WordPress KingComposer Plugin Cross-site Scripting (CVE-2020-15299)

A cross-site scripting vulnerability exists in WordPress KingComposer plugin. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

Reverse Shell Commands Over HTTP Payload (CVE-2022-29078)

A reverse shell command Injection over HTTP vulnerability has been reported. A remote attacker can exploit this issue by sending a specially crafted request to the victim. Successful exploitation would allow an attacker to execute arbitrary code on the target machine...

Nagios Xi Cross-site Scripting (CVE-2018-15712)

A cross-site scripting vulnerability exists in Nagios Xi. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

Adobe Experience Manager Server Side Request Forgery (CVE-2018-5006)

A Server Side Request Forgery vulnerability exists in Adobe Experience Manager. A remote attacker may exploit this issue by making a specially crafted HTTP request. Successful exploitation would allow attackers to create HTTP requests on behalf of the vulnerable server...

Microsoft Windows Common Log File System Driver Elevation of Privilege (CVE-2022-35803)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Microsoft Windows Kernel Elevation of Privilege (CVE-2022-37957)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Microsoft Windows GDI Elevation of Privilege (CVE-2022-34729)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Microsoft DirectX Graphics Kernel Elevation of Privilege (CVE-2022-37954)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Microsoft Windows ALPC Elevation of Privilege (CVE-2022-34725)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

WordPress BackupBuddy Plugin Arbitrary File Read (CVE-2022-31474)

An arbitrary file read vulnerability exists in WordPress BackupBuddy Plugin. Successful exploitation of this vulnerability could allow an unauthenticated remote attacker to access and read arbitrary file...

Pimcore SQL Injection (CVE-2022-1429)

An SQL injection vulnerability exists in Pimcore. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

BookStackApp BookStack Improper Access Control (CVE-2021-4119)

An improper access control vulnerability exists in BookStackApp BookStack. Successful exploitation of this vulnerability could allow a remote attacker to read sensitive files on the affected system...

Realtek eCos Stack Buffer Overflow (CVE-2022-27255)

A stack-based buffer overflow exists in Realtek eCos. Successful exploitation could lead to arbitrary code execution...

Device42 CMDB Improper Access Control (CVE-2022-1401)

An improper access control vulnerability exists in Device42 CMDB. Successful exploitation of this vulnerability could allow a remote attacker to read sensitive files on the affected system...

Palo Alto Networks Multiple Products Command Injection (CVE-2021-3060)

A command injection vulnerability exists in multiple Palo Alto Networks products. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

VMWare Workspace One Access Authentication Bypass (CVE-2022-31656)

An authentication bypass vulnerability exists in VMWare Workspace One Access. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information and gain unauthorized access to the affected system...

VMWare Workspace One Access Remote Code Execution (CVE-2022-31659)

A remote code execution vulnerability exists in VMWare Workspace One Access. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Nokia BTS TRS Web Console Authentication Bypass (CVE-2021-31932)

An authentication bypass vulnerability exists in Nokia BTS TRS Web Console. Successful exploitation of this vulnerability would allow remote attacker to obtain sensitive information and gain unauthorized access into the affected system...

Ivanti EPM Cloud Services Appliance Code Injection (CVE-2021-44529)

A code injection vulnerability exists in Ivanti Endpoint Manager. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Tenda M3 Router Buffer Overflow (CVE-2022-32036)

A buffer overflow vulnerability exists in Tenda M3 Router. Successful exploitation of this vulnerability could result in a denial of service or execution of arbitrary code into the affected system...

Tenda M3 Router Buffer Overflow (CVE-2022-32034)

A buffer overflow vulnerability exists in Tenda M3 Router. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

nopCommerce BackupAction Directory Traversal (CVE-2022-28451)

A Directory Traversal vulnerability exists in nopCommerce. Successful exploitation of this vulnerability could allow a remote attacker to disclose or access arbitrary files on the vulnerable server...

Oracle Transportation Management Privilege Escalation (CVE-2021-35616)

A privilege escalation exists in Oracle Transportation Management. Successful exploitation of this vulnerability would allow a remote attacker to gain unauthorized access to the affected system...

Cisco IOx Command Injection Command Injection (CVE-2021-1384)

A command injection vulnerability exists in Cisco IOx . Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

Palo Alto Networks PAN-OS Command Injection (CVE-2020-2038)

A command injection vulnerability exists in Palo Alto Networks PAN-OS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

Fortinet FortiOS Cross Site Scripting (CVE-2018-13380)

A cross site scripting vulnerability exists in Fortinet FortiOS. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...

Zoho ManageEngine OpManager SQL Injection (CVE-2019-17602)

An SQL injection vulnerability exists in Zoho ManageEngine OPManager. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

DrayTek Routers Buffer Overflow (CVE-2022-32548)

A buffer overflow vulnerability exists in DrayTek Routers. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

Zimbra Collaboration Directory Traversal (CVE-2022-27925; CVE-2022-37042)

A Directory Traversal vulnerability exists in Zimbra Collaboration. Successful exploitation of this vulnerability could allow a remote attacker to disclose or access arbitrary files on the vulnerable server...

dotCMS Arbitrary File Upload (CVE-2022-26352; CVE-2018-5445)

An arbitrary file upload vulnerability exists in dotCMS. Successful exploitation of this vulnerability allows an attacker to execute arbitrary code on the vulnerable system with administrative privileges...

Moodle Directory Traversal (CVE-2022-35650)

A Directory Traversal vulnerability exists in Moodle. Successful exploitation of this vulnerability could allow a remote attacker to disclose or access arbitrary files on the vulnerable server...

Microsoft Windows Parse Server Prototype Pollution (CVE-2022-24760)

A prototype pollution vulnerability exists in Microsoft Windows Parse Server. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

D-Link DAP-1860 Command Injection (CVE-2019-19597)

A command injection vulnerability exists in D-Link DAP-1860. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

Expat XML Parser Remote Code Execution (CVE-2022-25236)

A remote code execution vulnerability exists in Expat XML Parser. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

D-Link DIR-818LW Command Injection (CVE-2018-19986)

A command injection vulnerability exists in D-Link DIR-818LW. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

PHP Zerodium Backdoor

An attacker might upload a web shell backdoor to a PHP server via zerodium prefix. A successful exploitation might allow the attacker to run arbitrary code, or use the server as a bot for further attacks...

PowerShell Functions Remote Code Execution

PowerShell functions may be used to exploit remote code execution vulnerabilities. A remote attacker can exploit this vulnerabilities by sending a specially crafted request to the victim. Successful exploitation would allow an attacker to execute arbitrary code on the affected system...

Adobe Acrobat and Reader Use After Free (APSB22-39: CVE-2022-35665)

A use-after-free vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Adobe Acrobat and Reader Out-of-bounds Write (APSB22-39: CVE-2022-35667)

An out of bounds write vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...

Microsoft Windows Print Spooler Elevation of Privilege (CVE-2022-35793)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Adobe Acrobat and Reader Out-of-bounds Read (APSB22-39: CVE-2022-35678)

An out of bounds read vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...

Microsoft Windows Win32k Elevation of Privilege (CVE-2022-34699)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Adobe Acrobat and Reader Improper Input Validation (APSB22-39: CVE-2022-35666)

A vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...

Microsoft Windows Kerberos Elevation of Privilege (CVE-2022-35756)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution (CVE-2022-34713)

A remote code execution vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Microsoft Windows Kernel Elevation of Privilege (CVE-2022-35761)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Microsoft HTTP.sys Denial of Service (CVE-2022-35748)

A denial-of-service vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability would allow a remote attacker to create a denial of service condition on the affected system...

Adobe Acrobat and Reader Out-of-bounds Read (APSB22-39: CVE-2022-35671)

An out of bounds read vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to obtain sensitive information...

Microsoft Windows Hyper-V Elevation of Privilege (CVE-2022-35751)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Microsoft Win32k Elevation of Privilege (CVE-2022-35750)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...