13538 matches found
Microsoft Windows Contact Files Script Injection
A script injection vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary script via contact files into the affected system...
Qcubed Remote Code Execution (CVE-2020-24914)
A remote code execution vulnerability exists in Qcubed. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Apache OFBiz Insecure Deserialization(CVE-2021-26295)
An insecure deserialization vulnerability exists in Apache OFBiz. This vulnerability is due to Java serialization issues when processing requests. A remote unauthenticated attacker can exploit this vulnerability by sending a crafted request...
Nagios Network Analyzer Cross-Site Scripting (CVE-2021-28924)
A cross-site scripting vulnerability exists in Nagios Network Analyzer. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
Apple Darwin Streaming Server Remote Code Execution (CVE-2003-0050)
A remote code execution vulnerability exists in Apple Darwin Streaming Server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
HARDPULSE Backdoor Suspicious Traffic
HARDPULSE Backdoor Trojan is a malicious application that allows remote attackers to gain access to an affected system...
XStream Library Arbitrary File Deletion (CVE-2020-26259)
An arbitrary file deletion vulnerability exists in the XStream library. The vulnerability is due to improper validation of user input during unmarshalling of XML and JSON data...
Zeroshell type Parameter Command Execution (CVE-2009-0545)
ZeroShell is a small Linux distribution for servers and embedded devices. A vulnerability exists in Zeroshell that could be exploited by remote attackers to compromise a vulnerable system. The vulnerability is due to an input validation error in the "cgi-bin/kerbynet" script that does not validat...
OpenClinic GA SQL Injection (CVE-2020-27241)
An SQL injection vulnerability exists in OpenClinic GA. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
WordPress Super Cache Plugin Remote Code Execution (CVE-2021-24209)
A remote code execution vulnerability exists inWordPress Super Cache Plugin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
OpenClinic GA SQL Injection (CVE-2020-27233; CVE-2020-27234; CVE-2020-27235; CVE-2020-27236; CVE-2020-27237; CVE-2020-27238; CVE-2020-27239; CVE-2020-27240)
An SQL injection vulnerability exists in OpenClinic GA. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
LightCMS Remote Code execution (CVE-2021-27112)
A remote code execution vulnerability exists in LightCMS. Successful exploitation of this vulnerability could allow remote attackers to execute arbitrary code on the affected system...
SaltStack Salt Method Directory Traversal (CVE-2021-25282)
A directory traversal vulnerability exists in the WheelClient for Salt API, a component of SaltStack Salt. The vulnerability is due to improper validation of user-supplied in the pillarroots.write method...
Nagios Network Analyzer SQL Injection (CVE-2021-28925)
An SQL injection vulnerability exists in Nagios Network Analyzer. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
GoAhead Web Server Authentication Bypass (CVE-2020-15688)
An authentication bypass vulnerability exists in GoAhead Web Server. Successful exploitation of this vulnerability would allow remote attackers to gain unauthorized access into the affected system...
Apple Safari WebKit Memory Corruption (CVE-2016-4657)
A memory corruption vulnerability exists in the WebKit component of Apple Safari. The vulnerability is due to improper handling of objects in memory. A remote attacker could exploit this vulnerability by enticing a victim to browse to a maliciously crafted web page...
Twsz Wifi Repeater BE126 Information Disclosure (CVE-2017-8770)
An information disclosure vulnerability exists in Twsz Wifi Repeater BE126. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...
PHP Proxy Arbitrary File Read (CVE-2018-19458)
An arbitrary file read vulnerability exists in PHP Proxy. Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to access and read arbitrary file...
Google Chrome Heap Corruption (CVE-2020-16040)
A heap corruption vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
URL Directory Traversal Over HTTP Traffic (CVE-2021-21983)
URL Directory Traversal Over HTTP Traffic...
Apple Quicktime Remote Code Execution (CVE-2015-3788)
A remote code execution vulnerability exists in Apple Quicktime. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Ipswitch WhatsUp Gold SQL Injection (CVE-2015-8261)
An SQL injection vulnerability exists in Ipswitch WhatsUp Gold. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
D-Link DIR-816 Command Injection (CVE-2021-26810)
A command injection vulnerability exists in D-Link DIR-816. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Oria Gridx Remote Code Execution (CVE-2020-19625)
A remote code execution vulnerability exists in Oria Gridx. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Ruby Server Side Template Injection
A remote attacker can inject malicious commands into a template engine. Successful exploitation could result in the execution of arbitrary code in the affected web server...
Course Registration Management System Cross Site Scripting (CVE-2021-29663)
A cross-site scripting vulnerability exists in Course Registration Management System. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
Divante Vue Storefront Information Disclosure (CVE-2020-11883)
An information disclosure vulnerability exists in Divante Vue Storefront. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...
Online Ordering System SQL Injection (CVE-2021-28295)
An SQL injection vulnerability exists in Online Ordering System. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
UNION Query-based SQL Injection Over HTTP Traffic (CVE-2018-17254; CVE-2020-18144; CVE-2020-29283; CVE-2020-29287; CVE-2020-29288; CVE-2020-35430; CVE-2021-24285)
UNION Query-based SQL Injection Over HTTP Traffic...
Webmin Command Injection (CVE-2019-12840)
A command injection vulnerability exists in Webmin . Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Google Chrome Remote Code Execution
A remote code execution vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows SMB Information Disclosure (CVE-2021-28324)
An information disclosure vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...
Microsoft Windows SMB Information Disclosure (CVE-2021-28325)
An information disclosure vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...
Microsoft Win32k Elevation of Privilege (CVE-2021-28310)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Advantech iView Remote Code Execution (CVE-2021-22652)
A remote code execution vulnerability exists in Advantech iView. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Invigo Automatic Device Management Command Injection (CVE-2020-10583)
A command injection vulnerability exists in Invigo Automatic Device Management. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Zen Cart IT-Recht Kanzlei Plugin SQL Injection (CVE-2020-6577)
An SQL injection vulnerability exists in Zen Cart IT-Recht Kanzlei Plugin. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
Invigo Automatic Device Management Remote Code Execution (CVE-2020-10580)
A remote code execution vulnerability exists in Invigo Automatic Device Management. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
XML External Entity Over HTTP Request (CVE-2021-26703)
XML External Entity Over HTTP Request...
Gnu Mailman Command Injection (CVE-2020-12108)
A command injection vulnerability exists in Gnu Mailman. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Tiny Tiny RSS Remote Code Execution (CVE-2020-25787)
A remote code execution vulnerability exists in Tiny Tiny RSS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Pyres Termod4 Remote Code Execution (CVE-2020-23160)
A remote code execution vulnerability exists in Pyres Termod4. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
jQuery File Tree Directory Traversal (CVE-2017-1000170)
A directory traversal vulnerability exists in jQuery File Tree. Successful exploitation of this vulnerability could allow an attacker to access arbitrary files on the affected system...
Eclipse Jetty Denial Of Service (CVE-2020-27223)
A denial-of-service vulnerability exists in Eclipse Jetty. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
Iteris Vantage Velocity Command Injection (CVE-2020-9020)
A command injection vulnerability exists in Iteris Vantage Velocity. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Micro Focus Operations Bridge Reporter Remote Code Execution (CVE-2021-22502)
A remote code execution vulnerability exists in Micro Focus Operations Bridge Reporter. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Codiad Remote Code Execution (CVE-2018-14009; CVE-2017-11366; CVE-2017-15689)
A remote code execution vulnerability exists in Codiad. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
FortiLogger Arbitrary File Upload (CVE-2021-3378)
An arbitrary file upload vulnerability exists in FortiLogger. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Outlook Security Feature Bypass (CVE-2017-0204)
A security feature bypass vulnerability exists in Microsoft Outlook. Successful exploitation of this vulnerability could allow remote attackers to bypass security tests and protocols on the affected system...
Jenkins Remote API Information Disclosure (CVE-2017-1000395)
An information disclosure vulnerability exists in Jenkins Remote API. Successful exploitation of this vulnerability could allow a remote attacker to gain information about Jenkins user accounts...