13538 matches found
Tenda Routers Command Injection (CVE-2022-24170; CVE-2022-24171; CVE-2022-28572; CVE-2022-34595; CVE-2022-34596; CVE-2022-34597)
A command injection vulnerability exists in Tenda Routers. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Advantech iView Command Injection (CVE-2022-2143)
A command injection vulnerability exists for Advantech iView. This vulnerability is due to improper input validation of the backupfilename parameter while updating NetworkServlet database...
Dolibarr ERP and CRM Code Injection (CVE-2022-0819)
A code injection vulnerability exists in the Dolibarr ERP/CRM package. The vulnerability is due to insufficient input validation on user provided data...
PublicCMS Remote Code Execution (CVE-2022-23389)
A remote code execution vulnerability exists in PublicCMS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Delta Electronics DIAEnergie SQL Injection (CVE-2022-1366)
An SQL injection exists in Delta Industrial Automation DIAEnergie. The vulnerability is due to insufficient input validation when processing requests...
Acquia Mautic Cross-Site Scripting (CVE-2022-25772)
A cross-site scripting vulnerability exists in Mautic. The vulnerability is due to improperly sanitized user metadata collected from tracking pixels...
Wordpress Email Template Designer Plugin Authentication Bypass (CVE-2022-0218)
An authentication bypass vulnerability exists in the Wordpress plugin "WordPress Email Template Designer - WP HTML Mail". The vulnerability is due to lack of authentication on REST-API endpoints created by the plugin...
Advantech iView SQL Injection (CVE-2022-2135)
A SQL injection vulnerability exists for Advantech iView. This vulnerability is due to improper input validation for the segment parameter in the findCfgDeviceList process...
TOTOLink A860R Command Injection (CVE-2022-25076; CVE-2022-25078; CVE-2022-25079; CVE-2022-25080; CVE-2022-25081; CVE-2022-25082; CVE-2022-25083; CVE-2022-25084)
A command injection vulnerability exists in TOTOLink A860R. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Advantech iView Directory Traversal (CVE-2022-2139)
A directory traversal vulnerability exists in Advantech iView. The vulnerability is due to improper validation of user-supplied path before using in findCfgDeviceListDetailsExport method...
OpenEMR Cross-Site Scripting (CVE-2022-1179)
A stored cross-site scripting vulnerability exists for OpenEMR. This vulnerability is due to improper input validation for the fldtitle parameter when creating rules...
OpenEMR Cross-Site Scripting (CVE-2022-1181)
A cross-site scripting vulnerability exists in OpenEMR. The vulnerability is due to insufficient sanitization of patients' first and last names in newcomprehensivesave.php...
SmarterTools SmarterMail Directory Traversal (CVE-2019-7213)
A directory traversal vulnerability exists in SmarterTools SmarterMail. Successful exploitation of this vulnerability could allow a remote attacker to upload or delete arbitrary files on the vulnerable server...
Victor CMS Remote Code Execution (CVE-2022-27478)
A remote code execution vulnerability exists in Victor CMS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
MCMS Template Management Remote Code Execution (CVE-2022-22930)
A remote code execution vulnerability exists in MCMS Template Management. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Supervene RazDC WebUI Cross-Site Scripting (CVE-2018-15550)
A cross-site scripting vulnerability exists in Supervene. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
Joomla! SQL Injection (CVE-2018-8045)
An SQL injection vulnerability exists in Joomla!. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
Microsoft Azure Service Fabric Explorer Cross Site Scripting (CVE-2022-35829)
A cross-site scripting vulnerability exists in Microsoft Azure Service Fabric Explorer. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
Horde Groupware Webmail Edition Insecure Deserialization (CVE-2022-30287)
An insecure deserialization vulnerability exists in Horde Groupware Webmail Edition. This vulnerability is due to improper input validation of the source parameter used for fetching an address book configuration...
Jenkins JUnit Plugin Cross-Site Scripting (CVE-2022-34176)
A stored cross-site scripting vulnerability exists in Jenkins JUnit Plugin. The vulnerability is due to the JUnit plugin not escaping the description parameter of the build run test result...
Jenkins Directory Traversal (CVE-2018-1999002)
A directory traversal vulnerability exists in Jenkins. Successful exploitation of this vulnerability could allow a remote attacker to disclose or access arbitrary files on the vulnerable server...
Advantech WebAccess Directory Traversal (CVE-2018-15706)
A directory traversal vulnerability exists in Advantech WebAccess. Successful exploitation of this vulnerability could allow a remote attacker to disclose or access arbitrary files on the vulnerable server...
NetIQ Access Manager Directory Traversal (CVE-2017-14803)
A directory traversal vulnerability exists in NetIQ Access Manager. Successful exploitation of this vulnerability could allow a remote attacker to disclose or access arbitrary files on the vulnerable server...
Fortinet Multiple Products Authentication Bypass (CVE-2022-40684)
An authentication bypass vulnerability exists in multiple Fortinet products. Successful exploitation of this vulnerability would allow remote attackers to gain unauthorized access into the affected system...
jQuery UI Cross-site Scripting (CVE-2016-7103)
A cross-site scripting vulnerability exists in jQuery UI. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
WordPress Email Template Designer Plugin Authentication Bypass (CVE-2022-0218)
An authentication bypass vulnerability exists in WordPress Email Template Designer. Successful exploitation of this vulnerability would allow remote attackers to gain unauthorized access into the affected system...
Zoho Multiple Products Remote Code Execution (CVE-2022-35405)
A remote code execution vulnerability exists in multiple Zoho products. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
KeySight N6854A and N6841A RF Sensor Insecure Deserialization (CVE-2022-1660)
An insecure deserialization vulnerability exists in KeySight N6854A and N6841A RF Sensor. This vulnerability is due to Java serialization issues when processing requests...
WordPress Photo Gallery Plugin SQL Injection (CVE-2022-0169)
A SQL injection vulnerability exists in the WordPress Photo Gallery plugin. This vulnerability is due to an input validation error on the bwgtagidbwgthumbnails0 parameter...
KeySight N6854A and N6841A RF Sensor Directory Traversal (CVE-2022-1661)
A directory traversal vulnerability exists in KeySight N6854A and N6841A RF Sensor. This vulnerability is due to incomplete input sanitization in Java class UserFirmwareRequestHandler...
jQuery UI Cross-site Scripting (CVE-2021-41184)
A cross-site scripting vulnerability exists in jQuery UI. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...
Adobe Acrobat and Reader Stack-based Buffer Overflow (APSB22-46: CVE-2022-42339)
A buffer overflow vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Adobe Acrobat and Reader Use After Free (APSB22-46: CVE-2022-38437)
A use-after-free vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Acrobat and Reader Stack-based Buffer Overflow (APSB22-46: CVE-2022-38450)
A buffer overflow vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Adobe Acrobat and Reader NULL Pointer Dereference (APSB22-46: CVE-2022-35691)
A vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Adobe Acrobat and Reader Out-of-bounds Read (APSB22-46: CVE-2022-38449
An out of bounds read vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...
Apache Commons Text Remote Code Execution (CVE-2022-42889)
A remote code execution vulnerability exists in Apache Commons Text. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Adobe Acrobat and Reader Out-of-bounds Read (APSB22-46: CVE-2022-28851)
An out of bounds read vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...
PEAR Archive Tar Insecure Deserialization Code Execution (CVE-2020-28948)
An insecure deserialization vulnerability exists in the PEAR ArchiveTar module. The vulnerability is due to improper validation of file names inside TAR files. A remote attacker can exploit this vulnerability by sending malicious TAR files to the applications which are using PEAR ArchiveTar modul...
Adobe ColdFusion Arbitrary File Read And Deletion (APSB22-44: CVE-2022-38424)
A arbitrary file read and deletion vulnerability exists in Adobe ColdFusion. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Adobe ColdFusion Credentials Disclosure (APSB22-44: CVE-2022-38419)
A credentials disclosure vulnerability exists in Adobe ColdFusion. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Adobe ColdFusion Improper Access to a Restricted Directory (APSB22-44: CVE-2022-38418)
An improper access to a restricted directory vulnerability exists in Adobe ColdFusion. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Adobe ColdFusion Improper Input Validation (APSB22-44: CVE-2022-42340)
An improper input validation vulnerability exists in Adobe ColdFusion. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Adobe ColdFusion Heap-based Buffer Overflow (APSB22-44: CVE-2022-35712)
A buffer overflow vulnerability exists in Adobe ColdFusion. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Adobe ColdFusion Heap-based Buffer Overflow (APSB22-44: CVE-2022-35711)
A buffer overflow vulnerability exists in Adobe ColdFusion. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Adobe ColdFusion Remote Code Execution (APSB22-44: CVE-2022-38421)
A remote code execution vulnerability exists in Adobe ColdFusion. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Adobe ColdFusion Denial Of Service (APSB22-44: CVE-2022-35690)
A denial of service vulnerability exists in Adobe ColdFusion. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...
Adobe ColdFusion Information Disclosure (APSB22-44: CVE-2022-38422)
An information disclosure vulnerability exists in Adobe ColdFusion. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...
Adobe ColdFusion Stack-based Buffer Overflow (APSB22-44: CVE-2022-35710)
A buffer overflow vulnerability exists in Adobe ColdFusion. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...
Adobe ColdFusion Authentication Bypass (APSB22-44: CVE-2022-38420)
An authentication bypass vulnerability exists in Adobe ColdFusion. Successful exploitation of this vulnerability could allow a remote attacker to damage the user's system...