13538 matches found
Microsoft Exchange Remote Code Execution (CVE-2020-17132)
A remote code execution vulnerability exists in Microsoft Exchange. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Apache Airflow Command Injection (CVE-2022-24288)
A command injection vulnerability exists in Apache Airflow. This vulnerability is due to improper input validation for parameters for directed acyclic graphs DAGs...
Advantech iView Command Injection (CVE-2022-2143)
A command injection vulnerability exists for Advantech iView. This vulnerability is due to improper input validation of the backupfilename parameter while updating NetworkServlet database...
WordPress WP Statistics Plugin SQL Injection (CVE-2022-0513)
An SQL injection vulnerability exists in WordPress WP Statistics plugin. Successful exploitation of this vulnerability could result in the execution of arbitrary SQL statements on the affected system...
Snapt Aria Command Injection (CVE-2022-24237)
A command injection vulnerability exists in Snapt Aria. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Jenkins GitLab Plugin Cross-Site Scripting (CVE-2022-34777)
A stored cross-site scripting vulnerability exists in Jenkins GitLab Plugin. This vulnerability is due to insufficient validation of user provided fields in the build cause of webhook triggered builds...
Advantech iView SQL Injection (CVE-2022-2135)
A SQL injection vulnerability exists for Advantech iView. This vulnerability is due to improper input validation for the segment parameter in the findCfgDeviceList process...
OpenEMR Cross-Site Scripting (CVE-2022-1179)
A stored cross-site scripting vulnerability exists for OpenEMR. This vulnerability is due to improper input validation for the fldtitle parameter when creating rules...
TOTOLink A860R Command Injection (CVE-2022-25076; CVE-2022-25078; CVE-2022-25079; CVE-2022-25080; CVE-2022-25081; CVE-2022-25082; CVE-2022-25083; CVE-2022-25084)
A command injection vulnerability exists in TOTOLink A860R. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
OpenEMR Cross-Site Scripting (CVE-2022-1181)
A cross-site scripting vulnerability exists in OpenEMR. The vulnerability is due to insufficient sanitization of patients' first and last names in newcomprehensivesave.php...
Advantech iView Directory Traversal (CVE-2022-2139)
A directory traversal vulnerability exists in Advantech iView. The vulnerability is due to improper validation of user-supplied path before using in findCfgDeviceListDetailsExport method...
Wordpress Email Template Designer Plugin Authentication Bypass (CVE-2022-0218)
An authentication bypass vulnerability exists in the Wordpress plugin "WordPress Email Template Designer - WP HTML Mail". The vulnerability is due to lack of authentication on REST-API endpoints created by the plugin...
MCMS Template Management Remote Code Execution (CVE-2022-22930)
A remote code execution vulnerability exists in MCMS Template Management. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Supervene RazDC WebUI Cross-Site Scripting (CVE-2018-15550)
A cross-site scripting vulnerability exists in Supervene. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
SmarterTools SmarterMail Directory Traversal (CVE-2019-7213)
A directory traversal vulnerability exists in SmarterTools SmarterMail. Successful exploitation of this vulnerability could allow a remote attacker to upload or delete arbitrary files on the vulnerable server...
Microsoft Azure Service Fabric Explorer Cross Site Scripting (CVE-2022-35829)
A cross-site scripting vulnerability exists in Microsoft Azure Service Fabric Explorer. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
Joomla! SQL Injection (CVE-2018-8045)
An SQL injection vulnerability exists in Joomla!. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
Victor CMS Remote Code Execution (CVE-2022-27478)
A remote code execution vulnerability exists in Victor CMS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Jenkins JUnit Plugin Cross-Site Scripting (CVE-2022-34176)
A stored cross-site scripting vulnerability exists in Jenkins JUnit Plugin. The vulnerability is due to the JUnit plugin not escaping the description parameter of the build run test result...
Horde Groupware Webmail Edition Insecure Deserialization (CVE-2022-30287)
An insecure deserialization vulnerability exists in Horde Groupware Webmail Edition. This vulnerability is due to improper input validation of the source parameter used for fetching an address book configuration...
Advantech WebAccess Directory Traversal (CVE-2018-15706)
A directory traversal vulnerability exists in Advantech WebAccess. Successful exploitation of this vulnerability could allow a remote attacker to disclose or access arbitrary files on the vulnerable server...
Jenkins Directory Traversal (CVE-2018-1999002)
A directory traversal vulnerability exists in Jenkins. Successful exploitation of this vulnerability could allow a remote attacker to disclose or access arbitrary files on the vulnerable server...
NetIQ Access Manager Directory Traversal (CVE-2017-14803)
A directory traversal vulnerability exists in NetIQ Access Manager. Successful exploitation of this vulnerability could allow a remote attacker to disclose or access arbitrary files on the vulnerable server...
jQuery UI Cross-site Scripting (CVE-2016-7103)
A cross-site scripting vulnerability exists in jQuery UI. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
Zoho Multiple Products Remote Code Execution (CVE-2022-35405)
A remote code execution vulnerability exists in multiple Zoho products. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Fortinet Multiple Products Authentication Bypass (CVE-2022-40684)
An authentication bypass vulnerability exists in multiple Fortinet products. Successful exploitation of this vulnerability would allow remote attackers to gain unauthorized access into the affected system...
WordPress Email Template Designer Plugin Authentication Bypass (CVE-2022-0218)
An authentication bypass vulnerability exists in WordPress Email Template Designer. Successful exploitation of this vulnerability would allow remote attackers to gain unauthorized access into the affected system...
WordPress Photo Gallery Plugin SQL Injection (CVE-2022-0169)
A SQL injection vulnerability exists in the WordPress Photo Gallery plugin. This vulnerability is due to an input validation error on the bwgtagidbwgthumbnails0 parameter...
KeySight N6854A and N6841A RF Sensor Directory Traversal (CVE-2022-1661)
A directory traversal vulnerability exists in KeySight N6854A and N6841A RF Sensor. This vulnerability is due to incomplete input sanitization in Java class UserFirmwareRequestHandler...
KeySight N6854A and N6841A RF Sensor Insecure Deserialization (CVE-2022-1660)
An insecure deserialization vulnerability exists in KeySight N6854A and N6841A RF Sensor. This vulnerability is due to Java serialization issues when processing requests...
jQuery UI Cross-site Scripting (CVE-2021-41184)
A cross-site scripting vulnerability exists in jQuery UI. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
Adobe Acrobat and Reader Out-of-bounds Read (APSB22-46: CVE-2022-38449
An out of bounds read vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...
Adobe Acrobat and Reader Out-of-bounds Read (APSB22-46: CVE-2022-28851)
An out of bounds read vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...
PEAR Archive Tar Insecure Deserialization Code Execution (CVE-2020-28948)
An insecure deserialization vulnerability exists in the PEAR ArchiveTar module. The vulnerability is due to improper validation of file names inside TAR files. A remote attacker can exploit this vulnerability by sending malicious TAR files to the applications which are using PEAR ArchiveTar modul...
Adobe Acrobat and Reader Stack-based Buffer Overflow (APSB22-46: CVE-2022-42339)
A buffer overflow vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Apache Commons Text Remote Code Execution (CVE-2022-42889)
A remote code execution vulnerability exists in Apache Commons Text. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Acrobat and Reader Stack-based Buffer Overflow (APSB22-46: CVE-2022-38450)
A buffer overflow vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Adobe Acrobat and Reader NULL Pointer Dereference (APSB22-46: CVE-2022-35691)
A vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Adobe Acrobat and Reader Use After Free (APSB22-46: CVE-2022-38437)
A use-after-free vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe ColdFusion Improper Restriction of XML External Entity (APSB22-44: CVE-2022-42341)
An Improper Restriction of XML External Entity vulnerability exists in Adobe ColdFusion. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Adobe ColdFusion Improper Input Validation (APSB22-44: CVE-2022-42340)
An improper input validation vulnerability exists in Adobe ColdFusion. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Adobe ColdFusion Authentication Bypass (APSB22-44: CVE-2022-38420)
An authentication bypass vulnerability exists in Adobe ColdFusion. Successful exploitation of this vulnerability could allow a remote attacker to damage the user's system...
Adobe ColdFusion Directory Traversal (APSB22-44: CVE-2022-38423)
A directory traversal vulnerability exists in Adobe ColdFusion. Successful exploitation of this vulnerability could allow a remote attacker to disclose or access arbitrary files on the vulnerable server...
Adobe ColdFusion Denial Of Service (APSB22-44: CVE-2022-35690)
A denial of service vulnerability exists in Adobe ColdFusion. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
Adobe ColdFusion Stack-based Buffer Overflow (APSB22-44: CVE-2022-35710)
A buffer overflow vulnerability exists in Adobe ColdFusion. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Adobe ColdFusion Heap-based Buffer Overflow (APSB22-44: CVE-2022-35712)
A buffer overflow vulnerability exists in Adobe ColdFusion. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Adobe ColdFusion Remote Code Execution (APSB22-44: CVE-2022-38421)
A remote code execution vulnerability exists in Adobe ColdFusion. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Adobe ColdFusion Heap-based Buffer Overflow (APSB22-44: CVE-2022-35711)
A buffer overflow vulnerability exists in Adobe ColdFusion. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
CachetHQ Cachet Remote Code Execution (CVE-2021-39172)
A remote code execution vulnerability exists in CachetHQ Cachet. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe ColdFusion Credentials Disclosure (APSB22-44: CVE-2022-38419)
A credentials disclosure vulnerability exists in Adobe ColdFusion. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...