13538 matches found
Cisco SD-WAN vManage Remote Code Execution (CVE-2020-3387)
A remote code execution vulnerability exists in Cisco SD-WAN vManage. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Nagios XI WatchGuard Wizard Command Injection (CVE-2021-37346)
A command injection vulnerability exists in Nagios XI. The vulnerability is due to insufficient input validation of the requests submitted to the watchguard.inc.php...
Oracle Fusion Middleware BI Publisher Arbitrary File Upload (CVE-2021-2392)
An arbitrary file upload vulnerability exists in Oracle Business Intelligence. This vulnerability is due to insufficient input validation in the UploadFndDBCPage class...
Omron CX-One Stack Buffer Overflow (CVE-2020-27261)
A stack-based overflow exists in the CX-Position module of OMRON CX-One. The vulnerability is due to input validation error when processing NCI configuration files...
Rapid7 Nexpose SQL Injection (CVE-2020-7383)
An SQL injection vulnerability exists in Rapid7 Nexpose. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
WordPress Social Warfare Plugin Remote Code Execution
A remote code execution vulnerability exists in WordPress Social Warfare Plugin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Centreon MediaWiki SQL Injection (CVE-2021-37558)
An SQL injection vulnerability exists in Centreon MediaWiki. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
Oracle E-Business Suite Sales Offline Denial of Service (CVE-2021-2189)
An infinite loop vulnerability exists in the Sales Offline component of Oracle E-Business Suite. The vulnerability is due to improper handling of requests by the authentication component of Sales Offline...
Advantech iView runProViewUpgrade Command Injection (CVE-2021-32930)
A remote command execution exists in Advantech iView. The vulnerability is due to improper input sanitization...
Buffalo Routers Directory Traversal (CVE-2021-20090; CVE-2021-20091)
A directory traversal vulnerability exists in Buffalo routers. Successful exploitation of this vulnerability could allow an attacker to access arbitrary files on the affected system...
WordPress Modern Events Calendar Plugin Remote Code Execution (CVE-2021-24145)
A remote code execution vulnerability exists in WordPress Modern Events Calendar Plugin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Mimosa PTP Devices Stored Cross Site Scripting (CVE-2020-25205)
A cross-site scripting vulnerability exists in Mimosa PTP Devices. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
Xiaomi Mi WiFi R3G Remote Code Execution (CVE-2019-18370)
A remote code execution vulnerability exists in Xiaomi Mi WiFi R3G. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Mimosa Devices Command Injection (CVE-2020-25206)
A command injection vulnerability exists in Mimosa. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Microsoft Windows Update Medic Service Privilege Escalation (CVE-2021-36948)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Apache Pulsar JSON Web Token Authentication Bypass (CVE-2021-22160)
An authentication bypass vulnerability exists in the JSON Web Token authentication module of Apache Pulsar. The vulnerability is due to improper handling of unsigned JSON Web Tokens...
Zoho ManageEngine Applications Manager URL monitor SQL Injection
A SQL injection vulnerability exists in the Zoho ManageEngine Applications Manager. The vulnerability is due to improper validation of user-supplied input when processing the request in URL monitor module...
Compal ConnectBox Remote Code Execution (CVE-2019-13025)
A remote code execution vulnerability exists in Compal ConnectBox. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Advantech iView deleteZtpConfig SQL Injection (CVE-2021-32932)
A SQL injection vulnerability exists in the Advantech iView. The vulnerability is due to improper validation of user-supplied input when processing the request in method in Java class...
Google Chrome Heap Corruption (CVE-2019-13764)
A heap corruption vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Scripting Engine Memory Corruption (CVE-2021-34480)
A memory corruption vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows Services for NFS ONCRPC XDR Driver Remote Code Execution (CVE-2021-26432)
A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Remote Desktop Client Remote Code Execution (CVE-2021-34535)
A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Pandora FMS Arbitrary File Upload (CVE-2021-34074)
An arbitrary file upload vulnerability exists in Pandora FMS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Agent Tesla Panel Remote Code Execution
A remote code execution vulnerability exists in Agent Tesla Panel. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
WordPress Popular Posts Plugin Remote Code Execution
A remote code execution vulnerability exists in WordPress Popular Posts Plugin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
PHPMyWind Cross Site Scripting (CVE-2020-18229)
A cross site scripting vulnerability exists in PHPMyWind. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...
Tenda AC1200 Denial Of Service (CVE-2020-28095)
A denial of service vulnerability exists in Tenda AC1200. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
Latrix Project SQL Injection (CVE-2021-30000)
An SQL injection vulnerability exists in Latrix Project. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
WordPress WooCommerce Plugin SQL Injection
An SQL injection vulnerability exists in WordPress WooCommerce Plugin. Successful exploitation of this vulnerability could result in the execution of arbitrary SQL statements on the affected system...
WordPress BuddyPress Plugin Privilege Escalation (CVE-2021-21389)
A privilege escalation vulnerability exists in WordPress BuddyPress Plugin. Successful exploitation of this vulnerability would allow a remote attacker to gain unauthorized access to the affected system...
VoIPmonitor Remote Code Execution (CVE-2021-30461)
A remote code execution vulnerability exists in VoIPmonitor. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Rocket.Chat NoSQL injection (CVE-2021-22911)
A NoSQL injection vulnerability exists in Rocket.Chat. Successful exploitation of this vulnerability could allow attackers to inject commands and execute arbitrary code on the affected system...
NETGEAR Command Injection (CVE-2021-33514)
A command injection vulnerability exists in NETGEAR routers. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Belkin Linksys Denial Of Service (CVE-2020-35716)
A denial-of-service vulnerability exists in Belkin Linksys. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
Microsoft Active Directory Certificate Services NTLM Relay (CVE-2021-36942; CVE-2022-26925)
An NTLM relay vulnerability exists in Microsoft Active Directory Certificate Services. A remote attack can coerce Windows hosts to authenticate to other machines via the MS-EFSRPC protocol and obtain its NTLM credential. Successful exploitation could lead to complete takeover of the target domain...
Open LiteSpeed Web Server Command Injection
A command injection vulnerability exists in Open LiteSpeed Web Server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Nagios XI Remote Code Execution
A remote code execution vulnerability exists in Nagios XI Remote. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Google Chrome Heap Corruption (CVE-2021-21166)
A heap corruption vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Apple WebKit Use After Free (CVE-2021-1879)
A use after free vulnerability exists in Apple WebKit. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Internet Explorer Out-of-Bounds Write (CVE-2021-33742)
An out-of-bounds write vulnerability exists in Microsoft Internet Explorer. Successful exploitation of this vulnerability could lead to arbitrary code execution in the context of the affected application...
Google Chrome Heap Corruption (CVE-2021-30551)
A heap corruption vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
CRMEB Arbitrary File Upload (CVE-2020-21787)
An arbitrary file upload vulnerability exists in CRMEB. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Moodle Command Injection (CVE-2021-21809)
A command injection vulnerability exists in Moodle. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
ManageEngine ServiceDesk Plus Command Injection (CVE-2021-20081)
A command injection vulnerability exists in ManageEngine ServiceDesk Plus. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
FiberHome Routers Command Injection (CVE-2021-42912)
A command injection vulnerability exists in FiberHome routers. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Insteon HD IP Camera Remote Code Execution (CVE-2018-11560; CVE-2018-12640)
A remote code execution vulnerability exists in Insteon HD IP Camera. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Cisco Adaptive Security Appliance Cross Site Scripting (CVE-2020-3580)
A cross site scripting vulnerability exists in Cisco Adaptive Security Appliance. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...
ForgeRock OpenAM Remote Code Execution (CVE-2021-35464)
A remote code execution vulnerability exists in ForgeRock OpenAM. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Exchange Server Remote Code Execution (CVE-2021-34473; CVE-2021-34523)
A remote code execution vulnerability exists in Microsoft Exchange. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...