13538 matches found
Microsoft Win32k Elevation of Privilege (CVE-2020-16907)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows TCP/IP Denial of Service (CVE-2020-16899)
A denial-of-service vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
Microsoft Windows TCP/IP Remote Code Execution (CVE-2020-16898)
A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows Media Foundation H265 Stream Parsing Remote Code Execution (CVE-2020-16915)
A code execution vulnerability exists in Microsoft Windows Media Foundation. The vulnerability is due to improper validation of H265 media files. A remote attacker could exploit the vulnerability by enticing a victim user to open a maliciously crafted media file or open the folder containing the...
Microsoft Win32k Elevation of Privilege (CVE-2020-16913)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Google Chrome Audio Use After Free (CVE-2020-6427)
A use-after-free vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Typesetter CMS Persistent Cross-Site Scripting
A cross-site scripting vulnerability exists in Typesetter CMS. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
GetSimple CMS Persistent Cross-Site Scripting
A cross-site scripting vulnerability exists in GetSimple CMS. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
Google Chrome Audio Use After Free (CVE-2020-6449)
A use-after-free vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
SQL Authentication Bypass (CVE-2020-28172)
An SQL authentication bypass is an attack on the login procedure for servers who keep users profile in an SQL form. Successful exploitation of this vulnerability allow a remote attacker to gain unauthorized access to the affected system...
Telmat Remote Code Execution (CVE-2020-16148)
A remote code execution vulnerability exists in Telmat. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Ozeki NG SMS Gateway Arbitrary File Upload (CVE-2020-14022)
An arbitrary file upload vulnerability exists in Ozeki NG SMS Gateway. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
FS Thumbtack Clone SQL Injection (CVE-2017-17589; CVE-2017-17576)
An SQL injection vulnerability exists in FS Thumbtack Clone. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...
Aveva eDNA Enterprise SQL Injection (CVE-2020-13499; CVE-2020-13500; CVE-2020-13501)
An SQL injection vulnerability exists in Aveva eDNA Enterprise. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...
Grandstream UCM6202 Command Injection (CVE-2020-5722)
A command injection vulnerability exists in Grandstream UCM6202. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Metinfo SQL Injection (CVE-2020-20800)
An SQL injection vulnerability exists in Metinfo. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
Hoosk CMS Remote Code Execution (CVE-2020-26041)
A remote code execution vulnerability exists in Hoosk CMS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Fortify Software Security Center Command Injection (CVE-2018-12463)
A command injection vulnerability exists in Fortify Security Center. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Ozeki SMS Gateway Remote Code Execution (CVE-2020-14026)
A remote code execution vulnerability exists in Ozeki SMS Gateway. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Ozeki NG SMS Gateway Directory Traversal (CVE-2020-14028)
A directory traversal vulnerability exists in Ozeki NG SMS Gateway. Successful exploitation allows unauthenticated remote attackers to disclose or access arbitrary files on the vulnerable server...
Hoosk CMS SQL Injection (CVE-2020-26042)
An SQL injection vulnerability exists in Hoosk CMS. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
Hoosk CMS Cross Site Scripting (CVE-2020-26043)
A cross-site scripting vulnerability exists in Hoosk CMS. Successful exploitation of this vulnerability could allow remote attackers to inject arbitrary web script into the affected system...
TP-LINK Cloud Cameras Command Injection (CVE-2020-12109)
A command injection vulnerability exists in TP-LINK Cloud Cameras. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Stock Management System Project SQL Injection (CVE-2020-24197)
A SQL injection vulnerability exists in Stock Management System Project. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...
Apple GarageBand Remote Code Execution (CVE-2017-2374)
A remote code execution vulnerability exists in Apple GarageBand. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
DLink DIR-615 Cross Site Request Forgery (CVE-2017-7398)
A cross site request forgery vulnerability exists in DLink DIR-615 firmware. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
JustSystems Ichitaro Buffer Overflow (CVE-2017-2789)
A buffer overflow vulnerability exists in JustSystems Ichitaro. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Mozilla Firefox Remote Code Execution (CVE-2008-1236)
A memory corruption vulnerability exists in Mozilla Firefox. A remote attacker can exploit this vulnerability by persuading the target user to open a malicious webpage. Successful attacks could allow for arbitrary code injection and execution with the privileges of the currently logged on user...
WordPress File Manager Plugin Remote Code Execution (CVE-2020-25213)
A remote code execution vulnerability exists in WordPress File Manager Plugin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
CutePHP Cutenews Remote Code Execution (CVE-2019-11447)
A remote code execution vulnerability exists in CutePHP CuteNews. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
PHP-Fusion Remote Command Execution (CVE-2020-24949)
A command execution vulnerability exists in PHP-Fusion. Successful exploitation of this vulnerability could allow a remote authenticated attacker to execute arbitrary commands on the affected system...
IBM Spectrum Protect Plus Directory Traversal (CVE-2020-4711)
A directory traversal vulnerability exists in IBM Spectrum Protect Plus. Successful exploitation of this vulnerability could allow an attacker to obtain sensitive information from the affected server...
Nagios XI command_test.php Command Injection
A command injection vulnerability exists in Nagios XI. This vulnerability is due to insufficient validation of the input parameters in the commandtest.php script...
Verint PTZ Camera Command Injection (CVE-2020-24057)
A command execution vulnerability exists in Verint PTZ Camera. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands as root on the affected system...
Oracle WebLogic Insecure Deserialization (CVE-2020-14644)
An insecure deserialization vulnerability exists in Oracle Weblogic. This vulnerability is due to insufficient validation of T3 and IIOP requests...
AlienVault OSSIM Remote Code Execution (CVE-2017-6971)
A remote code execution vulnerability exists in AlienVault OSSIM. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Oniguruma Project Memory Corruption (CVE-2017-9226)
A memory corruption vulnerability exists in Oniguruma project oniguruma 6.2.0. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Magneto MAGMI Authentication Bypass (CVE-2020-5777)
An authentication bypass vulnerability exists in Magneto MAGMI. Successful exploitation of this vulnerability allow a remote attacker to gain unauthorized access to the affected system...
Microsoft Office Remote Code Execution (CVE-2017-0261)
A remote code execution vulnerability exists in Encapsulated PostScript EPS of Microsoft Office. The vulnerability is due to the way that Microsoft Office does not properly handle objects in memory while parsing specially crafted Office files. A remote attacker can exploit this issue by enticing ...
Softdatepro SameDate Pro SQL Injection (CVE-2017-15971)
An SQL injection vulnerability exists in Softdatepro SameDate Pro. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...
Cacti color.php SQL Injection (CVE-2020-14295)
A SQL injection vulnerability exists in Cacti. The vulnerability is due to improper sanitization of the filter request parameter in color.php...
Sourcecodetester Daily Tracker System SQL Injection (CVE-2020-24193)
An SQL injection vulnerability exists in Sourcecodetester Daily Tracker System. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...
Pulse Connect Secure Remote Code Execution (CVE-2020-8218)
A remote code execution vulnerability exists in Pulse Connect Secure. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Jenkins Stapler Web Framework Code Execution (CVE-2018-1000861)
A remote code execution vulnerability exists in Jenkins Stapler Web Framework. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Netlogon Elevation of Privilege (CVE-2020-1472)
An elevation of privilege vulnerability exists in Microsoft Netlogon. Successful exploitation of this vulnerability could allow an attacker to run arbitrary code with elevated privileges...
Verint PTZ Camera Stack Overflow
A buffer overflow vulnerability exists in Verint PTZ Camera. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Microsoft Internet Explorer Memory Corruption (CVE-2015-2419)
A remote code execution vulnerability exists in the way that the JScript engine, when rendered in Internet Explorer, handles objects in memory. A remote attacker can exploit this issue by enticing a user to open a specially crafted web-page with an affected version of Internet Explorer...
Microsoft Exchange Memory Corruption (CVE-2020-16875)
A memory corruption vulnerability exists in Microsoft Exchange. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
OpenSIS SQL Injection (CVE-2020-6637; CVE-2020-6137; CVE-2020-6138; CVE-2020-6139; CVE-2020-6140; CVE-2020-6141)
An SQL injection vulnerability exists in OpenSIS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary SQL commands on the affected system...
Fortinet FortiOS Cross-Site Scripting (CVE-2017-14186)
A cross-site scripting vulnerability exists in Fortinet fortios x under 5.0. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...