13538 matches found
Microsoft Scripting Engine Memory Corruption (CVE-2021-34448)
A memory corruption vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows Kernel Elevation of Privilege (CVE-2021-33771)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Win32k Elevation of Privilege (CVE-2021-34449)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Acrobat and Reader Use After Free (APSB21-51: CVE-2021-28635)
A use-after-free vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows Kernel Elevation of Privilege (CVE-2021-31979)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Acrobat and Reader Use After Free (APSB21-51: CVE-2021-28640)
A use-after-free vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft SharePoint Server Remote Code Execution (CVE-2021-34467)
A remote code execution vulnerability exists in Microsoft SharePoint. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Thecus NAS Server Control Panel Command Injection
A command injection vulnerability exists in Thecus NAS Server Control Panel. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Netgear WNAP320 Command Injection
A command injection vulnerability exists in Netgear WNAP320. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Windows Print Spooler Remote Code Execution (CVE-2021-34527)
A remote code execution vulnerability exists in the Windows Print Spooler service. A remote, authenticated attacker can exploit this issue by sending a specially crafted packet to the target server. Successful exploitation could result in execution of arbitrary code on the affected system. AKA...
TP-Link TL-WR841N Command Injection (CVE-2020-35576)
A command injection vulnerability exists in TP-Link TL-WR841N. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
PhpFileManager Local File Inclusion
A vulnerability exists in phpFileManager. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
VBulletin widget_tabbedContainer_tab_panel Remote Code Execution
A remote code execution vulnerability exists in vBulletin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
ArticleCMS Arbitrary File Upload (CVE-2020-20092; CVE-2020-28063)
An arbitrary file upload vulnerability exists in ArticleCMS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Pisay Online E Learning System Remote Code Execution
A remote code execution vulnerability exists in Pisay. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
SQL Injection Scanning Attempt Over HTTP (CVE-2021-24321)
SQL Injection Scanning Attempt Over HTTP...
UserSpice Username Enumeration
A vulnerability exists in userSpice. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Telesquare LTE Router Denial Of Service
A denial-of-service vulnerability exists in Telesquare. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
Fangfa Content Management System SQL Injection (CVE-2020-35441)
An SQL injection vulnerability exists in Fangfa Content Management System. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
Jenkins Claim Plugin Cross-Site Scripting (CVE-2021-21619)
A stored cross-site scripting vulnerability exists in Jenkins Claim plugin. This vulnerability is due to insufficient validation of the displayName shown in claims...
Laravel Framework Remote Code Execution (CVE-2018-15133)
A command injection vulnerability exists in Laravel Framework. This is due to insufficient handling of X-XSRF-TOKEN header in phpgcc library. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Nagios XI Manage.php Directory Traversal (CVE-2021-3277)
A directory traversal vulnerability exists in Nagios XI. The vulnerability is due to insufficient validation of the request parameters in manage.php of the Custom-includes module...
Hospital Management System Authentication Bypass
An authentication bypass vulnerability exists in Hospital Management System. Successful exploitation of this vulnerability would allow remote attackers to gain unauthorized access into the affected system...
DALIM SOFTWARE Es User Enumeration
A vulnerability exists in DALIM SOFTWARE. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Thecus N4800Eco NAS Server Command Injection
A vulnerability exists in Thecus. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Restaurant Management System Remote Code Execution
A remote code execution vulnerability exists in Restaurant Management System. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
ClipBucket Remote Code Execution
A remote code execution vulnerability exists in ClipBucket. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
PHP Webshell Upload Over HTTP
An attacker might upload a webshell backdoor to a PHP server. A successful exploitation might allow the attacker to run arbitrary code, or use the server as a bot for further attacks...
Grav CMS Command Injection (CVE-2021-29440)
A command injection vulnerability exists in Grav CMS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Open Web Analytics SQL Injection (CVE-2014-1206)
An SQL Injection vulnerability exists in Open Web Analytics. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
CentOS Web Panel SQL Injection (CVE-2021-31316; CVE-2021-31324)
An SQL injection vulnerability exists in CentOS Web Panel. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
Netgear ProSAFE Network Management System Arbitrary File Upload (CVE-2021-27274)
An unrestricted file upload vulnerability exists in Netgear ProSAFE NMS300. The vulnerability is due to improper validation of the uploaded file in the MFileUploadController class...
Cisco HyperFlex HX Directory Traversal (CVE-2021-1499)
A directory traversal vulnerability exists in Cisco Hyperflex. The vulnerability is due to improper input sanitization...
Cisco HyperFlex HX Command Injection (CVE-2021-1498; CVE-2021-1497)
A remote command execution vulnerability exists in Cisco Hyperflex. The vulnerability is due to improper input sanitization...
Apache OFBiz Insecure Deserialization (CVE-2021-29200)
An insecure deserialization vulnerability exists in Apache OFBiz. This vulnerability is due to Java serialization issues when processing requests. A remote unauthenticated attacker can exploit this vulnerability by sending a crafted request...
Unauthorized SQL Commands Over HTTP (CVE-2020-15153; CVE-2020-35545)
Unauthorized SQL Commands Over HTTP...
Apache Airflow Command Injection (CVE-2020-11978; CVE-2020-13927)
A command injection vulnerability exists in Apache Airflow. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Nagios Fusion Remote Code Execution (CVE-2020-28905)
A remote code execution vulnerability exists in Nagios Fusion. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
ManageEngine ADSelfService Plus Command Injection (CVE-2021-33256)
A command injection vulnerability exists in ManageEngine ADSelfService Plus. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Apple macOS Privilege Escalation (CVE-2021-30713)
A privilege escalation vulnerability exists in MacOS. Successful exploitation of this vulnerability could allow a remote attacker to bypass Privacy preferences and run arbitrary code with elevated privileges...
HongCMS Directory Traversal (CVE-2020-18178)
A directory traversal vulnerability exists in HongCMS. Successful exploitation of this vulnerability could allow an attacker to access arbitrary files on the affected system...
Microsoft Scripting Engine Memory Corruption (CVE-2021-31959)
A memory corruption vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
TP-Link WR2041 Buffer Overflow (CVE-2021-26827)
A buffer overflow vulnerability exists in TP-Link WR2041. Successful exploitation of this vulnerability could allow a remote attacker to cause an application crash...
Codiad Web IDE Command Injection (CVE-2019-19208)
A command injection vulnerability exists in Codiad Web IDE. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Microsoft DWM Core Library Elevation of Privilege (CVE-2021-33739)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows Kernel-Mode Driver Elevation of Privilege (CVE-2021-31952)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows dssenh.dll Elevation of Privilege (CVE-2021-31201)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows rsaenh.dll Elevation of Privilege (CVE-2021-31199)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows NTFS Elevation of Privilege (CVE-2021-31956)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
VMware vCenter Server Remote Code Execution (CVE-2021-21985)
A remote code execution vulnerability exists in VMware vCenter Server. Successful exploitation of this vulnerability would allow remote attackers to execute arbitrary code on the affected system...