handles junctions.To exploit this vulnerability, an attacker would first have to gain execution on the victim system, aka ‘Windows Elevation of Privilege Vulnerability’. This CVE ID is unique from...
Apache Solr 8.11, 8.20 have unauthenticated JMX server enabled in default config
The 8.1.1 and 8.2.0 releases of Apache Solr contain an insecure setting for the ENABLEREMOTEJMXOPTS configuration option in the default solr.in.sh configuration file shipping with Solr. If you use the default solr.in.sh file from the affected releases, then JMX monitoring will be enabled and...
CVE-2019-13608
Citrix StoreFront Server before 1903, 7.15 LTSR before CU4 3.12.4000, and 7.6 LTSR before CU8 3.0.8000 allows XXE attacks. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2019-10758
mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the toBSON method. A misuse of the vm dependency to perform exec commands in a non-safe environment. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2019-7238
Sonatype Nexus Repository Manager before 3.15.0 has Incorrect Access Control. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
Nagios XI RCE via Snoopy Library
Snoopy 1.0 in Nagios XI 5.5.6 allows remote unauthenticated attackers to execute arbitrary commands via a crafted HTTP request. Recent assessments: space-r7 at June 28, 2019 3:23pm UTC reported: If this vulnerability is found in the wild, then it’s likely that the target is vulnerable to...
CVE-2018-8373
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka “Scripting Engine Memory Corruption Vulnerability.” This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from...
CVE-2018-0161
A vulnerability in the Simple Network Management Protocol SNMP subsystem of Cisco IOS Software running on certain models of Cisco Catalyst Switches could allow an authenticated, remote attacker to cause a denial of service DoS condition, aka a GET MIB Object ID Denial of Service Vulnerability. Th...
CVE-2017-12238
A vulnerability in the Virtual Private LAN Service VPLS code of Cisco IOS 15.0 through 15.4 for Cisco Catalyst 6800 Series Switches could allow an unauthenticated, adjacent attacker to cause a C6800-16P10G or C6800-16P10G-XL type line card to crash, resulting in a denial of service DoS condition...
CVE-2017-0022
Microsoft XML Core Services MSXML in Windows 10 Gold, 1511, and 1607; Windows 7 SP1; Windows 8.1; Windows RT 8.1; Windows Server 2008 SP2 and R2 SP1; Windows Server 2012 Gold and R2; Windows Server 2016; and Windows Vista SP2 improperly handles objects in memory, allowing attackers to test for...
CVE-2015-0322
Use-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before 11.2.202.442 on Linux allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2015-0313, CVE-2015-0315, and...
CVE-2015-0311
Unspecified vulnerability in Adobe Flash Player through 13.0.0.262 and 14.x, 15.x, and 16.x through 16.0.0.287 on Windows and OS X and through 11.2.202.438 on Linux allows remote attackers to execute arbitrary code via unknown vectors, as exploited in the wild in January 2015. Recent assessments:...
CVE-2014-9301
Server-side request forgery SSRF vulnerability in the proxy servlet in Alfresco Community Edition before 5.0.a allows remote attackers to trigger outbound requests to intranet servers, conduct port scans, and read arbitrary files via a crafted URI in the endpoint parameter. Recent assessments:...
MS13-090 CardSpaceClaimCollection ActiveX Integer Underflow
This security update resolves a privately reported vulnerability that is currently being exploited. The vulnerability exists in the InformationCardSigninHelper Class ActiveX control. The vulnerability could allow remote code execution if a user views a specially crafted webpage with Internet...
Oracle Document Capture BlackIceDevMode.ocx ActiveX Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Document Capture. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. Recent assessments: wchen-r7 at Septembe...
CVE-2013-2423
Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 17 and earlier, and OpenJDK 7, allows remote attackers to affect integrity via unknown vectors related to HotSpot. NOTE: the previous information is from the April 2013 CPU. Oracle has not commented...
CVE-2013-0629
Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10, when a password is not configured, allows attackers to access restricted directories via unspecified vectors, as exploited in the wild in January 2013. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2012-4969
Use-after-free vulnerability in the CMshtmlEd::Exec function in mshtml.dll in Microsoft Internet Explorer 6 through 9 allows remote attackers to execute arbitrary code via a crafted web site, as exploited in the wild in September 2012. Recent assessments: Assessed Attacker Value: 0 Assessed...
CVE-2009-2055
Cisco IOS XR 3.4.0 through 3.8.1 allows remote attackers to cause a denial of service session reset via a BGP UPDATE message with an invalid attribute, as demonstrated in the wild on 17 August 2009...
CVE-2026-10114
A vulnerability was determined in Open5GS up to 2.7.7. Affected by this issue is the function handlescpinfo in the library lib/sbi/nnrf-handler.c of the component Shared NF-profile Parser. This manipulation causes out-of-bounds write. The attack can be initiated remotely. The exploit has been...
CVE-2026-46195
In the Linux kernel, the following vulnerability has been resolved: smb: client: validate dacloffset before building DACL pointers parsesecdesc, buildsecdesc, and the chown path in idmodetocifsacl all add the server-supplied dacloffset to pntsd before proving a DACL header fits inside the returne...
CVE-2026-48837
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Unlimited Elements For Elementor allows Blind SQL Injection. This issue affects Unlimited Elements For Elementor: from n/a through 2.0.8...
CVE-2026-8769
A vulnerability was determined in vercel ai up to 3.0.97. The impacted element is the function createJsonResponseHandler/createJsonErrorResponseHandler of the file packages/provider-utils/src/response-handler.ts of the component provider-utils. This manipulation causes resource consumption. The...
CVE-2026-34001
A flaw was found in the X.Org X server. This use-after-free vulnerability occurs in the XSYNC fence triggering logic, specifically within the miSyncTriggerFence function. An attacker with access to the X11 server can exploit this without user interaction, leading to a server crash and potentially...
CVE-2026-33412
Vim is an open source, command line text editor. Prior to version 9.2.0202, a command injection vulnerability exists in Vim's glob function on Unix-like systems. By including a newline character \n in a pattern passed to glob, an attacker may be able to execute arbitrary shell commands. This...
CVE-2026-27651
When the ngxmailauthhttpmodule module is enabled on NGINX Plus or NGINX Open Source, undisclosed requests can cause worker processes to terminate. This issue may occur when 1 CRAM-MD5 or APOP authentication is enabled, and 2 the authentication server permits retry by returning the Auth-Wait...
CVE-2026-27944
Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.3, the /api/backup endpoint is accessible without authentication and discloses the encryption keys required to decrypt the backup in the X-Backup-Security response header. This allows an unauthenticated attacker to...
CVE-2025-30400
Use after free in Windows DWM allows an authorized attacker to elevate privileges locally. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2025-2783
Incorrect handle provided in unspecified circumstances in Mojo in Google Chrome on Windows prior to 134.0.6998.177 allowed a remote attacker to perform a sandbox escape via a malicious file. Chromium security severity: High Recent assessments: cbeek-r7 at October 29, 2025 12:50pm UTC reported:...
CVE-2025-24201
An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2 and iPadOS 18.3.2, macOS Sequoia 15.3.2, Safari 18.3.1, watchOS 11.4, iPadOS 17.7.6, iOS 16.7.11 and iPadOS 16.7.11, iOS 15.8.4 and iPadOS 15.8.4...
CVE-2024-53704
An Improper Authentication vulnerability in the SSLVPN authentication mechanism allows a remote attacker to bypass authentication. Recent assessments: remmons-r7 at January 28, 2025 3:26pm UTC reported: On January 7, 2025, SonicWall announced an authentication bypass affecting SonicOS, the...
CVE-2024-38189
Microsoft Project Remote Code Execution Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2024-38178
Scripting Engine Memory Corruption Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2024-3272
UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as very critical, has been found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. This issue affects some unknown processing of the file /cgi-bin/nassharing.cgi of the component HTTP GET Request Handler. The...
CVE-2024-29059
.NET Framework Information Disclosure Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2023-46298
Next.js before 13.4.20-canary.13 lacks a cache-control header and thus empty prefetch responses may sometimes be cached by a CDN, causing a denial of service to all users requesting the same URL via that CDN...
CVE-2023-40918
KnowStreaming 3.3.0 is vulnerable to Escalation of Privileges. Unauthorized users can create a new user with an admin role...
CVE-2022-22818
The % debug % template tag in Django 2.2 before 2.2.27, 3.2 before 3.2.12, and 4.0 before 4.0.2 does not properly encode the current context. This may lead to XSS...
CVE-2022-23126
TeslaMate before 1.25.1 when using the default Docker configuration allows attackers to open doors of Tesla vehicles, start Keyless Driving, and interfere with vehicle operation en route. This occurs because an attacker can leverage Grafana login access to obtain a token for Tesla API calls...
CVE-2021-25337
Improper access control in clipboard service in Samsung mobile devices prior to SMR Mar-2021 Release 1 allows untrusted applications to read or write certain local files. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2020-15408
An issue was discovered in Pulse Secure Pulse Connect Secure before 9.1R8. An authenticated attacker can access the admin page console via the end-user web interface because of a rewrite. Recent assessments: wvu-r7 at July 28, 2020 6:20pm UTC reported: I wonder if this has SSRF-to-RCE potential...
CVE-2020-9377
D-Link DIR-610 devices allow Remote Command Execution via the cmd parameter to command.php. NOTE: This vulnerability only affects products that are no longer supported by the maintainer Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2020-10549
rConfig 3.9.4 and previous versions has unauthenticated snippets.inc.php SQL injection. Because, by default, nodes’ passwords are stored in cleartext, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices. Recent assessments: theguly at June 04, 20...
CVE-2020-11530
A blind SQL injection vulnerability is present in Chop Slider 3, a WordPress plugin. The vulnerability is introduced in the id GET parameter supplied to getscript/index.php, and allows an attacker to execute arbitrary SQL queries in the context of the WP database user. Recent assessments: h00die ...
CVE-2020-12138
AMD ATI atillk64.sys 5.11.9.0 allows low-privileged users to interact directly with physical memory by calling one of several driver routines that map physical memory into the virtual address space of the calling process. This could enable low-privileged users to achieve NT AUTHORITY\SYSTEM...