13538 matches found
Microsoft VBScript Remote Code Execution (CVE-2020-1260)
A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows SMB Driver Out of Bounds Read (CVE-2020-1284)
An out of bound memory read issue has been identified in SMB driver. A remote attacker could exploit the vulnerability by sending a crafted request...
Microsoft VBScript Remote Code Execution (CVE-2020-1214)
A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft VBScript Remote Code Execution (CVE-2020-1213)
A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft VBScript Remote Code Execution (CVE-2020-1230)
A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows Kernel Security Feature Bypass (CVE-2020-1241)
A security bypass vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability would allow remote attackers to bypass security tests and protocols on the affected system...
Microsoft Browser Memory Corruption (CVE-2020-1219)
A memory corruption vulnerability exists in Microsoft Browser. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft VBScript Remote Code Execution (CVE-2020-1216)
A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Win32k Elevation of Privilege (CVE-2020-1207)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
VMware Cloud Director Remote Code Execution (CVE-2020-3956)
A remote code execution vulnerability exists in VMware Cloud Director. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Pi-hole Remote Code Execution (CVE-2020-11108)
A remote code execution vulnerability exists in Pi-hole. An authenticated attacker can exploit this vulnerability by injecting arbitrary PHP code into the session. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
QNAP Photo Station Authentication Bypass (CVE-2019-7195; CVE-2019-7194)
An authentication bypass vulnerability exists in QNAP Photo Station. Successful exploitation of this vulnerability would allow remote attackers to obtain sensitive information and gain unauthorized access into the affected system...
Asus GT-AC5300 Stack Buffer Overflow (CVE-2018-17022)
A Buffer overflow vulnerability exists in Asus GT-AC5300. Successful exploitation of this vulnerability could result in a denial of service condition...
Kuicms PHP Persistent Cross-Site Scripting
A persistent cross site scripting vulnerability exists in Kuicms PHP. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...
QNAP QTS Remote Command Injection (CVE-2019-7193)
A remote command injection vulnerability exists in QNAP QTS. An authenticated attacker can exploit this vulnerability by injecting arbitrary PHP code into the session. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Comtrend Command Injection (CVE-2020-10173)
A command injection vulnerability exists in Comtrend. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
osTicket Cross-Site Scripting (CVE-2020-12629)
A cross site scripting vulnerability exists in osTicket. Successful exploitation of this vulnerability could allow attackers to execute arbitrary code on the affected system...
Apple Safari Browser Memory Corruption (CVE-2018-4441)
A memory corruption vulnerability exists in Apple Safari. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Gila CMS Remote Code Execution (CVE-2020-5514)
A remote code execution vulnerability exists in Gila CMS. The vulnerability is due to improper validation of user supplied files during image upload...
Zoho ManageEngine DataSecurity Plus Directory Traversal (CVE-2020-11531)
A directory traversal vulnerability exists in Zoho ManageEngine DataSecurity Plus. The vulnerability is due to lack of validation of the database schema name when handling a DR-SCHEMA-SYNC request in DataEngine Xnode Server application...
Wechat Brodcast Project Directory Traversal (CVE-2018-16283)
A directory traversal vulnerability exists in wechat brodcast project wechat brodcast x=1.2.0. Successful exploitation of this vulnerability would allow a remote attacker to list directories on the affected system...
Mozilla Firefox JIT Compiler Memory Leak (CVE-2018-12387)
A memory leak vulnerability exists in Mozilla Firefox JIT Compiler. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Plays.tv Remote Code Execution (CVE-2018-6546)
A remote code execution vulnerability exists in Plays.tv. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Apple Safari Memory Corruption(CVE-2018-4382)
A memory corruption vulnerability exists in apple safari x12.0.1. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
TecRail Responsive Filemanager Directory Traversal (CVE-2018-15535)
A directory traversal vulnerability exists in tecrail responsive filemanager x9.13.4. Successful exploitation of this vulnerability would allow a remote attacker to list directories on the affected system...
Google Chrome V8 Engine Memory Corruption(CVE-2017-5088)
A vulnerability exists in google chrome x59.0.3071.104. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Apple Safari Memory Corruption(CVE-2018-4386)
A memory corruption vulnerability exists in apple safari x12.0.1. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Oracle Oss Support Tools Component Remote Code Execution (CVE-2018-2615)
A vulnerability exists in oracle oss support tools x2.11.33. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Horde Groupware Remote Code Execution (CVE-2020-8518)
A remote code execution vulnerability exists in Horde Groupware. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
HTTP Headers Remote Code Execution (CVE-2020-10826; CVE-2020-10827; CVE-2020-10828; CVE-2020-13756; CVE-2021-1472; CVE-2021-1473)
HTTP headers let the client and the server pass additional information with an HTTP request. A remote attacker may use a vulnerable HTTP Header to run arbitrary code on the victim machine...
OpenSSL TLS NULL Pointer Dereference Denial of Service (CVE-2020-1967)
A NULL pointer dereference vulnerability exists in OpenSSL TLS. Successful exploitation results in a denial of service condition on the affected service...
MacOS Out Of Bounds Read (CVE-2019-6207)
An out of bounds read vulnerability exists in MacOS. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...
CentOS Web Panel Directory Traversal (CVE-2018-18323)
A directory traversal vulnerability exists in centoswebpanel centos web panel. Successful exploitation of this vulnerability would allow a remote attacker to list directories on the affected system...
FUEL CMS Remote Code Execution (CVE-2018-16763)
A command injection vulnerability exists in FUEL CMS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
IPConfigure Orchid Core VMS Directory Traversal (CVE-2018-10956)
A directory traversal vulnerability exists in ipconfigure orchid core vms. Successful exploitation of this vulnerability would allow a remote attacker to list directories on the affected system...
Sitecore.NET Directory Traversal (CVE-2018-7669)
A directory traversal vulnerability exists in Sitecore.NET. Successful exploitation of this vulnerability would allow a remote attacker to list directories on the affected system...
Schneider Electric U.motion SQL Injection (CVE-2018-7841)
An SQL injection vulnerability exists in schneiderelectric u.motion builder. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
WordPress Calculated Fields Form Plugin Cross Site Scripting (CVE-2020-7228)
A stored cross-site scripting vulnerability exists in Calculated Fields Form plugin of WordPress. The vulnerability is due to insufficient sanitization of user input to "field name" and "form name" of a form in the web application of the plugin...
Joomla SimpleCalendar Component SQL Injection (CVE-2018-5974)
A vulnerability exists in Albonico Simplecalendar. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Argus Surveillance DVR Directory Traversal (CVE-2018-15745)
A directory traversal vulnerability exists in Argus Surveillance DVR. Successful exploitation of this vulnerability would allow a remote attacker to list directories on the affected system...
Localize My Post Project Directory Traversal (CVE-2018-16299)
A directory traversal vulnerability exists in localize my post project localize my post. Successful exploitation of this vulnerability would allow a remote attacker to list directories on the affected system...
Cisco UCS Director Directory Traversal (CVE-2020-3251)
A directory traversal vulnerability exists in Cisco UCS Directory. The vulnerability is due to insufficient validation of user input within MyCallable class...
NGINX NJS Heap-Based Buffer Overflow (CVE-2019-12208)
A buffer overflow vulnerability exists in NGINX NJS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
NGINX NJS Heap-Based Buffer Overflow (CVE-2019-12206)
A buffer overflow vulnerability exists in NGINX NJS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Rockwell Automation FactoryTalk Insecure Deserialization (CVE-2020-6967)
An insecure deserialization vulnerability exists in Rockwell Automation FactoryTalk Diagnostics component. This vulnerability is due to insufficient validation of serialized data sent to RNADiagnosticsSrv endpoint...
HTTP Suspicious Windows Paths
Windows contains important operating system files and sensitive data. A remote attacker may create a malicious HTTP request to obtain sensitive information...
Zoho ManageEngine DataSecurity Plus Authentication Bypass (CVE-2020-11532)
An authentication bypass vulnerability exists in Zoho ManageEngine DataSecurity Plus. The vulnerability is due to the presence of hardcoded default credentials for the Dataengine Xnode server component...
NGINX Information Disclosure (CVE-2019-20372)
An information disclosure vulnerability exists in NGINX. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...
NGINX NJS Heap-Based Buffer Overflow (CVE-2019-12207)
A heap-based buffer overflow vulnerability exists in NGINX NJS. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Oracle iPlanet External Image Injection (CVE-2020-9314)
An External Image Injection vulnerability exists in Oracle iPlanet Web Server. Successful exploitation of this vulnerability can be used to inject an external image into a site to facilitate phishing...