13538 matches found
Adobe Acrobat and Reader Out-of-Bounds Read (APSB20-24: CVE-2020-9601)
An out of bounds read vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...
Adobe Acrobat and Reader Stack Exhaustion (APSB20-24: CVE-2020-9611)
A vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Adobe Acrobat and Reader Digital Signature Bypass (APSB20-24: CVE-2020-9592)
A vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Adobe Acrobat and Reader Memory corruption (APSB20-24: CVE-2020-9595)
A memory corruption vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Acrobat and Reader Out-of-bound read (APSB20-24: CVE-2020-9608)
An out of bounds read vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...
Adobe Acrobat and Reader Use-after-free (APSB20-24: CVE-2020-9607)
A use-after-free vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Acrobat and Reader Out-Of-Bounds Write (APSB20-24: CVE-2020-9597)
An out of bounds write vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...
Adobe Acrobat and Reader Buffer Overflow (APSB20-24: CVE-2020-9612)
A buffer overflow vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Microsoft VBScript Remote Code Execution (CVE-2020-1058)
A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Graphics Components Remote Code Execution (CVE-2020-1153)
A remote code execution vulnerability exists in Microsoft Microsoft Graphics Component. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft VBScript Remote Code Execution (CVE-2020-1035)
A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Internet Explorer Memory Corruption (CVE-2020-1062)
A memory corruption vulnerability exists in Microsoft Internet Explorer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft VBScript Remote Code Execution (CVE-2020-1060)
A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Win32k Elevation of Privilege (CVE-2020-1054)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Win32k Elevation of Privilege (CVE-2020-1143)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Windows Graphics Component Elevation of Privilege (CVE-2020-1135)
An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
IBM Data Risk Manager Authentication Bypass (CVE-2020-4429)
An authentication bypass vulnerability exists in IBM Data Risk Manager. The vulnerability is due to the presence of previously unknown default credentials. A remote attacker can exploit this vulnerability by authenticating to the system using the default credentials. Successful exploitation resul...
Phoenix Contact TC Router Command Injection (CVE-2020-9436)
A command injection vulnerability exists in Phoenix Contact TC Router. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft SharePoint Remote Code Execution (CVE-2020-0932)
A remote code execution vulnerability exists in Microsoft SharePoint. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
UADMIN Botnet SQL Injection
An SQL injection vulnerability exists in UADMIN botnet. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
Cisco UCS Director Directory Traversal (CVE-2020-3250)
A directory traversal vulnerability exists in Cisco UCS Director. The vulnerability is due to insufficient validation of user input within the processing of the userAPIDownloadFile API...
Trend Micro Apex One and OfficeScan Directory Traversal (CVE-2020-8599)
A directory traversal vulnerability exists in Trend Micro Apex One and OfficeScan. The vulnerability is due to improper validation of user-supplied file name in the request...
Cisco Data Center Network Manager SQL Injection (CVE-2019-15984)
An SQL injection vulnerability exists in Cisco Data Center Network Manager. The vulnerability is due to insufficient input validation when processing HTTP requests in the Java class smartLicensingController...
Liferay Portal Insecure Deserialization (CVE-2020-7961)
An insecure deserialization vulnerability exists in Liferay Portal. This vulnerability is due to improper sanitization of user-supplied data in the JSONWebServiceActionParameters class...
Quest Netvault Remote Code Execution (CVE-2018-1161)
A remote code execution vulnerability exists in quest netvault backup. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Microsoft Internet Explorer Memory Corruption(CVE-2019-1221)
A memory corruption vulnerability exists in Microsoft Internet Explorer. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Google Chrome V8 Object.seal Type Confusion
A type confusion vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Draytek Vigor Command Injection (CVE-2020-8515)
A command injection vulnerability exists in Draytek Vigor. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Kinsing Malware Infection Attempt
Kinsing is a Golang-based Linux malware. Successful infection will allow an attacker to download additional malware onto the affected system...
Saltstack Salt Authentication Bypass (CVE-2020-11651; CVE-2020-11652)
An authentication bypass vulnerability exists in Salt management framework. Successful exploitation of this vulnerability could allow a remote attacker to bypass login authentication and execute arbitrary commands on the affected system under the context of root...
Oracle Fusion Middleware WebLogic Server Insecure Deserialization (CVE-2020-2883; CVE-2020-2546; CVE-2020-2798; CVE-2020-2801; CVE-2020-2884)
An insecure deserialization vulnerability exists in the Oracle WebLogic Server. The vulnerability is due to the lack of input validation by the servlet. A successful attack could result in the execution of arbitrary code on the affected system...
HPE IMC ForwardRedirect Expression Language Injection
An Expression Language injection vulnerability exists in HPE Intelligent Management Center. This vulnerability is due to insufficient handling of the actionbean request parameter provided to the forwardredirect.xhtml endpoint...
WECON LeviStudio G_bmp Buffer Overflow
Two stack buffer overflow vulnerabilities exist in Wecon LeviStudio. These vulnerabilities are due to improper parsing of XML szFilename attribute of the Gbmp element...
WECON LeviStudio MulStatus Buffer Overflow
A stack buffer overflow exist in Wecon LeviStudio. This vulnerability is due to improper parsing of XML szFilename attribute of the MulStatus element...
WECON LeviStudio ShortMessage Buffer Overflow
A stack buffer overflow exists in Wecon LeviStudio. The vulnerability is due to improper parsing of XML SMtext attribute by WECON LeviStudio's ShortMessageModule...
WordPress SEO Plugin Authentication Bypass
An access control weakness exists in the Wordpress SEO Plugin by Rank Math. The vulnerability is due to a lack of authorization verification on the updateMeta REST endpoint...
dotCMS CMSFilter Authentication Bypass (CVE-2020-6754)
An access control weakness exists in the dotCMS content management system. The vulnerability is due to insufficient path validation in the CMSFilter class...
WordPress LearnPress Plugin SQL Injection
An SQL injection vulnerability exists in the WordPress LearnDash Plugin. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
WordPress LifterLMS Plugin Arbitrary File Write (CVE-2020-6008)
An Arbitrary File Write vulnerability exists in the WordPress LifterLMS Plugin. Successful exploitation of this vulnerability could lead to arbitrary code execution...
WordPress LearnDash Plugin SQL Injection (CVE-2020-6009)
An SQL injection vulnerability exists in the WordPress LearnDash Plugin. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
WordPress LearnPress Plugin Privilege Escalation
A privilege escalation vulnerability exists in the WordPress LearnPress Plugin Server. A remote attacker may exploit this vulnerability to execute arbitrary code with administrator privileges...
IBM Data Risk Manager Command Injection (CVE-2020-4428)
A command injection execution vulnerability exists in IBM Data Risk Manager. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Foxitsoftware Foxit Studio Photo Remote Code Execution (CVE-2020-8878)
A remote code execution vulnerability exists in foxitsoftware foxit studio photo. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Advantech WebAccess SCADA Heap-based Buffer Overflow
A heap-based buffer overflow vulnerability exists in Advantech WebAccess. Successful exploitation of this vulnerability will allow remote attackers to execute arbitrary code on the affected system...
Schneider Electric IGSSupdateservice Directory Traversal (CVE-2020-7478)
A directory traversal vulnerability exists in Schneider Electric IGSS SCADA System. The vulnerability is due to improper handling of a user-supplied path in IGSSupdateservice service...
HPE Intelligent Management Remote Rode Execution (CVE-2019-5386)
An Expression Language injection vulnerability exists in HPE Intelligent Management Center. This vulnerability is due to insufficient handling of the beanName request parameter by the class...
Pivotal RabbitMQ X-Reason Denial of Service (CVE-2019-11287)
A denial-of-service vulnerability exists in Pivotal RabbitMQ. The vulnerability is due to indefinite memory consumption when processing an X-Reason HTTP header containing a crafted Erlang format string...
Oracle JDeveloper ADF Faces Insecure Deserialization (CVE-2019-2904)
An insecure deserialization vulnerability exists in Oracle JDeveloper ADF Faces. This vulnerability is due to insufficient validation of HTTP requests...
WordPress 10Web Photo Gallery Plugin Cross Site Scripting (CVE-2020-9335)
A cross site scripting vulnerability exists in WordPress 10Web Photo Gallery plugin. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...
HPE IMC ForwardRedirect Remote Code Execution
A remote code execution vulnerability exists in HPE Intelligent Management Center. Successful exploitation could allow the attacker to execute arbitrary code on the affected system...