1634 matches found
Exim Heap-Based Buffer Overflow Vulnerability
Heap-based buffer overflow in the stringvformat function in string.c in Exim before 4.70 allows remote attackers to execute arbitrary code via an SMTP session...
Adobe ColdFusion Directory Traversal Vulnerability
A directory traversal vulnerability exists in the administrator console in Adobe ColdFusion which allows remote attackers to read arbitrary files...
phpMyAdmin Remote Code Execution Vulnerability
Setup script used to generate configuration can be fooled using a crafted POST request to include arbitrary PHP code in generated configuration file...
HP OpenView Network Node Manager Remote Code Execution Vulnerability
HP OpenView Network Node Manager could allow a remote attacker to execute arbitrary commands on the system...
D-Link Multiple Routers Command Injection Vulnerability
Multiple D-Link routers contain a command injection vulnerability which can allow attackers to achieve full system compromise...
Kentico Xperience Deserialization of Untrusted Data Vulnerability
Kentico contains a failure to validate security headers. This deserialization can led to unauthenticated remote code execution...
Microsoft Scripting Engine Memory Corruption Vulnerability
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer...
NETGEAR DGN2200 Devices OS Command Injection Vulnerability
dnslookup.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute arbitrary OS commands...
Ruby on Rails Directory Traversal Vulnerability
Directory traversal vulnerability in Action View in Ruby on Rails allows remote attackers to read arbitrary files...
TP-Link Multiple Archer Devices Directory Traversal Vulnerability
Directory traversal vulnerability in multiple TP-Link Archer devices allows remote attackers to read arbitrary files via a .. dot dot in the PATHINFO to login/...
Ruby on Rails Directory Traversal Vulnerability
Directory traversal vulnerability in actionpack/lib/abstractcontroller/base.rb in the implicit-render implementation in Ruby on Rails allows remote attackers to read arbitrary files via a crafted request...
HP Multiple Products Remote Code Execution Vulnerability
HP ProCurve Manager PCM, PCM+, Identity Driven Manager IDM, and Application Lifecycle Management allow remote attackers to execute arbitrary code via a marshalled object to 1 EJBInvokerServlet or 2 JMXInvokerServlet...
Apache Struts Improper Input Validation Vulnerability
Apache Struts allows remote attackers to execute arbitrary Object-Graph Navigation Language OGNL expressions...
Exim Privilege Escalation Vulnerability
Exim allows local users to gain privileges by leveraging the ability of the exim user account to specify an alternate configuration file with a directive that contains arbitrary commands...
Adobe Reader and Adobe Acrobat Stack-Based Buffer Overflow Vulnerability
Stack-based buffer overflow in Adobe Reader and Adobe Acrobat allows remote attackers to execute arbitrary code...
VMware Tanzu Spring Cloud Config Directory Traversal Vulnerability
Spring, by VMware Tanzu, Cloud Config contains a path traversal vulnerability that allows applications to serve arbitrary configuration files...
Apache Kylin OS Command Injection Vulnerability
Apache Kylin contains an OS command injection vulnerability which could permit an attacker to perform remote code execution...
Drupal Core Remote Code Execution Vulnerability
In Drupal Core, some field types do not properly sanitize data from non-form sources. This can lead to arbitrary PHP code execution in some cases...
Webmin Command Injection Vulnerability
An issue was discovered in Webmin. The parameter old in passwordchange.cgi contains a command injection vulnerability...
LG N1A1 NAS Remote Command Execution Vulnerability
LG N1A1 NAS 3718.510 is affected by a remote code execution vulnerability...
VMware SD-WAN Edge by VeloCloud Command Injection Vulnerability
VMware SD-WAN Edge by VeloCloud contains a command injection vulnerability in the local web UI component. Successful exploitation of this issue could result in remote code execution...
Cisco IOS and IOS XE Remote Code Execution Vulnerability
A vulnerability in the Cisco Cluster Management Protocol CMP processing code in Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a reload of an affected device or remotely execute code with elevated privileges...
Apache Tomcat Remote Code Execution Vulnerability
When running Apache Tomcat, it is possible to upload a JSP file to the server via a specially crafted request. This JSP could then be requested and any code it contained would be executed by the server...
Microsoft Windows SMB Remote Code Execution Vulnerability
The SMBv1 server in Microsoft Windows allows remote attackers to perform remote code execution...
Microsoft Kerberos Key Distribution Center (KDC) Privilege Escalation Vulnerability
The Kerberos Key Distribution Center KDC in Microsoft allows remote authenticated domain users to obtain domain administrator privileges...
Rejetto HTTP File Server (HFS) Remote Code Execution Vulnerability
The findMacroMarker function in parserLib.pas in Rejetto HTTP File Server HFS or HttpFileServer allows remote attackers to execute arbitrary programs...
D-Link DSL-2760U Gateway Cross-Site Scripting Vulnerability
A cross-site scripting XSS vulnerability exists in the D-Link DSL-2760U gateway, allowing remote authenticated users to inject arbitrary web script or HTML...
Cisco IOS XR Border Gateway Protocol (BGP) Denial-of-Service Vulnerability
Cisco IOS XR, when BGP is the configured routing feature, allows remote attackers to cause a denial-of-service DoS...
Microsoft GDI Remote Code Execution Vulnerability
A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface GDI handles objects in the memory. An attacker who successfully exploited this vulnerability could take control of the affected system...
Microsoft Windows AppX Deployment Server Privilege Escalation Vulnerability
A privilege escalation vulnerability exists when the Windows AppX Deployment Server improperly handles junctions...
Microsoft Windows Kernel Privilege Escalation Vulnerability
A privilege escalation vulnerability exists when the Windows kernel fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode...
Microsoft Win32k Privilege Escalation Vulnerability
A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory...
Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability
A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context...
Microsoft Windows Transaction Manager Privilege Escalation Vulnerability
A privilege escalation vulnerability exists when the Windows Transaction Manager improperly handles objects in memory...
SonicWall SonicOS Buffer Overflow Vulnerability
A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service DoS and potentially execute arbitrary code by sending a malicious request to the firewall...
Microsoft Windows Privilege Escalation Vulnerability
A privilege escalation vulnerability exists when Windows improperly handles authentication requests. An attacker who successfully exploited this vulnerability could run processes in an elevated context...
Microsoft Win32k Privilege Escalation Vulnerability
A privilege escalation vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory...
Microsoft Windows Universal Plug and Play (UPnP) Service Privilege Escalation Vulnerability
A privilege escalation vulnerability exists when the Windows UPnP service improperly allows COM object creation...
Microsoft Windows Privilege Escalation Vulnerability
A privilege escalation vulnerability exists when Windows improperly handles authentication requests. An attacker who successfully exploited this vulnerability could run processes in an elevated context...
Microsoft Windows Error Reporting Manager Privilege Escalation Vulnerability
A privilege escalation vulnerability exists when Windows Error Reporting manager improperly handles hard links. An attacker who successfully exploited this vulnerability could overwrite a targeted file leading to an elevated status...
Microsoft Task Scheduler Privilege Escalation Vulnerability
A privilege escalation vulnerability exists in the way the Task Scheduler Service validates certain file operations...
Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability
A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context...
Microsoft Windows AppX Deployment Service (AppXSVC) Privilege Escalation Vulnerability
A privilege escalation vulnerability exists when Windows AppXSVC improperly handles hard links. An attacker who successfully exploited this vulnerability could run processes in an elevated context...
Microsoft Win32k Memory Corruption Vulnerability
The kernel-mode driver in Microsoft Windows OS and Server allows local users to gain privileges via a crafted application...
Mozilla Firefox Use-After-Free Vulnerability
Mozilla Firefox contains a use-after-free vulnerability in WebGPU IPC Framework which can be exploited to perform arbitrary code execution...
NETGEAR Multiple Routers Remote Code Execution Vulnerability
NETGEAR confirmed multiple routers allow unauthenticated web pages to pass form input directly to the command-line interface, permitting remote code execution...
Atlassian Jira Server and Data Center Server-Side Template Injection Vulnerability
Atlassian Jira Server and Data Center contain a server-side template injection vulnerability which can allow for remote code execution...
Adobe ColdFusion Information Disclosure Vulnerability
Adobe Coldfusion contains an unspecified vulnerability, which could result in information disclosure from a compromised server...
Adobe ColdFusion Authentication Bypass Vulnerability
Adobe Coldfusion contains an authentication bypass vulnerability, which could result in an unauthorized user gaining administrative access...
Mozilla Firefox Use-After-Free Vulnerability
Mozilla Firefox contains a use-after-free vulnerability in XSLT parameter processing which can be exploited to perform arbitrary code execution...