213680 matches found
Privilege escalation
Windows Error Reporting Service Elevation of Privilege Vulnerability...
Cross site scripting
Microsoft Dynamics 365 on-premises Cross-site Scripting Vulnerability...
Privilege escalation
Windows Print Spooler Elevation of Privilege Vulnerability...
Privilege escalation
Windows Kernel Elevation of Privilege Vulnerability...
Privilege escalation
Windows Update Stack Elevation of Privilege Vulnerability...
Denial of service
Windows Kernel Denial of Service Vulnerability...
Privilege escalation
NTFS Elevation of Privilege Vulnerability...
Remote code execution
Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability...
Design/Logic Flaw
Windows Standards-Based Storage Management Service Denial of Service Vulnerability...
Remote code execution
Windows USB Attached SCSI UAS Protocol Remote Code Execution Vulnerability...
Denial of service
Microsoft QUIC Denial of Service Vulnerability...
Information disclosure
Information exposure vulnerability in Badger Meter Monitool affecting versions up to 4.6.3 and earlier. A local attacker could change the application's file parameter to a log file obtaining all sensitive information such as database credentials...
Cross site scripting
Vulnerability in CMS Made Simple 2.2.14, which does not sufficiently encode user-controlled input, resulting in a Cross-Site Scripting XSS vulnerability through /admin/adduser.php, in multiple parameters. This vulnerability could allow a remote attacker to send a specially crafted JavaScript...
Unrestricted file upload
Unrestricted file upload vulnerability in CMS Made Simple, affecting version 2.2.14. This vulnerability allows an authenticated user to bypass the security measures of the upload functionality and potentially create a remote execution of commands via webshell...
Remote code execution
In RPyC before 6.0.0, when a server exposes a method that calls the attribute named array for a client-provided netref e.g., np.arrayclientnetref, a remote attacker can craft a class that results in remote code execution...
Sql injection
SQL injection vulnerability in Badger Meter Monitool affecting versions 4.6.3 and earlier. A remote attacker could send a specially crafted SQL query to the server via the jusername parameter and retrieve the information stored in the database...
Cross site scripting
Cross-site scripting vulnerability in Badger Meter Monitool that affects versions up to 4.6.3 and earlier. This vulnerability allows a remote attacker to send a specially crafted javascript payload to an authenticated user and partially hijack their browser session...
Design/Logic Flaw
Incorrectly limiting the path to a restricted directory vulnerability in Badger Meter Monitool that affects versions up to 4.6.3 and earlier. This vulnerability allows an authenticated attacker to retrieve any file from the device using the download-file functionality...
Cross site scripting
CMS Made Simple version 2.2.14, does not sufficiently encode user-controlled input, resulting in a Cross-Site Scripting XSS vulnerability through /admin/moduleinterface.php, in multiple parameters. This vulnerability could allow a remote attacker to send a specially crafted JavaScript payload to ...
Code injection
A search path or unquoted item vulnerability in Faronics Deep Freeze Server Standard, which affects versions 8.30.020.4627 and earlier. This vulnerability affects the DFServ.exe file. An attacker with local user privileges could exploit this vulnerability to replace the legitimate DFServ.exe...
Input validation
A improper neutralization of formula elements in a csv file in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, 7.0.0 through 7.0.10, 6.4.0 through 6.4.9, 6.2.0 through 6.2.9, 6.0.0 through 6.0.8 allows attacker to execute unauthorized code or commands via specially crafted packets...
Authorization
An authorization bypass through user-controlled key vulnerability CWE-639 in FortiOS version 7.4.0 through 7.4.1, 7.2.0 through 7.2.6, 7.0.1 through 7.0.13, 6.4.7 through 6.4.14, and FortiProxy version 7.4.0 through 7.4.2, 7.2.0 through 7.2.8, 7.0.0 through 7.0.14 SSL-VPN may allow an authenticat...
Open redirect
An open redirect vulnerability, the exploitation of which could allow an attacker to create a custom URL and redirect a legitimate page to a malicious site...
Cross site scripting
A out-of-bounds write in Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13 allows attacker to execute unauthorized code or commands via...
Cross site scripting
The software does not neutralize or incorrectly neutralizes certain characters before the data is included in outgoing HTTP headers. The inclusion of invalidated data in an HTTP header allows an attacker to specify the full HTTP response represented by the browser. An attacker could control the...
Sql injection
A improper neutralization of special elements used in an sql command 'sql injection' in Fortinet FortiClientEMS version 7.2.0 through 7.2.2, FortiClientEMS 7.0.1 through 7.0.10 allows attacker to execute unauthorized code or commands via specially crafted packets...
Authorization
An improper authorization vulnerability CWE-285 in FortiPortal version 7.2.0, and versions 7.0.6 and below reports may allow a user to download other organizations reports via modification in the request payload...
Improper access control
A improper access control in Fortinet FortiManager version 7.4.0, version 7.2.0 through 7.2.3, version 7.0.0 through 7.0.10, version 6.4.0 through 6.4.13, 6.2 all versions allows attacker to execute unauthorized code or commands via specially crafted HTTP requests...
Format string
A use of externally-controlled format string vulnerability CWE-134 in Fortinet FortiManager version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.3 and before 7.0.10, Fortinet FortiAnalyzer version 7.4.0 through 7.4.1, version 7.2.0 through 7.2.3 and before 7.0.10, Fortinet FortiAnalyzer-BigData...
Stack overflow
A stack-based buffer overflow in Fortinet FortiOS 7.4.0 through 7.4.1, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, 6.2.0 through 6.2.15, FortiProxy 7.4.0, 7.2.0 through 7.2.6, 7.0.0 through 7.0.12, 2.0.0 through 2.0.13 allows attacker to execute unauthorized code or commands...
Authentication flaw
An improper authentication vulnerability CWE-287 in FortiOS versions 7.4.1 and below, versions 7.2.6 and below, and versions 7.0.12 and below when configured with FortiAuthenticator in HA may allow a readonly user to gain read-write access via successive login attempts...
Stack overflow
Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the mitInterface parameter of fromAddressNat function...
Stack overflow
Tenda AC18 V15.03.05.05 has a stack overflow vulnerability in the entrys parameter fromAddressNat function...
Server side request forgery (ssrf)
Server-Side Request Forgery SSRF in Citrix SD-WAN Standard/Premium Editions on or after 11.4.0 and before 11.4.4.46 allows an attacker to disclose limited information from the appliance via Access to management IP...
Authentication flaw
The authentication method in Apache Doris versions before 2.0.0 was vulnerable to timing attacks. Users are recommended to upgrade to version 2.0.0 + or 1.2.8, which fixes this issue...
Information disclosure
A vulnerability has been identified in SINEMA Remote Connect Client All versions V3.1 SP1. The product places sensitive information into files or directories that are accessible to actors who are allowed to have access to the files, but not to the sensitive information. This information is also...
Code injection
A vulnerability has been identified in SINEMA Remote Connect Server All versions V3.2. The affected application consists of a web service that lacks proper access control for some of the endpoints. This could lead to unauthorized access to resources and potentially lead to code execution...
Design/Logic Flaw
A vulnerability has been identified in SENTRON 7KM PAC3120 AC/DC 7KM3120-0BA01-1DA0 All versions = V3.2.3 = V3.2.3 = V3.2.3 = V3.2.3 V3.3.0 only when manufactured between LQN231003... and LQN231215... with LQNYYMMDD.... The read out protection of the internal flash of affected devices was not...
Design/Logic Flaw
A vulnerability has been identified in Cerberus PRO EN Engineering Tool All versions, Cerberus PRO EN Fire Panel FC72x All versions IP8 SR4, Cerberus PRO EN X200 Cloud Distribution All versions V4.3.5618, Cerberus PRO EN X300 Cloud Distribution All versions V4.3.5617, Sinteso FS20 EN Engineering...
Stack overflow
A vulnerability has been identified in Cerberus PRO EN Engineering Tool All versions IP8, Cerberus PRO EN Fire Panel FC72x All versions IP8, Cerberus PRO EN X200 Cloud Distribution All versions V4.0.5016, Cerberus PRO EN X300 Cloud Distribution All versions V4.2.5015, Sinteso FS20 EN Engineering...
Design/Logic Flaw
A vulnerability has been identified in Cerberus PRO EN Engineering Tool All versions, Cerberus PRO EN Fire Panel FC72x All versions IP8 SR4, Cerberus PRO EN X200 Cloud Distribution All versions V4.3.5618, Cerberus PRO EN X300 Cloud Distribution All versions V4.3.5617, Sinteso FS20 EN Engineering...
Design/Logic Flaw
A vulnerability has been identified in Siveillance Control All versions = V2.8 V3.1.1. The affected product does not properly check the list of access groups that are assigned to an individual user. This could enable a locally logged on user to gain write privileges for objects where they only ha...
Design/Logic Flaw
A vulnerability has been identified in SENTRON 3KC ATC6 Expansion Module Ethernet 3KC9000-8TL75 All versions. Affected devices expose an unused, unstable http service at port 80/tcp on the Modbus-TCP Ethernet. This could allow an attacker on the same Modbus network to create a denial of service...
Design/Logic Flaw
A vulnerability has been identified in Simcenter Femap All versions V2306.0000. The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted Catia MODEL file. This could allow an attacker to execute code in the context of the curre...
Cross site request forgery (csrf)
The LadiApp plugn for WordPress is vulnerable to Cross-Site Request Forgery due to a missing nonce check on the initendpoint function hooked via 'init' in versions up to, and including, 4.4. This makes it possible for unauthenticated attackers to modify a variety of settings, via a forged request...
Cross site scripting
The LadiApp plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the publishlp function hooked via an AJAX action in versions up to, and including, 4.4. This makes it possible for authenticated attackers with subscriber-level access and abov...
Cross site request forgery (csrf)
The LadiApp plugin for WordPress is vulnerable to Cross-Site Request Forgery due to a missing nonce check on the ladiflowsavehook function in versions up to, and including, 4.4. This makes it possible for unauthenticated attackers to update the 'ladiflowhookconfigs' option via a forged request...
Cross site request forgery (csrf)
The LadiApp plugin for WordPress is vulnerable to Cross-Site Request Forgery due to a missing nonce check on the publishlp function hooked via an AJAX action in versions up to, and including, 4.4. This makes it possible for unauthenticated attackers to change the LadiPage key a key fully controll...
Design/Logic Flaw
The LadiApp plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ladiflowsavehook function in versions up to, and including, 4.3. This makes it possible for authenticated attackers with subscriber-level access and above to update the...
Design/Logic Flaw
The LadiApp plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the saveconfig function in versions up to, and including, 4.4. This makes it possible for authenticated attackers with subscriber-level access and above to update the...