CVE-2015-4335 — Redis EVAL Lua Sandbox Escape

Redis before 2.8.21 and 3.x before 3.0.2 allows remote attackers to execute arbitrary Lua bytecode via the eval command. Recent assessments: hrbrmstr at June 08, 2020 6:38pm UTC reported: Ben Murphy’s dissection — — is pretty thorough. Assessed Attacker Value: 5 Assessed Attacker Value: 5Assessed...

CVE-2024-11667

A directory traversal vulnerability in the web management interface of Zyxel ATP series firmware versions V5.00 through V5.38, USG FLEX series firmware versions V5.00 through V5.38, USG FLEX 50W series firmware versions V5.10 through V5.38, and USG20W-VPN series firmware versions V5.10 through...

CVE-2022-22620

A use after free issue was addressed with improved memory management. This issue is fixed in macOS Monterey 12.2.1, iOS 15.3.1 and iPadOS 15.3.1, Safari 15.3 v. 16612.4.9.1.8 and 15612.4.9.1.8. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a...

CVE-2020-3843

A memory corruption issue was addressed with improved input validation. This issue is fixed in iOS 12.4.7, watchOS 5.3.7. A remote attacker may be able to cause unexpected system termination or corrupt kernel memory. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assesse...

CVE-2020-3580

Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software could allow an unauthenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the web services interface of an...

CVE-2018-8440

An elevation of privilege vulnerability exists when Windows improperly handles calls to Advanced Local Procedure Call ALPC, aka “Windows ALPC Elevation of Privilege Vulnerability.” This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8....

CVE-2024-55956

In Cleo Harmony before 5.8.0.24, VLTrader before 5.8.0.24, and LexiCom before 5.8.0.24, an unauthenticated user can import and execute arbitrary Bash or PowerShell commands on the host system by leveraging the default settings of the Autorun directory. Recent assessments: sfewer-r7 at December 16...

CVE-2023-42820

JumpServer is an open source bastion host. This vulnerability is due to exposing the random number seed to the API, potentially allowing the randomly generated verification codes to be replayed, which could lead to password resets. If MFA is enabled users are not affect. Users not using local...

CVE-2021-1498

Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. For more information about these vulnerabilities, see the Details section of this advisory. Recent...

CVE-2020-6418

Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Recent assessments: J3rryBl4nks at March 04, 2020 4:42pm UTC reported: You would have to chain this vulnerability with a working sandbox escape in...

CVE-2020-3118 (AKA: CDPwn)

A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. The vulnerability is due to improper validation of string input from certain fields in Cisc...

CVE-2020-16846 — SaltStack Unauthenticated Shell Injection

An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection. Recent assessments: ccondon-r7 at October 14, 2021 2:31pm UTC reported: Being exploited in the wild as of April 2021. Juniper Networks...

CVE-2025-27533

Memory Allocation with Excessive Size Value vulnerability in Apache ActiveMQ. During unmarshalling of OpenWire commands the size value of buffers was not properly validated which could lead to excessive memory allocation and be exploited to cause a denial of service DoS by depleting process memor...

CVE-2024-24919

Potentially allowing an attacker to read certain information on Check Point Security Gateways once connected to the internet and enabled with remote Access VPN or Mobile Access Software Blades. A Security fix that mitigates this vulnerability is available. Recent assessments: remmons-r7 at May 30...

CVE-2022-41125

Windows CNG Key Isolation Service Elevation of Privilege Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

CVE-2022-2003

AutomationDirect DirectLOGIC is vulnerable to a specifically crafted serial message to the CPU serial port that will cause the PLC to respond with the PLC password in cleartext. This could allow an attacker to access and make unauthorized changes. This issue affects: AutomationDirect DirectLOGIC...

CVE-2022-29464

Certain WSO2 products allow unrestricted file upload with resultant remote code execution. The attacker must use a /fileupload endpoint with a Content-Disposition directory traversal sequence to reach a directory under the web root, such as a ../../../../repository/deployment/server/webapps...

CVE-2020-11966

In IQrouter through 3.3.1, the Lua function resetpassword in the web-panel allows remote attackers to change the root password arbitrarily. Note: The vendor claims that this vulnerability can only occur on a brand-new network that, after initiating the forced initial configuration which has a...

CVE-2013-3051

The TrustZone kernel, when used in conjunction with a certain Motorola build of Android 4.1.2, on Motorola Razr HD, Razr M, and Atrix HD devices with the Qualcomm MSM8960 chipset does not verify the association between a certain physical-address argument and a memory region, which allows local...

CVE-2010-2568

Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users or remote attackers to execute arbitrary code via a crafted 1 .LNK or 2 .PIF shortcut file, which is not properly handled during icon display in Windows Explorer...

CVE-2024-20666

BitLocker Security Feature Bypass Vulnerability Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

CVE-2020-9496

XML-RPC request are vulnerable to unsafe deserialization and Cross-Site Scripting issues in Apache OFBiz 17.12.03 Recent assessments: wvu-r7 at August 13, 2020 8:00pm UTC reported: Pre-auth RCE in ERP software that’s free and isn’t SAP? Sweet. And it’s a long-standing Apache project that’s often...

CVE-2020-2551

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware component: WLS Core Components. Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via IIOP...

CVE-2017-18370

The ZyXEL P660HN-T1A v2 TCLinux Fw 7.3.37.6 router distributed by TrueOnline has a command injection vulnerability in the Remote System Log forwarding function, which is only accessible by an authenticated user. The vulnerability is in the logSet.asp page and can be exploited through the ServerIP...

Adobe Flash ByteArray Use-After-Free

Use-after-free vulnerability in the ByteArray class in the ActionScript 3 AS3 implementation in Adobe Flash Player 13.x through 13.0.0.296 and 14.x through 18.0.0.194 on Windows and OS X and 11.x through 11.2.202.468 on Linux allows remote attackers to execute arbitrary code or cause a denial of...

CVE-2022-30525

A OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100W firmware versions 5.00 through 5.21 Patch 1, USG FLEX 200 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 500 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 700 firmware versions 5.00 through 5.21 Patch 1,...

eLearning V2(by: oretnom23) is vulnerable from remote SQL-Injection-Bypass-Authentication

Description: The eLearning V2by: oretnom23 is vulnerable from remote SQL-Injection-Bypass-Authentication in 3 accounts of the system admin, Faculty & Student in app /elearning/classes/Login.php. remote SQL-Injection-Bypass-Authentication: . The parameter username, facultyid, and studentid from th...

CVE-2021-3129

Ignition before 2.5.2, as used in Laravel and other products, allows unauthenticated remote attackers to execute arbitrary code because of insecure usage of filegetcontents and fileputcontents. This is exploitable on sites using debug mode with Laravel before 8.4.2. Recent assessments: ccondon-r7...

CVE-2019-9810

Incorrect alias information in IonMonkey JIT compiler for Array.prototype.slice method may lead to missing bounds check and a buffer overflow. This vulnerability affects Firefox 66.0.1, Firefox ESR 60.6.1, and Thunderbird 60.6.1. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker...

CVE-2017-5698

Intel Active Management Technology, Intel Standard Manageability, and Intel Small Business Technology firmware versions 11.0.25.3001 and 11.0.26.3000 anti-rollback will not prevent upgrading to firmware version 11.6.x.1xxx which is vulnerable to CVE-2017-5689 and can be performed by a local user...

CVE-2023-0129

Heap buffer overflow in Network Service in Google Chrome prior to 109.0.5414.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page and specific interactions. Chromium security severity: High Recent assessments:...

CVE-2022-34151

Use of hard-coded credentials vulnerability exists in Machine automation controller NJ series all models V 1.48 and earlier, Machine automation controller NX7 series all models V1.28 and earlier, Machine automation controller NX1 series all models V1.48 and earlier, Automation software 'Sysmac...

CVE-2021-40539

Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API authentication bypass with resultant remote code execution. Recent assessments: ccondon-r7 at November 08, 2021 3:18pm UTC reported: Rapid7’s services teams are observing opportunistic exploitation of this...

CVE-2023-32784

In KeePass 2.x before 2.54, it is possible to recover the cleartext master password from a memory dump, even when a workspace is locked or no longer running. The memory dump can be a KeePass process dump, swap file pagefile.sys, hibernation file hiberfil.sys, or RAM dump of the entire system. The...

CVE-2023-21768

Windows Ancillary Function Driver for WinSock Elevation of Privilege Vulnerability...

CVE-2022-21969

Microsoft Exchange Server Remote Code Execution Vulnerability...

CVE-2015-5119

Use-after-free vulnerability in the ByteArray class in the ActionScript 3 AS3 implementation in Adobe Flash Player 13.x through 13.0.0.296 and 14.x through 18.0.0.194 on Windows and OS X and 11.x through 11.2.202.468 on Linux allows remote attackers to execute arbitrary code or cause a denial of...

CVE-2021-35064

KramerAV VIAWare, all tested versions, allow privilege escalation through misconfiguration of sudo. Sudoers permits running of multiple dangerous commands, including unzip, systemctl and dpkg. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

CVE-2020-10189

Zoho ManageEngine Desktop Central before 10.0.474 allows remote code execution because of deserialization of untrusted data in getChartImage in the FileStorage class. This is related to the CewolfServlet and MDMLogUploaderServlet servlets. Recent assessments: J3rryBl4nks at March 13, 2020 9:41pm...

CVE-2016-2115

Samba 3.x and 4.x before 4.2.11, 4.3.x before 4.3.8, and 4.4.x before 4.4.2 does not require SMB signing within a DCERPC session over ncacnnp, which allows man-in-the-middle attackers to spoof SMB clients by modifying the client-server data stream. Recent assessments: Assessed Attacker Value: 0...

CVE-2023-47784

Unrestricted Upload of File with Dangerous Type vulnerability in ThemePunch OHG Slider Revolution.This issue affects Slider Revolution: from n/a through 6.6.15. Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

CVE-2022-1388

On F5 BIG-IP 16.1.x versions prior to 16.1.2.2, 15.1.x versions prior to 15.1.5.1, 14.1.x versions prior to 14.1.4.6, 13.1.x versions prior to 13.1.5, and all 12.1.x and 11.6.x versions, undisclosed requests may bypass iControl REST authentication. Note: Software versions which have reached End o...

CVE-2019-11510

In Pulse Secure Pulse Connect Secure PCS 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an unauthenticated remote attacker can send a specially crafted URI to perform an arbitrary file reading vulnerability . Recent assessments: dmelcher5151 at April 15, 2020 4:11pm UTC reported...

CVE-2014-0964

IBM WebSphere Application Server WAS 6.1.0.0 through 6.1.0.47 and 6.0.2.0 through 6.0.2.43 allows remote attackers to cause a denial of service via crafted TLS traffic, as demonstrated by traffic from a CVE-2014-0160 vulnerability-assessment tool. Recent assessments: Assessed Attacker Value: 0...

CVE-2023-33137

Microsoft Excel Remote Code Execution Vulnerability Recent assessments: nu11secur1ty at June 27, 2023 9:52am UTC reported: CVE-2023-33137 Vendor Software Description: This exploit is connected with third part exploit server, which waits for the victim to call him and execute the content from him...

CVE-2021-35247

Serv-U web login screen to LDAP authentication was allowing characters that were not sufficiently sanitized. SolarWinds has updated the input mechanism to perform additional validation and sanitization. Please Note: No downstream affect has been detected as the LDAP servers ignored improper...

CVE-2021-22204

Improper neutralization of user data in the DjVu file format in ExifTool versions 7.44 and up allows arbitrary code execution when parsing the malicious image Recent assessments: Assessed Attacker Value: 0 Assessed Attacker Value: 0Assessed Attacker Value: 0...

CVE-2019-12256 - VxWorks IPv4 Options Buffer Overflow

This vulnerability can be triggered by a specially crafted IP packet sent to the target device, even as a broadcast or multicast packet. It does not require any specific application or configuration to be running on the device, and it affects any device running VxWorks v6.9.4 or above with a...

CVE-2017-8759

Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to execute code remotely via a malicious document or application, aka “.NET Framework Remote Code Execution Vulnerability.” Recent assessments: hrbrmstr at May 12, 2020 7:51pm UTC reported: This CVE made ...

Microsoft Internet Explorer Use-After-Free Vulnerability

Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allow remote attackers to execute arbitrary code via a crafted OLE object in an Office document, as exploited in the wild with a...