Apache APISIX Remote Code Execution (CVE-2022-24112)

A remote code execution vulnerability exists in Apache APISIX. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the affected system...

D-Link DSL-2760U Gateway Cross Site Scripting (CVE-2013-5223)

A cross-site scripting vulnerability exists in D-Link DSL-2760U Gateway. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

Tenda AX3 Router Buffer Overflow (CVE-2022-24995)

A buffer overflow vulnerability exists in Tenda AX3 Router. Successful exploitation of this vulnerability could result in a denial of service or execution of arbitrary code into the affected system...

WordPress Remote Code Execution (CVE-2021-44223)

A remote code execution vulnerability exists in WordPress. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Tenda AX1806 Router Buffer Overflow (CVE-2022-25547)

A buffer overflow vulnerability exists in Tenda AX1806 Router. Successful exploitation of this vulnerability could result in a denial of service or execution of arbitrary code into the affected system...

LG N1A1 Remote Code Execution (CVE-2018-14839)

A remote code execution vulnerability exists in LG N1A1. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Pulse Connect Secure Authentication Bypass (CVE-2021-22893)

An authentication bypass vulnerability exists in Pulse Connect Secure. Successful exploitation of this vulnerability could allow a remote attacker to gain unauthorized access to the affected system...

Spring Cloud Gateway Remote Code Execution (CVE-2022-22947)

A remote code execution vulnerability exists in Spring Cloud Gateway. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

APC Smart-UPS Authentication Bypass (CVE-2022-22806)

An authentication bypass vulnerability exists in APC Smart-UPS. Successful exploitation of this vulnerability would allow remote attackers to obtain sensitive information and gain unauthorized access into the affected system...

Citrix SD-WAN Command Injection (CVE-2019-12991)

A command injection vulnerability exists in Citrix SD-WAN. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Citrix SD-WAN SQL Injection (CVE-2019-12989)

An SQL injection vulnerability exists in Citrix SD-WAN. Successful exploitation of this vulnerability could result in the execution of arbitrary SQL statements on the affected system...

Redis Lua Remote Code Execution (CVE-2022-0543)

A remote code execution vulnerability exists in Redis Lua. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Spring Cloud Function Remote Code Execution (CVE-2022-22963)

A remote code execution vulnerability exists in Spring Cloud Function. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Spring Core Remote Code Execution (CVE-2022-22965)

A remote code execution vulnerability exists in Spring Core. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Tenda AX3 Router Buffer Overflow (CVE-2021-46393; CVE-2021-46394)

A stack buffer overflow vulnerability exists in Tenda AX3 Router. Successful exploitation of this vulnerability could result in a remote code execution with carefully crafted overflow data...

Google Chrome Browser Use-After-Free (CVE-2021-37973)

A use-after-free vulnerability exists in Google Chrome Browser, Successful exploitation of this vulnerability could allow a remote attacker to potentially perform a sandbox escape via a crafted HTML page...

TP-Link WR886N Buffer Overflow (CVE-2021-44864)

A buffer overflow vulnerability exists in TP-Link WR886N. Successful exploitation of this vulnerability could result in a denial of service of the affected system...

Tenda AC15 Buffer Overflow (CVE-2021-44352)

A buffer overflow vulnerability exists in Tenda AC15. Successful exploitation of this vulnerability could result in a denial of service or execution of arbitrary code into the affected system...

FatPipe Multiple Products Unrestricted File Upload (CVE-2021-27860)

An unrestricted file upload vulnerability exists in FatPipe Multiple Products. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Metabase GeoJSON Map Information Disclosure (CVE-2021-41277)

An information disclosure vulnerability exists in Metabase GeoJSON Map. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...

Adobe Commerce Command Injection (CVE-2022-24086)

A command injection vulnerability exists in Adobe Commerce. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

Adobe ColdFusion Information Disclosure (CVE-2013-0631)

An information disclosure vulnerability exists in Adobe ColdFusion. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...

Hikvision Web Server Command Injection (CVE-2021-36260)

A command injection vulnerability exists in Hikvision Web Server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

Google Chrome Use After Free (CVE-2022-0609)

A use after free vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

OpenSSL Denial of Service (CVE-2022-0778)

A denial of service vulnerability exists in OpenSSL. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

WordPress Download Monitor Plugin Cross-Site Scripting (CVE-2021-23174)

A stored cross-site scripting vulnerability exists in Download Monitor Plugin for WordPress. The vulnerability is due to insufficient sanitization of user-supplied data in posttitle parameter...

Extensis Portfolio Multiple Vulnerabilities (CVE-2022-24251; CVE-2022-24252; CVE-2022-24253; CVE-2022-24254)

Multiple vulnerabilities exist in Extensis Portfolio. Successful exploitation of these vulnerabilities could allow a remote attacker to execute arbitrary commands on the affected system...

Zoho ManageEngine Desktop Central Authentication Bypass (CVE-2021-44515)

An authentication bypass vulnerability exists in Zoho ManageEngine Desktop Central. Successful exploitation of this vulnerability would allow remote attackers to obtain sensitive information and gain unauthorized access into the affected system...

Trend Micro Deep Security Agent Code Injection (CVE-2022-23120)

A code injection vulnerability exists in Trend Micro Deep Security Agent. Successful exploitation of this issue can lead to local privilege escalation...

jQuery UI Datepicker Widget Cross Site Scripting (CVE-2021-41182; CVE-2021-41183)

A cross site scripting vulnerability exists in the jQuery UI Datepicker widget. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...

DIAEnergie Cross-Site Scripting (CVE-2021-44544)

A stored cross-site scripting vulnerability exists in Delta Industrial Automation DIAEnergie. The vulnerability is due to input validation error when processing parameters in HandlerEnergyType.ashx endpoint...

WordPress WP Statistics Plugin SQL Injection (CVE-2022-25148)

An SQL injection vulnerability exists in WordPress WP Statistics Plugin. Successful exploitation of this vulnerability could result in the execution of arbitrary SQL statements on the affected system...

Western Digital My Cloud NAS Remote Code Execution Multiple Vulnerabilities (CVE-2020-25765; CVE-2020-27158; CVE-2020-27159; CVE-2020-27160; CVE-2020-27744)

A remote code execution vulnerability exists in Western Digital My Cloud NAS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

Google Chrome Blink Use After Free (CVE-2021-30625)

A use-after-free vulnerability exists in Google Chrome Blink. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

D-Link DIR809 Buffer Overflow (CVE-2021-33266; CVE-2021-33267; CVE-2021-33268; CVE-2021-33269; CVE-2021-33270; CVE-2021-33271; CVE-2021-33274)

A buffer overflow vulnerability exists in D-Link DIR809. Successful exploitation of this vulnerability could result in a denial of service or execution of arbitrary code into the affected system...

Apache Cassandra Remote Code Execution (CVE-2021-44521)

A remote code execution vulnerability exists in Apache Cassandra. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

Microsoft Remote Desktop Client Remote Code Execution (CVE-2022-23285)

A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Microsoft Windows PDEV Elevation of Privilege (CVE-2022-23299)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Microsoft Windows Ancillary Function Driver for WinSock Elevation of Privilege (CVE-2022-24507)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Microsoft Remote Desktop Client Remote Code Execution (CVE-2022-21990)

A remote code execution vulnerability exists in Microsoft Remote Desktop Client. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Microsoft Windows Cloud Files Mini Filter Driver Elevation of Privilege (CVE-2022-23286)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Microsoft Internet Explorer Security Feature Bypass (CVE-2022-24502)

A security bypass vulnerability exists in Microsoft Internet Explorer. Successful exploitation of this vulnerability would allow remote attackers to bypass security tests and protocols on the affected system...

Microsoft Point-to-Point Tunneling Protocol Denial of Service (CVE-2022-23253)

A denial-of-service vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

BeyondTrust Secure Remote Access Base Software Cross Site Scripting (CVE-2021-31589)

A cross-site scripting vulnerability exists in BeyondTrust Secure Remote Access Base Software. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

WordPress Popular Posts Plugin Arbitrary File Upload (CVE-2021-42362)

An arbitrary file upload vulnerability exists in WordPress Popular Posts Plugin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

HP LinuxKI Command Injection (CVE-2020-7209)

A command injection vulnerability exists in HP LinuxKI. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

Zabbix Web Frontend Authentication Bypass (CVE-2022-23131)

An authentication bypass vulnerability exists in Zabbix Web Frontend. Successful exploitation of this vulnerability would allow remote attackers to obtain sensitive information and gain unauthorized access into the affected system...

Zabbix Web Frontend Authentication Bypass (CVE-2022-23134)

An authentication bypass vulnerability exists in Zabbix Web Frontend. Successful exploitation of this vulnerability would allow remote attackers to obtain sensitive information and gain unauthorized access into the affected system...

Apache Struts Denial of Service (CVE-2006-1547)

A denial-of-service vulnerability exists in Apache Struts. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

TOTOLINK EX200 Command Injection (CVE-2021-43711)

A command injection vulnerability exists in TOTOLINK EX200. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...