4985 matches found
VulnCheck KEV: CVE-2021-45105
Apache Log4j2 versions 2.0-alpha1 through 2.16.0 excluding 2.12.3 and 2.3.1 did not protect from uncontrolled recursion from self-referential lookups. This allows an attacker with control over Thread Context Map data to cause a denial of service when a crafted string is interpreted. This...
VulnCheck KEV: CVE-2021-33766
Microsoft Exchange Server contains an information disclosure vulnerability which can allow an unauthenticated attacker to steal email traffic from target...
VulnCheck KEV: CVE-2021-24499
The Workreap WordPress theme before 2.2.2 AJAX actions workreapawardtempfileuploader and workreaptempfileuploader did not perform nonce checks, or validate that the request is from a valid user in any other way. The endpoints allowed for uploading arbitrary files to the...
VulnCheck KEV: CVE-2021-33357
A vulnerability exists in RaspAP 2.6 to 2.6.5 in the "iface" GET parameter in /ajax/networking/getnetcfg.php, when the "iface" parameter value contains special characters such as ";" which enables an unauthenticated attacker to execute arbitrary OS commands...
VulnCheck KEV: CVE-2021-40870
Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal...
VulnCheck KEV: CVE-2021-25076
The WP User Frontend WordPress plugin before 3.5.26 does not validate and escape the status parameter before using it in a SQL statement in the Subscribers dashboard, leading to an SQL injection. Due to the lack of sanitisation and escaping, this could also lead to Reflected Cross-Site Scripting...
VulnCheck KEV: CVE-2022-24682
Synacor Zimbra Collaboration Suite ZCS contains a cross-site scripting XSS vulnerability in the Calendar feature that allows an attacker to execute arbitrary code...
VulnCheck KEV: CVE-2021-36888
Unauthenticated Arbitrary Options Update vulnerability leading to full website compromise discovered in Image Hover Effects Ultimate versions = 9.6.1 WordPress plugin...
VulnCheck KEV: CVE-2015-0096
Untrusted search path vulnerability in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges via a Trojan horse DLL in...
VulnCheck KEV: CVE-2010-3338
The Windows Task Scheduler in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly determine the security context of scheduled tasks, which allows local users to gain privileges via a crafted application, aka "Task Scheduler Vulnerability."...
VulnCheck KEV: CVE-2012-3015
Untrusted search path vulnerability in Siemens SIMATIC STEP7 before 5.5 SP1, as used in SIMATIC PCS7 7.1 SP3 and earlier and other products, allows local users to gain privileges via a Trojan horse DLL in a STEP7 project folder...
VulnCheck KEV: CVE-2021-26885
Windows WalletService Elevation of Privilege Vulnerability...
VulnCheck KEV: CVE-2010-2743
The kernel-mode drivers in Microsoft Windows XP SP3 do not properly perform indexing of a function-pointer table during the loading of keyboard layouts from disk, which allows local users to gain privileges via a crafted application, as demonstrated in the wild in July 2010 by the Stuxnet worm,...
VulnCheck KEV: CVE-2021-43890
Microsoft Windows AppX Installer contains a spoofing vulnerability which has a high impacts to confidentiality, integrity, and availability...
VulnCheck KEV: CVE-2021-25037
The All in One SEO WordPress plugin before 4.1.5.3 is affected by an authenticated SQL injection issue, which was discovered during an internal audit by the Jetpack Scan team, and could grant attackers access to privileged information from the affected site’s database e.g., usernames and...
VulnCheck KEV: CVE-2021-30983
Apple iOS and iPadOS contain a buffer overflow vulnerability that could allow an application to execute code with kernel privileges...
VulnCheck KEV: CVE-2017-15303
In CPUID CPU-Z before 1.43, there is an arbitrary memory write that results directly in elevation of privileges, because any program running on the local machine while CPU-Z is running can issue an ioctl 0x9C402430 call to the kernel-mode driver e.g., cpuz141x64.sys for version 1.41...
VulnCheck KEV: CVE-2013-3956
The NICM.SYS kernel driver 3.1.11.0 in Novell Client 4.91 SP5 on Windows XP and Windows Server 2003; Novell Client 2 SP2 on Windows Vista and Windows Server 2008; and Novell Client 2 SP3 on Windows Server 2008 R2, Windows 7, Windows 8, and Windows Server 2012 allows local users to gain privileges...
VulnCheck KEV: CVE-2019-13272
Kernel/ptrace.c in Linux kernel mishandles contains an improper privilege management vulnerability that allows local users to obtain root access...
VulnCheck KEV: CVE-2021-44515
Zoho Desktop Central contains an authentication bypass vulnerability that could allow an attacker to execute arbitrary code in the Desktop Central MSP server...
VulnCheck KEV: CVE-2021-24209
The WP Super Cache WordPress plugin before 1.7.2 was affected by an authenticated admin+ RCE in the settings page due to input validation failure and weak $cachepath check in the WP Super Cache Settings - Cache Location option. Direct access to the wp-cache-config.php file is not...
VulnCheck KEV: CVE-2021-4102
Google Chromium V8 Engine contains a use-after-free vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft...
VulnCheck KEV: CVE-2021-4073
The RegistrationMagic WordPress plugin made it possible for unauthenticated users to log in as any site user, including administrators, if they knew a valid username on the site due to missing identity validation in the social login function socialloginusingemail of the plugin. This...
VulnCheck KEV: CVE-2021-41653
The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840NEUV5171211 is vulnerable to remote code execution via a crafted payload in an IP address input field...
VulnCheck KEV: CVE-2021-44168
Fortinet FortiOS "execute restore src-vis" downloads code without integrity checking, allowing an attacker to arbitrarily download files...
VulnCheck KEV: CVE-2021-36260
A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation...
VulnCheck KEV: CVE-2021-25032
The PublishPress Capabilities WordPress plugin before 2.3.1, PublishPress Capabilities Pro WordPress plugin before 2.3.1 does not have authorisation and CSRF checks when updating the plugin's settings via the init hook, and does not ensure that the options to be updated belong to the plugin. As a...
VulnCheck KEV: CVE-2021-45046
Apache Log4j2 contains a deserialization of untrusted data vulnerability due to the incomplete fix of CVE-2021-44228, where the Thread Context Lookup Pattern is vulnerable to remote code execution in certain non-default configurations...
VulnCheck KEV: CVE-2021-44228
Apache Log4j2 contains a vulnerability where JNDI features do not protect against attacker-controlled JNDI-related endpoints, allowing for remote code execution...
VulnCheck KEV: CVE-2021-40438
A crafted request uri-path can cause modproxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier...
VulnCheck KEV: CVE-2021-44077
Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and SupportCenter Plus before 11014 are vulnerable to unauthenticated remote code execution...
VulnCheck KEV: CVE-2021-37415
Zoho ManageEngine ServiceDesk Plus before 11302 is vulnerable to authentication bypass that allows a few REST-API URLs without authentication...
VulnCheck KEV: CVE-2021-41379
Microsoft Windows Installer contains an unspecified vulnerability that allows for privilege escalation...
VulnCheck KEV: CVE-2017-6079
The HTTP web-management application on Edgewater Networks Edgemarc appliances has a hidden page that allows for user-defined commands such as specific iptables routes, etc., to be set. You can use this page as a web shell essentially to execute commands, though you get no feedback client-side...
VulnCheck KEV: CVE-2021-24969
The WordPress Download Manager WordPress plugin before 3.2.22 does not sanitise and escape Template data before outputting it in various pages such as admin dashboard and frontend. Due to the lack of authorisation and CSRF checks in the wpdmsavetemplate AJAX action, any authenticated users...
VulnCheck KEV: CVE-2021-39317
A WordPress plugin and several WordPress themes developed by AccessPress Themes are vulnerable to malicious file uploads via the pluginofflineinstaller AJAX action due to a missing capability check in the pluginofflineinstallercallback function found in the /demo-functions.php file or...
VulnCheck KEV: CVE-2021-24981
The Directorist WordPress plugin before 7.0.6.2 was vulnerable to Cross-Site Request Forgery to Remote File Upload leading to arbitrary PHP shell uploads in the wp-content/plugins directory...
VulnCheck KEV: CVE-2012-0151
The Authenticode Signature Verification function in Microsoft Windows WinVerifyTrust does not properly validate the digest of a signed portable executable PE file, which allows user-assisted remote attackers to execute code...
VulnCheck KEV: CVE-2021-24946
The Modern Events Calendar Lite WordPress plugin before 6.1.5 does not sanitise and escape the time parameter before using it in a SQL statement in the mecloadsinglepage AJAX action, available to unauthenticated users, leading to an unauthenticated SQL injection issue...
VulnCheck KEV: CVE-2017-18368
Zyxel P660HN-T1A routers contain a command injection vulnerability in the Remote System Log forwarding function, which is accessible by an unauthenticated user and exploited via the remotehost parameter of the ViewLog.asp page...
VulnCheck KEV: CVE-2020-9377
D-Link DIR-610 devices allow remote code execution via the cmd parameter to command.php...
VulnCheck KEV: CVE-2019-19824
On certain TOTOLINK Realtek SDK based routers, an authenticated attacker may execute arbitrary OS commands via the sysCmd parameter to the boafrm/formSysCmd URI, even if the GUI syscmd.htm is not available. This allows for full control over the device's internals. This affects A3002RU through...
VulnCheck KEV: CVE-2013-3307
Linksys x3000 firmware is vulnerable to a command injection vulnerability via the pingip parameter...
VulnCheck KEV: CVE-2013-5223
A cross-site scripting XSS vulnerability exists in the D-Link DSL-2760U gateway, allowing remote authenticated users to inject arbitrary web script or HTML...
VulnCheck KEV: CVE-2016-11021
setSystemCommand on D-Link DCS-930L devices allows a remote attacker to execute code via an OS command...
VulnCheck KEV: CVE-2020-8958
Guangzhou 1GE ONU V2801RW 1.9.1-181203 through 2.9.0-181024 and V2804RGW 1.9.1-181203 through 2.9.0-181024 devices allow remote attackers to execute arbitrary OS commands via shell metacharacters in the boaform/admin/formPing Dest IP Address field...
VulnCheck KEV: CVE-2021-42321
An authenticated attacker could leverage improper validation in cmdlet arguments within Microsoft Exchange and perform remote code execution...
VulnCheck KEV: CVE-2021-42292
A security feature bypass vulnerability in Microsoft Excel would allow a local user to perform arbitrary code execution...
VulnCheck KEV: CVE-2021-24943
The Registrations for the Events Calendar WordPress plugin before 2.7.6 does not sanitise and escape the eventid in the rtecsendunregisterlink AJAX action available to both unauthenticated and authenticated users before using it in a SQL statement, leading to an unauthenticated SQL injection...
VulnCheck KEV: CVE-2021-1048
Android kernel contains a use-after-free vulnerability that allows for privilege escalation...