13538 matches found
CASAP Automated Enrollment System Authentication Bypass (CVE-2021-26201)
An authentication bypass vulnerability exists in CASAP Automated Enrollment System. Successful exploitation of this vulnerability would allow remote attackers to gain unauthorized access into the affected system...
phpList Remote Code Execution (CVE-2021-3188)
A remote code execution vulnerability exists in phpList. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
VIVOTEK Network Camera Directory Traversal (CVE-2017-9829)
A directory traversal vulnerability exists in VIVOTEK Network Cameras. Successful exploitation of this vulnerability could allow an attacker to access arbitrary files on the affected system...
Trend Micro IMSVA External Entity Injection (CVE-2020-27017)
An XXE vulnerability exists in Trend Micro InterScan Messaging Virtual Appliance. The vulnerability is due to insufficient validation of XML data in the Java class PolicyWSAction...
Microsoft Dynamics 365 for Finance and Operations Remote Code Execution (CVE-2020-17158)
A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows Privilege Escalation (CVE-2016-0070)
An information disclosure vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...
SuiteCRM Remote Code Execution (CVE-2020-28328)
A remote code execution vulnerability exists in SuiteCRM. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Oracle WebLogic Remote Code Execution (CVE-2020-14882; CVE-2020-14750; CVE-2020-14825; CVE-2020-14883)
A remote code execution vulnerability exists in Oracle WebLogic. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft .NET Framework XPS File Parsing Remote Code Execution (CVE-2020-0605)
A remote code execution vulnerability exists in Microsoft .NET Framework XPS File Parsing. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Foxit Studio Photo Out of Bounds Read (CVE-2020-8877; CVE-2020-8879)
An out of bounds read vulnerability exists in Foxit Studio Photo. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...
VideoLAN VLC Media Player Denial of Service (CVE-2018-19857)
A denial-of-service vulnerability exists in VideoLAN VLC media player 3.0.4. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
Oracle WebLogic Insecure Deserialization (CVE-2020-2963)
An insecure deserialization vulnerability exists in Oracle Weblogic. This vulnerability is due to insufficient validation of T3 requests...
Pydio Cells Cross-Site Scripting (CVE-2020-12849; CVE-2020-12853)
A cross site scripting vulnerability exists in Pydio Cells. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...
iXsystems FreeNAS Denial of Service (CVE-2020-11650)
A denial of service vulnerability exists in iXsystems FreeNAS. A remote unauthenticated attacker can exploit this vulnerability to cause a denial of service condition on an affected system...
Schneider Electric U.motion Builder Information Disclosure (CVE-2018-7787)
A vulnerability exists in Schneider Electric U.motion Builder 1.3.4. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
TP-Link Archer A7/C7 Remote Code Execution (CVE-2020-10884; CVE-2020-10882; CVE-2020-10883)
A remote code execution vulnerability exists in TP-Link Archer A7/C7. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Zen Load Balancer Remote Code Execution (CVE-2019-7301)
A remote code execution vulnerability exists in Zen Load Balancer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
PHP mb_strtolower Stack Buffer Overflow (CVE-2020-7065)
A stack buffer overflow vulnerability exists in PHP. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows Imaging API Remote Code Execution (CVE-2019-1311)
A remote code execution vulnerability exists in Microsoft Windows Imaging API. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Cesanta Mongoose Buffer Overflow (CVE-2019-12951)
A buffer overflow vulnerability exists in Cesanta Mongoose. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Zoho ManageEngine OpManager External Entity Injection (CVE-2018-18980)
An External Entity Injection information disclosure vulnerability exists in ManageEngine OpManager. This vulnerability is due to insufficient validation of the RequestXML parameter when processing requests sent to BusinessViewFlashImpl. A remote, unauthenticated attacker could exploit this...
Foxit Reader PhantomPDF Use After Free Code Execution (CVE-2019-6730)
A use after free vulnerability exists in Foxit Reader. This vulnerability is due to improper handling of freed objects in the JavaScript popUpMenu method. Successful exploitation could allow the attacker to execute arbitrary code in the context of the application...
Viber Desktop URI Handler Remote Code Execution (CVE-2019-12569)
A remote code execution vulnerability exists in Viber for Desktop. The vulnerability is due to improper sanitization. Successful exploitation could result in code execution on the target machine in the context of the application...
Asterisk Denial of Service (CVE-2018-12228)
A denial-of-service vulnerability has been reported in Asterisk. The vulnerability is due to improper handling of client abrupt disconnection or client-supplied messages when client is connecting via TLS. A remote user can exploit the vulnerability by abruptly disconnecting or sending specially...
Adobe Acrobat and Reader Out-of-Bounds Write (APSB19-49: CVE-2019-8165)
An out of bounds write vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...
Adobe Acrobat and Reader Use After Free (APSB19-49: CVE-2019-8225)
A use-after-free vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Flexense DiskBoss Enterprise Buffer Overflow (CVE-2018-5262)
A stack buffer overflow vulnerability exists in the web server of DiskBoss Enterprise. The vulnerability is due to the way DiskBoss Enterprise handles bounds checking. A remote, authenticated attack can lead to a stack buffer overflow...
Adobe Acrobat and Reader Untrusted Pointer Dereference (APSB19-41: CVE-2019-8045)
An untrusted pointer dereference vulnerability exists in Adobe Acrobat and Reader. A remote unauthenticated attacker could exploit this vulnerability by enticing a target to view a specially crafted pdf file. Successful exploitation of this vulnerability could allow a remote attacker to damage...
Spoofed Reset (CVE-2004-0230)
...
Microsoft Edge Scripting Engine Information Disclosure (CVE-2019-1023)
An information disclosure vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...
Adobe Acrobat and Reader Out-of-Bounds Read (APSB19-18: CVE-2019-7826; CVE-2019-7820)
An out of bounds read vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...
Microsoft Browser Scripting Engine Memory Corruption (CVE-2019-0911)
A memory corruption vulnerability exists in Microsoft Browser. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
D-Link DI-524 Cross-Site Scripting (CVE-2019-11017)
A cross-site scripting vulnerability exists in D-Link DI-524. Successful exploitation of this vulnerability could allow remote attackers to inject arbitrary web script into the affected system...
Adobe Acrobat and Reader Heap Overflow - VER0 (APSB18-02: CVE-2018-4904)
A buffer overflow vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Advantech Webaccess Buffer Overflow Remote Code Execution (CVE-2018-8845)
A buffer overflow vulnerability exists in Advantech Webaccess. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Apache httpd mod_md Denial of Service (CVE-2018-8011)
A denial of service vulnerability exists in the Apache httpd modmd. This vulnerability is due to insufficient input validation. Successful exploitation of this vulnerability can lead to denial of service conditions on the target server...
HAProxy HTTP2 Frame Size Heap Buffer Overflow (CVE-2018-10184)
A heap-based buffer overflow vulnerability exists in HAProxy. The vulnerability is due to incorrect validation of frame length on incoming HTTP/2 frames. A remote, unauthenticated attacker could exploit this vulnerability by sending a malicious request to the target server...
Microsoft Edge Scripting Engine Memory Corruption (CVE-2019-0607)
A memory corruption vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Netgate pfSense Command Injection (CVE-2018-4021)
A command injection vulnerability exists in the administrative interface of Netgate pfSense. The vulnerability is due to improper sanitization of three parameters in requests sent to system. Successful exploitation results in the execution of arbitrary commands as the root user on the target serv...
HPE Intelligent Management Center Stack Buffer Overflow (CVE-2018-7115)
A stack-based buffer overflow exists in the component of HPE Intelligent Management Center. The vulnerability is due to a lack of proper validation. Successful exploitation of this vulnerability could result in execution of arbitrary code on the target server...
IDenticard PremiSys Default Database Credentials (CVE-2019-3909)
Default database username and password exist in the IDenticard PremiSys database . The vulnerability is due to users are unable to change these passwords without vendor intervention. A remote attacker can exploit this vulnerability to access the database with administrator privileges...
Rockwell Automation Allen-Bradley PowerMonitor 1000 Cross-Site Scripting (CVE-2018-19615)
A XSS injection vulnerability exists in Rockwell Automation Allen-Bradley PowerMonitor login page. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary commands on the affected system...
Adobe Acrobat and Reader Use After Free (APSB18-41: CVE-2018-19707)
A use-after-free vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
PowerDNS Recursor Denial of Service (CVE-2017-15120)
A denial of service vulnerability exists PowerDNS Recursor. The vulnerability is due to a NULL pointer dereference. An unauthenticated remote attacker could exploit this vulnerability by sending a specially crafted DNS query to a vulnerable server. Successful exploitation would result in a crash ...
Yi Technology Home Camera 27US Denial Of Service (CVE-2018-3928)
A denial of service vulnerability exists in the firmware update functionality of Yi Home Camera. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system, creating a denial of service condition...
Microsoft Outlook Remote Code Execution (CVE-2018-8582)
A remote code execution vulnerability exists in Microsoft Outlook. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Rockwell Automation RSLinx Classic Denial of Service (CVE-2018-14827)
A denial of service vulnerability exists in Rockwell Automation RSLinx Classic. The vulnerability is due to incorrect handling of malformed EtherNet/IP packets. A successful exploitation of the vulnerability could lead to a system crash...
Microsoft Internet Explorer Memory Corruption (CVE-2018-8460)
A memory corruption vulnerability exists in Microsoft Internet Explorer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Acrobat and Reader Type Confusion (APSB18-30: CVE-2018-12835)
A type confusion vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Edge Scripting Engine Memory Corruption (CVE-2018-8456)
A memory corruption vulnerability exists in Microsoft Edge. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...