13538 matches found
Easy Hosting Control Panel Cross-Site Request Forgery (CVE-2018-6458)
A cross-site request forgery vulnerability exists in Easy Hosting Control Panel. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution (CVE-2022-34713)
A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Sophos MR3 Firewall Remote Code Execution (CVE-2022-1040)
A remote code execution vulnerability exists in Sophos MR3 Firewall. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
RiteCMS Remote Code Execution (CVE-2021-46367)
A remote code execution vulnerability exists in RiteCMS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows DWM Core Library Elevation of Privilege (CVE-2022-24546)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
D-Link DSL-2760U Gateway Cross Site Scripting (CVE-2013-5223)
A cross-site scripting vulnerability exists in D-Link DSL-2760U Gateway. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
FatPipe Multiple Products Unrestricted File Upload (CVE-2021-27860)
An unrestricted file upload vulnerability exists in FatPipe Multiple Products. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows Print Spooler Elevation of Privilege (CVE-2022-22718)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Acrobat and Reader Use After Free (APSB22-01: CVE-2021-44706)
A use-after-free vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Acrobat and Reader Use After Free (APSB22-01: CVE-2021-44701)
A use-after-free vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Nagios XI Command Injection (CVE-2021-40345)
A command injection vulnerability exists in Nagios Xi. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Trend Micro Password Manager Command Injection (CVE-2016-3987)
A command injection vulnerability exists in Trend Micro Password Manager. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Cisco SD-WAN vManage Remote Code Execution (CVE-2020-3387)
A remote code execution vulnerability exists in Cisco SD-WAN vManage. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
TP-Link TL-WR841N Command Injection (CVE-2020-35576)
A command injection vulnerability exists in TP-Link TL-WR841N. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Cisco HyperFlex HX Command Injection (CVE-2021-1498; CVE-2021-1497)
A remote command execution vulnerability exists in Cisco Hyperflex. The vulnerability is due to improper input sanitization...
Microsoft Scripting Engine Memory Corruption (CVE-2021-31959)
A memory corruption vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
WordPress Core External Entity Injection (CVE-2021-29447)
An XXE vulnerability exists in WordPress Core. The vulnerability is due to insufficient validation of XML data when parsing RIFF WAV file metadata...
Vtiger SQL Injection (CVE-2020-22807)
An SQL injection vulnerability exists in Vtiger. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
Online Reviewer System SQL Injection (CVE-2021-27130)
An SQL injection vulnerability exists in Online Reviewer System. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
Jenkins Remote API Information Disclosure (CVE-2017-1000395)
An information disclosure vulnerability exists in Jenkins Remote API. Successful exploitation of this vulnerability could allow a remote attacker to gain information about Jenkins user accounts...
inoERP download.php Insecure Deserialization (CVE-2019-16894)
An Insecure Deserialization vulnerability exists in Inoideas inoERP. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Netgear ProSAFE Buffer Overflow (CVE-2020-35227)
A buffer overflow vulnerability exists in Netgear ProSAFE. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
EgavilanMedia ECM Address Book SQL Injection (CVE-2020-35276)
An SQL injection vulnerability exists in EgavilanMedia ECM Address Book. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
Asmax Ar-804gu Router Command Injection (CVE-2009-5156)
A command injection vulnerability exists in Asmax Ar-804gu Routers. A remote attacker can exploit this issue by sending a specially crafted request to the victim. Successful exploitation would allow an attacker to execute arbitrary commands on the target machine...
AVM Fritz!Box Command Injection (CVE-2014-9727)
A remote command injection vulnerability exists in AVM Fritz!Box. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
FasterXML jackson-databind Remote Code Execution (CVE-2020-14645; CVE-2020-24616; CVE-2020-8840)
FasterXML jackson-databind is a java library that contains the general-purpose data-binding functionality and tree-model for Jackson Data Processor, under the right conditions, exploit Java applications performing unsafe deserialization of objects. Successful exploitation of unsafe deserializatio...
Crestron Authentication Bypass (CVE-2019-3932)
An authentication bypass vulnerability exists in Crestron. Successful exploitation of this vulnerability could allow a remote attacker to gain unauthorized access to the affected system...
Crestron Stack Overflow (CVE-2019-3930)
A stack overflow vulnerability exists in Crestron. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Projects World Travel Management System Authentication Bypass (CVE-2020-24203)
An authentication bypass vulnerability exists in Projects World Travel Management System. Successful exploitation of this vulnerability allow a remote attacker to gain unauthorized access to the affected system...
Pydio Cells Cross-Site Scripting (CVE-2020-12849; CVE-2020-12853)
A cross site scripting vulnerability exists in Pydio Cells. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...
Pandora FMS Persistent Cross-Site Scripting (CVE-2020-13853)
A persistent cross site scripting vulnerability exists in Pandora FMS. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...
Project Pier Remote File Inclusion (CVE-2018-10759)
A command execution vulnerability exists in projectpier project projectpier x=0.8.8. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
QNAP QTS Remote Command Injection (CVE-2019-7193)
A remote command injection vulnerability exists in QNAP QTS. An authenticated attacker can exploit this vulnerability by injecting arbitrary PHP code into the session. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Sitecore.NET Directory Traversal (CVE-2018-7669)
A directory traversal vulnerability exists in Sitecore.NET. Successful exploitation of this vulnerability would allow a remote attacker to list directories on the affected system...
Microsoft Win32k Elevation of Privilege (CVE-2020-0956)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Asus ASUSWRT Information Disclosure (CVE-2018-14713)
An information disclosure vulnerability exists in Asus ASUSWRT. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...
Microsoft DirectX Elevation of Privilege (CVE-2020-0690)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
HPE Intelligent Management Center Remote Code Execution (CVE-2019-11943)
An expression language injection vulnerability exists in HPE Intelligent Management Center. This vulnerability is due to insufficient handling of the beanName request parameter by the SoapConfigBean class. Successful exploitation results in the execution of arbitrary code under the security conte...
HPE Intelligent Management Center Insecure Deserialization (CVE-2019-11944)
An insecure deserialization vulnerability exists in HPE Intelligent Management Center. The vulnerability is due to deserialization of untrusted data by the MetaDataEntry while having vulnerable classes in the code path. Successful exploitation of this vulnerability could result in execution of...
Apache Tomcat AJP File Inclusion (CVE-2020-1938; CVE-2022-26377)
A file inclusion vulnerability exists in Apache Tomcat AJP. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Cisco Webex Teams code Injection (CVE-2019-1636)
A remote code execution vulnerability exists in Cisco Webex Teams. The vulnerability is due to improper sanitation of user-supplied data which may be passed to the application as an option regarding the DLL loading path. Successful exploitation could result in code execution on the target machine...
IBM QRadar SIEM Authentication Bypass (CVE-2018-1418)
An authentication bypass exists in IBM QRadar SIEM. This vulnerability is due to a combination of lack of authentication. remote attackers to obtain sensitive information and gain unauthorized access into the affected system...
Microsoft Windows Graphics Component Elevation of Privilege (CVE-2019-1437)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows Graphics Device Interface Information Disclosure (CVE-2019-0802)
An information disclosure vulnerability exists in Microsoft Graphics Device Interface of Microsoft Windows. The vulnerability is due to improper handling of objects in memory. Successful exploitation could result in disclosure of information which could be used to further compromise the target...
Microsoft Windows Graphics Device Interface Information Disclosure (CVE-2019-0961)
An information disclosure vulnerability exists in Microsoft Graphics Device Interface of Microsoft Windows. The vulnerability is due to improper handling of objects in memory. Successful exploitation could result in disclosure of information which could be used to further compromise the target...
Adobe Acrobat and Reader Untrusted Pointer Dereference (APSB19-49: CVE-2019-8195)
A vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Microsoft Remote Desktop Protocol Client Information Disclosure (CVE-2019-1108)
...
Microsoft Edge Chakra Scripting Engine Memory Corruption (CVE-2019-0991)
A memory corruption vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows ALPC Elevation of Privilege (CVE-2019-0943)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows GDI Information Disclosure (CVE-2019-0882)
An information disclosure vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...