13538 matches found
Oracle WebLogic Remote Code Execution (CVE-2020-14882; CVE-2020-14750; CVE-2020-14825; CVE-2020-14883)
A remote code execution vulnerability exists in Oracle WebLogic. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
FFmpeg Heap-based Buffer Overflow (CVE-2020-12284)
A buffer overflow vulnerability exists in NGINX NJS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Sangoma FreePBX Authentication Bypass (CVE-2019-19006)
An authentication bypass vulnerability exists in Sangoma FreePBX. A remote attacker could exploit this flaw by sending specially crafted packets to the affected server. Successful exploitation of this vulnerability would allow remote attackers to obtain sensitive information and gain unauthorized...
29o3 CMS Remote Code Execution (CVE-2010-1922)
A remote code execution vulnerability exists in 29o3 CMS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Nagios XI users.php do_update_user Stored Cross-Site Scripting
A stored cross-site scripting vulnerability exists in Nagios XI. The vulnerability is due to insufficient validation of the phone parameter in users.php...
Microsoft Windows Remote Code Execution (CVE-2020-1300)
A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation could result in execution of arbitrary code on the affected system...
ZOHO ManageEngine ADSelfService Plus Information Disclosure (CVE-2010-3272)
An information disclosure vulnerability exists in ZOHO ManageEngine ADSelfService Plus. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Nitro Pro PDF Use After Free (CVE-2020-6074)
A use-after-free vulnerability exists in Nitro Pro PDF. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Foxit PhantomPDF Use After Free (CVE-2020-8845)
A use-after-free vulnerability exists in Foxit PhantomPDF. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Alcatel Lucent Stack Overflow (CVE-2019-3922)
A stack overflow vulnerability exists in Alcatel Lucent. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Cacti utilities.php Cross-Site Scripting (CVE-2010-2544)
A cross site scripting vulnerability exists in Cacti. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
SolarWinds DameWare Heap Overflow (CVE-2020-5734)
A heap overflow vulnerability exists in SolarWinds DameWare. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Microsoft Media Foundation Use After Free (CVE-2019-1430)
A use-after-free vulnerability exists in Microsoft Media Foundation. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Delta Industrial Automation CNCSoft Buffer Overflow (CVE-2020-7002)
A buffer overflow vulnerability exists in Delta Electronics CNCSoft. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
VMware VCenter Server Directory Service Authentication Bypass (CVE-2020-3952)
An authentication bypass vulnerability exists in VMware VCenter Server Directory Service. Successful exploitation of this vulnerability could allow a remote attacker to gain unauthorized access to the affected system...
Google Chrome Integer Overflow (CVE-2020-6381)
An integer overflow vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to potentially exploit heap corruption on the affected system...
Google Chrome Type Confusion (CVE-2020-6468)
A type confusion vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Cisco Unified Contact Center Express Insecure Deserialization (CVE-2020-3280)
An insecure deserialization vulnerability exists in the Cisco Unified Contact Center Express. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
WordPress Loginizer Plugin SQL injection (CVE-2020-27615)
An SQL injection vulnerability exists in WordPress Loginizer Plugin. Successful exploitation of this vulnerability could result in the execution of arbitrary SQL statements on the affected system...
Eaton HMiSoft Stack Buffer Overflow (CVE-2020-10639)
A stack buffer overflow vulnerability exists in Eaton HMiSoft. Successful exploitation of this vulnerability could result in a denial of service or execution of arbitrary code into the affected system...
Microsoft Windows Active Directory Remote Code Execution (CVE-2020-0718)
A remote code execution vulnerability exists in Microsoft Windows Active Directory. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Oracle E-Business Suite Advanced Outbound Telephony Cross-Site Scripting (CVE-2020-2856)
A cross-site scripting vulnerability exists in Oracle E-Business Suite Advanced Outbound Telephony. Successful exploitation of this vulnerability could allow remote attackers to inject arbitrary web script into the affected system...
Google Chrome Sandbox Escape (CVE-2020-6471)
A security sandbox escape vulnerability exists in Google Chrome. Successful exploitation can impact the availability, integrity, and confidentiality of the user's system...
Google Chrome Use After Free (CVE-2020-6378)
A use-after-free vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Google Golang Crypto Denial of Service (CVE-2020-9283)
A denial-of-service vulnerability exists in Google Golang. Successful exploitation of this vulnerability could cause a denial-of-service condition...
Microsoft .NET Framework XPS File Parsing Remote Code Execution (CVE-2020-0605)
A remote code execution vulnerability exists in Microsoft .NET Framework XPS File Parsing. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Google Chrome Memory Corruption (CVE-2020-15999)
A memory corruption vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Foxit Studio Photo Out of Bounds Read (CVE-2020-8877; CVE-2020-8879)
An out of bounds read vulnerability exists in Foxit Studio Photo. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...
MobileIron Core And Connector Remote Code Execution (CVE-2020-15505)
A remote code execution vulnerability exists in MobileIron Core And Connector. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Exim Mail Server Buffer Overflow (CVE-2018-6789)
A buffer overflow vulnerability exists in Exim Mail Server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Microsoft SharePoint Remote Code Execution (CVE-2020-16952)
A remote code execution vulnerability exists in Microsoft SharePoint. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Google Chrome Speech Use After Free (CVE-2020-6386)
A use-after-free vulnerability exists in Google Chrome Speech. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Zyxel Routers Privilege Escalation (CVE-2020-24355)
A Privilege Escalation vulnerability exists in Zyxel VMG5313-B30B router. Successful exploitation of this vulnerability could allow a remote attacker to create new users with elevated privileges and by that damage the affected system...
Authors ePublisher Command Injection
A command injection vulnerability exists in Authors ePublisher. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Google Chrome Use After Free (CVE-2020-6462)
A use-after-free vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Google Chrome Use After Free (CVE-2020-6461)
A use-after-free vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Foxit Reader and PhantomPDF Integer Overflow (CVE-2020-8844)
An integer overflow vulnerability exists in Foxit Reader and PhantomPDF. This vulnerability is due to improper parsing of image files within ConvertToPDF. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Google Chrome Policy Bypass (CVE-2020-6385)
A policy bypass vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow the disclosure of sensitive information...
Advantech WebAccess Arbitrary File Upload (CVE-2020-10621)
An arbitrary file upload vulnerability exists in Advantech WebAccess. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Google Chrome Heap Corruption (CVE-2020-6455)
A heap corruption vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Google Chrome Use After Free (CVE-2020-6465)
A use-after-free vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Google Chrome Heap Corruption (CVE-2020-6383)
A heap corruption vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Google Chrome Use After Free (CVE-2020-6459)
A use-after-free vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Google Chrome Heap Corruption (CVE-2020-6466)
A use-after-free vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Google Chrome Use After Free (CVE-2015-1209)
A use-after-free vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to cause a denial of service or execute arbitrary code on the affected system...
Tenda Routers Command Injection (CVE-2020-10987; CVE-2018-14558)
A command injection vulnerability exists in Tenda Routers. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Google Chrome Media Cross Origin Bypass (CVE-2020-6420)
A cross origin bypass vulnerability exists in Google chrome. Successful exploitation of this vulnerability can result in information disclosure and execution of active content outside the prescribed context...
Google Chrome Audio Use After Free (CVE-2020-6493)
A use-after-free vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows Remote Desktop Protocol (RDP) Information Disclosure (CVE-2020-16896)
An information disclosure vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...
Microsoft Windows Spoofing (CVE-2020-16922)
A spoofing vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability would allow a remote attacker to impersonate and present itself as a legitimate host...