13538 matches found
Microsoft Browser Chakra Scripting Engine Memory Corruption (CVE-2019-1001)
...
Microsoft Excel Information Disclosure (CVE-2019-1112)
...
Microsoft Windows Kernel Information Disclosure (CVE-2019-1071)
...
Microsoft Internet Explorer Scripting Engine Memory Corruption (CVE-2019-1004)
...
Microsoft Windows Kernel Information Disclosure (CVE-2019-1073)
...
Microsoft Edge Chakra Scripting Engine Memory Corruption (CVE-2019-1062)
...
WordPress Ninja Forms Plugin Path Traversal (CVE-2019-10869)
A directory traversal vulnerability exists in WordPress Ninja Forms plugin. Successful exploit allows an attacker to traverse the file system to access files and execute code...
Microsoft Windows RPCSS Elevation of Privilege (CVE-2019-1089)
...
Microsoft Windows Elevation of Privilege (CVE-2019-1074)
...
Microsoft Browser Memory Corruption (CVE-2019-1104)
...
Microsoft Win32k Elevation of Privilege (CVE-2019-1132)
...
Microsoft Edge Chakra Scripting Engine Memory Corruption (CVE-2019-1092)
...
Microsoft splwow64 Elevation of Privilege (CVE-2019-0880)
...
Microsoft Remote Desktop Protocol Client Information Disclosure (CVE-2019-1108)
...
Microsoft Windows Elevation of Privilege (CVE-2019-1129)
...
NoneCMS ThinkPHP Remote Code Execution (CVE-2019-9082)
...
Fortinet FCM-MB40 Remote Command Execution
A remote command execution vulnerability exists in Fortinet FCM-MB40. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...
Oracle CTI Web Service XML Entity Injection
An XML External Entity Injection vulnerability exists in Oracle CTI Web Service. Successful exploitation of this vulnerability could result in Denial of Service...
dnaTools dnaLIMS DNA Sequencer Command Injection (CVE-2017-6526)
...
WordPress WP Statistics Plugin Blind SQL Injection
...
Schneider Electric Modicon Multiple Information Disclosure Vulnerabilities (CVE-2018-7844; CVE-2018-7845; CVE-2019-6806)
Multiple information disclosure vulnerabilities exist in Schneider Electric Modicon. Successful exploitation of those vulnerabilities would allow a remote attacker to obtain sensitive information...
Schneider Electric Modicon Multiple Denial Of Service Vulnerabilities (CVE-2018-7843; CVE-2018-7852; CVE-2018-7853; CVE-2018-7854; CVE-2018-7855; CVE-2018-7856; CVE-2018-7857; CVE-2019-6807)
Multiple denial of service vulnerabilities exist in Schneider Electric Modicon. A remote unauthenticated attacker could send crafted UMAS command packets to cause denial of service conditions...
Microsoft Outlook Security Feature Bypass (CVE-2017-11774)
...
Microsoft Remote Desktop Services Remote Code Execution (CVE-2019-0887)
...
WordPress Give Plugin Cross-Site Scripting
A Cross-Site Scripting vulnerability exists in WordPress Give plugin. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...
WordPress Advance Contact Form Plugin SQL Injection
An SQL injection vulnerability exists in WordPress Advance Contact Form Plugin. Successful exploitation of this vulnerability could lead to disclosure of database credentials...
WordPress User Manager Plugin Arbitrary File Upload
An arbitrary file upload vulnerability exists in WordPress User Manager Plugin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Joomla Core Directory Traversal (CVE-2019-10945)
A directory traversal vulnerability exists in Joomla Core. Successful exploitation of this vulnerability would allow a remote attacker to list directories on the affected system...
NoneCMS ThinkPHP Remote Code Execution (CVE-2018-20062)
A remote code execution vulnerability exists in NoneCMS ThinkPHP framework. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
WordPress Google Maps Plugin SQL Injection (CVE-2019-10692)
An SQL injection vulnerability exists in the WordPress Google Maps Plugin. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
WordPress Duplicate Page Plugin SQL Injection
An SQL injection vulnerability has been reported in WordPress Duplicate Page Plugin. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
Microsoft Excel Power Query Remote Code Execution
A remote code execution vulnerability exists in Microsoft Excel Power Query. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
WordPress Yuzo Related Posts Plugin Cross-Site Scripting
A Cross-Site Scripting vulnerability exists in WordPress Yuzo Related Posts plugin. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...
Barco WePresent WiPG 1000 Command Injection
A command injection vulnerability exists in Barco WePresent WiPG 1000. Successful exploitation results in the execution of arbitrary commands on the targeted device...
Microsoft Outlook for Android Spoofing (CVE-2019-1105)
A spoofing vulnerability exists in Microsoft Outlook for Android. An authenticated attacker could exploit the vulnerability by sending a specially crafted email to a victim. Successful exploitation of this vulnerability may allow running scripts in the context of the current user...
Mozilla Firefox Type Confusion (CVE-2019-11707)
A type confusion vulnerability exists in Mozilla Firefox. The vulnerability is due to lack of verification when handling Array.pop. Successful exploitation of this vulnerability could result in a crash...
D-Link DCS-1130 Network Camera Command Injection (CVE-2017-8408)
A Command Injection vulnerability exists in D-Link DCS 1130. An authenticated attacker can send a specially crafted HTTP request to the affected target host and trigger arbitrary command execution...
Ruby on Rails Active Storage Insecure Deserialization (CVE-2019-5420)
An insecure deserialization vulnerability exists in Ruby on Rails' ActiveStorage component. Successful exploitation of this vulnerability could allow a remote authenticated attacker with at least author-level privileges to execute arbitrary code on the affected system...
Oracle Weblogic Insecure Deserialization (CVE-2019-2729)
A vulnerability has been reported in Oracle Weblogic. This vulnerability is due to insufficient validation of data of HTTP requests. Successful exploitation can result in result in arbitrary code execution...
WordPress Plugin WPGraphQL Information Disclosure (CVE-2019-9879; CVE-2019-9880; CVE-2019-9881)
An information disclosure vulnerability exists in WordPress Plugin WPGraphQL. A remote attacker could trigger this flaw by sending a crafted request. Successful exploitation may result in the disclosure of sensitive information...
Use Malicious Code Protector for SMTP
...
Citrix ICA Unauthorized Application
...
Non Compliant HP Data Protector
...
HTTP URL Patterns (CAN-2004-1315)
...
ASCII Only Request
...
Maximum Empty Commands Enforcement
...
CIFS (SMB) File Name Patterns (CA-2001-26)
...
Minimum Command Line Length Enforcement
...
Gzip Enforcement
...
Error Concealment
...