4985 matches found
VulnCheck KEV: CVE-2018-14847
MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface...
VulnCheck KEV: CVE-2017-8222
Wireless IP Camera P2P WIFICAM devices have an "Apple Production IOS Push Services" private RSA key and certificate stored in /system/www/pem/ck.pem inside the firmware, which allows attackers to obtain sensitive information...
VulnCheck KEV: CVE-2015-7571
Unrestricted file upload vulnerability in Yeager CMS 1.2.1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension...
VulnCheck KEV: CVE-2015-2067
Directory traversal vulnerability in web/ajaxpluginconf.php in the MAGMI aka Magento Mass Importer plugin for Magento Server allows remote attackers to read arbitrary files via a .. dot dot in the file parameter...
VulnCheck KEV: CVE-2017-9841
PHPUnit allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a "?php " substring, as demonstrated by an attack on a site with an exposed /vendor folder, i.e., external access to the /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php URI...
VulnCheck KEV: CVE-2019-9194
elFinder before 2.1.48 has a command injection vulnerability in the PHP connector...
VulnCheck KEV: CVE-2021-1906
Multiple Qualcomm chipsets contain a detection of error condition without action vulnerability when improper handling of address deregistration on failure can lead to new GPU address allocation failure...
VulnCheck KEV: CVE-2021-1905
Multiple Qualcomm Chipsets contain a use after free vulnerability due to improper handling of memory mapping of multiple processes simultaneously...
VulnCheck KEV: CVE-2019-5544
VMware ESXi and Horizon Desktop as a Service DaaS OpenSLP contains a heap-based buffer overflow vulnerability that allows an attacker with network access to port 427 to overwrite the heap of the OpenSLP service to perform remote code execution...
VulnCheck KEV: CVE-2020-3992
VMware ESXi OpenSLP contains a use-after-free vulnerability that allows an attacker residing in the management network with access to port 427 to perform remote code execution...
VulnCheck KEV: CVE-2020-16013
Google Chromium V8 Engine contains an inappropriate implementation vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome,...
VulnCheck KEV: CVE-2020-36155
An issue was discovered in the Ultimate Member plugin before 2.1.12 for WordPress, aka Unauthenticated Privilege Escalation via User Meta. An attacker could supply an array parameter for sensitive metadata, such as the wpcapabilities user meta that defines a user's role. During the...
VulnCheck KEV: CVE-2020-16017
Google Chrome contains a use-after-free vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page...
VulnCheck KEV: CVE-2020-24217
An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. The file-upload endpoint does not enforce authentication. Attackers can send an unauthenticated HTTP request to upload a custom firmware component, possibly in conjunction with command injection, to...
VulnCheck KEV: CVE-2013-5948
The Network Analysis tab MainAnalysisContent.asp in the ASUS RT-AC68U and other RT series routers with firmware before 3.0.0.4.374.5047 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the Target field destIP parameter...
VulnCheck KEV: CVE-2020-10987
Tenda AC1900 Router AC15 Model contains an unspecified vulnerability that allows remote attackers to execute system commands via the deviceName POST parameter...
VulnCheck KEV: CVE-2020-15893
An issue was discovered on D-Link DIR-816L devices 2.x before 1.10b04Beta02. Universal Plug and Play UPnP is enabled by default on port 1900. An attacker can perform command injection by injecting a payload into the Search Target ST field of the SSDP M-SEARCH discover packet...
VulnCheck KEV: CVE-2019-10758
mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the toBSON method...
VulnCheck KEV: CVE-2019-19006
Sangoma FreePBX contains an improper authentication vulnerability that potentially allows unauthorized users to bypass password authentication and access services provided by the FreePBX admin...
VulnCheck KEV: CVE-2021-25337
Samsung mobile devices contain an improper access control vulnerability in clipboard service which allows untrusted applications to read or write arbitrary files. This vulnerability was chained with CVE-2021-25369 and CVE-2021-25370...
VulnCheck KEV: CVE-2020-14882
Oracle WebLogic Server contains an unspecified vulnerability, which is assessed to allow for remote code execution, based on this vulnerability being related to CVE-2020-14750...
VulnCheck KEV: CVE-2019-6111
An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only performs cursory validation of the object name returned only directory traversal attacks are...
VulnCheck KEV: CVE-2020-16010
Google Chrome for Android UI contains a heap buffer overflow vulnerability that allows a remote attacker, who has compromised the renderer process, to potentially perform a sandbox escape via a crafted HTML page...
VulnCheck KEV: CVE-2020-27950
Apple iOS, iPadOS, macOS, and watchOS contain a memory initialization vulnerability that may allow a malicious application to disclose kernel memory...
VulnCheck KEV: CVE-2020-16009
Google Chromium V8 Engine contains a type confusion vulnerability that allows a remote attacker to potentially exploit heap corruption via a crafted HTML page. This vulnerability could affect multiple web browsers that utilize Chromium, including, but not limited to, Google Chrome, Microsoft...
VulnCheck KEV: CVE-2020-28034
WordPress before 5.5.2 allows XSS associated with global variables...
VulnCheck KEV: CVE-2020-27930
Apple iOS, iPadOS, macOS, and watchOS FontParser contain a memory corruption vulnerability which may allow for code execution when processing maliciously crafted front...
VulnCheck KEV: CVE-2020-27932
Apple iOS, iPadOS, macOS, and watchOS contain a type confusion vulnerability that may allow a malicious application to execute code with kernel privileges...
VulnCheck KEV: CVE-2020-17087
Microsoft Windows kernel contains an unspecified vulnerability that allows for privilege escalation...
VulnCheck KEV: CVE-2025-34054
An unauthenticated command injection vulnerability exists in AVTECH DVR devices via Search.cgi?action=cgiquery. The use of wget without input sanitization allows attackers to inject shell commands through the username or queryb64str parameters, executing commands as root. Exploitation evidence...
VulnCheck KEV: CVE-2017-9248
Progress Telerik UI for ASP.NET AJAX and Sitefinity have a cryptographic weakness in Telerik.Web.UI.dll that can be exploited to disclose encryption keys Telerik.Web.UI.DialogParametersEncryptionKey and/or the MachineKey, perform cross-site-scripting XSS attacks, compromise the ASP.NET...
VulnCheck KEV: CVE-2020-1350
Microsoft Windows DNS Servers fail to properly handle requests, allowing an attacker to perform remote code execution in the context of the Local System Account. The vulnerability is also known under the moniker of SIGRed...
VulnCheck KEV: CVE-2020-3118
Cisco IOS XR improperly validates string input from certain fields in Cisco Discovery Protocol messages. Exploitation could allow an unauthenticated, adjacent attacker to execute code with administrative privileges or cause a reload on an affected device...
VulnCheck KEV: CVE-2018-4939
Adobe ColdFusion contains a deserialization of untrusted data vulnerability that could allow for code execution...
VulnCheck KEV: CVE-2015-4852
Oracle WebLogic Server contains a deserialization of untrusted data vulnerability within Apache Commons, which can allow for for remote code execution...
VulnCheck KEV: CVE-2020-1040
Microsoft Hyper-V RemoteFX vGPU contains an improper input validation vulnerability due to the host server failing to properly validate input from an authenticated user on a guest operating system. Successful exploitation allows for remote code execution on the host operating system...
VulnCheck KEV: CVE-2017-6327
Symantec Messaging Gateway contains an unspecified vulnerability which can allow for remote code execution. With the ability to perform remote code execution, an attacker may also desire to perform privilege escalating actions...
VulnCheck KEV: CVE-2020-15505
Ivanti MobileIron's Core & Connector, Sentry, and Monitor and Reporting Database RDB products contain an unspecified vulnerability that allows for remote code execution...
VulnCheck KEV: CVE-2019-1040
A tampering vulnerability exists in Microsoft Windows when a man-in-the-middle attacker is able to successfully bypass the NTLM MIC Message Integrity Check protection. An attacker who successfully exploited this vulnerability could gain the ability to downgrade NTLM security features. To...
VulnCheck KEV: CVE-2019-11580
Atlassian Crowd and Crowd Data Center contain a remote code execution vulnerability resulting from a pdkinstall development plugin being incorrectly enabled in release builds...
VulnCheck KEV: CVE-2020-2555
Multiple Oracle products contain a remote code execution vulnerability that allows an unauthenticated attacker with network access via T3 or HTTP to takeover the affected system. Impacted Oracle products: Oracle Coherence in Fusion Middleware, Oracle Utilities Framework, Oracle Retail...
VulnCheck KEV: CVE-2017-11357
Telerik UI for ASP.NET AJAX contains an insecure direct object reference vulnerability in RadAsyncUpload that can result in file uploads in a limited location and/or remote code execution...
VulnCheck KEV: CVE-2020-1054
Microsoft Win32k contains a privilege escalation vulnerability when the Windows kernel-mode driver fails to properly handle objects in memory. Successful exploitation allows an attacker to execute code in kernel mode...
VulnCheck KEV: CVE-2020-15999
Google Chrome uses FreeType, an open-source software library to render fonts, which contains a heap buffer overflow vulnerability in the function LoadSBitPng when processing PNG images embedded into fonts. This vulnerability is part of an exploit chain with CVE-2020-17087 on Windows and...
VulnCheck KEV: CVE-2020-36725
The TI WooCommerce Wishlist and TI WooCommerce Wishlist Pro plugins for WordPress are vulnerable to an Options Change vulnerability in versions up to, and including, 1.21.11 and 1.21.4 via the 'ti-woocommerce-wishlist/includes/export.class.php' file. This makes it possible for authenticated...
VulnCheck KEV: CVE-2013-2618
Cross-site scripting XSS vulnerability in editor.php in Network Weathermap before 0.97b allows remote attackers to inject arbitrary web script or HTML via the maptitle parameter...
VulnCheck KEV: CVE-2018-12808
Adobe Acrobat and Reader versions 2018.011.20055 and earlier, 2017.011.30096 and earlier, and 2015.006.30434 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution...
VulnCheck KEV: CVE-2018-8389
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from...
VulnCheck KEV: CVE-2019-7276
Optergy Proton/Enterprise devices allow Remote Root Code Execution via a Backdoor Console...
VulnCheck KEV: CVE-2018-19276
OpenMRS before 2.24.0 is affected by an Insecure Object Deserialization vulnerability that allows an unauthenticated user to execute arbitrary commands on the targeted system via crafted XML data in a request body...