13538 matches found
Apache OFBiz Insecure Deserialization (CVE-2021-29200)
An insecure deserialization vulnerability exists in Apache OFBiz. This vulnerability is due to Java serialization issues when processing requests. A remote unauthenticated attacker can exploit this vulnerability by sending a crafted request...
Nagios XI Remote Code Execution (CVE-2019-15949)
A remote code execution vulnerability exists in Nagios XI. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Antenna House DMC HTMLFilter Memory Corruption (CVE-2017-2799)
A remote code execution vulnerability exists in Marklogic. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Micro Focus ArcSight Logger Remote Code Execution (CVE-2020-11851)
A remote code execution vulnerability exists in Micro Focus ArcSight Logger. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Web Servers Buffer Overflow Attempt (CVE-2020-3119; CVE-2020-3120; CVE-2020-3172; CVE-2020-8450)
A buffer overflow vulnerability can be exploited by sending a parameter with size larger than can be stored in a buffer. Successful exploitation could result in execution of arbitrary code on the target system or denial of service conditions...
McAfee ePolicy Orchestrator Reflected Cross Site Scripting (CVE-2020-7318)
A reflected cross site scripting vulnerability exists in McAfee ePolicy Orchestrator. Successful exploitation of this vulnerability could allow attackers to execute arbitrary code on the affected system...
Kaspersky Internet Security KLIF driver Denial of service (CVE-2016-4305)
A denial-of-service vulnerability exists in Kaspersky Internet Security. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
ZOHO ManageEngine ADSelfService Plus Information Disclosure (CVE-2010-3272)
An information disclosure vulnerability exists in ZOHO ManageEngine ADSelfService Plus. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Jenkins Stapler Web Framework Code Execution (CVE-2018-1000861)
A remote code execution vulnerability exists in Jenkins Stapler Web Framework. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Internet Explorer Scripting Engine Memory Corruption (CVE-2020-1380)
A memory corruption vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Pdfparser ObjReader ReadObj Buffer Overflow (CVE-2018-11128)
A buffer overflow vulnerability exists in Pdfparser ObjReader ReadObj function. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
DrayTek Vigor Buffer Overflow (CVE-2020-14473)
A buffer overflow vulnerability exists in DrayTek Vigor. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Microsoft Win32k Elevation of Privilege (CVE-2020-1207)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
HPE Intelligent Management Remote Rode Execution (CVE-2019-5386)
An Expression Language injection vulnerability exists in HPE Intelligent Management Center. This vulnerability is due to insufficient handling of the beanName request parameter by the class...
Microsoft Office Excel Information Disclosure (CVE-2019-1110)
An information disclosure vulnerability exists in Microsoft Office Excel. Successful exploitation of this vulnerability could result in the disclosure of sensitive user information...
Redmine SQL Injection (CVE-2019-18890)
An SQL injection vulnerability exists in Redmine. Successful exploitation of this vulnerability could lead to arbitrary SQL code execution...
Microsoft Remote Desktop Client Remote Code Execution (CVE-2020-0681)
A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft VBScript Remote Code Execution (CVE-2019-1485)
A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
wolfSSL DoPreSharedKeys PSK Identity Buffer Overflow (CVE-2019-11873)
A buffer overflow vulnerability exists in wolfSSL embedded SSL/TLS library. The vulnerability is due to improper validation of PSK identity size in the requests. A remote attacker could exploit this vulnerability by sending maliciously crafted requests to a target server. Successful exploitation ...
LAquis SCADA Web Server Command Injection (CVE-2018-18996)
A command injection vulnerability exists in LAquis SCADA. The vulnerability is due to improper handling of parameter submitted in requests. Successful exploitation results in the execution of arbitrary commands with the privileges of the web server process...
Cisco UCS Director Web Interface Authentication Bypass (CVE-2019-1937)
An authentication bypass vulnerability exists in Cisco UCS Director web interface. Successful exploitation of this vulnerability could allow a remote attacker to bypass login authentication and gain unauthorized access to the vulnerable system...
SQLite fts3_tokenizer Untrusted Pointer Remote Code Execution (CVE-2019-8602; CVE-2015-7036)
A remote code execution vulnerability exists in SQlite fts3tokenizer. Successful exploitation could result in execution of arbitrary code on the affected system...
Eclipse Foundation Mosquitto Pattern Based ACL Bypass (CVE-2017-7650)
An ACL bypass vulnerability has been reported in Eclipse Foundation Mosquitto. A remote user can exploit this vulnerability by sending a crafted request to the target server...
Microsoft Browser Chakra Scripting Engine Memory Corruption (CVE-2019-1001)
...
Microsoft Windows Common Log File System Driver Elevation of Privilege (CVE-2019-0959)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Task Scheduler Elevation of Privilege (CVE-2019-1069)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Sierra Wireless AirLink Remote Code Execution (CVE-2018-4063)
A remote code execution vulnerability exists in Sierra Wireless AirLink. An authenticated attacker can send A specially crafted HTTP request to upload a file, resulting in executable code being uploaded to the target host...
XAMPP cds-fpdf.php Multiple Vulnerabilities (CVE-2019-8923; CVE-2019-8924)
SQL injection and Cross-site scripting vulnerabilities exist in XAMPP. Successful exploitation of these vulnerabilities would allow remote attackers to inject SQL commands or arbitrary web script into the affected system...
WebKitGTK Denial of Service (CVE-2019-8375)
A denial of service vulnerability exists in WebKitGTK. Successful attack can result in a denial of service condition...
Webmin cgi Upload Remote Code Execution (CVE-2019-9624)
A remote code execution vulnerability exists in Webmin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Browser Scripting Engine Memory Corruption (CVE-2019-0666)
A memory corruption vulnerability exists in Microsoft Browser. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Graphics Component Information Disclosure (CVE-2018-8396)
An information disclosure vulnerability has been reported in the Microsoft Graphics Component. The vulnerability is due to the way Microsoft Graphics Component improperly handles the decoding of JPEG images in memory. A remote attacker could exploit the vulnerability by enticing user to open a...
Microsoft Office Information Disclosure - Ver 0 (CVE-2018-0950)
A vulnerability exists in RTF based emails which cause information disclosure through Outlook on Windows. The vulnerability is due to an error in the way Microsoft Office improperly discloses the contents of its memory. A remote attacker can exploit this issue by enticing a victim to open a...
Advantech WebAccess Arbitrary File Deletion (CVE-2018-7495)
An arbitrary file deletion vulnerability exists in Advantech WebAccess. The vulnerability is due to insufficient validation on user supplied paths before using them in file operations. Successful exploitation results in the deletion of arbitrary files...
Microsoft Windows Data Sharing Service Elevation of Privilege (CVE-2019-0572)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Edge Chakra Scripting Engine Memory Corruption (CVE-2019-0567)
A memory corruption vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
WordPress Snap Creek Duplicator Code Injection (CVE-2018-17207)
An exploitable remote code execution vulnerability exists in WordPress Duplicator server. A WordPress plugin Snap Creek Duplicator restores a backup, resulting in remote code execution. An attacker can send a single authenticated HTTP request to trigger this vulnerability...
Advantech WebAccess NMS DownloadAction Directory Traversal (CVE-2018-7503)
A directory traversal vulnerability exists in Advantech WebAccess NMS. The vulnerability is due to insufficient input validation on file paths in the DownloadAction servlet...
Microsoft Outlook Remote Code Execution (CVE-2018-8576)
A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Google Chrome Integer Overflow Memory Corruption (CVE-2018-6092)
A memory corruption vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Samsung SmartThings Hub SQL Injection (CVE-2018-3879)
An SQL injection vulnerability exists in Samsung SmartThings Hub. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
Oracle WebLogic WLS Server Component Arbitrary File Upload (CVE-2018-2894)
An arbitrary file upload vulnerability has been reported in Oracle WebLogic Server. This vulnerability is due to input validation of a keystore file. A remote, unauthenticated attacker could exploit this vulnerability by sending a crafted request to the remote service. Successful exploitation cou...
Microsoft Scripting Engine Memory Corruption (CVE-2018-8283)
A memory corruption vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
HPE Intelligent Management Center dbman RestoreZipFile Command Injection - Ver2 (CVE-2017-5821)
A command injection vulnerability exists in the dbman component of HPE Intelligent Management Center. The vulnerability is due to missing validation of user-provided parameters when handling RestoreZipFile commands. A remote, unauthenticated attacker can exploit the vulnerability by sending a...
Lotus Domino Denial-of-service - Ver2 (CVE-2007-1675)
A denial-of-service vulnerability exists in Lotus Domino. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
Microsoft Windows Desktop Bridge Elevation of Privilege (CVE-2018-8214)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Excel Remote Code Execution (CVE-2018-0920)
A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
EMC Data Protection Advisor Application Service Static Credentials Authentication Bypass (CVE-2017-8013)
A static credentials authentication bypass vulnerability exists in the EMC Data Protection Advisor Application service...
Cisco Prime Network Analysis Module Graph Directory Traversal (CVE-2017-12285)
A directory traversal vulnerability exists in the Cisco Prime Network Analysis Module. The vulnerability is due to the way Cisco Prime Network Analysis Module handles input validation. A remote, unauthenticated attacker can exploit this vulnerability by sending a crafted packet to the target...
Microsoft Edge Scripting Engine Memory Corruption (CVE-2017-11809)
A Memory Corruption Vulnerability exists in Microsoft Edge. The vulnerability is due to the way JavaScript engine renders when handling objects in memory. A remote unauthenticated attacker could exploit this vulnerability by enticing the target user to open a specially crafted web page...