74967 matches found
CVE-2021-26086
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to read particular files via a path traversal vulnerability in the /WEB-INF/web.xml endpoint. The affected versions are before version 8.5.14, from version 8.6.0 before 8.13.6, and from version 8.14.0 before 8.16.1...
CVE-2021-25394
A use after free vulnerability via race condition in MFC charger driver prior to SMR MAY-2021 Release 1 allows arbitrary write given a radio privilege is compromised. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2021-31955
Windows Kernel Information Disclosure Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2021-27102
Accellion FTA 912411 and earlier is affected by OS command execution via a local web service call. The fixed version is FTA912416 and later. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2020-8200
Improper authentication in Citrix StoreFront Server 1912.0.1000 allows an attacker who is authenticated on the same Microsoft Active Directory domain as a Citrix StoreFront server to read arbitrary files from that server. Recent assessments: kevthehermit at September 14, 2020 4:27pm UTC reported:...
CVE-2020-11698
An issue was discovered in Titan SpamTitan 7.07. Improper input sanitization of the parameter community on the page snmp-x.php would allow a remote attacker to inject commands into the file snmpd.conf that would allow executing commands on the target server. Recent assessments: cdelafuente-r7 at...
CVE-2020-4521
IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in Java. By sending specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system...
CVE-2020-2040
A buffer overflow vulnerability in PAN-OS allows an unauthenticated attacker to disrupt system processes and potentially execute arbitrary code with root privileges by sending a malicious request to the Captive Portal or Multi-Factor Authentication interface. This issue impacts: All versions of...
CVE-2020-9691
Magento versions 2.3.5-p1 and earlier, and 2.3.5-p1 and earlier have a dom-based cross-site scripting vulnerability. Successful exploitation could lead to arbitrary code execution. Recent assessments: ericalexanderorg at August 03, 2020 6:46pm UTC reported: Not enough data ATM to accurately talk...
CVE-2020-9819
A memory consumption issue was addressed with improved memory handling. This issue is fixed in iOS 13.5 and iPadOS 13.5, iOS 12.4.7, watchOS 6.2.5, watchOS 5.3.7. Processing a maliciously crafted mail message may lead to heap corruption. Recent assessments: Assessed Attacker Value: 0 Assessed...
CVE-2020-5847
Unraid through 6.8.0 allows Remote Code Execution. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2019-19452
A buffer overflow was found in Patriot Viper RGB through 1.1 when processing IoControlCode 0x80102040. Local attackers including low integrity processes can exploit this to gain NT AUTHORITY\SYSTEM privileges. Recent assessments: FULLSHADE at April 21, 2020 3:30pm UTC reported: Overview A...
SMBv2 Symlink to Local File Vulnerability
SMBv2 supports symlinks on remote file systems by returning a special status code STATUSSTOPPEDONSYMLINK when a symlink is encountered on the remote share. It also returns a symlink reparse data buffer to be processed to determine where to redirect the request. While this is supported functionali...
CVE-2019-13962 avcodec lavc_CopyPicture Heap Buffer Overflow
VLC media player is a free and open-source portable cross-platform media player software developed by the VideoLAN project. VLC is available for desktop operating systems and mobile platforms, such as Android, iOS, iPadOS, Wizen, Windows 10 Mobile, and Windows Phone. It is also available on digit...
CVE-2019-17519
The Bluetooth Low Energy implementation on NXP SDK through 2.2.1 for KW41Z devices does not properly restrict the Link Layer payload length, allowing attackers in radio range to cause a buffer overflow via a crafted packet. Recent assessments: pbarry25 at April 19, 2020 2:45am UTC reported: This...
CVE-2020-0665
An elevation of privilege vulnerability exists in Active Directory Forest trusts due to a default setting that lets an attacker in the trusting forest request delegation of a TGT for an identity from the trusted forest, aka ‘Active Directory Elevation of Privilege Vulnerability’. Recent...
CVE-2019-4716
IBM Planning Analytics 2.0.0 through 2.0.8 is vulnerable to a configuration overwrite that allows an unauthenticated user to login as “admin”, and then execute code as root or SYSTEM via TM1 scripting. IBM X-Force ID: 172094. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value:...
CVE-2019-8903
index.js in Total.js Platform before 3.2.3 allows path traversal. Recent assessments: Mad-robot at July 05, 2020 2:29pm UTC reported: Totaljs – Unathenticated Directory Traversal DESCRIPTION User can make requests like “GET /../databases/settings.json HTTP/1.1” and include file contents from...
CVE-2019-18393
PluginServlet.java in Ignite Realtime Openfire through 4.4.2 does not ensure that retrieved files are located under the Openfire home directory, aka a directory traversal vulnerability. Recent assessments: ericalexanderorg at August 04, 2020 4:44pm UTC reported: More detail: Stupid easy GET...
CVE-2019-11773
Prior to 0.1, AIX builds of Eclipse OMR contain unused RPATHs which may facilitate code injection and privilege elevation by local users. Recent assessments: timb-machine at March 05, 2021 12:22am UTC reported: Unlikely to be setUID, unlikely that you will have write control over the vulnerable...
CVE-2019-1892
Cisco Small Business 200/300/500 Series Managed Switch HTTPS validation allows a memory corruption DoS Recent assessments: bwatters-r7 at July 09, 2019 5:54pm UTC reported: This is a memory corruption vulnerability that allows an attacker to send a malformed HTTPS packet, which will then generate...
CVE-2019-5021
Versions of the Official Alpine Linux Docker images since v3.3 contain a NULL password for the root user. This vulnerability appears to be the result of a regression introduced in December of 2015. Due to the nature of this issue, systems deployed using affected versions of the Alpine Linux...
CVE-2019-17388
Weak file permissions applied to the Aviatrix VPN Client through 2.2.10 installation directory on Windows and Linux allow a local attacker to execute arbitrary code by gaining elevated privileges through file modifications. Recent assessments: kevthehermit at March 05, 2020 9:34am UTC reported: V...
MailCleaner Authenticated Command Injection
www/soap/application/MCSoap/Logs.php in MailCleaner Community Edition 2018.08 allows remote attackers to execute arbitrary OS commands. Recent assessments: jrobles-r7 at May 09, 2019 5:57pm UTC reported: Details The /admin/managetracing/search/search endpoint in MailCleaner Community Edition allo...
CVE-2019-6223
A logic issue existed in the handling of Group FaceTime calls. The issue was addressed with improved state management. This issue is fixed in iOS 12.1.4, macOS Mojave 10.14.3 Supplemental Update. The initiator of a Group FaceTime call may be able to cause the recipient to answer. Recent...
Nuuo Central Management Server Authenticated SQL Server SQLi
Nuuo Central Management Server v3.3 and prior are vulnerable to an authenticated SQL injection vulnerability. Recent assessments: jrobles-r7 at May 09, 2019 5:57pm UTC reported: Details Details from module documentation in Metasploit. The GETOPENALARM verb is used to obtain information about alar...
TIBCO JasperReports Server Information Disclosure Vulnerability
The Spring web flows of TIBCO Software Inc.’s TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for ActiveMatrix BPM, TIBCO Jaspersoft for AWS with Multi-Tenancy, and TIBCO Jaspersoft Reporting and Analytics for AWS contain a vulnerability which...
CVE-2018-0159
A vulnerability in the implementation of Internet Key Exchange Version 1 IKEv1 functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerability is...
CVE-2018-0180
Multiple vulnerabilities in the Login Enhancements Login Block feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service DoS condition. These vulnerabilities affect Cisco devices that are running Cisco...
CVE-2017-15889
Command injection vulnerability in smart.cgi in Synology DiskStation Manager DSM before 5.2-5967-5 allows remote authenticated users to execute arbitrary commands via disk field. Recent assessments: h00die at May 20, 2020 12:19pm UTC reported: AUTHENTICATED command execution in...
CVE-2017-16249
The Debut embedded http server contains a remotely exploitable denial of service where a single malformed HTTP POST request can cause the server to hang until eventually replying 300 seconds with an HTTP 500 error. While the server is hung, print jobs over the network are blocked and the web...
Ayukov NFTP FTP Client Stack Buffer Overflow Analysis
Buffer Overflow vulnerability in Ayukov NFTPD 2.0 and earlier allows remote attackers to execute arbitrary code. Recent assessments: wchen-r7 at September 12, 2019 6:08pm UTC reported: Details Ayukov is an FTP client that was written by Sergey Ayukov back in 1994. Development stopped in 2011, and...
CVE-2017-12233
Multiple vulnerabilities in the implementation of the Common Industrial Protocol CIP feature in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The vulnerabilities are due to the...
CVE-2017-12231
A vulnerability in the implementation of Network Address Translation NAT functionality in Cisco IOS 12.4 through 15.6 could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. The vulnerability is due to the improper translation of H.323...
CVE-2017-3506
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware subcomponent: Web Services. Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.0, 12.2.1.1 and 12.2.1.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HT...
CVE-2017-6527
An issue was discovered in dnaTools dnaLIMS 4-2015s13. dnaLIMS is vulnerable to a NUL-terminated directory traversal attack allowing an unauthenticated attacker to access system files readable by the web server user by using the viewAppletFsa.cgi seqID parameter. Recent assessments: h00die at Mar...
CVE-2016-3714
The 1 EPHEMERAL, 2 HTTPS, 3 MVG, 4 MSL, 5 TEXT, 6 SHOW, 7 WIN, and 8 PLT coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to execute arbitrary code via shell metacharacters in a crafted image, aka “ImageTragick.” Recent assessments: Assessed Attacker Value: 0...
CVE-2016-0162
Microsoft Internet Explorer 9 through 11 allows remote attackers to determine the existence of files via crafted JavaScript code, aka “Internet Explorer Information Disclosure Vulnerability.” Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...
CVE-2016-0993
Integer overflow in Adobe Flash Player before 18.0.0.333 and 19.x through 21.x before 21.0.0.182 on Windows and OS X and before 11.2.202.577 on Linux, Adobe AIR before 21.0.0.176, Adobe AIR SDK before 21.0.0.176, and Adobe AIR SDK & Compiler before 21.0.0.176 allows attackers to execute arbitrary...
vBulletin 5 Connect 5.1.2 through 5.1.9 PHP object injection attack
The vBApiHook::decodeArguments method in vBulletin 5 Connect 5.1.2 through 5.1.9 allows remote attackers to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized object in the arguments parameter to ajax/api/hook/decodeArguments. Recent assessments: busterb ...
CVE-2014-100005
Multiple cross-site request forgery CSRF vulnerabilities in D-Link DIR-600 router rev. Bx with firmware before 2.17b02 allow remote attackers to hijack the authentication of administrators for requests that 1 create an administrator account or 2 enable remote management via a crafted configuratio...
CVE-2014-3074
The runtime linker in IBM AIX 6.1 and 7.1 and VIOS 2.2.x allows local users to create a mode-666 root-owned file, and consequently gain privileges, by setting crafted MALLOCOPTIONS and MALLOCBUCKETS environment-variable values and then executing a setuid program. Recent assessments: timb-machine ...
DameWare Support Control fgets Vulnerability
Stack-based buffer overflow in the “Add from text file” feature in the DameWare Exporter tool DWExporter.exe in DameWare Remote Support 10.0.0.372, 9.0.1.247, and earlier allows user-assisted attackers to execute arbitrary code via unspecified vectors. Recent assessments: wchen-r7 at September 12...
CVE-2013-4800 HP LoadRunner magentproc.exe Overflow
Unspecified vulnerability in HP LoadRunner before 11.52 allows remote attackers to execute arbitrary code via unknown vectors, aka ZDI-CAN-1735. Recent assessments: wchen-r7 at September 12, 2019 6:08pm UTC reported: - Looks like this has changed. Assessed Attacker Value: 0 Assessed Attacker Valu...
CVE-2012-2539
Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and SP3; and Office Web Apps 2010 SP1 allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via crafted RTF data, aka “Word RTF ‘listoverridecount’ Remote...
CVE-2012-0297 Symantec Web Gateway Vulnerability
The management GUI in Symantec Web Gateway 5.0.x before 5.0.3 does not properly restrict access to application scripts, which allows remote attackers to execute arbitrary code by 1 injecting crafted data or 2 including crafted data. Recent assessments: wchen-r7 at September 12, 2019 6:07pm UTC...
CVE-2011-2005
afd.sys in the Ancillary Function Driver in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly validate user-mode input passed to kernel mode, which allows local users to gain privileges via a crafted application, aka “Ancillary Function Driver Elevation of Privilege...
CVE-2010-2035
Directory traversal vulnerability in the Percha Gallery comperchagallery component 1.6 Beta for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. dot dot in the controller parameter to index.php...
CVE-2004-0210
The POSIX component of Microsoft Windows NT and Windows 2000 allows local users to execute arbitrary code via certain parameters, possibly by modifying message length values and causing a buffer overflow. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker...
CVE-2026-10119
A security vulnerability has been detected in TRENDnet TEW-432BRP 3.10B20. Impacted is the function formSetMACFilter of the file /goform/formSetMACFilter. The manipulation of the argument filtername leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit h...