Jenkins Credentials Plugin Cross-site Scripting (CVE-2022-29036)

A cross-site scripting vulnerability exists in Jenkins Credentials Plugin. Successful exploitation of this vulnerability would allow remote attackers to inject arbitrary web script into the affected system...

Google Chrome Authentication Bypass (CVE-2021-30533)

An authentication bypass vulnerability exists in Google Chrome. Successful exploitation of this vulnerability would allow remote attackers to obtain sensitive information and gain unauthorized access into the affected system...

Docebo Community Edition Arbitrary File Upload (CVE-2022-31362)

An arbitrary file upload vulnerability exists in Docebo Community Edition. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Microsoft Windows NFS ONCRPC XDR Driver Information Disclosure (CVE-2022-21993)

An information disclosure vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...

PHPList SQL Injection (CVE-2017-20029; CVE-2017-20032)

An SQL injection vulnerability exists in PHPList. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

Zoho ManageEngine ADAudit Plus Remote Code Execution (CVE-2022-28219)

A remote code execution vulnerability exists in Zoho ManageEngine ADAudit Plus. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Zoho ManageEngine OPManager SQL Injection (CVE-2022-29535)

An SQL injection vulnerability exists in Zoho ManageEngine OPManager. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

Apple OS Use After Free (CVE-2022-22620)

A use-after-free vulnerability exists in Apple OS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Google Chrome Out-of-Bounds Read (CVE-2016-1646)

An out of bounds read vulnerability exists in Google Chrome. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information and create a denial of service condition on the affected system...

Microsoft Exchange Server Spoofing (CVE-2022-24463)

A spoofing vulnerability exists in Microsoft Exchange Server. Successful exploitation of this vulnerability would allow a remote attacker to impersonate and present itself as a legitimate host...

Google Chrome Remote Code Execution (CVE-2016-5198)

A remote code execution vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

QNAP FileStation Cross Site Scripting (CVE-2018-19943)

A cross site scripting vulnerability exists in QNAP FileStation. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...

Cisco Adaptive Security Appliance Privilege Escalation (CVE-2022-20759)

A privilege escalation vulnerability exists in Cisco Adaptive Security Appliance. Successful exploitation of this vulnerability could allow a remote attacker to easily elevate their privilege to that of a domain admin once he compromises a regular user in the domain...

Mitel MiVoice Connect Command Injection (CVE-2022-29499)

A command injection vulnerability exists in Mitel MiVoice Connect. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

SonicWall SMA100 Multiple Vulnerabilities (CVE-2019-7484; CVE-2019-7485)

Multiple vulnerabilities exist in SonicWall SMA100. Successful exploitation of these vulnerabilities would allow a remote attacker to execute arbitrary commands on the affected system...

TVT CCTV Authentication Bypass

An authentication bypass vulnerability exists in TVT CCTV. Successful exploitation of this vulnerability would allow remote attackers to obtain sensitive information and gain unauthorized access into the affected system...

TVT CCTV Hardcoded Credentials

An hardcoded credentials vulnerability exists in TVT CCTV. Successful exploitation of this vulnerability would allow remote attackers to obtain sensitive information and gain unauthorized access into the affected system...

TVT CCTV Stack Overflow

A stack overflow exists in TVT CCTV. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

Atlassian Bitbucket Data Center Insecure Deserialization (CVE-2022-26133)

A insecure deserialization vulnerability exists in Atlassian Bitbucket Data Center. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system via Java deserialization...

Netgear Routers Buffer Overflow (CVE-2017-6862)

A buffer overflow vulnerability exists in Netgear Routers. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

Google Chrome Out-of-Bounds Write (CVE-2019-5825)

An out of bounds write vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could cause heap corruption in the affected system...

SAP NetWeaver Unrestricted File Upload (CVE-2021-38163)

An unrestricted file upload vulnerability exists in SAP NetWeaver. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

SAP NetWeaver J2EE Engine SQL Injection (CVE-2016-2386)

An SQL injection vulnerability exists in SAP NetWeaver J2EE Engine. Successful exploitation of this vulnerability could result in the execution of arbitrary SQL statements on the affected system...

Mozilla Thunderbird Remote Code Execution (CVE-2019-11708)

A remote code execution vulnerability exists in Mozilla Thunderbird. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Cisco HyperFlex HX Command Injection (CVE-2021-1497)

A command injection vulnerability exists in Cisco HyperFlex HX. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

Google Chrome Out-of-Bounds Write (CVE-2018-17480)

An out-of-bounds write vulnerability exists in Google Chrome. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Aruba ArubaOS Heap Overflow (CVE-2022-23677)

A heap overflow vulnerability exists in Aruba ArubaOS devices. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

Aruba ArubaOS Memory Corruption (CVE-2022-23676)

A memory corruption vulnerability exists in Aruba ArubaOS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Microsoft Advanced Local Procedure Call Elevation of Privilege (CVE-2022-30160)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Microsoft Windows Installer Elevation of Privilege (CVE-2022-30147)

An elevation of privilege vulnerability exists in Microsoft Windows. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

WhatsApp Desktop Cross Site Scripting (CVE-2019-18426)

A cross site scripting vulnerability exists in WhatsApp Desktop. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...

Apache CouchDB Remote Code Execution (CVE-2022-24706)

A remote code execution vulnerability exists in Apache CouchDB. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Null Byte HTTP Encodings

Null Byte HTTP Encodings...

Emerson Dixell Arbitrary File Write (CVE-2021-45420)

An arbitrary file write vulnerability exists in Emerson Dixell. Successful exploitation of this vulnerability could result in denial of service and potentially code execution on the affected system...

Okta Access Gateway Command Injection (CVE-2021-28113)

A command injection vulnerability exists in Okta Access Gateway. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

SolarView Compact Command Injection (CVE-2022-29303)

A command injection vulnerability exists in SolarView Compact. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

SonicWall SMA 100 Command Injection (CVE-2021-20039)

A command injection vulnerability exists in SonicWall SMA 100. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

Zoho ManageEngine ADSelfService Plus Command Injection (CVE-2022-28810)

A command injection vulnerability exists in Zoho ManageEngine ADSelfService Plus. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

D-Link DIR-859 Buffer Overflow (CVE-2022-25106)

A buffer overflow vulnerability exists in D-Link DIR-859. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

HTTP User Agent Remote Code Execution

HTTP headers let the client and the server pass arbitrary information with an HTTP request User Agent field. A remote attacker may use the User Agent header to run arbitrary code on an affected target...

ConnectWise ManagedITSync SQL Injection (CVE-2017-18362)

An SQL injection vulnerability exists in ConnectWise ManagedITSync. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...

Selenium Grid Cross-Site Request Forgery (CVE-2022-28108)

A cross-site request forgery vulnerability exists in Selenium Grid. Successful exploitation of this vulnerability could result in code execution on the affected system...

QNAP FileStation Cross Site Scripting (CVE-2018-19953)

A cross site scripting vulnerability exists in QNAP FileStation. Successful exploitation of this vulnerability would allow remote attackers to inject an arbitrary web script into the affected system...

VMware vRealize Operations Manager API Arbitrary File Write (CVE-2021-21983)

An arbitrary file write vulnerability exists in VMware vRealize Operations Manager API. Successful exploitation of this vulnerability could result in code execution on the affected system...

Laravel Remote Code Execution (CVE-2021-43503)

A remote code execution vulnerability exists in Laravel. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

QNAP QTS Command Injection (CVE-2018-19949)

A command injection vulnerability exists in QNAP QTS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system...

Atlassian Confluence Remote Code Execution (CVE-2022-26134)

A remote code execution vulnerability exists in Atlassian Confluence. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Microsoft Support Diagnostic Tool Remote Code Execution (CVE-2022-30190)

A remote code execution vulnerability exists in Microsoft Support Diagnostic Tool, also known as, "Follina". Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Oracle E-Business Information Disclosure

An information disclosure vulnerability exists in Oracle E-Business. Successful exploitation of this vulnerability would allow a remote attacker to obtain sensitive information...

Jira Server-Side Request Forgery (CVE-2019-8451)

A Server Side Request Forgery vulnerability exists in Jira. A remote attacker may exploit this issue by making a specially crafted HTTP request. Successful exploitation would allow attackers to create HTTP requests on behalf of the vulnerable server...