1634 matches found
HTTP/2 Rapid Reset Attack Vulnerability
HTTP/2 contains a rapid reset vulnerability that allows for a distributed denial-of-service attack DDoS...
Synacor Zimbra Collaboration Suite (ZCS) Command Execution Vulnerability
Synacor Zimbra Collaboration Suite ZCS contains an unspecified vulnerability in the postjournal service that may allow an unauthenticated user to execute commands...
Versa Director Dangerous File Type Upload Vulnerability
The Versa Director GUI contains an unrestricted upload of file with dangerous type vulnerability that allows administrators with Provider-Data-Center-Admin or Provider-Data-Center-System-Admin privileges to customize the user interface. The “Change Favicon” Favorite Icon enables the upload of a...
Dahua IP Camera Authentication Bypass Vulnerability
Dahua IP cameras and related products contain an authentication bypass vulnerability when the loopback device is specified by the client during authentication...
Dahua IP Camera Authentication Bypass Vulnerability
Dahua IP cameras and related products contain an authentication bypass vulnerability when the NetKeyboard type argument is specified by the client during authentication...
D-Link DIR-820 Router OS Command Injection Vulnerability
D-Link DIR-820 routers contain an OS command injection vulnerability that allows a remote, unauthenticated attacker to escalate privileges to root via a crafted payload with the pingaddr parameter to ping.ccp...
DrayTek Vigor Routers OS Command Injection Vulnerability
DrayTek Vigor2960, Vigor300B, and Vigor3900 routers contain an OS command injection vulnerability due to an unknown function of the file /cgi-bin/mainfunction.cgi/apmcfgupload of the component web management interface...
Microsoft SmartScreen Prompt Security Feature Bypass Vulnerability
Microsoft SmartScreen Prompt contains a security feature bypass vulnerability that allows an attacker to bypass the Mark of the Web MotW feature. This vulnerability can be chained with CVE-2023-38831 and CVE-2024-21412 to execute a malicious file...
Cacti Command Injection Vulnerability
Cacti contains a command injection vulnerability that allows an unauthenticated user to execute code...
Tenda AC7, AC9, and AC10 Routers Command Injection Vulnerability
Tenda AC7, AC9, and AC10 devices contain a command injection vulnerability due to the "formsetUsbUnload" function executes a dosystemCmd function with untrusted input. Successful exploitation allows an attacker to execute OS commands via a crafted goform/setUsbUnload request...
Google Chromium WebP Heap-Based Buffer Overflow Vulnerability
Google Chromium WebP contains a heap-based buffer overflow vulnerability that allows a remote attacker to perform an out-of-bounds memory write via a crafted HTML page. This vulnerability can affect applications that use the WebP Codec...
Kingsoft WPS Office Path Traversal Vulnerability
Kingsoft WPS Office contains a path traversal vulnerability in promecefpluginhost.exe on Windows that allows an attacker to load an arbitrary Windows library...
Cisco ASA and FTD Denial-of-Service Vulnerability
Cisco Adaptive Security Appliance ASA and Firepower Threat Defense FTD contain a missing release of resource after effective lifetime vulnerability that could allow an unauthenticated, remote attacker to cause a denial-of-service DoS of the RAVPN service...
Google Chromium V8 Type Confusion Vulnerability
Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge...
Google Chromium libvpx Heap Buffer Overflow Vulnerability
Google Chromium libvpx contains a heap buffer overflow vulnerability in vp8 encoding that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could impact web browsers using libvpx, including but not limited to Google Chrome...
Apple Multiple Products WebKit Code Execution Vulnerability
Apple iOS, iPadOS, macOS, and Safari WebKit contain an unspecified vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely ...
Google Chromium V8 Inappropriate Implementation Vulnerability
Google Chromium V8 contains an inappropriate implementation vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome,...
GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute code...
Google Chrome Skia Integer Overflow Vulnerability
Google Chromium Skia contains an integer overflow vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page. This vulnerability affects Google Chrome and ChromeOS, Android, Flutter, and possibly other...
PHP-CGI Query String Parameter Vulnerability
sapi/cgi/cgimain.c in PHP, when configured as a CGI script, does not properly handle query strings, which allows remote attackers to execute arbitrary code...
Microsoft Windows Installer Improper Privilege Management Vulnerability
Microsoft Windows Installer contains an improper privilege management vulnerability that could allow an attacker to gain SYSTEM privileges...
Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability
The Simple Network Management Protocol SNMP subsystem of Cisco IOS and IOS XE contains a vulnerability that could allow an authenticated, remote attacker to remotely execute code on an affected system or cause an affected system to reload...
Ivanti Cloud Services Appliance (CSA) Path Traversal Vulnerability
Ivanti Cloud Services Appliance CSA contains a path traversal vulnerability that could allow a remote, unauthenticated attacker to access restricted functionality. If CVE-2024-8963 is used in conjunction with CVE-2024-8190, an attacker could bypass admin authentication and execute arbitrary...
Apache OFBiz Incorrect Authorization Vulnerability
Apache OFBiz contains an incorrect authorization vulnerability that could allow remote code execution via a Groovy payload in the context of the OFBiz user process by an unauthenticated attacker...
SolarWinds Web Help Desk Hardcoded Credential Vulnerability
SolarWinds Web Help Desk contains a hardcoded credential vulnerability that could allow a remote, unauthenticated user to access internal functionality and modify data...
Microsoft Windows Mark of the Web (MOTW) Protection Mechanism Failure Vulnerability
Microsoft Windows Mark of the Web MOTW contains a protection mechanism failure vulnerability that allows an attacker to bypass MOTW-based defenses. This can result in a limited loss of integrity and availability of security features such as Protected View in Microsoft Office, which rely on MOTW...
Microsoft Windows Desktop Window Manager (DWM) Core Library Privilege Escalation Vulnerability
Microsoft Windows Desktop Window Manager DWM Core Library contains an unspecified vulnerability that allows for privilege escalation...
VMware SD-WAN Edge by VeloCloud Command Injection Vulnerability
VMware SD-WAN Edge by VeloCloud contains a command injection vulnerability in the local web UI component. Successful exploitation of this issue could result in remote code execution...
Mozilla Firefox Use-After-Free Vulnerability
Mozilla Firefox and Firefox ESR contain a use-after-free vulnerability in Animation timelines that allows for code execution in the content process...
Microsoft Publisher Protection Mechanism Failure Vulnerability
Microsoft Publisher contains a protection mechanism failure vulnerability that allows attacker to bypass Office macro policies used to block untrusted or malicious files...
Cisco IOS XE Web UI Privilege Escalation Vulnerability
Cisco IOS XE Web UI contains a privilege escalation vulnerability in the web user interface that could allow a remote, unauthenticated attacker to create an account with privilege level 15 access. The attacker can then use that account to gain control of the affected device...
RARLAB WinRAR Code Execution Vulnerability
RARLAB WinRAR contains an unspecified vulnerability that allows an attacker to execute code when a user attempts to view a benign file within a ZIP archive...
Roundcube Webmail Persistent Cross-Site Scripting (XSS) Vulnerability
Roundcube Webmail contains a persistent cross-site scripting XSS vulnerability that allows a remote attacker to run malicious JavaScript code...
Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability
Ivanti Endpoint Manager Mobile EPMM contains a code injection vulnerability in the API component that allows an authenticated attacker to remotely execute arbitrary code via crafted API requests. This vulnerability results from an insecure implementation of the Hibernate Validator open-source...
Microsoft Windows Update Use-After-Free Vulnerability
Microsoft Windows Update contains a use-after-free vulnerability that allows for remote code execution...
Apple iOS and iPadOS Kernel Privilege Escalation Vulnerability
Apple iOS and iPadOS contain an unspecified vulnerability that allows for local privilege escalation...
ServiceNow Improper Input Validation Vulnerability
ServiceNow Utah, Vancouver, and Washington DC Now Platform releases contain a jelly template injection vulnerability in UI macros. An unauthenticated user could exploit this vulnerability to execute code remotely...
Progress MOVEit Transfer SQL Injection Vulnerability
Progress MOVEit Transfer contains a SQL injection vulnerability that could allow an unauthenticated attacker to gain unauthorized access to MOVEit Transfer's database. Depending on the database engine being used MySQL, Microsoft SQL Server, or Azure SQL, an attacker may be able to infer informati...
Google Skia Out-of-Bounds Write Vulnerability
Google Skia contains an out-of-bounds write vulnerability that could allow a remote attacker to perform out of bounds memory access via a crafted HTML page. This vulnerability affects Google Chrome and ChromeOS, Android, Flutter, and possibly other products...
Apple Multiple Products WebKit Use-After-Free Vulnerability
Apple iOS, iPadOS, macOS, and Safari WebKit contain a use-after-free vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rel...
Ivanti Virtual Traffic Manager Authentication Bypass Vulnerability
Ivanti Virtual Traffic Manager contains an authentication bypass vulnerability that allows a remote, unauthenticated attacker to create a chosen administrator account...
Acronis Cyber Infrastructure (ACI) Insecure Default Password Vulnerability
Acronis Cyber Infrastructure ACI allows an unauthenticated user to execute commands remotely due to the use of default passwords...
Roundcube Webmail SQL Injection Vulnerability
Roundcube Webmail is vulnerable to SQL injection via search or searchparams...
ServiceNow Incomplete List of Disallowed Inputs Vulnerability
ServiceNow Washington DC, Vancouver, and earlier Now Platform releases contain an incomplete list of disallowed inputs vulnerability in the GlideExpression script. An unauthenticated user could exploit this vulnerability to execute code remotely...
Google Chromium V8 Type Confusion Vulnerability
Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge...
Apple Multiple Products WebKit Code Execution Vulnerability
Apple iOS, iPadOS, macOS, and Safari WebKit contain an unspecified vulnerability that leads to code execution when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple products which rely ...
PaperCut MF/NG Improper Access Control Vulnerability
PaperCut MF/NG contains an improper access control vulnerability within the SetupCompleted class that allows authentication bypass and code execution in the context of system...
Microsoft Exchange Server Server-Side Request Forgery Vulnerability
Microsoft Exchange Server allows for server-side request forgery. Dubbed "ProxyNotShell," this vulnerability is chainable with CVE-2022-41082 which allows for remote code execution...
Roundcube Webmail Remote Code Execution Vulnerability
Roundcube Webmail contains an remote code execution vulnerability that allows attackers to execute code via shell metacharacters in a configuration setting for imconvertpath or imidentifypath...
Citrix NetScaler ADC and NetScaler Gateway Buffer Overflow Vulnerability
Citrix NetScaler ADC and NetScaler Gateway contain a buffer overflow vulnerability that allows for sensitive information disclosure when configured as a Gateway VPN virtual server, ICA Proxy, CVPN, RDP Proxy or AAA virtual server...