1652 matches found
Microsoft Win32k Privilege Escalation Vulnerability
Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation...
Microsoft Windows User Profile Service Privilege Escalation Vulnerability
Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation...
WSO2 Multiple Products Unrestrictive Upload of File Vulnerability
Multiple WSO2 products allow for unrestricted file upload, resulting in remote code execution...
Microsoft Win32k Privilege Escalation Vulnerability
Microsoft Win32k contains an unspecified vulnerability that allows for privilege escalation...
Microsoft Windows Print Spooler Privilege Escalation Vulnerability
Microsoft Windows Print Spooler contains an unspecified vulnerability which allow for privilege escalation...
Synacor Zimbra Collaboration Suite (ZCS) Cross-Site Scripting (XSS) Vulnerability
Synacor Zimbra Collaboration Suite ZCS contains a cross-site scripting vulnerability that might allow remote attackers to inject arbitrary web script or HTML...
WhatsApp VOIP Stack Buffer Overflow Vulnerability
A buffer overflow vulnerability in WhatsApp VOIP stack allowed remote code execution via specially crafted series of RTCP packets sent to a target phone number...
Ubiquiti AirOS Command Injection Vulnerability
Certain Ubiquiti devices contain a command injection vulnerability via a GET request to stainfo.cgi...
Google Chromium V8 Type Confusion Vulnerability
Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft Edge...
VMware Multiple Products Privilege Escalation Vulnerability
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts...
Schneider Electric U.motion Builder SQL Injection Vulnerability
A SQL Injection vulnerability exists in U.motion Builder software which could cause unwanted code execution when an improper set of characters is entered...
Trihedral VTScada (formerly VTS) Denial-of-Service Vulnerability
The WAP interface in Trihedral VTScada formerly VTS allows remote attackers to cause a denial-of-service DoS...
D-Link DNS-320 Remote Code Execution Vulnerability
The loginmgr.cgi script in D-Link DNS-320 is vulnerable to remote code execution...
InduSoft Web Studio NTWebServer Directory Traversal Vulnerability
InduSoft Web Studio NTWebServer contains a directory traversal vulnerability that allows remote attackers to read administrative passwords in APP files, allowing for remote code execution...
Alcatel OmniPCX Enterprise Remote Code Execution Vulnerability
masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server allows remote attackers to execute arbitrary commands...
Crestron Multiple Products Command Injection Vulnerability
Multiple Crestron products are vulnerable to command injection via the filetransfer.cgi HTTP endpoint. A remote, unauthenticated attacker can use this vulnerability to execute operating system commands as root...
VMware Workspace ONE Access and Identity Manager Server-Side Template Injection Vulnerability
VMware Workspace ONE Access and Identity Manager allow for remote code execution due to server-side template injection...
Adobe Flash Player Use-After-Free Vulnerability
Use-after-free vulnerability in the DisplayObject class in the ActionScript 3 AS3 implementation in Adobe Flash Player allows remote attackers to execute code or cause a denial-of-service DoS...
Kaseya VSA Remote Code Execution Vulnerability
Kaseya VSA RMM allows unprivileged remote attackers to execute PowerShell payloads on all managed devices...
Microsoft Internet Explorer Memory Corruption Vulnerability
Microsoft Internet Explorer contains a memory corruption vulnerability that allows an attacker to execute code or cause a denial-of-service DoS...
Adobe Flash Player Stack-Based Buffer Overflow Vulnerability
Stack-based buffer overflow in Adobe Flash Player allows attackers to execute code remotely...
Microsoft Windows CLFS Driver Privilege Escalation Vulnerability
Microsoft Windows Common Log File System CLFS Driver contains an unspecified vulnerability that allows for privilege escalation...
Adobe Flash Player Remote Code Execution Vulnerability
Unspecified vulnerability in Adobe Flash Player allows remote attackers to execute code...
Adobe Flash Player Use-After-Free Vulnerability
Use-after-free vulnerability in Adobe Flash Player allows remote attackers to execute code...
Drupal Core Remote Code Execution Vulnerability
A remote code execution vulnerability exists within multiple subsystems of Drupal that can allow attackers to exploit multiple attack vectors on a Drupal site...
Adobe Flash Player Use-After-Free Vulnerability
Use-after-free vulnerability in the BitmapData class in the ActionScript 3 AS3 implementation in Adobe Flash Player allows remote attackers to execute code or cause a denial-of-service DoS...
Adobe Flash Player Heap-Based Buffer Overflow Vulnerability
Heap-based buffer overflow vulnerability in Adobe Flash Player allows remote attackers to execute code...
WatchGuard Firebox and XTM Privilege Escalation Vulnerability
WatchGuard Firebox and XTM appliances allow a remote attacker with unprivileged credentials to access the system with a privileged management session via exposed management access...
Microsoft Active Directory Domain Services Privilege Escalation Vulnerability
Microsoft Active Directory Domain Services contains an unspecified vulnerability that allows for privilege escalation...
Checkbox Survey Deserialization of Untrusted Data Vulnerability
Deserialization of Untrusted Data vulnerability in CheckboxWeb.dll of Checkbox Survey allows an unauthenticated remote attacker to execute arbitrary code...
Linux Kernel Privilege Escalation Vulnerability
Linux Kernel contains a flaw in the packet socket AFPACKET implementation which could lead to incorrectly freeing memory. A local user could exploit this for denial-of-service DoS or possibly for privilege escalation...
Google Pixel Out-of-Bounds Write Vulnerability
Google Pixel contains a possible out-of-bounds write due to a logic error in the code that could lead to local escalation of privilege...
Microsoft Active Directory Domain Services Privilege Escalation Vulnerability
Microsoft Active Directory Domain Services contains an unspecified vulnerability that allows for privilege escalation...
QNAP Network-Attached Storage (NAS) Command Injection Vulnerability
QNAP NAS devices contain a command injection vulnerability which could allow attackers to perform remote code execution...
Telerik UI for ASP.NET AJAX Unrestricted File Upload Vulnerability
Telerik.Web.UI in Progress Telerik UI for ASP.NET AJAX allows remote attackers to perform arbitrary file uploads or execute arbitrary code...
Sudo Heap-Based Buffer Overflow Vulnerability
Sudo contains an off-by-one error that can result in a heap-based buffer overflow, which allows for privilege escalation...
Microsoft HTTP Protocol Stack Remote Code Execution Vulnerability
Microsoft HTTP Protocol Stack contains a vulnerability in http.sys that allows for remote code execution...
Microsoft SMBv1 Server Remote Code Execution Vulnerability
The SMBv1 server in Microsoft allows remote attackers to execute arbitrary code via crafted packets...
D-Link Multiple Routers Remote Code Execution Vulnerability
A remote code execution vulnerability exists in all series H/W revisions routers via the DDNS function in ncc2 binary file...
Apple macOS Out-of-Bounds Write Vulnerability
macOS Monterey contains an out-of-bounds write vulnerability that could allow an application to execute arbitrary code with kernel privileges...
Spring Framework JDK 9+ Remote Code Execution Vulnerability
Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution RCE via data binding...
Apple macOS Out-of-Bounds Read Vulnerability
macOS Monterey contains an out-of-bounds read vulnerability that could allow an application to read kernel memory...
Dasan GPON Routers Command Injection Vulnerability
Dasan GPON Routers contain an authentication bypass vulnerability. When combined with CVE-2018-10561, exploitation can allow an attacker to perform remote code execution...
Sophos Firewall Authentication Bypass Vulnerability
An authentication bypass vulnerability in User Portal and Webadmin of Sophos Firewall allows for remote code execution...
Trend Micro Apex Central Arbitrary File Upload Vulnerability
An arbitrary file upload vulnerability in Trend Micro Apex Central could allow for remote code execution...
QNAP NAS Improper Authorization Vulnerability
QNAP NAS running HBS 3 contains an improper authorization vulnerability which can allow remote attackers to log in to a device...
Dell dbutil Driver Insufficient Access Control Vulnerability
Dell dbutil driver contains an insufficient access control vulnerability which may lead to escalation of privileges, denial-of-service DoS, or information disclosure...
Microsoft Windows User Profile Service Privilege Escalation Vulnerability
Microsoft Windows User Profile Service contains an unspecified vulnerability that allows for privilege escalation...
Dasan GPON Routers Authentication Bypass Vulnerability
Dasan GPON Routers contain an authentication bypass vulnerability. When combined with CVE-2018-10562, exploitation can allow an attacker to perform remote code execution...
Oracle Java SE Sandbox Bypass Vulnerability
The default Java security properties configuration did not restrict access to the com.sun.org.glassfish.external and com.sun.org.glassfish.gmbal packages. An untrusted Java application or applet could use these flaws to bypass Java sandbox restrictions...