1652 matches found
Craft CMS External Control of Assumed-Immutable Web Parameter Vulnerability
Craft CMS contains an external control of assumed-immutable web parameter vulnerability. This vulnerability could allow an unauthenticated client to introduce arbitrary values, such as PHP code, to a known local file location on the server. This vulnerability could be chained with CVE-2024-58136 ...
Metabase GeoJSON API Local File Inclusion Vulnerability
Metabase contains a local file inclusion vulnerability in the custom map support in the API to read GeoJSON formatted data...
Netwrix Auditor Insecure Object Deserialization Vulnerability
Netwrix Auditor User Activity Video Recording component contains an insecure objection deserialization vulnerability that allows an unauthenticated, remote attacker to execute code as the NT AUTHORITY\SYSTEM user. Successful exploitation requires that the attacker is able to reach port 9004/TCP,...
October CMS Improper Authentication
In affected versions of the october/system package an attacker can request an account password reset and then gain access to the account using a specially crafted request...
Apache Airflow's Experimental API Authentication Bypass
The previous default setting for Airflow's Experimental API was to allow all API requests without authentication...
Apple iOS, iPadOS, and watchOS WebKit Cross-Site Scripting (XSS) Vulnerability
Apple iOS, iPadOS, and watchOS WebKit contain an unspecified vulnerability that allows for universal cross-site scripting XSS when processing maliciously crafted web content. This vulnerability could impact HTML parsers that use WebKit, including but not limited to Apple Safari and non-Apple...
Accellion FTA OS Command Injection Vulnerability
Accellion FTA contains an OS command injection vulnerability exploited via a crafted POST request to various admin endpoints...
Mozilla Firefox And Thunderbird Use-After-Free Vulnerability
Mozilla Firefox and Thunderbird contain a race condition vulnerability when handling a ReadableStream under certain conditions. The race condition creates a use-after-free vulnerability, causing unspecified impacts...
Microsoft SharePoint Server Missing Authentication for Critical Function Vulnerability
Microsoft SharePoint contains a missing authentication for critical function vulnerability that allows an unauthorized attacker to elevate privileges over a network...
Balbooa Forms Unrestricted Upload of File with Dangerous Type Vulnerability
Balbooa Forms contains an unrestricted upload of file with dangerous type vulnerability that allows an unauthenticated arbitrary file upload which could allow uploading of executable files leading to full RCE...
Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerability
Microsoft SharePoint Server contains a deserialization of untrusted data vulnerability which allows an authorized attacker to execute code over a network...
PTC Windchill and FlexPLM Improper Input Validation Vulnerability
PTC Windchill and FlexPLM contains an improper input validation vulnerability allowing an unauthenticated, remote attacker to execute arbitrary code by sending a malicious request to the network...
Oracle WebLogic Server Unspecified Vulnerability
Oracle WebLogic contains an unspecified vulnerability that could allow an unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle...
Microsoft DirectX NULL Byte Overwrite Vulnerability
Microsoft DirectX contains a NULL byte overwrite vulnerability in the QuickTime Movie Parser Filter in quartz.dll in DirectShow which could allow remote attackers to execute arbitrary code via a crafted QuickTime media file...
Marimo Remote Code Execution Vulnerability
Marimo contains an pre-authorization remote code execution vulnerability, allowing an unauthenticated attacked to shell access and execute arbitrary system commands...
PaperCut NG/MF Improper Authentication Vulnerability
PaperCut NG/MF contains an improper authentication vulnerability that could allow remote attackers to bypass authentication on affected installations via the SecurityRequestFilter class...
Synacor Zimbra Collaboration Suite (ZCS) Cross-site Scripting Vulnerability
Synacor Zimbra Collaboration Suite ZCS contains a cross-site scripting vulnerability that could allow attackers to execute arbitrary JavaScript within the user's session, potentially leading to unauthorized access to sensitive information...
Microsoft SharePoint Server Improper Input Validation Vulnerability
Microsoft SharePoint Server contains an improper input validation vulnerability that allows an unauthorized attacker to perform spoofing over a network...
Cisco Secure Firewall Management Center (FMC) Software and Cisco Security Cloud Control (SCC) Firewall Management Deserialization of Untrusted Data Vulnerability
Cisco Secure Firewall Management Center FMC Software and Cisco Security Cloud Control SCC Firewall Management contain a deserialization of untrusted data vulnerability in the web-based management interface that could allow an unauthenticated, remote attacker to execute arbitrary Java code as root...
Broadcom VMware Aria Operations Command Injection Vulnerability
Broadcom VMware Aria Operations formerly known as vRealize Operations vROps contains a command injection vulnerability that allows an unauthenticated attacker to execute arbitrary commands, potentially leading to remote code execution during support‑assisted product migration...
Notepad++ Download of Code Without Integrity Check Vulnerability
Notepad++ when using the WinGUp updater, contains a download of code without integrity check vulnerability that could allow an attacker to intercept or redirect update traffic to download and execute an attacker-controlled installer. This could lead to arbitrary code execution with the privileges...
SonicWall SMA1000 Missing Authorization Vulnerability
SonicWall SMA1000 contains a missing authorization vulnerability that could allow for privilege escalation appliance management console AMC of affected devices...
OSGeo GeoServer Improper Restriction of XML External Entity Reference Vulnerability
OSGeo GeoServer contains an improper restriction of XML external entity reference vulnerability that occurs when the application accepts XML input through a specific endpoint /geoserver/wms operation GetMap and could allow an attacker to define external entities within the XML request...
D-Link Routers Buffer Overflow Vulnerability
D-Link Routers contains a buffer overflow vulnerability that has a high impact on confidentiality, integrity, and availability. The impacted products could be end-of-life EoL and/or end-of-service EoS. Users should discontinue product utilization...
OpenPLC ScadaBR Unrestricted Upload of File with Dangerous Type Vulnerability
OpenPLC ScadaBR contains an unrestricted upload of file with dangerous type vulnerability that allows remote authenticated users to upload and execute arbitrary JSP files via viewedit.shtm...
Rapid7 Velociraptor Incorrect Default Permissions Vulnerability
Rapid7 Velociraptor contains an incorrect default permissions vulnerability that can lead to arbitrary command execution and endpoint takeover. To successfully exploit this vulnerability the user must already have access to collect artifacts from the endpoint...
Sudo Inclusion of Functionality from Untrusted Control Sphere Vulnerability
Sudo contains an inclusion of functionality from untrusted control sphere vulnerability. This vulnerability could allow local attacker to leverage sudo’s -R --chroot option to run arbitrary commands as root, even if they are not listed in the sudoers file...
Fortra GoAnywhere MFT Deserialization of Untrusted Data Vulnerability
Fortra GoAnywhere MFT contains a deserialization of untrusted data vulnerability allows an actor with a validly forged license response signature to deserialize an arbitrary actor-controlled object, possibly leading to command injection...
Linux Kernel Time-of-Check Time-of-Use (TOCTOU) Race Condition Vulnerability
Linux kernel contains a time-of-check time-of-use TOCTOU race condition vulnerability that has a high impact on confidentiality, integrity, and availability...
Android Runtime Use-After-Free Vulnerability
Android Runtime contains a use-after-free vulnerability potentially allowing a chrome sandbox escape leading to local privilege escalation...
Sitecore Multiple Products Deserialization of Untrusted Data Vulnerability
Sitecore Experience Manager XM, Experience Platform XP, Experience Commerce XC, and Managed Cloud contain a deserialization of untrusted data vulnerability involving the use of default machine keys. This flaw allows attackers to exploit exposed ASP.NET machine keys to achieve remote code executio...
Qualcomm Multiple Chipsets Incorrect Authorization Vulnerability
Multiple Qualcomm chipsets contain an incorrect authorization vulnerability. This vulnerability allows for memory corruption due to unauthorized command execution in GPU micronode while executing specific sequence of commands...
Commvault Web Server Unspecified Vulnerability
Commvault Web Server contains an unspecified vulnerability that allows a remote, authenticated attacker to create and execute webshells...
Apple Multiple Products Arbitrary Read and Write Vulnerability
Apple iOS, iPadOS, macOS, and other Apple products contain an arbitrary read and write vulnerability that allows an attacker to bypass Pointer Authentication...
Dante Discovery Process Control Vulnerability
Dante Discovery contains a process control vulnerability in mDNSResponder.exe that all allows for a DLL sideloading attack. A local attacker can leverage this vulnerability in the Dante Application Library to execute arbitrary code...
Acclaim Systems USAHERDS Use of Hard-Coded Credentials Vulnerability
Acclaim Systems USAHERDS contains a hard-coded credentials vulnerability that could allow an attacker to achieve remote code execution on the system that runs the application. The MachineKey must be obtained via a separate vulnerability or other channel...
Cisco RV Series Routers Deserialization of Untrusted Data Vulnerability
A deserialization of untrusted data vulnerability in the web-based management interface of certain Cisco Small Business RV Series Routers could allow an attacker to execute code with root privileges...
IBM InfoSphere BigInsights Invalid Input Vulnerability
Certain APIs within BigInsights can take invalid input that might allow attackers unauthorized access to read, write, modify, or delete data...
Trend Micro Multiple Products Content Validation Escape Vulnerability
Trend Micro Apex One, OfficeScan, and Worry-Free Business Security agents contain a content validation escape vulnerability that could allow an attacker to manipulate certain agent client components...
?
?...
JoomShaper SP Page Builder Unrestricted Upload of File with Dangerous Type Vulnerability
JoomShaper SP Page Builder contains an unrestricted upload of file with dangerous type vulnerability that allows unauthenticated users to upload arbitrary files, ultimately resulting in the upload and execution of PHP code...
SimpleHelp Authentication Bypass Vulnerability
SimpleHelp contains an authentication bypass vulnerability in the OIDC authentication flow. When OIDC authentication is configured, identity tokens submitted during login are accepted without verifying their cryptographic signature. In a vulnerable configuration, a remote, unauthenticated attacke...
Cisco Unified Communications Manager Server-Side Request Forgery (SSRF) Vulnerability
Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME contain a server-side request forgery SSRF Vulnerability that could allow an unauthenticated, remote attacker to write files to the underlying operating system that...
Ivanti Sentry OS Command Injection Vulnerability
Ivanti Sentry formerly known as MobileIron Sentry contains an OS command injection vulnerability which could allow a remote unauthenticated user to achieve root-level remote code execution. This vulnerability can be successfully exploited in cases where the Sentry appliance is in an unmanaged sta...
Check Point Security Gateway Improper Authentication Vulnerability
Check Point Security Gateway contains an improper authentication vulnerability in IKEv1 key exchange that could allow an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password...
BerriAI LiteLLM Command Injection Vulnerability
BerriAI LiteLLM contains a command injection vulnerability that could allow any authenticated user, including holders of low-privilege internal-user keys, to run arbitrary commands on the host...
Ivanti Endpoint Manager Mobile (EPMM) Improper Input Validation Vulnerability
Ivanti Endpoint Manager Mobile EPMM contains an improper input validation vulnerability that allows a remotely authenticated user with administrative access to achieve remote code execution...
Apache ActiveMQ Improper Input Validation Vulnerability
Apache ActiveMQ contains an improper input validation vulnerability that allows for code injection...
Microsoft Windows Out-of-Bounds Read Vulnerability
Microsoft Windows Common Log File System Driver contains an out-of-bounds read vulnerability that could allow a threat actor for privileges escalation...
Citrix NetScaler Out-of-Bounds Read Vulnerability
Citrix NetScaler ADC formerly Citrix ADC, NetScaler Gateway formerly Citrix Gateway and NetScaler ADC FIPS and NDcPP contain an out-of-bounds reads vulnerability when configured as a SAML IDP leading to memory overread...