Vulnerability Index: Year 2018
Use-after-free vulnerability in older versions of PHP allows remote code execution
Memory Corruption and Denial of Service Vulnerability in Juniper Networks Junos OS
Denial of Service Vulnerability in Juniper Networks Junos OS
High CPU Consumption Denial of Service Vulnerability in Junos OS
Vulnerability: Traffic Forwarding Instead of Dropping on QFX and EX Series Switches
Vulnerability: Denial of Service in BBE Subscriber Management Daemon due to VLAN Authentication Requests
Denial of Service and Code Injection Vulnerability in Junos OS
Unauthenticated Root Login Vulnerability in Juniper Networks Junos OS
Firewall Bypass Vulnerability in Juniper Networks SRX Series Devices
Unauthorized SSH Access Vulnerability in Juniper Networks Junos Space Security Director
Reflected XSS Vulnerability in Junos Space: Remote Code Injection and Data Theft
Privilege Escalation Vulnerability in Junos Space
Authenticated File Retrieval Vulnerability in Juniper Networks Junos Space Network Management Platform
Memory Leakage Vulnerability in Juniper Networks ScreenOS Devices
Unrestricted Access to AppFormix Debug Console Allows Execution of System Commands with Root Privilege
Junos OS CLNP Datagram Vulnerability
Denial of Service Vulnerability in Junos OS NAT-PT Feature on SRX Series Devices
Vulnerability: Bypassing Firewall Rules and Information Disclosure in SRX Series Devices with IDP Policies
Junos OS SNMP MIB-II Subagent Daemon (mib2d) Denial of Service Vulnerability
Vulnerability: Denial of Service in Junos OS due to Malformed BGP UPDATE
Vulnerability: Weak MacSec Key Configuration in Juniper Devices
MBuf Leak Vulnerability in Junos Devices with VPLS Routing
Insecure File and Directory Permissions in JSNAPy Automation Tool
Privilege Escalation Vulnerability in Juniper Networks Junos OS
Vulnerability: Credential Capture Risk in SRX Series Devices with HTTP/HTTPS Pass-Through Authentication
Stateless firewall filter configuration not taking effect after Junos OS device reboot or upgrade
Vulnerability: RSVP PATH Message DoS in Junos OS 16.1 versions prior to 16.1R3
Broadcast Storm Vulnerability in Junos OS 15.1 and Later Releases
Denial of Service Vulnerability in Juniper Networks Junos OS with MPC7/8/9 or PTX-FPC3 (FPC-P1, FPC-P2) and PTX1K
Vulnerability: Bypass of Stateless Firewall Filter via Crafted UDP/IP Packets over MPLS
Crafted BGP UPDATE Vulnerability in Junos OS
Denial of Service Vulnerability in Juniper Networks Junos OS JDHCPD Daemon
Unintended Open Network Install Environment (ONIE) Partition Vulnerability in QFX5200 and QFX10002 Devices
Vulnerability: Denial of Service and Remote Code Execution in Junos OS BGP NOTIFICATION Processing
Hardcoded Credentials in Juniper Networks Contrail Service Orchestration Allow Unauthorized Access to Cassandra
Hardcoded Credentials in Juniper Networks Contrail Service Orchestration Grafana Service
Hardcoded Cryptographic Certificates and Keys Vulnerability in Juniper Networks Contrail Service Orchestrator
Hardcoded Credentials in Juniper Networks Contrail Service Orchestration Allow Unauthorized Access to Keystone
Information Disclosure Vulnerability in Juniper Networks CSO Versions Prior to 4.0.0
Denial of Service and Remote Code Execution Vulnerability in Juniper Networks Junos OS
Insecure SSHD Configuration in Juniper NFX Series Devices Allows Remote Unauthenticated Access
Denial of Service and Remote Code Execution Vulnerability in Junos OS
Reflected Cross-Site Scripting Vulnerability in Juniper Networks Junos Space
Persistent Cross-Site Scripting Vulnerability in Junos Space Security Director
Memory Exhaustion Vulnerability in Juniper Routing Protocols Daemon (RPD) with JET Support
NULL Pointer Dereference Vulnerability in Juniper Networks Junos OS
Denial of Service Vulnerability in Juniper Networks Junos OS RPD
Denial of Service Vulnerability in Junos OS SIP ALG Component
Remote Unauthenticated Root Access via Enabled RSH Service and Disabled PAM Authentication on Junos OS
Authentication Bypass Vulnerability in Juniper Networks Junos OS on vSRX Series
Vulnerability: Egress Interface Congestion and Routing Protocol Packet Drops on QFX5000 Series and EX4600 Switches
Denial of Service Vulnerability in Junos OS DHCPv6 Server
L2ALD Daemon Crash Due to Duplicate MAC Address Vulnerability
Vulnerability: DHCP Option 50 IP Address Assignment Spoofing
Kernel Crash and Reboot Vulnerability in Junos OS 15.1 and Later on MX Series
Persistent Cross-Site Scripting Vulnerability in Juniper Networks ScreenOS 6.3.0
Improper Input Validation Vulnerability in Juniper Networks Junos OS
Denial of Service Vulnerability in Junos OS Telnetd Service
Denial of Service Vulnerability in J-Web Service
Denial of Service (DoS) Vulnerability in Junos OS 17.3R3
Cisco Unified Customer Voice Portal Application Server Denial of Service Vulnerability
Cisco Web Security Appliance (WSA) FTP Server Authentication Bypass Vulnerability
Cisco Industrial Ethernet 4010 Series Switches CLI Command Vulnerability
Unauthenticated Remote Access Vulnerability in Cisco Policy Suite (CPS) PCRF
Cisco NX-OS System Software Management Interface ACL Bypass Vulnerability
Cisco Identity Services Engine (ISE) Web-Based Management Interface DOM Cross-Site Scripting Vulnerability
Vulnerability: Improper Deletion of User Accounts in Cisco NX-OS System Software
Cisco Web Security Appliance (WSA) Reflected Cross-Site Scripting (XSS) Vulnerability
IPv6 Ingress Packet Processing Vulnerability in Cisco UCS Central Software
Privilege Escalation Vulnerability in Cisco AsyncOS on Email Security and Content Security Appliances
Privilege Escalation in Cisco Prime Infrastructure's RBAC Functionality
Cisco Prime Infrastructure Open Redirect Vulnerability
Cross-Site Scripting (XSS) Vulnerability in Cisco WAP150 and WAP361 Access Points
Command Injection Vulnerability in Cisco D9800 Network Transport Receiver's Web Management GUI
XML External Entity (XXE) Injection Vulnerability in Cisco AnyConnect Secure Mobility Client Profile Editor
Cisco ASA SSL VPN Double Free Memory Vulnerability
Denial of Service Vulnerability in Cisco NX-OS Software Pong Tool
Buffer Overflow Vulnerability in Cisco WebEx Network Recording Player for ARF Files
Remote Code Execution Vulnerability in Cisco WebEx Network Recording Player for ARF Files
Insufficient Protection of Database Tables in Cisco Unified Communications Manager Allows Unauthorized Data Access
ConfD Server Unauthorized Information Access Vulnerability
Unauthenticated Remote Code Execution Vulnerability in Cisco Prime Service Catalog
Out-of-Band XXE Injection Vulnerability in Cisco WebEx Meetings Server
Root Account Access Vulnerability in Cisco WebEx Meetings Server
Persistent Access Vulnerability in Cisco WebEx Meetings Server
Unauthenticated Remote Access Vulnerability in Cisco WebEx Meetings Server
Arbitrary Code Execution Vulnerability in Cisco WebEx Clients
Arbitrary Command Execution Vulnerability in Cisco UCS Central Software
Vulnerability: Token Re-signing Exploit in Cisco node-jose Library
Arbitrary Command Execution Vulnerability in Cisco StarOS CLI
Cisco Policy Suite RADIUS Authentication Bypass Vulnerability
Cisco Virtualized Packet Core-Distributed Instance (VPC-DI) Software Denial of Service Vulnerability
Cross-Site Scripting (XSS) Vulnerability in Cisco Unified Communications Manager Web Interface
Improper Display of User-Account Tokens in Cisco Spark Account Services
SQL Injection Vulnerability in Cisco Unified Communications Manager
Authentication Bypass Vulnerability in Cisco Elastic Services Controller Software
Vulnerability: Local File Overwrite in Cisco StarOS CLI
Cisco IOS and IOS XE Software Diagnostic Shell Path Traversal Vulnerability
Insecure Key Generation Vulnerability in Cisco Unified Communications Domain Manager
Arbitrary Code Execution and Root Privilege Vulnerability in Cisco RV132W and RV134W Routers
Unauthenticated Remote Access to Configuration Parameters in Cisco RV132W and RV134W Routers
Cisco Data Center Analytics Framework Web Interface XSS Vulnerability
Cisco Data Center Analytics Framework Web Interface XSS Vulnerability
Vulnerability in Cisco Elastic Services Controller Software Allows Unauthorized Administrative Access
RSA-Encrypted Nonce Disclosure Vulnerability in Cisco IOS Software and Cisco IOS XE Software
Cisco IOS XR Software FIB Code Denial of Service Vulnerability
Cisco Policy Suite RADIUS Authentication Module Username Validity Disclosure Vulnerability
Cisco Unified Communications Manager Information Disclosure Vulnerability
IPv6 Fragment Header Extension Vulnerability in Cisco ASR 9000 Series
Cisco Prime Network TCP Throttling Denial of Service Vulnerability
Cisco Firepower System Software: Bypass of File Policies via BitTorrent Protocol
Cisco Unified Customer Voice Portal (CVP) IVR Connection Disconnection Denial of Service Vulnerability
Authenticated Remote Attacker Can Bypass Spam Quarantine in Cisco Email Security Appliance and Cisco Content Security Management Appliance
Hard-coded Account Password Vulnerability in Cisco Prime Collaboration Provisioning (PCP) Software 11.6
Cross-Site Scripting (XSS) Vulnerability in Cisco Prime Data Center Network Manager
Cisco Data Center Analytics Framework Application Reflected XSS Vulnerability
Cross-Site Request Forgery (CSRF) Vulnerability in Cisco Data Center Analytics Framework Application
Java Deserialization Remote Code Execution Vulnerability in Cisco Secure Access Control System (ACS)
Cross-Site Request Forgery Vulnerability in Cisco UCS Director and IMC Supervisor Software
DOM-based Stored XSS Vulnerability in Cisco Integrated Management Controller Supervisor Software and Cisco UCS Director Software
Static Credential Vulnerability in Cisco IOS XE Software
Cisco IOS and IOS XE Software QoS Subsystem Buffer Overflow Vulnerability
Privilege Escalation Vulnerability in Cisco IOS XE Software
Denial of Service Vulnerability in Cisco Integrated Services Module for VPN (ISM-VPN)
Cisco Catalyst 4500 and 4500-X Series Switches BFD DoS Vulnerability
Cisco Smart Install Remote Code Execution Vulnerability
Zone-Based Firewall Code Denial of Service Vulnerability in Cisco IOS XE Software
IKEv2 Memory Leak and Reload Vulnerability
IKEv1 Implementation Vulnerability in Cisco IOS Software and Cisco IOS XE Software Allows Remote DoS Attack
Cisco IOS XE Software SNMP Double Free Vulnerability
GET MIB Object ID Denial of Service Vulnerability in Cisco Catalyst Switches
Cisco IOS Software 802.1x Multi-Auth Bypass Vulnerability
Vulnerability in Cisco IOS XE Software Allows Interface Queue Wedge via Crafted IPv6 Packets
Cisco IOS XE Software IGMP Packet-Processing Memory Leak Vulnerability
Buffer Overflow Vulnerabilities in Cisco LLDP Subsystem
Multiple Privilege Escalation Vulnerabilities in Cisco IOS XE Software
Cisco IOS XE Software Vulnerability: Denial of Service in Cisco Umbrella Integration
Smart Install Remote Code Execution Vulnerability
Cisco IOS Software and Cisco IOS XE Software DHCP Option 82 Encapsulation Functionality Denial of Service Vulnerability
Cisco IOS Software and Cisco IOS XE Software DHCPv4 Option 82 Information Restoration Denial of Service Vulnerability
Cisco IOS and IOS XE Software DHCP Option 82 Encapsulation DoS Vulnerability
LLDP Subsystem Format String Vulnerability
Multiple Privilege Escalation Vulnerabilities in Cisco IOS XE Software
Denial of Service Vulnerability in Cisco Catalyst 3850 and 3650 Series Switches
Denial of Service Vulnerabilities in Cisco IOS Software Login Enhancements
Denial of Service Vulnerabilities in Cisco IOS Software Login Enhancements
Improper Authentication Vulnerability in Cisco Policy Suite for Mobile and Diameter Routing Agent Software
Arbitrary Command Injection Vulnerabilities in Cisco IOS XE Software
Vulnerability in Cisco IOS XE Software CLI Parser Allows Unauthorized Access and Command Execution
Vulnerability in Cisco IOS XE Software CLI Parser Allows Unauthorized Access and Arbitrary Command Execution
Arbitrary Command Injection Vulnerabilities in Cisco IOS XE Software
Multiple Cross-Site Scripting (XSS) Vulnerabilities in Cisco IOS XE Software Web UI
Title: Cisco Identity Services Engine (ISE) Admin Portal Vulnerability: Unauthorized Access to Privileged Account Information
Cross-Site Scripting (XSS) Vulnerabilities in Cisco IOS XE Software Web UI
Recursive Route Injection Vulnerability in Cisco IOS Software and Cisco IOS XE Software
Multiple Cross-Site Scripting (XSS) Vulnerabilities in Cisco IOS XE Software Web UI
Arbitrary Command Injection Vulnerabilities in Cisco IOS XE Software
Arbitrary Command Injection Vulnerabilities in Cisco IOS XE Software
Cisco IOS XE Software REST API Authorization Bypass Vulnerability
Arbitrary File Write Vulnerability in Cisco IOS XE Software Web UI
Vulnerability in VLAN Trunking Protocol (VTP) Subsystem of Cisco IOS Software and Cisco IOS XE Software Allows for Database Corruption and Denial of Service
Insufficient Protection of Database Tables in Cisco Unified Communications Manager Allows Unauthorized Data Access
Cross-Site Scripting (XSS) Vulnerability in Cisco Jabber Client Framework (JCF) Allows Remote Code Execution
Reflected Cross-Site Scripting (XSS) Vulnerability in Cisco Prime Service Catalog
Cisco Jabber Client Framework (JCF) Cross-Site Scripting (XSS) Vulnerability
Denial of Service (DoS) Vulnerability in ClamAV PDF Parsing
Cisco Unity Connection SMTP Relay Mail Relay Vulnerability
Weak Login Controls in Cisco Prime Collaboration Provisioning Tool Web Portal Allows for Denial of Service Attacks
Cross-Site Scripting (XSS) Vulnerability in Cisco Prime Collaboration Provisioning Tool
Cisco Unified Communications Manager Web-Based Management Interface Reflected Cross-Site Scripting Vulnerability
Cisco Secure Access Control Server XML External Entities (XXE) Vulnerability
Cisco Registered Envelope Service Cross-Site Scripting Vulnerability
Cisco 550X Series Stackable Managed Switches SNMP DoS Vulnerability
Cross-Site Request Forgery (CSRF) Vulnerability in Cisco Data Center Network Manager
Cisco Identity Services Engine CLI Command Input Validation Vulnerability
Cisco Identity Services Engine (ISE) Web-Based Management Interface Cross-Site Scripting (XSS) Vulnerability
Cisco Identity Services Engine (ISE) Credential Reset Functionality Privilege Escalation Vulnerability
Cisco ISE Command Injection Vulnerability
Cisco Identity Services Engine (ISE) Web Management Interface Cross-Site Request Forgery (CSRF) Vulnerability
Cisco Identity Services Engine (ISE) Web Management Interface Cross-Site Request Forgery (CSRF) Vulnerability
Command Injection Vulnerability in Cisco StarOS CLI
Cisco Secure Access Control Server XML External Entities (XXE) Vulnerability
Cisco UCS Director Web-Based Management Interface XSS Vulnerability
Cross-Site Scripting (XSS) Vulnerability in Cisco Videoscape AnyRes Live Web Interface
Cisco ISE CLI Command Injection Vulnerability
Undocumented Static User Credentials Vulnerability in Cisco DNA Center Software
Reflected Cross-Site Scripting Vulnerability in Cisco Security Manager's DesktopServlet
Arbitrary Command Execution Vulnerability in Cisco StarOS CLI
SQL Injection Vulnerability in Cisco AppDynamics App iQ Platform
Vulnerability in Default SSH User Account Management for Cisco Aironet Access Points
SSL VPN Client Certificate Authentication Bypass Vulnerability in Cisco ASA
Cisco ASA Ingress Flow Creation CPU Utilization DoS Vulnerability
Session Fixation Vulnerability in Cisco AnyConnect Secure Mobility Client, ASA Software, and FTD Software
Cisco Firepower Threat Defense (FTD) Software Denial of Service Vulnerability
Vulnerability in Cisco ASA and FTD Software Allows Remote DoS Attack
Cisco Firepower System Software SSL Packet Reassembly Denial of Service Vulnerability
Cisco Aironet Access Points PPTP Denial of Service Vulnerability
Denial of Service Vulnerability in Cisco Wireless LAN Controller
Bypassing Malware Detection in Cisco AMP for Endpoints macOS Connector
Vulnerability in Role-Based Resource Checking Functionality of Cisco UCS Director
Interface Forwarding Denial of Service Vulnerability in Cisco StarOS for ASR 5700 Series and VPC System Software
Denial of Service Vulnerabilities in Cisco ASA and FTD Software
Cisco IOS XR Software UDP Broadcast Forwarding Function Denial of Service Vulnerability
Cisco Adaptive Security Appliance WebVPN Interface Cross-Site Scripting Vulnerability
Cisco Firepower System Software Vulnerability: Bypassing File Action Policy for SMB2 and SMB3 Protocols
Bypassing File Action Policy in Cisco Firepower System Software
Cisco 5500 and 8500 Series Wireless LAN Controller (WLC) Software REST API Information Disclosure Vulnerability
Vulnerability in Web Authentication Clients for Cisco Wireless LAN Controller and Aironet Access Points
Cisco Wireless LAN Controller (WLC) Software GUI Configuration DoS Vulnerability
Denial of Service Vulnerability in Cisco Aironet 1800 Series Access Points
Vulnerability in Central Web Authentication with FlexConnect Access Points for Cisco Aironet Series APs
Cross-Site Scripting (XSS) Vulnerability in Cisco ASA SSL VPN Portal
IPv4 Fragment Reassembly DoS Vulnerability in Cisco Wireless LAN Controllers
Arbitrary Command Execution Vulnerability in Cisco Secure ACS
Cisco Firepower System Software Detection Engine Bypass Vulnerability
Cross-Site Request Forgery (CSRF) Vulnerability in Cisco Industrial Ethernet Switches
Cisco Packet Data Network Gateway Denial of Service Vulnerability
Cisco IOS XE Software Denial of Service Vulnerability
Arbitrary File Upload Vulnerability in Cisco Prime Products
Cross-Site Request Forgery (CSRF) Vulnerability in Cisco MATE Collector Web Interface
Unauthenticated Remote Access to Sensitive Data in Cisco MATE Live Web Interface
Unauthenticated Remote Access Vulnerability in Cisco Meeting Server
Unauthenticated Access to Internal Interfaces in Cisco Meeting Server (CMS)
Vulnerability in Cisco WebEx Network Recording Player for ARF Files Allows Remote Code Execution
Insufficient Protection of Database Tables in Cisco Unified Communications Manager Web Framework
Insufficient Protection of Database Tables in Cisco Unified Communications Manager Web Framework
Insecure Default Configuration in Cisco DNA Center Allows Unauthorized Access and Privilege Escalation
Cisco DNA Center CORS Policy Overly Permissive Vulnerability
Cisco IoT-FND Web-Based Management Interface CSRF Vulnerability
Authentication Bypass Vulnerability in Cisco DNA Center API Gateway
Cisco Firepower System Software SSL Engine Denial of Service Vulnerability
Denial of Service (DoS) Vulnerability in Cisco StarOS IPsec Manager
Arbitrary Command Execution Vulnerability in Cisco Network Services Orchestrator (NSO) CLI Parser
Cisco Identity Services Engine (ISE) Support Tunnel Unauthorized Access Vulnerability
Cross-Site Scripting (XSS) Vulnerability in Cisco WebEx Connect IM
Cisco Identity Services Engine (ISE) EAP-TLS Certificate Validation Vulnerability
Improper Cross-Origin Domain Protection in Cisco Firepower System Software Management Console
Vulnerability in Cisco Enterprise NFVIS SCP Server Allows Unauthorized Shell Access
Cisco Meeting Server RTP Bitstream Processing Denial of Service Vulnerability
Cisco Firepower System Software TLS Connection Setup Vulnerability
Title: Cisco IOS and IOS XE Software TCP Socket Code Vulnerability: Remote Device Reload
Cisco Firepower System Software TLS TCP Connection Setup Vulnerability
Remote Code Execution Vulnerability in Cisco Meraki MR, MS, MX, Z1, and Z3 Devices
Exhaustion of Disk Space Vulnerability in Cisco Prime Service Catalog
Cisco IOS XR Software Netconf Interface Denial of Service Vulnerability
Arbitrary Code Execution Vulnerability in Cisco WebEx Network Recording Player for ARF Files
Memory Read Vulnerability in Cisco WebEx Recording Format (WRF) Player
Cross-Site Scripting Vulnerability in Cisco Identity Services Engine Logs Component
Denial of Service Vulnerability in Cisco SocialMiner TCP Stack
Cisco NX-OS SNMP Application Restart Vulnerability
Buffer Overflow Vulnerability in Cisco NX-OS Software Allows Arbitrary Code Execution and System Takeover
Vulnerability in Role-Based Access Control (RBAC) for Cisco NX-OS Software Allows Unauthorized Execution of CLI Commands
Unauthenticated Administrator Account Creation Vulnerability in Cisco FXOS and NX-OS Software
Cisco NX-OS Software BGP Update Message Denial of Service Vulnerability
Cisco ASA Web Interface Denial of Service and Information Disclosure Vulnerability
Cisco Firepower Threat Defense Software SSL Traffic Bypass Vulnerability
Buffer Overflow Vulnerability in Cisco FXOS and UCS Fabric Interconnect Software
Cisco NX-OS SNMP Reload Vulnerability
Arbitrary File Creation and Execution Vulnerability in Cisco FXOS
Buffer Overflow Vulnerability in Cisco NX-OS Software's NX-API Feature
Buffer Overflow Vulnerability in Cisco FXOS and UCS Fabric Interconnect Software
Vulnerability in Cisco Discovery Protocol Allows Arbitrary Code Execution or DoS
Cisco Fabric Services Component Vulnerability
Cisco Fabric Services Denial of Service Vulnerability
Command-Injection Vulnerability in Cisco NX-OS Software
Command-Injection Vulnerability in Cisco NX-OS Software Allows Arbitrary Command Execution
Cisco Fabric Services Remote Code Execution Vulnerability
Cisco NX-OS CLI Command and SNMP MIB Memory Exhaustion Vulnerability
Cisco Fabric Services Component Vulnerability
Cisco Fabric Services Denial of Service Vulnerability
Cisco Fabric Services Remote Code Execution Vulnerability
Command-injection exploit in Cisco NX-OS Software's NX-API feature
Arbitrary Code Execution Vulnerability in Cisco Fabric Services
Cisco IOS XE Software AAA Authentication Bypass Vulnerability
Cisco IP Phone SIP Call-Handling DoS Vulnerability
Privilege Escalation Vulnerability in Cisco Prime Collaboration Provisioning (PCP)
Insufficient Validation in Password Reset Function of Cisco Prime Collaboration Provisioning (PCP) Allows Unauthorized Access
Insufficient Validation in Password Recovery Function of Cisco Prime Collaboration Provisioning (PCP) Allows Unauthorized Access
Arbitrary SQL Query Execution Vulnerability in Cisco Prime Collaboration Provisioning (PCP)
Cisco Prime Collaboration Provisioning (PCP) Open RMI System Access Vulnerability
Vulnerability in Cisco Prime Collaboration Provisioning Allows Unauthorized Modification of Sensitive Data
Path Traversal Vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) Web Management Interface
Command Injection Vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS)
Cisco IP Phone SIP Call-Handling Denial of Service Vulnerability
Cross-Frame Scripting Vulnerability in Cisco TelePresence Server Software
Cross-Site Scripting (XSS) Vulnerability in Cisco Identity Services Engine (ISE) Web Framework
Cross-Site Scripting (XSS) Vulnerability in Cisco Unified Communications Manager and Cisco Unified Presence
SNMP Read Data Vulnerability in Cisco WAAS Software
Command Execution with Elevated Privileges in Cisco NX-OS Software via NX-API Vulnerability
Cisco Discovery Protocol Subsystem Denial of Service Vulnerability
SIP Ingress Packet Processing Denial of Service Vulnerability
Cisco FireSIGHT System Software VPN Configuration Bypass Vulnerability
Certificate Bypass Vulnerability in Cisco AnyConnect Network Access Manager and Secure Mobility Client
Improper Logging of Authentication Data in Cisco Prime Collaboration Provisioning
Privilege Escalation in Cisco Prime Collaboration Provisioning Batch Provisioning
Arbitrary Command Execution Vulnerability in Cisco NX-OS Software
Arbitrary Command Execution Vulnerability in Cisco UCS Software
Cisco Identity Services Engine (ISE) Web-Based Management Interface Cross-Site Scripting (XSS) Vulnerability
Cross-Site Scripting (XSS) Vulnerability in Cisco Unified Communications Manager (Unified CM) Web Framework
Command Injection Vulnerability in Cisco IP Phone Series
Cisco SD-WAN Solution Configuration and Monitoring Service Buffer Overflow Vulnerability
Cisco SD-WAN Solution Configuration and Management Service Vulnerability
Arbitrary Command Execution Vulnerability in Cisco SD-WAN Solution
Arbitrary Command Execution Vulnerability in Cisco SD-WAN Solution
Cisco SD-WAN Solution Zero Touch Provisioning Service Denial of Service Vulnerability
Arbitrary Command Injection Vulnerability in Cisco SD-WAN Zero Touch Provisioning (ZTP) Subsystem
Arbitrary Command Injection Vulnerability in Cisco SD-WAN CLI
Arbitrary File Overwrite Vulnerability in Cisco SD-WAN Solution
Arbitrary Command Injection Vulnerability in Cisco SD-WAN Solution
Arbitrary Command Injection Vulnerability in Cisco SD-WAN Solution's tcpdump Utility
Privilege Escalation Vulnerability in Cisco WAAS Disk Check Tool
Cisco Web Security Appliance (WSA) Vulnerability: Bypassing Layer 4 Traffic Monitor (L4TM) Functionality
Cross-Site Scripting (XSS) Vulnerability in Cisco Unity Connection Web Framework
Cross-Frame Scripting Vulnerability in Cisco Unified Communications Manager Web UI
Cross-Site Scripting (XSS) Vulnerability in Cisco WebEx Web Framework
Cross-Site Scripting (XSS) Vulnerability in Cisco WebEx Web Framework
Cisco TelePresence Video Communication Server (VCS) Expressway File Descriptor Handling Denial of Service Vulnerability
Session Fixation Vulnerability in Cisco Meeting Server Web-Based Management Interface
HWP Integer Overflow Vulnerability in ClamAV
PDF Object Length Check Vulnerability in ClamAV
BIOS Authentication Bypass Vulnerability in Cisco 5000 Series Enterprise Network Compute System and UCS E-Series Servers
Cross-Site Request Forgery Vulnerability in Cisco Unified Communications Manager IM & Presence Service
Cross-Site Request Forgery (CSRF) Vulnerability in Cisco Unified Communications Domain Manager
Cisco Firepower Management Center Cross-Site Request Forgery Vulnerability
Cisco Web Security Appliance (WSA) Reflected Cross-Site Scripting (XSS) Vulnerability
Cisco Registered Envelope Service Cross-Site Scripting (XSS) Vulnerability
Insufficient Security Restrictions in Cisco DNA Center Allow Unauthorized Access to Sensitive Log Files
Vulnerability in Cisco StarOS Reassembly Logic for Fragmented IPv4 Packets
Cisco Firepower System Software SSL Inspection Policy Memory Exhaustion Vulnerability
Denial of Service Vulnerability in Cisco Meeting Server Web Admin Interface
Cisco Nexus 9000 Series Fabric Switches DHCPv6 Memory Exhaustion Vulnerability
Denial of Service Vulnerability in Cisco AnyConnect Secure Mobility Client for Windows Desktop
Unauthenticated Remote Access Vulnerability in Cisco Policy Suite
Undocumented Static User Credentials Vulnerability in Cisco Policy Suite Cluster Manager
Unauthenticated Access Vulnerability in Cisco Policy Suite
Unauthenticated Remote Access Vulnerability in Cisco Policy Suite OSGi Interface
Denial of Service Vulnerability in Cisco Nexus Switches' Precision Time Protocol (PTP) Feature
Multiple Arbitrary Code Execution Vulnerabilities in Cisco Webex Network Recording Player
Multiple Vulnerabilities in Cisco Webex Network Recording Player for ARF and WRF Files
Denial of Service Vulnerability in Cisco Aironet Series Access Points Software
Session Hijacking Vulnerability in Cisco Wireless LAN Controller (WLC) Software
Cisco FireSIGHT System Software FTP File Policy Bypass Vulnerability
Cisco FireSIGHT System Software URL-Based Access Control Bypass Vulnerability
Cisco Firepower System Software SSL Parsing DoS Vulnerability
Cross-Site Scripting (XSS) Vulnerability in Cisco Unified Communications Domain Manager Software
Arbitrary Code Execution Vulnerability in Cisco Webex Teams
Cross-Site Scripting (XSS) Vulnerability in Cisco Wireless LAN Controller (WLC) Software
Cisco Small Business SPA514G IP Phones Denial of Service Vulnerability
DOM-based XSS Vulnerability in Cisco Webex Web Framework
Cisco Prime Collaboration Provisioning Password Change DoS Vulnerability
Insufficient Access Control Permissions in Cisco Policy Suite CLI
Policy Builder Interface Authorization Bypass Vulnerability
Remote Code Execution Vulnerability in Cisco Cloud Services Platform 2100
Denial of Service Vulnerability in Cisco FXOS and NX-OS Software via LLDP
Cross-Site Scripting (XSS) Vulnerability in Cisco Unified Communications Manager IM and Presence Service Software
Denial of Service Vulnerability in Cisco AMP for Endpoints Mac Connector Software on Apple macOS 10.12
Cisco Finesse Web Management Interface SSRF Vulnerability
Cleartext Password Retrieval Vulnerability in Cisco Finesse Web Interface
Cross-Site Scripting (XSS) Vulnerabilities in Cisco Unified Contact Center Express (Unified CCX) Web Interface
Cross-Site Scripting (XSS) Vulnerabilities in Cisco Unified Contact Center Express (Unified CCX) Web Interface
Cross-Site Request Forgery Vulnerability in Cisco Unified Contact Center Express (Unified CCX) Web Interface
Cleartext Password Retrieval Vulnerability in Cisco Unified Contact Center Express
Arbitrary SQL Query Execution Vulnerability in Cisco RV180W and RV220W Routers
Directory Path Traversal Vulnerability in Cisco RV180W and RV220W Routers
Cisco Web Security Appliance (WSA) Web-Based Management Interface XSS Vulnerability
Persistent XSS Vulnerability in Cisco Small Business 300 Series Managed Switches
Reflected Cross-Site Scripting (XSS) Vulnerability in Cisco Small Business 300 Series Managed Switches
Denial of Service Vulnerability in Cisco Unified Communications Manager and TelePresence Server
Cisco AsyncOS Software Web Proxy Denial of Service Vulnerability
Cisco Unified Communications Manager Web-Based Management Interface Reflected Cross-Site Scripting Vulnerability
EAPOL Downgrade Vulnerability in Cisco Small Business Wireless Access Points
Cisco Identity Services Engine (ISE) Web Management Interface Cross-Site Request Forgery (CSRF) Vulnerability
Cisco Secure Access Control Server XML External Entities (XXE) Vulnerability
EAPOL Denial of Service Vulnerability in Cisco Small Business Wireless Access Points
Cisco Wireless LAN Controller (WLC) Software Web Interface Information Disclosure Vulnerability
TACACS Authentication Bypass Vulnerability in Cisco Wireless LAN Controller Software
Cisco ASR 9000 Series Aggregation Services Router Software LPTS DoS Vulnerability
Bypassing Attachment Filtering in Cisco Email Security Appliances (ESA)
Directory Traversal Vulnerability in Cisco Wireless LAN Controller Software Allows Unauthorized Access to Sensitive Information
Cisco Prime Access Registrar TCP SYN Packet Handling Denial of Service Vulnerability
Vulnerability in Cisco Webex Meetings Client for Windows Allows Local Privilege Escalation and Remote Code Execution
Buffer Overflow Vulnerability in Cisco RV Series Routers
Arbitrary Command Execution Vulnerability in Cisco RV Series Routers
Improper Access Control in Cisco RV Series Routers
Directory Traversal Vulnerability in Cisco RV Series Routers
Command Injection Vulnerability in Cisco DNA Center CronJob Scheduler API
Privilege Escalation Vulnerability in Cisco Web Security Appliance (WSA)
Cisco Thor Decoder Stack-based Buffer Overflow Vulnerability
Arbitrary Command Execution Vulnerability in Cisco IMC Software
Arbitrary Command Execution Vulnerability in Cisco IMC Software
Cisco SD-WAN Solution Error Reporting Feature Privilege Escalation Vulnerability
Arbitrary Command Injection Vulnerability in Cisco SD-WAN Solution CLI
Zero Touch Provisioning Vulnerability: Unauthorized Access to Sensitive Data in Cisco SD-WAN Solution
Insufficient Authentication Configurations in Cisco Umbrella API: Cross-Organization Data Exposure and Modification Vulnerability
Cross-Organization Data Access and Modification Vulnerability in Cisco Webex Teams
Privilege Escalation Vulnerability in Cisco Umbrella Enterprise Roaming Client (ERC)
Privilege Escalation Vulnerability in Cisco Umbrella Enterprise Roaming Client (ERC)
Cross-Site Request Forgery (CSRF) Vulnerability in Cisco Meeting Server Web Management Interface
Command Execution Vulnerability in Cisco Data Center Network Manager
Denial of Service (DoS) Vulnerability in Cisco IOS Access Points Software
CAPWAP Protocol Memory Disclosure Vulnerability
CAPWAP Protocol Denial of Service Vulnerability
Stored XSS Vulnerability in Cisco Packaged Contact Center Enterprise Web-Based Management Interface
CSRF Vulnerability in Cisco Packaged Contact Center Enterprise Web Management Interface
Cross-Site Request Forgery (CSRF) Vulnerability in Cisco Industrial Network Director
Bypassing Content Filters in Cisco Email Security Appliance
Critical Authentication Bypass Vulnerability in Cisco DNA Center's Identity Management Service
Cisco Jabber Client Framework (JCF) Local File Corruption Vulnerability
Cross-Site Scripting (XSS) Vulnerability in Cisco Data Center Network Manager
Cross-Site Request Forgery (CSRF) Vulnerability in Cisco Tetration Analytics Web Management Interface
Cross-Site Scripting (XSS) Vulnerability in Cisco Tetration Analytics Web Interface
Vulnerability in Cisco Firepower System Software Allows Unauthorized Execution of CLI Commands with Root Privileges
Command Injection Vulnerability in Cisco Cloud Services Platform 2100 Web Management Interface
Cisco Firepower System Software SMBv2 and SMBv3 Protocol Implementation Memory Exhaustion Vulnerability
Cisco NX-OS Software SNMP Packet Processor Denial of Service Vulnerability
Cisco Webex Player Denial of Service Vulnerability
Cross-Site Scripting (XSS) Vulnerability in Cisco Prime Collaboration Assurance Web Interface
Insufficient Authorization Checks in Cisco Enterprise NFVIS Web Interface Allow Remote Reboot or Shutdown
File Read Vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) REST API
Arbitrary Script Injection Vulnerability in Cisco IP Phone 8800 Series Software
Cisco Enterprise NFV Infrastructure Software (NFVIS) User Management DoS Vulnerability
Incomplete Validation in Cisco Network Plug and Play Server Component Allows Unauthorized Access to Configuration Data
Directory Traversal Vulnerability in Cisco Data Center Network Manager Software
Cross-Site Scripting (XSS) Vulnerability in Cisco Small Business 300 Series Managed Switches
OSPFv3 Denial of Service Vulnerability
IPv6 Hop-by-Hop Options Handling Vulnerability in Cisco IOS and IOS XE Software
Unchanged Default Access Credentials in Cisco Energy Management Suite (CEMS) PostgreSQL Database
Double-Free-In-Memory Handling Vulnerability in Cisco IOS XE Software
Buffer Overflow Vulnerability in Cisco IOS XE Software Web Framework
Cisco IOS XE Software CDP Memory Leak Vulnerability
IPsec Driver Code Vulnerability: Remote Device Reload Exploit
Cisco IOS Software Precision Time Protocol Denial of Service Vulnerability
Cisco Unified Communications Manager Web Interface Vulnerability: Clear Text Digest Credentials Exposure
Cluster Management Protocol (CMP) Message Denial of Service Vulnerability
Cisco IOS XE Software NAT SIP ALG Reload Vulnerability
Privilege Escalation Vulnerability in Cisco IOS XE Software
Race condition vulnerability in Cisco IOS XE Software's errdisable per VLAN feature leads to DoS
Privilege Escalation Vulnerability in Cisco IOS XE Software
Stored XSS Vulnerability in Cisco Prime Network Control System
Cisco Jabber Client Framework (JCF) Cross-Site Scripting (XSS) Vulnerability
Vulnerability: Unauthorized SSH Access to Cisco IOS and IOS XE Devices via VRF Instance
Denial of Service Vulnerability in Cisco ISR G2 and ISR4451-X Routers
XMLTooling-C Vulnerability: Remote Information Disclosure and Impersonation via Crafted DTD
Buffer Overflow Vulnerability in ARM mbed TLS
Remote Code Execution and Heap Corruption Vulnerability in ARM mbed TLS
XML Signature Wrapping Vulnerability in Shibboleth XMLTooling-C
Directory-authority protocol-list subprotocol mishandles misformatted relay descriptor leading to denial of service
Use-After-Free Vulnerability in Tor 0.3.2.x Allows Remote Denial of Service
Race Condition Vulnerability in Johnathan Nightingale Beep through 1.3.4 Allows Local Privilege Escalation
Use-after-free vulnerability in remctld before 3.14 allows for arbitrary command execution
Cookie Injection Vulnerability in GNU Wget before 1.19.5
Memory-cache side-channel vulnerability in Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 during ECDSA signature signing process (ROHNP)
Arbitrary File Overwrite Vulnerability in D-Mod Extractor
Timing-based side-channel attack vulnerability in ARM mbed TLS
Cache-based Side-Channel Attack on ARM mbed TLS
Incomplete HTML Escaping in Xapian::MSet::snippet() Leads to Cross-Site Scripting Vulnerability
Heap-based Buffer Overflow in Curl SMTP Escape EOB Function
APT InRelease File Verification Vulnerability
Potential Command Injection Vulnerability in zsh
Rate Limit Override Vulnerability in Mediawiki 1.31
Information Disclosure Vulnerability in Mediawiki's Special:Redirect/logid
BotPasswords Bypassing CentralAuth Account Lock Vulnerability
Arbitrary OS Command Execution Vulnerability in Nootka 1.4.4 and Earlier
Untrusted Search Path Vulnerability in FLET'S VIRUS CLEAR Easy Setup & Application Tool ver.11 and Earlier: Privilege Escalation via Trojan Horse DLL
Arbitrary Web Script Injection Vulnerability in EPG Search Result Viewer (kkcald) 0.7.21 and Earlier
CSRF Vulnerability in epg search result viewer (kkcald) 0.7.21 and Earlier
Buffer Overflow Vulnerability in EPG Search Result Viewer (kkcald) 0.7.19 and Earlier
Arbitrary Code Injection Vulnerability in WP Retina 2x Plugin
Arbitrary OS Command Execution Vulnerability in I-O DATA DEVICE's MagicalFinder
Arbitrary Web Script Injection Vulnerability in MTS Simple Booking C and MTS Simple Booking Business
Arbitrary OS Command Execution in MP Form Mail CGI eCommerce Edition Ver 2.0.13 and Earlier
Untrusted Search Path Vulnerability in FLET'S Azukeru Backup Tool v1.5.2.6 and Earlier
Untrusted Search Path Vulnerability in FLET'S v4/v6 Address Selection Tool
Untrusted Search Path Vulnerability in Anshin Net Security for Windows Version 16.0.1.44 and Earlier
Unverified X.509 Certificate Vulnerability in LINE for iOS 7.1.3 to 7.1.5
Cross-Site Scripting Vulnerability in FS010W Firmware FS010W_00_V1.3.0 and Earlier
CSRF Vulnerability in FS010W Firmware Allows Authentication Hijacking
Authentication Bypass and Command Execution Vulnerability in Buffalo WXR-1900DHP2 Firmware Ver.2.48 and Earlier
Arbitrary Code Execution Vulnerability in Buffalo WXR-1900DHP2 Firmware Ver.2.48 and Earlier
Arbitrary OS Command Execution Vulnerability in Buffalo WXR-1900DHP2 Firmware Ver.2.48 and Earlier
Remote Code Execution Vulnerability in Jubatus 1.0.2 and Earlier
Arbitrary File Read Vulnerability in Jubatus 1.0.2 and Earlier
Remote Image Display Vulnerability in Cybozu Office 10.0.0 to 10.7.0
Arbitrary Web Script Injection Vulnerability in Cybozu Office 10.0.0 to 10.7.0
Authentication Bypass Vulnerability in Cybozu Office 10.0.0 to 10.7.0
Denial of Service Vulnerability in Cybozu Office 10.0.0 to 10.7.0
Cybozu Garoon SQL Injection Vulnerability
Access Privilege Bypass in Cybozu Garoon 3.0.0 to 4.2.6
Access Restriction Bypass Vulnerability in Cybozu Garoon 3.0.0 to 4.2.6
Access Restriction Bypass Vulnerability in Cybozu Garoon 3.0.0 to 4.2.6
Unspecified Cross-Site Scripting Vulnerability in ArsenoL Version 0.5
Cross-Site Scripting Vulnerability in PHP 2chBBS Version bbs18c
Cross-Site Scripting Vulnerability in QQQ SYSTEMS ver2.24 via quiz.cgi
Cross-Site Scripting Vulnerability in QQQ SYSTEMS ver2.24 via quiz_op.cgi
Cross-Site Scripting Vulnerability in QQQ SYSTEMS ver2.24
Arbitrary Command Execution Vulnerability in QQQ SYSTEMS Version 2.24
Untrusted Search Path Vulnerability in ViX Version 2.21.148.0
Buffer Overflow Vulnerability in Tiny FTP Daemon Ver0.52d
Arbitrary File Read Vulnerability in WebProxy Version 1.7.8
Untrusted Search Path Vulnerability in Jtrim Installer
Untrusted Search Path Vulnerability in WinShot Installer Allows Privilege Escalation
Arbitrary OS Command Execution in LXR Versions 1.0.0 to 2.3.0
Arbitrary Code Injection Vulnerability in WP All Import Plugin for WordPress
Arbitrary Code Injection Vulnerability in WP All Import Plugin for WordPress
Bypassing Access Restriction to View Closed Space Title in Cybozu Garoon 4.0.0 to 4.6.0
Arbitrary Code Injection Vulnerability in Cybozu Garoon 3.0.0 to 4.6.0
Access Restriction Bypass Vulnerability in Cybozu Garoon 3.5.0 to 4.6.1
Arbitrary Code Injection Vulnerability in Cybozu Garoon 3.0.0 to 4.6.1
Untrusted Search Path Vulnerability in PhishWall Client Firefox and Chrome Edition for Windows Ver. 5.1.26 and Earlier
Unverified SSL Certificates in iRemoconWiFi App for Android Allow Man-in-the-Middle Attacks
Authentication Bypass and Command Execution Vulnerability in Buffalo WZR-1750DHP2 Ver.2.30 and Earlier
Arbitrary Code Execution Vulnerability in Buffalo WZR-1750DHP2 Ver.2.30 and Earlier
Arbitrary OS Command Execution Vulnerability in Buffalo WZR-1750DHP2 Ver.2.30 and Earlier
Stored Cross-Site Scripting Vulnerability in Cybozu Mailwise 5.0.0 to 5.4.1: Arbitrary Web Script Injection in 'E-mail Details Screen'
Reflected Cross-Site Scripting Vulnerability in Cybozu Mailwise 5.0.0 to 5.4.1 via 'System Settings'
Arbitrary Web Script Injection Vulnerability in Cybozu Mailwise 5.0.0 to 5.4.1
Address Bar Spoofing Vulnerability in Hatena Bookmark App for iOS Version 3.0 to 3.70
Untrusted Search Path Vulnerability in PhishWall Client Internet Explorer Edition
Untrusted Search Path Vulnerability in SoundEngine Free Installer
Privilege Escalation via Untrusted Search Path Vulnerability in FLET'S VIRUS CLEAR Easy Setup & Application Tool
Session Fixation Vulnerability in EC-CUBE (versions 3.0.0 to 3.0.15)
Arbitrary Web Script Injection Vulnerability in Cybozu Office 10.0.0 to 10.8.0
Authentication Bypass Vulnerability in Cybozu Office 10.0.0 to 10.8.0
Access Restriction Bypass Vulnerability in Cybozu Office 10.0.0 to 10.8.0
Arbitrary PHP Code Execution Vulnerability in SiteBridge Inc. Joruri Gw Ver 3.2.0 and Earlier
Arbitrary OS Command Execution in baserCMS (Versions 4.1.0.1 and earlier, 3.0.15 and earlier)
Arbitrary Web Script Injection Vulnerability in baserCMS
Arbitrary File Upload Vulnerability in baserCMS
Access Restriction Bypass in baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions
Access Restriction Bypass Vulnerability in baserCMS
Arbitrary Web Script Injection Vulnerability in baserCMS
Remote File Disclosure Vulnerability in baserCMS
Cross-Site Scripting Vulnerability in Events Manager Plugin for WordPress (prior to version 5.9)
Arbitrary Code Injection Vulnerability in WP Google Map Plugin
Arbitrary Code Injection Vulnerability in PixelYourSite Plugin for WordPress
Arbitrary Code Injection Vulnerability in Open Graph for Facebook, Google+, and Twitter Card Tags Plugin for WordPress
Untrusted search path vulnerability in CELSYS, Inc CLIP STUDIO series: Remote privilege escalation via Trojan horse DLL
Cross-site Scripting Vulnerability in ASUS RT-AC87U Firmware (prior to version 3.0.0.4.378.9383)
Arbitrary Code Injection Vulnerability in ASUS RT-AC68U Firmware
Cross-site Scripting Vulnerability in ASUS RT-AC1200HP Firmware
Authentication Bypass Vulnerability in IIJ SmartKey App for Android Version 2.1.0 and Earlier
Arbitrary Code Injection Vulnerability in Ultimate Member Plugin for WordPress
Directory Traversal Vulnerability in Ultimate Member Plugin for WordPress (Versions prior to 2.0.4)
Unrestricted File Upload Vulnerability in Ultimate Member Plugin for WordPress
Directory Traversal Vulnerability in Ultimate Member Plugin for WordPress (Versions prior to 2.0.4)
Bypassing Access Restriction in Ultimate Member Plugin for WordPress
Bypassing Access Restriction in Ultimate Member Plugin for WordPress
Unverified SSL Certificates Vulnerability in KINEPASS App
Untrusted Search Path Vulnerability in Microsoft OneDrive: Privilege Escalation via Trojan Horse DLL
Untrusted Search Path Vulnerability in Microsoft OneDrive Installer
Untrusted Search Path Vulnerability in Skype for Windows
Untrusted Search Path Vulnerability in Skype Installer for Windows
Untrusted Search Path Vulnerability in Visual Studio Community Installer
Untrusted Search Path Vulnerability in Visual Studio Code Installer
Untrusted Search Path Vulnerability in IExpress Self-Extracting Archives
Untrusted Search Path Vulnerability in Visual C++ Redistributable Installer
Untrusted Search Path Vulnerability in PlayMemories Home Installer
Untrusted Search Path Vulnerability in axpdfium v0.01
Arbitrary Code Injection in Email Subscribers & Newsletters Plugin
Cross-Site Scripting Vulnerability in Site Reviews Plugin (Versions prior to 2.15.3)
Remote Code Execution Vulnerability in Pixelpost v1.7.3 and Earlier
Cross-Site Scripting Vulnerability in Pixelpost v1.7.3 and Earlier
Pixelpost v1.7.3 and Earlier: Remote SQL Injection Vulnerability
SQL Injection Vulnerability in Cybozu Garoon Notifications Application
Buffer Overflow Vulnerability in H2O Version 2.2.4 and Earlier
Untrusted Search Path Vulnerability in LINE for Windows: Privilege Escalation via Trojan Horse DLL
Zenphoto 1.4.14 and Earlier: Local File Inclusion Vulnerability with Remote Code Execution and Information Disclosure
Unverified X.509 Certificates in ANA App for iOS Version 4.0.22 and Earlier
Arbitrary Code Injection in 5000 Trillion Yen Converter v1.0.6
Unspecified Remote Access Bypass Vulnerability in NEC Platforms Calsos CSDX and CSDJ Series Products
Arbitrary web script injection vulnerability in NEC Platforms Calsos CSDX and CSDJ series products
ChamaNet MemoCGI Directory Traversal Vulnerability
Cross-Site Scripting Vulnerability in Mailman 2.1.26 and Earlier
Privilege Escalation via Untrusted Search Path Vulnerability in Glary Utilities Installer
Untrusted Search Path Vulnerability in LOGICOOL Game Software Allows Privilege Escalation
Untrusted Search Path Vulnerability in LOGICOOL CONNECTION UTILITY SOFTWARE
Unverified SSL Certificates in DHC Online Shop App for Android Allow Man-in-the-Middle Attacks
Untrusted Search Path Vulnerability in Multiple Yayoi 17 Series Products
Untrusted Search Path Vulnerability in Multiple Yayoi 17 Series Products
Arbitrary OS Command Execution Vulnerability in Aterm WG1200HP Firmware Ver1.0.31 and Earlier
Arbitrary OS Command Execution Vulnerability in Aterm WG1200HP Firmware Ver1.0.31 and Earlier
Arbitrary OS Command Execution Vulnerability in Aterm WG1200HP Firmware Ver1.0.31 and Earlier
Arbitrary OS Command Execution Vulnerability in Aterm WG1200HP Firmware Ver1.0.31 and Earlier
Arbitrary OS Command Execution Vulnerability in Aterm W300P Ver1.0.13 and Earlier
Arbitrary OS Command Execution Vulnerability in Aterm W300P Ver1.0.13 and Earlier
Arbitrary OS Command Execution Vulnerability in Aterm W300P Ver1.0.13 and Earlier
Buffer Overflow Vulnerability in Aterm W300P Ver1.0.13 and Earlier: Arbitrary Code Execution via HTTP Request and Response
Buffer Overflow Vulnerability in Aterm W300P Ver1.0.13 and Earlier: Arbitrary Code Execution via submit-url Parameter
Arbitrary OS Command Execution in Aterm HC100RC Ver1.0.1 and Earlier
Arbitrary OS Command Execution Vulnerability in Aterm HC100RC Ver1.0.1 and Earlier
Arbitrary OS Command Execution in Aterm HC100RC Ver1.0.1 and Earlier
Arbitrary OS Command Execution in Aterm HC100RC Ver1.0.1 and Earlier via export.cgi encKey Parameter
Arbitrary OS Command Execution in Aterm HC100RC Ver1.0.1 and Earlier via import.cgi encKey Parameter
Arbitrary OS Command Execution in Aterm HC100RC Ver1.0.1 and Earlier
Buffer Overflow in Aterm HC100RC Ver1.0.1 and Earlier: Arbitrary Code Execution via netWizard.cgi Parameters
Buffer Overflow in Aterm HC100RC Ver1.0.1 and Earlier: Arbitrary Code Execution via tools_system.cgi Parameters
Arbitrary Script Injection in FV Flowplayer Video Player 6.1.2 to 6.6.4
Arbitrary OS Command Execution in Ubuntu14.04 ORCA (Online Receipt Computer Advantage) 4.8.0
Buffer Overflow Vulnerability in ORCA (Online Receipt Computer Advantage) Software
Remote PHP Code Execution Vulnerability in MTAppjQuery 1.8.1 and Earlier
Explzh v.7.58 Directory Traversal Vulnerability
CSRF Vulnerability in WL-330NUL Firmware Prior to 3.0.0.46
Untrusted Search Path Vulnerability in ChatWork Desktop App Installer for Windows
Untrusted Search Path Vulnerability in Canon IT Solutions Inc. Software Installers
Unverified SSL Certificates in LINE MUSIC for Android Allow Man-in-the-Middle Attacks
Buffer Overflow Vulnerability in YOKOGAWA Products' License Management Function
Arbitrary Code Injection Vulnerability in GROWI v.3.1.11 and Earlier
Arbitrary Code Injection through Cross-Site Scripting in GROWI v.3.1.11 and earlier
Arbitrary Code Injection Vulnerability in GROWI v.3.1.11 and Earlier
Arbitrary Code Injection via App Settings in GROWI v.3.1.11 and Earlier
Untrusted Search Path Vulnerability in Digital Paper App Installer
Arbitrary Web Script Injection Vulnerability in EC-CUBE and GMO-PG Payment Modules
Arbitrary PHP Code Execution Vulnerability in EC-CUBE and GMO-PG Payment Modules
Directory Traversal Vulnerability in Older Versions of Software Allows File Manipulation via Crafted ATC File
Arbitrary File Creation Vulnerability in Versions 2.8.4.0 and Earlier and 3.3.0.0 and Earlier via ATC File
Arbitrary OS Command Execution and Information Leakage in I-O DATA Network Cameras
Arbitrary Code Execution Vulnerability in I-O DATA Network Cameras
Hardcoded Credentials Vulnerability in I-O DATA Network Cameras
NoMachine App for Android 5.0.63 and earlier: Environment Variable Alteration Vulnerability
Arbitrary Script Injection in Yamaha Routers and NVR500
Arbitrary Script Injection Vulnerability in Yamaha Routers and NVR500
Untrusted Search Path Vulnerability in INplc SDK Installer
Buffer Overflow Vulnerability in INplc-RT 3.08 and Earlier: Remote Code Execution
Authentication Bypass Vulnerability in INplc-RT 3.08 and Earlier
Authentication Bypass Vulnerability in INplc-RT 3.08 and Earlier
Privilege Escalation Vulnerability in INplc-RT 3.08 and Earlier: Arbitrary Code Execution
Arbitrary Code Injection through Cross-Site Scripting in Movable Type versions prior to Ver. 6.3.1
Arbitrary File Read Vulnerability in Cybozu Garoon 3.5.0 to 4.6.3
Arbitrary Script Execution Vulnerability in AttacheCase ver.2.8.4.0 and Earlier
Arbitrary Script Execution Vulnerability in AttacheCase ver.3.3.0.0 and Earlier
Authentication Bypass and Arbitrary Command Execution in BN-SDWBP3 Firmware
Arbitrary OS Command Execution Vulnerability in BN-SDWBP3 Firmware Version 1.0.9 and Earlier
BN-SDWBP3 Firmware Buffer Overflow Vulnerability
Arbitrary Web Script Injection Vulnerability in FXC Inc. Network Devices
Hard-coded Credentials Vulnerability in Denbun by NEOJAPAN Inc.
Hard-coded Credentials Vulnerability in Denbun by NEOJAPAN Inc.
Session Management Vulnerability in Denbun by NEOJAPAN Inc. (Denbun POP version V3.3P R4.0 and earlier, Denbun IMAP version V3.3I R4.0 and earlier)
Buffer Overflow Vulnerability in Denbun POP and IMAP Versions V3.3P R4.0 and Earlier, Allowing Remote Code Execution or DoS via Cookie Data
Denbun Buffer Overflow Vulnerability in Multipart/Form-Data Parsing
Denbun POP Version V3.3P R4.0 and Earlier SQL Injection Vulnerability
Remote Code Execution Vulnerability in Denbun by NEOJAPAN Inc. (Versions V3.3P R4.0 and earlier, V3.3I R4.0 and earlier)
Arbitrary Web Script Injection Vulnerability in Denbun by NEOJAPAN Inc.
Open Redirect Vulnerability in SEIKO EPSON Printers and Scanners
HTTP Header Injection Vulnerability in SEIKO EPSON Printers and Scanners
Unvalidated Software Update Vulnerability in Music Center for PC: Potential for Man-in-the-Middle Attack and File Injection
Insecure SSL Certificate Verification in Multiple +Message Apps
Untrusted Search Path Vulnerability in Baidu Browser Version 43.23.1000.500 and Earlier
Arbitrary File Upload Vulnerability in FileZen V3.0.0 to V4.2.1
Arbitrary OS Command Execution in FileZen V3.0.0 to V4.2.1
Arbitrary Web Script Injection Vulnerability in User-friendly SVN (USVN) Version 1.0.7 and Earlier
Session Management Vulnerability in OpenAM (Open Source Edition) 13.0 and later
Arbitrary Web Script Injection Vulnerability in Metabase 0.29.3 and Earlier
Arbitrary Web Script Injection Vulnerability in GROWI v3.2.3 and Earlier
Arbitrary Web Script Injection Vulnerability in YukiWiki 2.1.3 and Earlier
YukiWiki 2.1.3 and Earlier Denial of Service Vulnerability
Network Access Bypass Vulnerability in BlueStacks App Player
Arbitrary File Deletion Vulnerability in Cybozu Mailwise 5.0.0 to 5.4.5
Arbitrary File Deletion Vulnerability in Cybozu Office 10.0.0 to 10.8.1
Cybozu Office Directory Traversal Vulnerability
Cybozu Dezie 8.0.2 to 8.1.2 Directory Traversal Vulnerability
Authentication Bypass Vulnerability in QNAP Q'center Virtual Appliance
Command Injection Vulnerability in QNAP Q'center Virtual Appliance 1.7.1063 and Earlier: Arbitrary Command Execution
Command Injection Vulnerability in QNAP Q'center Virtual Appliance 1.7.1063 and Earlier: Arbitrary Command Execution
Command Injection Vulnerability in QNAP Q'center Virtual Appliance 1.7.1063 and Earlier
Critical Command Injection Vulnerability in QNAP Q'center Virtual Appliance 1.7.1063 and Earlier
Arbitrary Web Script Injection Vulnerability in QNAP QTS 4.3.3 and 4.3.4
Remote Command Injection Vulnerability in QNAP QTS LDAP Server
Remote Command Injection Vulnerability in Helpdesk Versions 1.1.21 and Earlier in QNAP QTS
Remote Code Injection Vulnerability in QNAP Photo Station 5.7.0 and Earlier
QTS Qsync Central Cross-Site Scripting Vulnerability
Remote Command Injection Vulnerability in Music Station 5.1.2 and Earlier Versions in QNAP QTS 4.3.3 and 4.3.4
XSS Vulnerability in QNAP Systems Inc. QTS NAS Devices
Critical Buffer Overflow Vulnerability in QNAP NAS Devices: Exploiting QTS to Execute Arbitrary Code
Path Traversal Vulnerability in Photo Station: Remote Access to Sensitive Information
Q'center Virtual Appliance XSS Vulnerability
Q'center Virtual Appliance XSS Vulnerability
Improper Access Control Vulnerability in Helpdesk Allows Unauthorized Access to System Logs
Command Injection Vulnerability in Music Station: Execute Commands on Affected Devices
Command Injection Vulnerability in QNAP File Station Allows Remote Code Execution
Denial of Service Vulnerability in TLS Handshake with DH(E) Ciphersuite
Vulnerability: Insecure Message Authentication in PA-RISC CRYPTO_memcmp Function
Timing Side Channel Vulnerability in OpenSSL DSA Signature Algorithm
Timing Side Channel Attack on OpenSSL ECDSA Signature Algorithm
Cache Timing Side Channel Attack on OpenSSL RSA Key Generation Algorithm
Recursive ASN.1 Types Denial of Service Vulnerability
Windows Color Management Information Disclosure Vulnerability
Windows Kernel Object Handling Elevation of Privilege Vulnerability
Windows Subsystem for Linux Elevation of Privilege Vulnerability
Windows Object Handling Elevation of Privilege Vulnerability
Windows Kernel Memory Object Handling Information Disclosure Vulnerability
Windows Memory Address Handling Information Disclosure Vulnerability
Windows Kernel Memory Address Information Disclosure Vulnerability
Memory Address Handling Vulnerability in Windows Operating Systems
Windows Elevation of Privilege Vulnerability in SMB Server
Windows GDI Information Disclosure Vulnerability
Windows Kernel API Elevation of Privilege Vulnerability
Windows Kernel API Elevation of Privilege Vulnerability
Windows Memory Object Handling Denial of Service Vulnerability
OpenType Font Driver Information Disclosure Vulnerability
Windows EOT Font Engine Information Disclosure Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
Windows Kernel Object Handling Information Disclosure Vulnerability
Scripting Engine Memory Corruption Vulnerability in Microsoft Edge
Windows EOT Font Engine Information Disclosure Vulnerability
Windows EOT Font Engine Information Disclosure Vulnerability
Scripting Engine Memory Corruption Vulnerability in Internet Explorer and Microsoft Edge
Microsoft Edge Memory Object Handling Information Disclosure Vulnerability
.NET and .NET Core XML Denial of Service Vulnerability
.NET and .NET Core XML Denial of Service Vulnerability
Microsoft Edge PDF Reader Information Disclosure Vulnerability
Scripting Engine Information Disclosure Vulnerability in Microsoft Edge
Microsoft Edge Scripting Engine Memory Corruption Vulnerability
Scripting Engine Memory Corruption Vulnerability in Microsoft Edge
Scripting Engine Memory Corruption Vulnerability in Microsoft Edge
Microsoft Edge Security Feature Bypass Vulnerability
Scripting Engine Memory Corruption Vulnerability in Internet Explorer and Microsoft Edge
Microsoft Edge Scripting Engine Memory Corruption Vulnerability
Microsoft Edge Scripting Engine Memory Corruption Vulnerability
Microsoft Edge Scripting Engine Memory Corruption Vulnerability
Scripting Engine Memory Corruption Vulnerability in Microsoft Edge
Scripting Engine Memory Corruption Vulnerability in Microsoft Edge
Microsoft Edge Scripting Engine Memory Corruption Vulnerability
Scripting Engine Information Disclosure Vulnerability in Microsoft Edge
Scripting Engine Memory Corruption Vulnerability in Microsoft Edge
ASP.NET Core Elevation of Privilege Vulnerability in Project Templates
ASP.NET Core Cross Site Request Forgery Vulnerability in Project Templates
.NET Certificate Validation Security Bypass Vulnerability
ASP.NET Core Elevation of Privilege Vulnerability
OpenType Font Driver Elevation of Privilege Vulnerability
Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft SharePoint Elevation of Privilege Vulnerability
Outlook Email Parsing Remote Code Execution Vulnerability
Microsoft Word 2016 Remote Code Execution Vulnerability
Outlook Email Parsing Remote Code Execution Vulnerability
Microsoft Word Object Handling Remote Code Execution Vulnerability
Memory Object Handling Vulnerability in Microsoft Office: Remote Code Execution
Memory Object Handling Vulnerability in Microsoft Excel
RTF Content Handling Vulnerability in Microsoft Word
Equation Editor Remote Code Execution Vulnerability in Microsoft Office
Microsoft Access Image Field XSS Vulnerability
Microsoft Edge Scripting Engine Information Disclosure Vulnerability
Equation Editor Remote Code Execution Vulnerability in Microsoft Office
Microsoft Office Equation Editor Remote Code Execution Vulnerability
Cross-Domain Information Leakage in Microsoft Edge
Equation Editor Remote Code Execution Vulnerability
Equation Editor Remote Code Execution Vulnerability in Multiple Versions of Microsoft Office
Equation Editor Remote Code Execution Vulnerability
Equation Editor Remote Code Execution Vulnerability
ASP.NET Core Elevation of Privilege Vulnerability
Windows Kernel Object Handling Elevation of Privilege Vulnerability
Windows Kernel Memory Initialization Information Disclosure Vulnerability
Windows Kernel Object Initialization Information Disclosure Vulnerability
Equation Editor Remote Code Execution Vulnerability in Microsoft Office
Windows Kernel Object Initialization Information Disclosure Vulnerability
Windows Kernel Object Initialization Information Disclosure Vulnerability
Windows GDI Elevation of Privilege Vulnerability
Windows GDI Elevation of Privilege Vulnerability
Windows GDI Elevation of Privilege Vulnerability
ChakraCore Vulnerability: Control Flow Guard Bypass and Arbitrary Code Execution
Email Spoofing Vulnerability in Microsoft Office 2016 for Mac
Windows Kernel Elevation Of Privilege Vulnerability
Windows AppContainer Elevation Of Privilege Vulnerability
Windows NTFS Global Reparse Point Elevation of Privilege Vulnerability
Windows Named Pipe File System Elevation of Privilege Vulnerability
Microsoft COM for Windows Remote Code Execution Vulnerability
StructuredQuery Remote Code Execution Vulnerability
Windows Storage Services Elevation of Privilege Vulnerability
Device Guard Security Feature Bypass Vulnerability in Windows Scripting Host (WSH)
MultiPoint Management Account Password Storage Vulnerability in Windows 10 and Windows Server 2016
Windows Kernel Memory Object Handling Information Disclosure Vulnerability
Windows Kernel Memory Object Handling Information Disclosure Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
Windows Kernel Memory Object Handling Information Disclosure Vulnerability
SMBv2/SMBv3 Null Dereference Denial of Service Vulnerability
Scripting Engine Memory Corruption Vulnerability in Microsoft Edge and ChakraCore
Scripting Engine Memory Corruption Vulnerability in Microsoft Edge and ChakraCore
Scripting Engine Memory Corruption Vulnerability in Microsoft Edge and ChakraCore
Scripting Engine Memory Corruption Vulnerability in Microsoft Edge and ChakraCore
Scripting Engine Memory Corruption Vulnerability in Microsoft Edge and ChakraCore
Microsoft Edge Memory Object Handling Information Disclosure Vulnerability
Scripting Engine Memory Corruption Vulnerability in Internet Explorer and Microsoft Edge
Memory Handling Vulnerability in Microsoft Office 2016 Click-to-Run: Remote Code Execution
Windows Kernel Elevation of Privilege Vulnerability
Windows Kernel Information Disclosure Vulnerability in Windows 10 and Windows Server (CVE-2018-XXXX)
Windows Common Log File System Driver Elevation Of Privilege Vulnerability
Equation Editor Remote Code Execution Vulnerability
Windows Common Log File System Driver Elevation Of Privilege Vulnerability
Internet Explorer Memory Object Handling Vulnerability
Equation Editor Remote Code Execution Vulnerability
Equation Editor Remote Code Execution Vulnerability
Microsoft Outlook Elevation of Privilege Vulnerability
Microsoft Office Memory Corruption Vulnerability
Microsoft Office Memory Corruption Vulnerability in Outlook
Microsoft Office Information Disclosure Vulnerability
Windows Scripting Host Device Guard Bypass Vulnerability
Windows EOT Font Engine Information Disclosure Vulnerability
Scripting Engine Memory Corruption Vulnerability in Microsoft Edge and ChakraCore
Scripting Engine Memory Corruption Vulnerability in Microsoft Edge and ChakraCore
ChakraCore Scripting Engine Memory Corruption Vulnerability
Scripting Engine Memory Corruption Vulnerability in Microsoft Edge and ChakraCore
Scripting Engine Memory Corruption Vulnerability in Microsoft Edge and ChakraCore
Scripting Engine Memory Corruption Vulnerability in Microsoft Edge
Equation Editor Remote Code Execution Vulnerability
Web Request Handling Vulnerability in SharePoint Project Server 2013 and SharePoint Enterprise Server 2016
Scripting Engine Memory Corruption Vulnerability in Internet Explorer
Windows Installer Elevation of Privilege Vulnerability
SharePoint Server 2016 Web Request Handling Elevation of Privilege Vulnerability
Internet Explorer Remote Code Execution Vulnerability
Microsoft Edge Improper File Marking Information Disclosure Vulnerability
Chakra Scripting Engine Memory Corruption Vulnerability
Chakra Scripting Engine Memory Corruption Vulnerability
Chakra Scripting Engine Memory Corruption Vulnerability
.NET Core Denial of Service Vulnerability
Scripting Engine Memory Corruption Vulnerability in Microsoft Edge
Windows Desktop Bridge VFS Elevation of Privilege Vulnerability
Windows Remote Assistance XXE Information Disclosure Vulnerability
Memory Object Handling Vulnerability in Microsoft Edge
Windows Desktop Bridge Virtual Registry Elevation of Privilege Vulnerability
Microsoft Video Control Elevation of Privilege Vulnerability
Windows Desktop Bridge Virtual Registry Elevation of Privilege Vulnerability
File Copy Destination Validation Remote Code Execution Vulnerability
Windows Scripting Host (WSH) Security Feature Bypass Vulnerability
Hyper-V Denial of Service Vulnerability
CredSSP Remote Code Execution Vulnerability
Windows Kernel Memory Address Initialization Vulnerability
Hyper-V Information Disclosure Vulnerability
Scripting Engine Memory Corruption Vulnerability in Microsoft Edge
Network Isolation Security Bypass Vulnerability in Active Directory
ChakraCore and Internet Explorer Scripting Engine Information Disclosure Vulnerability
Microsoft Edge Information Disclosure Vulnerability
Scripting Engine Memory Corruption Vulnerability in Microsoft Edge
Windows Kernel Memory Address Handling Vulnerability
Windows Kernel Memory Address Handling Vulnerability
Windows Kernel Memory Address Handling Vulnerability
Windows Kernel Memory Address Handling Vulnerability
Windows Kernel Memory Address Handling Vulnerability
Windows Kernel Memory Address Handling Vulnerability
Windows Kernel Memory Address Handling Vulnerability
Windows Kernel Memory Address Handling Vulnerability
Windows Security Feature Bypass Vulnerability in CNG Kernel-Mode Driver
Memory Handling Vulnerability in Microsoft Access Allows Remote Code Execution
Windows Kernel Memory Address Handling Vulnerability
Macro Settings Security Bypass in Microsoft Excel
Microsoft Identity Manager 2016 SP1 XSS Elevation of Privilege Vulnerability
Microsoft Project Server and SharePoint Server Elevation of Privilege Vulnerability
Microsoft SharePoint Elevation of Privilege Vulnerability in Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016
Microsoft SharePoint Elevation of Privilege Vulnerability in Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016
Microsoft SharePoint Elevation of Privilege Vulnerability in Microsoft Project Server 2013 SP1 and SharePoint Enterprise Server 2016
Microsoft SharePoint Elevation of Privilege Vulnerability in Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016
Microsoft SharePoint Elevation of Privilege Vulnerability in Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016
Microsoft SharePoint Elevation of Privilege Vulnerability in Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016
Microsoft SharePoint Elevation of Privilege Vulnerability in Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016
Microsoft SharePoint Enterprise Server 2016 Elevation of Privilege Vulnerability
Microsoft Office Information Disclosure Vulnerability
Memory Object Handling Vulnerability in Microsoft Excel
Microsoft SharePoint Enterprise Server 2016 Elevation of Privilege Vulnerability
Microsoft Office Memory Corruption Vulnerability
Microsoft SharePoint Enterprise Server 2016 Elevation of Privilege Vulnerability
URL Redirect Handling Information Disclosure Vulnerability in Microsoft Exchange Server
ChakraCore Scripting Engine Memory Corruption Vulnerability
Windows Kernel Memory Address Handling Vulnerability
Microsoft Browser Information Disclosure Vulnerability
Internet Explorer Memory Object Handling Vulnerability
Chakra Scripting Engine Memory Corruption Vulnerability
Chakra Scripting Engine Memory Corruption Vulnerability
Microsoft Browser Information Disclosure Vulnerability
Chakra Scripting Engine Memory Corruption Vulnerability
Chakra Scripting Engine Memory Corruption Vulnerability
Scripting Engine Memory Corruption Vulnerability in Internet Explorer
Chakra Scripting Engine Memory Corruption Vulnerability in ChakraCore and Microsoft Windows 10 1709
Chakra Scripting Engine Memory Corruption Vulnerability in ChakraCore and Microsoft Windows 10 1703 and 1709
ChakraCore and Microsoft Edge Information Disclosure Vulnerability
Email Link Rewriting Elevation of Privilege Vulnerability in Microsoft Exchange Server
Microsoft Exchange Server 2016 Cumulative Update 7 and Cumulative Update 8 Information Disclosure Vulnerability
Internet Explorer Zone and Integrity Settings Elevation of Privilege Vulnerability
Chakra Scripting Engine Remote Code Execution Vulnerability
Microsoft SharePoint Elevation of Privilege Vulnerability in Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016
Scripting Engine Memory Corruption Vulnerability in Microsoft Edge
Scripting Engine Memory Corruption Vulnerability in Microsoft Edge
Microsoft SharePoint Elevation of Privilege Vulnerability in SharePoint Foundation 2013 SP1 and SharePoint Enterprise Server 2016
UNC Resource Handling Security Bypass Vulnerability in Internet Explorer
Microsoft Office OLE Object Information Disclosure Vulnerability
Microsoft Edge Scripting Engine Memory Corruption Vulnerability
Arbitrary File Creation Vulnerability in Diagnostics Hub Standard Collector
Scripting Engine Memory Corruption Vulnerability in Microsoft Edge
Remote Code Execution Vulnerability in Microsoft Browsers: Scripting Engine Memory Corruption
Internet Explorer Scripting Engine Memory Corruption Vulnerability
HTTP.sys Denial of Service Vulnerability in HTTP 2.0 Protocol Stack
Hyper-V Information Disclosure Vulnerability
Windows Security Feature Bypass Vulnerability in Device Guard
Hyper-V Remote Code Execution Vulnerability
Windows Kernel Information Disclosure Vulnerability
Hyper-V vSMB Remote Code Execution Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
Hyper-V Information Disclosure Vulnerability
Hyper-V Remote Code Execution Vulnerability in Windows Server 2016 and Windows 10
Device Guard Security Feature Bypass Vulnerability
Windows SNMP Service Denial of Service Vulnerability
Windows Kernel ASLR Bypass Information Disclosure Vulnerability
Windows Kernel Information Disclosure Vulnerability
Windows Kernel Information Disclosure Vulnerability
Windows Kernel Information Disclosure Vulnerability
Windows Kernel Information Disclosure Vulnerability
Windows Kernel Information Disclosure Vulnerability
Windows Kernel Information Disclosure Vulnerability
Windows Kernel Information Disclosure Vulnerability
Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability
Win32k Elevation of Privilege Vulnerability in Windows Kernel Mode Driver
Internet Explorer Memory Corruption Remote Code Execution Vulnerability
Chakra Scripting Engine Remote Code Execution Vulnerability in Microsoft Edge
Chakra Scripting Engine Remote Code Execution Vulnerability in Microsoft Edge
Scripting Engine Memory Object Information Disclosure Vulnerability
Windows Kernel API Elevation of Privilege Vulnerability
Windows Storage Services Elevation of Privilege Vulnerability
Microsoft Malware Protection Engine Remote Code Execution Vulnerability
Scripting Engine Information Disclosure Vulnerability in Internet Explorer 9, 10, and 11
Scripting Engine Memory Corruption Vulnerability in Internet Explorer
Scripting Engine Memory Object Information Disclosure Vulnerability
Chakra Scripting Engine Remote Code Execution Vulnerability in Microsoft Edge
Internet Explorer Remote Code Execution via Memory Corruption
Chakra Scripting Engine Remote Code Execution Vulnerability in Microsoft Edge
Chakra Scripting Engine Remote Code Execution Vulnerability in Microsoft Edge
Chakra Scripting Engine Remote Code Execution Vulnerability in Microsoft Edge
Scripting Engine Memory Corruption Vulnerability in Internet Explorer
Internet Explorer 11 Remote Code Execution Vulnerability
Microsoft Edge PDF Reader Information Disclosure Vulnerability
Scripting Engine Memory Object Information Disclosure Vulnerability
Universal XSS (UXSS) Vulnerability in Video Downloader Professional Extension for Chrome
Buffer Underflow Vulnerability in glibc's realpath() Function
DNSSEC Validator Component Vulnerability: Denial of Existence Attack via Packet Replay in Knot Resolver (prior version 1.5.2)
DNSSEC Validator Vulnerability in PowerDNS 4.1.0 Allows Denial of Existence via Packet Replay
Race Condition Vulnerability in Linux Kernel Sound System Leading to Deadlock and Denial of Service
Out-of-bounds Read Vulnerability in libcurl 7.49.0 to 7.57.0
Arbitrary Command Execution via Protocol Handler in GitHub Electron
Vulnerability: Information Leakage in libcurl 7.1 through 7.57.0
XML External Entity (XXE) Vulnerability in Jenkins PMD Plugin 3.49 and Earlier
XML External Entity (XXE) Vulnerability in Jenkins Checkstyle Plugin
XML External Entity (XXE) Vulnerability in Jenkins DRY Plugin 2.49 and Earlier
XML External Entity (XXE) Vulnerability in Jenkins FindBugs Plugin 4.71 and Earlier
XML External Entity (XXE) Vulnerability in Jenkins Warnings Plugin 4.64 and Earlier
CSRF Vulnerability in Jenkins Release Plugin 2.9 and Earlier
CSRF Vulnerability in Jenkins Translation Assistance Plugin Allows Unauthorized String Overrides
Vulnerability: Incorrect Permissions Checks in Pipeline: Nodes and Processes Plugin
Root User Password Disclosure in oVirt-Hosted-Engine-Setup
OS Command Injection Vulnerability in OpenEMR 5.0.0's fax_dispatch.php
Cross Site Scripting (XSS) vulnerability in OpenEMR version 5.0.0
Input Validation Error in GIT Client: Remote Code Execution via Malicious Git Server
Missing Authorization Vulnerability in Electrum Bitcoin Wallet
CWE-20: Full Path Disclosure Vulnerability in Bitpay/insight-api Transaction Broadcast Endpoint
Incorrect Pointer Handling in Squid HTTP Caching Proxy ESI Response Processing Vulnerability
Firebase Admin SDK for PHP Incorrect Access Control Vulnerability
Insufficient Input Validation in Linux Kernel's bnx2x Network Card Driver: DoS via Specially Crafted Packet
NULL Pointer Dereference Vulnerability in Squid HTTP Caching Proxy Allows Denial of Service
Incorrect Access Control vulnerability in NFS server (nfsd) allows remote users to read or write unauthorized files via NFS
Cross Site Scripting (XSS) Vulnerability in mcholste ELSA version revision 1205, commit 2cc17f1 and earlier
Heap-Buffer-Overflow and Heap-Use-After-Free Vulnerabilities in Python 2.7.14
Heap-Based Buffer Overflow in Info-Zip UnZip 6.10c22: Denial of Service and Code Execution Vulnerability
Heap-based Buffer Overflow in Info-Zip UnZip v6.10c22: Denial of Service and Code Execution Vulnerability
Out-of-Bounds Read Vulnerability in Info-Zip UnZip 6.10c22: Denial of Service and Sensitive Memory Disclosure
Out-of-Bounds Read Vulnerability in Info-Zip UnZip 6.10c22: Denial of Service and Sensitive Memory Disclosure
Heap-Based Buffer Overflow in Info-Zip UnZip Allows for DoS and Code Execution
Memory Leak Vulnerability in MuPDF 1.12.0 and Earlier
Denial of Service Vulnerability in MuPDF 1.12.0 and Earlier
Stack Buffer Overflow in MuPDF 1.12.0 and Earlier: Arbitrary Code Execution via Crafted File
Multiple Heap Use After Free Vulnerabilities in MuPDF 1.12.0 and Earlier
Multiple Uninitialized Value Bugs in MuPDF PDF Parser
Remote Code Execution via SVG File with UNC Path on Windows
OS Command Injection in Security Onion Solutions Squert
OS Command Injection in Security Onion Solutions Squert
SQL Injection Vulnerability in Security Onion Solutions Squert 1.1.1 - 1.6.7
NASA Singledop v1.0 Vulnerability: Remote Code Execution via Specially Crafted Radar Data File
CWE-502 Vulnerability in NASA Pyblock Radar Data Parsing Library Allows Remote Code Execution
CWE-502 Vulnerability in NASA Kodiak v1.0 Allows Remote Code Execution via Untrusted File Optimization
CWE-502 Vulnerability in NASA RtRetrievalFramework v1.0: Remote Code Execution via Weather Data File Retrieval
Remote Code Execution Vulnerability in Nanopool Claymore Dual Miner
Buffer Overflow Vulnerability in stb_vorbis 1.12 and Earlier: Exploitable via Specially Crafted Ogg Vorbis File
Use After Free Vulnerability in Artifex Mupdf 1.12.0: Potential DOS and Code Execution via Crafted PDF
Memory Corruption Vulnerability in fmtlib's fmt::print() Function
CSRF Vulnerability in LimeSurvey Theme Uninstallation Allows Deletion of All Themes
XML External Entity (XXE) Vulnerability in Jenkins CCM Plugin 3.1 and Earlier
XML External Entity (XXE) Vulnerability in Jenkins Android Lint Plugin 2.5 and Earlier
XML External Entity (XXE) Vulnerability in Jenkins JUnit Plugin 1.23 and Earlier
Jenkins Credentials Binding Plugin Vulnerability: Password Recovery through Unmasked Values
Arbitrary Code Execution Vulnerability in Jenkins Pipeline: Supporting APIs Plugin
PHP Object Injection Vulnerability in ValidFormBuilder Version 4.5.4
Sensitive Configuration Data Logging Vulnerability in Sensu Core
Stored Cross-Site Scripting on File Upload through SVG in WonderCMS version 2.4.0
Improper Authorization Vulnerability in Jenkins Allows Limited Information Disclosure
Improper Input Validation Vulnerability in Jenkins Allows Unauthorized Access to Plugin Resource Files
XML External Entity (XXE) Vulnerability in FreePlane Mindmap Loader
Eval Injection Vulnerability in Bitmessage PyBitmessage v0.6.2: Remote Code Execution
Insecure Permissions Vulnerability in Roundcube Enigma Plugin Allows Exfiltration of GPG Private Key
Insecure Permissions Vulnerability in iRedMail's Roundcube Webmail
Directory Traversal Vulnerability in RubyGems
Deserialization of Untrusted Data Vulnerability in RubyGems' `gem owner` Command
Infinite Loop Vulnerability in RubyGems
Improper Verification of Cryptographic Signature in RubyGems
Improper Input Validation in RubyGems Specification Homepage Attribute
Cross Site Scripting (XSS) vulnerability in RubyGems gem server display of homepage attribute
Directory Traversal Vulnerability in RubyGems Installation
Insecure Permissions Vulnerability in Ajenti Version 2 Allows Unauthorized Plugin Downloads
Input Validation Vulnerability in Ajenti Version 2: Server Crashing via ID String on Get-values POST Request
Cross-Site Request Forgery (CSRF) Vulnerability in Ajenti Version 2 Command Execution Panel
Improper Error Handling in Ajenti Version 2 Login JSON Request Leads to Server Path Leakage
Stored Cross-Site Scripting Vulnerability in WolfCMS 0.8.3.1
Out of Bounds Heap Memory Read Vulnerability in ClamAV 0.99.3 XAR Parser
Arbitrary JavaScript Code Execution via CSRF in Pym.js Versions 0.4.2 - 1.3.1
Reflected Cross Site Scripting Vulnerability in WolfCMS 0.8.3.1
Stored XSS vulnerability in Doorkeeper OAuth App Form and User Authorization Prompt Web View
Fabrication of Email Tracking Events via Anymail Django-Anymail Vulnerability
XML Injection Vulnerability in Textpattern Version 4.6.2: Denial of Service via Crafted XML File
Buffer Overflow Vulnerability in KadNode Version 2.2.0: Remote Code Execution
Cross-Site Request Forgery (CSRF) Vulnerability in CMS Made Simple 2.2.5 Admin Profile Page
Unauthenticated Remote Command Execution in CryptoNote Wallets
Remote Code Execution Vulnerability in CMS Made Simple File Manager
Cross Site Scripting (XSS) Vulnerability in oVirt Web Admin Application (4.2.0 - 4.2.2)
Missing SSL Certificate Validation Vulnerability in brianleroux tiny-json-http
Buffer Overflow Vulnerability in sharutils (unshar command) version 4.15.2
Integer Overflow Vulnerability in pjmedia SDP Parsing in Teluu PJSIP version 2.7.1 and Earlier
Null Pointer Dereference Vulnerability in Teluu PJSIP 2.7.1 and Earlier
Out-of-Array Read Denial of Service Vulnerability in FFmpeg's decode_init Function
Buffer Overflow Vulnerability in GPAC MP4Box (CVE-2021-12345)
Improper Null Termination in mingw-w64-crt (libc)->(v)snprintf Vulnerability
Plaintext Password Storage Vulnerability in Jenkins Coverity Plugin 1.10.0 and Earlier
Improper Authorization Vulnerability in Jenkins Gerrit Trigger Plugin Allows Unauthorized Access to Gerrit Configuration
Improper Authorization Vulnerability in Jenkins Gerrit Trigger Plugin Allows Unauthorized Gerrit Configuration Modification
Improper Authorization Vulnerability in Jenkins Job and Node Ownership Plugin
Cross-Site Scripting Vulnerability in Jenkins CppNCSS Plugin 1.1 and Earlier
Improper Authorization Vulnerability in Jenkins Google Play Android Publisher Plugin
Improper Authorization Vulnerability in Jenkins Git Plugin Allows Unauthorized Access to Node and User Information
Improper Authorization Vulnerability in Jenkins Subversion Plugin Allows Unauthorized Access to Node and User Information
Improper Authorization Vulnerability in Jenkins Mercurial Plugin Allows Unauthorized Access to Node and User Information
Cross-Site Scripting Vulnerability in Jenkins TestLink Plugin 2.12 and Earlier
Improper Authorization Vulnerability in Jenkins Promoted Builds Plugin 2.31.1 and Earlier
Memcached 1.5.5 UDP Network Amplification Denial of Service Vulnerability
Heap Corruption Vulnerability in NET-SNMP Version 5.7.2 Allows Command Execution via UDP Protocol Handler
Buffer Overflow Vulnerability in os.symlink() Function on Windows in Python Software Foundation CPython Versions 3.2 to 3.6.4
Command Injection Vulnerability in Electron Protocol Handler
Timing Attack Vulnerability in Sinatra Rack-Protection
FTP URL Buffer Overflow Vulnerability
LDAP NULL Pointer Dereference Vulnerability in curl 7.21.0 - 7.58.0
Buffer Over-read Vulnerability in curl 7.20.0 to 7.58.0: Denial of Service and Information Leakage
Information Exposure Through Log Files in Ionic Team Cordova plugin iOS Keychain
XML External Entity (XXE) Vulnerability in I Librarian I-librarian Version 4.8 and Earlier
Insecure JWT Validation in inversoft prime-jwt
Information Disclosure Vulnerability in Ajenti Version 2 Allows User and System Enumeration and Data Leakage
Integer Overflow Vulnerability in memcached 1.4.37 and Earlier: Data Corruption and Deadlocks
Jolokia Agent 1.3.7 HTTP Servlet XSS Vulnerability
Jolokia Agent 1.3.7 JNDI Injection Vulnerability
SQL Injection Vulnerability in Pradeep Makone WordPress Support Plus Responsive Ticket System
Unauthorized Data Access in Mercurial Protocol Server (CWE-285)
Trident Pitchfork 1.4.6 RC1 Privilege Escalation Vulnerability
UnboundID LDAP SDK Incorrect Access Control Vulnerability
Information Exposure in GNOME NetworkManager DNS Resolver
Remote Code Execution in Electron Webviews
CSRF Vulnerability in I, Librarian Version 4.8 and Earlier Allows Unauthorized Password Changes
SSRF Vulnerability in I, Librarian Version 4.8 and Earlier: Abusing Server Functionality to Access Internal Resources
Cross Site Scripting (XSS) Vulnerability in I, Librarian Version 4.8 and Earlier
Buffer Overflow Vulnerability in rsyslog librelp: Remote Code Execution via Crafted x509 Certificate
Incorrect Access Control in I, Librarian Version 4.9 and Earlier: Unauthorized Access to Project Discussions
Jenkins GitHub Pull Request Builder Plugin Local File Access Vulnerability
Jenkins GitHub Pull Request Builder Plugin Local File Access Vulnerability
Cross-Site Scripting Vulnerability in Jenkins Cucumber Living Documentation Plugin 1.0.12 and Older
Jenkins Perforce Plugin Local File System Access Vulnerability
Arbitrary Code Execution Vulnerability in Liquibase Runner Plugin 1.3.0 and Older
Jenkins Perforce Plugin Information Exposure Vulnerability
Arbitrary File Read Vulnerability in Jenkins Copy To Slave Plugin
Vulnerability: Man-in-the-Middle Attack in Jenkins Ansible Plugin Disables Host Key Verification
Jenkins Reverse Proxy Auth Plugin 1.5 and older: Sensitive Information Exposure Vulnerability
Jenkins vSphere Plugin: SSL/TLS Certificate Validation Bypass Vulnerability
Improper Authorization Vulnerability in Jenkins vSphere Plugin
Cross-Site Request Forgery Vulnerability in Jenkins vSphere Plugin 2.16 and Older
Improper Neutralization of Script-Related HTML Tags in Zammad Email Subject (CWE-80) Vulnerability
OpenFlow Handshake Vulnerability: Denial of Service and Unauthorized Access
Code Execution Vulnerability in GNU Patch 2.7.6 via EDITOR_PROGRAM Invocation
CMS Made Simple 2.2.7 - Incorrect Access Control Vulnerability in Password Recovery Function
CWE-354: Improper Validation of Integrity Check Value in tlslite-ng version 0.7.3 and earlier
Cross Site Scripting (XSS) Vulnerability in RisingStack Protect Version 1.2.0 and Earlier
Directory Traversal Vulnerability in NSE Script http-fetch
Cross Site Scripting (XSS) vulnerability in Parsedown prior to 1.7.0
Cross Site Scripting (XSS) Vulnerability in Floodlight Web Console
Arbitrary HTTP Headers Injection in gunicorn version 19.4.5
Impersonation Vulnerability in LightSAML Prior to 1.3.5
Insecure Deserialization Vulnerability in OISF Suricata-Update 1.0.0a1
Improper Input Validation in nghttp2 ALTSVC Frame Handling Leading to Denial of Service
Information Disclosure Vulnerability in Jenkins CLICommand and ViewOptionHandler
Cross-Site Scripting Vulnerability in Jenkins 2.115 and Older
Cross Site Scripting (XSS) Vulnerability in Imagely NextGEN Gallery 2.2.30 and Earlier
Session Fixation Vulnerability in Jenkins Google Login Plugin 1.3 and Older
Open Redirect Vulnerability in Jenkins Google Login Plugin 1.3 and Older
Arbitrary File Override Vulnerability in Jenkins HTML Publisher Plugin
Sensitive Information Exposure in Jenkins Email Extension Plugin
Cross-Site Scripting Vulnerability in Jenkins S3 Plugin 0.10.12 and Older
Remote Code Execution Vulnerability in Quassel 0.12.4
NULL Pointer Dereference Vulnerability in Quassel 0.12.4: Denial of Service
Inadequate M-R Tests in RSA Key Pair Generation in Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and Earlier
Unintended Read Access Vulnerability in Kitura 2.3.0 and Earlier
Server-side request forgery vulnerability in Jenkins Git Plugin 3.9.0 and older
Jenkins GitHub Plugin 1.29.0 and older: Sensitive Information Exposure Vulnerability
Server-Side Request Forgery Vulnerability in Jenkins GitHub Plugin 1.29.0 and Older
Server-side Request Forgery Vulnerability in Jenkins GitHub Branch Source Plugin
Jenkins GitHub Pull Request Builder Plugin 1.41.0 and older: Sensitive Information Exposure Vulnerability
Sensitive Information Exposure in Jenkins Kubernetes Plugin 1.7.0 and Older: Passwords Written to Logs
Server-Side Request Forgery Vulnerability in Jenkins CAS Plugin 1.4.1 and Older
Command Execution Vulnerability in Jenkins Absint Astree Plugin 1.0.5 and Older
Jenkins Black Duck Hub Plugin 4.0.0 and older: Sensitive Information Exposure Vulnerability
Jenkins Black Duck Detect Plugin 1.4.0 and older: Sensitive Information Exposure Vulnerability
Information Exposure Vulnerability in Jenkins: Plugin Enumeration
User Name Collision Vulnerability in Jenkins
Arbitrary File Read and Write Vulnerability in Jenkins
Server-side Request Forgery Vulnerability in Jenkins 2.120 and Older: Arbitrary URL Submission and Response Verification
Sensitive Information Exposure in Jenkins Gitlab Hook Plugin
Improper Authorization Vulnerability in Jenkins Black Duck Hub Plugin 3.0.3 and Older
XML External Entity (XXE) Processing Vulnerability in Jenkins Black Duck Hub Plugin 3.1.0 and Older
Local Code Execution Vulnerability in Linux Kernel 3.18: modify_user_hw_breakpoint()
Null Pointer Dereference Vulnerability in Linux Kernel 4.14, 4.15, and 4.16
DLL Hijacking Vulnerability in ruby-ffi v1.9.23 and earlier
Persistent Cross-Site Scripting Vulnerability in Jenkins Groovy Postbuild Plugin 2.3.1 and Older
Intentional Backdoor Vulnerability in Soar Labs Soar Coin: Theft of Soar Coins by onlycentralAccount
Linux Kernel SG_IO ioctl Vulnerability
Bypassing Verified Boot in U-Boot through Improper Input Validation
Cross-Site Request Forgery (CSRF) Vulnerability in JFrog Artifactory 5.11
Incorrect Access Control Vulnerability in MODX Revolution <=2.6.4: Arbitrary File Creation via Phpthumb Class
Directory Traversal Vulnerability in MODX Revolution <=2.6.4
Insecure Permissions Vulnerability in Sensu Core on Windows Platforms
Insecure Direct Object Reference vulnerability in YamlDotNet version 4.3.2 and earlier
Incorrect Access Control in Doorkeeper Token Revocation API
CWE-772 Vulnerability in cJSON Library Allows for Denial of Service (DoS)
Double Free Vulnerability in cJSON Library (CVE-2020-28928)
CWE-416: Use After Free Vulnerability in cJSON Library (Versions 1.7.3 and Earlier)
Cross Site Scripting (XSS) Vulnerability in OpenEMR v5_0_1_4's fax_view.php
Cross Site Scripting (XSS) Vulnerability in OpenEMR v5_0_1_4
Buffer Overflow Vulnerability in pkgconf dequote() Function
Double Free Vulnerability in Libgd version 2.2.5's gdImageBmpPtr Function Allows for Remote Code Execution
Buffer Overflow Vulnerability in SoundTouch 2.0.0: Arbitrary Code Execution via SoundStretch/WavFile.cpp
Godot Engine Serialization Vulnerability
Cross Site Scripting (XSS) Vulnerability in Cobbler-Web Allows Privilege Escalation
Cobbler XMLRPC API Incorrect Access Control Vulnerability
Heap-based Buffer Overflow in curl versions 7.54.1 to 7.59.0
Buffer Over-read Vulnerability in curl 7.20.0 to 7.59.0
Privilege Escalation in Kubernetes CRI-O Prior to 1.9
Insufficiently Protected Credentials Vulnerability in Jenkins AWS CodePipeline Plugin
Disclosure of Environment Variables in Jenkins AWS CodeDeploy Plugin
Insufficiently Protected Credentials Vulnerability in Jenkins AWS CodeDeploy Plugin
Insufficiently Protected Credentials Vulnerability in Jenkins AWS CodeBuild Plugin
Arbitrary File Write Vulnerability in Jenkins 2.145 and Earlier
Arbitrary HTML Rendering Vulnerability in Jenkins 2.145 and Earlier
Denial of Service Vulnerability in Jenkins User Database Security Realm
Session Fixation Vulnerability in Jenkins
Information Exposure Vulnerability in Jenkins and Stapler Framework
Cross-Site Request Forgery Vulnerability in Jenkins JUnit Plugin 1.25 and Earlier: TestObject.java Description Manipulation
Improper Authorization Vulnerability in Jenkins Jira Plugin Allows Unauthorized Access to Credentials
Cross-Site Scripting Vulnerability in Jenkins Config File Provider Plugin 3.1 and Earlier
Cross-Site Request Forgery Vulnerability in Jenkins Config File Provider Plugin
Cross-Site Scripting Vulnerability in Jenkins Rebuilder Plugin 1.28 and Earlier
Reflected Cross-Site Scripting Vulnerability in Jenkins Job Config History Plugin
Cross-Site Request Forgery Vulnerability in Jenkins Email Extension Template Plugin
Improper Authorization Vulnerability in Jenkins HipChat Plugin 2.2.0 and Earlier
Improper Authorization Vulnerability in Jenkins HipChat Plugin Allows Unauthorized Access to Credentials
Improper Authorization Vulnerability in Jenkins Mesos Plugin Allows Unauthorized Access to Credentials
Improper Authorization Vulnerability in Jenkins Mesos Plugin Allows Unauthorized Test Connection
Improper Authorization Vulnerability in Jenkins Crowd 2 Integration Plugin 2.0.0 and Earlier
Local File System Access Vulnerability in Jenkins Crowd 2 Integration Plugin
Local File System Access Vulnerability in Jenkins Artifactory Plugin
Insufficiently Protected Credentials Vulnerability in Jenkins SonarQube Scanner Plugin
Arbitrary HTML Rendering Vulnerability in Jenkins Git Changelog Plugin
Arbitrary Code Execution Vulnerability in Busybox Wget Applet via Missing SSL Certificate Validation
Password Reset Vulnerability in Instant Update CMS
File Inclusion Vulnerability in MyBB Group MyBB Admin Panel
MyBB Group MyBB Incorrect Access Control Vulnerability in Private Forums
ACE via File Inclusion Vulnerability in Redirection 2.7.3 Pass-through Mode
CSRF Vulnerability in Tooltipy (tooltips for WP) Version 5.0 Allows Post Duplication
Metronet Tag Manager 1.2.7 CSRF Vulnerability in Settings Page
CSRF Vulnerability in WP User Groups 2.0.0 Allows Unauthorized Modification of User Groups and Types
Cross Site Scripting (XSS) Vulnerability in WP ULike Plugin Allows Unauthorized Users to Gain Admin Privileges
Serialisation Vulnerability in Redirection Version 2.7.1 Allows Arbitrary Code Execution
Denial of Service Vulnerability in WP Image Zoom 1.23
WP ULike Plugin Incorrect Access Control Vulnerability in AJAX
Cross Site Scripting (XSS) Vulnerability in Tooltipy Tooltipy (tooltips for WP) Version 5 Glossary Shortcode
Cross Site Scripting (XSS) Vulnerability in LimeSurvey 3.0.0-beta.3+17110 Boxes
CSRF Vulnerability in LimeSurvey 3.0.0-beta.3+17110 Allows Admin Box Deletion
XML External Entity (XXE) Vulnerability in Ventrian News-Articles Version NewsArticles.00.09.11
Cross-Site Scripting (XSS) Vulnerability in Galaxy Project Galaxy v14.10
Buffer Overflow Vulnerability in BusyBox wget
Improper Handling of Highly Compressed Data (Data Amplification) Vulnerability in aaugustin WebSockets Version 4
Session Fixation Vulnerability in aiohttp-session's RedisStorage
Ciphersuite Allows Incorrectly Signed Certificates in ARM mbedTLS
Cross Site Scripting (XSS) Vulnerability in BigTree-CMS
Arbitrary Byte Injection Vulnerability in topydo's ListFormatParser::parse
Integer Overflow Vulnerability in miniSphere's layer_resize() Function in map_engine.c
PHP Object Injection Vulnerability in openpsa
XML Injection Vulnerability in Openpsa RSS File Upload Feature
Froxlor <= 0.9.39.5 PHP Object Injection Vulnerability in Domain Name Form
Cross Site Scripting (XSS) Vulnerability in GONICUS GOsa
Cross Site Scripting (XSS) vulnerability in Grails Fields plugin version 2.2.7
Incorrect Signature Validation in inversoft prime-jwt
External Control of File Name or Path Vulnerability in beep Version 1.3 and Up Allows Local Users to Inhibit Execution of Arbitrary Programs, Allowing DoS
Passing Incorrectly Sanitized Input to System Function in GitList <= 0.6
Joplin XSS Vulnerability Leading to Code Execution
Local File Disclosure Vulnerability in LMS Module Allows Unauthorized File Access
XSS Vulnerability in Medis Version 0.6.1 and Earlier: Unauthorized Code Execution via Key Name Parameter
Buffer Overflow Vulnerability in Marlin Firmware Allows Arbitrary Code Execution via Crafted G-Code Instruction/File
Unbounded Memory Allocation Vulnerability in Minio S3 Server
Improper Verification of Cryptographic Signature in AES-GCM Encrypted JSON Web Tokens
XML External Entity (XXE) Vulnerability in LoboEvolution Version < 9b75694cedfa4825d4a2330abf2719d470c654cd
XML External Entity (XXE) Vulnerability in netbeans-mmd-plugin <= 1.4.3
XSS Code Execution Vulnerability in Akiee Version 0.0.3
Directory Traversal Vulnerability in RubyZip Gem Allows Arbitrary File Write
XML External Entity (XXE) Vulnerability in Triplea Version <= 1.9.0.0.10291: Potential Information Disclosure and Remote Code Execution via Specially Crafted Game Data File (XML)
Incorrect Access Control Vulnerability in coreBOS Version 7.0 and Earlier: Unauthorized Access to Contact Records
XML External Entity (XXE) Vulnerability in Umlet Version < 14.3
Email / Username Enumeration Vulnerability in Wekan Version 1.04.0
Directory Traversal Vulnerability in Sympa Community Sympa Version Prior to 6.2.32
Authentication Bypass Vulnerability in Trovebox <= 4.0.0-rc6
SQL Injection Vulnerability in Trovebox Album Component
Server-Side Request Forgery Vulnerability in Trovebox Webhook Component
Unsafe Password Reset Token Generation Vulnerability in Trovebox Version <= 4.0.0-rc6
Reflected XSS Vulnerability in WordPress 4.8+ Plugins.php or Core WordPress on Delete Function
Cross Site Scripting (XSS) Vulnerability in OCS Inventory NG version ocsreports 2.4
SQL Injection Vulnerability in OCS Inventory NG ocsreports 2.4 and 2.3.1
Cross Site Scripting (XSS) vulnerability in qutebrowser v0.11.0 (1179ee7a937fb31414d77d9970bac21095358449)
Jenkins GitHub Plugin 1.29.1 and Earlier: Sensitive Information Exposure Vulnerability
Arbitrary File Read Vulnerability in Jenkins SSH Credentials Plugin
Session Fixation Vulnerability in Jenkins SAML Plugin Allows Unauthorized User Impersonation
Jenkins Openstack Cloud Plugin Sensitive Information Exposure Vulnerability
Persistent Cross-Site Scripting Vulnerability in Jenkins Badge Plugin 1.4 and Earlier
Jenkins CollabNet Plugin Impersonation Vulnerability
Server-Side Request Forgery Vulnerability in Jenkins URLTrigger Plugin 0.41 and Earlier
Arbitrary File Write Vulnerability in Jenkins Fortify CloudScan Plugin 1.5.1 and Earlier
Sensitive Information Exposure in Jenkins z/OS Connector Plugin
Jenkins Configuration as Code Plugin: Sensitive Information Exposure Vulnerability
Sensitive Information Exposure in Jenkins Configuration as Code Plugin
Cross Site Scripting (XSS) Vulnerability in SURFnet OpenConext EngineBlock 5.7.0 to 5.7.3
Unsafe Reflection Vulnerability in Legion of the Bouncy Castle Java Cryptography APIs
XML External Entity (XXE) Vulnerability in ONOS Controller Version 1.13.1 and Earlier
Denial of Service Vulnerability in ONOS Controller's OVSDB Component
XML External Entity (XXE) Vulnerability in ONOS Controller Allows Remote XXE Attacks via OpenConfig Terminal Device
Denial of Service Vulnerability in Atlassian Floodlight Controller 1.2 and Earlier Versions
Stack Overflow Vulnerability in abi_serializer in EOSIO/eos
Unsanitized User Input in Ovidentia Allows Authenticated Remote Code Execution
Insufficient Entropy in Eran Hammer Cryptiles 4.1.1: Increased Brute Force Probability
Incorrect Access Control in Mycroft AI mycroft-core Websocket Configuration: Remote Code Execution Vulnerability
Uncontrolled Search Path Element Vulnerability in Rustdoc Plugins
JFrog Artifactory Directory Traversal and Remote Code Execution Vulnerability
Denial of Service Vulnerability in Battelle V2I Hub 2.5.1
Hard-coded Credentials in Battelle V2I Hub 2.5.1 Allow Unauthorized Access
Default API Key Bypass Vulnerability in Battelle V2I Hub 2.5.1
Unrestricted Access to API Key in Battelle V2I Hub 2.5.1
Remote Code Execution Vulnerability in Battelle V2I Hub 2.5.1
Cross-Site Scripting (XSS) Vulnerability in Battelle V2I Hub 2.5.1
SQL Injection Vulnerability in Battelle V2I Hub 2.5.1
SQL Injection Vulnerability in Battelle V2I Hub 3.0
XML Injection Vulnerability in dom4j Version Prior to 2.1.1
Information Exposure Through Log Files in OMERO.web Login and Change Password Forms
Improper Access Control in OMERO.server User Management Allows Privilege Escalation
Information Exposure Through Sent Data Vulnerability in OMERO.server 5.4.0 to 5.4.6
NULL Pointer Dereference Vulnerability in JerryScript
Buffer Overflow Vulnerability in zcat of zutils Prior to Version 1.8-pre2: Potential Denial of Service or Arbitrary Code Execution
Cross Site Scripting (XSS) Vulnerability in MiniCMS Version 1.1
XML External Entity (XXE) Vulnerability in LatexDraw Version <=4.0
Cross Site Scripting (XSS) Vulnerability in OpenCart-Overclocked version <=1.11.1
PHP Object Injection Vulnerability in YesWiki Version <= Cercopitheque Beta 1
Cross Site Scripting (XSS) Vulnerability in FlightAirMap v1.0-beta.21
XML External Entity (XXE) Vulnerability in Eclipse RDF4j XML Parser
Authenticated Local File Disclosure Vulnerability in LibreHealthIO lh-ehr Version <REL-2.0.0: Import Template File Disclosure
Authenticated Unrestricted File Write Vulnerability in LibreHealthIO LH-EHR Version REL-2.0.0
Authenticated Unrestricted File Deletion Vulnerability in LibreHealthIO lh-ehr Version REL-2.0.0
Authenticated Unrestricted File Write Vulnerability in LibreHealthIO lh-ehr REL-2.0.0
Authenticated Unrestricted File Write in letter.php (2) in LibreHealthIO lh-ehr version REL-2.0.0
SQL Injection Vulnerability in LibreHealthIO lh-ehr Version REL-2.0.0: User-Controlled Parameters Exploitation
XML External Entity (XXE) Vulnerability in Stroom Version <5.4.5: Confidential Data Disclosure and Server-Side Request Forgery
XML External Entity (XXE) Vulnerability in JabRef version <=4.3.1
SQL Injection Vulnerability in zzcms Version 8.3 and Earlier
Denial of Service (DoS) Vulnerability in GNU Libtasn1-4.13
CWE-476: NULL Pointer Dereference Vulnerability in Jsish version 2.4.65
CWE-20: Improper Input Validation in Flask JSON Encoding
Buffer Overflow Vulnerability in Rust Standard Library
LimeSurvey File Upload Vulnerability Leading to Code Execution
LimeSurvey File Upload Directory Traversal Remote Code Execution Vulnerability
Insecure Permissions Vulnerability in Tock Version Prior to Commit 42f7f36e74088036068d62253e1d8fb26605feed
CWE-476: NULL Pointer Dereference Vulnerability in Jsi_LogMsg (jsiUtils.c:196) in jsish version 2.4.67
Buffer Overflow Vulnerability in jsish version 2.4.70 2.047 in _jsi_evalcode function from jsiEval.c
Improper Certificate Validation in daneren2005 DSub for Subsonic (Android client) version 5.4.1
Cross Site Scripting (XSS) vulnerability in Dojo Dojo Objective Harness (DOH) version prior to 1.14
Command Injection Vulnerability in GIG Technology NV JumpScale Portal 7
Memory Corruption Vulnerability in NASM (Versions 2.14rc15 and Earlier)
Out-of-bounds Read Vulnerability in jsish version 2.4.70 2.047
Cross Site Request Forgery (CSRF) vulnerability in KOHA Library System versions 16.11.x and 17.05.x
Cross Site Scripting (XSS) Vulnerability in KOHA Library System versions 16.11.x and 17.05.x
CWE-601: Open Redirect and Reflected XSS via Data URIs in Sympa Version 6.2.16 and Later
WordPress Thumbnail Processing Remote Code Execution Vulnerability
NULL Base Pointer Reference Vulnerability in sys_ring_buf_put() and sys_ring_buf_get() in Zephyr-RTOS v1.12.0
Directory Traversal Vulnerability in Okular Allows Arbitrary File Creation
Command Injection Vulnerability in Python 2.7's shutil Module (make_archive Function)
Exposure of Private Email Addresses in Gitea Prior to Version 1.5.1
Buffer Overflow Vulnerability in Contiki-NG AQL Database Engine Allows Remote Code Execution
Paramiko SSH Server Incorrect Access Control Vulnerability
Use After Free Vulnerability in Python Cryptographic Authority pyopenssl
Denial of Service Vulnerability in PKCS #12 Store in Python Cryptographic Authority pyopenssl
Improper Input Validation in privacyIDEA Token Validation API Allows Denial-of-Service
CWE-680: Integer Overflow to Buffer Overflow in Rust Standard Library
Bludit Version 3.0.0 Unrestricted File Upload Vulnerability with Remote Command Execution
Weak Password Recovery Mechanism in Artica Integria IMS version 5.0 MR56 Package 58
Cross Site Scripting (XSS) Vulnerability in Custom Class Names in Backdrop CMS
Non-expiring Sessions Vulnerability in aiohttp-session
Inline JavaScript Execution Vulnerability in Brave Software Inc. Brave Version 0.22.810 to 0.24.0
Cross Site Scripting (XSS) Vulnerability in Grafana 5.2.4 and 5.3.0 Allows Execution of Arbitrary JavaScript Code
Incorrect Access Control vulnerability in Asset Pipeline Grails Plugin (Prior to 2.14.1.1, 2.15.1, and 3.0.6) allows Arbitrary File Download
XML External Entity (XXE) Vulnerability in neo4j-contrib neo4j-apoc-procedures
XML External Entity (XXE) Vulnerability in MicroMathematics SMathStudio Files
XML External Entity (XXE) Vulnerability in codelibs fess GSA XML File Parser
XML External Entity (XXE) Vulnerability in XML Parser for REST Server
Object Stream Connection Vulnerability in MegaMek v0.45.1 and earlier: Confidential Data Disclosure, Denial of Service, SSRF, and Remote Code Execution
XML External Entity (XXE) Vulnerability in FreeColXMLReader Parser Allows for Data Disclosure and Denial of Service
Cross Site Scripting (XSS) Vulnerability in Microweber Admin Login Form Template
User-controlled parameter vulnerability in Ubilling version <= 0.9.2: A Gateway to Data Disclosure, Denial of Service, SSRF, and Remote Code Execution
XML External Entity (XXE) Vulnerability in FrostWire Desktop 6.7.4-build-272 Allows for Disclosure of Confidential Data and Denial of Service
XML External Entity (XXE) Vulnerability in Anyplace Version Before Commit 80359b4
XML External Entity (XXE) Vulnerability in XR3Player Version <= V3.124: Confidential Data Disclosure and Denial of Service
K9Mail v5.600 XML External Entity (XXE) Vulnerability: Confidential Data Disclosure and Denial of Service
User-controlled Parameter Vulnerability in ZoneMinder <= 1.32.2: Confidential Data Disclosure, Denial of Service, SSRF, Remote Code Execution
User-controlled Parameter Vulnerability in ZoneMinder <= 1.32.2: Confidential Data Disclosure, Denial of Service, SSRF, Remote Code Execution
XML External Entity (XXE) Vulnerability in Runelite Parent 1.4.23: Risks and Consequences
XML External Entity (XXE) Vulnerability in KeePassDX Version <= 2.5.0.0beta17: Confidential Data Disclosure and Denial of Service
XML External Entity (XXE) Vulnerability in bw-calendar-engine-3.12.0: Confidential Data Disclosure, Denial of Service, SSRF, and Port Scanning
XML External Entity (XXE) Vulnerability in UML Designer version <= 8.0.0
XML External Entity (XXE) Vulnerability in Autopsy <= 4.9.0: Confidential Data Disclosure and Denial of Service
Arbitrary File Upload Vulnerability in LH-EHR REL-2_0_0: Remote Code Execution via Profile Picture Upload
XML External Entity (XXE) vulnerability in Processing 3.4 and earlier allows arbitrary file reading and exfiltration via crafted XML document parsing
Cross Site Scripting (XSS) Vulnerability in Zend.To prior to 5.15-1
Cross Site Scripting (XSS) vulnerability in FatFreeCRM versions <=0.14.1, >=0.15.0 <=0.15.1, >=0.16.0 <=0.16.3, >=0.17.0 <=0.17.2, ==0.18.0 (commit 6d60bc8ed010c4eda05d6645c64849f415f68d65) allows for Javascript execution
Cross-Site Request Forgery (CSRF) vulnerability in Luigi API endpoint: /api/<method>
XML External Entity (XXE) Vulnerability in Square Open Source Retrofit
Cross-Site Request Forgery (CSRF) Vulnerability in FreshDNS 1.0.3 and Earlier: Privilege Escalation via Attacker's JavaScript
Cross Site Scripting (XSS) Vulnerability in FreshDNS Account Data Form
Cross Site Scripting (XSS) Vulnerability in Wampserver Prior to Version 3.1.5
Remote Code Execution Vulnerability in Alpine Linux' apk-tools
Directory Traversal Vulnerability in Square Retrofit RequestBuilder Class
Private Key Compromise Vulnerability in Copay Bitcoin Wallet
RDP Server Memory Reading Vulnerability
Remote Code Execution via ESI Directive Injection in esigate.org
Cross Site Scripting (XSS) Vulnerability in easymon v1.4 and Earlier
Cross Site Scripting (XSS) Vulnerability in DomainMOD
Directory Traversal Vulnerability in log-user-session Version 0.7 and Earlier Allows User to Root Privilege Escalation
Cross-Site Request Forgery (CSRF) Vulnerability in GnuPG version 2.1.12 - 2.2.11
Cross Site Scripting (XSS) Vulnerability in phpIPAM Version 1.3.2 and Earlier
Stapler Web Framework Code Execution Vulnerability in Jenkins
Information Exposure Vulnerability in Jenkins DirectoryBrowserSupport.java
User Data Modification Vulnerability in Jenkins
Denial of Service Vulnerability in Jenkins CronTab.java
Sandbox Bypass Vulnerability in Script Security Plugin Allows Arbitrary Code Execution in Jenkins
Sandbox Bypass Vulnerability in Pipeline: Groovy Plugin Allows Arbitrary Code Execution
SQL Injection Vulnerability in WeBid Version up to 1.2.2: Database Read via Blind SQL Injection
Cross Site Scripting (XSS) Vulnerability in WeBid User Login and Registration Pages
SQL Injection Vulnerability in phpIPAM 1.3.2
CWE-79 Vulnerability in PHPipam 1.3.2 and Earlier: Remote Code Execution via User Settings
HotelDruid HotelDruid 2.3.0 SQL Injection Vulnerability
Resource Exhaustion Vulnerability in PyKMIP Server
Denial-of-Service Vulnerability in Fasterxml Jackson-Modules-Java8 (CVE-2018-14718)
Cross Site Scripting (XSS) Vulnerability in PHP cebe markdown parser versions 1.2.0 and earlier
Authentication Bypass Vulnerability in BOINC Server and Website Code
Integer Overflow Vulnerability in binutils objdump, bfd_get_dynamic_reloc_upper_bound, bfd_canonicalize_dynamic_reloc
Double Free Vulnerability in libarchive RAR Decoder
Use After Free Vulnerability in libarchive RAR Decoder
CWE-476: NULL Pointer Dereference Vulnerability in libarchive/archive_acl.c
Improper Input Validation in libarchive WARC Parser Allows DoS Attack
Remote Command Execution Vulnerability in Traccar Server 4.0 and Earlier
Directory Traversal Vulnerability in WeBid's getthumb.php Allows Arbitrary Image File Read
Header Injection Vulnerability in Elixir Plug Plug
Timing Discrepancy Information Exposure in Vesta CP Password Reset
Command Injection Vulnerability in PHKP Version 88fd9cfdf14ea4b6ac3e3967feea7bcaabb6f03b
Buffer Overflow Vulnerability in NASM (2.14.01rc5, 2.15) Allows for Stack Overflow and Program Crash
Cross Site Scripting (XSS) Vulnerability in Peel Shopping Peel-Shopping_9_1_0 Version
Unserialization and Object Injection Vulnerability in PEAR Archive_Tar
XML External Entity (XXE) Vulnerability in Logisim Evolution 2.14.3 and Earlier
Time Based Blind SQL Injection Vulnerability in FrontAccounting 2.4.5
Uncontrolled Resource Consumption Vulnerability in Bitcoin SV before 0.1.1
Uncontrolled Resource Consumption Vulnerability in Bitcoin SV before 0.1.1
Uncontrolled Resource Consumption Vulnerability in Bitcoin SV (CVE-2020-XXXX)
Path Traversal Vulnerability in Jenkins Stapler Web Framework
Cross Site Scripting (XSS) Vulnerability in FreeBSD CVSweb 2.x
Scripting Engine Memory Corruption Vulnerability in Internet Explorer
Division-by-Zero Vulnerability in NASM 2.14rc0's expr5 Function
Denial of Service Vulnerability in OpenMPT and libopenmpt
Buffer Overflow Vulnerability in G DATA Total Security ActiveX Control
Blind SQL Injection Vulnerability in WordPress Arigato Autoresponder and Newsletter v2.5.1.8
Reflected XSS Vulnerability in WordPress Arigato Autoresponder and Newsletter v2.5.1.8: Administrative Privileges Required
Reflected XSS Vulnerability in WordPress Arigato Autoresponder and Newsletter v2.5.1.8: Administrative Privileges Required
Reflected XSS Vulnerability in WordPress Arigato Autoresponder and Newsletter v2.5.1.8: Administrative Privileges Required
Reflected XSS Vulnerability in WordPress Arigato Autoresponder and Newsletter v2.5.1.8: Administrative Privileges Required
XSS Vulnerability in bft_list.html.php:43 via filter_signup_date Parameter
Administrative Privilege XSS Vulnerability in integration-contact-form.html.php:14
Reflected XSS Vulnerability in WordPress Arigato Autoresponder and Newsletter v2.5.1.8
Reflected XSS Vulnerability in WordPress Arigato Autoresponder and Newsletter v2.5.1.8 with Administrative Privileges
Reflected XSS Vulnerability in WordPress Arigato Autoresponder and Newsletter v2.5.1.8 via Unsubscribe Page
Denial of Service Vulnerability in Linux Kernel's SAS SCSI Host Driver
Arbitrary File Overwrite Vulnerability in kubectl cp Command
Command Line Argument Injection Vulnerability in Kubernetes on Windows Nodes
Kubernetes API Server URL Redirection Vulnerability
Vulnerability: DNS Rebinding Attack on Minikube Kubernetes Dashboard
Public Exposure of Prometheus Metrics in Kubernetes Ingress Default Backend (Versions < 1.5)
Kubernetes API Server Proxy Upgrade Vulnerability
Incorrect Access Control Vulnerability in Koji Versions 1.12-1.15
Plexus-Archiver Directory Traversal Vulnerability (Zip-Slip)
Zip-Slip: Arbitrary File Write Vulnerability in zt-zip
Zip-Slip: Arbitrary File Write Vulnerability in zip4j
Zip-Slip: Arbitrary File Write Vulnerability in Unzipper npm Library (<=0.8.13)
Zip-Slip: Arbitrary File Write Vulnerability in adm-zip npm Library
DotNetZip.Semvered before 1.11.0 Vulnerability: Zip-Slip Directory Traversal
SharpCompress before 0.21.0 Directory Traversal Vulnerability
Zip-Slip Vulnerability in mholt/archiver Golang Package
SharpZipLib Directory Traversal Vulnerability (Zip-Slip)
Zip-Slip Vulnerability in QuaZIP before 0.7.6 Allows Arbitrary File Write
Cross-Site Scripting (XSS) Vulnerability in Catfish CMS V4.7.21 via pinglun Parameter
Clear-text User Credentials Exposed in ubiQuoss Switch VP5208A's bcm_password File
Reflected XSS Vulnerability in WeChat Module of YzmCMS 3.7.1
Arbitrary Code Execution Vulnerability in ESTsoft ALZip
Sensitive Information Disclosure in joyplus-cms 1.6.0 via Direct Request to install/ or log/ URI
Reflected XSS in CMS Made Simple 2.2.7 via m1_name parameter in admin/moduleinterface.php
Microsoft JET Database Engine Remote Code Execution Vulnerability
CSRF Vulnerability in CMS Made Simple 2.2.7 admin/siteprefs.php
CSRF Vulnerability in CMS Made Simple 2.2.7's admin/moduleinterface.php
Reflected XSS Vulnerability in CMS Made Simple 2.2.7 via m1_version Parameter
Stored XSS in CMS Made Simple 2.2.7 via metadata parameter in admin/siteprefs.php
VBScript Engine Remote Code Execution Vulnerability in Windows
CSRF Vulnerability in iScripts eSwap v2.4 Admin Panel
XSS Vulnerability in iScripts eSwap v2.4 Admin Panel
Microsoft SharePoint Elevation of Privilege Vulnerability
SQL Injection Vulnerability in iScripts eSwap v2.4 via registration_settings.php ddlFree Parameter
XSS Vulnerability in iScripts SupportDesk v4.3 via txtinteligentsearch Parameter
XSS Vulnerability in iScripts SupportDesk v4.3 via admin/inteligentsearchresult.php txtinteligentsearch Parameter
Remote Code Execution Vulnerability in H2 1.4.197
Memory Access and Heap Buffer Overflow Vulnerability in TensorFlow XLA Compiler
Arbitrary File Write Vulnerability in cgminer 4.10.0 and bfgminer 5.5.0
Stack-based Buffer Overflow in cgminer and bfgminer Remote Management Interface
Cross-Site Scripting (XSS) Vulnerability in Cacti before 1.1.37
Unsanitized Input in Cacti's sanitize_uri Function Leads to XSS Vulnerability
XSS Vulnerability in Cacti before 1.1.37
Remote Command Execution Vulnerability in Convert Forms Extension for Joomla!
OpenVPN Server Certificate Verification Bypass in MikroTik RouterOS 6.41.4
XSS Vulnerability in jDownloads Extension for Joomla!
Memory Disclosure Vulnerability in Microsoft Office
Denial of Service Vulnerability in MikroTik Version 6.41.4
Denial of Service Vulnerability in Jungo DriverWizard WinDriver 12.6.0
Denial of Service Vulnerability in Jungo DriverWizard WinDriver 12.6.0
XSS Vulnerability in joyplus-cms 1.6.0 via keyword parameter in manager/admin_vod.php
NULL pointer dereference vulnerability in hi3660_stub_clk_probe function in Linux kernel before 4.16
Zoho ManageEngine EventLog Analyzer 11.12 XSS Vulnerability in Import Logs Feature
Cross-Site Scripting Vulnerability in Zoho ManageEngine EventLog Analyzer 11.12
Geist WatchDog Console 3.2.2 XXE Vulnerability: Arbitrary File Read
Geist WatchDog Console 3.2.2 - Remote XSS Vulnerability via Server Description
Weak ACL in Geist WatchDog Console 3.2.2 allows unauthorized modification of configuration data
OpenType Font Driver Elevation of Privilege Vulnerability in Windows Adobe Type Manager Font Driver (ATMFD.dll)
Vulnerability: Unauthorized DNS Settings Changes in Secutech RiS Devices
Admin Password Reset Vulnerability in CMS Made Simple (CMSMS) 2.2.6
Physical Path Leakage in CMS Made Simple (CMSMS) 2.2.7
Arbitrary File Deletion Vulnerability in CMS Made Simple (CMSMS) 2.2.7
Privilege Escalation Vulnerability in CMS Made Simple (CMSMS) 2.2.6
PHP Object Injection Vulnerability in CMS Made Simple (CMSMS) 2.2.6
Arbitrary Code Execution Vulnerability in CMS Made Simple (CMSMS) Admin Dashboard
Denial of Service Vulnerability in Linux Kernel's kernel_wait4 Function
Unspecified Buffer Overflow Vulnerability in XiongMai uc-httpd 1.0.0
Windows DirectX Graphics Kernel Subsystem Elevation of Privilege Vulnerability
XSS Vulnerability in AudioCodes IP Phone 420HD Firmware 2.2.12.126
Arbitrary Command Execution in Dolibarr Admin Panel
Remote Code Execution Vulnerability in AudioCodes IP Phone 420HD Firmware Version 2.2.12.126
Arbitrary SQL Command Execution in Dolibarr before 7.0.2
Arbitrary Web Script Injection in Dolibarr before 7.0.2
XSS Vulnerability in joyplus-cms 1.6.0 via device_name Parameter
Cross-Site Scripting (XSS) Vulnerability in Domain Trader 2.5.3 via recoverlogin.php email_address Parameter
Denial of Service Vulnerability in MicroWorld eScan Internet Security Suite for Business 14.0.1400.2029
Cross-Site Search (XS-Search) Vulnerability in Google Monorail
Windows Font Library Remote Code Execution Vulnerability
Unvalidated Redirection Vulnerability in WordPress Login Page (pre-4.9.5)
Vulnerability: Localhost URL Validation Issue in WordPress
XSS Vulnerability in WordPress 4.9.5 and Earlier Versions
SMB Data Printing Vulnerability in tcpdump (Issue 1 of 2)
SMB Data Printing Vulnerability in tcpdump before 4.9.3 (Issue 2 of 2)
D-Link DIR-815 REV. B Firmware Permission Bypass and Information Disclosure Vulnerability
Cross-Site Scripting (XSS) Vulnerability in D-Link DIR-815 REV. B Firmware
Cross-Site Scripting (XSS) Vulnerability in D-Link DIR-815 REV. B Firmware
Stored XSS Vulnerability in Monstra CMS 3.0.4: Exploiting Editor Role in Blog Catalog
Microsoft Excel Remote Code Execution Vulnerability
Cross-Site Scripting (XSS) Vulnerability in D-Link DIR-615 T1 Devices via Add User Feature
Unbounded Memory Allocation Vulnerability in GEGL
Remote Code Execution Vulnerability in GEGL through 0.3.32
Unbounded Memory Allocation Vulnerability in GEGL
Remote Denial of Service Vulnerability in GEGL through 0.3.32
Uninitialized Memory Vulnerability in 7-Zip RAR Decoder Objects
CSRF Vulnerability in idreamsoft iCMS V7.0.7 Allows Unauthorized Addition of Admin Account
Stored XSS Vulnerability in Monstra CMS 3.0.4 via Name Field on Create New Page Screen
Use-after-free vulnerability in StgSmallStrm class in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1
Windows Font Library Remote Code Execution Vulnerability
Heap-based Buffer Overflow in LibreOffice's SwCTBWrapper::Read Function
Stored XSS Vulnerability in Monstra CMS 3.0.4 via Admin Page Title Field
Arbitrary File Read Vulnerability in QingDao Nature Easy Soft Chanzhi Enterprise Portal System (aka chanzhieps) pro1.6
Arbitrary File Read and Append Vulnerability in p910nd on Inteno IOPSYS 2.0 through 4.2.0
Denial of Service Vulnerability in Linux Kernel's kill_something_info Function
XSS Vulnerability in Contao System Log (Before 4.5.7)
NULL Pointer Dereference in LibTIFF 4.0.9's jpeg_fdct_16x16 Function
CSRF Vulnerability in XYHCMS 3.5 Allows Unauthorized Account Addition
Cross-Site Scripting (XSS) Vulnerability in XYHCMS 3.5 via test Parameter in index.php
Windows Font Library Remote Code Execution Vulnerability
CSRF Vulnerability in PbootCMS v0.9.8 Allows PHP Code Injection
PHP Code Injection Vulnerability in PbootCMS v0.9.8
Reflected XSS Vulnerability in iScripts eSwap v2.4 User Panel
Stored XSS in manage_settings section of iScripts UberforX 2.2 Admin Panel
CSRF Vulnerability in iScripts UberforX 2.2 Admin Panel
Cross-Site Scripting (XSS) Vulnerability in CATALooK.netStore Module for DNN
Arbitrary JavaScript and HTML Injection Vulnerability in PAN-OS GlobalProtect Gateway
Microsoft SharePoint Elevation of Privilege Vulnerability
PAN-OS Management Web Interface Session Shutdown Vulnerability
Arbitrary JavaScript and HTML Injection in GlobalProtect Portal Login Page
Expedition Migration Tool 1.0.106 and Earlier File Enumeration Vulnerability
Remote Code Execution Vulnerability in Palo Alto Networks Expedition Migration Tool
Windows Font Library Remote Code Execution Vulnerability
Windows Font Library Remote Code Execution Vulnerability
Stored Cross-site scripting (XSS) vulnerability in TP-Link EAP Controller and Omada Controller versions 2.5.4_Windows/2.6.0_Windows through portalPictureUpload functionality.
Stored Cross-site scripting (XSS) vulnerability in TP-Link EAP Controller and Omada Controller versions 2.5.4_Windows/2.6.0_Windows
Lack of Anti-CSRF Tokens in TP-Link EAP Controller and Omada Controller Allows for Authenticated Request Forgery
Hard-coded Cryptographic Key Vulnerability in TP-Link EAP Controller and Omada Controller
Privilege Escalation Vulnerability in TP-Link EAP and Omada Controllers
Privilege Escalation Vulnerability in ProtonVPN 1.3.3 for Windows
Privilege Escalation Vulnerability in NordVPN 6.12.7.0 for Windows
Root Privilege Escalation Vulnerability in Kromtech MacKeeper 3.20.4
Privilege Escalation via Large Memory Pages Option in 7-Zip
Arbitrary File Upload Vulnerability in Digital Guardian Management Console 7.1.2.0015
Digital Guardian Management Console 7.1.2.0015 SSRF Vulnerability
XXE Vulnerability in Digital Guardian Management Console 7.1.2.0015
Directory Traversal Vulnerability in Digital Guardian Management Console 7.1.2.0015
Denial of Service Vulnerability in ImageMagick 7.0.7-28 via Crafted MNG File
FromDocToPDF Chrome Extension Information Disclosure Vulnerability
Internet Explorer Remote Code Execution Vulnerability
Cross-Site Scripting (XSS) Vulnerability in BigTree 4.2.22
Heap Overflow Vulnerability in HAProxy
CSRF Vulnerability in TuziCMS v2.0.6 Allows Unauthorized Admin Account Creation
Heap-based Buffer Over-read in r_hex_bin2str function in radare2 2.5.0
Heap-based Buffer Over-read in dalvik_op Function in radare2 2.5.0
CSRF Vulnerability in phpMyAdmin 4.8.0 before 4.8.0-1 Allows Arbitrary SQL Execution
Cookie Manipulation Vulnerability in Mautic Allows Systematic Emulation of Tracking
Chakra Scripting Engine Remote Code Execution Vulnerability in Microsoft Edge
Elevated Privileges Execution Vulnerability in PIA VPN Client v77 for Windows
Integer Overflow Vulnerability in mruby 1.4.0: Use-After-Free in OP_GETUPVAR Handling
Root Privilege Escalation Vulnerability in IPVanish 3.0.11 for macOS
Denial of Service Vulnerability in LogMeIn LastPass through 4.15.0
Buffer Overflow in set_text_distance function in Artifex Ghostscript PDF Writer
Information Leakage in lrzsz Before Version 0.12.21~rc
Graphviz 2.40.1 - NULL Pointer Dereference Vulnerability in rebuild_vlists Function
Time-Based Blind SQL Injection Vulnerability in ELO ELOenterprise and ELOprofessional Access Manager Component
Customer Ticket Information Disclosure Vulnerability in OTRS 6.0.x
Use-after-free vulnerability in mruby's File#initialize_copy() method allows for arbitrary code execution
Internet Explorer Remote Code Execution Vulnerability
Arbitrary File Read Vulnerability in NComputing vSpace Pro 10 and 11
SYSTEM Privilege Escalation Vulnerability in PureVPN 6.0.1 for Windows
Memory leaks in container_setup_modules and hyper_rescan_scsi functions in hyperstart 1.0.0
Stored XSS Vulnerability in Vaultize Enterprise File Sharing 17.05.31 via File Request Message Field
Missing Authorization Vulnerability in Vaultize Enterprise File Sharing 17.05.31 Allows Unauthorized File Export
Anonymous Reflected XSS Vulnerability in Vaultize Enterprise File Sharing
Stored XSS Vulnerability in Vaultize Enterprise File Sharing 17.05.31
Microsoft Edge Information Disclosure Vulnerability
User Enumeration through Password-Reset Feature in Vaultize Enterprise File Sharing 17.05.31
Improper Authorization in Vaultize Enterprise File Sharing 17.05.31
Improper Authorization Vulnerability in Vaultize Enterprise File Sharing 17.05.31
Cross-Site Scripting (XSS) Vulnerability in Vaultize Enterprise File Sharing 17.05.31
Physical Path Leakage in baijiacms V3 via index.php?mod=mobile&name=member&do=index Request
ChakraCore Memory Corruption Vulnerability in Microsoft Browsers
SSRF Vulnerability in Glastopf 3.1.3-dev with Intentional Behavior
Persistent XSS Vulnerability in WUZHI CMS V4.1.0 Allows Administrator Cookie Theft
CSRF Vulnerability in idreamsoft iCMS V7.0 Allows Unauthorized Column Addition
CSRF Vulnerability in YzmCMS 3.8 Allows Unauthorized Admin Account Addition
CSRF Vulnerability in YzmCMS 3.8 Allows Unauthorized Tag Addition
SQL Injection Vulnerability in ThinkPHP 3.1.3 via index.php s Parameter
XSS Vulnerability in MiniCMS v1.10 via mc-admin/conf.php site_link Parameter
Arbitrary Script Injection in LimeSurvey 3.6.2+180406
Accelerating Micro-Architectural Attacks: Exploiting GPU Memory Module Vulnerability via WebGL API
Edge and ChakraCore Remote Code Execution Vulnerability
XSS Vulnerability in Zend Debugger (ZSR-2455)
Unspecified Cross-Site Scripting (XSS) Vulnerability in TOPdesk
CSRF Vulnerability in TOPdesk Allows Authentication Hijacking
Lack of Cross-Site Request Forgery (CSRF) Mitigations in User Profile & Membership Plugin for WordPress
Authenticated Cross-Site Scripting in User Profile & Membership Plugin
Arbitrary PHP Code Execution in POSCMS 3.2.10 via 'index' Function in Setting.php
Arbitrary PHP Code Execution in POSCMS 3.2.18 via 'add' Function in Syscontroller.php
Unbounded Memory Allocation Vulnerability in Google Guava 11.0 through 24.x
Buffer Overflow in bvlc.c of skarg BACnet Protocol Stack bacserv 0.9.1 and 0.8.5: Lack of Packet-Size Validation
Privilege Escalation Vulnerability in Infoblox NIOS Support Access Feature
Session Token Brute-Force Vulnerability in SolarWinds Serv-U MFT
Denial of Service Vulnerability in SolarWinds Serv-U: Crash via Specially Crafted URL
Suricata 4.0.4 SSH Banner Parsing Vulnerability
Heap-based Buffer Over-read in LibHTP 0.5.26 via Authorization Digest Header
Integer Overflow Vulnerability in Suricata 4.0.4 EtherNet/IP PDU Parsing
Full Path Disclosure Vulnerability in AWStats through 7.6 Allows Remote Attackers to Obtain Server Path
CSRF Vulnerability in WUZHI CMS 4.1.0 Allows Unauthorized Article Deletion
CSRF Vulnerability in baijiacms V3 Allows Unauthorized Administrator Account Creation
Memory Object Handling Vulnerability in Microsoft Browsers
XSS Vulnerability in iCMS V7.0.8 via admincp.php Keywords Parameter
Remote Code Execution and Full System Control Vulnerability in Sierra Wireless AirLink Routers
Insecure Session Cookie Generation in Actiontec WCB6200Q Devices
Stack Memory Mishandling in Paessler PRTG Network Monitor before 18.1.39.1648
Stack-based Buffer Over-read in NASM 2.13 Disasm Function
CSV Injection Vulnerability in clustercoding Blog Master Pro v1.0 Allows Command Injection and Code Execution
SQL Injection Vulnerability in HRSALE The Ultimate HRM v1.0.2 Allows Unauthorized SQL Query Modification
CSV Injection Vulnerability in HRSALE The Ultimate HRM v1.0.2
CSV Injection Vulnerability in Shopy Point of Sale v1.0 Allows Code Execution
HRSALE The Ultimate HRM v1.0.2: Authenticated Stored XSS Vulnerability for Low Privileged Users
Microsoft Office Remote Code Execution Vulnerability (CVE-2018-XXXX)
HRSALE The Ultimate HRM v1.0.2 - Local File Inclusion Vulnerability
CSRF Vulnerability in HongCMS v3.0.0 Allows Unauthorized Administrator Account Creation
CSRF Vulnerability in BEESCMS 4.0 Allows Unauthorized Administrator Account Addition
CSRF Vulnerability in WTCMS 1.0 Allows Unauthorized Addition of Administrator Account
XSS Vulnerability in FastAdmin V1.0.0.20180417_beta via User Avatar Parameter
Microsoft Excel Remote Code Execution Vulnerability
Office Graphics Remote Code Execution Vulnerability
SQL Injection Vulnerability in CliqueMania Loja Virtual 14 via patch/remote.php id Parameter in Recomendar Action
SQL Injection Vulnerability in Adaltech G-Ticket v70 EME104 via mobile-loja/mensagem.asp eve_cod Parameter
Insecure Authentication Mechanism in Ericsson-LG iPECS NMS A.1Ac Web Application
Sensitive Information Disclosure in Ericsson-LG iPECS NMS A.1Ac Web Application
Infinite Loop Denial of Service Vulnerability in MuPDF 1.13.0
Microsoft Excel Remote Code Execution Vulnerability
Cross-Site Scripting (XSS) Vulnerability in Flexense DiskBoss Enterprise v7.4.28 to v9.1.16
CSRF Vulnerability in ChemCMS v1.0.6 Allows Unauthorized Administrator Account Creation
XSS Vulnerability in MiniCMS V1.10 via mc-admin/post-edit.php Title Parameter
Stored XSS Vulnerability in DiscuzX through X3.4 via portal.php?mod=portalcp&ac=article URI
Reflected XSS Vulnerability in Discuz! DiscuzX through X3.4 via forum.php?mod=post&action=newthread
The batchOverflow Vulnerability in Beauty Ecosystem Coin (BEC) Smart Contract
Microsoft Office Remote Code Execution Vulnerability
Arbitrary Script Injection in Web-Dorado Instagram Feed WD Plugin
Arbitrary Script Injection in Web-Dorado Instagram Feed WD Plugin for WordPress
Use-After-Free Remote Code Execution Vulnerability in Foxit Reader and PhantomPDF
Use-After-Free Remote Code Execution Vulnerability in Foxit Reader and PhantomPDF
Improper Variable Usage in MessageSearch2 Function in Simple Machines Forum (SMF) Allows Access Restriction Bypass
Cross-Site Scripting (XSS) vulnerability in ILIAS 5.1.x through 5.3.x before 5.3.4 in class.ilDateDurationInputGUI.php and class.ilDateTimeInputGUI.php
Cross-Site Scripting (XSS) Vulnerability in error.php of ILIAS 5.2.x through 5.3.x before 5.3.4
XSS Vulnerability in Responsive Cookie Consent Plugin for WordPress
Persistent Cross-Site Scripting Vulnerability in Catapult UK Cookie Consent Plugin for WordPress
Persistent XSS Vulnerability in WUZHI CMS 4.1.0 via tag[pinyin] Parameter
CSRF Vulnerability in WUZHI CMS 4.1.0 Allows Password Reset for Common Members
Persistent XSS vulnerability in WUZHI CMS 4.1.0 via form%5Bqq_10%5D parameter
Open-AudIT Community 2.2.0 XSS Vulnerability in Component Name Parameter
Endless While Loop Vulnerability in NASM 2.14rc0
XSS Vulnerability in Frog CMS 0.9.5 via Edit Page Metadata
XSS Vulnerability in Frog CMS 0.9.5 via Edit Snippet
Microsoft SharePoint Server Elevation of Privilege Vulnerability
XSS Vulnerability in Frog CMS 0.9.5 via Edit Layout
Stored Cross Site Scripting Vulnerability in Frog CMS 0.9.5 via Admin Site title in Settings
Denial of Service Vulnerability in xfs_dinode_verify Function
NULL pointer dereference vulnerability in xfs_bmap_extents_to_btree function in Linux kernel through 4.16.3
Multiple Authenticated Stored XSS Vulnerabilities in PrinterOn Enterprise 4.1.3
PrinterOn Enterprise 4.1.3 Local User Credential Disclosure
Hardcoded Password Vulnerability in Momentum Axel 720P 5.1.8 Devices
Reflected XSS Vulnerability in phpIPAM 1.3.1's Mac Lookup Tool
Microsoft SharePoint Server Elevation of Privilege Vulnerability
Windows Security Feature Bypass Vulnerability: Device Guard Bypass
SQL Injection Remote Code Execution Vulnerability in Trend Micro Smart Protection Server
SQL Injection Vulnerability in Trend Micro Email Encryption Gateway 5.5
SQL Injection Vulnerability in Trend Micro Email Encryption Gateway 5.5
SQL Injection Information Disclosure Vulnerability in Trend Micro Email Encryption Gateway 5.5
Remote Code Execution Vulnerability in Trend Micro Email Encryption Gateway 5.5
Authentication Weakness in Trend Micro Email Encryption Gateway 5.5 Allows Password Recovery via DBCrypto Class Flaw
SQL Injection Remote Code Execution in Trend Micro Email Encryption Gateway 5.5
Directory Traversal Vulnerability in Trend Micro Endpoint Application Control 2.0 Allows Remote Code Execution
Privilege Escalation Vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG
Pool Corruption Privilege Escalation Vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG
NTFS Access Control Vulnerability
Out-of-Bounds Read Vulnerability in libmagic.a
Privilege Escalation via Insecure Handling of Temporary Files in KTextEditor
Vulnerability: Loose Comparison in phpLiteAdmin Login
Arbitrary Data Manipulation in WpDevArt Booking Calendar Plugin
XSS Vulnerability in BigTree Users Management Page
XSS Vulnerability in Threads to Link Plugin 1.3 for MyBB
Cross-Site Scripting (XSS) Vulnerability in Users Plugin 1.4.5 for October CMS
Stored XSS Vulnerability in WUZHI CMS 4.1.0 Content-Management Feature
Stored XSS Vulnerability in WUZHI CMS 4.1.0 Extension Module System Announcement
Intelbras Win 240 V1.1.0 Devices: Cross-site Scripting (XSS) Vulnerability Allows Unauthorized Admin Password Modification
Uninitialized Memory Disclosure in Microsoft Visual Studio PDB Compilation
Persistent Cross-Site Scripting Vulnerability in wunderfarm WF Cookie Consent Plugin 1.1.3 for WordPress
Heap-based Buffer Over-read Vulnerability in process_cu_tu_index in GNU Binutils 2.30
NULL pointer dereference vulnerability in concat_filename in dwarf2.c in GNU Binutils allows remote attackers to cause a denial of service (crash) via a crafted binary file.
XSS Vulnerability in EasyCMS 1.3 via s POST Parameter
Arbitrary PHP Code Execution via File Uploading Vulnerability in DedeCMS V5.7 SP2
ProxyOverflow: Unauthorized Increase of Digital Assets in SmartMesh Smart Contract
Improper Certificate Validation in PortSwigger Burp Suite: Potential Data Exposure
Persistent XSS Vulnerability in GitLab's Move Issue Feature
Memory Object Handling Vulnerability in Windows Kernel
Symlink Attack Vulnerability in KDE KWallet
Privilege Escalation Vulnerability in TunnelBear 3.2.0.6 for Windows
XSS Vulnerability in MODX Revolution 2.6.3
XSS Vulnerability in Lantronix SecureLinx Spider (SLS) 2.2+ Auth.asp Login Page
Heap-based Overflow Vulnerability in TFTP Server SP 1.66 and Earlier
Format String Vulnerability in TFTP Server SP 1.66 and Earlier: Remote Code Execution and Denial of Service
Format String Vulnerability in TFTP Server MT 1.65 and Earlier
.NET Framework Device Guard Security Feature Bypass Vulnerability
Cross-Site Scripting (XSS) Vulnerability in WUZHI CMS 4.1.0 via email parameter in index.php?m=member&v=register URI
Heap-based Buffer Overflow in libvorbis 1.3.6
Stack-based Buffer Over-read in bark_noise_hybridmp function in libvorbis
Windows Code Integrity Module Denial of Service Vulnerability
Universal/fat binary evasion vulnerability in F-Secure XFENCE and Little Flocker
Universal/fat binary evasion vulnerability in Objective-See security tools
Vulnerability: Universal/Fat Binary Evasion in Google Santa and molcodesignchecker
Universal/fat binary evasion vulnerability in Yelp OSXCollector
Universal/fat binary evasion vulnerability in Carbon Black Cb Response
Vulnerability: Universal/Fat Binary Evasion of Third-Party Code Signing Checks in VirusTotal
Denial of Service Vulnerability in RemoteMessageChannel
Server Side Request Forgery in Moodle 3.x Filepicker
Stored XSS Vulnerability in HongCMS 3.0.0 via Post News Feature
Directory Listing Vulnerability in MiniCMS 1.10
Full Path Disclosure in MiniCMS 1.10 via Modified id Field in mc-admin/post-edit.php
Process Termination Vulnerability in Shanghai 2345 Security Guard 3.7.0
Reflected Cross-Site Scripting Vulnerability in ILIAS
Arbitrary PHP Code Execution Vulnerability in Cosmo 1.0.0Beta6
Bypassing Blocked Hosts List in Moodle 3.x with Multiple A Record Hostnames
Stored XSS Vulnerability in DiliCMS Admin Panel
Remote Code Execution Vulnerability in D-Link DIR-615 2.5.17 Devices via Host Field in System/Traceroute Screen
Remote Denial of Service Vulnerability in Pexip Infinity (TLS Handshakes in RTMP)
Quiz Results Disclosure Vulnerability in Moodle 3.x
XSS Vulnerability in Moodle 3.x Calendar Event Name
Buffer Overflow in PowerDNS dnsreplay Tool
Incorrect Access Control in Jamf Pro 10.x before 10.3.0
Blind SQL Injection Vulnerability in Zoho ManageEngine ADAudit Plus before 5.0.0 build 5100
The transferFlaw Vulnerability in Useless Ethereum Token (UET) Smart Contract Implementation
Arbitrary JSP File Upload and Execution in b3log Symphony 2.6.0
Path Traversal Vulnerability in Wildfly 9.x Allows Information Disclosure
Inconsistent Code Signature Validation in Little Snitch Versions 4.0 to 4.0.6
Denial of Service Vulnerability in Xen Hypervisor (CVE-2017-5754 Fix)
Arbitrary File Read Vulnerability in Xen through 4.10.x via QMP Live CDROM Insertion
Remote Code Execution Vulnerability in Foxit Reader 9.0.0.29935 via U3D CLOD Base Mesh Continuation Structures
Arbitrary Code Execution via U3D Shading Objects in Foxit Reader 9.0.0.29935
Remote Code Execution Vulnerability in Foxit Reader 9.0.0.29935 via U3D Light Node Parsing
Remote Code Execution Vulnerability in Foxit Reader 9.0.0.29935 via U3D Model Node Parsing
Arbitrary Code Execution via U3D Chain Index Parsing Vulnerability in Foxit Reader 9.0.0.29935
Remote Code Execution Vulnerability in Foxit Reader 9.0.0.29935 via U3D Texture Coord Dimensions Parsing
Remote Code Execution Vulnerability in Foxit Reader 9.0.0.29935 via U3D Key Frame Parsing
Undertow AJP Connector Path Traversal Vulnerability
Remote Code Execution Vulnerability in Foxit Reader 9.0.0.29935 via U3D Node Name Buffer Overflow
Remote Code Execution Vulnerability in Foxit Reader 9.0.0.29935 via U3D Texture Resource Handling
Remote Code Execution Vulnerability in Foxit Reader 9.0.0.29935 via U3D Texture Image Format Object
Arbitrary Code Execution via U3D Clod Progressive Mesh Parsing in Foxit Reader 9.0.0.29935
Remote Code Execution Vulnerability in Foxit Reader 9.0.0.29935 via U3D Node Objects
Remote Code Execution Vulnerability in Foxit Reader 9.0.0.29935 via U3D Texture Height Structures (ZDI-CAN-5412)
Remote Code Execution Vulnerability in Foxit Reader 9.0.0.29935 via U3D Image Index Parsing
Remote Code Execution Vulnerability in Foxit Reader 9.0.0.29935 via U3D Parsing
Arbitrary Code Execution via U3D Texture Width Parsing Vulnerability in Foxit Reader 9.0.0.29935
Arbitrary Code Execution via U3D Clod Progressive Mesh Declaration Parsing in Foxit Reader 9.0.0.29935
Race Condition in systemd Prior to 234: Denial of Service Vulnerability
Arbitrary Code Execution via JPEG Parsing in Foxit Reader 9.0.0.29935
Arbitrary Code Execution via U3D Bone Weight Modifier Structures in Foxit Reader 9.0.0.29935
Remote Code Execution Vulnerability in Foxit Reader 9.0.0.29935 via U3D Clod Progressive Mesh Continuation Structures
Remote Code Execution Vulnerability in Foxit Reader 9.0.1.1049 via U3D Final Maximum Resolution Attribute
Arbitrary Code Execution via U3D 3DView Parsing Vulnerability in Foxit Reader 9.0.1.1049
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.0.29935 (ZDI-CAN-5586)
Remote Code Execution Vulnerability in Samsung Internet Browser (ZDI-CAN-5326)
Privilege Escalation via Samsung Email's Handling of EML Files
Samsung Email Local File Disclosure Vulnerability
Arbitrary Code Execution via URL Handling in Samsung Galaxy Apps (ZDI-CAN-5330)
Denial of Service Vulnerability in Samba's RPC Spoolss Service
Privilege Escalation via Push Message Handling in Samsung Galaxy Apps
Privilege Escalation Vulnerability in Samsung Notes (ZDI-CAN-5358)
Privilege Escalation Vulnerability in Samsung Galaxy Apps (ZDI-CAN-5359)
CSRF Vulnerability in baijiacms V4 v4_1_4_20170105 Allows Unauthorized Account Manipulation
CSV Injection Vulnerability in WebDorado Form Maker by WD Plugin for WordPress
Pool Corruption Privilege Escalation Vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG
Information Disclosure Vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG
Vulnerability: Bypassing Unauthorized Change Prevention in Trend Micro OfficeScan
Elevation of Account Permissions Vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG
Browser Refresh Attack Vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG
Incomplete Fix for CVE-2016-9606 Allows Yaml Unmarshalling in Resteasy via YamlProvider
Critical Remote Code Execution Vulnerability in Trend Micro Control Manager (Versions 6.0 and 7.0)
Server-Side Request Forgery (SSRF) Vulnerability in Trend Micro Control Manager
Trend Micro Control Manager Reverse Proxy DLL Manipulation Vulnerability
Privilege Escalation via Deserialization Vulnerability in Trend Micro Security 2018 (Consumer) Products
Privilege Escalation Vulnerability in Trend Micro Security 2018 Products
Remote Code Execution Vulnerability in CMS Made Simple (CMSMS) File Unpack Operation
Sensitive Information Disclosure and Denial of Service Vulnerability in CMS Made Simple (CMSMS) 2.2.7
Remote Code Execution Vulnerability in CMS Made Simple (CMSMS) through 2.2.7 via Module Import Operation
Arbitrary File Deletion Vulnerability in CMS Made Simple (CMSMS) 2.2.7
Privilege Escalation Vulnerability in CMS Made Simple (CMSMS) 2.2.7
Memory Disclosure Vulnerability in PostgreSQL 10.x: Arbitrary Server Memory Read via Table Partitioning
Arbitrary File Deletion Vulnerability in CMS Made Simple (CMSMS) 2.2.7
Arbitrary File Movement Vulnerability in CMS Made Simple (CMSMS) 2.2.7
Sensitive Information Disclosure Vulnerability in CMS Made Simple (CMSMS) through 2.2.7
Physical Path Leakage Vulnerability in CMS Made Simple (CMSMS) 2.2.7
Stored XSS Vulnerability in EasyCMS 1.3: Article Posting Fields Affected
Stack-based Buffer Overflow in utf2char function in LibRaw 0.18.9
Out-of-Bounds Read in LibRaw X3F Property Table List Implementation
Insecure File Creation Vulnerability in PostgreSQL pg_upgrade
UDP Amplification Vulnerability in America's Army Proving Grounds
Hardcoded Root SSH Credentials Vulnerability in EE 4GEE HH70VB-2BE8GB3 HH70_E1_02.00_19 Devices
Out-of-bounds Memory Write Vulnerability in libbfd
NULL pointer dereference vulnerability in ignore_section_sym function in libbfd allows for denial of service
Memory Writing Vulnerability in WavPack WAV Parser Component
Multiple Format Chunks Vulnerability in WavPack 5.1.0 and Earlier
Out-of-bounds Write Vulnerability in WavPack WAV Input
Out-of-Bounds Write Vulnerability in WavPack DSDiff Input
Denial of Service Vulnerability in 389-ds-base via LDAP Search Filters
Out-of-Bounds Write Vulnerability in WavPack 5.1.0 and Earlier
Unauthenticated Administrative Interface in Meross MSS110 Devices (1.1.24)
Dumpable FPM Child Processes Vulnerability
Infinite Loop Vulnerability in PHP's iconv Stream Filter
Reflected XSS Vulnerability in PHP PHAR Error Pages
LDAP Server Denial of Service Vulnerability
Out-of-bounds read vulnerability in exif_read_data in PHP
Unrestricted Access to Target and Tenant Tag Variables in Octopus Deploy
Directory Traversal Vulnerability in Nagios XI 5.4.13
Cross-Site Scripting (XSS) Vulnerabilities in Nagios XI 5.4.13
Out-of-Bounds Heap Buffer Read Vulnerability in advancecomp
Authentication Bypass Vulnerability in Dasan GPON Home Routers
Command Injection Vulnerability in Dasan GPON Home Routers
Critical Cross-Site Scripting (XSS) Vulnerability in Flexense SyncBreeze
Cross-Site Scripting (XSS) Vulnerability in Flexense DiskPulse Enterprise v10.4 to v10.7
Cross-Site Scripting (XSS) Vulnerability in Flexense DiskSavvy Enterprise v10.4 to v10.7
Cross-Site Scripting (XSS) Vulnerability in Flexense DupScout Enterprise v10.0.18 to v10.7
Cross-Site Scripting (XSS) Vulnerability in Flexense VX Search Enterprise v10.1.12 to v10.7
Cross-Site Scripting (XSS) Vulnerability in Flexense DiskSorter Enterprise v9.5.12 to v10.7
XSS Vulnerability in Edimax EW-7438RPn Mini v2 (Version 1.26) SSID Field
LDAP Password Modification Vulnerability in Samba 4 AD DC
XSS Vulnerability in Frog CMS 0.9.5 via admin_username Field in /install/index.php
Multiple Reflected Cross-Site Scripting (XSS) Vulnerabilities in OpenEMR before 5.0.1
Bypassing Access Restrictions in OpenEMR Patient File Letter Interface
Bypassing Access Restrictions in OpenEMR Fax Dispatch Interface
Arbitrary PHP Code Execution via .htaccess File Upload in BigTree 4.2.22 and Earlier
Hardcoded SSH Credentials Vulnerability on WatchGuard AP Devices
Improper Authentication Handling in WatchGuard AP Devices
Arbitrary Code Execution via File Upload on WatchGuard AP Devices
Authentication Bypass Vulnerability in WatchGuard AP Devices
PostgreSQL Privilege Escalation Vulnerability
XSS Vulnerability in Latest Posts on Profile Plugin 1.1 for MyBB
Unauthorized Access to Tenant Variables in Octopus Deploy
Automatic SMB Connection Initiation in LibreOffice and Apache OpenOffice Writer
Remote Denial of Service Vulnerability in Pexip Infinity (XML Parsing)
Multiple Stored Cross-Site Scripting (XSS) Vulnerabilities in NetGain Enterprise Manager (EM) Versions Before 10.1.12
OS Command Injection Vulnerabilities in NetGain Enterprise Manager (EM) Versions Before 10.0.57: Remote Code Execution
Path Traversal Vulnerability in Advantech WebAccess
Vulnerability: Memory Exposure in DPDK vhost-user Interface
Information Exposure Vulnerability through Directory Listing in Advantech WebAccess
Origin Validation Error Vulnerability in Advantech WebAccess
Hard-coded Credentials Vulnerability in Yokogawa STARDOM Controllers
Privilege Escalation Vulnerability in DB Manager and PerformA
Stack Buffer Overflow in Delta Industrial Automation COMMGR
SQL Injection Vulnerability in ReadA Version 1.1.0.2 and Previous on BD Kiestra Systems
Insecure VPN Connection in Medtronic 2090 CareLink Programmer Allows Local Network Attack
Memory Access Vulnerability in IntelliVue and Avalon Monitors
Out-of-Bounds Read Vulnerabilities in CNCSoft Version 1.00.83 and Prior with ScreenEditor Version 1.00.54
Unauthenticated Memory Reading Vulnerability in IntelliVue and Avalon Monitors
Catastrophic Backtracking Vulnerability in Python's pop3lib's apop() Method
Unsanitized Input Vulnerability in SEL AcSELerator Architect Version 2.2.24.0 and Prior
Vulnerability: Stack Overflow in IntelliVue and Avalon Monitors
Multiple Stack-Based Buffer Overflow Vulnerabilities in WECON LeviStudio Versions 1.8.29 and 1.8.44
Unauthenticated Remote Control Vulnerability in Martem TELEM GW6 and GWM Devices
Directory Traversal Vulnerability in SEL Compass Version 3.0.5.1 and Prior
Unprivileged User Control and Configuration Modification Vulnerability in Martem TELEM GW6/GWM
Heap-based Buffer Overflow Vulnerabilities in WECON LeviStudio Versions 1.8.29 and 1.8.44
Denial of Service Vulnerability in Martem TELEM GW6 and GWM Devices
Denial of Service Vulnerability in AcSELerator Architect FTP Client
Improper Data Sanitization in Martem TELEM GW6 and GWM Devices: Cross-Site Scripting and Code Execution Vulnerability
Catastrophic Backtracking Vulnerability in difflib.IS_LINE_JUNK Method
Out-of-Bounds Vulnerability in LeviStudioU Versions 1.8.29 and 1.8.44
Remote Code Execution via Java RMI Input Port in GE MDS PulseNET and MDS PulseNET Enterprise 3.2.1 and Prior
Default Access and Communication Vulnerability in CODESYS Control V3 Products
XML External Entity (XXE) Vulnerability in GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior
LeviStudioU XML External Entity (XXE) Vulnerability
Directory Traversal Vulnerability in GE MDS PulseNET and MDS PulseNET Enterprise Version 3.2.1 and Prior
Improper Input Validation Vulnerability in ABB Panel Builder 800
Heap Buffer Overflow in Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and prior
Weak Password Hash Vulnerability in Davolink DVW-3200N (Versions prior to 1.00.06)
Unquoted Search Path Vulnerability in RSLinx Classic and FactoryTalk Linx Gateway
Incomplete Zeroing of Disks in oVirt: Potential Data Exposure Vulnerability
Stack-based Buffer Overflow Vulnerability in AVEVA InduSoft Web Studio and InTouch Machine Edition
Stack Buffer Overflow in Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and prior
Vulnerability: Insecure Storage of Per-Product Credentials in Medtronic MyCareLink Patient Monitor
Memory Buffer Read Vulnerability in Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and Prior
Improper Error Handling in Johnson Controls Metasys System and BCPro (BCM) Allows Information Disclosure
Authentication Bypass Vulnerability in Medtronic MyCareLink Patient Monitor
SOAP API Vulnerability in Echelon SmartServer and i.LON Devices
Buffer Overflow Vulnerability in AVEVA InTouch Software
Vulnerability: Symbolic Link Attack in Context Relabeling of Filesystems in policycoreutils 2.5-11
Unauthenticated Access to Crestron TSW-X60 and MC3 Devices
Vulnerability: Unauthorized Code Execution via Medtronic N'Vision Clinician Programmer and Application Card
Denial-of-Service Vulnerability in Moxa NPort 5210, 5230, and 5232 Versions 2.9 Build 17030709 and Prior
Hard-coded Credentials Vulnerability in Universal Robots Robot Controllers Version CB 3.1, SW Version 3.4.5-100
Cleartext Transmission Vulnerability in Medtronic Insulin Pumps
Remote Code Execution Vulnerability in Universal Robots Robot Controllers Version CB 3.1, SW Version 3.4.5-100
Multiple Stack-Based Buffer Overflow Vulnerabilities in CNCSoft Version 1.00.83 and Prior with ScreenEditor Version 1.00.54
Buffer Overflow Vulnerability in Fuji Electric V-Server Lite 4.0.3.0 and Prior
Vulnerability: Resource Exhaustion in libvirt (CVE-2018-5748)
Vulnerability: Cleartext Password Change in D-Link DIR-601 A1 1.02NA Devices
Command Injection Vulnerability in Combodo iTop 2.4.1: Remote Code Execution via Platform Configuration
Privilege Escalation Vulnerability in Golden Frog VyprVPN for Windows
SYSTEM Privilege Escalation Vulnerability in CyberGhost 6.5.0.3180 for Windows
SYSTEM Privilege Escalation Vulnerability in SaferVPN 4.2.5 for Windows
Unauthenticated File Upload Vulnerabilities in Citrix XenMobile Server 10.8 and 10.7
Cross-Site Scripting Vulnerability in Citrix XenMobile Server 10.7 before RP3
Netfilter Subsystem NULL Pointer Dereference Vulnerability
Insufficient Path Validation Vulnerability in Citrix XenMobile Server 10.8 and 10.7
Open Redirect Vulnerabilities in Citrix XenMobile Server 10.8 and 10.7
Critical Sensitive Data Leakage Vulnerability in Citrix XenMobile Server 10.7 before RP3
XML External Entity (XXE) Processing Vulnerability in Citrix XenMobile Server 10.8 and 10.7
Hazelcast Library Java Deserialization Vulnerability in Citrix XenMobile Server 10.8 and 10.7
Unicode Buffer Overflow (SEH) in DLPnpAuditor.exe
Denial of Service Vulnerability in Matrix Synapse before 0.28.1
Axis IP Cameras Multiple Models Memory Corruption Vulnerability
Axis IP Cameras Multiple Models Memory Corruption Vulnerability
NULL Pointer Dereference Vulnerability in CIFS Server Setup
Axis IP Cameras: Shell Command Injection Vulnerability
Axis IP Cameras: Access Control Bypass Vulnerability
Axis IP Cameras: Exposed Insecure Interface Vulnerability
Axis IP Cameras Vulnerability: Incorrect Size Calculation
Axis IP Cameras: Memory Corruption Vulnerability
XSS Vulnerability in ILIAS 5.3.4 through unsanitized output of PHP_SELF
Vulnerability: Public setOwner Function Allows Ownership Acquisition and Variable Modification in Aurora IDEX Membership (IDXM) Smart Contract
Undertow Web Server Vulnerability: Arbitrary HTTP Header Injection and Response Splitting
Use-after-free vulnerability in do_get_mempolicy function in Linux kernel before 4.12.9
Remote File Download Vulnerability in CeNova, Night OWL, Novo, Pulnix, QSee, Securus, and TBK Vision DVR Devices
Heap-based Buffer Overflow in MiniUPnP ngiflib 0.4
MyBB 1.8.15 Remote Redirection Vulnerability
Linux 4.x Kernel Privilege Escalation Vulnerability
Stored Cross Site Scripting Vulnerability in Z-BlogPHP 1.5.2 via Website Title Setting
Unauthenticated Access and Remote Code Execution in WildFly 10.1.2.Final
Unauthenticated Access Vulnerability in WildFly 10.1.2.Final
Use-after-free vulnerability in lrzip 0.631 allows for remote denial of service or potential impact
Reflected XSS and Remote PHP Code Execution in Vesta Control Panel 0.9.8-20
Buffer Overflow in blktrace (Block IO Tracing) 1.2.0
Vulnerability: Access Control Override for Container Network Filesystems in Red Hat OpenShift Enterprise 3.7
Insecure Default Configuration Allows Sniffing and Data Compromise on Moxa AWK-3121 Devices
Unauthenticated File Download Vulnerability in Moxa AWK-3121 1.14 Devices
Missing HttpOnly Flag in Session Cookie on Moxa AWK-3121 1.14 Devices
Buffer Overflow Vulnerability in Moxa AWK-3121 1.14 Devices
Open Wi-Fi Connection Vulnerability on Moxa AWK-3121 1.14 Devices
Buffer Overflow Vulnerability in Moxa AWK-3121 1.14 Devices
CSRF Vulnerability in Moxa AWK-3121 1.14 Web Interface
Command Injection Vulnerability in Moxa AWK-3121 1.14 Devices
Default Unencrypted TELNET Service on Moxa AWK-3121 1.14 Devices
Command Injection Vulnerability in Moxa AWK-3121 1.14 Devices
Improper Input Validation in Openshift Routing Configuration Leads to Denial of Service Vulnerability
Cross-Site Scripting (XSS) Vulnerability in Moxa AWK-3121 1.19 Devices
Buffer Overflow Vulnerability in Moxa AWK-3121 1.14 Devices
Command Injection Vulnerability in Moxa AWK-3121 1.14 Devices
Buffer Overflow Vulnerability in Moxa AWK-3121 1.14 Devices
XSS Vulnerability in yidashi yii2cmf 2.0 via /search q Parameter
Vulnerability: Contract Ownership Acquisition and Denial of Service Attack in Aurora DAO (AURA) Smart Contract
MultiOverflow: Unauthorized Increase of Digital Assets in Social Chain (SCA) Smart Contract
Elevated Privilege Code Execution Vulnerability in ASRock RGBLED, A-Tuning, F-Stream, and RestartToUEFI
Stack-based Buffer Overflow in zsh's exec.c:hashcmd() Function
Arbitrary Physical Memory Read/Write Vulnerability in ASRock RGBLED, A-Tuning, F-Stream, and RestartToUEFI
Vulnerability: Arbitrary Ring-0 Code Execution via ASRock RGBLED and A-Tuning Drivers
Elevated Privilege Code Execution Vulnerability in ASRock RGBLED, A-Tuning, F-Stream, and RestartToUEFI
Memory Corruption and Arbitrary Code Execution Vulnerability in D-Link DSL-3782 EU 1.01 Devices
Process Termination Vulnerability in Shanghai 2345 Security Guard 3.7.0
Heap-based Buffer Overflow in DecodeGifImg Function of MiniUPnP ngiflib 0.4
Remote Code Execution Vulnerability in Call of Duty Modern Warfare 2
Information Exposure Through Log Files in ovirt-engine
Privilege Escalation via Symlink Chain in Cylance CylancePROTECT
Hardcoded Admin Password Vulnerability in Directus 6.4.9
Stored XSS Vulnerability in Datenstrom Yellow 0.7.3 via Edit Page Action
Fabrikar Fabrik Component Reflected XSS Vulnerability
Buffer Overflow Vulnerability in Phoenix Contact Managed FL SWITCH 3xxx, 4xxx, 48xx Products
Unauthenticated Configuration File Reading Vulnerability in Phoenix Contact Managed FL SWITCH Products
User Account Enumeration Vulnerability in oVirt Engine Web Console Login Form
Phoenix Contact Managed FL SWITCH 3xxx, 4xxx, 48xx Products Firmware OS Command Injection Vulnerability
Buffer Overflow Vulnerability in Phoenix Contact Managed FL SWITCH 3xxx, 4xxx, 48xx Products
Sensitive Information Disclosure in Dataiku DSS REST API
Heap-Based Buffer Over-Read Vulnerability in libgxps through 0.3.0
Backdoor Vulnerability in KONGTOP DVR Devices: Password Disclosure via Print_Password Function
SQL Injection Vulnerability in Nagios XI before 5.4.13 via admin/commandline.php Cname Parameter
SQL Injection Vulnerability in Nagios XI 5.4.13 via admin/info.php Key1 Parameter
SQL Injection Vulnerability in Nagios XI 5.4.13 via admin/logbook.php txtSearch Parameter
SQL Injection Vulnerability in Nagios XI 5.4.13 via admin/menuaccess.php chbKey1 Parameter
Process Termination Vulnerability in Shanghai 2345 Security Guard 3.7.0
Power Management Credential Exposure in oVirt Engine API and Administration Web Portal
Remote Code Execution in Axublog 1.1.0 via Injection of PHP Code in webkeywords Parameter
Buffer Overflow Vulnerability in D-Link DSL-3782 EU 1.01 Devices
Memory Corruption and Arbitrary Code Execution Vulnerability in D-Link DSL-3782 EU 1.01
Memory Corruption and Arbitrary Code Execution Vulnerability in D-Link DSL-3782 EU 1.01
Memory Corruption and Arbitrary Code Execution Vulnerability in D-Link DSL-3782 EU 1.01
Unfiltered Password Logging Vulnerability in oVirt-Engine
Memory Corruption and Arbitrary Code Execution Vulnerability in D-Link DSL-3782 EU 1.01
Integer Overflow in OMACP WAP Push Message Processing on Samsung S7 Edge (SVE-2018-11463)
Stored XSS Vulnerability in Tagregator Plugin 0.6 for WordPress via Title Field
Stack-based Buffer Overflow in abcm2ps Music Delayed_Output Function
Use-after-free vulnerability in libtransmission/variant.c in Transmission before 3.00
Authentication Bypass via SQL Injection in CSP MySQL User Manager 2.3.1
CSRF Vulnerability in Datenstrom Yellow 0.7.3 Allows Unauthorized Article Deletion
Arbitrary Command Execution and SQL Injection in Project Pier 0.8.8 and Earlier
Unrestricted File Upload Vulnerability in ProjectPier 0.88 and Earlier
Cross-Site Scripting (XSS) Vulnerabilities in Synametrics SynaMan 4.0 Build 1488 via Partial Branding Configuration Page
Stack-based Buffer Over-read Vulnerability in libgxps
NULL Pointer Dereference in AnnotPath::getCoordsLength Function in Poppler 0.24.5
Vulnerability: Cross-Token Replay Attack in SmartMesh (SMT) Smart Contract Implementation
XXE Vulnerability in Spacewalk 2.6 API: Disclosure of Sensitive Server Information
Unauthenticated Configuration Download Vulnerability in ShenZhen Anni 5 in 1 XVR Devices
Stack-based Buffer Overflow in get_key function in abcm2ps through 8.13.20
Denial of Service and Potential Remote Code Execution in Exiv2 through 0.26
Remote Denial of Service Vulnerability in bibutils through 6.2
Remote Denial of Service Vulnerability in bibutils through 6.2
Remote Denial of Service Vulnerability in bibutils through 6.2
Denial of Service Vulnerability in mp3gain through 1.5.2-r2
Buffer Overflow in WriteMP3GainAPETag Function in mp3gain through 1.5.2-r2: Remote Code Execution and Denial of Service Vulnerability
Read Access Violation in III_dequantize_sample Function in mp3gain Allows Remote Attackers to Cause Denial of Service or Other Impact
Heap-based Buffer Over-read in LibTIFF 3.8.2's TIFFWriteScanline Function
Vulnerability in OpenDayLight Version Carbon SR3 and Earlier: Traffic Flow Reconciliation Exploit
Heap-Based Buffer Over-Read in Exiv2 0.26's Image.cpp
Privilege Escalation via Malicious REST Call in pcsd Service
Memory Allocation Failure in AP4_CttsAtom Class in Bento4 1.5.1.0
File Upload Vulnerability in Liferay 6.2.x and Earlier Versions
Denial of Service and Potential Impact Vulnerability in 2345 Security Guard 3.7
Continuous Page Reload Vulnerability in Brave Browser
Hang Issue Caused by Mishandling of Long URL in Brave Browser
Reversed ACL Rules Vulnerability in Dogtag PKI
Memory Leaks in TIFFClientOpen Function in LibTIFF 3.8.2
Arbitrary Script Injection via CSRF in Zoho ManageEngine NetFlow Analyzer v12.3
Memory Leak in WriteTIFFImage in ImageMagick 7.0.7-28
Memory Leak in ReadYCBCRImage in ImageMagick 7.0.7-28
Reflected Cross Site Scripting Vulnerability in Frog CMS 0.9.5 via file[current_name] Parameter
Denial of Service Vulnerability in 2345 Security Guard 3.7
Unauthenticated users can spam admin email via PayPal enrol script in Moodle
Cross-Site Scripting Vulnerability in LiveZilla Live Chat 7.0.9.5 and Prior via Accept-Language HTTP Header
Remote Denial of Service Vulnerability in strongSwan 5.6.0 and Older due to Missing Variable Initialization
Cleartext Storage of Digital Currency Initial Keys in Bitpie Application
Hardcoded Secrets in Dedos-web 1.0 Allow Privilege Escalation via Session Cookie Manipulation
Clear-text Storage of SMTP Credentials in Synametrics SynaMan 4.0 build 1488
Sensitive Cluster Information Disclosure Vulnerability
XSS Vulnerability in Severalnines ClusterControl before 1.6.0-4699
OAuth2 Authentication Bypass Vulnerability in Moodle 3.4 to 3.4.1 and 3.3 to 3.3.4
Arbitrary Code Injection via Search Panel in BlackCatCMS 1.3
Directory Traversal Vulnerability in D-Link Web Interface
Arbitrary Code Execution via Shell Command Injection in D-Link DWR Devices
Plaintext Storage of Administrative Password in D-Link Routers
Unauthenticated and Unencrypted BLE Communication in Mimo Baby 2 Devices Enables Fake Information Injection
Denial of Service (Memory Consumption) Vulnerability in LiteCart before 2.1.2
Denial of Service Vulnerability in Alps Pointing-device Driver 10.1.101.207
Buffer Overflow Vulnerability in Zsh Shell Autocomplete Functionality
Denial of Service and Potential Impact Vulnerability in 2345 Security Guard 3.7
Equihash Solution Verifier Vulnerability in Z-NOMP
ModbusPal 1.6b XML External Entity (XXE) Vulnerability
Integer Overflow Vulnerability in Qemu Emulator's NE2000 NIC Emulation
Integer Overflow Vulnerability in Corosync's exec/totemcrypto.c
Heap-Based Buffer Overflow Vulnerability in Linux Kernel's ext4_xattr_set_entry() Function
Privilege Escalation Vulnerability in GlusterFS Server Nodes
Privilege Escalation in Openshift Container Platform's Source-to-Image Component
GnuTLS HMAC-SHA-256 Vulnerability: Lucky Thirteen Style Attack
Vulnerability: GnuTLS HMAC-SHA-384 Lucky Thirteen Attack
CacheBleed: Exploiting a Cache-based Side Channel in GnuTLS for Plain Text Recovery in Cross-VM Attacks
Authentication Bypass Vulnerability in Prosody Versions 0.10.2 and 0.9.14
Misconfigured SSL Client Certificate Authentication in Openshift-ansible
Race Condition in 389-ds-base Persistent Search Handling Leading to Denial of Service
Memory Leak Vulnerability in PowerDNS Server and Recursor
SSSD Vulnerability: Unauthorized Access to Sudo Rules via Wide-Permission UNIX Pipe
Privilege Escalation Vulnerability in Linux Kernel KVM Hypervisor
Stored Cross-Site Scripting Vulnerability in CloudForms v2v Infrastructure Mapping Delete Feature
Sensitive Data Exposure in Ansible 2.5 and 2.4
Privilege Escalation Vulnerability in Podman
Private Data Exposure and Exfiltration Vulnerability in git-annex
Heap-Buffer Overflow in Samba Clients: Arbitrary Code Execution Vulnerability
Information Exposure Vulnerability in git-annex: Decryption of Unstored Encrypted Data
Vulnerability: Debug Parameter Removal Bypass in pcsd REST Interface
Directory Traversal Vulnerability in perl-archive-zip's Archive::Zip Module
Ceph Mon Vulnerability: Unauthorized Pool Deletion and Snapshot Corruption
Zip Slip vulnerability in WildFly Core before version 6.0.0.Alpha3 allows for arbitrary file overwrite through crafted .war archives.
Improper Configuration in redhat-certification 7 Allows Unauthorized Access to Sensible Information
Uncontrolled Resource Consumption Vulnerability in redhat-certification
Unauthenticated Remote Restart Vulnerability in Red Hat Certification 7
Unauthenticated User Can Remove System Files via /configuration View in Redhat-Certification 7
Unrestricted File Access Vulnerability in Redhat-Certification 7 Package
XML Entity Expansion Denial of Service Vulnerability in Red Hat Certification 7
Arbitrary File Download Vulnerability in Red Hat Certification
KVM Stack Switch Privilege Escalation Vulnerability
Path Traversal Vulnerability in redhat-certification
Cleartext Storage of Sensitive Information in 389-ds-base
Vulnerability in Linux Kernel Handling of Exceptions via Mov SS or Pop SS Instructions
SPICE Vulnerability: Code Generation Bounds Check Bypass
Vulnerability: Arbitrary Code Execution via Inventory Variables in Ansible
Arbitrary Code Execution Vulnerability in Ansible
Use-After-Free Vulnerability in Linux Kernel's ext4 Filesystem Code
Vulnerability: Out-of-Bound Access in ext4_ext_drop_refs() Function in Linux Kernel
Out-of-Bounds Write Vulnerability in Linux Kernel's ext4 Filesystem
Use-after-free vulnerability in ext4_xattr_set_entry function allows for denial of service
Privilege Escalation Vulnerability in Gluster 3.x Snapshot Scheduler
Stack-Out-of-Bounds Write Vulnerability in Linux Kernel's ext4 Filesystem Code
Vulnerability in Linux Kernel's ext4 Filesystem Allows Denial of Service and System Crash
Out-of-Bound Write Vulnerability in Linux Kernel's ext4 Filesystem
Out-of-Bounds Write Vulnerability in Linux Kernel's ext4 Filesystem
Cross-Site Request Forgery (CSRF) Vulnerability in Ansible Tower
Denial of Service (DoS) Vulnerability in Atomic-OpenShift Routing
Integer Overflow and Out-of-Bounds Read Vulnerability in libgit2
Out-of-Bound Read Vulnerability in libgit2
Privacy Leakage in Moodle Data Export Logs
LDAP Buffer Overflow Vulnerability in 389-ds-base
Hidden Categories Disclosure Vulnerability in Moodle
JavaScript Execution Vulnerability in Moodle
Vulnerability: Unrestricted Access to /proc/acpi Pathnames in Docker/Moby
Vulnerability: Integer and Buffer Overflow in spice-client's LZ Compressed Frames Handling
SAML Authentication Bypass in Keycloak 3.4.3.Final
Arbitrary Code Execution via Cross-Site Request Forgery in qutebrowser
Insecure SSH Host Key Management in Cloud-Init
Directory Traversal Vulnerability in reposync Allows Remote File Copy and System Compromise
Default Credentials Vulnerability in OpenStack TripleO Heat Templates
Jolokia 1.2 to 1.6.1 Vulnerability: Remote Code Execution via System-Wide CSRF
Sensitive Secrets Exposure in Pulp API Access
Privilege Escalation via Password Helper Injection in Network Manager VPNC Plugin
Privilege Escalation Vulnerability in Linux Kernel's KVM Virtualization Subsystem
Double Free Vulnerability in Raw MIDI Kernel Driver
Vulnerability: Insecure Tag Length Validation in python-cryptography
Arbitrary Code Execution Vulnerability in GlusterFS Server
Improper Security Setting in dRuby Component of CloudForms Management Engine Allows Privilege Escalation
Vulnerability: Restriction Bypass in fusermount with SELinux
Stack-based Buffer Overflow Vulnerability in GlusterFS Server
Unbounded Resource Consumption in vdsm's qemu-img Invocation
Denial of Service Vulnerability in Linux Kernel's flush_tmregs_to_thread Function
Unauthenticated Pairing Vulnerability in Bluez
Vulnerability: Memory Leakage in glusterfs dic_unserialize Function
Infinite Loop Denial of Service Vulnerability in Keycloak
GlusterFS Server Information Disclosure Vulnerability: File Existence Disclosure via xattr Request
Remote Denial of Service Vulnerability in GlusterFS FUSE xattr Request Handling
libpq Vulnerability: Bypassing Connection Security and SQL Injection through PQescape() Malfunction
Remote File Name Sanitization Vulnerability in lftp
Improper Path Parsing Vulnerability in Pulp 2.16.x and Older
Null Pointer Dereference Vulnerability in Samba Server
Samba Active Directory LDAP Server Information Disclosure Vulnerability
Denial of Service Vulnerability in ext4_iget Function
Cache Poisoning Vulnerability in Knot Resolver before 2.4.1
Integer Overflow Vulnerability in ttembed Input File Processing
Input Validation Flaw in ttembed Allows for Denial of Service Attack
Arbitrary Device Creation and Data Leakage Vulnerability in GlusterFS Server Node
Memory Leak Vulnerability in GlusterFS Client Code
Authorization Bypass and Arbitrary Memory Read Vulnerability in PostgreSQL
Arbitrary Code Execution and Path Traversal Vulnerability in glusterfs Server
Vulnerability: Information Leakage and Remote Denial of Service in GlusterFS Server
Arbitrary Symlink Creation Vulnerability in GlusterFS Server
Arbitrary File Creation and Code Execution Vulnerability in GlusterFS Server
Out-of-Bounds Read and System Crash Vulnerability in ext4_valid_block_bitmap Function
Vulnerability: Unauthorized Write Access in GlusterFS Server via gfs3_rename_req RPC Request
Cobbler 2.6.x XMLRPC Interface Remote Code Execution Vulnerability
Vulnerability: Unsanitized Buffer in lldptool Version 1.0.1 and Older
Unauthorized Access Vulnerability in libssh Server-Side State Machine
XSS Vulnerability in JBoss Management Console Allows Privilege Escalation
LDAP Server Crash Vulnerability via ldapsearch with Server Side Sort in 389 Directory Server
Insecure SSL Certificate Validation in postgresql-jdbc
Cross-Site Scripting (XSS) Vulnerability in Openshift Container Platform 3.11's tetonic-console Component
Denial-of-Service Vulnerability in Linux Kernel's cipso_v4_optptr() Function
Persistent XSS Vulnerability in Zimbra Web Client (ZWC) via Contact Group
NULL pointer dereference vulnerability in ext4_fill_super function in Linux kernel through 4.15.15
Incorrect Bounds Check in CDROM Driver Allows Reading of Kernel Memory
Arbitrary Code Execution via File Upload in Attribute Wizard Addon for PrestaShop
Arbitrary String Denial of Service Vulnerability in Barco ClickShare CSE-200 and CS-100 Base Units
Critical Vulnerability: Exploitable Dividend Theft in ROC Smart Contract
Remote Denial of Service Vulnerability in Mongoose 6.11
Arbitrary Password Disclosure in Polycom RealPresence Debut
Vulnerability: Persistent Admin Cookie in Polycom RealPresence Debut
Persistent XSS in Synacor Zimbra Admin UI in Zimbra Collaboration Suite before 8.8.0 beta 2 via mail addresses
Account Enumeration Vulnerability in Zimbra Collaboration Suite 8.8 and earlier versions
Denial of Service Vulnerability in Linux Kernel's ext4_xattr_check_entries Function
Information Exposure through Verbose Error Messages in Zimbra Collaboration Suite
Zimbra Collaboration Suite 8.8 and earlier versions: Unauthorized Access to zimbraSSLPrivateKey via Admin SOAP API
Denial of Service and Potential Impact Vulnerability in 2345 Security Guard 3.7
Denial of Service and Potential Impact Vulnerability in 2345 Security Guard 3.7
Denial of Service and Potential Impact Vulnerability in 2345 Security Guard 3.7
Denial of Service and Potential Impact Vulnerability in 2345 Security Guard 3.7
Directory Traversal Vulnerability in IPConfigure Orchid Core VMS 2.0.5
CSRF Vulnerability in D-Link DIR-868L Devices Allows Unauthorized Admin Password Change
SIGABRT vulnerability in Exiv2 0.26 due to large size value in types.cpp
Untrusted Search Path Vulnerability in Avecto Defendpoint
SQL Injection Vulnerability in Foreman Dashboard Controller
Local Privilege Escalation in Shanghai 2345 Security Guard 3.7.0
Denial of Service Vulnerability in LibTIFF's TIFFWriteDirectorySec() Function
Session Hijacking Vulnerability in GamerPolls 0.4.6
Remote Code Execution Vulnerability on D-Link DIR-550A and DIR-604M Devices
Default TELNET Account Backdoor Access Vulnerability on D-Link DIR-550A and DIR-604M Devices
SQL Injection Vulnerability in Pie Register Plugin for WordPress (Versions before 3.0.10)
Vulnerability: User Credential Exposure in Foreman
Denial of Service Vulnerability in Free Lossless Image Format (FLIF) 0.3
Heap-based Buffer Overflow in FLIF TransformPaletteC::process Function
KoreaShow Token Smart Contract Integer Overflow Vulnerability
Denial of Service and Potential Impact Vulnerability in 2345 Security Guard 3.7
Denial of Service and Potential Impact Vulnerability in 2345 Security Guard 3.7
Denial of Service and Potential Impact Vulnerability in 2345 Security Guard 3.7
Denial of Service and Potential Impact Vulnerability in 2345 Security Guard 3.7
Cross-Site Request Forgery Vulnerability in etcd 3.3.1 and Earlier
Denial of Service Vulnerability in Xen through 4.10.x
vHPET Interrupt Injection Vulnerability in Xen
CSRF Vulnerability in OX Guard 2.8.0
Authenticated Remote Code Execution Vulnerability on Dongguan Diqee Diqee360 Vacuum Cleaner
Firmware Update Process Allows Execution of Unsigned Code on Diqee Diqee360 Devices
Default Password Vulnerability in Arris Touchstone Telephony Gateway TG1682G
DNS Rebinding Vulnerability in etcd 3.3.1 and Earlier: Exploiting Browser Requests to Localhost
Vulnerability: Incomplete Logout State Destruction on Arris Touchstone Telephony Gateway TG1682G 9.1.103J6 Devices
Argument-injection vulnerability in LilyPond 2.19.80 via BROWSER environment variable
Cross-Site Scripting (XSS) Vulnerability in Open Whisper Signal (Signal-Desktop) before 1.10.1 via URL
User and Group ID Mishandling in SchedMD Slurm Versions before 17.02.11 and 17.1x.x before 17.11.7
Buffer Overflow Vulnerability in D-Link DIR-629-B1 Weblogin_log Function
Pre-Authentication Blind SQL Injection in Etere EtereWeb (before 28.1.20)
Exiv2 0.26 Denial of Service Vulnerability in jp2image.cpp
Heap-Based Buffer Over-Read in Exiv2 0.26: Vulnerability Discovery
Stack-based Buffer Overflow in zsh's checkmailpath Function
Insecure Permissions in Pulse Secure Desktop Client on Windows
CSRF Vulnerability in YXcms 1.4.7 Allows Remote Account Deletion
CSRF Vulnerability in SDcms v1.5 Allows Unauthorized Administrator Account Creation
Memory Leak Vulnerability in K7Computing K7AntiVirus Premium 15.01.00.53
Incorrect Access Control Vulnerability in K7Computing K7AntiVirus Premium 15.01.00.53
Memory Leak Vulnerability in K7Computing K7AntiVirus Premium 15.01.00.53
Incorrect Access Control Vulnerability in K7Computing K7AntiVirus Premium 15.01.00.53
Buffer Overflow Vulnerability in K7Computing K7AntiVirus Premium 15.01.00.53
Privilege Escalation Vulnerability in Ansible Tower
Buffer Overflow Vulnerability in K7Computing K7AntiVirus Premium 15.01.00.53
Stored XSS Vulnerability in Halo 0.0.2 via commentAuthor Field in FrontCommentController.java
Stored XSS Vulnerability in ruibaby Halo 0.0.2 via loginName and loginPwd Parameters
Remote Code Execution Vulnerability in D-Link DIR-816 A2 (CN) Routers
Buffer Overflow Vulnerability in libming through 0.4.8
Cross-Site Request Forgery (CSRF) Vulnerability in PbootCMS v1.0.7
Kernel Crash Vulnerability in Amazon Kindle Fire HD (3rd) Fire OS 4.5.5.3
Privilege Escalation Vulnerability in Openshift Enterprise 3.x's Source-to-Image Function
Kernel Crash Vulnerability in Amazon Kindle Fire HD (3rd) Fire OS 4.5.5.3
Kernel Crash Vulnerability in Amazon Kindle Fire HD (3rd) Fire OS 4.5.5.3
Kernel Crash Vulnerability in Amazon Kindle Fire HD (3rd) Fire OS 4.5.5.3
Kernel Crash Vulnerability in Amazon Kindle Fire HD (3rd) Fire OS 4.5.5.3
Kernel Crash Vulnerability in Amazon Kindle Fire HD (3rd) Fire OS 4.5.5.3
Kernel Crash Vulnerability in Amazon Kindle Fire HD (3rd) Fire OS 4.5.5.3
Ruckus ICX7450-48 Reflected XSS Vulnerability
Improper Validation of User Input in Openshift Enterprise Source-to-Image (S2I) Tool
SSRF Vulnerability in PHPRAP 1.0.4 through 1.0.8 via /debug URI
SQL Injection Vulnerability in PHPRAP 1.0.4 through 1.0.8 via search() function in project.php
Denial of Service Vulnerability in xpdf DCT Decoder
Denial of Service and Potential Impact Vulnerability in 2345 Security Guard 3.7
Denial of Service and Potential Impact Vulnerability in 2345 Security Guard 3.7
Ruckus SmartZone Vulnerability: Remote Information Disclosure and Data Modification
Information Leak Vulnerability in Exiv2 0.26's PngImage::printStructure Function
XST (Cross Site Tracing) Vulnerability in Spring Framework
Arbitrary Code Execution Vulnerability in Ansible Tower
Cross-Domain JSONP Vulnerability in Spring Framework
Open Redirect Vulnerability in Cloud Foundry UAA
Unescaped User-Provided Content Injection in Pivotal Apps Manager Invitation Emails
Static Linux Random Number Generator (LRNG) Seed File Vulnerability in Pivotal Operations Manager
Unpatched NGINX Vulnerabilities in Pivotal Operations Manager
Authorization Bypass Vulnerability in Cloud Foundry UAA
XML External Entity (XXE) Injection Vulnerability in Dell EMC Data Protection Advisor and Integrated Data Protection Appliance
Uncontrolled Search Vulnerability in RSA Identity Governance and Lifecycle, RSA Via Lifecycle and Governance, and RSA IMG Releases
Clear-Text Authentication Vulnerability in Dell EMC NetWorker
Path Traversal Vulnerability in RSA Certificate Manager Versions 6.9 build 560-564
Dell EMC ECS Authentication Bypass Vulnerability
Dell EMC iDRAC Service Module Privilege Escalation Vulnerability
Integer Overflow Vulnerability in RSA BSAFE Micro Edition Suite 4.1.6 Allows for Remote Denial of Service
Improper Clearing of Heap Memory Before Release in RSA BSAFE Micro Edition Suite
Uncontrolled Resource Consumption Vulnerability in RSA BSAFE Micro Edition Suite and RSA BSAFE Crypto-C Micro Edition
Covert Timing Channel Vulnerability in RSA BSAFE Micro Edition Suite
Buffer Over-Read Vulnerability in RSA BSAFE Micro Edition Suite and RSA BSAFE Crypto-C Micro Edition
Stored Cross-Site Scripting Vulnerability in RSA Archer
Authentication Bypass Vulnerability in PackageKit Allows Unauthorized Installation of Signed Packages
RSA Archer REST API Authorization Bypass Vulnerability
Server-side Template Injection Vulnerability in RSA NetWitness Platform and RSA Security Analytics
Undocumented Default Account Vulnerability in Integrated Data Protection Appliance Versions 2.0-2.2
Unquoted Service Path Vulnerabilities in Dell WMS Versions 1.1 and Prior
Dell EMC Unity and UnityVSA Incorrect File Permissions Vulnerability
SQL Injection Vulnerability in RSA Archer's WorkPoint Component
Remote Code Execution Vulnerability in Dell EMC Avamar Server and Integrated Data Protection Appliance
Open Redirection Vulnerability in Dell EMC Avamar Client Manager and Dell EMC Integrated Data Protection Appliance
Heap Inspection Vulnerability in RSA BSAFE SSL-J Versions Prior to 6.2.4
Covert Timing Channel Vulnerability in RSA BSAFE SSL-J Versions Prior to 6.2.4
Excessive CPU Consumption Vulnerability in is-my-json-valid Library
Covert Timing Channel Vulnerability in RSA BSAFE Crypto-J and SSL-J Versions Prior to 6.2.4
Dell EMC Isilon Remote Process Crash Vulnerability
DLL Injection Vulnerability in Dell Digital Delivery
Stored Cross-Site Scripting Vulnerability in RSA Authentication Manager Operations Console
DOM-based Cross-Site Scripting Vulnerability in RSA Authentication Manager
Reflected Cross-Site Scripting Vulnerability in RSA Authentication Manager
Information Exposure Vulnerability in Dell EMC Avamar Server and Integrated Data Protection Appliance
OS Command Injection Vulnerability in Dell EMC Avamar Server and Integrated Data Protection Appliance
Insecure File Permissions Vulnerability in Dell EMC VPlex GeoSynchrony
Plaintext Password Storage Vulnerability in Dell EMC Secure Remote Services
Vulnerability: Insufficiently Generated Random Seed Data in Linux Kernel Drivers
Improper File Permission Vulnerabilities in Dell EMC Secure Remote Services
Vulnerability: Exposed UAA Credentials in Pivotal Operations Manager
Brute Force Vulnerability in Cloud Foundry UAA Allows Unauthorized Access via MFA
Improper Authorization in Cloud Foundry BOSH Allows Access with Admin Refresh Tokens
Denial of Service Vulnerability in Cloud Foundry Garden-runC
Privilege Escalation Vulnerability in Pivotal Usage Service
Man-in-the-Middle Vulnerability in Pivotal Spring AMQP
Privilege Escalation Vulnerability in Pivotal Applications Manager
Braces < 2.3.1: Regular Expression Denial of Service (ReDoS) Vulnerability
XSS Vulnerability in MyBiz MyProcureNet 5.0.0: ProxyPage.aspx
Arbitrary Command Execution via File Upload in MyBiz MyProcureNet 5.0.0
CSRF Vulnerability in Admin Notes Plugin Allows Remote Deletion of Admin Notes
CKEditor 5 Link Package XSS Vulnerability
Unauthenticated Access to Sensitive Information on Intelbras NCLOUD 300 1.0 Devices
Buffer Overflow Vulnerability in libming through 0.4.8
CSRF Vulnerability in Horse Market Sell & Rent Portal Script 1.5.7 Allows Remote Account Information Modification
Memory Leak Vulnerability in cloudwu/cstring
File Upload Vulnerability in Frog CMS 0.9.5 via admin/?/plugin/file_manager/upload URI
VCFtools 0.1.15 Heap-Based Buffer Over-read Vulnerability
Denial of Service Vulnerability in knot-resolver before version 2.3.0
Buffer Overflow Vulnerability in libming through 0.4.8
XSS Vulnerability in Signal-Desktop Allows Remote Code Execution
Remote Denial of Service Vulnerability in Libav 12.3
Stored Cross-Site Scripting Vulnerability in wp-live-chat-support Plugin
Pre-Authentication Command Injection in NETGEAR WC Series Firmware
Command Injection Vulnerability in DHCP Client Integration Script
OpenWrt Access Control Bypass in rpcd Configuration
Cross-Site Scripting (XSS) Vulnerability in ILIAS 5.1.x, 5.2.x, and 5.3.x before 5.3.5
Cross-Site Scripting (XSS) Vulnerability in ILIAS RSS Subsystem
Open Redirect Vulnerability in ILIAS 5.1.x, 5.2.x, and 5.3.x before 5.3.5
Unauthenticated Remote Access Vulnerability in GlusterFS Server
Cross-Site Scripting (XSS) Vulnerability in ILIAS 5.1.x, 5.2.x, and 5.3.x before 5.3.5
Open-AudIT Community Edition 2.2.2 XSS Vulnerability in Attributes Functionality
CSRF Vulnerability in doorGets 7.0 Allows Unauthorized Addition of Administrator Account
CSRF Vulnerability in e107 2.1.7 Allows Arbitrary User Deletion
Stack-based Buffer Overflow in ObjReader::ReadObj() Function in vincent0629 PDFParser
Use-after-free vulnerability in VCFtools 0.1.15 allows remote attackers to cause denial of service or other impact via crafted vcf file in header::add_INFO_descriptor function in header.cpp.
Insecure Access Control via /sbin/nologin Shell in Fedora and Red Hat Enterprise Linux
Use-after-free vulnerability in VCFtools 0.1.15 allows remote attackers to cause denial of service or other impact via crafted vcf file
Command Injection Vulnerability in Quest KACE System Management Appliance 8.0.318
Cross-Site Scripting (XSS) Vulnerability in Quest KACE System Management Appliance 8.0.318
Privilege Escalation Vulnerability in Quest KACE System Management Appliance 8.0.318
PHP Object Injection Vulnerability in Quest KACE System Management Appliance 8.0.318
SQL Injection Vulnerability in Quest KACE System Management Appliance 8.0.318
Arbitrary File Read Vulnerability in Quest KACE System Management Appliance 8.0.318
Arbitrary Command Execution Vulnerability in Quest KACE System Management Appliance 8.0.318
Command Injection Vulnerability in Quest KACE System Management Appliance 8.0.318
File Descriptor Exhaustion Vulnerability in Undertow's URLResource.getLastModified()
SQL Injection Vulnerability in Quest KACE System Management Appliance 8.0.318
Directory Traversal Vulnerability in Quest KACE System Management Virtual Appliance 8.0.318
Remote Code Execution Vulnerability in Quest KACE System Management Appliance 8.0.318
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Version < 4.0.3.1)
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Issue 2 of 46)
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Issue 3/46)
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Issue 4/46)
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Issue 5/46)
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Version < 4.0.3.1)
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Version < 4.0.3.1)
Vulnerability in PostgreSQL Adminpack Extension Allows Log Rotation Exploitation
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Version < 4.0.3.1)
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Version < 4.0.3.1)
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Version < 4.0.3.1)
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Version < 4.0.3.1)
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Version < 4.0.3.1)
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Version < 4.0.3.1)
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Issue 14/46)
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Version < 4.0.3.1)
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Version < 4.0.3.1)
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Version < 4.0.3.1)
Vulnerability in polkitd Allows Unauthorized Authentication and Information Disclosure
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Version < 4.0.3.1)
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Version < 4.0.3.1)
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Version < 4.0.3.1)
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Version < 4.0.3.1)
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Version < 4.0.3.1)
Command Injection Vulnerability in Quest DR Series Disk Backup Software Version Before 4.0.3.1 (Issue 23 of 46)
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Version < 4.0.3.1)
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Issue 25/46)
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Version < 4.0.3.1)
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Version < 4.0.3.1)
Information Disclosure Vulnerability in ovirt-ansible-roles
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Version < 4.0.3.1)
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Version < 4.0.3.1)
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Version < 4.0.3.1)
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Version < 4.0.3.1)
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Version < 4.0.3.1)
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Version < 4.0.3.1)
Command Injection Vulnerability in Quest DR Series Disk Backup Software Version Before 4.0.3.1 (Issue 34/46)
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Version < 4.0.3.1)
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Version < 4.0.3.1)
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Issue 37/46)
Memory Initialization Vulnerability in Linux Kernel vhost_new_msg() Function
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Version < 4.0.3.1)
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Version < 4.0.3.1)
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Version < 4.0.3.1)
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Version < 4.0.3.1)
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Version < 4.0.3.1)
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Version < 4.0.3.1)
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Version < 4.0.3.1)
Command Injection Vulnerability in Quest DR Series Disk Backup Software (Version < 4.0.3.1)
Command Injection Vulnerability in Quest DR Series Disk Backup Software (CVE-XXXX-XXXX)
Privilege Escalation Vulnerability in Quest DR Series Disk Backup Software (Issue 1 of 6)
Privilege Escalation Vulnerability in Quest DR Series Disk Backup Software (Issue 2 of 6)
Privilege Escalation Vulnerability in Quest DR Series Disk Backup Software (Issue 3 of 6)
Privilege Escalation Vulnerability in Quest DR Series Disk Backup Software (Issue 4 of 6)
Privilege Escalation Vulnerability in Quest DR Series Disk Backup Software (Issue 5 of 6)
Privilege Escalation Vulnerability in Quest DR Series Disk Backup Software (Issue 6 of 6)
Mahara Browser Back and Refresh Attack Vulnerability
Leap2A Archive Virus Transmission Vulnerability
Stored XSS via authorUrl field in Mautic 2.13.1 config.json
Denial of Service Vulnerability in Linux Kernel Prior to Version 4.17
Stored XSS Vulnerability in Mautic 2.13.1 via Company Name Field
NULL Pointer Dereference Vulnerability in HDF HDF5 1.10.2 Library
HDF HDF5 1.10.2 Library Remote Denial of Service Vulnerability: Division by Zero in H5D__btree_decode_key
Remote Denial of Service Vulnerability in HDF HDF5 1.10.2 Library
HDF HDF5 1.10.2 Library Out of Bounds Read Vulnerability
HDF HDF5 1.10.2 Library Out of Bounds Read Vulnerability
HDF HDF5 1.10.2 Library Remote Denial of Service Vulnerability: Division by Zero in H5D__chunk_init
Persistent XSS in Z-BlogPHP 2.0.0 via copyright information office field
Insecure Password Hashing in Z-BlogPHP 2.0.0
Race Condition Vulnerability in procps-ng's Process Hiding
Heap-based Buffer Over-read in TinyXML2 6.2.0's XMLDocument::Parse Function
Denial of Service Vulnerability in libjpeg's alloc_sarray Function
Denial of Service Vulnerability in libjpeg 9a
Denial of Service Vulnerability in libjpeg 9a
Remote Code Execution Vulnerability in Cloudera Data Science Workbench (CVE-XXXX-XXXX)
Stack-based Buffer Overflow in cmsgpack Library in Redis
Integer Overflow Vulnerability in Lua Subsystem of Redis
Local Privilege Escalation in top
Remote Command Execution Vulnerability in Bitmain Antminer Devices
Arbitrary Plugin Upload Vulnerability in Artica Pandora FMS 7.23
Local File Inclusion (LFI) Vulnerability in Artica Pandora FMS 7.23 via /pandora_console/ajax.php Endpoint
Arbitrary Code Execution Vulnerability in Artica Pandora FMS before 7.0 NG 723
Read Access Violation in Libav 12.3's in_table_init16 Function
Buffer Overflow Vulnerability in libming through 0.4.8
Buffer Overflow Vulnerability in libming through 0.4.8
XSS Vulnerability in Monstra CMS 3.0.4 and Earlier via index.php
Unauthenticated Remote Code Execution via Bash Shell Service in Crestron TSW Devices
Unauthenticated Remote Code Execution via Command Injection in Crestron Toolbox Protocol (CTP) on Crestron TSW-1060, TSW-760, TSW-560, TSW-1060-NC, TSW-760-NC, and TSW-560-NC Devices
Denial of Service Vulnerability in procps-ng's ps via mmap Buffer Overflow
Use-after-free vulnerability in jbig2_add_page in jbig2enc.cc in libjbig2enc.a in jbig2enc 0.29
Critical SQL Injection Vulnerability in Divido Plugin for OpenCart
Denial of Service Vulnerability in Linux Kernel's etm_setup_aux Function
Out-of-Bounds Memory Read Vulnerability in Git
Arbitrary Code Execution via Crafted .gitmodules File
Stack-based Buffer Overflow in realpath function of GNU C Library (glibc) 2.27 and earlier
Buffer overflow vulnerability in AVX-512-optimized mempcpy function in glibc 2.27 and earlier
The burnOverflow Vulnerability in Hexagon (HXG) Smart Contract
Integer Overflow Vulnerability in procps-ng
Unrestricted 'exec command' Feature Allows Code Execution on SoftCase T-Router Devices
Arbitrary File Read/Write Vulnerability in SoftCase T-Router Build 20112017
Unencrypted Databases in MakeMyTrip Android App: Potential Sensitive Information Disclosure
Double Free Vulnerability in PackLinuxElf64::unpack in UPX 3.95
Vulnerability: Unrestricted HTML Editor Launch in BBE Theme for WordPress
DOM Based XSS Vulnerability in MISP 2.4.91 with Cortex Type Attributes
Memory Leak in K7TSMngr.exe in K7Computing K7AntiVirus Premium 15.1.0.53
Unauthenticated Remote Code Execution via JMX/RMI Interface in Nasdaq BWise 5.0
Directory Traversal Vulnerability in FileDownloader 1.7.3
Stack Buffer Overflow in pgrep
Heap-based Buffer Over-read Vulnerability in ImageMagick 7.0.7-23 Q16 x86_64 2018-01-24
Excessive Recursion in PoDoFo 0.9.5 PdfPagesTree::GetPageNode() Function Vulnerability
NULL Pointer Dereference and Application Crash in PoDoFo 0.9.5
NULL Pointer Dereference and Application Crash in PoDoFo 0.9.5
Vulnerability: Unauthorized RPMB Erase Option in Snapdragon Mobile Devices
Use After Free Vulnerability in ADSP RPC in Snapdragon Devices
NAND-based EFS Access Control Vulnerability in Snapdragon Devices
Integer Size Truncation/Overflow Vulnerability in procps-ng (CVE-2018-1124)
Integer Overflow Leading to Buffer Overflow in FILS Connection Request Processing
Possible Use-after-free Issue in Media Codec Process: Impact on Applications Using Codec Service
Out-of-Bounds Write Vulnerability in GPT Partitioning on Android for MSM, Firefox OS for MSM, and QRD Android
Out-of-Bounds Write Vulnerability in Android Radio Stats Handling
Buffer Overflow Vulnerability in Ontario Fingerprint Code
Buffer Overflow Vulnerability in Android Releases from CAF with Linux Kernel
Improper Input Validation Leads to Improper Access in Closing DCI Client Vulnerability
Out of Bounds Buffer Write Vulnerability in Snapdragon (Automobile, Mobile, Wear)
Buffer Overflow Vulnerability in Snapdragon (Automobile, Mobile, Wear) in Multiple Versions
Buffer Overflow Vulnerability in Snapdragon (Automobile, Mobile, Wear) in Multiple Versions
Session Token Replay Vulnerability in Tendrl API of Red Hat Gluster Storage
Automatic Memory Release Vulnerability in CAF Android Releases
Improper Authentication in Snapdragon Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, IoT, Mobile, Wearables, and other Qualcomm chipsets
Double Free Vulnerability in 'voice_svc_dev' Resource Allocation
Critical Buffer Overflow Vulnerability in Android Releases from CAF with Linux Kernel
Information Leak Vulnerability in FastbootLib during Image Flashing
Double Free Vulnerability in Android Kernel on Driver Probe Failure
Inadequate Permission Level in com.qualcomm.embms Vendor Package in Snapdragon Devices
Venus HW Buffer Over-fetch Vulnerability
Buffer Overflow Vulnerability in Snapdragon Processors (Versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 810, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130)
Cephx Authentication Protocol Vulnerable to Replay Attack
Memory Exhaustion Vulnerability in Android Releases from CAF
Use After Free Vulnerability in CAF Android Releases
SMS Flood Vulnerability in Snapdragon Mobile and Snapdragon Wear Devices
Buffer Over-read Vulnerability in Snapdragon (Automobile, Mobile, Wear)
Use After Free Vulnerability in Android Releases with CAF and Linux Kernel
Incorrect control flow implementation in Video buffer sufficiency check in Snapdragon (Automobile, Mobile, Wear) versions MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016
Unbounded Read Vulnerability in Snapdragon Platforms
Buffer Overflow Vulnerability in Snapdragon Processors
Cephx Authentication Protocol Signature Bypass Vulnerability
Improper MAC Address Randomization in Snapdragon Devices
Weak Random Number Generator in Snapdragon (Automobile, Mobile, Wear) IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDM630, SDM632, SDM636, SDM660, SDX20, Snapdragon_High_Med_2016
WLANWMI Command Handlers Vulnerability in Snapdragon (Automobile, Mobile, Wear)
Buffer Over-read Vulnerability in Android Releases from CAF
Improper Conditional Logic in WLAN Handler Allows Access to Only 3 Access Categories
Out-of-Bounds Write Vulnerability in Android WMA Handler
Buffer Overwrite Vulnerability in Android WLAN Handler
Buffer Over-read Vulnerability in WMA NDP Event Handler Functions in CAF Android Releases
Buffer Overflow Vulnerability in SET_PASSPOINT_LIST Command in Android Releases
WLAN Host Driver Interface Array Bounds Check Vulnerability
Null Pointer Dereference Vulnerability in Linux Kernel's dccp_write_xmit() Function
Use After Free Vulnerability in Android Releases from CAF with Linux Kernel
Integer Overflow Vulnerability in Android Releases from CAF
Potential Array Overflow Vulnerability in WLAN in Android Releases from CAF
Buffer Overflow Vulnerability in msm_adsp_stream_callback_put
Use After Free Vulnerability in Snapdragon Modems
Jackson-databind Default Typing Gadget Class Exfiltration Vulnerability
Blind SQL Injection Vulnerability in MemberMouse Plugin for WordPress
Insecure Deserialization Vulnerability in Infinispan Transcoders
Hardcoded FTP Credentials in mySCADA myPRO 7 'myscadagate.exe' Vulnerability
Roku and Roku TV Products Vulnerability: Unauthorized Access and Exfiltration via DNS Rebind Attack
Unauthorized Remote Temperature Control via DNS Rebinding Attack in Radio Thermostat CT50 and CT80 1.04.84 and below
Sonos Wireless Speaker Products Vulnerable to Unauthorized Access and DNS Rebinding Attack
XSS Vulnerability in Subrion CMS before 4.1.4
Arbitrary Code Execution Vulnerability in Syntastic (vim-syntastic) through 3.9.0
SQL Injection Vulnerability in Opendaylight's SDNInterfaceapp (SDNI)
Sensitive Values Exposed in Octopus Deploy Deployment Logs
Unvalidated Option Injection in Joomla! Core Custom Fields
Joomla! Core PHAR File Execution Vulnerability
Inadequate Access Level Checks in Joomla! Core before 3.8.8
Race Condition Vulnerability in Joomla! Core
Autofill Password Disclosure Vulnerability in Joomla! Core
Multiple Cross-Site Scripting (XSS) Vulnerabilities in Joomla! Core
Information Disclosure Vulnerability in Joomla! Core
XSS Vulnerability in Joomla! Core before 3.8.8
Ether Cartel Smart Contract Vulnerability: CEO Takeover and Asset Manipulation
Remote Code Execution Vulnerability in Moodle 3.x via Calculated Question Eval Injection
Authenticated Stored XSS in Pluck CMS
Remote PHP Code Execution Vulnerability in Pluck CMS
Stored XSS Vulnerability in ClipperCMS 1.3.3 Site Name Field
Windscribe 1.81 Privilege Escalation and Denial of Service Vulnerability
Integer Overflow Vulnerability in GVToken Genesis Vision (GVT) Smart Contract Allows Arbitrary Token Retrieval by Contract Owner
Cleartext Transmission of Customer List in Intuit Lacerte 2017 for Windows
XSS Vulnerability in Frappe ERPNext v11.x.x-develop b1036e5 via Comment
Arbitrary File Download Vulnerability in Moodle 3.x
Unrestricted File Upload Vulnerability in ASUSTOR AS6202T ADM 3.1.0.RFQ3
Directory Traversal Vulnerability in ASUSTOR AS6202T ADM 3.1.0.RFQ3 importuser.cgi
Arbitrary Path Traversal Vulnerability in ASUSTOR AS6202T ADM 3.1.0.RFQ3's fileExplorer.cgi
Persistent Cross Site Scripting Vulnerability in ASUSTOR SoundsGood Playlist Manager
Arbitrary File Download Vulnerability in ASUSTOR AS6202T ADM 3.1.0.RFQ3
Unrestricted File Upload and Path Traversal Vulnerability in ASUSTOR AS6202T ADM 3.1.0.RFQ3
Arbitrary File Access Vulnerability in ASUSTOR AS6202T ADM 3.1.0.RFQ3
YunoHost Web Application HTTP Response Header Injection Vulnerability
XSS Vulnerabilities in YunoHost User Panel Allow Session Manipulation
CSRF Vulnerabilities in Jirafeau Administration Panel's Search Functionalities
Moodle 3.x Forum Post Download Vulnerability
Cross-Site Scripting Vulnerability in Jirafeau's Search by Name Form
Stored Cross-Site Scripting (XSS) Vulnerabilities in Jirafeau before 3.4.1
Stored Cross-Site Scripting (XSS) Vulnerability in Wallabag Application 2.2.3 to 2.3.2
Vulnerability: Crash in IEEE 1905.1a Dissector in Wireshark 2.6.0
Buffer Overflow Vulnerability in Wireshark 2.6.0 RTCP Dissector
DNS Dissector NULL Pointer Dereference Vulnerability
Memory Consumption Vulnerability in Wireshark Dissectors
Use-after-free vulnerability in Q.931 dissector in Wireshark 2.6.0 and earlier versions
Wireshark RRC Dissector and Other Dissectors NULL Pointer Dereference Vulnerability
Cross-Site Scripting (XSS) Vulnerability in Moodle 3.x
Buffer Overflow Vulnerability in Wireshark GSM A DTAP Dissector
Buffer Overflow Vulnerability in Wireshark 2.6.0 IEEE 802.11 Protocol Dissector
Buffer Over-read Vulnerability in LDSS Dissector in Wireshark
Heap-based Buffer Over-read in PDFGen's jpeg_size in pdfgen.c
Memory Leak in sav_parse_machine_integer_info_record in ReadStat 0.1.1
Infinite Loop Vulnerability in ReadStat 0.1.1
Unauthenticated Stored Cross-Site Scripting (XSS) in Loginizer Plugin for WordPress
Denial of Service Vulnerability in CppCMS JSON Parser Module
SQL Injection Vulnerability in PbootCMS v1.0.9
Arbitrary Class Instantiation and DDoS Vulnerability in Moodle 3.x
CSRF Vulnerability in SkyCaiji 1.2 Allows Unauthorized Addition of Administrator User
SQL Injection in iScripts eSwap v2.4 via wishlistdetailed.php User Panel ToId Parameter
SQL Injection in iScripts eSwap v2.4 User Panel via salelistdetailed.php ToId Parameter
Heap-based Out-of-Bounds Read Vulnerability in radare2 2.5.0
Heap-based Out-of-Bounds Read Vulnerability in r_read_le32() Function in radare2 2.5.0
Heap-based Out-of-Bounds Read Vulnerability in avr_op_analyze() Function in radare2 2.5.0
Potential Remote Code Execution Vulnerability in wasm_dis() Function
Heap-based Out-of-Bounds Read Vulnerability in radare2 2.5.0
Heap-based Out-of-Bounds Read Vulnerability in radare2 2.5.0
Heap-based Out-of-Bounds Read Vulnerability in radare2 2.5.0
Heap-based Out-of-Bounds Read Vulnerability in radare2 2.5.0
Uninitialized Variable in r_strbuf_fini() Function in radare2 2.5.0 Allows Remote Denial of Service
Heap-based Out-of-Bounds Read Vulnerability in radare2 2.5.0
Session Fixation Vulnerability in Symfony's Security Component
Denial of Service Vulnerability in Symfony's HttpFoundation Component
Samba Vulnerability: Weak NTLMv1 Authentication Bypass
Arbitrary File Upload Vulnerability in Jigowatt PHP Login & User Management 4.1.1
Denial of Service Vulnerability in GNOME Web (Epiphany) through 3.28.2.1
Unencrypted Sensor Transmissions in SimpliSafe Original: A Potential Security Breach
Denial of Service Vulnerability in Samba LDAP Server Implementation
Tamper Detection Failure: Vulnerability in SimpliSafe Original Base Station
RF Interference Vulnerability in SimpliSafe Original: Lack of Notification for Strong 433.92 MHz Signals
Unencrypted Keypad Transmissions in SimpliSafe Original: PIN Discovery Vulnerability
XSS Vulnerability in DomainMod v4.09.03 via assets/edit/account-owner.php oid Parameter
XSS Vulnerability in DomainMod v4.09.03 via sslpaid Parameter in assets/edit/ssl-provider-account.php
CSRF Vulnerability in Kliqqi 2.0.2 Admin Panel
CSRF Token Fixation Vulnerability in Symfony
Authentication Bypass Vulnerability in Symfony Ldap Component
Open Redirect Vulnerability in Symfony Security Component
Information Disclosure in Splunk through 7.0.1 via server-info Endpoint
Local Privilege Escalation Vulnerability in Nessus Versions Prior to 7.0.3
Invalid Free Vulnerability in Liblouis 3.5.0: Remote Denial of Service and Possible Other Impact
Vulnerability: Exploitable TransferFrom Function in DimonCoin (FUD) Smart Contract
Untrusted Length Value Vulnerability in ext4_read_inline_data() Function
Arbitrary File Download Vulnerability in BearAdmin 0.5
SQL Injection Vulnerability in BearAdmin 0.5
Reflected Cross Site Scripting (XSS) Vulnerability in SAP Internet Transaction Server (ITS) 6200.X.X
Invalid Use of realloc() and free() in jpegoptim 1.4.5 (Fixed in 1.4.6) Vulnerability
Heap-based Buffer Over-read in JerryScript 1.0 via RegExp Payload
Heap-based Buffer Over-read in JerryScript 1.0 via RegExp Payload
XSS Vulnerability in Tenable Appliance Versions 4.6.1 and Earlier
Memory Corruption Vulnerability in Moxa OnCell G3100-HSPA Series Web Interface
Vulnerability: Unauthenticated Disclosure of Sensitive Information in Moxa OnCell G3100-HSPA Series
Insecure Configuration Protocol and Lack of Authentication in Moxa OnCell G3100-HSPA Series
Memory Corruption Vulnerability in Moxa OnCell G3100-HSPA Series Web Interface
Memory Corruption Vulnerability in Moxa OnCell G3470A-LTE Series Web Interface
Memory Corruption Vulnerability in Moxa OnCell G3470A-LTE Series (Version 1.6 Build 18021314 and prior)
Weak Cookie Parameter Brute Force Vulnerability in Moxa OnCell G3100-HSPA Series
CSRF Vulnerability in Moxa OnCell G3100-HSPA Series Version 1.4 Build 16062919 and Prior
Integer Overflow Vulnerability in ATLANT (ATL) Smart Contract Allows Arbitrary Token Retrieval by Contract Owner
Remote Root Command Execution Vulnerability in Belkin N750 Firmware 1.10.22
Cross-Site Scripting (XSS) Vulnerability in Moderator Log Notes Plugin 1.1 for MyBB
Heap-based Buffer Over-read Vulnerability in Libmobi 0.3
Heap-based Buffer Over-read in Libmobi 0.3
Heap-based Buffer Over-read Vulnerability in Libmobi 0.3
Information Disclosure Vulnerability in Libmobi 0.3
Heap-based Buffer Over-read Vulnerability in Libmobi 0.3
Information Disclosure Vulnerability in Libmobi 0.3 via Crafted Mobi File
Heap-based Buffer Overflow in Libmobi 0.3 Allows Remote Code Execution via Crafted Mobi File
Heap-based Buffer Over-read Vulnerability in TagLib 1.11.1
Remote Root Command Execution Vulnerability in Belkin N750 Firmware 1.10.22
Stack-based Buffer Overflow in parseChars function of Liblouis 3.5.0
CSRF Vulnerability in EasyService Billing 1.0 via quotation-new3-new2.php?add=true&id= URI
Cross-site Scripting Vulnerability in EasyService Billing 1.0's jobcard-ongoing.php
SQL Injection Vulnerability in EasyService Billing 1.0
CSRF Vulnerability Allows Unauthorized User Addition in EasyService Billing 1.0
The tradeTrap Vulnerability: Exploiting the Buy Function in Gold Reward (GRX) Smart Contract
Title: Cross-Site Request Forgery (CSRF) Vulnerability in SCALANCE M875 Web Interface
Stored Cross-Site Scripting (XSS) Vulnerability in SCALANCE M875 Web Interface
Local File System Password Disclosure Vulnerability in SCALANCE M875
Stack Buffer Overflow Vulnerability in Belkin N750 Firmware 1.10.22
Reflected XSS Vulnerability in Siemens PLM Software TEAMCENTER (V9.1.2.5)
Denial-of-Service Vulnerability in Multiple Firmware Variants and SIPROTEC 5 Relays
Denial-of-Service Vulnerability in EN100 Ethernet Module Firmware Variants
File Manipulation Vulnerability in SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal)
Improper File Permissions Vulnerability in SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal)
Directory Traversal Vulnerability in Automation License Manager
Network Port Scanning Vulnerability in Automation License Manager 5 (All versions < 5.3.4.4)
Remote Code Execution Vulnerability in SINUMERIK 828D and 840D sl Web Server
Vulnerability in SINUMERIK 828D and 840D sl VNC Server
Local Privilege Escalation in SINUMERIK CNC Systems
Remote Unauthenticated Root Access via Telnet on Belkin N750 (Firmware Version 1.10.22)
Local Privilege Escalation in SINUMERIK CNC Systems
Privilege Escalation Vulnerability in SINUMERIK CNC Systems
Privilege Escalation Vulnerability in SINUMERIK CNC Systems
Buffer Overflow in SINUMERIK CNC Systems
Vulnerability: Denial-of-Service in SINUMERIK VNC Server
Local Privilege Escalation Vulnerability in SINUMERIK CNC Systems
Vulnerability in SINUMERIK 808D and 828D: Remote Code Execution and DoS
Heap-based Buffer Over-read Vulnerability in DISCOUNT 2.2.3a
Information Disclosure Vulnerability in HAProxy 1.8.0 through 1.8.9
Cross-Site Scripting (XSS) Vulnerability in Nessus before 7.1.0
SQL Injection Vulnerability in iScripts eSwap v2.4 User Panel's search.php 'Told' Parameter
XSS Vulnerability in Cockpit 0.5.5: Exploiting Collections, Forms, or Regions
Reflected XSS Vulnerability in Monstra CMS 3.0.4 Login
XSS Vulnerability in Monstra CMS 3.0.4 Registration Form
Session Management Issue in Monstra CMS 3.0.4: Password Change Does Not Invalidate Open Sessions
Session Management Issue in Monstra CMS 3.0.4: Password Change Does Not Invalidate Open Sessions
Unprotected Wireless LAN Vulnerability on Vgate iCar 2 Wi-Fi OBD2 Dongle Devices
Unencrypted Data Transmission Vulnerability in Vgate iCar 2 Wi-Fi OBD2 Dongle Devices
Unauthenticated Remote Control Vulnerability in Vgate iCar 2 Wi-Fi OBD2 Dongle Devices
Privilege Escalation via Unvalidated Program Execution in Windscribe VPN
Session Fixation Vulnerability in Nessus before 7.1.0
Authenticated Remote Code Execution in TP-LINK IPC TL-IPC223(P)-6, TL-IPC323K-D, TL-IPC325(KP)-*, and TL-IPC40A-4 Devices via Crafted JSON Data
Hardcoded Password Vulnerability in TP-LINK IPC TL-IPC223(P)-6, TL-IPC323K-D, TL-IPC325(KP)-*, and TL-IPC40A-4 Devices
Stored XSS Vulnerability in MULTIDOTS WooCommerce Quick Reports Plugin for WordPress
Stored Cross-site scripting (XSS) vulnerability in MULTIDOTS Advance Search for WooCommerce plugin
Cross-Site Scripting (XSS) Vulnerability in PHPMyWind 5.5
Stack Exhaustion Vulnerability in dtSearch 7.90.8538.1 and Prior: Remote Denial of Service
Heap-based Buffer Overflow in DGifDecompressLine Function in GIFLIB
Arbitrary Code Execution Vulnerability in NUUO's NVRMini2 3.8.0 and Below
Heap-based Buffer Overflow in DGifDecompressLine Function
Unauthenticated Remote Command Execution in ASUS HG100 Devices
Denial of Service Vulnerability in ASUS HG100 Devices via IPv4 Packet Flood
CSRF Vulnerability in WUZHI CMS 4.1.0 Allows Unauthorized Friendship Link Addition
Arbitrary Code Execution Vulnerability in OpenCart's Program Extension Upload Feature
Directory Traversal Vulnerability in OpenCart 3.0.2.0
Use-after-free vulnerability in Long Range Zip (lrzip) 0.631 due to lack of size validation in decompress_file
Unchecked Buffer Size Vulnerability in Lizard Compression Algorithm
Use-After-Free Vulnerability in handle_error() in LibSass
Backdoor Vulnerability in NUUO's NVRMini2 3.8.0 and Below
CSRF Vulnerability in PublicCMS V4.0.20180210 Allows Unauthorized Admin Account Creation
CSRF and XSS Vulnerability in PHP Scripts Mall Website Seller Script 2.0.3
CSRF Vulnerability in Moderator Log Notes Plugin 1.1 for MyBB
Heap-based Buffer Over-read Vulnerability in DISCOUNT 2.2.3a's isfootnote Function
Remote Denial of Service Vulnerability in DISCOUNT 2.2.3a
Firebase Token Exposure Vulnerability in Werewolf Online Application 0.8.8 for Android
Stack-based Buffer Overflow in sr_do_ioctl Function in Linux Kernel
FLIF 0.3: Long Loop Vulnerability in image_load_pnm
Information Disclosure Vulnerability in Linux Kernel's compat_get_timex Function
Default root:admin credentials used for ASUSTOR ADM 3.1.0.RFQ3 applications pose a webshell upload vulnerability
Remote Code Execution and Denial of Service Vulnerability in Western Digital TV Media Player and TV Live Hub
Unauthenticated Remote Code Execution Vulnerability in ASUSTOR ADM 3.1.0.RFQ3 NAS Portal
SQL Injection Vulnerability in ASUSTOR ADM 3.1.0.RFQ3 Photo Gallery Application
Stored XSS Vulnerability in Website Name Field in Creatiwity wityCMS 0.6.1
Unrestricted File Upload Vulnerability in PHP Scripts Mall Naukri Clone Script 3.0.3
SQL Injection Vulnerability in wpForo Plugin for WordPress
Heap Corruption and Application Crash Vulnerability in VideoLAN VLC Media Player 3.0.1
mySCADA myPRO 7 ProjectID Discovery Vulnerability
Phreaking Vulnerability: Exploiting HCL Legacy IVR Systems for Unauthorized Service Activations
Divide by Zero Denial of Service Vulnerability in libjpeg-turbo 1.5.90
Stored XSS vulnerability in Yosoro 1.0.4
Arbitrary File Upload Vulnerability in NUUO NVRmini 2's upload.php
CSV Injection Vulnerability in Advanced Order Export For WooCommerce Plugin
CSV Injection Vulnerability in WordPress Comments Import & Export Plugin (v2.0.4 and earlier)
Cross-Site Request Forgery (CSRF) Vulnerability in CScms v4.1 Allows Unauthorized Account Modification
SQL Injection Vulnerability in WUZHI CMS 4.1.0 via api/sms_check.php?param= URI
Use After Free Vulnerability in VideoLAN VLC Media Player 2.2.x Allows Arbitrary Code Execution via Crafted MKV Files
Insecure Certificate Validation in Burp Suite Community Edition 1.7.32 and 1.7.33
Heap-Based Buffer Overflow in Exiv2 0.26's getData Function in preview.cpp
Cross-Site Scripting (XSS) Vulnerability in ChangUonDyU Advanced Statistics Plugin 1.0.2 for MyBB
SQL Injection Vulnerability in SITEMAKIN SLAC v1.0
Heap-Based Buffer Overflow in md4c before 0.2.5 due to mishandling of splits in md_split_simple_pairing_mark
Bypassing Domain Whitelist Filter in Auth0 angular-jwt before 0.1.10
CSRF Vulnerability in SearchBlox 8.6.6 UserServlet
Username Enumeration Vulnerability in SecurityCenter Versions Prior to 5.7.0
Root Privilege Escalation Vulnerability in Sonus SBC Devices
Sonus SBC Remote Command Execution (RCE) Vulnerability
Arbitrary File Download Vulnerability in Sonus SBC Devices
Insecure Data Storage in Olive Tree FTP Server Application 1.32 for Android
Heap-Based Buffer Overflow in md4c 0.2.5: Vulnerability in md_merge_lines
Heap-Based Buffer Over-Read Vulnerability in md4c 0.2.5
Heap-Based Buffer Over-Read Vulnerability in md4c 0.2.5: md_is_link_reference_definition_helper
Unrestricted P2P Connections Vulnerability in EOS.IO DAWN 4.2
Stored XSS Vulnerability in WUZHI CMS 4.1.0 via Account Settings
Cross-Site Scripting (XSS) Vulnerability in SecurityCenter Reports Feature
DLL Hijacking Vulnerability in AXON PBX 2.02 Allows Remote Code Execution
Reflected XSS Vulnerability in AXON PBX 2.02 via AXON->Auto-Dialer->Agents->Name Field
XSS Vulnerability in SGIN.CN Xiangyun Platform V9.4.10 via login_url Parameter
Account Hijacking Vulnerability in YzmCMS v3.2 through v3.7
Out-of-Bounds Write Vulnerability in Little CMS 2.9 via Crafted TIFF File
Out-of-Bounds Write Vulnerability in Little CMS 2.9 via Crafted TIFF File
XSS Vulnerability in YIBAN Easy Class Education Platform 2.0 via articlelist.php k Parameter
Stored XSS in DomainMod 4.10.0: /settings/profile/index.php new_first_name parameter vulnerability
Stored XSS in DomainMod 4.10.0: /settings/profile/index.php new_last_name parameter vulnerability
Stack Buffer Overflow in Mikrotik RouterOS License Upgrade Interface
Stack-based Buffer Overflow in Insteon HD IP Camera White 2864-222: Control-Flow Hijacking via Crafted usr Key
EETHER Smart Contract Vulnerability: Unauthorized Asset Increase via Integer Overflow
Reflected XSS Vulnerability in MISP 2.4.91 via eventattribute.ctp
Arbitrary Code Injection in OTRS Customer Panel Application
Stored XSS via SVG Upload in YOOtheme Pagekit 1.0.13 and Earlier
User Enumeration Vulnerability in Mahara
Amazon Echo Reprompt Vulnerability
Reflected XSS Vulnerability in GamePlan Theme for WordPress (Version 1.5.13.2) due to Insufficient Input Sanitization
Deserialization of Untrusted Data Vulnerability in Eventum 3.5.0
Memory Exhaustion Vulnerability in Mikrotik RouterOS
Session Fixation Vulnerability in ClipperCMS 1.3.3
XSS Vulnerability in ClipperCMS 1.3.3 Module name Field
Integer overflow vulnerability in EAP-TLS protocol implementation in PPPD
Stack-Based Buffer Overflow in DecodeGifImg Function of ngiflib.c in MiniUPnP ngiflib 0.4
Heap-Based Buffer Over-Read Vulnerability in MiniUPnP ngiflib 0.4's GifIndexToTrueColor Function
Segmentation Fault Vulnerability in Liblouis 3.5.0's lou_logPrint Function
Segmentation Fault Vulnerability in GifIndexToTrueColor Function of MiniUPnP ngiflib 0.4
Unauthenticated Settings Change Vulnerability in MULTIDOTS WooCommerce Category Banner Management Plugin
Stack Exhaustion Vulnerability in Mikrotik RouterOS
Unauthenticated DoS Attack Vulnerability in MULTIDOTS Mass Pages/Posts Creator Plugin for WordPress
Brother HL Series Printers XSS Vulnerability in etc/loginerror.html
Stored XSS in SeaCMS 6.61 via siteurl parameter in admin_collect.php
XML External Entity (XXE) Vulnerability in SearchBlox 8.6.7 API
Remote Code Execution Vulnerability in Centreon 3.4.6 and Centreon Web 2.8.23 via RPN Value in Virtual Metric Form
Stored XSS Vulnerability in Centreon 3.4.6 and Centreon Web 2.8.23
Multiple SQL Injection Vulnerabilities in Centreon 3.4.6 and Centreon Web 2.8.23
Memory Corruption Vulnerability in Mikrotik RouterOS
Integer Overflow Vulnerability in Espruino before 1.99 Leads to Denial of Service
NULL Pointer Dereference Vulnerability in Espruino before 1.98
Out-of-bounds Read Vulnerability in Espruino before 1.98
Buffer Overflow Vulnerability in Espruino before 1.99 Allows Denial of Service and Information Disclosure
Buffer Overflow Vulnerability in Espruino Allows for Denial of Service
Buffer Overflow Vulnerability in Espruino before 1.99 Allows Denial of Service and Potential Privilege Escalation
Buffer Overflow Vulnerability in Espruino Syntax Parsing
Buffer Overflow Vulnerability in Espruino Syntax Parsing
Buffer Overflow and Out-of-bounds Read Vulnerability in Espruino
Out of Bounds Write Vulnerability in Netatalk before 3.1.12
Remote Code Execution in Quest NetVault Backup 11.2.0.13
Privilege Escalation Vulnerability in Samsung Members (ZDI-CAN-5361)
Denial of Service Vulnerability in npm mosca 2.8.1
Arbitrary Code Execution Vulnerability in Tencent Foxmail 7.2.9.115
Arbitrary Code Execution via Format Event Handling in Foxit Reader 9.0.0.29935
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.0.29935 (ZDI-CAN-5416)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.0.29935 (ZDI-CAN-5417)
Remote Code Execution Vulnerability in Quest NetVault Backup 11.2.0.13
Remote Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-5756)
Remote Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-5896)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-5873)
Remote Code Execution Vulnerability in Foxit Reader 9.0.1.1049 via addAdLayer Method
Use After Free Vulnerability in ImageMagick 7.0.7-36 Q16's ReadMATImage Function
Heap-based Buffer Over-read Vulnerability in ImageMagick 7.0.7-37 Q16's SetGrayscaleImage Function
Stack-Based Buffer Overflow in SELA v0.1.2-alpha's init_apev2_keys Function
XSS Vulnerability in Sinatra 400 Bad Request Page
XSS Vulnerability in EMS Master Calendar before 8.0.0.201805210 via URL Parameters
Default and Unremovable Support Credentials in HomeWorks QS Lutron Integration Protocol
Authentication Bypass Vulnerability in Quest NetVault Backup 11.2.0.13
Arbitrary Call and SMS Notification Vulnerability in Rondaful M1 Wristband Smart Band 1 Devices
CSRF Vulnerability in MULTIDOTS Add Social Share Messenger Buttons Plugin
CSRF Vulnerability in MULTIDOTS Woo Checkout for Digital Goods Plugin
Cleartext Storage of User Passwords in Dialogic PowerMedia XMS Administrative Console
Hard-coded Cryptographic Key Vulnerability in Dialogic PowerMedia XMS Administrative Console
CSRF Vulnerability in Dialogic PowerMedia XMS Administrative Console
Arbitrary File Read Vulnerability in Dialogic PowerMedia XMS Administrative Console
Unrestricted File Upload Vulnerability in Dialogic PowerMedia XMS Administrative Console
Cleartext Storage of Passwords in Cookies Vulnerability in Dialogic PowerMedia XMS
Unauthenticated Remote Denial-of-Service Vulnerability in ZyXEL P-870H-51 DSL Router
XML External Entity (XXE) Vulnerability in Dialogic PowerMedia XMS Web Service
Hard-coded Credentials Vulnerability in Dialogic PowerMedia XMS Administrative Console
Privilege Escalation via Incorrect Permission Assignment in Dialogic PowerMedia XMS
Arbitrary SQL Command Execution in Dialogic PowerMedia XMS Administrative Console
Arbitrary File Existence and Size Disclosure in Artifex Ghostscript
Unset pageURL vulnerability in WebKitGTK+ leading to application crash
Cross-Site Scripting (XSS) Vulnerability in oauth2orize-fprm before 0.2.1 via Crafted URL
XSS Vulnerability in Hue 3.12 via /pig/save/ Name and Script Parameters
Privilege Escalation Vulnerability in Joyent SmartOS (ZDI-CAN-4983)
Unescaped Text XSS Vulnerability in Graylog Notifications
Unescaped Text XSS Vulnerability in Graylog Dashboard Names
CSV Injection Vulnerability in Nikto 2.1.6 and Earlier: Remote Command Injection via HTTP Response Header
Netwave IP Camera Information Disclosure Vulnerability
Netwave IP Camera Information Disclosure Vulnerability
Memory Leak Vulnerability in ImageMagick 7.0.7-20 Q16 x86_64: Denial of Service via Crafted CALS Image File
Memory Leak Vulnerability in ImageMagick 7.0.7-20 Q16 x86_64's ReadDCMImage Function
Infinite Loop Vulnerability in MiniUPnP ngiflib 0.4
Privilege Escalation Vulnerability in Joyent SmartOS (ZDI-CAN-4984)
Arbitrary Code Execution via Spotify Music Player URI Handler (ZDI-CAN-5501)
CSRF Vulnerability in GreenCMS v2.3.0603 Allows Arbitrary PHP Code Execution
CSRF Vulnerability in GreenCMS v2.3.0603 Allows Unauthorized Admin Account Creation
Login Rate Limiting Bypass in Monstra CMS 3.0.4 via login_attempts cookie manipulation
CSRF Vulnerability in CmsEasy 6.1_20180508 Allows Unauthorized Article Addition
Privilege Escalation Vulnerability in ABB MicroSCADA 9.3 with FP 1-2-3
CSRF Vulnerability in CmsEasy 6.1_20180508 Allows DoS Attack via Rich Text Editor
Default and Unremovable Support Credentials in RadioRA 2 Lutron Integration Protocol Allow Total Super User Control
Default and Unremovable Support Credentials in Stanza Lutron Integration Protocol Allow Total Super User Control
Stack-based Buffer Overflow in parseChars function in Liblouis 3.5.0
Stack-based Buffer Overflow in includeFile function in compileTranslationTable.c
Stack-based Buffer Overflow in Liblouis 3.5.0's compileHyphenation Function
Remote Code Execution in FlexPaper 2.3.6 via setup.php and change_config.php
OwnerUnderflow: Exploiting an Integer Overflow in BTCR Smart Contract to Unauthorizedly Increase Digital Assets
Cross-Site Scripting (XSS) Vulnerability in Ignite Realtime Openfire before 3.9.2
XSS Vulnerability in Web Viewer for Hanwha and Samsung DVRs
Arbitrary Code Execution Vulnerability in Amazon Music Player 6.1.5.1213
Cross-Site Scripting (XSS) Vulnerability in Balbooa Gridbox Extension for Joomla!
Vulnerability: Inability to Change Management Password in Emerson DeltaV Smart Switch Command Center Application
Bypassing Administrator Mode Authentication on Canon LBP Devices via frame.cgi Vulnerability
Out-of-Bounds Read Vulnerability in LibSass through 3.5.4
NULL Pointer Dereference in LibSass Function: selector_append
NULL Pointer Dereference Vulnerability in LibSass <3.5.3
NULL Pointer Dereference in LibSass: Denial of Service and Potential Impact
Out-of-Bounds Read Vulnerability in LibSass through 3.5.4
Out-of-Bounds Read Vulnerability in LibSass through 3.5.4
Unauthenticated Arbitrary CAN Message Injection in Volkswagen Customer-Link App and HTC Customer-Link Bridge
User Mode Write AV Vulnerability in FastStone Image Viewer 6.2
User Mode Write AV Vulnerability in FastStone Image Viewer 6.2
User Mode Write AV Vulnerability in FastStone Image Viewer 6.2
User Mode Write AV Vulnerability in FastStone Image Viewer 6.2
User Mode Write AV Vulnerability in FastStone Image Viewer 6.2
User Mode Write AV Vulnerability in FastStone Image Viewer 6.2
User Mode Read and Execute AV Vulnerability in FastStone Image Viewer 6.2
Unauthenticated Reflected Cross-Site Scripting (XSS) in wpForo Forum Plugin
Privilege Escalation via DTrace DOF Files in Joyent SmartOS (ZDI-CAN-5106)
Invalid Write Vulnerability in libopenmpt Allows Denial of Service or Possible Other Impact
Canon MF210 and MF220 Web Interface PIN Bypass Vulnerability
TLS Certificate Verification Bypass in WebKitGTK+ WebSocket Connections
WebSocket Connection Deanonymization Vulnerability in WebKitGTK+
Improper Session Handling Vulnerability on TP-Link TL-WR840N and TL-WR841N Devices
XSS Vulnerability in Recent Threads Plugin for MyBB
Unauthenticated Remote Access to Critical Log Files in Zoho ManageEngine Desktop Central
Vulnerability: Information Disclosure in Zoho ManageEngine Desktop Central
CSRF Vulnerability in Xovis PC2, PC2R, and PC3 Devices through 3.6.0
Xovis PC2, PC2R, and PC3 Devices: XXE Vulnerability
Null Pointer Dereference Vulnerability in Squid 3.5.27-20180318 Allows Remote Denial of Service
Directory Traversal Vulnerability in Xovis PC2, PC2R, and PC3 Devices through 3.6.0
SQL Injection in WUZHI CMS 4.1.0 via 'code' parameter in api/uc.php
Heap-based Buffer Over-read in libpff_name_to_id_map_entry_read function
Heap-based Buffer Overflow in Libmobi 0.3's mobi_pk1_decrypt Function
Heap-based Buffer Over-read in Libmobi 0.3's mobi_parse_index_entry Function
Heap-based Buffer Overflow in Libmobi 0.3's mobi_decode_font_resource Function
Heap-based Buffer Over-read in libfsntfs_attribute_read_from_mft Function
Heap-based Buffer Over-read in libfsntfs_reparse_point_values_read_data function
Heap-based Buffer Over-read in libfsntfs_mft_entry_read_header Function
Arbitrary Code Execution via XFA borderColor Attribute in Foxit Reader 9.0.0.29935
Denial of Service Vulnerability in libfsntfs_security_descriptor_values_free Function
Heap-based Buffer Over-read in libfsntfs_mft_entry_read_attributes function
Unfiltered Output in e107 v2.1.7 Leads to XSS Vulnerability
XSS Vulnerability in Ximdex 4.0: Exploiting sname or fname Parameter in index.php?action=createaccount
Arbitrary PHP Code Execution via Image Upload in Pluck CMS
Out-of-Bounds Read Vulnerability in The Sleuth Kit (TSK)
Out-of-Bounds Read Vulnerability in The Sleuth Kit (TSK)
Out-of-Bounds Read Vulnerability in The Sleuth Kit (TSK)
Remote Code Execution Vulnerability in Foxit Reader 9.0.0.29935 via BitmapDPI Attribute Handling
Out-of-Bounds Read Vulnerability in The Sleuth Kit (TSK)
Predictable Session IDs in NEC Univerge Sv9100 WebPro 6.00.00 Devices: Account Information Disclosure Vulnerability
Cleartext Password Storage Vulnerability in NEC Univerge Sv9100 WebPro 6.00.00 Devices
Denial of Service and Potential Impact in init_copy Function of mruby 1.4.1
Cloudera Manager 5.15 Incorrect Access Control Vulnerability
Insecure WinRM Authentication in Puppet Discovery Prior to 1.2.0
Default TLS Certificate Vulnerability in Puppet Discovery
World Readable Credentials in Puppet device_manager Module
Plaintext Transmission of User Credentials in RBAC LDAP with startTLS in Puppet Enterprise
Remote Code Execution Vulnerability in Foxit Reader 9.0.0.29935
Insecure SSH Connection Establishment in Previous Versions of Puppet cisco_ios Module
Unverified SSL Connection in Previous Versions of Puppet Agent
Puppet cisco_ios Module: SSH Session Debug Information Leakage Vulnerability
Vulnerability: Code Exploitation in PHP Runtime for Apache OpenWhisk
Docker Skeleton Runtime for Apache OpenWhisk: User Function Replacement Vulnerability
XML External Entity (XXE) vulnerability in Apache Cayenne CayenneModeler
Vulnerability: Apache Tomcat JK Connector Path Normalization Bypass
Arbitrary Code Execution via ePub File Parsing in Foxit Reader 9.0.0.29935
User Impersonation Vulnerability in PySpark
Apache Tika XML Entity Expansion Vulnerability
Vulnerability: File Overwrite in Apache Tika
HTTP/2 Denial of Service Vulnerability
Apache Hadoop 3.0.0-alpha4, 3.0.0-beta1, and 3.0.0 Vulnerability: Impersonation of Authenticated Users
Unauthenticated Access to Servlets in Apache Hadoop with Kerberos Authentication Enabled
Incomplete Security Fix in Apache Hadoop 2.7.4 to 2.7.6 Allows Arbitrary Command Execution as Root User
Incorrect User Access Control in Apache Hadoop Versions 2.7.5 to 2.7.6, 2.8.3 to 2.8.4, and 2.9.0 to 2.9.1 with Non-Default Groups Mapping
User/Group Information Corruption Vulnerability in Apache Hadoop
Privilege Escalation via HTTP API in CouchDB
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.0.29935 (ZDI-CAN-5488)
Inadequate Authentication in Apache Spark's Standalone Master REST API
Denial of Service Vulnerability in Apache Commons Compress' ZipArchiveInputStream
SQL Injection Vulnerability in Apache VCL Versions 2.1 - 2.5
Apache VCL Block Allocation Form Input Validation Vulnerability
SQL Injection Vulnerability in Apache VCL Versions 2.1 - 2.5
Missing TLS Hostname Verification in Apache ActiveMQ Client
Remote Code Execution Vulnerability in Apache Struts Versions 2.3 to 2.3.34 and 2.5 to 2.5.16
Unprotected Local Resource Vulnerability in Apache Hive 2.3.3 and 3.1.0
Stack-based Buffer Overflow Vulnerability in UnixAuthenticationService in Apache Ranger 1.2.0
Apache Storm UI Deserialization Vulnerability
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.0.29935 (ZDI-CAN-5489)
Remote Code Execution Vulnerability in Apache SpamAssassin PDFInfo Plugin
Local User Code Injection Vulnerability in Apache SpamAssassin 3.4.2
Apache Subversion Server Process Exit Vulnerability
Insecure Header Stripping Vulnerability in SSLHeaders Plugin
Apache Tomcat Redirect Vulnerability
Apache Impala: Unauthorized User Data Injection Vulnerability
Vulnerability: Unrestricted File System Access via Apache Karaf SSH Service
Unauthenticated Access to Apache Karaf Gogo Console via Pax Web Extender Whiteboard
Apache Karaf XXE Vulnerability in Features Deployer
Path Traversal Vulnerability in Heron-UI Allows Unauthorized File Access
Remote Code Execution Vulnerability in Foxit Reader 9.0.0.29935 via GIF Image Parsing (ZDI-CAN-5490)
Arithmetic Overflow Vulnerability in Apache Open Office 4.1.5 and Earlier
Privilege Escalation via ALTER TABLE/VIEW RENAME in Apache Impala
Stack Overflow Vulnerability in Apache Mesos JSON Parser
XML Entity Expansion Denial of Service Vulnerability in Apache Tika 1.19 (CVE-2018-11761)
Denial of Service Vulnerability in Apache PDFBox
Remote File Access Vulnerability in Apache Thrift Node.js Web Server
User Impersonation Vulnerability in Apache Oozie 3.1.3-incubating to 5.0.0
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.0.29935 (ZDI-CAN-5491)
Apache Fineract 1.3.0 SQL Injection Vulnerability in GroupSummaryCounts Table
SQL Injection Vulnerability in Apache Fineract: Arbitrary SQL Command Execution
Authorization Bypass Vulnerability in Apache Solr
Uninitialized Pointer Crash in Subversion's mod_dav_svn Apache HTTPD Module
Apache Spark: Information Disclosure Vulnerability in Zinc Server
Command Injection Vulnerability in Apache SpamAssassin
Heap-based Buffer Overflow in m_cat Function in Qemu's slirp/mbuf.c
Arbitrary File Deletion and Read Vulnerability in Zoho ManageEngine Applications Manager Version 13 before build 13740
Loop Vulnerability in libjpeg 9c's rdtarga.c Due to Mishandling of EOF in read_pixel
Race Condition Vulnerability in LUT Configuration Update in Android Releases
Multiple ACS Scan Requests Vulnerability in Snapdragon Auto, Consumer IOT, Industrial IOT, Mobile, and IoT Platforms
Arbitrary Script Execution with Root Privileges in EMC RSA Identity Governance and Lifecycle
Side Channel Vulnerability in Multiple Snapdragon Processors
Integer Overflow Vulnerability in WLAN Memory Allocation in Snapdragon Mobile and Snapdragon Wear Devices
Integer Overflow Vulnerability in WLAN Memory Allocation on Snapdragon Mobile (SD 835, SD 845, SD 850, SDA660)
Double Free Vulnerability in Power Module of CAF Android Releases
Stack-Based Buffer Overflow Vulnerability in Snapdragon Mobile and Wear Firmware Routines
Buffer Overflow Vulnerability in WLAN Ext Scan Handler
Out-of-Bounds Write Vulnerability in WMA Roam Synchronization Handler
Looping Vulnerability in Random MAC Address Generation on Snapdragon Mobile Devices
Dell EMC Products XXE Injection Vulnerability
Integer Overflow Vulnerability in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, SD 410/12, SD 820A
Heap Overflow Vulnerability in PMIC Function in Android Releases from CAF
Out-of-Bounds Access Vulnerability in WLAN Function in Android Releases from CAF
Double Free Vulnerability in Snapdragon WLAN
Command Injection Vulnerability in EMC RecoverPoint for Virtual Machines
Double Free Vulnerability in Android WLAN Driver Command IOCTL
Memory Allocation Vulnerability in Android WLAN Association
Potential Use After Free Vulnerability in Android Releases from CAF
Non-Time-Constant Comparison Vulnerability in Snapdragon Processors
Timing/Side Channel Vulnerability in Snapdragon Mobile Processors
QSEE Kernel Memory Corruption Vulnerability in Snapdragon Platforms
Buffer Overflow Vulnerability in Snapdragon Processors
Command Injection Vulnerability in EMC RecoverPoint for Virtual Machines
Buffer Overflow Vulnerability in Qualcomm Snapdragon Processors
Out-of-Bound Write Vulnerability in Android Releases from CAF
Out-of-Bounds Write Vulnerability in Android Releases from CAF
Buffer Overflow Vulnerability in Snapdragon Mobile and Snapdragon Wear Devices
Buffer Overflow Vulnerability in Snapdragon Mobile WLAN (SD 835, SD 845, SD 850, SDA660)
Buffer Overflow Vulnerability in SCP11 Sample OCE Code in Multiple Snapdragon Platforms
Buffer Overflow Vulnerability in Snapdragon Mobile WLAN Function Handling WMI Commands
WLAN Encrypt/Decrypt Module Buffer Copy Vulnerability in Snapdragon Mobile (SD 835, SD 845, SD 850)
Buffer Overwrite Vulnerability in Snapdragon Mobile (SD 835, SD 845, SD 850) when Processing IE Set Command
Buffer Overwrite Vulnerability in Snapdragon Mobile (SD 845, SD 850) WLAN Input Length Validation
Cross-Site Scripting (XSS) Vulnerability in Dell EMC Isilon OneFS Web Administration Interface
Potential Buffer Overflow Vulnerability in Android Releases from CAF
WLAN Buffer Overflow Vulnerability in Snapdragon Mobile (SD 845, SD 850, SDA660)
WLAN Module Buffer Overflow Vulnerability in Snapdragon Mobile (SD 845, SD 850, SDA660)
Buffer Overwrite Vulnerability in Android Releases from CAF
Vulnerability: Unauthorized Writing and Reading of Fuses in Multiple Snapdragon Platforms
Integer Overflow Vulnerability in Snapdragon Mobile and Snapdragon Wear Devices
WLAN Integer Overflow Vulnerability in Snapdragon Mobile and Snapdragon Wear Devices
Buffer Overflow Vulnerability in Snapdragon Mobile (SD 845) WLAN Function
Buffer Overflow Vulnerability in Android Releases from CAF with Linux Kernel
Buffer Overflow Vulnerability in WMA Handler in Android Releases from CAF
Cross-Site Scripting Vulnerability in Dell EMC Isilon OneFS Web Administration Interface
Buffer Overwrite Vulnerability in Multiple Qualcomm Chipsets
Buffer Overwrite Vulnerability in WLAN Function in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear
Buffer Overflow Vulnerability in Snapdragon Mobile WLAN Function
Buffer Overflow Vulnerability in Snapdragon Mobile SD 845 WLAN Roam Buffer Handling
Critical Buffer Overflow Vulnerability in Snapdragon Mobile (SD 835, SD 845, SD 850, SDA660) Allows Passphrase Length Exceeding 32 Characters
Buffer Overflow Vulnerability in Snapdragon Mobile (SD 845, SD 850) WLAN Function
WLAN Buffer Overflow Vulnerability in Snapdragon Mobile (SD 835, SD 845, SD 850, SDA660)
Buffer Overflow Vulnerability in Snapdragon Mobile Processors
Critical Vulnerability: Invalid Memory Access in WLAN Function on Android Releases
Buffer Overflow Vulnerability in Snapdragon Mobile SD 845
Cross-Site Scripting Vulnerability in Dell EMC Isilon OneFS Web Administration Interface
Buffer Overflow Vulnerability in Snapdragon Mobile WLAN Function
Buffer Overflow Vulnerability in Snapdragon Mobile WLAN Controller
Out of Bound Access Vulnerability in Policy Mgr Unit Test in CAF Android Releases
Buffer Overflow Vulnerability in Snapdragon Mobile WLAN Function
Integer Overflow and Buffer Overflow Vulnerability in WLAN Function of CAF Android Releases
SCP11 Crypto Services TA Unauthorized Access Vulnerability
Memory Access Vulnerability in Android Releases from CAF with Linux Kernel
Cross-Site Scripting (XSS) Vulnerability in Dell EMC Isilon OneFS Web Administration Interface
Out of Bounds Read Vulnerability in WLAN HOST Function
Buffer Overflow Vulnerability in Android Releases from CAF
Integer Overflow Vulnerability in Android Releases from CAF
Improper Length Check Validation in WLAN Function: Potential Memory Corruption Vulnerability
Out of Bounds Read Vulnerability in Android Releases
Out of Bounds Read Vulnerability in Android Releases from CAF
Improper Validation of Radio Index in Multiple Snapdragon Platforms
Cross-Site Scripting (XSS) Vulnerability in Pivotal Cloud Foundry UAA
Out-of-Bounds Access Vulnerability in WLAN HOST Firmware
Out-of-Bounds Write Vulnerability in WLAN HOST via WMA Interfaces in Android Releases
Invalid Pointer Dereference Vulnerability in Android Releases from CAF with Linux Kernel
WLAN Function Buffer Overflow Vulnerability in CAF Android Releases
Default Privileged Access Vulnerability in Android Releases from CAF with Linux Kernel
Improper Access Control in CAF Android Releases: Potential Device Node and Executable Vulnerability
Improper Access Control in CAF Android Releases: Potential Device Node and Executable Vulnerability
Improper Access Control in CAF Android Releases: Potential Device Node and Executable Execution Vulnerability
Information Exposure Vulnerability in Cloud Foundry Garden-runC
Improper Access Control in CAF Android Releases: Potential Device Node and Executable Vulnerability
Improper Script Configuration in CAF Android Releases: A Path to Unprivileged Access
Unprivileged Access Vulnerability in CAF Android Releases
Improper Configuration of Dev Nodes in CAF Android Releases: A Potential Security Vulnerability
Improper Access Control in CAF Android Releases: Potential Device Node and Executable Vulnerability
Automatic Memory Release Vulnerability in CAF Android Releases
Potential Heap Overflow and Memory Corruption in CAF Android Releases: Improper Error Handling in SOC Infrastructure
SessionID Logging Vulnerability in Cloud Foundry Foundation and UAA
Improper Failure Condition Handling and Error Code Return Vulnerability in Snapdragon Processors
Integer Overflow and Buffer Overflow in WMA Event Handler in Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, Mobile, and other Qualcomm Chipsets
Integer Overflow Vulnerability in WLAN Function in Qualcomm Snapdragon Processors
Buffer Overflow Vulnerability in Multiple Snapdragon Processors
Out of Bounds Array Index Vulnerability in Snapdragon Auto, Consumer Electronics Connectivity, Consumer IOT, Industrial IOT, Mobile, Voice & Music in Multiple Qualcomm Chipsets
Buffer Overflow Vulnerability in WMI Command Processing in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA8081, QCA9377, QCA9379, QCA9886, QCS605, SD 210/SD 212/SD 205, SD 425, SD 600, SD 625, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM630, SDM660, SDX20, SDX24, SM7150, SXR1130
Heap Overflow Vulnerability in WLAN Function in Multiple Snapdragon Platforms
X-Forwarded-Proto Header Bypass Vulnerability in Cloud Foundry Routing-Release
Integer Truncation Vulnerability in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCS605, Qualcomm 215, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 675, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24, SM7150
Improper Access to HLOS in Snapdragon Processors
Improper Input Validation Vulnerability in Snapdragon Processors
Improper Input Validation Leads to Out of Bounds Write Vulnerability in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in Multiple Qualcomm Chipsets
Improper Input Validation Vulnerability in Multiple Snapdragon Platforms
Out-of-Bounds Memory Access Vulnerability in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6174A, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9379, QCA9886, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 820, SD 820A, SD 835, SDX20, SDX24, Snapdragon_High_Med_2016
Buffer Over-read Vulnerability in WLAN Function in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in Multiple Qualcomm Chipsets
Buffer Overflow Vulnerability in Multiple Snapdragon Products
Multiple ACS Scan Requests Vulnerability in Snapdragon Auto, Consumer IOT, Industrial IOT, and Mobile Devices
Out-of-Bounds Access Vulnerability in WLAN Function of Snapdragon Processors
Uninitialized Kernel SKB Memory Exposure Vulnerability
Memory Leak and Unexpected Behavior in Fastboot Flash Command Processing
Heap Overflow Vulnerability in Wireless Service Messaging Module for Snapdragon Auto, Compute, Consumer Electronics Connectivity, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, Wearables
Unauthenticated Port Forwarding Vulnerability in CAF Android Releases
Double Free Vulnerability in Snapdragon Auto, Consumer Electronics Connectivity, Consumer IOT, Industrial IOT, Mobile, Voice & Music, Wired Infrastructure and Networking
Untracked Usage Entries Vulnerability in Snapdragon Platforms
Uninitialized Extra Buffer Vulnerability in WLAN Function in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
Vulnerability: Authentication Bypass via Refresh Tokens in Cloud Controller
Unapproved TrustZone Application Execution Vulnerability in Snapdragon Mobile (SD 845, SD 850)
Improper Access Control in XBL_LOADER Module Leads to ZI Region Clear Vulnerability in Snapdragon Mobile (SD 845, SD 850)
Out-of-bounds Access Vulnerability in Snapdragon Auto, Consumer Electronics Connectivity, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, Wearables in Multiple Qualcomm Chipsets
Out of Bound Read Vulnerability in Snapdragon Auto, Consumer Electronics Connectivity, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, Wearables in Multiple Qualcomm Chipsets
Improper Mounting Vulnerability in CAF Android Releases: Potential Security Issue with /dsp/ Device Node Execution
Keypad Key Protection Vulnerability in Qualcomm Snapdragon Processors
Symlink Attack Vulnerability in Spring Boot Embedded Launch Script
Use After Free Vulnerability in SPS Driver Leads to Kernel Error
Out-of-Bound Vector Index Access Vulnerability in CAF Android Releases with Linux Kernel
Use-after-free Vulnerability in Audio Effects Config Loading
Buffer Overread Vulnerability in Camera JPEG Driver
Hashed Content Exposure in /etc/passwd: A Critical Security Vulnerability in CAF Android Releases
Unrestricted Execution of proptrigger.sh in CAF Android Releases: A Potential Property Manipulation Vulnerability
Undefined Behavior Vulnerability in UE Processing Unknown IEI in OTA Message in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SM7150, Snapdragon_High_Med_2016, SXR1130
Vulnerability: Signature Verification Bypass in skel Library
Integer overflow vulnerability in multiple Snapdragon platforms
Privileged Credential Exposure in Windows Stemcells on Google Cloud Platform
Unprotected Dynamic Allocations in Snapdragon Platforms
Interrupt Exit Code Flow Vulnerability in Snapdragon Processors
ECDSA Signature Code Leakage Vulnerability in Multiple Snapdragon Platforms
Insecure Password Logging in Pivotal Cloud Cache Deployment Logs
Buffer Overflow Vulnerability in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in Multiple Qualcomm Chipsets
Double Free Vulnerability in Snapdragon Mobile and Wear Devices
Kernel Memory Corruption Vulnerability in CAF Android Releases
Use After Free and Out-of-Bounds Access Vulnerability in DIAG Driver
Heap Overflow Vulnerability in CAF Android Releases with Linux Kernel
Buffer Overflow Vulnerability in Camera Subsystem's Microcontroller Communication
Memory Allocation Failure in Secure Pool Leading to Kernel Panic
Un-trusted Pointer De-reference Vulnerability in CAF Android Releases
Bypassing Security Constraints in Spring Security and Spring Framework
Buffer Overflow Vulnerability in Snapdragon Wear (MDM9206, MDM9607) MQTT Connection Request
Vulnerability: SMMU Secure Camera Logic Allows Unauthorized Access to HLOS Memory in Snapdragon Devices
Improper Termination Vulnerability in CAF Android Releases
Out-of-Bounds Access Vulnerability in Snapdragon Processors
Race Condition Vulnerability in MQTT Packet Decode Request Processing in Snapdragon Mobile and Snapdragon Wear (Versions MDM9206, MDM9607, SD 210/SD 212/SD 205, SD 427, SD 435, SD 450, SD 625, SD 636, SD 835, SDA660, SDM630, SDM660, Snapdragon_High_Med_2016)
Denial of Service Vulnerability in Snapdragon TrustZone
Unprivileged Remote File Read Vulnerability in Apps Manager for PCF
Unlocked Secure Keypad Vulnerability in Snapdragon Devices
Binder Call Vulnerability: System Halt Exploit in Multiple Snapdragon Platforms
Uninitialized Padding Vulnerability in CAF Android Releases
Cross-Site Scripting (XSS) Vulnerability in Dell EMC Isilon OneFS Web Administration Interface
Stack Overflow Vulnerability in CAF Android Releases: TrustZone Memory Corruption
Uninitialized Socket Address Data Leak Vulnerability in CAF Android Releases
Unvalidated Blacklisting Region Shared Buffered Memory Vulnerability in Snapdragon Devices
Improper Authentication in Locked Memory Region Vulnerability
Null Pointer Dereference Vulnerability in NAT Module of CAF Android Releases
Directory Traversal and Arbitrary File Overwrite Vulnerability in Perl Archive::Tar Module
Denial of Service Vulnerability in GNOME Web (Epiphany) through 3.28.2.1
EPoD: Denial of Service Vulnerability in Go Ethereum (geth) LES Protocol Implementation
Signature Spoofing Vulnerability in Enigmail
Cross-Site Scripting (XSS) Vulnerability in Dell EMC Isilon OneFS Web Administration Interface
GnuPG Original Filename Spoofing Vulnerability
Incorrect Access Control Vulnerability in Singularity Overlay File System
Remote Code Execution via LDAP Service in FasterXML jackson-databind
Remote Code Execution via Jackson-databind Default Typing Vulnerability
Vulnerability: Logic Error in transferFrom Function Allows Unauthorized Asset Transfer
Symlink Manipulation Vulnerability in Phusion Passenger 5.3.x before 5.3.2
Insecure Permissions Vulnerability in Phusion Passenger 5.3.x: Information Disclosure via Unix Domain Socket
Incorrect Access Control Vulnerability in Phusion Passenger 5.3.x: Arbitrary PID Manipulation
Privilege Escalation via Race Condition in Phusion Passenger Nginx Module
Privilege Escalation Vulnerability in Dell EMC Isilon OneFS
XSS Vulnerability in Chevereto Free before 1.0.13
Local File Inclusion Vulnerability in Eaton Intelligent Power Manager v1.6 via server/node_upgrade_srv.js Directory Traversal
Out of Bounds Read Vulnerability in YARA 3.7.1 and Prior
Out of Bounds Write Vulnerability in YARA 3.7.1 and Prior
Arbitrary File Write Vulnerability in OWASP Dependency-Check (before 3.2.0)
Cryptographic Link Absence Vulnerability in Samsung and Crucial SSDs
Samsung 840 EVO Disk-Encryption Key Access Vulnerability
Remote Code Execution in joyplus-cms 1.6.0 via Arbitrary SQL Command Execution
Path Traversal Vulnerability in Dell EMC Isilon OneFS Versions 7.1.1.11 - 8.1.0.1
Reflected Cross-site scripting (XSS) vulnerability in SensioLabs Symfony 3.3.6 web profiler
Remote Denial of Service Vulnerability in MediaTek AWUS036NH Wireless USB Adapter
Directory Traversal Vulnerability in Roxy Fileman v1.4.5 via php/download.php f parameter
Cross-Site Scripting (XSS) Vulnerability in Symphony 2.7.6 via pages content page
Arbitrary File Upload Vulnerability in DedeCMS V5.7SP2
Arbitrary File Write Vulnerability in DedeCMS 5.7SP2
XSS Vulnerability in Ximdex 4.0: Filter[n][value] Parameter XSS
Bypassing Management Mode on Canon LBP7110Cw Web Interface without PIN
Canon LBP6030w Web Interface Authentication Bypass Vulnerability
Remote Denial of Service Vulnerability in Dell EMC ScaleIO MDM Service
Arbitrary File Upload and Remote Code Execution in PHP Scripts Mall Schools Alert Management Script
SQL Injection Vulnerability in PHP Scripts Mall Schools Alert Management Script via q Parameter in get_sec.php
Arbitrary File Deletion Vulnerability in PHP Scripts Mall Schools Alert Management Script via delete_img.php
Arbitrary File Read Vulnerability in PHP Scripts Mall Schools Alert Management Script
SQL Injection Vulnerabilities in PHP Scripts Mall Schools Alert Management Script
Publicly Readable _seed Value in maxRandom Function Allows Attackers to Always Win in All For One Ethereum Gambling Game
Hardcoded Database Account with Administrative Privileges in Dell EMC Data Protection Advisor
The tradeTrap Vulnerability: Exploiting the Sell Function of SwftCoin (SWFTC) Smart Contract
The tradeTrap Vulnerability in Internet Node Token (INT) Smart Contract Implementation
Heap-Based Buffer Over-Read Vulnerability in tinyexr 0.9.5
Local File Inclusion Vulnerability in Creatiwity wityCMS 0.6.2
Denial of Service Vulnerability in BIRD Internet Routing Daemon
The tradeTrap Vulnerability: Exploiting the Sell Function in Substratum (SUB) Smart Contract
The tradeTrap Vulnerability: Exploiting the Sell Function in Target Coin (TGT) Smart Contract
Dell EMC iDRAC7/iDRAC8 CGI Injection Remote Code Execution Vulnerability
The tradeTrap Vulnerability: Exploiting the Sell Function of SEC Token Smart Contract
Session Fixation Vulnerability in CodeIgniter
Unauthenticated TELNET Remote Access Vulnerability in Cloud Media Popcorn A-200 Firmware
Authentication Bypass Vulnerability in Eminent EM4544 9.10 Devices
UPC Bar Code Vulnerability in Avanti Markets MarketCard: Unauthorized Access and Customer Information Disclosure
TradeTrap: Arbitrary Supply Increase Vulnerability in PolyAI Token Contract
TradeTrap: Arbitrary Total Supply Increase Vulnerability in Substratum (SUB) Token Contract
TradeTrap: Arbitrary Total Supply Increase Vulnerability in INT Token's mintToken Function
TradeTrap: Arbitrary Total Supply Manipulation in Target Coin (TGT) ERC20 Token Contract
TradeTrap: Arbitrary Total Supply Increase Vulnerability in Fujinto (NTO) Token Contract
TradeTrap: Arbitrary Supply Increase Vulnerability in GOAL Bonanza (GOAL) Token Contract
TradeTrap: Arbitrary Total Supply Increase Vulnerability in BitAsean (BAS) Token Contract
Stack-based Buffer Overflow in parseChars function in Liblouis 3.6.0
Stack Overflow Vulnerability in OPC UA Applications
Certificate Validation Bypass in OPC Foundation UA Client Applications Enables Password Decryption
S3QL Checksumming Vulnerability: Replay Attacks and File Manipulation
Password Exposure in Octopus Deploy 2018.5.1 to 2018.5.7
Unauthenticated Reflected XSS Vulnerability in LAMS before 3.1
Heap-Based Buffer Over-Read Vulnerability in tinyexr 0.9.5
Memory Leak in ParseEXRHeaderFromMemory in tinyexr.h
Arbitrary Script Injection in Dimofinf CMS Version 3.0.0 via news.php
Reflected Cross-Site Scripting Vulnerability in OEcms v3.1's info.php mod Parameter
Heap-based Buffer Over-read in liblnk_data_string_get_utf8_string_size Function
Heap-based Buffer Over-read in liblnk_location_information_read_data function
Heap-based Buffer Over-read in liblnk_data_block_read Function
XSS Vulnerabilities in Grafana Dashboard Links
XSS Vulnerability in Sonatype Nexus Repository Manager Administration UI
XSS Vulnerabilities in CMS Clipper 1.3.3 Security Tab and User/Resource Group Fields
NULL Pointer Dereference in md_process_line function of md4c 0.2.6
Predictable CAPTCHA Disclosure and Unauthorized Login Attempts on D-Link DIR-890L, DIR-885L/R, and DIR-895L/R Devices
Arbitrary Script Injection in Airbnb Knowledge Repo 0.7.4 via Post Comments
Denial of Service Vulnerability in Dropbox Lepton 1.2.1
Heap-based Buffer Overflow in FLIF TransformPaletteC<FileIO>::process Function
Path Traversal Vulnerability in Dell EMC iDRAC7/iDRAC8 Web Server
SQL Injection in portfolioCMS 1.0.5 via admin/portfolio.php preview parameter
Canon PrintMe EFI Webinterface XSS Vulnerability
Remote Code Execution Vulnerability in md4c 0.2.6
Buffer Overflow Vulnerability in Core FTP LE Version 2.2 Build 1921: Potential DoS and Remote Code Execution via PASV Response
CSRF Vulnerability in Maccms 10 Allows Unauthorized User Account Addition
Buffer Write Vulnerability
HTTP Request Splitting Vulnerability in Node.js
Command Injection Vulnerability in Dell EMC iDRAC6 Diagnostics Console
Node.js Debugger Port Vulnerability
Node.js HTTP Server Denial of Service Vulnerability
Node.js: Slowloris HTTP Denial of Service Vulnerability
Hostname Spoofing in URL Parser for JavaScript Protocol
Microarchitectural Store Buffer Data Sampling (MSBDS): Information Disclosure Vulnerability
Microarchitectural Load Port Data Sampling (MLPDS) Vulnerability
Cross-Site Request Forgery Vulnerability in Dell EMC Isilon OneFS
Microarchitectural Fill Buffer Data Sampling (MFBDS) Vulnerability: Information Disclosure via Speculative Execution
Privilege Escalation Vulnerability in Intel NVMe and RSTe Driver Pack Installers
Dell EMC SupportAssist Enterprise Version 1.1 Default Password Vulnerability
Privilege Escalation Vulnerability in Intel(R) CSME, Intel® Server Platform Services, and Intel® Trusted Execution Engine Firmware
Privilege Escalation via File Permissions in Intel Driver and Support Assistant
Buffer Overflow Vulnerability in Intel Extreme Tuning Utility
Arbitrary File Upload Vulnerability in Dell EMC Unisphere for VMAX and VASA Virtual Appliances
Privilege Escalation in Intel Extreme Tuning Utility Installer
Buffer Overflow Vulnerability in Intel Extreme Tuning Utility Installer
Pointer Corruption Vulnerability in Intel Graphics Drivers
Denial of Service Vulnerability in Intel Graphics Drivers: Impact on Host System via Local Access
Denial of Service Vulnerability in Intel Graphics Drivers
Data Leakage Vulnerability in Intel IPP Cryptographic Libraries
Vulnerability: Insufficient Input Validation in Intel NUC FW Kits BIOS Update Utility
Buffer Overflow Vulnerability in Intel(R) PROSet Wireless v20.50 and Earlier: Local Denial of Service Exploit
Hard-coded Password Vulnerability in Dell EMC vApp Manager
DLL Injection Vulnerability in Intel Data Center Migration Center Software v3.1 and Earlier: Local Code Execution via Default Directory Permissions
Insufficient Session Validation in Intel Rapid Web Server 3: Potential Information Disclosure Vulnerability
Potential Code Execution via Default Directory Permissions in Intel OpenVINO Toolkit for Windows
DLL Injection Vulnerability in Intel IoT Developers Kit 4.0 Installer
Firmware Vulnerability: Insufficient Write Protection in Intel(R) Optane(TM) SSD DC P4800X (before version E2010435)
Denial of Service Vulnerability in Intel(R) Optane(TM) SSD DC P4800X Bootloader Firmware Update Routine
Privilege Escalation via File Permissions in Intel Computing Improvement Program
Firmware Authentication Bypass Vulnerability in Intel Core Processors
Missing Access Control Check Vulnerability in Avamar Installation Manager
Critical Privilege Escalation Vulnerability in Intel BMC Firmware
Firmware Password Disclosure Vulnerability in Intel Server Board and Compute Module
Insufficient Access Protection in Intel Server Board Firmware: Potential Arbitrary Code Execution and Information Disclosure
Heap Overflow Vulnerability in Intel Trace Analyzer 2018
Privilege Escalation Vulnerability in Intel Distribution for Python (IDP) 2018
Intel NUC Kits Firmware Vulnerability: Arbitrary Code Execution and Privilege Escalation
ZeroConfig Service Directory Permissions Vulnerability
EDK II Network Stack Buffer Overflow Vulnerability
EDK II Firmware Vulnerability: Potential Privilege Escalation, Information Disclosure, and Denial of Service via Improper Configuration
Buffer Overflow Vulnerability in Dell EMC NetWorker
Buffer Overflow Vulnerability in BlockIo Service for EDK II
Corrupted BMP File Vulnerability in EDK II: Potential Denial of Service or Privilege Escalation
Insufficient Memory Write Check Vulnerability in SMM Service for EDK II
Stack Overflow Vulnerability in DxeCore for EDK II: Potential Privilege Escalation, Information Disclosure, and Denial of Service
Intel(R) AMT Insufficient Input Validation Vulnerability
Denial of Service Vulnerability in Intel(R) Active Management Technology (Intel(R) AMT)
Insufficient Input Validation in Intel CSME and Intel TXE: Physical Access Data Modification Vulnerability
Local Privilege Escalation in Intel CSME and Intel TXE
Improper Access Control Vulnerability in EMC RSA Archer API
Privilege Escalation Vulnerability in Intel(r) CSME and TXE Subsystems
Arbitrary Code Execution Vulnerability in Intel CSME, Intel Server Platform Services, and Intel TXE
Bypassing MEBx Authentication via Physical Access in Intel CSME and Intel Server Platform Services
Intel QuickAssist Technology for Linux: Insufficient Access Control Vulnerability
Arbitrary Code Execution Vulnerability in Intel(R) AMT
Denial of Service Vulnerability in Intel(R) Server Platform Services HECI Subsystem
Buffer Overflow Vulnerability in Intel CSME and Intel TXE Components
RSA Archer QuickLinks Redirect Vulnerability
Privilege Escalation Vulnerability in Intel(R) Capability Licensing Service
Buffer Overflow Vulnerability in Intel Processors
Privilege Escalation Vulnerability in Intel Core Processor Firmware
Local Privilege Escalation Vulnerability in Intel Core Processor Firmware
Memory Initialization Vulnerability in Intel Server Board, Server System, and Compute Module Firmware
Certificate Validation Vulnerability in Intel Core Processor Firmware
Denial of Service Vulnerability in Intel QuickAssist Technology for Linux
Denial of Service Vulnerability in Intel(R) Processors via Improper Page Table Updates
Buffer Overflow Vulnerability in Intel(R) CSME, Intel(R) TXE, and Intel(R) Server Platform Services
Insufficient Access Control in Intel Graphics Driver for Windows*
WebSocket Request Mishandling in Cloud Foundry Gorouter
Multiple Pointer Dereferences in Intel Graphics Driver for Windows
Denial of Service Vulnerability in Intel(R) Graphics Driver for Windows*
Buffer Overflow Vulnerability in Intel(R) Graphics Driver for Windows
Memory Corruption Vulnerability in Intel(R) Graphics Driver for Windows
Memory Corruption Vulnerability in Intel(R) Graphics Driver for Windows*
Denial of Service Vulnerability in Intel(R) Graphics Driver for Windows*
Local Privilege Escalation Vulnerability in Intel(R) Graphics Driver for Windows*
Insufficient Access Control in Intel Graphics Driver for Windows*
Memory Leak Vulnerability in Intel(R) Graphics Driver for Windows*
Memory Read Vulnerability in Intel(R) Graphics Driver for Windows
Privilege Escalation Vulnerability in Intel(R) Graphics Driver for Windows
Integer Overflow Vulnerability in Intel(R) Graphics Driver for Windows*
Out of Bound Memory Read Vulnerability in Intel Graphics Driver for Windows
User Mode Driver Vulnerability in Intel(R) Graphics Driver for Windows*
Buffer Leakage Vulnerability in Intel(R) Graphics Driver for Windows*
SIP Request Disclosure Vulnerability
Denial of Service Vulnerability in Asterisk Open Source 15.x
Arbitrary Script Injection in PKP Open Journal System (OJS) 3.0.0 to 3.1.1-1 via By Author Field
Credential Leakage in Cloud Foundry Container Runtime (kubo-release) Prior to 0.14.0
Vulnerability: Logical Check Bypass in RemiCoin (RMC) Token TransferFrom Function
Race condition vulnerability in Linux kernel allows for NULL pointer dereference and system crash
Memory Corruption Vulnerability in JFS xattr.c in Linux Kernel
Reflected Cross Site Scripting (XSS) Vulnerability in Adrenalin 5.4.0 HRMS Software via flexiportal/GeneralInfo.aspx strAction Parameter
Symantec Reporter CLI 10.1 and 10.2 OS Command Injection Vulnerability
AV Bypass Vulnerability in Norton, Symantec Endpoint Protection, and Symantec Endpoint Protection Small Business Edition
AV Bypass Vulnerability in Norton, Symantec Endpoint Protection, and Symantec Endpoint Protection Small Business Edition
Privilege Escalation via Hard Coded IV in Norton Identity Safe
Reflected Cross-Site Scripting (XSS) Vulnerability in Symantec Security Analytics (SA) Web UI
Authentication Bypass Vulnerability in Symantec Messaging Gateway Prior to 10.6.6
Vulnerability in Symantec Messaging Gateway: XML External Entity (XXE) Exploit
CSV/DDE Injection Vulnerability in SEP (Mac client)
DLL Preloading Vulnerability in Symantec Endpoint Protection Prior to 14.2 MP1
Reflected Cross-Site Scripting (XSS) Vulnerability in Symantec Web Isolation (WI) 1.11
NULL Pointer Dereference in mrb_class due to Improper Handling of .clone Usage
Heap-based Buffer Over-read in mruby 1.4.1 due to OP_ENTER vulnerability
NULL Pointer Dereference in mrb_class_real due to Lack of Support for class BasicObject in mruby 1.4.1
SQL Injection Vulnerability in Elite CMS Pro 2.01's add_sidebar.php
SQL Injection Vulnerability in Harmis Ek Rishta Component for Joomla!
XSS Vulnerability in InvoicePlane 1.5.10 via Quote PDF Password(Optional) Field
Arbitrary File Upload Vulnerability in LiteCart before 2.1.3
Authenticated Custom Firmware Upgrade via DNS Hijacking
Firmware Upgrade Vulnerability on Momentum Axel 720P 5.1.8 Devices
Root Access Vulnerability on Momentum Axel 720P 5.1.8 Devices
Cleartext Root Password Vulnerability on Momentum Axel 720P 5.1.8 Devices
Root Privilege Escalation Vulnerability on Momentum Axel 720P 5.1.8 Devices
Arbitrary .php File Upload Vulnerability in portfolioCMS 1.0.5
Integer Overflow Vulnerability in Exiv2 0.26's LoaderTiff::getData() in preview.cpp
Integer Overflow Vulnerability in Exiv2 0.26's LoaderExifJpeg Class
XSS Vulnerability in HongCMS 3.0.0 via Crafted Input in 404 Error Page
Command Injection Vulnerability in acccheck.pl
Unofficial Domain Vulnerability in Pivotal Concourse Software
Homograph Attack Exploit in Valve Steam 1528829181 BETA
Authentication Bypass Vulnerability in Dropbox iOS App
XSS Vulnerability in Ximdex 4.0 via xowl/request.php
XSS Vulnerability in Ximdex 4.0 DMS Component via /edit URI
Stored XSS Vulnerability in Pivotal Spring Batch Admin: Unpatched File Upload Exploit
XSS Vulnerability in Yii2-StateMachine Extension v2.x.x
Incorrect Event Visibility Rules in Matrix Synapse Federation API
Use-After-Free Vulnerability in DOMProxyHandler::EnsureExpandoObject in Pale Moon
Heap-based Buffer Overflow in getImageData function in ImageBufferCairo
Use After Free Vulnerability in WebKitGTK+ TextureMapperLayer Object
Arbitrary SQL Command Execution in Seagate NAS OS 4.3.15.1 via dirId Parameter
Insufficient Access Control in Seagate NAS OS 4.3.15.1 Allows Unauthorized Information Retrieval via Empty POST Requests
Cross-Site Scripting (XSS) Vulnerability in Seagate NAS OS 4.3.15.1 API Error Pages
Seagate NAS OS 4.3.15.1 Filebrowser Directory Traversal Vulnerability
File Upload Cross-Site Scripting Vulnerability in Seagate NAS OS 4.3.15.1
Cross-Site Request Forgery (CSRF) Vulnerability in Pivotal Spring Batch Admin
Arbitrary Redirect Vulnerability in Seagate NAS OS 4.3.15.1 via 'state' URL Parameter
Unvalidated URL Access to Loopback Interface in Seagate NAS OS version 4.3.15.1
Session Token Theft via Cross-Site Scripting in Seagate NAS OS version 4.3.15.1
Cross-Site Scripting (XSS) Vulnerability in Seagate NAS OS 4.3.15.1 Filebrowser
Cross-Site Scripting (XSS) Vulnerability in Seagate NAS OS Application Manager
Cross-Site Scripting (XSS) via SVG Image Upload in ASUSTOR ADM 3.1.1 File Explorer
Arbitrary File Viewing Vulnerability in ASUSTOR ADM File Explorer
OS Command Injection in user.cgi in ASUSTOR ADM version 3.1.1
ASUSTOR ADM 3.1.1 Share.cgi Encryption Key Disclosure Vulnerability
Arbitrary File Upload via Directory Traversal in ASUSTOR ADM 3.1.1
Improper Access Control Vulnerability in Cloud Foundry BOSH CLI
Cross-Site Scripting (XSS) Vulnerability in ASUSTOR ADM 3.1.1 Login Page
Arbitrary JavaScript Execution via File Movement in ASUSTOR ADM File Explorer
OS Command Injection in user.cgi in ASUSTOR ADM 3.1.1 via secret_key URL Parameter
OS Command Injection in SNMP.cgi in ASUSTOR ADM 3.1.1: Unauthorized Command Execution via rocommunity Parameter
Arbitrary File Download Vulnerability in ASUSTOR ADM version 3.1.1
Password Change Vulnerability in ASUSTOR ADM Version 3.1.1
ASUSTOR ADM 3.1.1 upload.cgi OS Command Injection Vulnerability
OS Command Injection in group.cgi in ASUSTOR ADM 3.1.1: Remote Root Command Execution
ASUSTOR ADM 3.1.1 SNMP Password Information Disclosure Vulnerability
Title: Denial-of-Service Vulnerability in ASUSTOR ADM 3.1.1 Login Page via Malformed Title Text
Stack-based Buffer Overflow in RSA Authentication Agent for Web
Use After Free Vulnerability in radare2 2.6.0 via Crafted Java Binary File
Heap Out of Bounds Read Vulnerability in radare2 2.6.0 via Crafted Java Binary File
Heap Out of Bounds Read Vulnerability in radare2 2.6.0 via Crafted iNES ROM Binary File
Hard-coded Password Vulnerability in Momentum Axel 720P 5.1.8 Devices
Buffer Overflow in Redis-cli Allows Code Execution and Privilege Escalation
Stack-based Buffer Overflow in NTPq and NTPdc Allows Code Execution or Privilege Escalation
Authentication Factor Cloning Vulnerability in ECOS Secure Boot Stick (SBS) 5.6.5
Cross-Site Scripting Vulnerability in RSA Authentication Agent 8.0.1 and Earlier for Web
ECOS Secure Boot Stick (SBS) 5.6.5 Vulnerability: Compromised Firmware Enables Key Compromise
ECOS System Management Appliance (SMA) 5.2.68 Easy Enrollment Authentication Bypass Vulnerability
Incomplete Cleanup Vulnerability in ECOS Secure Boot Stick (SBS) 5.6.5: Compromising Authentication and Encryption Keys via Compromised Host PC
ECOS Secure Boot Stick (SBS) 5.6.5: Insufficient Verification of Data Authenticity Vulnerability
Virtualization Attack Exploits Authentication and Encryption Keys in ECOS Secure Boot Stick (SBS) 5.6.5
Unrestricted Database Access Vulnerability in ECOS System Management Appliance (SMA) 5.2.68
Vendor Backdoor Vulnerability in ECOS Secure Boot Stick (SBS) 5.6.5 Allows Unauthorized Access to Confidential Data
Partial Extraction of Confidential Configurations via User-Space Emulation in ECOS Secure Boot Stick (SBS) 5.6.5
ECOS SMA 5.2.68 Vulnerability: Undocumented Factory Backdoor Allows Remote Root SSH Access
XSS Vulnerability in ArticleCMS: Exploiting Add an Article Action
Insufficient ACL Permissions on Windows Named Pipe in RSA Authentication Agent for Web for IIS
Command Injection Vulnerability in Dell EMC RecoverPoint and RecoverPoint for VMs
Cross-Site Scripting (XSS) Vulnerability in Knowage (formerly SpagoBI) 6.1.1 Business Model's Catalogue
CSRF Vulnerability in Knowage (formerly SpagoBI) 6.1.1 via Every Form
Cross-Site Scripting (XSS) Vulnerability in Knowage (formerly SpagoBI) 6.1.1
Incomplete Regular Expression in Signature Verification Allows File Signature Spoofing and Arbitrary Code Execution
Arista CloudVision Portal Incorrect Permissions Vulnerability
Service Worker Redirection Vulnerability in Firefox < 61
Canvas Buffer Overflow Vulnerability
Use-after-free vulnerability in Thunderbird and Firefox allows for potentially exploitable crashes
Integer Overflow in SwizzleData Code: Potential Exploitable Crash in Thunderbird and Firefox
Integer Overflow Vulnerability in SSSE3 Scaler
Use-after-free vulnerability in DOM node mutation events
Cross-Site Request Forgery (CSRF) Vulnerability in NPAPI Plugins
File System Information Disclosure Vulnerability
Out-of-Bounds Read Vulnerability in QCMS Transformations
Precision Timing Vulnerability in Thunderbird and Firefox Versions < 61
Windows 10 Vulnerability: Execution of Unwanted Executables without Warning
Vulnerability: Unauthorized Access via Embedded Experiments in Firefox WebExtensions
Improper Restriction of Excessive Authentication Attempts in Dell EMC ScaleIO LIA
Reader View SameSite Cookie Bypass Vulnerability in Firefox < 61
Skia Library Integer Overflow Vulnerability
S/MIME Decryption Vulnerability in Thunderbird < 52.9
HTML Reply/Forward Vulnerability in Thunderbird < 52.9: Leaking Plaintext from Decrypted S/MIME Parts
Email Decryption Vulnerability in Thunderbird < 52.9: Plaintext Leakage via Embedded Form Submission
Memory Corruption Vulnerability in Firefox 61: Potential Arbitrary Code Execution
Memory Corruption Vulnerabilities in Firefox 61 and Firefox ESR 60.1
Use-after-free vulnerability in refresh driver timers during shutdown in Firefox and Thunderbird
Use-After-Free Vulnerability in IndexedDB Index Deletion
Out-of-Bounds Write Vulnerability in Mozilla Updater
Command Injection Vulnerability in Dell EMC ScaleIO Light Installation Agent (LIA)
Outlook Email Message Drag-and-Drop URL Interpretation Vulnerability
Address Bar URL Spoofing Vulnerability in Firefox for Android
Unencrypted Password Exposure in Firefox and Thunderbird Versions Prior to 62
SSLv2-compatible ClientHello Request Vulnerability
TransportSecurityInfo Crash Vulnerability
Type Confusion Exploit in JavaScript Register Allocation: Remote Code Execution in Firefox ESR < 60.2.2 and Firefox < 62.0.3
JavaScript JIT Compiler Inlining Vulnerability in Firefox ESR and Firefox
Memory Corruption Vulnerability in Firefox 62: Potential Arbitrary Code Execution
Memory Corruption Vulnerabilities in Firefox ESR 60.2 and Thunderbird 60.2
Multiple OS Command Injection Vulnerabilities in Dell EMC Unity Operating Environment (OE) Versions Prior to 4.3.0.1522077968
Memory Corruption Vulnerability in Firefox 62 and Firefox ESR 60.2
Cross-Origin Audio Access in HTTP Live Stream Playback on Firefox for Android
Nested Loop User Event Crash Vulnerability in Firefox and Thunderbird
Integer Overflow Vulnerability in 32-bit Builds of Firefox and Thunderbird
Vulnerability: Domain Fronting Bypass in Firefox ESR < 60.3 and Firefox < 63
Privilege Escalation Vulnerability in Firefox WebExtensions
Unauthenticated Local File Access Vulnerability in Firefox WebExtensions
Reflected URL Injection Vulnerability in Firefox < 63
Protocol Handler Title Spoofing Vulnerability in Firefox < 63
Vulnerability: Information Exposure in Dell EMC ViPR Controller's VRRP Configuration
Information Leakage of Private Browsing History in Firefox for Android (Versions < 63)
Denial of Service (DOS) Vulnerability in Firefox < 63
Insecure Origin Context in WebBrowserPersist: NTLM Hash and SameSite Cookie Leakage
Mixed Content Vulnerability in Firefox < 63: Insecure Favicon Loading
RSA Handshake Vulnerability in NSS Versions Prior to 3.41
Memory Corruption Vulnerability in Firefox 63 and Firefox ESR 60.3
Memory Corruption Vulnerability in Firefox 63
Buffer Overflow Vulnerability in ANGLE Graphics Library in Firefox < 64
XML eXternal Entity (XXE) Vulnerability in TIBCO ActiveMatrix BusinessWorks
Reflected Cross-Site Scripting (XSS) Vulnerability in TIBCO Silver Fabric SOAP Admin API
LDAP Password Leakage in Dell EMC RecoverPoint
Remote Code Execution Vulnerability in TIBCO Spotfire Statistics Services
Cross-Site Request Forgery (CSRF) Vulnerability in TIBCO ActiveSpaces
Cross-Site Request Forgery (CSRF) Vulnerability in TIBCO FTL Server
Cross-Site Request Forgery (CSRF) Vulnerability in TIBCO Messaging - Apache Kafka Distribution - Schema Repository
Cross-Site Request Forgery (CSRF) Vulnerabilities in TIBCO Rendezvous Components
Cross-Site Request Forgery (CSRF) Vulnerability in TIBCO Enterprise Message Service
Cross-Site Request Forgery (CSRF) Vulnerability in TIBCO DataSynapse GridServer Manager
Denial of Service Vulnerability in Junrar's Archive.java
Command Injection Vulnerability in Dell EMC RecoverPoint and RecoverPoint for VMs
Insecure Usage of Hashed Password in IceHrm before 23.0.1.OS
LDAP Tool Box Self Service Password before 1.3 - Unauthenticated Password Change Vulnerability
Buffer Overflow in Evolution-Data-Server Allows Attackers to Trigger Overflow via Long Query
Unauthorised Room Hijacking Vulnerability in Synapse before 0.31.2
Unauthenticated Remote Code Execution in WP Live Chat Support Pro Plugin
XSS Vulnerability in JEESNS 1.2.1 Allows Ordinary Users to Capture Administrator Cookies
Weak CGI Session ID Vulnerability in Dell EMC iDRAC
XSS Vulnerability in SeaCMS V6.61 via Site Name Parameter on Admin Config Page
XSS Vulnerability in JavaMelody through 1.60.0 via clear_counter Action
Memory-Cache Side-Channel Vulnerability in cryptlib: Return Of the Hidden Number Problem (ROHNP)
ROHNP: Memory-Cache Side-Channel Attack on DSA and ECDSA Signatures in LibreSSL
Memory-cache side-channel attack on ECDSA signatures in Botan 2.5.0 through 2.6.0 before 2.7.0
Memory-Cache Side-Channel Vulnerability in wolfSSL's ECDSA Signatures (ROHNP)
ROHNP: Memory-Cache Side-Channel Attack on ECDSA Signatures
ROHNP: Exploiting Memory-Cache Side-Channel Vulnerability in Elliptic Curve Cryptography Library
ROHNP: Memory-Cache Side-Channel Attack on MatrixSSL ECDSA Signatures
Command Injection Vulnerability in Dell EMC iDRAC SNMP Agent
ROHNP: Memory-Cache Side-Channel Attack on DSA Signatures in BoringSSL
Insecure Default Permissions in CorsairService Service Allows Arbitrary Command Execution
Authentication Bypass Vulnerability in Dropbox Android App
Authentication Bypass Vulnerability in Dropbox Android App
Integer Overflow in restore_tqb_pixels function leads to Heap-based Buffer Overflow and Remote Code Execution
Whale Browser before 1.3.48.4 Vulnerability: Address Bar Spoofing
Whale Browser Installer DLL Hijacking Vulnerability
Authorization Bypass Vulnerability in RSA Identity Lifecycle and Governance Workflow Architect Component
Type Confusion Vulnerability in Redis Server Allows Remote Denial-of-Service
Exploitable Random Number Generation in SimpleLottery Smart Contract Allows Guaranteed Wins
Critical Authentication Bypass Vulnerability in Intelbras NPLUG 1.0.0.14 Wireless Repeater Devices
CSRF Vulnerability in Intelbras NPLUG 1.0.0.14 Wireless Repeater Devices
expressCart before 1.1.6 Vulnerability: Unauthorized Admin User Creation via /admin/setup Referer Header
Denial of Service Vulnerability in FFmpeg's mpeg4_encode_gop_header Function
Inconsistent Bits-per-Sample Value in FFmpeg 4.0 AVI to MPEG4 Conversion Vulnerability
Reflected Cross-Site Scripting Vulnerability in Dell EMC Unity and UnityVSA
NULL pointer dereference vulnerability in libavcodec in FFmpeg 4.0 during AVI to MPEG4 conversion
Certificate Revocation Vulnerability in NetIQ eDirectory Prior to 9.1.1
NetIQ iManager 3.1.1 XSS Vulnerability Patch
Fortify Software Security Center (SSC) XXE Vulnerability
SQL Injection Vulnerability in Micro Focus Secure Messaging Gateway
OS Command Injection Vulnerability in Micro Focus Secure Messaging Gateway (SMG) Web Administration
Authenticated User Package Deletion Vulnerability in openSUSE openbuildservice
OpenBuildService Unauthorized Package Deletion Vulnerability
Arbitrary File Upload Vulnerability in Micro Focus GroupWise Administration Console
Null Pointer Dereference Vulnerability in Micro Focus Enterprise Developer and Enterprise Server
XML External Entity (XXE) Vulnerability in RSA Authentication Manager Security Console
SQL Injection Vulnerability in SUSE Linux SMT RegistrationSharing Module
XXE Vulnerability in SUSE Linux SMT Allows Remote Data Reading and DoS
Improper Authentication Vulnerability in SUSE Linux SMT Allows Remote Server Spoofing
Path Traversal Vulnerability in obs-service-tar_scm of Open Build Service
Improper Input Validation in obs-service-tar_scm of Open Build Service: Remote Code Execution and Information Disclosure
External Network Access and Data Exposure Vulnerability in openSUSE Open Build Service
Relative Path Traversal vulnerability in obs-service-tar_scm of SUSE Linux Enterprise Server 15; openSUSE Factory
Directory Deletion Vulnerability in Open Build Service
Remote File Extraction Vulnerability in Open Build Service
Improper Input Validation in Open Build Service Allows Remote DoS
RSA Authentication Manager Security Console Host Header Injection Vulnerability
Critical XSS Vulnerability Patched in NetIQ Access Manager 4.4 SP3
Clipboard Data Leakage Vulnerability in Olive Tree Ftp Server Application 1.32 for Android
Authentication-Required SQL Injection Vulnerabilities in OCS Inventory 2.4.1 Search Engine
Remote Command Execution Vulnerability in OCS Inventory 2.4.1
Unencrypted Connection Vulnerability in Dell EMC iDRAC9
Arbitrary File Upload Vulnerability in PHPOK 4.9.032
Arbitrary File Deletion Vulnerability in PHPOK 4.9.032
Directory Traversal and Arbitrary File Read Vulnerability in PublicCMS V4.0.20180210
Directory Traversal and Arbitrary File Read Vulnerability in PublicCMS V4.0.20180210
Remote Denial of Service Vulnerability in DISCOUNT 2.2.3a's Markdown Library
SQL Injection Vulnerability in iCMS v7.0.8 via spider.admincp.php
Insecure Certificate Validation in Motorola MBP853 Camera Firmware
Authorization Bypass Vulnerability in Dell EMC Unity and UnityVSA
Cross-Site Scripting (XSS) Vulnerability in Nagios Fusion before 4.1.4
Heap-Based Buffer Over-Read Vulnerability in tinyexr 0.9.5
Assertion Failure in ComputeChannelLayout in tinyexr.h
URL Redirection Vulnerability in Dell EMC Unity and UnityVSA
Integer Overflow Vulnerability in mintToken Function of Substratum (SUB) Smart Contract
Remote File Upload Vulnerability in ShopNx
SQL Injection Vulnerability in RSA Web Threat Detection Administration and Forensics Applications
Deterministic Session ID Generation Vulnerability in ntopng
Directory Listing Vulnerability in MaDDash 2.0.2
Directory Listing Vulnerability in MaDDash 2.0.2
Directory Listing Vulnerability in MaDDash 2.0.2
Directory Listing Vulnerability in MaDDash 2.0.2
Default Factory Account Vulnerability in Telesquare SDT-CS3B1 and SDT-CW3B1 Devices
Unrestricted File Upload Vulnerability in Intex N150 Devices
CSRF Injection Vulnerabilities in Intex N150 Router Firmware
Stored Cross-Site Scripting Vulnerability in RSA Authentication Manager Operation Console
Arbitrary File Deletion via Directory Traversal in MetInfo 6.0.0
Arbitrary PHP Code Injection in MetInfo 6.0.0
Arbitrary Code Execution Vulnerability in JBoss RichFaces 4.5.3 through 4.5.17 (RF-14309)
Remote Code Execution Vulnerability in JBoss RichFaces 3.1.0 - 3.3.4 (RF-14310)
Critical SQL Injection Vulnerability in Quick Chat Plugin for WordPress
Path Disclosure Vulnerability in Eclipse Jetty Server
HTTP Header Injection Vulnerability in Eclipse Vert.x 3.0 to 3.5.1
Session Hijacking and Data Manipulation Vulnerability in Eclipse Jetty 9.4.0 - 9.4.8
Vulnerability: Unauthorized Access and Execution of Untrusted Code via Java Attach API in Eclipse OpenJ9 0.8
Reflected Cross-Site Scripting Vulnerability in RSA Authentication Manager Security Console
CSRF Vulnerability in Eclipse Vert.x 3.0.0 - 3.5.2
WebSocket HTTP Upgrade Vulnerability in Eclipse Vert.x 3.0.0 - 3.5.3
Path Traversal Vulnerability in Eclipse Vert.x StaticHandler
Vulnerability: Assertion Triggered by Invalid Topic in Eclipse Mosquitto
XML Parser Vulnerability in Eclipse Vert.x OpenAPI XML Type Validator
Denial of Service Vulnerability in Eclipse Jetty Server
Retained Message Access Revocation Vulnerability in Eclipse Mosquitto
Buffer Overflow Vulnerability in jio_snprintf() and jio_vsnprintf() Methods in Eclipse OpenJ9
Dereferencing Pointers in Native Code: Vulnerability in OpenJDK + Eclipse OpenJ9 Version 0.11.0 Builds
Null Check Omission Vulnerability in Eclipse OpenJ9 JIT Compiler
Reflected Cross-Site Scripting Vulnerability in RSA Identity Lifecycle and Governance
Default Allow Policy in Eclipse Mosquitto ACL Configuration
Authentication Bypass Vulnerability in Eclipse Mosquitto 1.0 to 1.5.5
Insecure Signature Verification in Yarnpkg/Website Install Script
Sensitive Information Leakage in Zuul 3.x before 3.1.0
Algorithmic Complexity Denial of Service Vulnerability in Email::Address Module
Insufficient Mount Target Path Check in Cantata-Mounter D-Bus Service
Vulnerability: Authentication Bypass in Spring Cloud SSO Connector 2.1.2
Arbitrary Unmount Vulnerability in Cantata-Mounter
Cantata-Mounter D-Bus Service Allows Injection of Additional Mount Options
Cantata-Mounter D-Bus Service Shell Command Injection Vulnerability
Linaro LAVA File Download Vulnerability
Linaro LAVA Server Arbitrary File Disclosure Vulnerability
Remote Code Execution Vulnerability in Linaro LAVA
Denial of Service Vulnerability in Spring Framework's STOMP over WebSocket Endpoint
Arbitrary DNS Query and Traffic Amplification Vulnerability in Microsoft Forefront Unified Access Gateway 2010
Sensitive User Credential Storage in Avast Free Antivirus Prior to 19.1.2360
Title: CSRF Vulnerability in TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n Devices
Authentication Bypass Vulnerability in TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 171019 Rel.55346n
Clickjacking Vulnerability in TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n Devices
Authenticated Blind Command Injection in TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n Devices
Heap-Based Buffer Overflow in bmp_compress1_row in sam2p 0.49.4
Password Reset Vulnerability in OXID eShop
Authorization Bypass Vulnerability in Spring Framework 5.0.5 with Spring Security
Self-XSS vulnerability in DragonByte vBSecurity 3.x through 3.3.0 for vBulletin 3 and vBulletin 4
Cross-Site Scripting (XSS) Vulnerability in phpMyAdmin's Designer Feature
CSRF Vulnerability Allows Unauthorized Creation of Admin Account in AKCMS 6.1
CSRF Vulnerability Allows Deletion of Articles in AKCMS 6.1
Buffer Overflow Vulnerability in reSIProcate's ConnectionBase::preparseNewBytes Function
OPC UA Java and .NET Legacy Stack XXE Vulnerability: Remote Denial of Service
Cross-Site Scripting (XSS) Vulnerability in valeuraddons German Spelling Dictionary v1.3
Arbitrary Script Injection in PKP Open Monograph Press (OMP) Search Field
Arbitrary Code Execution Vulnerability in Polaris Office 2017 8.1
Arbitrary File Access Vulnerability in Spring Data Commons with XMLBeam
Ubiquiti Networks EdgeSwitch Admin CLI Format-String Vulnerability
Privilege Escalation and Arbitrary Code Execution in Ubiquiti Networks EdgeSwitch
Unintended Video Exposure Vulnerability in Polycom RealPresence Web Suite
Information Disclosure Vulnerability in Reliable Controls MACH-ProWebCom 7.80 Devices
Remote Code Execution via activateuser.aspx in Episerver Ektron CMS
Out of Bounds Write Vulnerability in ImageMagick 7.0.8-3 Q16's BMP Image Handling
Remote Code Execution Vulnerability in Spring Security OAuth
Out of Bounds Write Vulnerability in ImageMagick 7.0.8-3 Q16's ReadDIBImage and WriteDIBImage
Heap-Based Buffer Overflow in ReadImage Function of sam2p 0.49.4
CSRF Vulnerability in LFCMS 3.7.0 Allows Arbitrary User Addition
CSRF Vulnerability in LFCMS 3.7.0 Allows Unauthorized User Addition
Information Disclosure in GreenCMS 2.3.0603 via Direct Request for Data/Log/year_month_day.log
Arbitrary Protocol XSS Vulnerability in GitLab Community Edition and Enterprise Edition
Persistent XSS Vulnerability in GitLab Wiki Markdown Feature
Persistent XSS Vulnerability in GitLab Charts Feature
Insecure Client Authentication in Docker Moby
Server-Side Request Forgery Vulnerability in OX App Suite 7.8.4 and earlier
Arbitrary File Write Vulnerability in Spring-integration-zip
Information Exposure in OX App Suite 7.8.4 and earlier
Directory Traversal Vulnerability in OX App Suite 7.8.4 and Earlier
Arbitrary File Inclusion Vulnerability in phpMyAdmin 4.8.x before 4.8.2
Uninitialized Memory Vulnerability in Phusion Passenger's switchGroup() Function
Integer Overflow in QEMU Guest Agent Allows for Remote Code Execution
Privilege Escalation via Offline Token Validation in Cloud Foundry UAA
Open Redirect Vulnerability in Eventum 3.5.0 via switch.php
XSS Vulnerability in Eventum 3.5.0 via field_name Parameter in update.php
Cross-Site Scripting (XSS) Vulnerability in Eventum 3.5.0 via switch.php
XSS Vulnerability in Eventum 3.5.0 via garlic_prefix Parameter
XSS Vulnerability in Eventum 3.5.0 validate.php
XSS Vulnerability in Eventum 3.5.0 via cat Parameter in popup.php
XSS Vulnerability in Eventum 3.5.0 via list.php
CSRF Vulnerability in Eventum 3.5.0 Allows Unauthorized Creation of Admin User
Arbitrary File Write Vulnerability in Pivotal spring-integration-zip (CVE-2018-1261)
SQL Injection Vulnerability in NEWMARK NMCMS 2.1 via sect_id Parameter
Arbitrary File Read Vulnerability in Redatam7
Path Disclosure Vulnerability in Redatam7 WebServer
Race condition vulnerability in vbg_misc_device_ioctl() in Linux kernel through 4.17.2 allows for local denial of service and information leakage
Information Disclosure Vulnerability in CirCarLife Scada
Unauthorized Upgrades Vulnerability in CirCarLife Scada v4.2.4
SQL Injection Vulnerability in iThemes Security Plugin for WordPress
Unvalidated Device Name Allows JavaScript Execution in Bose Soundtouch App
Log Cache Vulnerability: Unauthorized Access to UAA Client Secret
Buffer Overflow Vulnerability in Insteon HD IP Camera White 2864-222 WebService Binary
Stack Exhaustion in C++ Demangling Functions in GNU libiberty
Incorrect Access Control in Froxlor 0.9.39.5: Unauthorized Access to Tickets
NULL Pointer Dereference in WEBP::GetLE32 Function
Bypassing Brute-Force Protection in MISP 2.4.92 via PUT Method
File Path Sanitization Vulnerability in Cloud Foundry Diego
Reflected Cross Site Scripting (XSS) vulnerability in Adrenalin HRMS version 5.4.0
Reflected XSS Vulnerability in Adrenalin 5.4 HRMS Software via ShiftEmployeeSearch.aspx
Reflected Cross Site Scripting (XSS) Vulnerability in Adrenalin 5.4 HRMS Software via LeaveEmployeeSearch.aspx
Reflected Cross Site Scripting (XSS) Vulnerability in Adrenalin HRMS 5.4.0 via 'ReportId' Parameter in /RPT/SSRSDynamicEditReports.aspx
Reflected Cross-Site Scripting (XSS) in SLiMS 8 Akasia 8.3.1 Bibliography Module via admin/modules/bibliography/index.php?keywords= URI
Reflected Cross-Site Scripting (XSS) in SLiMS 8 Akasia 8.3.1 Circulation Module via loan_rules.php URI
Reflected Cross-Site Scripting (XSS) in SLiMS 8 Akasia 8.3.1 Membership Module via admin/modules/membership/index.php?keywords= URI
Reflected Cross-Site Scripting (XSS) in SLiMS 8 Akasia 8.3.1 Master File Module
Reflected Cross-Site Scripting (XSS) in SLiMS 8 Akasia 8.3.1 Stock Take Module
CSRF Protection Bypass in SLiMS 8 Akasia 8.3.1
Information Disclosure and Path Traversal Vulnerabilities in Cloud Foundry Cloud Controller
Authentication Bypass Vulnerability in SV3C L-SERIES HD Camera V2.3.4.2103-S50-NTD-B20170508B
Improper Authentication Vulnerability in SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B) Allows Unauthorized Access and Configuration Modification
Hard-coded Password Vulnerability in SV3C L-SERIES HD Camera Devices
Arbitrary Account Reset Vulnerability in SV3C L-SERIES HD Camera
Improper Access Control in Cloud Foundry Silk CNI Plugin
OS Command Injection in SV3C L-SERIES HD Camera V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B
SV3C HD Camera Web Interface Information Disclosure Vulnerability
Cross-Site Scripting (XSS) Vulnerability in SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B)
SV3C HD Camera Web Interface Information Disclosure Vulnerability
Session Cookie Vulnerability in SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B)
URL Redirection Vulnerability in SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B)
Unauthenticated WebSocket SSRF Vulnerability in Portainer
Denial of Service Vulnerability in CoAPthon3 1.0 and 1.0.1
App GUID Structure Validation Bypass in Cloud Foundry Loggregator
Denial of Service Vulnerability in CoAPthon 3.1 and 4.x
Out-of-bounds Read Vulnerability in CivetWeb's send_ssi_file Function
Assertion Failure in DecodePixelData in tinyexr.h
Segmentation Fault in tinyexr 0.9.5's wav2Decode Function
LDAP Injection in phpLDAPadmin 1.2.2 via server_id parameter and login panel
Denial of Service Vulnerability in Cloud Foundry Loggregator
TOCTOU Race Condition in ONOS ACL Allows Network Access Bypass via Packet Injection
Arbitrary Command Execution Vulnerability in TP-Link TL-WA850RE Wi-Fi Range Extender (Hardware Version 5)
Stack-based Buffer Overflow in TP-Link TL-WA850RE Wi-Fi Range Extender Hardware v5
Denial of Service Vulnerability in TP-Link TL-WA850RE Wi-Fi Range Extender (Hardware Version 5)
Cross-Site Scripting (XSS) Vulnerability in mao10cms 6 via m=bbs&a=index Page
Cross-Site Scripting (XSS) Vulnerability in mao10cms 6 on Article Page
NULL Pointer Dereference Vulnerability in GNU Binutils 2.30
Excessive Memory Consumption Vulnerability in GNU Binutils 2.30
Heap-based Buffer Overflow in finish_stab() Function in GNU Binutils 2.30
Remote Code Execution Vulnerability in Spring Framework
EvilReflex: Exploiting the approveAndCallcode Vulnerability in Globalvillage Ecosystem (GVE) Smart Contract
EvilReflex: Exploiting the approveAndCallcode Vulnerability in Block 18 (18T) ERC20 Token
XSS Vulnerability in DIGISOL DG-BR4000NG Devices via SSID Validation
Buffer Overflow Vulnerability in DIGISOL DG-BR4000NG Devices via Long Authorization HTTP Header
Directory Traversal Vulnerability in Spring Framework
Vulnerability: Privilege Escalation via Admin Password Disclosure in D-Link DIR-601 2.02NA
Reflective XSS Vulnerability in Joomla! Language Switcher Module
Local File Inclusion Vulnerability in Joomla! 2.5.0 through 3.8.8
File Overwrite and Information Disclosure Vulnerability in GIMP 2.10.2
Linux Kernel Trace Events Filter Parsing Vulnerability
XSS Vulnerability in DIGISOL DG-HR3400 Devices via Modified SSID
Google Home and Chromecast Devices Vulnerable to DNS Rebinding Attack for Location Tracking
Multipart Request Injection Vulnerability in Spring Framework
Remote Code Execution Vulnerability in Spring Data Commons
Information Disclosure Vulnerability in SAJ Solar Inverter
CSRF Vulnerability in BEESCMS 4.0 Allows Arbitrary Addition of Administrators
Unlimited Resource Allocation Vulnerability in Spring Data Commons
Remote Code Execution Vulnerability in Spring Framework
Out-of-bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Write Vulnerability in Adobe Acrobat and Reader
Use-after-free vulnerability in Adobe Acrobat and Reader versions 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Information Exposure Vulnerability in Windows 2012R2 Stemcells on vSphere
Out-of-bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Cloud Foundry Garden-runC Docker Image Layer Quota Bypass Vulnerability
Use-after-free vulnerability in Adobe Acrobat and Reader versions 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier
Out-of-bounds Write Vulnerability in Adobe Acrobat and Reader
Use-after-free vulnerability in Adobe Acrobat and Reader versions 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier
Use-after-free vulnerability in Adobe Acrobat and Reader versions 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Use-after-free vulnerability in Adobe Acrobat and Reader versions 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Authorization Enforcement Vulnerability in Apps Manager: Unauthorized Access to Org Information
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Double Free Vulnerability in Adobe Acrobat and Reader
Use-after-free vulnerability in Adobe Acrobat and Reader versions 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier
Buffer Errors Vulnerability in Adobe Acrobat and Reader
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Write Vulnerability in Adobe Acrobat and Reader
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Cookie-based Remote Code Execution in Pivotal RabbitMQ for PCF
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Use-after-free vulnerability in Adobe Acrobat and Reader versions 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier
Use-after-free vulnerability in Adobe Acrobat and Reader versions 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier
Type Confusion Vulnerability in Adobe Acrobat and Reader
Type Confusion Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Use-after-free vulnerability in Adobe Acrobat and Reader versions 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier
Use-after-free vulnerability in Adobe Acrobat and Reader versions 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Untrusted Pointer Dereference Vulnerability in Adobe Acrobat and Reader
Blind SQL Injection Vulnerability in Pivotal Greenplum Command Center
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Adobe Acrobat and Reader Privilege Escalation Vulnerability
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Authentication Bypass Vulnerability in Adobe Connect Versions 9.7.5 and Earlier: Risk of Session Hijacking
Insecure Library Loading Vulnerability in Adobe Connect Versions 9.7.5 and Earlier: Privilege Escalation Risk
Reflected Cross-Site Scripting Vulnerability in Adobe Experience Manager Versions 6.0-6.4
Input Validation Bypass Vulnerability in Adobe Experience Manager Versions 6.0-6.4
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Server-Side Request Forgery Vulnerability in Adobe Experience Manager 6.4 and Earlier: Risk of Sensitive Information Disclosure
Apache MXNet Vulnerability: Unintended Exposure of Clustered Setup
Memory Corruption Vulnerability in Adobe Photoshop CC 2018 and CC 2017
Memory Corruption Vulnerability in Adobe Photoshop CC 2018 and CC 2017
Type Confusion Vulnerability in Adobe Acrobat and Reader
Heap Overflow Vulnerability in Adobe Digital Editions 4.5.8 and Below: Arbitrary Code Execution
Heap Overflow Vulnerability in Adobe Digital Editions 4.5.8 and Below: Arbitrary Code Execution
Use-after-free vulnerability in Adobe Acrobat and Reader versions 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier
Out of Bounds Read Vulnerability in Adobe Digital Editions 4.5.8 and Below
Out of Bounds Read Vulnerability in Adobe Digital Editions 4.5.9 and Below
Out of Bounds Read Vulnerability in Adobe Digital Editions 4.5.8 and Below
Out of Bounds Read Vulnerability in Adobe Digital Editions 4.5.8 and Below
Bypassing Argument Escaping/Cleanup in Apache Hive JDBC Driver
Out of Bounds Read Vulnerability in Adobe Digital Editions 4.5.8 and Below
Out of Bounds Read Vulnerability in Adobe Digital Editions 4.5.8 and Below
Use After Free Vulnerability in Adobe Digital Editions 4.5.8 and Below: Arbitrary Code Execution
Heap Overflow Vulnerability in Adobe Digital Editions 4.5.8 and Below: Arbitrary Code Execution
Out-of-Bounds Read Vulnerability in Adobe Flash Player 30.0.0.134 and Earlier
Security Bypass Vulnerability in Adobe Flash Player 30.0.0.134 and Earlier
Out-of-Bounds Read Vulnerability in Adobe Flash Player 30.0.0.134 and Earlier
Out-of-Bounds Read Vulnerability in Adobe Flash Player 30.0.0.134 and Earlier
Adobe Flash Player Privilege Escalation Vulnerability
Improper Certificate Validation Vulnerability in Adobe Creative Cloud Desktop Application
Apache httpd mod_session Remote Content Influence Vulnerability
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Type Confusion Vulnerability in Adobe Acrobat and Reader
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Stack Overflow Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
File Exposure Vulnerability in Apache Hive Server 2
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Double Free Vulnerability in Adobe Acrobat and Reader
Integer Overflow Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
XML External Entity (XXE) Vulnerability in Apache log4net
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Buffer Errors Vulnerability in Adobe Acrobat and Reader
Buffer Errors Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Type Confusion Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Unprotected CRUD Operations in Apache OpenMeetings: Denial of Service for Privileged Users
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
RMI Registry Wildcard Binding Vulnerability in Apache JMeter
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Type Confusion Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Kafka Data Loss Vulnerability via Manually Created Fetch Request
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Integer Overflow Vulnerability in Adobe Acrobat and Reader
Use-after-free vulnerability in exif_read_from_impl in PHP 7.2.x through 7.2.7
Account Creation Vulnerability in Octopus Deploy 3.0 onwards (before 2018.6.7)
Exploitable Vulnerability: Insecure Random Number Generation in MyCryptoChamp Smart Contract
Stack Protector Canary Spill Vulnerability in GCC 4.1-8 (ARM Targets)
Heap-based Buffer Overflow in CCN-lite 2.0.1: Memory Management Issue in mkAddToRelayCacheRequest
SQL Injection Vulnerability in Apache Fineract REST API
Unbounded Iteration DoS Vulnerability in Xen
Vulnerability: Read-Write Access to Supposedly Read-Only SCSI Disks in Xen
Xen Denial of Service Vulnerability in XSA-260 Fix
Arbitrary Code Execution and Privilege Escalation via Directory Traversal in WordPress 4.9.6
Integer Overflow in POSIX Timer Code in Linux Kernel
Buffer Overflow Vulnerability in SolarWinds DameWare Mini Remote Control (pre-12.1)
SQL Injection Vulnerability in Apache Fineract
Heap-based buffer overflow in cpSeparateBufToContigBuf function in LibTIFF
Mitel ST 14.2 Conferencing Component Reflected XSS Vulnerability
XSS Vulnerability in Easy Magazine's Search Bar
Persistent XSS Vulnerabilities in CyberArk Endpoint Privilege Manager
L1 KVM Guest Privilege Escalation and Denial of Service Vulnerability
XSS Vulnerability in joyplus-cms 1.6.0: admin_player.php
RESTLESS: Unvalidated URL Transmission in Rclone 1.42 Allows Data Leakage
Remote Code Execution Vulnerability in Brynamics Online Trade - Online trading and cryptocurrency investment system
Local File Disclosure Vulnerability in Webgrind 1.5
SQL Injection Vulnerability in Apache Fineract REST API
Unspecified Impact Vulnerability in libsoup 2.63.2
Off-by-one Error and Out-of-bounds Write Vulnerability in WebKitGTK+ 2.20.3
SQL Injection Vulnerability in HongCMS 3.0.0 via admin\controllers\database.php
Infinite Loop Vulnerability in Miniz 2.0.7's tinfl_decompress Function
Remote Code Execution Vulnerability in PublicCMS V4.0.20180210 via ZIP Archive Upload
Buffer Over-read Vulnerability in calc_hash in libpbc.a
Segmentation Fault Vulnerability in libpbc.a's _pbcP_message_default in proto.c
Heap-Based Buffer Over-Read Vulnerability in libpbc.a
Segmentation Fault Vulnerability in libpbc.a's _pbcB_register_fields in bootstrap.c
Cross-Site Scripting (XSS) Vulnerability in CraftedWeb through 2013-09-24
SQL Injection Vulnerability in Apache Fineract getReportType Method
Information Disclosure Vulnerability in Brickstream 2300 Devices
Information Disclosure Vulnerability in Electro Industries GaugeTech Nexus Devices
Remote Access Control Reconfiguration Vulnerability in Emerson Liebert IntelliSlot Web Card Devices
Remote Information Disclosure Vulnerability in BWS Systems HA-Bridge Devices
Default Password Vulnerability in Sollae Serial-Ethernet-Module and Remote-I/O-Device-Server Devices
Unsecured TELNET Access on Lantronix MSS Devices
Pharos Controls Devices Vulnerability: Unauthorized Access to Sensitive Information
Information Disclosure Vulnerability in Northern Electric & Power (NEP) Inverter Devices
NULL Pointer Dereference Vulnerability in hfs.ko during Mount of Crafted hfs Filesystem
Use-after-free vulnerability in ntfs_read_locked_inode in Linux kernel 4.15.0
Stack-based Out-of-Bounds Write Vulnerability in Linux Kernel 4.15.0's ntfs.ko Filesystem Driver
Stack-based Out-of-Bounds Write Vulnerability in Linux Kernel 4.15.0's ntfs_attr_find Function
Heap-based Buffer Overflow in PlayEnhMetaFileRecord in Wine 3.7
Out-of-Bounds Write Vulnerability in PlayEnhMetaFileRecord in Wine 3.7
Excessive Memory Consumption Vulnerability in GNU Binutils 2.30
Arbitrary File Write Vulnerability in SeedDMS (formerly LetoDMS and MyDMS) before 5.1.8
Apache Commons Email Bounce Address Manipulation Vulnerability
Arbitrary Code Execution via Unrestricted File Upload in SeedDMS
Arbitrary Code Execution via Cache Directory Manipulation in SeedDMS
SQL Injection Vulnerability in SeedDMS Users Management Functionality
Arbitrary Web Script Injection via action URL Parameter in SeedDMS (formerly LetoDMS and MyDMS) before 5.1.8
Persistent Cross-Site Scripting (XSS) Vulnerability in SeedDMS Categories Feature
Arbitrary Code Execution Vulnerability in Apache Ignite's Serialization Mechanism
Vulnerability: Exploitable approveAndCall Function in Aditus (ADI) Smart Contract
Inadequate Verification of Extended Attribute Access in Apache Hadoop HDFS
Unsecured RMI Connection Vulnerability in Apache JMeter 2.x and 3.x
CSRF Vulnerability in EasyCMS 1.3 Allows Unauthorized User Deletion
Command Execution Vulnerability in OpenTSDB 2.3.0
Cross-Site Scripting (XSS) Vulnerability in OpenTSDB 2.3.0
Vulnerability: Predictable Random Number Generation in CryptoSaga Smart Contract
Remote Code Execution via Directory Traversal in Go Doc Dot Org (gddo)
SQL Injection Vulnerability in SoftExpert (SE) Excellence Suite 2.0: Remote Authenticated SQL Heuristics via cddocument Parameter
Unrestricted File Upload Vulnerability in WAGO e!DISPLAY Devices
Denial of Service Vulnerability in Apache Qpid Broker-J 7.0.0: Unauthenticated Crash via PLAIN and XOAUTH2 SASL Mechanisms
Arbitrary File Upload Vulnerability in WAGO e!DISPLAY Devices
Code Injection Vulnerability in WAGO e!DISPLAY Devices
Denial-of-Service Vulnerability in PoDoFo 0.9.6-rc1
Stack-based Buffer Over-read Vulnerability in PoDoFo PDF Library
Authentication Bypass Vulnerability in Hycus CMS 1.0.4 via '=' 'OR' Credentials
Arbitrary File Download Vulnerability in GreenCMS 2.3.0603 via index.php?m=admin&c=media&a=downfile URI
Privilege Escalation Vulnerability in Pearson VUE Certiport Console 8 and IQSystem 7
Arbitrary File Retrieval Vulnerability in Apache Allura
Information Disclosure Vulnerability in phpwcms 1.8.9 via Invalid CSRF Token Value Field
Stored XSS Vulnerability in CMS MaeloStore V.1.5.0 Admin Interface Telephone Field
Brute-Force Vulnerability in OneFileCMS through 2012-04-14
Arbitrary PHP Code Execution Vulnerability in OneFileCMS
Arbitrary PHP Code Execution Vulnerability in OneFileCMS
Reflected XSS Vulnerability in Zoho ManageEngine Applications Manager
Unauthenticated File Read Vulnerability in Zoho ManageEngine Products
Reflected XSS Vulnerability in Zoho ManageEngine Products
Arbitrary File Deletion Vulnerability in Zoho ManageEngine Desktop Central 10.0.255
Persistent XSS Vulnerability in Advanced Electron Forum (AEF) v1.0.9 Private Message Module
XSS Vulnerability in Sandoba CP:Shop v2016.1
Persistent XSS Vulnerability in Inhaltsprojekte Module of Weblication CMS Core & Grid v12.6.24
Cross-Site Scripting (XSS) Vulnerability in OpenTSDB 2.3.0
Heap-based Buffer Over-read in MP4Box
Heap-Based Buffer Over-Read in MP4Box's hdlr_dump Function
Heap-based Buffer Over-read in GPMF_parser.c
Heap-based Buffer Over-read in GPMF_parser.c: GPMF_Next Function Vulnerability
Heap-based Buffer Over-read in GPMF_parser.c
Out-of-Bound Access Vulnerability in Apache HTTP Server (CVE-XXXX)
CSRF Vulnerability in WSTMall v1.9.1_170316 Allows Unauthorized User Account Addition
Heap-based Buffer Over-read in GPMF_parser.c: GPMF_Validate Function Vulnerability
Improper Integrity Check in SAFE'N'SEC SoftControl/SafenSoft SysWatch, TPSecure, and Enterprise Suite Allows Remote Code Execution
Bypassing Code-Signing Protection in SAFE'N'SEC SoftControl/SafenSoft SysWatch
Recoverable Password Storage Vulnerability in SAFE'N'SEC SoftControl/SafenSoft SysWatch
Apache HTTP Server NULL Pointer Dereference Vulnerability
Arbitrary Script File Upload Vulnerability in HongCMS 3.0.0
XSS Vulnerability in Xiaomi Mi Router 3 API 404 Page
Command Injection Vulnerability in Xiaomi Mi Router 3 (v2.22.15) WiFi Access
Remote Code Execution in Metinfo v6.0.0 via admin/column/save.php
Arbitrary File Deletion Vulnerability in YXcms 1.4.7
Heap-Based Buffer Over-Read in GPMF_parser.c
Apache HTTP Server Denial of Service Vulnerability in mod_cache_socache
Remote Denial of Service Vulnerability in jpeg-compressor 0.1
CSRF Vulnerability in DamiCMS v6.0.0 and 6.1.0 Allows Unauthorized Administrator Account Addition
CSRF Vulnerability in ECESSA ShieldLink SL175EHQ 10.7.4 Devices Allows Unauthorized Superuser Account Addition
Denial of Service Vulnerability in GNU Binutils 2.30
Arbitrary File Fetching via Directory Traversal in Jester Web Framework 0.2.0
Heap-based Buffer Overflow in bmp_load function of jpeg-compressor 0.1
Unrestricted File Upload Vulnerability in OpenSID 18.06-pasca via Attachment Document in Article Feature
Reflected Cross Site Scripting (XSS) Vulnerability in OpenSID 18.06-pasca via cari parameter
Security Bypass Vulnerability in Apache Tomcat
CSRF Vulnerability in OpenSID 18.06-pasca Allows Unauthorized Account Creation
Integer Overflow Vulnerability in LNK Token Smart Contract's Mint Function
Denial of Service Vulnerability in 1Password 6.8 for Android
Code Execution via Unsafe YAML Loading in scripts/grep-excuses.pl in Debian devscripts
Arbitrary SQL Command Execution Vulnerability in Yeswiki Cercopitheque 2018-06-19-1 and Earlier
SQL Injection Vulnerability in GLPI 9.2.x through 9.3.0
Inconsistent Application of Security Constraints in Apache Tomcat
SQL Injection Vulnerability in Zoho ManageEngine Applications Manager 13.x
Privilege Escalation Vulnerability in CyberArk Endpoint Privilege Manager
Integer Overflow in alarm_timer_nsleep function in Linux Kernel
Arbitrary File Overwrite Vulnerability in Cinnamon Settings Users GUI
Arbitrary Code Injection through Cross-Site Scripting (XSS) Vulnerability in MantisBT View Filters Page
Vulnerability in zzcms 8.3 Allows Arbitrary File Deletion and Database Access
Apache Pluto 3.0.0 Multipart Portlet War File Path Information Disclosure Vulnerability
Guessable CAPTCHA Issue in Easy!Appointments 1.3.0
Easy!Appointments 1.3.0 Missing Authorization Vulnerability: Exposing Hashed Passwords and Salts
XSS Vulnerability in ModSecurity 3.0.0 via onerror Attribute of IMG Element
Memory Leak Vulnerability in libming 0.4.8
CSRF Vulnerability in OpenCart Account Password Change Functionality
Integer Overflow Vulnerability in AzurionToken (AZU) Smart Contract's mintToken Function
Integer Overflow Vulnerability in DYchain (DYC) Smart Contract Allows Arbitrary Balance Manipulation
Vulnerability: Entity Expansion and DTD Attacks in Apache jUDDI 3.2 through 3.3.4
Integer Overflow Vulnerability in mintToken Function of EncryptedToken (ECC) Smart Contract
Integer Overflow Vulnerability in mintToken Function of CCindex10 (T10) Smart Contract
Integer Overflow Vulnerability in Coffeecoin (COFFEE) Smart Contract's mintToken Function
Integer Overflow Vulnerability in mintToken Function of ETCBK Smart Contract
Integer Overflow Vulnerability in FIBToken (FIB) Smart Contract Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in mintToken Function of Carbon Exchange Coin Token (CEC) Smart Contract
Integer Overflow Vulnerability in Betcash (BC) Token Contract's mintToken Function
Integer Overflow Vulnerability in CTB Token's mintToken Function
Integer Overflow Vulnerability in Jitech (JTH) Token Contract's mintToken Function
Integer Overflow Vulnerability in mintToken Function of GoodTo (GTO) Smart Contract Implementation
XML External Entity Expansion (XXE) Vulnerability in Apache Solr's DataImportHandler
Integer Overflow Vulnerability in Goutex (GTX) Token Contract's mintToken Function
Integer Overflow Vulnerability in GZS Token (GZS) Smart Contract's mintToken Function
Integer Overflow Vulnerability in MODI Token (MODI) Smart Contract's mintToken Function
Integer Overflow Vulnerability in Plaza Token (PLAZA) Smart Contract's mintToken Function
Integer Overflow Vulnerability in mintToken Function of Good Time Coin (GTY) Smart Contract
Integer Overflow Vulnerability in FreeCoin (FREE) Smart Contract Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in mintToken Function of IADOWR Coin (IAD) Smart Contract
Integer Overflow Vulnerability in Coinstar (CSTR) Smart Contract's mintToken Function
Integer Overflow Vulnerability in mintToken Function of Futures Pease (FP) Smart Contract
Integer Overflow Vulnerability in Universal Coin (UCOIN) Smart Contract's mintToken Function
Apache NiFi SplitXML Processor External XML Entity Vulnerability
Integer Overflow Vulnerability in YiTongCoin (YTC) Smart Contract Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in sumocoin (SUMO) Smart Contract's mintToken Function
Integer Overflow Vulnerability in mintToken Function of Reimburse Token (REIM) Smart Contract
NULL pointer dereference and panic in lookup_slow() due to lack of validation in cached inodes allocation
Kernel Panic Vulnerability in xfs_attr_leaf.c
Memory Corruption and Denial of Service Vulnerability in Linux Kernel
Denial of Service Vulnerability in Linux Kernel through 4.14
Out-of-Bounds Read and Divide-by-Zero Vulnerability in f2fs Image Handling
Denial of Service Vulnerability in Linux Kernel through 4.17.3
Denial of Service Vulnerability in f2fs Filesystem Image Handling
Apache NiFi JMS Deserialization Denial of Service Vulnerability
Divide-by-Zero Error in f2fs Image Validation
Privilege Escalation via WCF Endpoint in RedSwimmer KioskSimple 1.4.7.0
DLL Preloading Vulnerability in AnyDesk Version 4.1.3 and Earlier on Windows 7 SP1
SSRF Vulnerability in OX App Suite 7.8.4 and Earlier
Cross-Site Scripting (XSS) Vulnerability in OX App Suite 7.8.4 and Earlier
Stored XSS Vulnerability in ClipperCMS 1.3.3 via Tools -> Configuration Screen
Local Root Jailbreak Vulnerability in ADB Broadband Gateways/Routers: Exploiting Epicentro Platform
Epicentro Platform Authorization Bypass Vulnerability: Unauthorized Access and Manipulation of ADB Broadband Gateways/Routers
Use-after-free vulnerability in Apache Xerces-C XML Parser
Privilege Escalation Vulnerability in ADB Broadband Gateways/Routers on Epicentro Platform
Partial Denial of Service Vulnerability in Wanscam HW0021 IP Cameras: ONVIF Service Crash
Heap-based Buffer Over-read Vulnerability in Tcpreplay 4.3.0 beta1
Integer Overflow Vulnerability in Easy Trading Token (ETT) Smart Contract Implementation
Command Injection Vulnerability in KERUI Wifi Endoscope Camera (YPC99) via ssid Parameter
Unauthenticated Access and Control of KERUI Wifi Endoscope Camera (YPC99)
SQL Injection Vulnerability in zzcms 8.3 via tablename parameter in /user/del.php
Replay Attack Vulnerability in Apache HTTP Digest Authentication
Denial of Service Vulnerability in RealOne Player 2.0 Build 6.0.11.872
Arbitrary File Deletion Vulnerability in OneFileCMS through 2017-10-08
Arbitrary File Read Vulnerability in OneFileCMS through 2017-10-08
Integer Overflow Vulnerability in MoxyOnePresale Smart Contract Allows Arbitrary Token Retrieval by Contract Owner
Integer Overflow Vulnerability in SP8DE PreSale Token (DSPX) Smart Contract
Arbitrary Token Retrieval Vulnerability in Etherty Token (ETY) Smart Contract
Arbitrary Token Retrieval Vulnerability in SP8DE Token (SPX) Smart Contract
Apache Derby Network Server Database Boot Vulnerability
Integer Overflow Vulnerability in Bitotal (TFUND) Smart Contract Allows Arbitrary Token Retrieval by Contract Owner
Arbitrary Token Retrieval Vulnerability in SpadePreSale Smart Contract
Arbitrary Token Retrieval Vulnerability in Spadeico Smart Contract
Windows Installation Process Vulnerability in Golden Frog VyprVPN (pre-2018-06-21)
XSS Vulnerability in TP-Link Archer C1200 1.13 Build 2018/01/24 rel.52299 EU Devices via PATH_INFO to /webpages/data URI
XSS Vulnerability in Ultimate Member Plugin for WordPress
XSS Vulnerability in Events Manager Plugin 5.9.4 for WordPress
Stack-based Buffer Overflow in libsndfile 1.0.28 Allows Remote Code Execution
Apache Hive Unauthorized EXPLAIN Operation Vulnerability
Remote Code Execution via Antidote Update Mechanism
Potential Integer Overflow Vulnerability in Pandora (PDX) Token Smart Contract Implementation
Integer Overflow Vulnerability in mintToken Function of JavaSwapTest (JST) Smart Contract
Integer Overflow Vulnerability in LEF Token Smart Contract Implementation
Arbitrary File Write Vulnerability in Apache Hive 2.1.0 to 2.3.2
Memory Leak in XMagickCommand Function in ImageMagick 7.0.8-4
Integer Overflow Vulnerability in GEMCHAIN (GEM) Smart Contract's mintToken Function
Integer Overflow Vulnerability in mintToken Function of bonusToken (BNS) Smart Contract Implementation
Integer Overflow Vulnerability in CryptonitexCoin's mintToken Function
Integer Overflow Vulnerability in mintToken Function of AssetToken Smart Contract
Integer Overflow Vulnerability in mintToken Function of Bankcoin (BNK) Smart Contract
Directory Traversal Vulnerability in Apache ODE Process Deployment Web Service
Integer Overflow Vulnerability in etktokens (ETK) Smart Contract's mintToken Function
Integer Overflow Vulnerability in MultiGames (MLT) Smart Contract Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in ALEX Token Contract's mintToken Function
Integer Overflow Vulnerability in mintToken Function of Ethernet Cash (ENC) Smart Contract
Integer Overflow Vulnerability in EPPCOIN (EPP) Smart Contract's mintToken Function
Integer Overflow Vulnerability in JustDCoin (JustD) Smart Contract Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in AthletiCoin (ATHA) Smart Contract's mintToken Function
Integer Overflow Vulnerability in Yu Gi Oh (YGO) Token Contract's mintToken Function
Integer Overflow Vulnerability in mintToken Function of NetkillerBatchToken Smart Contract for Yu Gi Oh (YGO) Ethereum Token
Integer Overflow Vulnerability in mintToken Function of Ethereum Cash Pro (ECP) Smart Contract
Cron Scheduler Vulnerability in Apache Zeppelin
Integer Overflow Vulnerability in mintToken Function of Snoqualmie Coin (SNOW) Smart Contract
Integer Overflow Vulnerability in LadaToken (LDT) Smart Contract's mintToken Function
Integer Overflow Vulnerability in mintToken Function of BZXcoin Smart Contract Implementation
Integer Overflow Vulnerability in EliteShipperToken (ESHIP) Smart Contract's mintToken Function
Integer Overflow Vulnerability in CryptoABS (ABS) Smart Contract's mintToken Function
Integer Overflow Vulnerability in AIChain's mintToken Function
Integer Overflow Vulnerability in Trust Zen Token (ZEN) Smart Contract Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in mintToken Function of MiningRigRentals Token (MRR) Smart Contract
Integer Overflow Vulnerability in mintToken Function of ECPoints Smart Contract
Integer Overflow Vulnerability in mintToken Function of Air-Contact Token (AIR) Smart Contract
Vulnerability: Segfault in Apache Traffic Server (ATS) due to Carefully Crafted Request
Integer Overflow Vulnerability in IMM Coin (IMC) Smart Contract's mintToken Function
Integer Overflow Vulnerability in Troo Token's mintToken Function
Integer Overflow Vulnerability in loncoin (LON) Smart Contract's mintToken Function
Integer Overflow Vulnerability in JWC Token Contract's mintToken Function
Integer Overflow Vulnerability in TravelZedi Token (ZEDI) Smart Contract Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in mintToken Function of APPC Smart Contract
Integer Overflow Vulnerability in MMTCoin (MMT) Smart Contract's mintToken Function
Integer Overflow Vulnerability in CIBN Live Token (CIBN LIVE) Smart Contract's mintToken Function
Integer Overflow Vulnerability in MyBO Token's mintToken Function
Integer Overflow Vulnerability in Unolabo (UNLB) Smart Contract's Mint Function
HTTP Response Splitting Vulnerability in Apache Allura
Integer Overflow Vulnerability in mintToken Function of DVChain Smart Contract Implementation
Integer Overflow Vulnerability in Super Carbon Coin (SCC) Smart Contract's mintToken Function
Integer Overflow Vulnerability in Jobscoin (JOB) Smart Contract Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in mintToken Function of Hentaisolo (HAO) Smart Contract Implementation
Integer Overflow Vulnerability in TTCoin Smart Contract Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in Cranoo (CRN) Token Contract's mintToken Function
Integer Overflow Vulnerability in T-Swap-Token (T-S-T) Smart Contract Sell Function
Integer Overflow Vulnerability in Welfare Token Fund (WTF) Smart Contract Sell Function
Integer Overflow Vulnerability in STeX Exchange ICO Smart Contract Implementation
Integer Overflow Vulnerability in ETHEREUMBLACK (ETCBK) Smart Contract Sell Function
Incomplete SASL Negotiation Validation in Apache Thrift Java Client Library
Integer Overflow Vulnerability in DateMe (DMX) Smart Contract's Sell Function
Integer Overflow Vulnerability in TiTok - Ticket Token's Sell Function
Integer Overflow Vulnerability in MyBO Smart Contract's Sell Function
Integer Overflow Vulnerability in sellBuyerTokens Function of SwapToken Smart Contract Implementation
Integer Overflow Vulnerability in ETHERCASH (ETC) Smart Contract Sell Function
Integer Overflow Vulnerability in OHNI Smart Contract's Sell Function
Integer Overflow Vulnerability in ProvidenceCasino (PVE) Smart Contract Sell Function
Integer Overflow Vulnerability in PornCoin (PRNC) Smart Contract Sell Function
Integer Overflow Vulnerability in MoneyTree (TREE) Smart Contract Sell Function
Integer Overflow Vulnerability in Nectar (NCTR) Smart Contract Sell Function
XSLT-based Code Execution and File Manipulation Vulnerability in Apache Syncope
Integer Overflow Vulnerability in Providence Crypto Casino (PVE) Smart Contract's Sell Function
Integer Overflow Vulnerability in MyToken Smart Contract's Sell Function
Integer Overflow Vulnerability in EthereumLegit Smart Contract's Sell Function
Integer Overflow Vulnerability in TravelCoin (TRV) Smart Contract Sell Function
GMile Smart Contract Vulnerability: Integer Overflow in Sell Function Leads to Asset Reduction
Integer Overflow Vulnerability in Sample Token (STK) Smart Contract's Sell Function
Integer Overflow Vulnerability in GreenMed (GRMD) Smart Contract Sell Function
Integer Overflow Vulnerability in CoinToken's Sell Function
Integer Overflow Vulnerability in ICOD Smart Contract's Sell Function
Integer Overflow Vulnerability in YourCoin (ICO) Smart Contract Implementation (ETH033)
Sensitive Security Value Recovery Vulnerability in Apache Syncope
Integer Overflow Vulnerability in MAVCash Smart Contract Sell Function
Integer Overflow Vulnerability in ExtremeToken Smart Contract's Sell Function
Integer Overflow Vulnerability in ObjectToken (OBJ) Smart Contract Sell Function
Integer Overflow Vulnerability in RTokenMain Smart Contract Implementation
Integer Overflow Vulnerability in VEU_TokenERC20 Smart Contract's Sell Function
Integer Overflow Vulnerability in MyYLC Smart Contract's Sell Function
Integer Overflow Vulnerability in YLCToken Smart Contract's Sell Function
Integer Overflow Vulnerability in MoneyChainNet (MCN) Smart Contract Sell Function
Integer Overflow Vulnerability in Crowdnext (CNX) Smart Contract Sell Function
RiptideCoin (RIPT) Smart Contract Vulnerability: Integer Overflow in Sell Function Leads to Asset Reduction
Reverse Proxy Vulnerability in Apache Tomcat JK ISAPI Connector
Integer Overflow Vulnerability in DestiNeed (DSN) Smart Contract Sell Function
Integer Overflow Vulnerability in EnterToken Smart Contract's Sell Function
Integer Overflow Vulnerability in EnterCoin's Sell Function
Integer Overflow Vulnerability in GSI Token's Sell Function
Denial of Service Vulnerability in Apache Commons Compress' Zip Package
Remote Code Execution in Apache Wicket-jQuery-UI WYSIWYG Editor
NULL Pointer Dereference in libming 0.4.8's getString Function in decompile.c
Excessive Memory Allocation Vulnerability in libming 0.4.8's readBytes Function
Cross-Site Scripting (XSS) Vulnerability in Entrust Datacard Syntera CS 5.x Login Page
XSS Vulnerability in PHP Scripts Mall Auditor Website 2.0.1 via lastname or firstname parameter
HTTP Host Header Spoofing Vulnerability in Blackboard Learn 2018-07-02
Missing .htaccess Files in Mediawiki 1.31 Tarball Vulnerability
Truncation Vulnerability in zsh Shebang Lines
Apache Struts REST Plugin XML DoS Vulnerability
Stored XSS vulnerability in Apache Zeppelin prior to 0.8.0 via Note permissions
Insufficiently Random Values Vulnerability in SYNO.Encryption.GenRandomKey in Synology DiskStation Manager (DSM)
Information Exposure Vulnerability in SYNO.Core.ACL in Synology DiskStation Manager (DSM)
Session Fixation Vulnerability in Synology Photo Station
Remote Code Execution Vulnerability in Synology SSL VPN Client
Command Injection Vulnerability in Synology Diskstation Manager (DSM) FTP Server
Command Injection Vulnerability in Synology Router Manager (SRM) FTP Server
Default Permissions Vulnerability in Synology Diskstation Manager (DSM) Allows Unauthorized Access to Sensitive Information
Default Permissions Vulnerability in Synology Router Manager (SRM) Allows Unauthorized Access to Sensitive Information
Information Exposure Vulnerability in Synology File Station
SYNO.FolderSharing.List Information Exposure Vulnerability in Synology Router Manager (SRM)
SYNO.Core.ACL Information Exposure Vulnerability in Synology Router Manager (SRM)
Information Exposure Vulnerability in Synology DiskStation Manager (DSM) before 6.2.1-23824
Information Exposure Vulnerability in Synology Router Manager (SRM) Allows Unauthorized Access to Sensitive Data
Arbitrary Code Injection via Control Panel SSO Settings in Synology DiskStation Manager (DSM)
Information Exposure Vulnerability in SYNO.Personal.Profile in Synology Application Service
Information Exposure Vulnerability in SYNO.Personal.Application.Info
Denial-of-Service Vulnerability in Synology MailPlus Server before 2.0.5-0606
Information Exposure Vulnerability in Synology Drive
Non-Endpoint Channel Access Vulnerability in Synology Android Moments 1.2.3-199
Arbitrary File Upload Vulnerability in Synology Calendar Attachment Uploader
Denial of Service Vulnerability in Apache Mesos: Crashing of libprocess when parsing malformed JSON payload
Out-of-Array Read Vulnerability in FFmpeg's AVI to MPEG4 Conversion
FFmpeg 4.0.1 AVI to MPEG4 Conversion Denial of Service Vulnerability
Out-of-Array Access Vulnerability in FFmpeg 4.0.1
NULL Pointer Dereference Vulnerability in FFmpeg 4.0.1 AVI to MPEG4 Conversion
Improper Context Profile Maintenance in libavcodec: Denial of Service Vulnerability
FFmpeg 4.0.1 AVI to MPEG4 Conversion Vulnerability
Command Injection in formDlna in TOTOLINK A3002RU v1.0.8 via ftpUser POST Parameter
Command Injection in TOTOLINK A3002RU v1.0.8 via ntpServerIp2 POST Parameter
Arbitrary JavaScript Execution in TOTOLINK A3002RU v1.0.8 via Cross-Site Scripting in notice_gen.htm
Arbitrary JavaScript Execution Vulnerability in TOTOLINK A3002RU v1.0.8
Arbitrary Code Execution Vulnerability in Apache Storm
Arbitrary JavaScript Execution via Username in TOTOLINK A3002RU version 1.0.8
Command Injection in TOTOLINK A3002RU v1.0.8 via formDlna's sambaUser Parameter
Arbitrary JavaScript Execution in TOTOLINK A3002RU v1.0.8 via Cross-Site Scripting in notice_gen.htm
Plaintext Password Exposure in TOTOLINK A3002RU 1.0.8 Router
Command Injection in TOTOLINK A3002RU Version 1.0.8 via formAliasIp POST Parameter
Unauthenticated Password Change Vulnerability in TOTOLINK A3002RU Version 1.0.8
Command Injection in TOTOLINK A3002RU v1.0.8 via formAliasIp subnet Parameter
Password Disclosure Vulnerability in TOTOLINK A3002RU Version 1.0.8
System Command Injection in User.create Method in Buffalo TS5600D1206 Version 3.61-0.10
Unauthenticated POST Request Vulnerability in Buffalo TS5600D1206 Version 3.61-0.10
User Impersonation Vulnerability in Apache Storm
System Command Injection in network.set_auth_settings in Buffalo TS5600D1206 version 3.70-0.10
Improper Access Controls in Buffalo TS5600D1206 NASAPI (Version 3.61-0.10) Enable Unauthorized Function Calls
Directory Traversal Vulnerability in Buffalo TS5600D1206 Version 3.61-0.10
Cross-Site Scripting (XSS) Vulnerability in Buffalo TS5600D1206 Version 3.61-0.10
Bypassing Authentication via Modified HTTP Host Header in Buffalo TS5600D1206 version 3.61-0.10
Integer Overflow Vulnerability in GROWCHAIN (GROW) Smart Contract's _sell Function
Integer Overflow Vulnerability in Bittelux (BTX) Smart Contract Implementation
Potential Integer Overflow Vulnerability in ChuCunLingAIGO (CCLAG) Token's Transfer Functions
Integer Overflow Vulnerability in PFGc Token Smart Contract Implementation
Cross-Site Scripting (XSS) Vulnerability in TerraMaster TOS 3.1.03 ajaxdata.php
HTTP/2 Request Worker Exhaustion Vulnerability
Command Injection Vulnerability in TerraMaster TOS 3.1.03: Execute System Commands via groupname Parameter
Cross-Site Scripting (XSS) Vulnerability in TerraMaster TOS 3.1.03 Control Panel
Arbitrary File Upload Vulnerability in TerraMaster TOS 3.1.03 Explorer Application
Cross-Site Scripting (XSS) Vulnerability in TerraMaster TOS 3.1.03 File Manager
Cross-Site Scripting (XSS) Vulnerability in TerraMaster TOS 3.1.03 handle.php
Cross-Site Scripting (XSS) Vulnerability in TerraMaster TOS 3.1.03 Control Panel
Command Injection in TerraMaster TOS 3.1.03: Remote Code Execution via ajaxdata.php
Session Fixation Vulnerability in TerraMaster TOS 3.1.03 Web Application
Command Injection in TerraMaster TOS 3.1.03: Remote Code Execution via ajaxdata.php
Stored XSS in Imperavi Redactor 3 in Angular Redactor 1.1.6
User Impersonation Vulnerability in Apache Spark
CSRF Vulnerability in Gleez CMS 1.2.0
Vulnerability: Password Decryption and Privilege Escalation in Crestron TSW-X60 and MC3
Hardcoded Credentials Vulnerability in Anda App's Server API
Improper Handling of Fragment Start in mpatch_apply Function in Mercurial
Integer Addition and Subtraction Mishandling in mpatch.c in Mercurial before 4.6.1
Buffer Overread Vulnerability in Mercurial's mpatch_decode Function
Cross-Site Scripting (XSS) Vulnerability in TerraMaster TOS 3.1.03 Taskbar
Command Injection Vulnerability in Apache Tika Server (Versions 1.7 to 1.17)
SQL Injection in logtable.php in TerraMaster TOS version 3.1.03: Exploiting the Event Parameter
Cross-Site Scripting (XSS) Vulnerability in TerraMaster TOS 3.1.03 Control Panel
Session Token Exposure in TerraMaster TOS 3.1.03: Unauthorized Access to Active Sessions
Command Injection Vulnerability in TerraMaster TOS 3.1.03: Exploiting checkport Parameter in ajaxdata.php
TerraMaster TOS 3.1.03 Logtable.php System Command Injection Vulnerability
Insecure Access Controls in ajaxdata.php of TerraMaster TOS v3.1.03 Enable Unauthorized User Group Creation
Privilege Escalation in TerraMaster TOS version 3.1.03 via Incorrect Access Control in ajaxdata.php
Cross-Site Scripting (XSS) Vulnerability in TerraMaster TOS 3.1.03 Control Panel
Command Injection in ajaxdata.php in TerraMaster TOS 3.1.03: Execution of System Commands via checkName Parameter
Cross-Site Scripting (XSS) Vulnerability in TerraMaster TOS 3.1.03 via modgroup Parameter in usertable.php
UTF-8 Decoder Overflow Vulnerability in Apache Tomcat
Cross-Site Scripting (XSS) Vulnerability in TerraMaster TOS Text Editor
User Enumeration in TerraMaster TOS 3.1.03 via modgroup Parameter in usertable.php
Information Exposure Vulnerability in Fortinet FortiOS: Revealing Private IP and Hostname via Application Control Block Page
Fortinet FortiOS Information Disclosure Vulnerability: Revealing Serial Number via PPTP Protocol
FortiOS Information Exposure Vulnerability via Admin WebUI
Command Injection Vulnerability in Fortinet FortiClient for Windows 6.0.4 and Earlier
Apache Directory LDAP API TLS Connection Leak Vulnerability
FortiOS External Control of System Vulnerability: Unauthorized Routing Settings Modification via ZebOS Component
LDAP Server Login Credentials Leakage Vulnerability in Fortinet FortiOS and FortiADC
Cross-Site Scripting (XSS) Vulnerability in Fortinet FortiAnalyzer and FortiManager
Uninitialized Memory Buffer Leak in Fortinet FortiOS: Potential Disclosure of Sensitive Data in HTTP Response
LDAP Server Plaintext Password Exposure in Fortinet FortiSIEM 5.2.0 and Below Versions
Path Traversal Vulnerability in Fortinet FortiOS and FortiProxy
Infinite Loop Vulnerability in Apache Tika's BPGParser (Versions before 1.18)
Fortinet FortiOS and FortiProxy XSS Vulnerability
Buffer Overflow Vulnerability in Fortinet FortiOS and FortiProxy
SSL VPN Web Portal Password Modification Vulnerability
Heap Buffer Overflow in Fortinet FortiOS and FortiProxy SSL VPN Web Portal
Fortinet FortiOS SSL VPN Web Portal Host Header Redirection Vulnerability
Argument Injection Vulnerability in Sourcetree for macOS via Mercurial Filenames
Argument Injection Vulnerability in Sourcetree for Windows via Mercurial Filenames
Incomplete fix for cross site scripting (XSS) vulnerability in Atlassian JIRA Server
Cross-Site Scripting (XSS) Vulnerability in Atlassian Fisheye and Crucible Review Attachment Resource
Remote Content Spoofing Vulnerability in Atlassian Confluence
Infinite Loop Vulnerability in Apache Tika's ChmParser (Versions before 1.18)
Unauthenticated Access to CloudToken Daemon on Linux Allows Unauthorized AWS Credential Retrieval
Information Disclosure Vulnerability in Jira Server
Cross-Site Scripting (XSS) Vulnerability in Atlassian Fisheye and Crucible before 4.6.0
CSRF Vulnerability in Atlassian Confluence Questions Allows Comment Modification to Answer
CSRF Vulnerability in Atlassian Confluence Questions Allows Modification of Comments into Answers
Cross-Site Scripting (XSS) Vulnerability in Atlassian Jira Epic Colour Field
Argument Injection Vulnerability in Sourcetree for macOS via Git Subrepositories in Mercurial Repositories
Argument Injection Vulnerability in Sourcetree for Windows via Git Subrepositories in Mercurial Repositories
Cross-Site Request Forgery (CSRF) Vulnerability in Atlassian Fisheye and Crucible Administrative Smart-Commits Resource
Privilege Escalation Vulnerability in Atlassian Fisheye and Crucible Installer
Insecure Session Token Storage in Apache Guacamole
Improper Access Control Vulnerability in Atlassian Jira Versions 7.6.9 to 7.13.1
Open Redirect Vulnerability in XsrfErrorAction Resource in Atlassian Jira
Open Redirect Vulnerability in Atlassian Jira Versions 7.6.9 to 7.13.1
Cross-Site Scripting (XSS) Vulnerability in Atlassian Jira's Two-Dimensional Filter Statistics Gadget
Server Side Request Forgery (SSRF) vulnerability in Atlassian Jira
Inode Ownership Vulnerability in Linux Kernel
Integer Overflow in uvesafb_setcmap Function in Linux Kernel
CSRF Vulnerability in Jirafeau 3.4.1: Unprotected Delete File Feature
Reflected XSS Vulnerability in Jirafeau Allows Session Theft and Admin Privilege Escalation
Reflected XSS Vulnerability in Jirafeau Allows Session Theft and Admin Privilege Escalation
Denial of Service and Arbitrary Command Execution Vulnerability in Info-ZIP Zip 3.0
Privilege Escalation via Clickable Company Logo in Zoho ManageEngine Desktop Central
Privilege Escalation via Clickable Company Logo in Zoho ManageEngine Desktop Central
Plex Media Server 1.13.2.5154 XXE Vulnerability
XML External Entity Processing (XXE) Vulnerability in Universal Media Server (UMS) 7.1.0
XML External Entity Processing (XXE) Vulnerability in Vuze Bittorrent Client 5.7.6.0
Command Injection in ajaxdata.php in TerraMaster TOS 3.1.03
Memory Leak in libsndfile 1.0.28's psf_allocate in common.c
File Upload and Remote Code Execution Vulnerability in NetIQ Access Manager Administrative Console
Memory Leak in Malloc Extension of Google gperftools 2.7
Heap-based Buffer Over-read in Fast C++ CSV Parser's io::trim_chars function
XSS Vulnerability in TCExam before 14.1.2 via ff_ or xl_ Field
Cross-Site Scripting (XSS) Vulnerability in Omeka 2.6.1 tag-form.php
PAM Vulnerability: Unauthenticated Remote Host Access
XSS Vulnerability in Boostnote v0.11.7: Markdown Text Highlighting Exploit
Biometric Authentication Bypass in LINE jp.naver.line iOS App
Authentication Bypass Vulnerability in LINE jp.naver.line iOS App
XXE Vulnerability in WXPayUtil of WeChat Pay Java SDK Allows Merchant Notification URL Attacks
NetIQ iManager Communication Downgrade Vulnerability
NULL Pointer Dereference Vulnerability in Audiofile Library 0.3.6
Nagios Core 4.4.1 and Earlier qh_help NULL Pointer Dereference Vulnerability
SQL Injection vulnerability in SolarWinds Network Performance Monitor 12.3 via /api/ActiveAlertsOnThisEntity/GetActiveAlerts TriggeringObjectEntityNames parameter.
Heap-Based Buffer Overflow in EOS.IO JIT-WASM 4.1 via Crafted WAST File
CSRF Vulnerability in SeaCMS 6.61 Allows Unauthorized Admin Account Creation
CSRF Vulnerability in SeaCMS 6.61 Allows Unauthorized User Account Addition
Authentication Bypass Vulnerability in LINE jp.naver.line Android App
Arbitrary SQL Command Execution in Dolibarr ERP/CRM 7.0.3 via statut Parameter
Arbitrary SQL Command Execution in Dolibarr ERP/CRM 7.0.3 via country_id Parameter
Arbitrary SQL Command Execution in Dolibarr ERP/CRM 7.0.3 via statut_buy Parameter
Elevation of Privilege Vulnerability in NetIQ iManager
Arbitrary SQL Command Execution in Dolibarr ERP/CRM 7.0.3 via status_batch Parameter
NULL Pointer Dereference Vulnerability in qh_echo of Nagios Core 4.4.1 and Earlier
NULL Pointer Dereference Vulnerability in qh_core of Nagios Core 4.4.1 and Earlier
eDirectory Denial of Service Vulnerability in Versions Prior to 9.1
Integer Overflow Vulnerability in MoonToken's mintToken Function
Integer Overflow Vulnerability in mintToken Function of T-Swap-Token (T-S-T) Smart Contract
Integer Overflow Vulnerability in mintToken Function of t_swap Smart Contract
Integer Overflow Vulnerability in PaulyCoin's mintToken Function
Integer Overflow Vulnerability in Crystals Token Contract's mintToken Function
Integer Overflow Vulnerability in EpiphanyCoin's mintToken Function
Integer Overflow Vulnerability in Cavecoin's mintToken Function
Integer Overflow Vulnerability in mintToken Function of IcoContract Smart Contract Implementation
Reflected Cross-Site Scripting Vulnerability in NetIQ iManager Administrative Web Interface
Integer Overflow Vulnerability in mintToken Function of BuyerToken Smart Contract
Integer Overflow Vulnerability in BeyondCashToken's mintToken Function
Integer Overflow Vulnerability in CloutToken Smart Contract Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in mintToken Function of OHNI Smart Contract Implementation
Integer Overflow Vulnerability in FansChainToken's mintToken Function
Integer Overflow Vulnerability in mintToken Function of VSCToken Smart Contract Implementation
Integer Overflow Vulnerability in PhilCoin's mintToken Function
Integer Overflow Vulnerability in CTESale Smart Contract Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in mintToken Function of DMPToken Smart Contract
Integer Overflow Vulnerability in SlidebitsToken's mintToken Function
SSL Handshake Renegotiation Vulnerability in NetIQ Identity Manager Driver
Integer Overflow Vulnerability in QRG Token's mintToken Function
Integer Overflow Vulnerability in mintToken Function of TRIUM Smart Contract Implementation
Integer Overflow Vulnerability in ETHERCASH (ETC) Smart Contract Implementation
Integer Overflow Vulnerability in mkethToken's mintToken Function
Integer Overflow Vulnerability in CBRToken's mintToken Function Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in mintToken Function of BitcoinAgileToken Smart Contract
Integer Overflow Vulnerability in HELP Token's mintToken Function
Integer Overflow Vulnerability in PlatoToken's mintToken Function
Integer Overflow Vulnerability in Crypto Alley Shares (CAST) Smart Contract Implementation
Integer Overflow Vulnerability in OllisCoin's mintToken Function Allows Arbitrary Balance Manipulation
NetIQ Identity Manager Driver Log File Information Disclosure Vulnerability
Integer Overflow Vulnerability in FILM Token's mintToken Function
Integer Overflow Vulnerability in Carrot Token's mintToken Function
Integer Overflow Vulnerability in mintToken Function of Naga Ethereum Token Contract
Integer Overflow Vulnerability in DaddyToken's mintToken Function
Integer Overflow Vulnerability in mintToken Function of SusanTokenERC20 Smart Contract
Integer Overflow Vulnerability in KMCToken's mintToken Function
Integer Overflow Vulnerability in RajTestICO's mintToken Function
Integer Overflow Vulnerability in COBToken's mintToken Function
Integer Overflow Vulnerability in mintToken Function of KAPAYcoin Smart Contract Implementation
Integer Overflow Vulnerability in Crowdsale Smart Contract Allows Arbitrary Balance Manipulation
NetIQ Identity Manager Driver Log File Enumeration Vulnerability
Integer Overflow Vulnerability in mintToken Function of MSXAdvanced Smart Contract Implementation
Integer Overflow Vulnerability in HRWtoken's mintToken Function
Integer Overflow Vulnerability in HeliumNetwork's mintToken Function
Integer Overflow Vulnerability in mintToken Function of South Park Token Token (SPTKN) Smart Contract
Integer Overflow Vulnerability in MMCoin's mintToken Function
Integer Overflow Vulnerability in ecogreenhouse Token Contract's mintToken Function
Integer Overflow Vulnerability in mintToken Function of SDR22 Ethereum Token Contract
Integer Overflow Vulnerability in mintToken Function of SLCAdvancedToken Smart Contract Implementation
Integer Overflow Vulnerability in mintToken Function of VITToken Smart Contract Implementation
Integer Overflow Vulnerability in IamRich Token's mintToken Function
Fortinet FortiManager XSS Vulnerability in CLI Config Installation Log
Integer Overflow Vulnerability in Welfare Token Fund (WTF) Smart Contract Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in CorelliCoin's mintToken Function
Integer Overflow Vulnerability in SmartHomeCoin's mintToken Function
Integer Overflow Vulnerability in Ubiou Token Contract's mintToken Function
Integer Overflow Vulnerability in esportz Token Contract's mintToken Function
Integer Overflow Vulnerability in mintToken Function of aman Ethereum Token Contract
Integer Overflow Vulnerability in SCAM Token Contract's mintToken Function
Integer Overflow Vulnerability in C3 Token's mintToken Function
Integer Overflow Vulnerability in TCash Smart Contract's mintToken Function
Integer Overflow Vulnerability in DigitalCloudToken Smart Contract Allows Arbitrary Balance Manipulation
Fortinet FortiOS 5.6.0 SSH Username Format String Vulnerability
Integer Overflow Vulnerability in TopscoinAdvanced's mintToken Function
Integer Overflow Vulnerability in PinkyToken's mintToken Function
Integer Overflow Vulnerability in EXGROUP Token Contract's mintToken Function
Integer Overflow Vulnerability in SmartPayment's mintToken Function
Integer Overflow Vulnerability in PornCoin (PRNC) Smart Contract Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in Flow Token Contract's mintToken Function
Integer Overflow Vulnerability in mintToken Function of WangWangToken Smart Contract Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in ElevateCoin's mintToken Function
Integer Overflow Vulnerability in DhaCoin's mintToken Function Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in mintToken Function of BetterThanAdrien Smart Contract Allows Arbitrary Balance Manipulation
Fortinet FortiManager 6.0.1 and below versions: Information Disclosure Vulnerability
Integer Overflow Vulnerability in mintToken Function of HunterCoin Smart Contract Implementation
Integer Overflow Vulnerability in MaxHouse Token's mintToken Function
Integer Overflow Vulnerability in Mindexcoin's mintToken Function
Integer Overflow Vulnerability in ALUXToken's mintToken Function
Integer Overflow Vulnerability in SpeedCashLite (SCSL) Token Contract's mintToken Function
Integer Overflow Vulnerability in PACCOIN's mintToken Function
Integer Overflow Vulnerability in mintToken Function of ERC20_ICO Smart Contract
Integer Overflow Vulnerability in EthereumLegit's mintToken Function
Integer Overflow Vulnerability in mintToken Function of SIPCToken Smart Contract
Integer Overflow Vulnerability in mintToken Function of Bcxss Ethereum Token Contract
Improper Access Control Allows Arbitrary Content Modification in Fortinet FortiManager and FortiAnalyzer
Integer Overflow Vulnerability in mintToken Function of GSI Ethereum Token Contract
Integer Overflow Vulnerability in CryptoLeu's mintToken Function
Integer Overflow Vulnerability in ZIBToken's mintToken Function
Integer Overflow Vulnerability in GemstoneToken's mintToken Function
Integer Overflow Vulnerability in Numisma's mintToken Function
Integer Overflow Vulnerability in HashShield's mintToken Function
Integer Overflow Vulnerability in mintToken Function of CCASH Smart Contract Implementation
Integer Overflow Vulnerability in ProvidenceCasinoToken's mintToken Function
Integer Overflow Vulnerability in Mimicoin's mintToken Function
Integer Overflow Vulnerability in NeuroToken's mintToken Function
Open Redirect Vulnerability in FortiView Feature of Fortinet FortiManager and FortiAnalyzer
Integer Overflow Vulnerability in Coquinho Coin (CQNC) Smart Contract's mintToken Function
Integer Overflow Vulnerability in Bgamecoin's mintToken Function Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in mintToken Function of Trabet_Coin_PreICO Smart Contract
Integer Overflow Vulnerability in Micro BTC (MBTC) Smart Contract Implementation
Integer Overflow Vulnerability in MoneyTree (TREE) Smart Contract Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in JaxBox Smart Contract Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in mintToken Function of COSMOTokenERC20 Smart Contract
Integer Overflow Vulnerability in mintToken Function of Trabet_Coin Smart Contract
Integer Overflow Vulnerability in mintToken Function of rhovit Smart Contract Implementation
Integer Overflow Vulnerability in UTCT Token Contract's mintToken Function
Reflected XSS Vulnerability in Fortinet FortiSandbox before 3.0
Integer Overflow Vulnerability in KelvinToken's mintToken Function
Integer Overflow Vulnerability in mintToken Function of YourCoin (ICO) Smart Contract (ETH033) Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in BMVCoin's mintToken Function
Integer Overflow Vulnerability in UPayToken Smart Contract Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in mintToken Function of GATcoin Smart Contract Implementation
Integer Overflow Vulnerability in Co2Bit Token Contract's mintToken Function
Integer Overflow Vulnerability in RETNToken's mintToken Function
Integer Overflow Vulnerability in mintToken Function of SDR Smart Contract Implementation
Integer Overflow Vulnerability in MktCoin's mintToken Function Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in HitToken's mintToken Function
Integer Overflow Vulnerability in kkTestCoin1 (KTC1) Smart Contract Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in GoramCoin's mintToken Function
Integer Overflow Vulnerability in mintToken Function of PGM_Coin Smart Contract Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in TripPay Smart Contract Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in DataShieldCoin's mintToken Function
Integer Overflow Vulnerability in YESToken's mintToken Function Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in mintToken Function of JuntsPerCreixer Smart Contract
Integer Overflow Vulnerability in mintToken Function of AdvancedShit Smart Contract Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in GalaxyCoin's mintToken Function
Integer Overflow Vulnerability in ForeverCoin's mintToken Function
Integer Overflow Vulnerability in mintToken Function of ProvidenceCasino (PVE) Smart Contract
Integer Overflow Vulnerability in TravelCoin (TRV) Smart Contract Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in My2Token's mintToken Function
Integer Overflow Vulnerability in Shmoo Token's mintToken Function
Integer Overflow Vulnerability in mintToken Function of yasudem Smart Contract Implementation
Integer Overflow Vulnerability in CHERRYCOIN Smart Contract's mintToken Function
Integer Overflow Vulnerability in Nectar (NCTR) Token Contract's mintToken Function
Integer Overflow Vulnerability in DECToken's mintToken Function
Integer Overflow Vulnerability in mintToken Function of Code47 (C47) Smart Contract
Integer Overflow Vulnerability in MooAdvToken's mintToken Function
Integer Overflow Vulnerability in SIPCOIN Smart Contract's mintToken Function
Integer Overflow Vulnerability in KAPcoin's mintToken Function Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in RajTest Smart Contract's mintToken Function
Integer Overflow Vulnerability in CardToken's mintToken Function
Integer Overflow Vulnerability in CardFactory's mintToken Function
Integer Overflow Vulnerability in BitStore's mintToken Function
Integer Overflow Vulnerability in mintToken Function of TESTAhihi Smart Contract
Integer Overflow Vulnerability in mintToken Function of testcoin Smart Contract
Integer Overflow Vulnerability in mintToken Function of SendMe Smart Contract Implementation
Integer Overflow Vulnerability in mintToken Function of ResidualValue Smart Contract
Cleartext Transmission of Admin Password in Fortinet FortiManager
Integer Overflow Vulnerability in AMToken's mintToken Function
Integer Overflow Vulnerability in GalacticX Token Contract's mintToken Function
Integer Overflow Vulnerability in MiningToken Smart Contract Implementation
Integer Overflow Vulnerability in mintToken Function of Briant2Token Smart Contract
Integer Overflow Vulnerability in mintToken Function of wellieat Smart Contract
Integer Overflow Vulnerability in ExtremeToken's mintToken Function
Integer Overflow Vulnerability in ARChain's mintToken Function
Integer Overflow Vulnerability in ResidualShare's mintToken Function
Archercoin Smart Contract: Integer Overflow Vulnerability in mintToken Function
Integer Overflow Vulnerability in mintToken Function of CSAToken Smart Contract
Cross-Site Scripting Vulnerability in IBM WebSphere Portal 8.5 and 9.0
Integer Overflow Vulnerability in mintToken Function of MedicayunLink Smart Contract
Integer Overflow Vulnerability in CDcurrency's mintToken Function
Integer Overflow Vulnerability in Robincoin's mintToken Function
Integer Overflow Vulnerability in mintToken Function of CON0217 Ethereum Token Contract
Integer Overflow Vulnerability in MAVCash's mintToken Function
Integer Overflow Vulnerability in mintToken Function of MJCToken Smart Contract
Integer Overflow Vulnerability in mintToken Function of IOCT_Coin Smart Contract Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in CAPTOZ Token Contract's mintToken Function
Integer Overflow Vulnerability in mintToken Function of VICETOKEN_ICO_IS_A_SCAM Smart Contract
Integer Overflow Vulnerability in MicoinToken's mintToken Function
Privilege Escalation and Application Withdrawal Vulnerability in IBM Curam Social Program Management
Integer Overflow Vulnerability in TripCash Smart Contract's mintToken Function
Integer Overflow Vulnerability in SoundTribeToken's mintToken Function
Integer Overflow Vulnerability in mintToken Function of ObjectToken (OBJ) Smart Contract
Integer Overflow Vulnerability in mintToken Function of AirdropperCryptics Smart Contract
Integer Overflow Vulnerability in mintToken Function of WXSLToken Smart Contract
Integer Overflow Vulnerability in mintlvlToken Function of Krown Smart Contract Implementation
Integer Overflow Vulnerability in SemainToken's mintToken Function
Integer Overflow Vulnerability in MyOffer Token Contract's mintToken Function
Integer Overflow Vulnerability in mintToken Function of MomentumToken Smart Contract
Integer Overflow Vulnerability in mintToken Function of CrimsonShilling Smart Contract Allows Arbitrary Balance Manipulation
Cross-Site Scripting (XSS) Vulnerability in IBM Jazz Reporting Service (JRS) 5.0 through 5.0.2 and 6.0 through 6.0.5
Integer Overflow Vulnerability in DoccoinPreICO's mintToken Function
Integer Overflow Vulnerability in doccoin's mintToken Function
Integer Overflow Vulnerability in NEXPARA Token Contract's mintToken Function
Integer Overflow Vulnerability in Martcoin's mintToken Function
Integer Overflow Vulnerability in MediaCubeToken's mintToken Function
Integer Overflow Vulnerability in HBCM Token Contract's mintToken Function
Integer Overflow Vulnerability in TurdCoin's mintToken Function
CikkaCoin Smart Contract: Integer Overflow Vulnerability in mintToken Function
Integer Overflow Vulnerability in Bitpark's mintToken Function
Integer Overflow Vulnerability in mintToken Function of VEU_TokenERC20 Contract
XML External Entity Injection (XXE) Vulnerability in IBM Content Navigator 2.0 and 3.0
Integer Overflow Vulnerability in EthereumSmart's mintToken Function
Integer Overflow Vulnerability in MVGcoin's mintToken Function
Integer Overflow Vulnerability in SECoin's mintToken Function
Integer Overflow Vulnerability in mintToken Function of GCRTokenERC20 Smart Contract
Integer Overflow Vulnerability in RoyalClassicCoin's mintToken Function
Integer Overflow Vulnerability in Fiocoin's mintToken Function
Integer Overflow Vulnerability in Datiac Token Contract's mintToken Function
Integer Overflow Vulnerability in TrueGoldCoinToken's mintToken Function
Integer Overflow Vulnerability in mintToken Function of BGC Smart Contract Implementation
Integer Overflow Vulnerability in Deploy Token's mintToken Function
Integer Overflow Vulnerability in mintToken Function of BitmaxerToken Smart Contract
Integer Overflow Vulnerability in mintToken Function of MicoinNetworkToken Smart Contract
Integer Overflow Vulnerability in TheGoDigital's mintToken Function
Integer Overflow Vulnerability in mintToken Function of ipshoots Smart Contract
Integer Overflow Vulnerability in ESTSToken's mintToken Function
Integer Overflow Vulnerability in GFC Token Contract's mintToken Function
Integer Overflow Vulnerability in mintToken Function of Sample Token (STK) Contract
Integer Overflow Vulnerability in Rice Token's mintToken Function
Integer Overflow Vulnerability in TheGoDgital Smart Contract Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in mintToken Function of BrianCoin Smart Contract Implementation
CSV Injection Vulnerability in IBM Content Navigator 2.0 and 3.0
Integer Overflow Vulnerability in BillionRewardsToken Smart Contract Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in mintToken Function of APP Smart Contract Implementation
Integer Overflow Vulnerability in mintToken Function of WorldOpctionChain Smart Contract
Integer Overflow Vulnerability in mintToken Function of BSCToken Smart Contract Implementation
Integer Overflow Vulnerability in CWS Token Contract's mintToken Function
Integer Overflow Vulnerability in BCaaS Token Contract's mintToken Function
Integer Overflow Vulnerability in mintToken Function of EristicaICO Smart Contract Implementation
Integer Overflow Vulnerability in mintToken Function of UTBTokenTest Smart Contract
Integer Overflow Vulnerability in mintToken Function of BTPCoin Smart Contract Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in mintToken Function of NCU Smart Contract Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in mintToken Function of GFCB Ethereum Token Contract
Integer Overflow Vulnerability in DinsteinCoin's mintToken Function Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in OBTCoin's mintToken Function
Integer Overflow Vulnerability in GoldTokenERC20's mintToken Function
Integer Overflow Vulnerability in mintToken Function of ComBillAdvancedToken Smart Contract
Integer Overflow Vulnerability in YAMBYO Token Contract's mintToken Function
Integer Overflow Vulnerability in OBP Token Contract's mintToken Function
Integer Overflow Vulnerability in Goochain's mintToken Function Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in Lottery Token's mintToken Function
Integer Overflow Vulnerability in ZPEcoin's mintToken Function
Privilege Escalation Vulnerability in IBM Security Guardium Database Activity Monitor
Integer Overflow Vulnerability in mintToken Function of LexitToken Smart Contract
Integer Overflow Vulnerability in SOSCoin's mintToken Function
Integer Overflow Vulnerability in mintToken Function of ViteMoneyCoin Smart Contract Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in exsulcoin's mintToken Function
Integer Overflow Vulnerability in mintToken Function of ZIP Smart Contract Implementation
Integer Overflow Vulnerability in VornoxCoinToken's mintToken Function
Integer Overflow Vulnerability in ICOD Token Contract's mintToken Function
Integer Overflow Vulnerability in mintToken Function of normikaivo Smart Contract
Integer Overflow Vulnerability in MallToken's mintToken Function
Integer Overflow Vulnerability in mintToken Function of CJXToken Smart Contract
Sensitive Information Disclosure in IBM Security Guardium Big Data Intelligence (SonarG) 3.1 via URL Parameters
Integer Overflow Vulnerability in Instacocoa's mintToken Function
Integer Overflow Vulnerability in mintToken Function of RTokenMain Contract
Integer Overflow Vulnerability in mintToken Function of MehdiTAZIToken Smart Contract
Integer Overflow Vulnerability in GreenEnergyToken's mintToken Function
Integer Overflow Vulnerability in GMile Token Contract's mintToken Function
Integer Overflow Vulnerability in CTest7 Smart Contract's Mint Function
Integer Overflow Vulnerability in RedTicket's mintToken Function
Integer Overflow Vulnerability in RobotBTC Smart Contract's mintToken Function
Integer Overflow Vulnerability in Play2LivePromo Smart Contract Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in mintToken Function of DestiNeed (DSN) Smart Contract
Unintended Access to Security-Critical Resource in IBM Security Guardium Big Data Intelligence (SonarG) 3.1
Integer Overflow Vulnerability in IPMCoin's mintToken Function
Integer Overflow Vulnerability in KissMe Token Contract's mintToken Function
Integer Overflow Vulnerability in Essence Token's mintToken Function
Integer Overflow Vulnerability in mintToken Function of CERB_Coin Smart Contract Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in mintToken Function of eddToken Smart Contract
Integer Overflow Vulnerability in mintToken Function of PMHToken Smart Contract
Integer Overflow Vulnerability in IdeaCoin's mintToken Function
Integer Overflow Vulnerability in mintToken Function of YSS Smart Contract Implementation
Integer Overflow Vulnerability in BuyToken Smart Contract Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in Tube Token's mintToken Function
IBM WebSphere MQ Client SIGSEGV Vulnerability
Integer Overflow Vulnerability in Mjolnir Token Contract's mintToken Function
Integer Overflow Vulnerability in Databits Token Contract's mintToken Function
Integer Overflow Vulnerability in PMET Token Contract's mintToken Function
Integer Overflow Vulnerability in Tradesman Token's mintToken Function
Integer Overflow Vulnerability in mintToken Function of CM Ethereum Token Contract
Integer Overflow Vulnerability in mintToken Function of BpsToken Smart Contract Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in mintToken Function of sexhdsolo Smart Contract Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in mintToken Function of HormitechToken Smart Contract
Integer Overflow Vulnerability in mintToken Function of FuturXe Smart Contract
Integer Overflow Vulnerability in BiteduToken's mintToken Function
Weak Password Policy in IBM Security Guardium Big Data Intelligence (SonarG) 3.1 Increases User Account Vulnerability
Integer Overflow Vulnerability in Antoken's mintToken Function
Integer Overflow Vulnerability in GoMineWorld Token Contract's mintToken Function
Integer Overflow Vulnerability in HYIPToken Smart Contract Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in SERVVIZIOToken's mintToken Function
Integer Overflow Vulnerability in HYIPCrowdsale1 Smart Contract Implementation
Integer Overflow Vulnerability in GlobalSuperGameToken's mintToken Function
Integer Overflow Vulnerability in ISeeVoiceToken's mintToken Function Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in Eastcoin's mintToken Function
Integer Overflow Vulnerability in JixoCoin's mintToken Function Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in mintToken Function of JPMD100B Smart Contract Implementation
Inadequate Account Lockout Setting in IBM Security Guardium Big Data Intelligence (SonarG) 3.1
Integer Overflow Vulnerability in HEY Token's mintToken Function
Integer Overflow Vulnerability in TokenMACHU's mintToken Function Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in RiptideCoin (RIPT) Smart Contract Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in mintToken Function of ProjectJ Smart Contract Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in mintToken Function of AZTToken Smart Contract
Integer Overflow Vulnerability in mintToken Function of EnterToken Smart Contract
Integer Overflow Vulnerability in mintToken Function of ELearningCoinERC Smart Contract Implementation
Integer Overflow Vulnerability in AnovaBace's mintToken Function Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in mintToken Function of PELOCoinToken Smart Contract
Integer Overflow Vulnerability in dopnetwork's mintToken Function
SIGSEGV vulnerability in IBM WebSphere MQ (Maintenance levels 7.1.0.0 - 7.1.0.9, 7.5.0.0 - 7.5.0.8, 8.0.0.0 - 8.0.0.8, 9.0.0.0 - 9.0.0.2, and 9.0.0 - 9.0.4) client connecting to a Queue Manager
Integer Overflow Vulnerability in OneChain's mintToken Function
Integer Overflow Vulnerability in ABLGenesisToken's mintToken Function Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in mintToken Function of TKT Smart Contract Implementation
Integer Overflow Vulnerability in SuperEnergy (SEC) Token Contract's mintToken Function
Integer Overflow Vulnerability in mintToken Function of Crowdnext (CNX) Smart Contract
Integer Overflow Vulnerability in mintToken Function of STCToken Smart Contract Implementation
Integer Overflow Vulnerability in kBit Token Contract's mintToken Function
Integer Overflow Vulnerability in VanMinhCoin's mintToken Function
Integer Overflow Vulnerability in CarToken's mintToken Function
Integer Overflow Vulnerability in FinalToken's mintToken Function
Session Fixation/Hijacking Vulnerability in IBM Security Guardium Big Data Intelligence (SonarG) 3.1
Integer Overflow Vulnerability in mintToken Function of RichiumToken Smart Contract
Integer Overflow Vulnerability in JustWallet's mintToken Function
Integer Overflow Vulnerability in Thread Token Contract's mintToken Function
Integer Overflow Vulnerability in mintToken Function of DeWeiSecurityServiceToken Smart Contract
Integer Overflow Vulnerability in CryptosisToken's mintToken Function
Integer Overflow Vulnerability in mintToken Function of OTAKUToken Smart Contract
Integer Overflow Vulnerability in CherryCoinFoundation's mintToken Function
Integer Overflow Vulnerability in Coinquer's mintToken Function
LoliCoin Smart Contract: mintToken Function Integer Overflow Vulnerability
Integer Overflow Vulnerability in mintToken Function of BIGCAdvancedToken Smart Contract
Cross-Site Scripting (XSS) Vulnerability in IBM Security Guardium Big Data Intelligence (SonarG) 3.1
Integer Overflow Vulnerability in mintToken Function of MoneyChainNet (MCN) Smart Contract
Integer Overflow Vulnerability in mintToken Function of NetkillerAdvancedTokenAirDrop Smart Contract
Integer Overflow Vulnerability in Yumerium's mintToken Function Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in Ublasti Token Contract's mintToken Function
Integer Overflow Vulnerability in BiquToken's mintToken Function Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in LandCoin's mintToken Function
Elasticoin Smart Contract: mintToken Function Integer Overflow Vulnerability
Integer Overflow Vulnerability in Cornerstone Token's mintToken Function
Integer Overflow Vulnerability in ZToken's mintToken Function
Integer Overflow Vulnerability in JeansToken's mintToken Function
Vulnerability: User Credentials Stored in Plain Text in IBM Security Guardium Big Data Intelligence (SonarG) 3.1
Integer Overflow Vulnerability in UltimateCoin's mintToken Function
Integer Overflow Vulnerability in mintToken Function of ExacoreContract Smart Contract Implementation
Integer Overflow Vulnerability in TheFlashToken's mintToken Function
Integer Overflow Vulnerability in NetkillerToken's mintToken Function
Integer Overflow Vulnerability in Bitstarti's mintToken Function
Integer Overflow Vulnerability in mintToken Function of RCKT_Coin Smart Contract Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in AppleToken's mintToken Function
Integer Overflow Vulnerability in RRToken's mintToken Function
Integer Overflow Vulnerability in mintToken Function of CGCToken Smart Contract
Integer Overflow Vulnerability in mintToken Function of YLCToken Smart Contract Allows Arbitrary Balance Manipulation
Integer Overflow Vulnerability in ESH Token Contract's mintToken Function
Integer Overflow Vulnerability in MyYLC Token Contract's mintToken Function
Integer Overflow Vulnerability in mintToken Function of EnterCoin Smart Contract
Integer Overflow Vulnerability in JiucaiToken's mintToken Function Allows Arbitrary Balance Manipulation
Cookie Encryption Vulnerability in PrestaShop Versions 1.6.1.20 and 1.7.x before 1.7.3.4
Integer Overflow and Divide-by-Zero Vulnerability in libpng 1.6.34
Misconfigured Descriptor Region in Supermicro X11S, X10, X9, X8SI, K1SP, C9X299, C7, B1, A2, and A1 Products: Firmware Modification Vulnerability
Unauthenticated File Retrieval Vulnerability in Descor Infocad FM
Server Side Request Forgery (SSRF) Vulnerability in concrete5 8.2.0 File Manager URL Functionality
Access Control Vulnerability in ABBYY FlexiCapture HTTP API
SQL Injection Vulnerabilities in ABBYY FlexiCapture HTTP API Monitoring Feature
Multiple Cross Site Request Forgery (CSRF) vulnerabilities in ABBYY FlexiCapture HTTP API
Heap-Based Buffer Overflow in stbi__bmp_load_cont in catimg 2.4.0
Unbounded Recursion Vulnerability in Gravity before 0.5.1
Arbitrary Text Display Vulnerability in GNU Mailman
Arbitrary Command Injection Vulnerability in macaddress Module for Node.js
Denial-of-Service Vulnerability in SICAM A8000 Web Server
Privilege Escalation Vulnerability in SIMATIC WinCC OA V3.14 and Prior
User Impersonation and Sensitive Information Disclosure in IBM InfoSphere Master Data Management Collaboration Server
Title: Cross-Site Request Forgery (CSRF) Vulnerability in SIMATIC S7-1200 CPU Family Version 4
Privilege Escalation Vulnerability in ROX II (All versions < V2.12.1)
Authenticated Remote Code Execution Vulnerability in ROX II (All versions < V2.12.1)
Authentication Bypass Vulnerability in SIMATIC IT LMS and Production Suite
Denial-of-Service Vulnerability in SIMATIC ET 200SP Open Controller and SIMATIC S7-1500 Software Controller
DLL Hijacking Vulnerability in SIEMENS TD Keypad Designer (All Versions)
Denial-of-Service Vulnerability in SCALANCE X300, X408, and X414 Web Interface
Vulnerability in CP 1604 and CP 1616 Allows for Data Extraction and DoS Attacks
Cross-Site Scripting (XSS) Vulnerability in CP 1604 and CP 1616
Cross-Site Request Forgery (CSRF) Vulnerability in CP 1604 and CP 1616
Insufficient Computational Effort in Password Hashes in SIMATIC STEP 7 (TIA Portal) (All Versions < V15.1)
Directory Traversal Vulnerability in SIMATIC HMI Panels and WinCC Software
URL Redirection Vulnerability in SIMATIC HMI Devices
Vulnerability: HTTP Header Injection in SIMATIC HMI Panels and WinCC Runtime
Denial-of-Service Vulnerability in SIMATIC S7-1200 and S7-1500
Unauthenticated Access Vulnerability in TIM 1531 IRC (All version < V2.0)
Server-Side Template Injection (SSTI) in Twig before 2.4.4 via search_key parameter
Hardcoded Secret Key Vulnerability in CA Unified Infrastructure Management
Cross-Site Scripting (XSS) Vulnerability in IBM API Connect 5.0.0.0
Hardcoded Passphrase Vulnerability in CA Unified Infrastructure Management
Authentication Bypass Vulnerability in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7
Credential Storage Vulnerability in CA PPM Versions 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below
XML External Entity (XXE) Vulnerability in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below: Remote Information Disclosure
SQL Injection Vulnerability in CA PPM Versions 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below
Reflected Cross-Site Scripting Vulnerability in CA PPM GridExcelExport Functionality
XML External Entity (XXE) Vulnerability in CA PPM XOG Functionality
Root Privilege Escalation Vulnerability in AIX Daemon (IBM X-force ID: 138117)
Persistent Cross-Site Scripting (XSS) Vulnerabilities in All In One Favicon WordPress Plugin 4.6
Stack-based Buffer Overflow in cmft::rwReadFile Function in image.cpp
Integer Overflow Vulnerability in Rocket Coin (XRC) Smart Contract Allows Unauthorized Balance Manipulation
Cross-Site Scripting Vulnerability in IBM Business Process Manager 8.6
Memory Leak in HTSlib 1.8's bgzf_getline Function
Memory Leak in fai_read in HTSlib 1.8
Buffer Over-read Vulnerability in HTSlib 1.8's sam_parse1 in sam.c
Heap-based Buffer Over-read in Bento4 1.5.1-624: AP4_Mpeg2TsVideoSampleStream::WriteSample Vulnerability
SEGV Vulnerability in Bento4 1.5.1-624: AP4_StcoAtom::AdjustChunkOffsets in Core/Ap4StcoAtom.cpp
SEGV Vulnerability in Bento4 1.5.1-624: AP4_StszAtom::GetSampleSize in Core/Ap4StszAtom.cpp
Cross-Site Scripting (XSS) Vulnerability in yTakkar Instagram-clone through 2018-04-23
SQL Injection Vulnerability in Firebase Cloud Messaging (FCM) + Advance Admin Panel
Unauthorized Remote Reboot and Function Execution in MusicCenter / Trivum Multiroom Setup Tool V8.76
Authentication Bypass Vulnerability in MusicCenter / Trivum Multiroom Setup Tool V8.76 - SNR 8604.26 - C4 Professional
Improper Permissions in IBM Tivoli Workload Automation for AIX Leading to Local Privilege Escalation (IBM X-Force ID: 138208)
Unauthorized Information Disclosure in MusicCenter / Trivum Multiroom Setup Tool V8.76
Unauthorized Remote Reboot and Function Execution in Touchpad / Trivum WebTouch Setup V9 V2.53
Authentication Bypass Vulnerability in Trivum WebTouch Setup V9
Regular Expression Denial of Service (ReDoS) in MongoDB bson JavaScript Module
Directory Traversal Vulnerability in Play Framework 2.6.12-2.6.15 (Windows)
XSS Vulnerability in idreamsoft iCMS 7.0.9 via callback parameter in uploadpic request
Stack-based Buffer Over-read in HDF HDF5 1.8.20 Library
Out of Bounds Read Vulnerability in HDF HDF5 1.8.20 Library
Heap-Based Buffer Over-read in HDF HDF5 1.8.20 Library: H5O_fill_old_decode Vulnerability
HDF HDF5 1.8.20 Library: memcpy Parameter Overlap Vulnerability in H5Olink.c
Sensitive Personal Data Disclosure in IBM Application Performance Management for Monitoring & Diagnostics
Heap-Based Buffer Over-read in HDF HDF5 1.8.20 Library: H5O_link_decode Vulnerability
Heap-based Buffer Overflow in HDF HDF5 1.8.20 Library's H5FL_blk_malloc Function
Heap-based Buffer Overflow in H5G_ent_decode Function of HDF HDF5 1.8.20 Library
Buffer Over-read Vulnerability in HDF HDF5 1.8.20 Library
Stack-based Buffer Overflow in HDF HDF5 1.8.20 Library's H5FD_sec2_read Function
Out-of-Bounds Read Vulnerability in HDF HDF5 1.8.20 Library
Stack-based Buffer Overflow in HDF HDF5 1.8.20 Library's H5FD_sec2_read Function
Denial of Service Vulnerability in MegaCryptoPolis Smart Contract: Land Purchase Interference
Unescaped Username Display Vulnerability in Rocket.Chat
Reflected XSS Vulnerability in Rocket.Chat Registration Form
GSKit V7 PKCS#1 Padding Side Channel Information Disclosure Vulnerability
Memory Overread Vulnerability in Qualcomm Snapdragon Processors
Unchecked OTA Field Vulnerability in Qualcomm Snapdragon Processors
Integer overflow vulnerability in GNSS XTRA3 function in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8909W, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 835, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, SDX20, SM7150, SXR1130
Memory Corruption Vulnerability in RIL Daemon in Snapdragon Devices
Heap Memory Access After Free Vulnerability
Unauthorized Modification of Information in IBM API Connect 5.0.0.0 through 5.0.8.2 via Generated LoopBack APIs
Out-of-Bound Mask Range Access Vulnerability in CAF Android Releases
Unprivileged Access to Phone Vulnerability in Snapdragon Devices
Vulnerability: Missing Lock at XBL_SEC Stage in Snapdragon Processors
Information Exposure Vulnerability in dnsmasq on Snapdragon Devices
Out-of-Bounds Write Vulnerability in PMIC in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9150, MDM9206, MDM9607, MDM9650, MDM9655, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016, SXR1130
Memory Corruption Vulnerability in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, QCS605, Qualcomm 215, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24, SM7150
Cross-Site Scripting Vulnerability in IBM Financial Transaction Manager for Check Services for Multi-Platform 3.0, 3.0.2, and 3.0.2.1
Use-after-free vulnerability in IPA driver exposes route table's rule in Snapdragon devices
Sensitive Information Disclosure Vulnerability in Android Manifest File
Improper Array Index Validation Vulnerability in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130
Race condition vulnerability in EPCO handling in Snapdragon platforms
Vulnerability: Improper Input Validation in SCM Handler for Unauthorized Access in Snapdragon Devices
Use after free vulnerability in KGSL syncsource cleanup in multiple Snapdragon platforms
Timing Side Channel Vulnerability in HMAC Authentication in Snapdragon Processors
Buffer Overflow Vulnerability in Key Operations on Snapdragon Platforms
Truncated Access Authentication Token Vulnerability in Snapdragon Processors
Vulnerability: Metadata Verification and Partial Hash System Calls Corruption in Snapdragon Platforms
Denial of Service Vulnerability in IBM Financial Transaction Manager for ACH Services
Out-of-Bounds Access Vulnerability in Snapdragon Processors: TZ Index Calculation Issue
Out of Bounds Memory Read and Access Vulnerability in GNSS XTRA Parser
Arbitrary Write Vulnerability in Snapdragon Processors
Improper Array Index Validation Vulnerability in Snapdragon Processors
Out of Bound Array Vulnerability in Multiple Snapdragon Platforms
Out-of-bounds Memory Access Vulnerability in Qurt Kernel Function in Multiple Snapdragon Platforms
Buffer Overflow Vulnerability in Qualcomm Snapdragon Processors
Invalid Rule ID Use-After-Free Vulnerability in Snapdragon Devices
Sensitive Information Disclosure Vulnerability in IBM Financial Transaction Manager 3.0.4 and 3.1.0 for ACH Services
Hrtimer Use-After-Free Vulnerability in Qualcomm Snapdragon Devices
Buffer Length Check Vulnerability in Multiple Snapdragon Platforms
Heap Use After Free Vulnerability in Snapdragon Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, IoT, Mobile, Wearables in Multiple Qualcomm Chipsets
Invalid Signature Debug Policy Loading Vulnerability
Command Injection Vulnerability in IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.6
Cross-Site Scripting Vulnerability in IBM Rational Products (X-Force ID: 138425)
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager
Remote File Download Vulnerability in IBM Sterling File Gateway 2.2.0 - 2.2.6
Unauthenticated File Disclosure Vulnerability in Zeta Producer Desktop CMS
Unauthenticated Remote Code Execution Vulnerability in Zeta Producer Desktop CMS
Path Traversal Vulnerability in Smarty's isTrustedResourceDir() Method
XSS Vulnerability in ImpressCMS 1.3.10 via PATH_INFO in Installation Pages
Out of Bounds Read Vulnerability in Poppler 0.62: Memory Corruption and Denial of Service
CSRF Vulnerability in Grundig Smart Inter@ctive TV 3.0 Devices via Predictable ID Value
Cross-Site Scripting (XSS) Vulnerability in IBM Daeja ViewONE Professional, Standard & Virtual 4.1.5 and 5.0
Brute-Force Vulnerability in PHOENIX CONTACT FL SWITCH WebUI
Firmware Image Information Leakage Vulnerability in PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx Versions 1.0 to 1.34
Plaintext Transmission of User Credentials in PHOENIX CONTACT FL SWITCH WebUI
CSRF Vulnerability in PHOENIX CONTACT FL SWITCH WebUI
Denial-of-Service Vulnerability in PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx Versions 1.0 to 1.34
Stack-Based Buffer Over-Read Vulnerability in Genann Train Function
SEGV Vulnerability in Genann's genann_run Function
Stored XSS Vulnerability in ClipperCMS 1.3.3 via Full Name Field in Manager Users and Web Users
XSS Vulnerability in Catfish CMS v4.7.9 via admin/Index/write.html editorValue Parameter
Integer Overflow Vulnerability in SHARKTECH (SKT) Token Smart Contract Allows Unauthorized Balance Manipulation
Integer Overflow Vulnerability in MP3 Coin Smart Contract Allows Unauthorized Balance Manipulation
Integer Overflow Vulnerability in WeMediaChain's batchTransfer Function
Integer Overflow Vulnerability in GlobeCoin (GLB) Token Smart Contract Allows Unauthorized Balance Manipulation
Integer Overflow Vulnerability in Malaysia Coins (Xmc) Smart Contract's transferAny Function
Integer Overflow Vulnerability in Neo Genesis Token (NGT) Smart Contract Allows Unauthorized Balance Manipulation
Directory Traversal Vulnerability in Citrix XenServer 7.1 and Newer
802.1x Authentication Mishandling Vulnerability in Arista EOS through 4.21.0F
Codiad Remote Code Execution Vulnerability
Cross-Site Scripting (XSS) Vulnerability in IBM WebSphere Portal 8.0, 8.5, and 9.0
OS Command Injection in Xiaomi R3P, R3C, R3, and R3D Wi-Fi Settings
SQL Injection Vulnerability in WolfSight CMS 3.2 via PATH_INFO
XSS Vulnerability in Synacor Zimbra Collaboration Suite Collaboration before 8.8.11
CSRF Vulnerability in waimai Super Cms 20150505 Allows Unauthorized Admin Account Addition
Denial of Service Vulnerability in radare2 2.7.0 via Crafted ELF File
Heap-based Buffer Over-read Vulnerability in radare2 2.7.0
Denial of Service Vulnerability in radare2 2.7.0
Bypassing Delivery-Address Change Detection in Paymorrow Module for OXID eShop
Information Leakage in Open Whisper Signal (aka Signal-Desktop) before 1.15.0-beta.10
Cross-Site Scripting (XSS) Vulnerability in Digisol Wireless Wifi Home Router HR-3300
Unverified Plugin Upload Vulnerability in WordPress 4.9.7
CSRF Vulnerability in Creatiwity wityCMS 0.6.2 Allows Account Takeover via Email Field Modification
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager (RQM) 5.0 - 6.0.6
Heap-Based Buffer Over-read in HDF HDF5 1.8.20 Library's H5T_copy Function
Heap-based Buffer Over-read in HDF HDF5 1.8.20 Library
Out of Bounds Read Vulnerability in HDF HDF5 1.8.20 Library
Heap-based Buffer Over-read in HDF HDF5 1.8.20 Library
Insufficient Path Check in AccountsService Allows Directory Traversal
Progress Kendo UI Editor v2018.1.221 Cross-Site Scripting (XSS) Vulnerability
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager (RQM) 5.0 - 6.0.6
XSS Vulnerability in Bootstrap Collapse Data-Parent Attribute
XSS Vulnerability in Bootstrap Scrollspy's data-target Property
XSS Vulnerability in Bootstrap Tooltip's data-container Property
Incorrect File Access Control in mstdlib 1.2.0 during Copy Operation
Denial of Service Vulnerability in RateTransposer::setChannels Function
Denial of Service Vulnerability in FIRFilter::evaluateFilterMulti Function
Heap-Based Buffer Over-Read Vulnerability in Exiv2 0.26's WebPImage::decodeChunks
SEGV Vulnerability in PNGwriter 0.7.0's readfromfile Function
SEGV Vulnerability in libpng 1.6.34: png_free_data in png.c
SEGV Vulnerability in libwav's print_info function
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6
SEGV Vulnerability in libwav's wav_free Function
Infinite Loop Vulnerability in wav_read function of libwav.c
SEGV Vulnerability in libwav's apply_gain Function
Double Free Vulnerability in MP4v2 Library
Privilege Escalation and Configuration Injection Vulnerability in ZNC
Path Traversal Vulnerability in ZNC Web Skins
Cross-Site Request Forgery (CSRF) Vulnerability in Pimcore before 5.3.0
SQL Injection Vulnerability in Pimcore REST API
Multiple Cross-Site Scripting (XSS) Vulnerabilities in Pimcore
OS Command Injection in Xiaomi R3D AP Mode Settings
COSPAS-SARSAT Protocol Vulnerability: Message Forgery, Replay Attacks, DoS, and Unauthorized Private Messaging
Integer Overflow Vulnerability in Tracto (TRCT) Smart Contract's increaseApproval Function
Directory Traversal Vulnerability in uc-http Service 1.0.0 on VelotiSmart WiFi B-380 Camera Devices
XML External Entity (XXE) Vulnerability in PHPOffice Common before 0.2.9
SQL Injection Vulnerability in content://wappush Content Provider in com.android.provider.telephony
Unauthenticated Remote Command Execution in Green Packet WiMax DV-360 2.10.14-g1.0.6.1 Devices via Command Injection
CSRF Vulnerability Allows Unauthorized Addition of Admin Account in SRCMS V2.3.1
CSRF Vulnerability in SRCMS V2.3.1 Allows Unauthorized User Account Addition
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Team Concert 5.0 - 6.0.5
Insufficient Sanitization in Geo Mashup Plugin for WordPress
Memory Leak Vulnerabilities in libsixel 1.8.1
Memory Leak in sixel_allocator_new in allocator.c
Unauthorized Remote Backup of Device Configuration in Wi2be SMART HP WMT R1.2.20_201400922
Unauthenticated Remote Password Reset Vulnerability in Wi2be SMART HP WMT R1.2.20_201400922
Unauthenticated Remote Information Disclosure in Wi2be SMART HP WMT R1.2.20_201400922
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Team Concert 5.0 - 6.0.5
Authentication Bypass Vulnerability in D-Link DIR-809 Devices
Clear-text Storage of Device Passwords in D-Link DIR-809 and Guest Zone Devices
Cross-site Scripting (XSS) Vulnerability in PHP Scripts Mall JOB SITE (aka Job Portal) 3.0.1 via Search Bar
Remote Information Disclosure in LICA miniCMTS E8K Devices via Direct POST Request
Integer Overflow Vulnerability in MKCB Smart Contract
Vulnerability: Unauthorized Modification of SweeperList in UserWallet Contract
Integer Overflow Vulnerability in SingaporeCoinOrigin (SCO) Smart Contract
Integer Overflow Vulnerability in EUC Smart Contract Implementation
Integer Overflow Vulnerability in STeX White List (STE(WL)) Smart Contract
Arbitrary Transfer Vulnerability in Virgo_ZodiacToken Smart Contract
Local Command Execution Vulnerability in IBM Notes Diagnostics
Local Command Execution Vulnerability in IBM Notes Diagnostics
Local Command Execution Vulnerability in IBM Notes Diagnostics
Cross-Site Scripting (XSS) Vulnerability in IBM Cognos Analytics 11.0
SQL Injection Vulnerability in IBM Maximo Asset Management 7.5 and 7.6
Cross-Site Scripting (XSS) Vulnerability in IBM Maximo Asset Management 7.6
Cross-Site Scripting (XSS) Vulnerability in IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0
Privilege Escalation Vulnerability in J9 JVM (IBM SDK, Java Technology Edition 7.1 and 8.0)
Authentication Bypass Vulnerability in IBM Security QRadar SIEM 7.2 and 7.3
Denial of Service Vulnerability in IBM WebSphere MQ PAM Authentication
IBM WebSphere Portal Combined Cumulative Fix (CF) Installation Security Miss-configuration Vulnerability
XML External Entity Injection (XXE) Vulnerability in IBM WebSphere DataPower Appliances
Cross-Site Scripting (XSS) Vulnerability in IBM Jazz Foundation Products
Information Disclosure Vulnerability in IBM Jazz Foundation Products
XML External Entity Injection (XXE) Vulnerability in IBM Marketing Platform 9.1.0, 9.1.2, and 10.1
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-6004)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.1049
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-6006)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-6007)
Remote Code Execution Vulnerability in Foxit Reader 9.0.1.1049
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-6009)
Arbitrary Code Execution via Type Confusion in Foxit Reader 9.0.1.1049
Arbitrary Code Execution via Type Confusion in Foxit Reader 9.0.1.1049
Arbitrary Code Execution via Type Confusion in Foxit Reader 9.0.1.1049
Weak Cryptographic Algorithms in IBM Security Guardium Big Data Intelligence (SonarG) 3.1: A Potential Decryption Vulnerability
Remote Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-6013)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.1049
Remote Code Execution Vulnerability in Foxit Reader 9.0.1.1049 via getField Method
Remote Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-6016)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-6017)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-6018)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-6019)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-6020)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-6021)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-6022)
PRNG State Duplication in IBM GSKit: Risk of Duplicate Session IDs and Key Material
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-6023)
Remote Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-6024)
Remote Code Execution Vulnerability in Foxit Reader 9.0.1.1049 via getURL Method
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-6026)
Arbitrary Code Execution via Type Confusion in Foxit Reader 9.0.1.1049 (ZDI-CAN-6027)
Arbitrary Code Execution via Type Confusion in Foxit Reader 9.0.1.1049
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.1049
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-6030)
Remote Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-6031)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.1049
GSKit Environment Variable Overflow Vulnerability
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.1049
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-6034)
Remote Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-6035)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-6036)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.1049
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-6038)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-6039)
Remote Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-6059)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-6058)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-6060)
Weak Cryptographic Algorithms in IBM GSKit (IBM DB2) - Vulnerability in Data Encryption
Arbitrary Code Execution via Foxit Reader 9.0.1.1049's exportAsFDF XFA Function
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-5757)
Remote Code Execution Vulnerability in Foxit Reader 9.0.1.1049 via FlateDecode Streams (ZDI-CAN-5763)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-5771)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-5773)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-5774)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-5770)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-5641)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-5642)
Remote Code Execution Vulnerability in Foxit Reader 9.0.1.5096
Cross-Site Scripting (XSS) Vulnerability in IBM MQ Appliance 9.0.1-9.0.4
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.5096
Remote Code Execution Vulnerability in Foxit Reader 9.0.1.5096 (ZDI-CAN-6231)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.5096 (ZDI-CAN-6232)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.1.0.5096 (ZDI-CAN-6233)
Arbitrary Code Execution via FileAttachment Annotations in Foxit Reader 9.0.1.5096
Integer Overflow in Foxit PhantomPDF Allows Remote Code Execution
Remote Code Execution Vulnerability in Foxit Reader 9.0.1.5096 via Circle Annotation Processing
Arbitrary Code Execution via FreeText Annotations in Foxit Reader 9.0.1.5096
Remote Code Execution Vulnerability in Foxit Reader 9.0.1.5096 via Manipulated Ink Annotations
Arbitrary Code Execution via Line Annotation Processing in Foxit Reader 9.0.1.5096
Cross-Site Scripting (XSS) Vulnerability in IBM API Connect 5.0.0.0 through 5.0.8.2
Arbitrary Code Execution via Reused Pointer in Foxit Reader 9.0.1.5096
Arbitrary Code Execution via Sound Annotation Processing in Foxit Reader 9.0.1.5096
Arbitrary Code Execution via Square Annotation Processing in Foxit Reader 9.0.1.5096
Arbitrary Code Execution via StrikeOut Annotation Processing in Foxit Reader 9.0.1.5096
Arbitrary Code Execution via Text Annotation Processing in Foxit Reader 9.0.1.5096
Arbitrary Code Execution via PolyLine Annotation Processing in Foxit Reader 9.0.1.5096
Remote Code Execution Vulnerability in Foxit Reader 9.0.1.5096
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.5096 (ZDI-CAN-6267)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.5096 (ZDI-CAN-6326)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.1.0.5096
GSKit Vulnerability in IBM Spectrum Scale: Local Attackers Can Gain Control and Modify Files
Arbitrary Code Execution Vulnerability in Foxit Reader 9.1.0.5096 (ZDI-CAN-6330)
Arbitrary Code Execution via XFA Events in Foxit Reader (ZDI-CAN-6331)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.5096 (ZDI-CAN-6332)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.5096
Arbitrary Code Execution via Annotation Handling in Foxit Reader 9.0.1.5096
Arbitrary Code Execution via Annotation Handling in Foxit Reader 9.0.1.5096
Remote Code Execution Vulnerability in Foxit Reader 9.0.1.5096 (ZDI-CAN-6351)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.1.0.5096 (ZDI-CAN-6683)
Remote Code Execution Vulnerability in Samsung Galaxy S8 G950FXXU1AQL5
Cross-Frame Scripting Vulnerability in IBM InfoSphere Information Server
Remote Code Execution Vulnerability in PoDoFo (ZDI-CAN-5673)
Default Admin Password Vulnerability in Oracle GlassFish Open Source Edition 5.0
Integer Underflow Vulnerability in MP4v2 2.0.0
Integer Overflow Vulnerability in MP4v2 2.0.0: Memory Corruption in MP4Array Resizing for ftyp Atom
Weak Permissions on Alcatel OSPREY3_MINI Modem Installer Allows Privilege Escalation
Remote Information Disclosure Vulnerability in Brynamics Online Trade - Online trading and cryptocurrency investment system
Race Condition Vulnerability in HTSlib 1.8 Allows Arbitrary File Overwrite via Symlink Attack
Unauthenticated File Read Vulnerability in IBM Storage Products
CSRF Vulnerability in XiaoCms X1 v20140305 Allows Unauthorized Password Change
User Mode Write Access Violation in Clementine Music Player 1.3.1
TeamViewer Unicode Password Storage Vulnerability
Arbitrary File Upload Vulnerability in joyplus-cms 1.6.0
Insecure Handling of Permissions in H2 1.4.197 Backup Function Allows Unauthorized File Access
Denial of Service Vulnerability in TP-Link WR840N Devices via Random MAC Address Packets
Signed Integer Overflow in CHECK Macro in mruby 1.4.1
Potential Buffer Overflow Vulnerability in Exiv2 0.26's geotag.cpp
Infinite Loop Vulnerability in Wireshark MMSE Dissector
Cross-Site Request Forgery Vulnerability in IBM Storage Products
Zlib Decompression Vulnerability in Wireshark
DICOM Dissector Offset Overflow Vulnerability
BGP Protocol Dissector Loop Vulnerability
ASN.1 BER Dissector Crash Vulnerability in Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15
Buffer Over-read Vulnerability in Wireshark ISMP Dissector
Vulnerability: Unauthorized Access to Graphical Sessions in SDDM
Stack-based Buffer Overflow in GNU Libextractor's ec_read_file_func (unzip.c)
Infinite Loop Vulnerability in GNU Libextractor's EXTRACTOR_mpeg_extract_method
Insecure File Permissions in libcgroup 0.41: Information Disclosure Vulnerability
Improper Handling of NO Response in Mutt and NeoMutt
DLL Hijacking Vulnerability in IBM Notes 8.5 and 9.0
Stack-based Buffer Overflow in Mutt and NeoMutt's imap/message.c
IMAP Status Mailbox Literal Count Size Mishandling Vulnerability
Stack-based Buffer Overflow in Mutt and NeoMutt's imap_quote_string Function
Integer Underflow in imap_quote_string Function
Arbitrary Command Execution via Backquote Characters in Mutt and NeoMutt
Directory Traversal Vulnerability in Mutt and NeoMutt
Zero-length UID Mishandling Vulnerability
Arbitrary Command Execution via Backquote Characters in Mutt and NeoMutt
Stack-based Buffer Overflow in Mutt and NeoMutt with Long RFC822.SIZE Field in FETCH Response
Buffer Overflow via Base64 Data
Stack-based Buffer Overflow in nntp_add_group in NeoMutt
Memory Allocation Failure in NeoMutt's nntp.c
Vulnerability: Unsafe Character Interaction in Mutt and NeoMutt
Improper Restriction of '/' Characters in NeoMutt's newsrc.c
Directory Traversal and Remote Code Execution in GitLab Projects Import Component
Open Redirect Vulnerability in Pulse Secure Pulse Connect Secure and Pulse Policy Secure
CoAP Protocol Dissector Null Pointer Dereference Vulnerability
Infinite Loop Vulnerability in Wireshark Bazaar Protocol Dissector
HTTP2 Dissector Crash Vulnerability in Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15
Arbitrary Code Execution Vulnerability in IBM Notes 8.5 and 9.0
IEEE 802.11 Protocol Dissector Buffer Over-read Vulnerability
Directory Traversal Vulnerability in Eclipse Mojarra's getLocalePrefix Function
Type Confusion Vulnerability in MP4Atom::factory in MP4v2 2.0.0
Arbitrary File Read Vulnerability in IBM Storage Products
XSS Vulnerability in Graylog Typeahead Components
Open Redirect Vulnerability in Pagekit before 1.0.14
XSS Vulnerability in InstantCMS 2.10.1's /redirect?url= Parameter
Weak XML Parser Configuration in Transition Technologies The Scheduler App 5.1.3 for Jira Allows XXE Vulnerability
Stored Cross-Site Scripting (XSS) Vulnerability in SEO Panel 3.13.0 and Earlier
Session Fixation Vulnerability in WonderCMS
XSS Vulnerability in joyplus-cms 1.6.0 via manager/admin_ajax.php can_search_device parameter
SQL Injection Vulnerability in joyplus-cms 1.6.0 via manager/admin_ajax.php val parameter
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6
XSS Vulnerability in MyBB New Threads Plugin 1.2
Denial of Service Vulnerability in FFmpeg's libavformat/movenc.c
Denial of Service Vulnerability in FFmpeg MOV Audio Format Conversion
Multiple Stored Cross-Site Scripting Vulnerabilities in Creme CRM 1.6.12
Multiple Stored Cross-Site Scripting Vulnerabilities in Creme CRM 1.6.12 Organization Creation Page
Creme CRM 1.6.12 - HTTP Referer Header Spoofing Vulnerability
Arbitrary PHP Code Execution via Image Upload in PHPCMS 9.6.0
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager (RQM) 5.0 - 6.0.6
Out-of-Bounds Read Vulnerability in AXML Parser's CopyData Function
Out-of-Bounds Write Vulnerability in axmldec 1.2.0
Type Confusion and Out-of-Bounds Memory Access Vulnerability in MP4v2 2.0.0
NULL Pointer Dereference Vulnerability in libxml2's xpath.c:xmlXPathCompOpEval() Function
Cross-Site Scripting (XSS) Vulnerability in IBM Application Performance Management - Response Time Monitoring Agent
Cross-Site Scripting (XSS) Vulnerability in idreamsoft iCMS 7.0.10
Command Injection Vulnerability in SoftNAS Cloud Web Administration Console
SQL Injection Vulnerability in Msvod Cms v10 via images/lists?cid= URI
XSS Vulnerability in MetInfo 6.0.0 via Modified Navigation Bar Name
Cross-Site Request Forgery Vulnerability in IBM Application Performance Management - Response Time Monitoring Agent (IBM Monitoring 8.1.4)
CSRF Vulnerability in MetInfo 6.0.0 Allows Unauthorized User Account Addition
Remote Code Execution in SeaCMS v6.61 via Movie Picture Address (v_pic)
XSS Vulnerability in SansCMS 0.7 via q Parameter in blog/index.php
Division-by-zero vulnerabilities in pi_next_pcrl, pi_next_cprl, and pi_next_rpcl functions in OpenJPEG through 2.3.0: Remote Denial of Service
Use-after-free vulnerability in GDM daemon allows for denial of service or potential code execution
Persistent XSS Vulnerability in Synacor Zimbra Collaboration Suite (ZCS) Zimbra Web Client (ZWC) 8.8.8 and 8.8.9
Local File Inclusion Vulnerability in man-cgi before 1.16
XML Parsing Vulnerability in IBM SAML-based Single Sign-On Systems
Cross-Site Scripting (XSS) Vulnerability in Mondula Multi Step Form Plugin for WordPress
OpenStack Keystone Federation Component Access Restriction Bypass Vulnerability
Memory Leak in ImageMagick 7.0.8-4: WriteMPCImage Colormap Vulnerability
Memory Leak in DecodeImage in ImageMagick 7.0.8-4's pcd.c
Memory Leak in ReadMIFFImage in ImageMagick 7.0.8-4
Memory Leak in parse8BIM in ImageMagick 7.0.8-4
Arbitrary Access Control Modification in Wireshark through 2.6.2
Floating-Point Mishandling in espritblock eos4j SDK Allows Unauthorized Currency Transfers
Cross-Site Scripting Vulnerability in IBM WebSphere Portal 8.5 and 9.0
SQL Injection Vulnerability in cckevincyh SSH CompanyWebsite
Arbitrary File Upload Vulnerability in cckevincyh SSH CompanyWebsite
Use-After-Free Remote Code Execution Vulnerability in Foxit Reader and PhantomPDF (V-88f4smlocs)
Remote Denial of Service Vulnerability in GNU LibreDWG 0.5.1036
Integer Overflow in dwgCompressor::decompress18 in libdxfrw 0.6.3
Denial of Service Vulnerability in Bento4 v1.5.1-624: Infinite Loop in AP4_File::ParseStream
Heap-based Buffer Overflow in MP4v2 2.1.0: MP4Integer32Property::Read Vulnerability
Out-of-Bounds Read Vulnerability in trim_whitespace function in libConfuse v3.2.1
NULL Pointer Dereference in Codec::parse in Untrunc
Out-of-Bounds Read Vulnerability in libgig 4.1.0
Cross-Site Scripting (XSS) Vulnerability in IBM WebSphere Portal 8.0.0 through 8.0.0.1, 8.5, and 9.0
Out-of-Bounds Read Vulnerability in libgig 4.1.0
Heap-based Buffer Overflow in libgig's RIFF::Chunk::Read Function
Out-of-Bounds Read Vulnerability in libgig 4.1.0
Heap-based Buffer Overflow in store16 function in libgig 4.1.0
Out-of-Bounds Read Vulnerability in libgig 4.1.0
Out-of-Bounds Write Vulnerability in libgig 4.1.0
Out-of-Bounds Write Vulnerability in libgig 4.1.0
Out-of-Bounds Write Vulnerability in libgig 4.1.0
Heap-based Buffer Overflow in store32 Function in libgig 4.1.0
Out-of-Bounds Write Vulnerability in libgig 4.1.0
Heap-Based Buffer Over-read in HDF HDF5 1.8.20 Library
Buffer Over-read Vulnerability in LDP Parser of tcpdump
Buffer Over-read Vulnerability in tcpdump's ICMP Parser
Buffer Over-read Vulnerability in VRRP Parser of tcpdump
Buffer Over-read Vulnerability in LMP Parser of tcpdump
Buffer Over-read Vulnerability in RSVP Parser of tcpdump
Buffer Over-read Vulnerability in Rx Parser of tcpdump
Buffer Over-read Vulnerability in tcpdump's BGP Parser
Buffer Over-read Vulnerability in FRF.16 Parser of tcpdump
Buffer Over-read Vulnerability in tcpdump's IKEv1 Parser
Weak Password Protection in GSKit (IBM Spectrum Protect and IBM Spectrum Protect Snapshot) CMS KDB Logic
Buffer Over-read Vulnerability in Babel Parser of tcpdump
NULL Pointer Dereference and SEGV Vulnerability in GNU LibreDWG 0.5.1048
SQL Injection in WUZHI CMS 4.1.0 via coreframe/app/order/admin/goods.php
XML External Entity (XXE) Injection Vulnerability in OCS Inventory 2.4.1
Open Redirection Vulnerability in Orange Forum 1.4.0 via next Parameter in views/auth.go
XSS Vulnerability in GeniXCMS 1.1.5 Installation Step 1
Cross-Site Scripting (XSS) Vulnerability in ecard.php of Coppermine Photo Gallery (CPG) 1.5.46
Arbitrary File Overwrite Vulnerability in IBM DB2 for Linux, UNIX and Windows
XSS Vulnerability in Osclass 3.7.4 via index.php Query String
Vulnerability: XXE Attacks in BlogEngine.NET 3.3 via metaweblog.axd POST Body
Cross-Site Scripting (XSS) Vulnerability in DNN (formerly DotNetNuke) 9.1.1 via XML
Local File Overwrite Vulnerability in IBM DB2 for Linux, UNIX and Windows
Stack-based Buffer Overflow in Tenda AC7, AC9, and AC10 Devices via long limitSpeed or limitSpeedup Parameter
Arbitrary Code Injection through Cross-Site Scripting (XSS) in Open-Audit Community 2.2.6 Groups Page
Historical Remote Command Injection Vulnerability in Vivotek FD8136 Devices
Vulnerability: Remote Command Injection in Vivotek FD8136 Devices
Stack-based Buffer Overflow in Vivotek FD8136 Devices Allows Remote Code Execution
XSS Vulnerability in Tenda D152 ADSL Routers via Crafted SSID
Heap-based Buffer Over-read and Application Crash in get_8bit_row in libjpeg-turbo and MozJPEG
XSS Vulnerability in HYBBS via Article Title
Arbitrary File Overwrite Vulnerability in IBM DB2 for Linux, UNIX and Windows
XSS Vulnerability in joyplus-cms 1.6.0 via manager/collect/collect_vod_zhuiju.php Keyword Parameter
SQL Injection Vulnerability in manager/admin_ajax.php in joyplus-cms 1.6.0
Arbitrary SQL Command Execution in Kiboko Chained Quiz Plugin for WordPress
Arbitrary Web Script Injection Vulnerability in Coremail XT 3.0
Cross-Site Scripting (XSS) Vulnerability in MantisBT 2.x through 2.15.0
DNS Rebinding Vulnerability in mitmproxy v4.0.3
Local File Overwrite Vulnerability in IBM DB2 for Linux, UNIX and Windows
Persistent XSS Vulnerability in WUZHI CMS 4.1.0 via form[nickname] Parameter
Persistent XSS Vulnerability in WUZHI CMS 4.1.0 via form[content] Parameter
SSRF Vulnerability in idreamsoft iCMS V7.0.9 Allows Unauthorized File Access and Intranet Exposure
SQL Injection Vulnerability in WUZHI CMS 4.1.0 via index.php?m=promote&f=index&v=search keywords Parameter
XSS Vulnerabilities in SeaCMS 6.61 Admin Config Form Fields
CSRF Vulnerability in Kirby 2.5.12 Delete Page Functionality
Local File Overwrite Vulnerability in IBM DB2 for Linux, UNIX and Windows
HTTP Request Injection Vulnerability in Kirby 2.5.12
SEGV Signal Vulnerability in Aubio 0.4.6
SEGV Signal Vulnerability in aubio_pitch_set_unit
Buffer Over-read Vulnerability in aubio 0.4.6
Double Free Vulnerability in GNU LibreDWG
EAPOL-Key Message Decryption Oracle Vulnerability
Insufficient XSS Protection in Feedback.asp of Xiao5uCompany 1.7
Default Admin Password Vulnerability in Invoxia NVX220 Devices
Invoxia NVX220 Devices: Restricted CLI Escape Vulnerability Exposes Password Hashes
File Upload Vulnerability in IBM Security Identity Manager Virtual Appliance 7.0
Heap Buffer Overflow Vulnerability in Bento4 1.5.1-624
Heap-based Buffer Over-read in Bento4 1.5.1-624
Privilege Escalation Vulnerability in Inteno IOPSYS via Symlink Manipulation
Failure to Enable HTTP Strict Transport Security in IBM InfoSphere Information Server 11.3, 11.5, and 11.7
Reflected and Stored XSS Vulnerabilities in PHP Scripts Mall Basic B2B Script 2.0.0
NULL Pointer Dereference Vulnerability in AP4_JsonInspector::AddField in Bento4 1.5.1-624
Invalid Memory Read Vulnerability in AP4_SampleDescription::GetFormat() in Bento4 1.5.1-624
Invalid Memory Read Vulnerability in AP4_SampleDescription::GetType() in Bento4 1.5.1-624
SEGV Vulnerability in libwav's wav_write Function
Cross-Site Request Forgery Vulnerability in IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3
Stack-based Buffer Overflow in Third-Party PNM Decoding in libpng 1.6.35
Uninitialized Variable in ReadMATImageV4 Function Leads to Memory Corruption
NULL Pointer Dereference in gdImageClone Function in libgd
Buffer Overflow Vulnerability in Tenda AC7, AC9, and AC10 Routers
Command Injection Vulnerability in Tenda AC7, AC9, and AC10 Devices
Buffer Overflow Vulnerability in Tenda AC7, AC9, and AC10 Routers' Web Server
XML External Entity Injection (XXE) Vulnerability in IBM Rhapsody DM 5.0 through 5.0.2 and 6.0 through 6.0.5
NULL Pointer Dereference in BasicModel Class
Memory Corruption Vulnerability in THULAC Library
SEGV Vulnerability in NGramFeature::find_bases in libthulac.so
Heap-based Buffer Over-read in NGramFeature::find_bases
Denial of Service Vulnerability in libxml2 2.9.8 with --with-lzma
TCP Stream Inspection Bypass Vulnerability in Suricata
IBM Rational DOORS 9.5.1 through 9.6.1.10 Privilege Escalation Vulnerability
Arbitrary Code Execution via File Upload Vulnerability in Niushop B2B2C Multi-business Basic Version V1.11
Arbitrary Code Execution Vulnerability in conference-scheduler-cli via Crafted .pickle File
TightRope Media Carousel Digital Signage LFI Vulnerability (CSL-1683)
Open Redirect Vulnerability in Django Middleware
Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) Vulnerabilities in Trash Bin Plugin 1.1.3 for MyBB
Integer Overflow Vulnerability in mintTokens Function of SunContract Smart Contract Implementation
Arbitrary PHP Code Execution and Sensitive Information Disclosure in GolemCMS
Local Privilege Escalation and DLL Hijacking Vulnerability in IBM DB2
Arbitrary Code Execution via Decompilation of .NET Objects
CSRF Vulnerability in BageCMS V3.1.3 Allows Unauthorized Addition of Background Administrator Account
CSRF Vulnerability in XYHCMS 3.5 Allows Unauthorized Addition of Background Administrator Account
Heap-based Buffer Over-read in Bento4 1.5.1-624: AP4_AvccAtom::Create
Heap-based Buffer Over-read in Bento4 1.5.1-624
SEGV Vulnerability in Bento4 1.5.1-624: AP4_Mpeg2TsAudioSampleStream::WriteSample
Buffer Over-read Vulnerability in Bento4 1.5.1-624
NULL Pointer Dereference in Bento4 1.5.1-624: AP4_DataBuffer::SetData Vulnerability
Heap-Based Buffer Over-Read in Bento4 1.5.1-624: AP4_Mp4AudioDsiParser::ReadBits Vulnerability
Stack Based Buffer Overflow in IBM DB2 for Linux, UNIX and Windows
SEGV Vulnerability in Bento4 1.5.1-624: AP4_Processor::ProcessFragments in Core/Ap4Processor.cpp
SQL Injection Vulnerability in CWJoomla CW Article Attachments PRO and CW Article Attachments FREE Extensions for Joomla!
Privilege Escalation Vulnerability in Open Ticket Request System (OTRS)
Denial of Service Vulnerability in Wancms 1.0 through 5.0
Information Disclosure Vulnerability in CA Technologies Identity Governance and CA Identity Suite Virtual Appliance
Buffer Overflow Vulnerability in XListExtensions in libX11
Off-by-one Error in XListExtensions Function: Potential DoS and Other Impacts
Local Privilege Escalation Vulnerability in IBM Netezza Platform Software
Out-of-Bounds Write Vulnerability in libX11: Potential DoS or Remote Code Execution
Denial of Service Vulnerability in GitLab Community and Enterprise Edition 11.1.x
Information Disclosure in GitLab Prometheus Metrics
CSRF Vulnerability in GitLab System Hooks Test Feature
XSS Vulnerability in GitLab CI/CD Pipeline Job Tooltip
XSS Vulnerability in GitLab Web IDE File Commit
Cross-Site Scripting (XSS) Vulnerability in GitLab Community and Enterprise Edition
Cleartext Transmission of Sensitive Customer Data in Thomson Reuters UltraTax CS 2017
Insecure Password Protection in Thomson Reuters UltraTax CS 2017 on Windows
Invalid Pointer Dereference in __del_reloc_root() in Btrfs Filesystem
Cross-Site Scripting (XSS) Vulnerability in IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize, and IBM FlashSystem Products
Out-of-Bounds Access in write_extent_buffer() in Btrfs File System
Use-after-free vulnerability in Linux kernel through 4.17.10 when mounting a crafted btrfs image
Invalid Pointer Dereference in Btrfs Root Node Mounting Vulnerability
Invalid Pointer Dereference in io_ctl_map_page() in Btrfs Image Mounting
Out-of-Bounds Access Vulnerability in f2fs Image Mounting
Buffer Overflow in truncate_inline_inode() in f2fs Image Unmounting
NULL Pointer Dereference in fscrypt_do_page_crypto() in Linux Kernel
NULL pointer dereference and panic in hfsplus_lookup() when opening a file in a malformed hfs+ filesystem
Buffer overrun vulnerability in Curl NTLM Authentication Code (CVE-2018-16890)
Vulnerability: Privilege Escalation via Null Skcipher in Linux Kernel
Unauthorized Access and File Manipulation Vulnerability in IBM Storage Products
Insecure Retrieval of RabbitMQ Clusterer Component in OpenStack Container Image Build
Infinite Loop Vulnerability in libtirpc before version 1.0.2-rc2
Null-Pointer Dereference Vulnerability in libtirpc before version 0.3.3-rc3
SQL Injection Vulnerability in Katello's Errata-Related API
Vulnerability: Denial of Service (DoS) in 389-ds-base
Race Condition Vulnerability in Linux Kernel's AF_VSOCK Protocol
Packet Cache Pollution Vulnerability in PowerDNS Server and Recursor
Insecure SSL Configuration in IIOP OpenJDK Subsystem in WildFly
LDAP Information Leak Vulnerability in Samba's Server
Samba LDAP Server Denial of Service Vulnerability
Unauthorized Access to System Files in IBM Storage Products
XML Import Vulnerability in Moodle Allows Remote Code Execution via ddwtos
Insufficient Filtering in Moodle Boost Theme's Blog Search Parameter Allows Reflected XSS
Out of Bound Write Vulnerability in OpenShift Container Platform
Stack Buffer Overflow Vulnerability in Linux Kernel's ISCSI Target Code
Privilege Escalation Vulnerability in Linux Kernel's create_elf_tables() Function
Linux Bridge ML2 Driver IP Address Bypass Vulnerability
Vulnerability: Live-migrated instances can inspect traffic of other instances on the same hypervisor
SAML Assertion Expiration Bypass Vulnerability in Keycloak
Remote Denial of Service Vulnerability in 389-ds-base
Unauthorized Access to Sensitive Information in IBM Storage Products
Remote Denial-of-Service Vulnerability in Linux Kernel 4.19-rc1 to 4.19-rc3
Undertow Information Leak Vulnerability: Incomplete Header Write
Title: Remote Command Execution Vulnerability in Foreman's smart_proxy_dynflow Component
PowerDNS Recursor DNSSEC Validation Bypass Vulnerability
HPACK Decoder Out-of-Bounds Read Vulnerability in HAProxy
NULL pointer dereference vulnerability in __netlink_ns_capable() function in Linux kernel before 4.15-rc8
Expat Hash Collision Denial of Service Vulnerability in Python
Denial of Service Vulnerability in 389 Directory Server
Privilege Escalation Vulnerability in Red Hat Ceph Storage 2 and 3
Private Key Exposure Vulnerability in IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize, and IBM FlashSystem Products
Improper Default Permissions in sos-collector Allows Unauthorized Data Access
Incomplete Fix for Multiple Vulnerabilities in GlusterFS Allows Remote Code Execution and Denial of Service
Buffer Overflow Vulnerability in Gluster File System's 'features/index' Translator
Heap-based Buffer Overflow in Gluster File System's '__server_getspec' Function
Arbitrary File Creation Vulnerability in Gluster File System
Arbitrary JavaScript Injection via 'state' Parameter in Keycloak Authentication URL
Arbitrary Kernel Address Dump Vulnerability in Linux Kernel's show_opcodes()
Improper Brute Force Detection Implementation in Keycloak 4.2.1.Final and 4.3.0.Final
Open Redirection Vulnerability in JBOSS Keycloak 3.2.1.Final
Denial of Service Vulnerability in Gluster File System via 'GF_XATTR_IOSTATS_DUMP_KEY' Xattr
Weak Cryptographic Algorithms in IBM Storage Products (X-Force ID: 140397)
Multiple Lock Creation Vulnerability in GlusterFS Server
Format String Vulnerability in GlusterFS Server 3.8.4
Ceph Vulnerability: Unauthorized Access to dm-crypt Encryption Keys
Remote Code Execution Vulnerability in PowerDNS DNSDist
Stored Cross-Site Scripting Vulnerability in Foreman 1.18
Privilege Escalation Vulnerability in xorg-x11-server
Smart Class Feature Allows Unauthorized Configuration Changes in Red Hat Satellite 6
Expression Language (EL) Injection in RichFaces Framework 3.X through 3.3.4 via UserResource Resource
Arbitrary Symbol Injection in ClickHouse remote Table Function Leading to Cross Protocol Request Forgery Attacks
Arbitrary File Read Vulnerability in ClickHouse MySQL Client
Unauthenticated Access to Internal Cluster Details in IBM Storwize V7000 Unified Management Web Interface 1.6
Unauthorized Use of ClickHouse Database Due to Incorrect Configuration in Deb Package
Arbitrary Shared Object Loading Vulnerability in ClickHouse before 18.10.3
Arbitrary File Read Vulnerability in ClickHouse Functions for Loading CatBoost Models
Denial of Service and Privilege Escalation Vulnerability in Linux Kernel through 4.17.11 and Xen through 4.11.x
Off-by-one Error in CHM PMGI/PMGL Chunk Number Validity Checks Leading to Denial of Service
Unauthorized Access to Internal Environment and Sensitive API Details in IBM API Connect 5.0.8.1 and 5.0.8.2
Blank CHM Filenames Vulnerability
Buffer Overwrite Vulnerability in libmspack
Off-by-one Error in CHM Decompression Macro
Cross Site Scripting (XSS) Vulnerability in PRTG WEBGUI (before 19.1.49.1966)
Arbitrary File Read Vulnerability in Gxlcms v1.1.4
Stored XSS Vulnerability in XYCMS 1.7 via Crafted add_do.php Request in system/edit_book.php
Stored Cross-Site Scripting Vulnerabilities in Subsonic 6.1.1 Internet Radio Settings
Stored Cross-Site Scripting Vulnerabilities in Subsonic 6.1.1 Transcoding Settings
Unauthenticated Remote Command Execution in IBM API Connect Developer Portal
Stored Cross-Site Scripting Vulnerabilities in Subsonic 6.1.1 General Settings
Stored Cross-Site Scripting Vulnerabilities in Subsonic 6.1.1 Music Tags Feature
Unauthenticated Information Disclosure in Drobo 5N2 NAS 4.0.5-13.28.96115
Unauthenticated Information Disclosure in Drobo 5N2 NAS 4.0.5-13.28.96115
Cross-Site Scripting (XSS) in Drobo 5N2 NAS version 4.0.5-13.28.96115 via /DroboAccess/enable_user endpoint
Cross-Site Scripting (XSS) in Drobo 5N2 NAS version 4.0.5-13.28.96115 via /DroboAccess/delete_user endpoint
System Command Injection in Drobo 5N2 NAS Version 4.0.5-13.28.96115 via /DroboAccess/enable_user Endpoint
Information Disclosure Vulnerability in IBM Sterling File Gateway
Unauthenticated Retrieval of MySQL Log Files in Drobo 5N2 NAS 4.0.5-13.28.96115
Command Injection in Drobo 5N2 NAS Version 4.0.5-13.28.96115 via /DroboAccess/delete_user Endpoint
Unauthenticated Information Disclosure in Drobo 5N2 NAS 4.0.5-13.28.96115
Unauthenticated Retrieval of MySQL Database Root Password in Drobo 5N2 NAS Version 4.0.5-13.28.96115
Cross-Site Scripting Vulnerability in Drobo 5N2 NAS 4.0.5-13.28.96115
Unauthenticated Access and Control Vulnerability in Drobo 5N2 4.0.5
Command Injection in Drobo 5N2 NAS Version 4.0.5-13.28.96115
Arbitrary File Upload Vulnerability in Drobo Pix Web Application on Drobo 5N2 NAS
Insecure Transport Protocol Vulnerability in Drobo 5N2 NAS Version 4.0.5-13.28.96115
Insecure Token Generation Allows Authentication Bypass in Drobo 5N2 NAS Dashboard API
Cross-Site Scripting (XSS) Vulnerability in ASUS RT-AC3200 Version 3.0.0.4.382.50010
Missing Cross-Site Request Forgery (CSRF) Protection in ASUS RT-AC3200 Version 3.0.0.4.382.50010
Buffer Overflow Vulnerability in ASUS RT-AC3200 Version 3.0.0.4.382.50010's appGet.cgi
Format String Vulnerability in appGet.cgi on ASUS RT-AC3200 Version 3.0.0.4.382.50010
Command Injection Vulnerability in ASUS RT-AC3200 Version 3.0.0.4.382.50010
Predictable Random Number Generation in Cryptogs Smart Contract Implementation
Server Side Template Injection (SSTI) in SEOmatic Plugin for Craft CMS before 3.1.4
Arbitrary Code Execution Vulnerability in FasterXML Jackson-databind 2.x
Remote Code Execution Vulnerability in FasterXML Jackson-databind 2.x
XML External Entity (XXE) Vulnerability in FasterXML jackson-databind 2.x before 2.9.7
Server-side Request Forgery (SSRF) Vulnerability in FasterXML jackson-databind 2.x before 2.9.7
Privilege Escalation via Specially Crafted Filesystem Label in btrfsmaintenance
XSS Vulnerability in Ban List Plugin 1.0 for MyBB
SSRF Vulnerability in Responsive FileManager 9.13.1 via upload.php
Remote Code Execution in Discuz! 2.5 and 3.4 via Database Backup Feature
Cross-Site Scripting Vulnerability in IBM BigFix Platform 9.2 and 9.5
WebSocket Server Origin Validation Bypass in Browserify-HMR
WebSocket Server Origin Validation Bypass in Parcel parcel-bundler
WebSocket Server Origin Validation Bypass in webpack-dev-server
ReDoS Vulnerability in Odoo Community Association (OCA) dbfilter_from_header Module
Use-after-free vulnerability in ucma_leave_multicast in Linux kernel through 4.17.11
Information Exposure via Crafted Message in Hitachi Command Suite 8.5.3
Buffer Over-read Vulnerability in libpbc.a
NULL Pointer Dereference in pbc_wmessage_string in libpbc.a
SEGV Vulnerability in libpbc.a: pbc_rmessage_message in rmessage.c
SEGV Vulnerability in libpbc.a: pbc_pattern_set_default in pattern.c
IBM BigFix Platform Multiple Versions HTTP Response Splitting Vulnerability
SEGV Vulnerability in libpbc.a: set_field_one in bootstrap.c
SEGV Vulnerability in cloudwu PBC Library
SEGV Vulnerability in libpbc.a: memcpy in set_field_one in bootstrap.c
SEGV Vulnerability in libpbc.a's wiretype_decode in context.c
Use-After-Free Vulnerability in libpbc.a's _pbcM_sp_query in map.c
Buffer Overflow in bcmdhd4358 Wi-Fi Driver on Samsung Galaxy S6 SM-G920F (SVE-2018-12029)
Remote Command Injection Vulnerability in QTS NAS Software
Remote Crash Vulnerability in QTS Media Server
Remote Power Off Vulnerability in QTS NAS Software
Unspecified Impact Buffer Overflow Vulnerability in QTS NAS Software
Inadequate Account Lockout Setting in IBM BigFix Platform 9.2 and 9.5
Information Disclosure Vulnerability in IBM BigFix Platform
Double To Header Denial of Service and Arbitrary Code Execution Vulnerability
Arbitrary Code Execution Vulnerability in VIVOTEK FD8*, FD9*, FE9*, IB8*, IB9*, IP9*, IZ9*, MS9*, SD9*, and Other Devices
CSRF Vulnerability in VIVOTEK FD8177 Devices
Arbitrary Code Execution Vulnerability in VIVOTEK FD8177 Devices via ONVIF Interface
Arbitrary Code Execution Vulnerability in VIVOTEK FD8177 Devices via eventscript.cgi
Authenticated Remote Code Execution via Command Injection in Pydio 4.2.1 through 8.2.1
Vulnerability: Path Override via IIS Headers in Symfony
Host Header Injection Vulnerability in Symfony HttpKernel
Local Denial of Service Vulnerability in tss_alloc in OpenBSD 6.2 and 6.3
XSS Vulnerability in Click Studios Passwordstate before 8.3 Build 8397
XSS Vulnerability in DataLife Engine (DLE) 13.0
Buffer Overflow Vulnerability in Yubico-Piv 1.5.0 Smartcard Driver
Click Hijacking Vulnerability in IBM BigFix Platform
Out-of-bounds read vulnerability in Yubico-Piv 1.5.0 smartcard driver
Vulnerability: Wireless Transmission Capture-Replay Attack on Medtronic Insulin Pumps
Unauthenticated Access to Configuration Files and Profiles in NetComm Wireless G LTE Light Industrial M2M Router (NWL-25)
Cross-Site Request Forgery Vulnerability in NetComm Wireless G LTE Light Industrial M2M Router (NWL-25)
Cross-Site Scripting Vulnerabilities in NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) Firmware 2.0.29.11 and Prior
Open Directory Listing Vulnerability in NetComm Wireless G LTE Light Industrial M2M Router (NWL-25)
Improper Authentication Vulnerability in BD Alaris Plus Syringe Pumps
Arbitrary Code Execution Vulnerability in Philips' IntelliSpace Cardiovascular (ISCV) Products
Buffer Overflow Information Disclosure Vulnerability in Fuji Electric Alpha5 Smart Loader Versions 3.7 and Prior
Unquoted Search Path Vulnerability in Philips' IntelliSpace Cardiovascular (ISCV) Products
Cross-Site Request Forgery Vulnerability in IBM BigFix Platform 9.2 and 9.5
Buffer Over-read Vulnerability in Fuji Electric FRENIC LOADER v3.3 v7.3.4.1a
Vulnerability: Unauthorized Modification of Executable and Library Files in Emerson DeltaV DCS Versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, R5
Code Execution Vulnerability in WECON PLC Editor version 1.3.3U
Buffer Overflow Exploit in DeltaV Versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, and R5
Heap-based Buffer Overflow in Fuji Electric Alpha5 Smart Loader Versions 3.7 and Prior
Path Validation Vulnerability in DeltaV Versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, and R5
Remote Unauthenticated Reboot Vulnerability in Tec4Data SmartCooler
DLL Hijacking Vulnerability in Emerson DeltaV DCS Versions 11.3.1, 12.3.1, 13.3.0, 13.3.1, R5
Information Disclosure Vulnerability in Fuji Electric FRENIC LOADER v3.3 v7.3.4.1a
Unsanitized User Data Input Vulnerability in Philips PageWriter Cardiographs
Missing 'HttpOnly' Attribute on Authorization Tokens and Session Cookies in IBM BigFix Platform
Stack Buffer Overflow in Delta Electronics ISPSoft Version 3.0.5 and Prior
Superuser Password Vulnerability in Philips PageWriter Cardiographs
Arbitrary Remote Code Execution in Fuji Electric FRENIC LOADER v3.3 v7.3.4.1a
Banner Disclosure Vulnerability in Philips e-Alert Unit (Non-Medical Device) Version R2.1 and Prior
Arbitrary Remote Code Execution Vulnerability in Emerson AMS Device Manager v12.0 to v13.5
Unauthorized Access Vulnerability in ABB eSOMS Version 6.0.2 with LDAP Anonymous Authentication
Path Traversal Vulnerability in Advantech WebAccess 8.3.1 and Earlier: Arbitrary Code Execution
Remote Code Execution Vulnerability in Opto 22 PAC Control Software
Privilege Escalation Vulnerability in Emerson AMS Device Manager v12.0 to v13.5
Use After Free Vulnerability in Fuji Electric V-Server 4.0.3.0 and Prior, Allowing Remote Code Execution
Sensitive Information Disclosure in IBM BigFix Platform
Code Execution Vulnerability in WECON PI Studio HMI Versions 4.1.9 and Prior
Untrusted Pointer Dereference Vulnerabilities in Fuji Electric V-Server 4.0.3.0 and Prior Versions
Fuji Electric Energy Savings Estimator DLL Hijacking Vulnerability
Heap-Based Buffer Overflow Vulnerability in Fuji Electric V-Server 4.0.3.0 and Prior: Remote Code Execution Risk
Improper Validation of User-Supplied Data in WECON Technology PI Studio HMI and PI Studio Versions
Out-of-Bounds Write Vulnerabilities in Fuji Electric V-Server 4.0.3.0 and Prior Versions
Stack-based Buffer Overflow Vulnerabilities in Advantech WebAccess 8.3.1 and Earlier
Integer Underflow Vulnerability in Fuji Electric V-Server 4.0.3.0 and Prior: Remote Code Execution
Stack-Based Buffer Overflow Vulnerability in WECON Technology Co., Ltd. PI Studio HMI and PI Studio
Out-of-Bounds Read Vulnerability in Fuji Electric V-Server 4.0.3.0 and Prior
Arbitrary File Deletion Vulnerability in Advantech WebAccess 8.3.1 and Earlier
Remote Denial of Service (DoS) Vulnerability in Rockwell Automation RSLinx Classic Versions 4.00.01 and Prior
EMG12 Web Interface Information Exposure and Code Execution Vulnerability
Stack-Based Buffer Overflow Vulnerability in Fuji Electric V-Server 4.0.3.0 and Prior
Out-of-Bounds Read Vulnerability in Delta Industrial Automation PMSoft v2.11 or Prior
Elevated System Privileges Vulnerability on Honeywell Mobile Computers
Authentication Bypass Vulnerability in Entes EMG12 Versions 2.57 and Prior
RSLinx Classic Versions 4.00.01 and Prior: Remote Denial of Service Vulnerability
Improper Privilege Management Vulnerability in Advantech WebAccess 8.3.1 and Earlier
Remote Code Execution and Denial of Service Vulnerability in Rockwell Automation RSLinx Classic Versions 4.00.01 and prior
Cross-Site Scripting Vulnerability in IBM WebSphere Portal 8.5 and 9.0
Arbitrary File Read Vulnerability in DamiCMS v6.0.0
Intuit Lacerte 2017 Vulnerability: Incorrect Access Control
Stored XSS Vulnerability in Subrion CMS v4.2.1: Unescaped Tooltip Information Displayed in Multiple Areas
Improper Access Control in Subrion 4.2.1 Allows Unauthorized Access to Admin Panel
XSS Vulnerability in Wolf CMS 0.8.3.1 Snippets Tab
Stored XSS Vulnerability in rejucms 2.1 via admin/book.php Content Parameter
Remote Command Execution Vulnerability in LG N1A1 NAS 3718.510
Insecure Cookie Handling in IBM BigFix Platform 9.2.0 - 9.2.14 and 9.5 - 9.5.9
XSS Vulnerability in Subrion CMS 4.2.1: Unfiltered .html File Uploads
Multiple Stored XSS Vulnerabilities in Mondula Multi Step Form Plugin for WordPress
Directory Traversal Vulnerability in MikroTik RouterOS WinBox Interface Allows Unauthorized File Access and Modification
Cross-Site Scripting (XSS) Vulnerability in Tiki (versions before 18.2, 15.7, and 12.14) via Link Attributes
Session Fixation/Hijacking Vulnerability in IBM BigFix Platform 9.2.0 - 9.2.14 and 9.5 - 9.5.9
Stored XSS Vulnerabilities in Tiki: Privilege Escalation via Mouse Hover
Out-of-Bounds Read Vulnerability in PHP's exif_process_IFD_in_MAKERNOTE Function
Out-of-bounds Array Access Vulnerability in Samsung Galaxy S6 Wi-Fi Driver
NULL Pointer Dereference Vulnerability in bcmdhd4358 Wi-Fi Driver on Samsung Galaxy S6 (SVE-2018-11783)
Buffer Overflow Vulnerability in Samsung Galaxy S6 Wi-Fi Driver (SVE-2018-11785)
Buffer Overflow Vulnerability in Samsung Galaxy S6 Wi-Fi Driver (SVE-2018-11785)
Buffer Overflow Vulnerability in Samsung Galaxy S6 Wi-Fi Driver (SVE-2018-11785)
Unrestricted File Upload Vulnerability in OCS Inventory NG OCS Inventory Server
Incomplete Fix for SSRF Vulnerability in idreamsoft iCMS
Insecure Access Control in Password Reset Component of Odoo Community and Enterprise 11.0 and Earlier
Arbitrary Code Execution Vulnerability in Odoo Community and Enterprise 11.0 and Earlier
CSV Export Vulnerability in Odoo Community and Enterprise 10.0 and 11.0: Unauthorized Access to Hashed Passwords
Arbitrary Menuitem Deletion Vulnerability in Odoo Community and Enterprise 11.0 and Earlier
Privilege Escalation via Insecure Access Control in Odoo Community and Enterprise
Arbitrary Web Script Injection via Crafted Attachment in Odoo Community and Enterprise
Insecure Document Handling in Odoo Community and Enterprise 9.0-11.0
Improper Access Control in Odoo TransientModel Framework
Insecure Access Control and Message Spoofing in Odoo Portal Messaging System
Improper Access Control Allows Unauthorized Password Changes in Odoo Community 9.0 and Odoo Enterprise 9.0
Cross-Site Scripting (XSS) Vulnerability in PHP Template Store Script 3.0.6
Shared Library Loading Vulnerability in IBM DB2 for Linux, UNIX, and Windows
Reinstall Vulnerability in Rincewind 0.1 Allows Data Reset
Cross-Site Scripting (XSS) Vulnerability in Rincewind 0.1
SQL Injection Vulnerability in Polaris FT Intellect Core Banking 9.7.1 Armor Module
Reflected XSS Vulnerability in Polaris FT Intellect Core Banking 9.7.1
Uninitialized Stack Frame Vulnerability in FLIF Image Format
Cross-Site Scripting (XSS) Vulnerability in WeaselCMS v0.3.5 via SETTINGS Page
Deserialization of Untrusted Data in JetBrains dotPeek and ReSharper Ultimate Allows Code Execution
Buffer Overflow Vulnerability in tcpdump Command-Line Argument Parser
Buffer Overflow Vulnerability in IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5 and 11.1
Buffer Over-read Vulnerability in OSPFv3 Parser
Buffer Over-read Vulnerability in BGP Parser of tcpdump
Buffer Over-read Vulnerability in ICMPv6 Parser of tcpdump
Integer Overflow Vulnerability in PHP exif_thumbnail_extract Function
Segmentation Fault Vulnerability in PHP HTTP Response Parsing
Database Dump Restoration Vulnerability in Odoo Community and Enterprise 10.0 and 11.0
Local File Inclusion Vulnerability in Odoo Community and Enterprise 11.0
Improper Host Header Sanitization Vulnerability in Odoo Community and Enterprise 11.0
Cross-Site Scripting (XSS) Vulnerability in Eldenroot Thank You/Like Plugin for MyBB
Local Code Execution Vulnerability in CouchDB in Vectra Networks Cognito Brain and Sensor
Cross-Site Scripting (XSS) Vulnerability in Vectra Networks Cognito Brain and Sensor Web Management Console
Local Privilege Escalation Vulnerability in Vectra Networks Cognito Brain and Sensor before 4.3
Cross-Site Request Forgery (CSRF) Vulnerability in ZyXEL NSA325 V2 version 4.81
Command Injection Vulnerability in ZyXEL NSA325 V2 (v4.81) Zyshclient
Bypassing Access Restrictions and Executing Blocked Applications in CyberArk Endpoint Privilege Manager 10.2.1.603 and Earlier
HTML Injection Vulnerability in EPSON WF-2750 Printer's AirPrint Setup Page
Unfiltered Print Job Vulnerability on EPSON WF-2750 Printers
Hard-coded API and Secret Keys in EPSON iPrint Android App for Dropbox, Box, Evernote, and OneDrive Services
Improper Data Access in EPSON iPrint Android App Allows Unauthorized Document Reading
Firmware Vulnerability in EPSON WF-2750 Printers: Remote Code Execution and Printer Malfunction
Multiple Unauthenticated XSS Vulnerabilities in Samsung Syncthru Web Service V4.05.61
Reflected XSS Vulnerability in 3CX Version 15.5.8801.3 Web Server
Reflected XSS Vulnerability in 3CX Version 15.5.8801.3 Web Server
3CX Version 15.5.8801.3 Web Server Information Leakage Vulnerability
CSRF Vulnerability in Samsung Syncthru Web Service V4.05.61
Remote Code Execution in SeaCMS v6.61 via IP Whitelist Bypass
File Upload Vulnerability in ukcms v1.1.7 and Earlier: Unrestricted File Type Upload
Directory Traversal Vulnerability in cgit_clone_objects in CGit before 1.2.1
Arbitrary File Deletion Vulnerability in LOYTEC LGATE-902 6.3.2 Devices
Directory Traversal Vulnerability in LOYTEC LGATE-902 6.3.2 Devices
XSS Vulnerability in LOYTEC LGATE-902 6.3.2 Devices
Session Hijacking Vulnerability in IBM Jazz Foundation Products
Cross-Site Scripting (XSS) Vulnerabilities in Monstra CMS 3.0.4 via Edit Profile Page
Arbitrary Code Execution Vulnerability in uniview EZPlayer 1.0.6
Stored XSS Vulnerability in Matera Banco 1.0.0: User Fullname Field
Vulnerability in Matera Banco 1.0.0: Mishandling of Java Errors and Exposure of net.sf.acegisecurity Components
CSRF Vulnerability in Matera Banco 1.0.0: /contingency/web/messageSend/messageSendHandler.jsp
Path Traversal Vulnerability in Matera Banco 1.0.0
Unauthenticated File Access Vulnerability in /contingency/servlet/ServletFileDownload
Multiple Reflected XSS Vulnerabilities in Matera Banco 1.0.0
CSRF Vulnerability in Polaris FT Intellect Core Banking 9.7.1 Armor Module
Open Redirect Vulnerability in Polaris FT Intellect Core Banking 9.7.1
Remote Command Execution Vulnerability in NUUO NVRmini Devices via upgrade_handle.php
Incorrect Access Control in Polycom Trio Devices Allows Unauthorized Audio Recording via Bluetooth
XSS Vulnerability in Polycom Trio Web Administration Console
XSS Vulnerability in Add Page Title Field of Little Forum 2.4.12
XSS Vulnerability in Add Page Option of Little Forum 2.4.12 via Menu Link Field
Integer Overflow Vulnerability in TCPFLOW
Buffer Overflow Vulnerability in LibreOffice's get_app_path Function
Cross-Site Scripting (XSS) Vulnerability in IBM DOORS Next Generation (DNG/RRC) 5.0 through 5.0.2 and 6.0 through 6.0.5
Denial of Service Vulnerability in PHPCMS 9 via Large Parameters in api.php?op=checkcode Request
Harmonic NSG 9000 Devices Source Code Disclosure Vulnerability
Directory Traversal Vulnerability in Harmonic NSG 9000 Devices
Default Password Vulnerability in Harmonic NSG 9000 Devices
SEGV Vulnerability in jpeg_encoder: Out-of-Bounds Write in readFromBMP Function
Heap-based Buffer Overflow in readFromBMP Function of jpeg_encoder.cpp
Mismatched Memory Management Routines in PDF2JSON 0.69's HtmlString Class
Mismatched Memory Management Routines in PDF2JSON 0.69's XmlFontAccu::CSStyle
Mismatched Memory Management Routines in dilawar sound through 2017-11-27
Arbitrary File Overwrite Vulnerability in IBM FlashSystem V840 and V900
Cross-Site Scripting (XSS) Vulnerability in SquirrelMail 1.4.22 via <svg><a xlink:href= Attack
Cross-Site Scripting (XSS) Vulnerability in SquirrelMail 1.4.22 via <form action='data:text Attack
XSS Vulnerability in SquirrelMail 1.4.22 via <math><maction xlink:href= Attack
XSS Vulnerability in SquirrelMail 1.4.22 via <math xlink:href= Attack
XSS Vulnerability in SquirrelMail Mail Message Display Page
XSS Vulnerability in SquirrelMail: SVG Animation Exploit
Multiple SQL Injection Vulnerabilities in CMS ISWEB 3.5.3
Directory Traversal and Local File Download Vulnerability in CMS ISWEB 3.5.3
CSRF Vulnerability Allows Unauthorized Website Settings Modification in WeaselCMS v0.3.5
CSRF Vulnerability Allows Creation of New Pages in WeaselCMS v0.3.5
Cross-Site Scripting (XSS) Vulnerability in IBM Content Navigator 2.0.3 - 3.0.3
CSRF Vulnerability in Xiao5uCompany 1.7 via admin/Admin.asp
SQL Injection Vulnerability in zzcms 8.3 via dl_sendmail.php
Stored XSS Vulnerability in zzcms 8.3: user/manage.php and zt/show.php
CSRF Vulnerability in zzcms 8.3 via admin/adminadd.php?action=add URI
Cross-Site Scripting (XSS) Vulnerability in EMLsoft 5.4.5 via eml/upload/eml/?action=address&do=edit Page
CSRF Vulnerability in EMLsoft 5.4.5
CSRF Vulnerability in EMLsoft 5.4.5
SQL Injection in EMLsoft 5.4.5 via numPerPage parameter in action.user.php
SQL Injection in EMLsoft 5.4.5 via numPerPage parameter in action.address.php
XSS Vulnerability in QCMS 3.0.1 upload/System/Controller/backend/system.php
XSS Vulnerability in QCMS 3.0.1 Slideshow Controller
Cross-Site Scripting (XSS) Vulnerability in QCMS 3.0.1
Cross-Site Scripting (XSS) Vulnerability in QCMS 3.0.1
Cross-Site Scripting (XSS) Vulnerability in QCMS 3.0.1
Cross-Site Scripting (XSS) Vulnerability in QCMS 3.0.1
Cross-Site Scripting (XSS) Vulnerability in QCMS 3.0.1 Album Controller
XSS Vulnerability in QCMS 3.0.1 Backend Category Controller
Cross-Site Scripting (XSS) Vulnerability in QCMS 3.0.1 guest.php
CSRF Vulnerability in QCMS 3.0.1 via backend/user/admin/add.html URI
Vulnerability: Unauthorized Access to Bugreport and Wi-Fi Passwords on ASUS ZenFone 3 Max
Vulnerability: User Credentials Stored in Plain Text in IBM Security Guardium EcoSystem 10.5
Vulnerability: Unauthorized Screenshot Capture and Notification Access on ASUS ZenFone 3 Max
LG Device SystemUI Application Intents Access Control Vulnerability
LG GNSS Application Incorrect Access Control Vulnerability
Vulnerability: Unauthorized Screenshot Capture and Notification Access on Sony Xperia L1 Android Device
Vulnerability: Unrestricted Text Message Sending in Leagoo Z5C Android Device
Vulnerability: Unprotected Broadcast Receiver Allows Unauthorized Factory Reset
Vulnerability: Unrestricted Access to Text Messages in Leagoo Z5C Android Device
Vulnerability: Unprotected Dynamic Registration of MasterClearReceiver Broadcast Receiver Component
Vulnerability: Inoperable Device via SystemRestoreReceiver Broadcast Receiver
Vulnerability: Unprotected Broadcast Receiver Allows Unauthorized Factory Reset on Plum Compass Android Device
Vulnerability: Pre-installed RCS App Allows Unauthorized Text Messaging and Deletion
Vulnerability: Pre-installed RCS App Allows Unauthorized Access to Text Messages
Vulnerability: Arbitrary App Installation and Uninstallation via com.asus.dm.installer.DMInstallerService
Vulnerability: Arbitrary Command Execution via ASUS Zenfone V Live and ZenFone 3 Max
Vulnerability: Unprotected Pre-installed App Component Allows Unauthorized Factory Reset
Vulnerability: Unauthorized Access to Modem and Logcat Logs on ZTE Android Devices
Arbitrary Command Execution and Audio Recording Vulnerability on Oppo F5 Android Device
Vulnerability: Unauthorized Screenshot Capture and Notification Access on Leagoo P1 Android Device
Hidden Root Privilege Escalation Vulnerability in Leagoo P1 Android Device
Vulnerability: Unprotected Pre-installed App Allows Unauthorized Factory Reset
Vivo V7 Android Device Screen Recording Vulnerability
Vulnerability: Unauthorized Log File Writing in Vivo V7 Android Device
Vulnerability: Unauthorized Access to User's Touch Coordinates via Vivo V7 Device
Vulnerability: Unprotected Pre-installed App Component Allows Unauthorized Factory Reset
Vulnerability: Log Leakage and Unauthorized Access in Coolpad Canvas Device
Vulnerability: Unprotected Broadcast Receiver Allows Unauthorized Factory Reset
ZTE ZMAX Champ Android Device Crash Loop Vulnerability
Vulnerability: Arbitrary Command Execution via com.fw.upgrade.sysoper App
Missing Security Controls in IBM Security Guardium 10.5, 10.6, and 11.0: Unauthorized Access to Sensitive Information
Cross-Site Scripting (XSS) Vulnerability in IBM Content Manager Enterprise Edition Resource Manager 8.4.3 and 9.5
IBM WebSphere MQ Header Manipulation Vulnerability
Remote Click Hijacking Vulnerability in IBM i2 Enterprise Insight Analysis 2.1.7
Local File Disclosure Vulnerability in IBM i2 Enterprise Insight Analysis 2.1.7
Cross-Site Scripting (XSS) Vulnerability in IBM DOORS Next Generation (DNG/RRC) 6.0.5
Certificate Validation Vulnerability in IBM Security Guardium EcoSystem 10.5
Denial of Service and Potential Impact in libpango
CSRF Vulnerability in Auth0 auth0-aspnet and auth0-aspnet-owin
Code Execution Vulnerability in Progress Telerik JustAssembly and JustDecompile
Insecure Configuration Storage in Zipato Zipabox Smart Home Controller: Remote Attack Vector and Device Takeover Vulnerability
Vulnerability: Weak Hashing Algorithm in Zipato Zipabox Smart Home Controller BOARD REV - 1 with System Version -118
Zipato Zipabox Smart Home Controller: Sensitive Information Disclosure Vulnerability
Heap Use-After-Free Vulnerability in LibVNC Server Code Allows Remote Code Execution
Heap Out-of-Bound Write Vulnerability in LibVNC Server Code for File Transfer Extension
Remote Code Execution Vulnerability in Polycom Group Series, HDX, and Pano
XSS Vulnerability in ThinkSAAS (index.php?app=article&ac=comment&ts=do content parameter)
Cross-Site Scripting (XSS) Vulnerability in IBM Sterling B2B Integrator Standard Edition 5.2.0 - 5.2.6
XSS Vulnerability in ThinkSAAS (index.php?app=group&ac=create&ts=do groupdesc parameter)
Account Number Enumeration Vulnerability
Open_basedir check bypass vulnerability in PHP on Windows
Untrusted X-XSRF-TOKEN Remote Code Execution Vulnerability in Laravel Framework
Improper Input Validation in TitanHQ SpamTitan Allows Internal Attackers to Bypass Anti-Spam Filter
Remote Code Execution Vulnerability in CeLa Link CLR-M20 Devices via WebDAV PUT Method
Directory Traversal Vulnerability in Ericsson-LG iPECS NMS 30M
Arbitrary PHP Code Execution via Unrestricted File Upload in OpenEMR
Cross-Site Request Forgery Vulnerability in IBM Robotic Process Automation with Automation Anywhere 10.0
Arbitrary File Read Vulnerability in OpenEMR Patient Portal
Arbitrary File Deletion via Directory Traversal in OpenEMR Patient Portal
Arbitrary PHP Code Execution via Directory Traversal in OpenEMR
SQL Injection Vulnerabilities in OpenEMR Portal/Find Appointment Popup User
Arbitrary SQL Command Execution in OpenEMR's find_drug_popup.php
SQL Injection Vulnerabilities in OpenEMR Portal/Add_Edit_Event_User.php
Arbitrary SQL Command Execution in OpenEMR's find_immunization_popup.php
Arbitrary SQL Command Execution in OpenEMR Forms Administration
Arbitrary SQL Command Execution in OpenEMR 5.0.1.4 and Earlier
SQL Injection Vulnerability in OpenEMR Interface
Buffer Overflow Vulnerability in IBM DB2 for Linux, UNIX and Windows
Arbitrary SQL Command Execution in OpenEMR 5.0.1.4 and Earlier
Arbitrary SQL Command Execution in OpenEMR Interface/De-Identification Forms
Authentication Bypass Vulnerability in OpenEMR Portal
OS Command Injection in OpenEMR Versions Prior to 5.0.1.4 via Modified hylafax_server Global Variable
OS Command Injection in OpenEMR before 5.0.1.4 via Modified print_command Global Variable
OS Command Injection in OpenEMR versions before 5.0.1.4 via Modified hylafax_enscript Global Variable
OS Command Injection in OpenEMR Versions Prior to 5.0.1.4 via Modified hylafax_server Variable
Heap-based Buffer Over-read in libfsclfs_block_read function
Heap-based Buffer Over-read in libesedb_page_read_values function
Heap-based Buffer Over-read in libesedb_page_read_tags function
Heap-based Buffer Over-read in libesedb_catalog_definition_read Function
Heap-based Buffer Over-read in libesedb_key_append_data Function
SQL Injection Vulnerability in Zoho ManageEngine Applications Manager 13
Reflected XSS Vulnerability in Zoho ManageEngine Applications Manager 13
Denial-of-Service Vulnerability in IBM SDK, Java Technology Edition 6.0, 7.0, and 8.0
Buffer Overflow Vulnerability in TP-Link WR840N Devices via Long Authorization HTTP Header
Denial of Service Vulnerability in Nmap 7.70 with -sV Option
Denial of Service and Application Crash Vulnerability in XnView 2.45
Denial of Service and Application Crash Vulnerability in XnView 2.45
Denial of Service and Application Crash Vulnerability in XnView 2.45
CSRF Vulnerability in Gxlcms 2.0 Allows Unauthorized Administrator Account Creation
Open Redirect Vulnerability in Gogs before 0.12 Allows Remote Attackers to Conduct Phishing Attacks
Weak Password Encryption Vulnerability in IBM InfoSphere Information Server 11.7
Open Redirect Vulnerability in qTest Portal
JioFi 4G Hotspot M2S Devices Vulnerable to Denial of Service via XSS Payload in SSID and Security Key Fields
XSS Vulnerability in PHP Scripts Mall Car Rental Script 2.0.8 via FirstName and LastName Fields
Stored XSS Vulnerability in PHP Scripts Mall Myperfectresume / JobHero / Resume Clone Script 2.0.6
Stored XSS Vulnerability in PHP Scripts Mall Naukri / Shine / Jobsite Clone Script 3.0.4 via USERNAME Field
Denial of Service Vulnerability in PHP Scripts Mall Naukri / Shine / Jobsite Clone Script 3.0.4
CSRF Vulnerability in PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1
CSRF Vulnerability in PHP Scripts Mall Advanced Real Estate Script 4.0.9 via edit-profile.php
Denial of Service Vulnerability in PHP Scripts Mall Advanced Real Estate Script 4.0.9
XSS Vulnerability in PHP Scripts Mall Advanced Real Estate Script via Name Field
Cross-Site Scripting (XSS) Vulnerability in PHP Scripts Mall Hotel Booking Script 2.0.4
Denial of Service Vulnerability in PHP Scripts Mall Hotel Booking Script 2.0.4
Intranet Service Exposure via SSRF Vulnerability in Gitea and Gogs
CSRF Vulnerability in Gogs Admin Panel Allows Remote Code Execution
CSRF Vulnerability in OneThink v1.1 Allows Unauthorized Administrator Privileges
CSRF Vulnerability in OneThink v1.1 Allows Unauthorized User Addition
Cross-Site Scripting (XSS) Vulnerability in AuraCMS 2.3 via Bukutamu -> AddGuestbook Action
CSRF Vulnerability in Juunan06 eCommerce Allows Unauthorized User and Product Manipulation
CSRF Vulnerability in Ignited CMS Allows Unauthorized Page Addition
CSRF Vulnerability in BPC SmartVista 2 via createrole.jsf
Improper Access Control in BPC SmartVista 2 SVFE Module: Unauthorized Access to Admin Functionality
Session Fixation Vulnerability in BPC SmartVista 2 via JSESSIONID Parameter
Heap-based Buffer Overflow in LibTIFF 4.0.9 TIFF File Processing
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Team Concert 5.0 - 6.0.5
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager
Default Administrator Account Vulnerability in IBM Maximo Asset Management 7.6 through 7.6.3
Vulnerability in IBM i2 Enterprise Insight Analysis 2.1.7 Allows Remote Information Disclosure
Information Disclosure Vulnerability in IBM Maximo Asset Management 7.6 through 7.6.3
Cross-Site Scripting (XSS) Vulnerability in IBM Rational DOORS Next Generation and Rational Requirements Composer
Disclosure of BIG-IP Software Version in Rewritten Pages Vulnerability
F5 BIG-IP LRO-enabled TCP Traffic Processing Vulnerability
Reflected Cross-Site Scripting (XSS) Vulnerability in F5 BIG-IP Configuration Utility
Reflected Cross Site Scripting Vulnerability in F5 BIG-IP AFM TMUI Page
Reflected Cross Site Scripting Vulnerability in F5 BIG-IP AFM TMUI Page
Reflected Cross Site Scripting (XSS) Vulnerability in F5 BIG-IP Configuration Utility
Vulnerability: Privilege Escalation and Endpoint Bypass in F5 BIG-IP APM Edge Client
Intermittent Decrypt BAD_RECORD_MAC Vulnerability in BIG-IP Virtual Server
MPTCP Connection Abort Vulnerability in BIG-IP
TMM Restart Vulnerability in BIG-IP with Non-Default Normalize URI Configuration
Session ID Leakage in IBM API Connect 5.0.0.0 through 5.0.8.2
Denial of Service Vulnerability in BIG-IP System with Misconfigured Port Lockdown Setting
BIG-IP Appliance Mode Bypass Vulnerability
Denial-of-Service (DoS) Vulnerability in BIG-IP Systems
Vulnerability: TMM Process Core File Generation and HA Action Trigger in BIG-IP Virtual Server with MQTT Profile
TMM Restart Vulnerability in BIG-IP APM
Memory Leakage Vulnerability in BIG-IP iControl and TMSH Usage
Certificate Revocation List (CRL) Download Failure Allows Revoked Certificate Validation in BIG-IP APM
Command Execution Vulnerability in BIG-IP Configuration Utility
Insecure Handling of SNMPv3 Passphrases in F5 Products
Command Execution Vulnerability in BIG-IP Configuration Utility
Cross-Site Scripting Vulnerability in IBM Rational Publishing Engine 6.0.5 and 6.0.6
Virtual Server Gzip Bomb Vulnerability on BIG-IP Systems
DCDB Convert Utility Group Permissions Vulnerability
Privilege Escalation Vulnerability in F5 BIG-IP APM Client
Unrestricted Snapshot File Access Vulnerability on BIG-IP Configuration Utility
CSRF Vulnerability in APM Webtop 11.2.1 or Greater Allows Session Logout and Re-authentication
Inadequate Failure Response Display in APM 13.0.0-13.1.x
Cross-Site Scripting Vulnerability in IBM Rational Publishing Engine 6.0.5 and 6.0.6
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Rhapsody Design Manager and IBM Rational Software Architect Design Manager
Kraftway 24F2XG Router Firmware 3.5.30.1118 - Remote Privileged Access Vulnerability
Critical Denial of Service Vulnerability in Kraftway 24F2XG Router Firmware v3.5.30.1118
Denial of Service Vulnerability in Kraftway 24F2XG Router Firmware v3.5.30.1118
Remote Code Execution Vulnerability in Kraftway 24F2XG Router Firmware 3.5.30.1118
Remote Code Execution Vulnerability in Kraftway 24F2XG Router Firmware 3.5.30.1118
Critical Vulnerability: SSLv2 and SSLv3 Encryption Decryption in Kraftway 24F2XG Router Firmware 3.5.30.1118
Command Injection Vulnerability in Eltex ESP-200 Firmware Version 1.2.0
User Password Hash Extraction Vulnerability in Eltex ESP-200 Firmware Version 1.2.0
Privilege Escalation Vulnerability in Eltex ESP-200 Firmware v1.2.0
Insecure Sudo Configuration Expands Attack Surface in Eltex ESP-200 Firmware v1.2.0
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Rhapsody Design Manager and IBM Rational Software Architect Design Manager
Default Credentials Vulnerability in Eltex ESP-200 Firmware Version 1.2.0
Buffer Underflow Vulnerability in UltraVNC Revision 1198: Potential Code Execution
Critical XXE Vulnerability in GE Proficy Cimplicity GDS Versions 9.0 R2, 9.5, 10.0
Privilege Escalation Vulnerability in Trend Micro Security 2018 Products
Trend Micro OfficeScan XG (12.0) Local Information Disclosure Vulnerability
Authenticated Reflected Cross-Site Scripting (XSS) Vulnerability in Trend Micro Deep Discovery Inspector
Trend Micro Antivirus for Mac Privilege Escalation Vulnerability
Privilege Escalation Vulnerability in Trend Micro Antivirus for Mac (Consumer) 7.0 and Above
Vulnerability: Privilege Escalation via Cisco IOS XE CLI Parser
TACACS+ Client Subsystem Denial of Service Vulnerability
Vulnerability in Cisco Catalyst 6800 Series Switches Allows Bypass of Secure Boot Validation
Vulnerability: Unauthorized Root Shell Access in Cisco IOS XE Software
MACsec Key Agreement Vulnerability in Cisco IOS XE Software
Cisco Discovery Protocol Memory Exhaustion Vulnerability
Cisco IOS XE Software Image Verification Bypass Vulnerability
Arbitrary Memory Write Vulnerability in Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers
Arbitrary Memory Write Vulnerability in Cisco IOS Software for Cisco 800 Series Industrial Integrated Services Routers
Memory Leak Vulnerability in Cisco Network Plug and Play Agent
Denial of Service Vulnerability in ClamAV Prior to 0.100.2 via MEW Unpacker
Unrestricted Directory Permissions Vulnerability in Cisco Prime Infrastructure Web Server
Root Command Execution Vulnerability in Cisco HyperFlex Software
Java Deserialization Vulnerability in Cisco Unity Express (CUE) Allows Remote Command Execution
Static Signing Key Vulnerability in Cisco HyperFlex Software Allows Unauthorized Access
Denial of Service Vulnerability in Cisco ASA and FTD Software
Unauthenticated Remote Access Vulnerability in Cisco DNA Center
Cisco SD-WAN Solution: Bypassing Certificate Validation Vulnerability
Denial of Service Vulnerability in Cisco ASA and FTD Software WebVPN Login Process
Default Hard-Coded Username and Password Vulnerability in Cisco Prime Collaboration Provisioning (PCP)
Authentication Bypass Vulnerability in IBM Rational Engineering Lifecycle Manager
Cisco Firepower Threat Defense (FTD) Software FTP Inspection Engine Denial of Service Vulnerability
Cisco Remote PHY Software IPv4 Fragment-Processing Denial of Service Vulnerability
Cisco Industrial Network Director DHCP Service Denial of Service Vulnerability
Cross-Site Scripting (XSS) Vulnerability in Cisco Content Security Management Appliance (SMA) Software
Authentication Bypass Vulnerability in Cisco Stealthwatch Enterprise SMC
Title: Cisco Wireless LAN Controller Software Vulnerability Enables Unauthorized Network Access in TrustSec Domain
Cisco Unity Connection Bulk Administration Tool (BAT) Disk Utilization DoS Vulnerability
Denial of Service (DoS) Vulnerability in Cisco ASA and FTD Software
Per-User-Override Bypass Vulnerability in Cisco ASA and FTD Software
Cisco ASA and FTD Software TCP Syslog Module Denial of Service Vulnerability
Cross-Site Scripting (XSS) Vulnerability in Cisco Cloud Services Platform 2100 Web Management Interface
Cross-Site Request Forgery (CSRF) Vulnerability in Cisco Hosted Collaboration Mediation Fulfillment
Cisco Enterprise NFV Infrastructure Software (NFVIS) Cross-Site Request Forgery (CSRF) Vulnerability
Open Redirect Vulnerability in Cisco Unified Communications Software
Cisco Integrated Management Controller (IMC) Supervisor and Cisco UCS Director Web Interface Denial of Service Vulnerability
Authorization Bypass Vulnerability in Cisco Integrated Management Controller (IMC) Supervisor and Cisco UCS Director
Stored XSS Vulnerability in Cisco UCS Director Web Interface
Insufficient Cleanup of Installation Files in Cisco HyperFlex Software Allows for Sensitive Information Disclosure
Arbitrary Code Execution Vulnerability in Cisco Webex Network Recording Player and Cisco Webex Player for Windows
Arbitrary Code Execution Vulnerability in Cisco Webex Network Recording Player and Cisco Webex Player for Windows
Cross-Site Scripting (XSS) Vulnerability in IBM WebSphere Commerce Enterprise V7, V8, and V9
Arbitrary Code Execution Vulnerability in Cisco Webex Network Recording Player and Cisco Webex Player for Windows
Arbitrary Code Execution Vulnerability in Cisco Webex Network Recording Player and Cisco Webex Player for Windows
Arbitrary Code Execution Vulnerability in Cisco Webex Network Recording Player and Cisco Webex Player for Windows
Arbitrary Code Execution Vulnerability in Cisco Webex Network Recording Player and Cisco Webex Player for Windows
Arbitrary Code Execution Vulnerability in Cisco Webex Network Recording Player and Cisco Webex Player for Windows
Arbitrary Code Execution Vulnerability in Cisco Webex Network Recording Player and Cisco Webex Player for Windows
Arbitrary Code Execution Vulnerability in Cisco Webex Network Recording Player and Cisco Webex Player for Windows
Arbitrary Code Execution Vulnerability in Cisco Webex Network Recording Player and Cisco Webex Player for Windows
Arbitrary Code Execution Vulnerability in Cisco Webex Network Recording Player and Cisco Webex Player for Windows
Arbitrary Code Execution Vulnerability in Cisco Webex Network Recording Player and Cisco Webex Player for Windows
XML External Entity Injection (XXE) Vulnerability in IBM FileNet Content Manager, IBM Content Foundation, and IBM Case Foundation Administration Console for Content Platform Engine (ACCE) 5.2.1 and 5.5.0
Arbitrary Code Execution Vulnerability in Cisco Webex Network Recording Player and Cisco Webex Player for Windows
Arbitrary Code Execution Vulnerability in Cisco Webex Network Recording Player and Cisco Webex Player for Windows
Arbitrary Code Execution Vulnerability in Cisco Webex Network Recording Player and Cisco Webex Player for Windows
Clickjacking Vulnerability in Cisco HyperFlex Software Web UI
Arbitrary Command Execution Vulnerability in Cisco Identity Services Engine (ISE) Web Interface
Arbitrary Command Execution Vulnerability in Cisco Identity Services Engine (ISE) Web Interface
Stored Cross-Site Scripting (XSS) Vulnerability in Cisco Unity Connection Web Interface
Undocumented Default Root Account Vulnerability in Cisco Video Surveillance Manager (VSM) Software
Cisco IOS XR Software BGP Malformed Attribute Denial of Service Vulnerability
Unauthenticated Remote Access Vulnerability in Cisco HyperFlex HX Data Platform Software
SSL Certificate Validation Vulnerability in IBM WebSphere MQ 8.0 and 9.0
Remote Code Execution Vulnerability in Cisco Expressway Series and Cisco TelePresence VCS
Arbitrary Code Execution Vulnerability in Cisco Webex Network Recording Player and Cisco Webex Player for Windows
Information Disclosure Vulnerability in Cisco Prime Infrastructure Server Backup Function
Information Disclosure Vulnerability in Cisco Prime Infrastructure Server Backup Function
Cross-Site Scripting (XSS) Vulnerability in Cisco Unified IP Phone 7900 Series Web Management Interface
Stored XSS Vulnerability in Cisco SocialMiner Web-Based Management Interface
Cross-Site Scripting (XSS) Vulnerability in Cisco Webex Centers
Local Privilege Escalation Vulnerability in Cisco Immunet and Cisco AMP for Endpoints on Windows
Cross-Site Request Forgery (CSRF) Vulnerability in Cisco Prime Collaboration Assurance
Cisco Small Business Switches Software Authentication Bypass Vulnerability
Buffer Overflow Vulnerability in IBM DB2 for Linux, UNIX and Windows
Cisco Identity Services Engine (ISE) Web Interface Stored XSS Vulnerability
SQL Injection Vulnerability in Cisco Prime License Manager (PLM)
Arbitrary Command Execution Vulnerability in Cisco Webex Meetings Desktop App for Windows
Cisco Firepower System Software: TCP Retransmission Bypass Vulnerability
XML External Entity (XXE) Vulnerability in Cisco Energy Management Suite Software Allows Unauthorized Access and Manipulation of Data
Cross-Site Request Forgery (CSRF) Vulnerability in Cisco Energy Management Suite Software
Unauthenticated Remote Access Vulnerability in Cisco Meeting Server
SQL Injection Vulnerability in Cisco IMC Supervisor
Insecure Configuration in Cisco Registered Envelope Service Allows Discovery of Sensitive User Information
Cisco Video Surveillance Media Server Web Interface Denial of Service Vulnerability
Weak Cryptographic Algorithms in IBM Tivoli Storage Manager: A Potential Decryption Vulnerability
File System Overwrite Vulnerability in Cisco Prime Collaboration Assurance Web UI
Cross-Site Scripting (XSS) Vulnerability in Cisco Prime Service Catalog Web Interface
Vulnerability in Cisco AMP for Endpoints Allows Local Attackers to Disable System Scanning Services
Cisco AsyncOS Software for Cisco Email Security Appliance (ESA) S/MIME Decryption and Verification Denial of Service Vulnerability
SIP Inspection Engine Denial of Service Vulnerability
Cross-Site Scripting Vulnerability in Cisco Identity Services Engine Logging Component
Cisco Identity Services Engine (ISE) Admin Portal Password Disclosure Vulnerability
Cross-Site Scripting (XSS) Vulnerability in Cisco Prime Infrastructure Web Interface
Cisco Firepower Management Center (FMC) Shell Access Filter Remote Authentication Denial of Service Vulnerability
Privilege Escalation Vulnerability in Cisco Identity Services Engine (ISE) Administrative Web Interface
HTTP Strict Transport Security Bypass in IBM API Connect 5.0.0.0 through 5.0.8.3
Denial of Service Vulnerability in Cisco Email Security Appliances
Cross-Site Scripting (XSS) Vulnerability in Cisco Webex Business Suite's MyWebex Component
Insufficient Ingress TCP Rate Limiting Vulnerability in Cisco Firepower Threat Defense Software
Cisco Identity Services Engine (ISE) Web-Based Management Interface Reflected XSS Vulnerability
Cisco 900 Series ASR Software Partial Denial of Service Vulnerability
Cisco ASA Software Authorization Subsystem Privilege Escalation Vulnerability
Unauthenticated Remote Access to Graphite Web Interface in Cisco Policy Suite
Cross-Site Scripting (XSS) Vulnerability in Cisco TelePresence Management Suite (TMS) Web Interface
Denial of Service Vulnerability in Xen through 4.11.x
Denial-of-Service Vulnerability in Xen ARM Grant Table v2 Implementation
Arbitrary Code Execution Vulnerability in IBM Robotic Process Automation with Automation Anywhere 10.0
Unbounded Memory Usage Vulnerability in Xen's oxenstored
Out-of-Bounds Memory Access Vulnerability in Linux Kernel's xenvif_set_hash_mapping
Long-running Sidekiq jobs in GitLab Community and Enterprise Edition before 11.1.7, 11.2.x before 11.2.4, and 11.3.x before 11.3.1 can cause a timeout issue in the diff formatter using rouge.
OpenSSH User Enumeration Vulnerability
CSV Injection in DokuWiki 2018-04-22a and earlier
Unverified SSL/TLS Server Certificate Allows Man-in-the-Middle Attack on myStrom Devices
Command Injection Vulnerability in myStrom WiFi Switch V1 Devices
Unregistered Device Takeover Vulnerability
Lack of Device Authentication in myStrom IoT Devices
Information Disclosure Vulnerability in IBM API Connect 2018.1.0.0 and 2018.2.x
Hidden Parameter Vulnerability in myStrom IoT Devices Allows Unauthorized Server URL Reconfiguration
Privilege Escalation via Improper Input Sanitization in UCOPIA Wireless Appliance Devices
LG Devices Vulnerability: Incorrect Access Control for MLT Application Intents (LVE-SMP-180006)
KONE Group Controller (KGC) Devices Denial of Service Vulnerability (KONE-04)
KONE Group Controller (KGC) Devices Unauthenticated Remote Code Execution Vulnerability
Unauthenticated FTP Access Vulnerability in KONE Group Controller (KGC) Devices
KONE Group Controller (KGC) Devices Unauthenticated Local File Inclusion and File Modification Vulnerability
HTTP Response Splitting Vulnerability in IBM Rational Quality Manager
Path Traversal Vulnerability in ExpressVPN on Windows
Whitelisting Bypass Vulnerability in Zemana Anti-Logger
UDP Amplification Vulnerability in Sentinel License Manager 8.5.3.35
Critical Open Redirect Vulnerability in vBulletin 5.4.3
Unescaped String Injection in dojox/Grid/DataGrid
Directory Traversal and SSRF Vulnerability in Responsive FileManager before 9.13.3
Memory Corruption Vulnerability in Mitel MiVoice 5330e VoIP Device's SIP/SDP Packet Handling Functionality
YSoft SafeQ Server 6 Vulnerability: Replay Attack Exploit
Denial of Service Vulnerability in GEAR Software Products (GEARAspiWDM.sys)
Local User Denial of Service Vulnerability in IBM Spectrum Protect 7.1 and 8.1
Out-of-Bounds Read DoS Vulnerability in libgit2
Insecure Permissions in Lone Wolf Technologies loadingDOCS 2018-08-13: Remote Download of Confidential Files
Unbounded Deserialization Vulnerability in Swoole 4.0.4
NULL Pointer Dereference in HTTP Request Time Fields Handling
NULL Pointer Dereference Denial of Service Vulnerability in GoAhead and Appweb
BubbleUPnP 0.9 Update 30 XML External Entity Processing (XXE) Vulnerability
Incorrect Access Control in Five9 Agent Desktop Plus 10.0.70 Allows Remote Denial of Service (Issue 1 of 2)
Incorrect Access Control in Five9 Agent Desktop Plus 10.0.70
Privilege Escalation Vulnerability in IBM WebSphere MQ
Arbitrary Web Script Injection Vulnerability in totemomail 6.0.0 Build 570 Certificate Feature
Arbitrary Code Injection through Cross-Site Scripting (XSS) in totemomail 6.0.0 build 570 Notification Template
Arbitrary Web Script Injection Vulnerability in totemomail 6.0.0 Build 570's 'Authorisation Service'
SessionID Exposure in Log Viewer of Totemomail 6.0.0 Build 570
Privilege Escalation via Deserialization in Docker for Windows
CaptivePortal Service Trojan Horse Vulnerability in D-Link Central WiFiManager CWM-100 1.03 r0098 Devices
SSRF Vulnerability in D-Link Central WiFiManager CWM-100 1.03 r0098 Devices
Vulnerability: SSRF in D-Link Central WiFiManager CWM-100 1.03 r0098 MailConnect Feature
Double-Free or Corruption Vulnerability in QXmlStream
Lexmark Devices Vulnerable to Buffer Overflow (Issue 1 of 2)
Arbitrary Code Execution Vulnerability in IBM Robotic Process Automation with Automation Anywhere 10.0 and 11.0
Lexmark Devices Vulnerable to Buffer Overflow (Issue 2 of 2)
Reflected Cross-Site Scripting in Java System Solutions SSO Plugin 4.0.13.1 for BMC MyIT
Command Injection Vulnerability in Mutiny Monitoring Appliance Allows Arbitrary Command Execution
Information Disclosure Vulnerability in IBM WebSphere Application Server Liberty
Persistent Cross-Site Scripting (XSS) Vulnerability in Xerox ColorQube 8580 Web Interface
XML External Entity (XXE) Vulnerability in JavaMelody before 1.74.0
Information Disclosure Vulnerability in Synaptics Touchpad Drivers
Reflected Cross-Site Scripting Vulnerability in Geutebrueck re_porter 16
Unauthenticated Access to Sensitive Information in Geutebrueck re_porter 16
Directory Traversal Vulnerability in tecrail Responsive FileManager before 9.13.4
Directory Traversal Vulnerability in tecrail Responsive FileManager before 9.13.4
Unrestricted File Upload Vulnerability in OCS Inventory NG ocsreports
Multiple Cross-Site Scripting Vulnerabilities in Agentejo Cockpit
Lack of Anti-CSRF Protection in Agentejo Cockpit Allows Unauthorized Modification of API Tokens and Passwords
Cross-Site Scripting (XSS) Vulnerability in IBM Maximo Asset Management 7.6
/media/api Directory Traversal Vulnerability in Agentejo Cockpit
Passcode Authentication Bypass Vulnerability in org.telegram.messenger Android App
Authentication Bypass Vulnerability in org.telegram.messenger Android App
Stored Cross-Site Scripting Vulnerability in Accusoft PrizmDoc 13.3 and Earlier
Cross-Site Scripting (XSS) Vulnerability in IBM FileNet Content Manager 5.2.1 and 5.5.0
Predictable Random Number Generation in PayWinner Function of Ethereum Lottery Smart Contract
OS Command Injection Vulnerability in Telus Actiontec T2200H T2200H-31.128L.03 Devices via fileshare.cmd
Vulnerability: Unauthorized Root Access via UART Headers on Telus Actiontec WEB6000Q v1.1.02.22 Devices
Vulnerability: Root Level Access via Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22
Telus Actiontec WEB6000Q v1.1.02.22 - Unauthorized Root Access via Telnet
Stored XSS Vulnerability in Xiuno BBS 4.0.4 Editor
Cross-Site Scripting (XSS) Vulnerability in IBM FileNet Content Manager 5.2.1 and 5.5.0
Integer Overflow in AESNI.c Leading to Mishandling of Short Messages
XSS Vulnerability in CMS ISWEB 3.5.3 via ordineRis, sezioneRicerca, or oggettiRicerca Parameter
XSS Vulnerability in Subrion CMS 4.2.1: titles[en] Parameter in _core/admin/pages/add/ Endpoint
CSRF Vulnerability Allows Unauthorized Deletion of Pages in daveismyname simple-cms
Unauthenticated Page Addition Vulnerability in daveismyname simple-cms
XSS Vulnerability in tp5cms admin.php/article/index.html q parameter
XSS Vulnerability in CMSUno Title Field (CVE-XXXX-XXXX)
CSRF Vulnerability in tp5cms through 2017-05-25: admin.php/category/delete.html
CSRF Vulnerability in My Little Forum 2.4.12 Allows User Deletion
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager (RQM) 5.0 - 6.0.6
Stored XSS Vulnerability in waimai Super Cms 20150505 via /admin.php/Foodcat/editsave fcname parameter
CSV Injection Vulnerability in Export Users to CSV Plugin for WordPress
Incomplete RSB Filling in Linux Kernel Allows Userspace-Userspace SpectreRSB Attacks
Unauthenticated File Manipulation in Reprise License Manager (RLM)
Cross-Site Scripting Vulnerability in Reprise License Manager's License Editor
Remote Code Execution Vulnerability in EasyLogin Pro
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Collaborative Lifecycle Management
Arbitrary Web Script Injection Vulnerability in gnuboard5 before 5.3.1.6
Arbitrary Web Script Injection Vulnerability in GNUBoard5 (before 5.3.1.6)
Arbitrary Web Script Injection in gnuboard5 before 5.3.1.6
Arbitrary Web Script Injection via popup title parameter in GNUBOARD5 before 5.3.1.6
Arbitrary Web Script Injection in gnuboard5 before 5.3.1.6
Arbitrary Web Script Injection via popup title parameter in GNUBOARD5 before 5.3.1.6
Enigmail before 2.0.6 Vulnerability: OpenPGP Signature Spoofing via Specially Crafted Multipart HTML Email
OpenPGP Signature Spoofing Vulnerability in GNOME Evolution
MailMate HTML/MIME Structure Vulnerability
Bypassing File and Folder Security Restriction in Ivanti Workspace Control and RES One Workspace
Bypassing Application Whitelisting Restrictions in Ivanti Workspace Control and RES One Workspace
Privilege Escalation Vulnerability in Ivanti Workspace Control and RES One Workspace
Unspecified Attack Vector Allows Decryption of Encrypted Datastore or Relay Server Password
Spectre-v2 vulnerability in Linux kernel's paravirt.c
Cross-Site Scripting (XSS) Vulnerability in MyBB 1.8.17 RSS Syndication
Exposure of Configuration and Secrets in Containous Traefik 1.6.x
User Enumeration Vulnerability in Dropbear SSH Server
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Engineering Lifecycle Manager
Improper URL Decoding in Elefant CMS 2.0.3 File Upload Vulnerability
Persistent XSS Vulnerability in Zyxel VMG3312 B10B Devices via connectionStatus-hostEntry.cmd Hostname Parameter
XSS Vulnerability in Victor CMS Leave a Comment Screen
Cross-Site Scripting Vulnerability in phpMyAdmin Import Feature
XSS Vulnerability in SalesAgility SuiteCRM: Phishing via Error Message
Denial of Service Vulnerability in ImageMagick 7.0.8-11 Q16
HTML Injection Vulnerability in Zoho ManageEngine ADManager Plus 6.5.7
Arbitrary File Read and Delete Vulnerability in Avaya IP Office's one-X Portal
Root Privilege Escalation Vulnerability in Avaya Aura Communication Manager
CSRF Vulnerability in Avaya Aura Orchestration Designer Allows Unauthorized Administrative Setting Manipulation
Avaya Aura Orchestration Designer XSS Vulnerability in Runtime Config Component
Stored Cross-Site Scripting Vulnerability in IP Office's one-x Portal
Local Administrative User Exploitation in Avaya Call Management System Supervisor: Extracting Sensitive Information from Remote CMS Host
Remote Code Execution Vulnerability in Avaya Aura System Platform Web UI
Remote Denial of Service Vulnerability in Avaya Aura Communication Manager's capro Process
Cross-Site Scripting (XSS) Vulnerability in IBM Sterling B2B Integrator Standard Edition
Arbitrary File Emailing Vulnerability in Odoo Discuss App
Remote Initialization of Empty Database in Odoo Community and Enterprise 11.0 and Earlier
Arbitrary Web Script Injection via Crafted Attachment Filenames in Odoo Community and Enterprise 11.0 and Earlier
Arbitrary Web Script Injection via Crafted Link in Odoo Community and Enterprise 14.0 and Earlier
Cross-site scripting vulnerability in Odoo Discuss App allows remote code injection through crafted document names
Cross-Site Scripting (XSS) Vulnerability in Odoo Community and Enterprise 13.0 and Earlier
Local Privilege Escalation Vulnerability in IBM Sterling B2B Integrator Standard Edition 5.2 through 5.2.6
Elevated Privileges Vulnerability in Odoo Enterprise Helpdesk App
Arbitrary Web Script Injection via Crafted Calendar Event Attributes in Odoo Community and Enterprise
Arbitrary Record Creation and Privilege Escalation in Odoo Community and Enterprise 12.0 and Earlier
Buffer Overflow Vulnerability in IBM DB2 for Linux, UNIX and Windows
Cross-Origin Resource Sharing (CORS) Vulnerability in 42Gears SureMDM
User Account Existence Disclosure in 42Gears SureMDM Registration API Endpoint
SSRF Vulnerability in 42Gears SureMDM
Unprotected API Endpoints Expose Call Logs, SMS Logs, and User-Account Data in 42Gears SureMDM
Cross-Origin Access Vulnerability in 42Gears SureMDM
Format String Error Vulnerability in IBM DB2 for Linux, UNIX and Windows
Vulnerability: Unauthorized Access to Sensitive Ola Money Data
Bypassing Authentication via Forgot Password Screen in Ola Money Android App
Arbitrary Read-Write Access Vulnerability in Docker's 'docker cp' Command
Unauthenticated User Account Enumeration in Cloudera Data Science Workbench (CDSW)
Unauthenticated Arbitrary Email Sending Vulnerability in Bloop Airmail 3 3.5.9 for macOS
Arbitrary Email Transmission Vulnerability in Bloop Airmail 3 3.5.9 for macOS
Bypassing Frame Navigation Filter in Bloop Airmail 3 3.5.9 for macOS
Arbitrary Java Code Execution through SOAP Connector in IBM WebSphere Application Server
OpenURL Default URL Handler Vulnerability in Bloop Airmail 3 3.5.9 for macOS
Excessive Stack Consumption Denial of Service Vulnerability in HDF HDF5 1.10.2 Library
Bypassing Anti-XSS Mechanism in BTITeam XBTIT
Stored XSS and CSRF Vulnerability in BTITeam XBTIT 2.5.4 Newsfeed
Reflected Cross-Site Scripting Vulnerability in BTITeam XBTIT 2.5.4 Signup Page
Reflected Cross-Site Scripting Vulnerability in BTITeam XBTIT 2.5.4 Search Function
Local File Disclosure Vulnerability in IBM QRadar SIEM 7.2 and 7.3
Unsalted MD5 Hash Vulnerability in BTITeam XBTIT 2.5.4
Predictable Salt and Weak Cookie Security in BTITeam XBTIT 2.5.4
Cross-Site Request Forgery Vulnerability in BTITeam XBTIT Allows Automated Private Message Sending
Open Redirect Vulnerability in BTITeam XBTIT Login Page
Path Disclosure and Sensitive Data Leakage in BTITeam XBTIT
Remote Code Execution Vulnerability in GitHub Electron
Arbitrary State Injection Vulnerability in systemd's unit_deserialize
Arbitrary File Permission Vulnerability in systemd (CVE-2018-16865)
Buffer Overflow Vulnerability in systemd DHCP6 Client
Arbitrary Code Execution through Insecure Deserialization in CA Release Automation 6.5 and Earlier
Authentication Bypass and Data Manipulation Vulnerability in Inova Partner 5.0.5-RELEASE, Build 0510-0906 and Earlier
Insecure Direct Object Reference Vulnerability in Inova Partner 5.0.5-RELEASE, Build 0510-0906 and Earlier
Path Traversal Vulnerability in ASUSTOR Data Master 3.1.5 and Below Allows Arbitrary File Upload
Path Traversal Vulnerability in ASUSTOR Data Master 3.1.5 and Below Allows Remote File Deletion
User Account Enumeration Vulnerability in ASUSTOR Data Master 3.1.5 and Below
Authenticated Remote File Read Vulnerability in ASUSTOR Data Master 3.1.5 and Below
Authenticated Remote File Read Vulnerability in ASUSTOR Data Master 3.1.5 and Below
XSS Vulnerability in ASUSTOR Data Master 3.1.5 and Below via Configuration File Manipulation
Denial of Service Vulnerability in TP-Link TL-WRN841N 0.9.1 4.16 v0348.0 Web Interface
Denial of Service Vulnerability in TP-Link TL-WRN841N 0.9.1 4.16 v0348.0 Web Interface
CSRF Vulnerability in TP-Link TL-WRN841N 0.9.1 4.16 v0348.0 Web Interface
Multiple Reflected Cross-Site Scripting Vulnerabilities in Advantech WebAccess 8.3.2 and Below
Stack Buffer Overflow Vulnerability in Advantech WebAccess 8.3.2 and Below
Directory Traversal Vulnerability in WADashboard API Allows Remote Code Execution
Directory Traversal Vulnerability in WADashboard API of Advantech WebAccess 8.3.1 and 8.3.2
Cross-Site Scripting Vulnerability in Advantech WebAccess 8.3.1 and 8.3.2
Remote Code Execution in Snoopy 1.0 in Nagios XI 5.5.6
Arbitrary Command Execution in Nagios XI 5.5.6
Arbitrary Command Execution Vulnerability in IBM QRadar 7.2 and 7.3
Privilege Escalation in Nagios XI 5.5.6 via Autodiscover_new.php
Nagios XI 5.5.6 API Key Reset and Privilege Escalation Vulnerability
Reflected Cross-Site Scripting Vulnerability in Nagios XI 5.5.6 via api_tool.php Host Parameter
Persistent Cross-Site Scripting Vulnerability in Nagios XI 5.5.6 via Stored Email Address in admin/users.php
Reflected Cross-Site Scripting Vulnerability in Nagios XI 5.5.6
Zoom Vulnerability: Unauthorized Message Processing and Remote Spoofing
Authenticated Remote Command Injection in NUUO NVRMini2 version 3.9.1
Insecure Password Storage: Base64 Encoded MD5 Hashes in Open Dental
Unauthenticated Remote Access Vulnerability in Open Dental: Complete User Database Transmission
Default MySQL Credentials in Open Dental Installation
Hard-coded Account Vulnerability in Logitech Harmony Hub
Authentication Bypass Vulnerability in Logitech Harmony Hub XMPP Server
OS Command Injection in Logitech Harmony Hub
Logitech Harmony Hub Command Injection Vulnerability
Pulse Secure Desktop (macOS) Privilege Escalation Vulnerability
Authentication Bypass Vulnerability in Grafana
Arbitrary Code Execution Vulnerability in Couchbase Server
Denial of Service Vulnerability in STOPzilla AntiMalware 6.5.2.59
Denial of Service Vulnerability in STOPzilla AntiMalware 6.5.2.59
Denial of Service Vulnerability in STOPzilla AntiMalware 6.5.2.59
Arbitrary Write Vulnerability in STOPzilla AntiMalware 6.5.2.59
NULL Pointer Dereference Vulnerability in STOPzilla AntiMalware 6.5.2.59
Arbitrary Write Vulnerability in STOPzilla AntiMalware 6.5.2.59
Arbitrary Write Vulnerability in STOPzilla AntiMalware 6.5.2.59
Denial of Service Vulnerability in STOPzilla AntiMalware 6.5.2.59
Denial of Service Vulnerability in STOPzilla AntiMalware 6.5.2.59
Arbitrary Write Vulnerability in STOPzilla AntiMalware 6.5.2.59
XSS Vulnerability in Zoho ManageEngine ADManager Plus 6.5.7 on Workflow Delegation Requester Roles Screen
Unauthenticated Directory Traversal Vulnerability in Argus Surveillance DVR 4.0.0.0 Devices
Denial of Service Vulnerability in QEMU's seccomp Policy Handling
Arbitrary Code Execution Vulnerability in glot-www
Dell 2335dn Printer Admin Interface Password Disclosure Vulnerability
Pulse Secure Desktop (macOS) Format String Vulnerability
Directory Traversal Vulnerability in SaltStack Salt API
Authentication Bypass and Arbitrary Command Execution in SaltStack Salt
Cleartext Transmission of Sensitive Information in MensaMax Android App
Hard-coded DES Cryptographic Key Vulnerability in MensaMax Android App
Authorization Logic Error in Cloud Foundry UAA Allows Token Hijacking Across Identity Providers
SQL Injection Vulnerability in Cloud Foundry CF Networking Release
Denial of Service Vulnerability in Spring Framework
Privilege Escalation in Spring Security OAuth Approval Endpoint
Insecure Credential Verification in Pivotal Cloud Foundry On Demand Services SDK
Privilege Escalation via Consent Page Manipulation in Cloud Foundry UAA
Privilege Escalation Vulnerability in Pivotal Operations Manager
Information Disclosure Vulnerability in Pivotal Container Service (versions prior to 1.2.0) Exposes IaaS Credentials in Application Logs
Remote Code Execution Vulnerability in Dell EMC ESRS Policy Manager
Dell EMC Secure Remote Services Information Exposure Vulnerability
Dell Encryption and Endpoint Security Suite Enterprise Vulnerability: Password Length Bypass
Improper Authorization Vulnerability in Dell OpenManage Network Manager Virtual Appliance
Insecure Default Configuration Allows Unauthorized File System Access in Dell OpenManage Network Manager
Denial of Service Vulnerability in RSA BSAFE Micro Edition Suite
Information Disclosure Vulnerability in Dell EMC RecoverPoint and RecoverPoint for VMs
Uncontrolled Resource Consumption Vulnerability in Dell EMC RecoverPoint and RecoverPoint for VMs
Information Disclosure Vulnerability in Dell Encryption
Redfish Interface Privilege Escalation Vulnerability in Dell EMC iDRAC
Improper Error Handling Vulnerability in Dell EMC iDRAC7/iDRAC8
Title: Dell OS10 CLI Input Validation Vulnerability
Improper Access Control Vulnerability in RSA Archer Versions Prior to 6.5.0.1
Dell Wyse Password Encoder Hard-coded Cryptographic Key Vulnerability
Relative Path Traversal Vulnerability in RSA Authentication Manager Quick Setup Deployment
Vulnerability: TLS Certificate Validation Bypass in Dell Networking OS10 Phone Home Feature
Guessable Random Number Generation in Pivotal CredHub Service Broker UAA Client Secret
Insecure Hashing Algorithm in Cloud Foundry Bits Service Allows Unauthorized Access
Cloud Foundry NFS Volume Release Information Disclosure Vulnerability
Untrusted Website Redirect Vulnerability in Pivotal Concourse Release 4.x prior to 4.2.2
Timing Attack Vulnerability in Cloud Foundry Bits Service
Authorization Bypass Vulnerability in Spring Security 5.1.x
MapR File System Privilege Escalation Vulnerability
XML External Entity (XXE) Vulnerability in Accusoft PrizmDoc HTML5 Document Viewer before 13.5
Vulnerability: Bypassing POSIM EVO Login Prompt via Emergency Override Account
Hardcoded Database Credentials in POSIM EVO 15.13 for Windows Pose Critical Security Risk
Insecure File Permissions in AccuPOS 2017.8 Installation Path
Directory Traversal Vulnerability in Visiology Flipbox Software Suite before 2.7.0
Weak Encryption Algorithm Used in DNN (DotNetNuke) 9.2 through 9.2.1
Inadequate Entropy Generation in DNN (DotNetNuke) 9.2 through 9.2.1
User Mode Write AV Vulnerability in FastStone Image Viewer 6.5
User Mode Write AV Vulnerability in FastStone Image Viewer 6.5
FastStone Image Viewer 6.5 Exception Handler Chain Corrupted Vulnerability
Read Access Violation Vulnerability in FastStone Image Viewer 6.5
Read Access Violation on Block Data Move in FastStone Image Viewer 6.5 via Crafted Image File
Arbitrary File Deletion Vulnerability in Repute ARForms
Incorrect Access Control in EasyIO EasyIO-30P Devices: Exploiting the webuser.js Vulnerability
XSS Vulnerability in EasyIO EasyIO-30P Devices (CVE-2021-XXXX)
FFmpeg Flvenc.c Empty Audio Packet Assertion Failure Vulnerability
IBM StoredIQ 7.6 Authenticated Bypass Vulnerability
Arbitrary Code Execution via URI Handlers in Ubisoft Uplay Desktop Client
Insecure Direct Object Reference (IDOR) vulnerability in Vanilla before 2.6.1 allows multiple voting in polls
Heap Overflow Vulnerability in radare2's read_module_referenced_functions Function
Title: Android Versions 1.0 through 9.0 Vulnerable to Insecure Permissions (Bug ID: 77286983)
RSA Padding String Verification Bypass in Openswan
Buffer Overflow Vulnerability in D-Link DIR-615 Devices via Long Authorization HTTP Header
Cross-Site Scripting (XSS) Vulnerability in IBM Maximo Asset Management 7.6
Denial of Service Vulnerability in TP-Link TL-WR840N Devices via Fragmented Packets
XSS Vulnerability in WolfCMS 0.8.3.1 via /?/admin/page/add Slug Parameter
XSS Vulnerability in GetSimple CMS 3.3.14 via Add New Page Field in admin/edit.php
CSRF Vulnerability in DamiCMS 6.0.0 Allows Password Modification for Administrator Account
CSRF Vulnerability in Gleez CMS 1.2.0 Allows Unauthorized Administrator Account Addition
CSRF Vulnerability in fledrCMS Allows Unauthorized Password Change
XSS Vulnerability in puppyCMS 5.1 via menu.php Add Page/URL URL Link Field
CSRF Vulnerability in portfolioCMS 1.0.5 Allows Unauthorized Creation of Pages
CSRF Vulnerability in portfolioCMS 1.0.5 Allows Unauthorized Website Settings Update
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Rhapsody Design Manager and IBM Rational Software Architect Design Manager
CSRF Vulnerability in REDAXO CMS 4.7.2 Allows Unauthorized Administrator Account Creation
CSRF Vulnerability in Flexo CMS v0.1.6 Allows Unauthorized Administrator Addition
Denial of Service Vulnerability in Technicolor TC7200.20 Devices via MAC Flooding
Endless Recursion Vulnerability in xkbcommon and libxkbcommon
NULL Pointer Dereference Vulnerability in xkbcommon Parser
NULL Pointer Dereference Vulnerability in xkbcommon Parser
Denial of Service Vulnerability in xkbcommon Keymap Parser
Invalid Free Vulnerability in xkbcommon Keymap Parsers
NULL Pointer Dereference Vulnerability in CopyKeyAliasesToKeymap in xkbcommon
NULL Pointer Dereference in ExprResolveLhs in xkbcommon before 0.8.2
NULL Pointer Dereference in ExprResolveLhs in xkbcomp/expr.c in xkbcommon before 0.8.2
NULL Pointer Dereference in LookupModMask in xkbcommon
NULL Pointer Dereference Vulnerability in xkbcommon's ResolveStateAndPredicate Function
NULL Pointer Dereference in resolve_keysym in xkbcommon parser.y
Critical Privilege Escalation Vulnerability in Pulse Secure Desktop (macOS)
ChronoScan Version 1.5.4.3 and Earlier SQL Injection Vulnerability
Unvalidated Image Loading Vulnerability in AWS CLI
Information Disclosure Vulnerability in IBM Rational Rhapsody and Rational Software Architect Design Manager
Invalid Memory Address Dereference in libming 0.4.8: Denial of Service Vulnerability
Invalid Memory Address Dereference Vulnerability in libming 0.4.8
SQL Injection Vulnerability in Sentrifugo 3.2 via deptid Parameter
XSS Vulnerability in D-Link DIR-615 Routers 20.07: Injecting JavaScript via DHCP Hostname Field
JavaScript Injection Vulnerability in D-Link DIR-615 Routers 20.07
Vulnerability: CAPTCHA Bypass in ajax-bootmodal-login Plugin
OS Command Injection Vulnerability in Plainview Activity Monitor Plugin for WordPress
XML External Entity Injection (XXE) Vulnerability in IBM Jazz Foundation
Stored XSS Vulnerability in Joomla! User Profile Page
ACL Violation Due to Inadequate Checks in Joomla! before 3.8.12
Inadequate InputFilter Checks Allow Upload of Malicious Phar Files in Joomla!
HTML Injection Vulnerability in RICOH MP C4504ex Devices
Covert Operation Detection Vulnerability in Ovation FindMe 1.4-1083-1
Arbitrary PHP Code Execution in Monstra CMS 3.0.4 via Modified Snippet Content
Authenticated Remote Command Execution in ASUS DSL-N12E_C1 1.1.2.3_345
User Registration Vulnerability in ASPCMS 2.5.6
Arbitrary OS Command Execution Vulnerability in EthereumJ 1.8.2
Stored JavaScript Command Injection in FreePBX Core
SQL Injection Vulnerability in FreePBX 13 and 14 DISA Module
SQL Injection Vulnerability in WUZHI CMS 4.1.0 via copyfrom.php
SQL Injection Vulnerability in WUZHI CMS 4.1.0 via keyValue Parameter in /coreframe/app/admin/pay/admin/index.php
Incomplete Fix for SSRF Vulnerability in idreamsoft iCMS 7.0.11
XSS Vulnerability in PHP Scripts Mall Website Seller Script 2.0.5 via Personal Address or Company Name
Denial of Service Vulnerability in PHP Scripts Mall Website Seller Script 2.0.5
Improper Certificate Validation in Subsonic Music Streamer 4.4 for Android Allows Man-in-the-Middle Attacks
XSS Vulnerability in MiniCMS 1.10's post.php?date= Endpoint
CSRF Vulnerability in e107 2.1.8 Allows Unauthorized Password Changes
Stored Cross Site Scripting (XSS) Vulnerability in Claromentis 8.2.2's Discuss Module
A10 ACOS Web Application Firewall (WAF) SQL Injection Attack Blocking Rules Misconfiguration Vulnerability
Arbitrary Code Execution via SolarWinds Serv-U FTP Server 15.1.6 Import Feature
Denial of Service Vulnerability in Technicolor TC8305C Devices via MAC Flooding
Arbitrary File Write Vulnerability in Artifex Ghostscript 9.23
Type Confusion Vulnerability in Artifex Ghostscript 9.23
Type Confusion Vulnerability in Artifex Ghostscript
Uninitialized Memory Access Vulnerability in Artifex Ghostscript 9.23
Arbitrary Package Installation and Removal Vulnerability in Manjaro Linux
Unvalidated Redirect and Cross-Site Scripting (XSS) Vulnerability in Cloudera Manager
Persistent Cross-Site Scripting (XSS) Vulnerability in Jorani 0.6.5
SQL Injection Vulnerability in Jorani 0.6.5 Allows Unauthorized Access to Sensitive Data
Username Enumeration Vulnerability in OpenSSH 7.8
Use After Free Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Missing File Checksums in IBM Multi-Cloud Data Encryption (MDE) 2.1 Allows Unauthorized Data Manipulation
Untrusted Pointer Dereference Vulnerability in Adobe Acrobat and Reader
Untrusted Pointer Dereference Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Untrusted Pointer Dereference Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Arbitrary Command Execution Vulnerability in IBM Spectrum Symphony and Platform Symphony
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Buffer Errors Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Deserialization of Untrusted Data Vulnerability in Adobe ColdFusion
Deserialization of Untrusted Data Vulnerability in Adobe ColdFusion
Deserialization of Untrusted Data Vulnerability in Adobe ColdFusion
Arbitrary File Overwrite Vulnerability in Adobe ColdFusion Versions July 12 Release
Unrestricted File Upload Vulnerability in Adobe ColdFusion
Adobe ColdFusion Directory Listing Vulnerability
Arbitrary Folder Creation Vulnerability in Adobe ColdFusion
Use of Component with Known Vulnerability in Adobe ColdFusion Versions: Information Disclosure Vulnerability
Deserialization of Untrusted Data Vulnerability in Adobe ColdFusion
Adobe Acrobat and Reader Privilege Escalation Vulnerability
Privilege Escalation Vulnerability in Adobe Flash Player Versions 30.0.0.154 and Earlier
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Stored Cross-Site Scripting Vulnerability in Adobe Experience Manager Versions 6.0-6.4
Reflected Cross-Site Scripting Vulnerability in Adobe Experience Manager Versions 6.0-6.4
Reflected Cross-Site Scripting Vulnerability in Adobe Experience Manager Versions 6.0-6.4
Stored Cross-Site Scripting Vulnerability in Adobe Experience Manager Versions 6.0-6.4
Stored Cross-Site Scripting Vulnerability in Adobe Experience Manager Versions 6.0-6.4
Insecure Library Loading (DLL Hijacking) Vulnerability in Adobe Framemaker
Insecure Library Loading (DLL Hijacking) Vulnerability in Adobe Technical Communications Suite
Out-of-Bounds Read Vulnerability in Flash Player Versions 31.0.0.122 and Earlier
Adobe Acrobat and Reader NTLM SSO Hash Theft Vulnerability
Out-of-Bounds Read Vulnerability in Adobe Photoshop CC Versions 19.1.6 and Earlier
Type Confusion Vulnerability in Flash Player: Arbitrary Code Execution
Use After Free Vulnerability in Flash Player Versions 31.0.0.153 and Earlier
Insecure Library Loading (DLL Hijacking) Vulnerability in Flash Player
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Integer Overflow Vulnerability in Adobe Acrobat and Reader
Buffer Errors Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Remote Clickjacking Vulnerability in IBM API Connect 5.0.0.0 through 5.0.8.3
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Integer Overflow Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Buffer Errors Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Clear Text Transmission of Sensitive Data in IBM BigFix Platform 9.2 and 9.5
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Untrusted Pointer Dereference Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Integer Overflow Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Integer Overflow Vulnerability in Adobe Acrobat and Reader
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager (RQM) 5.0 - 6.0.6
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Adobe Acrobat and Reader Privilege Escalation Vulnerability
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager (RQM) 5.0 - 6.0.6
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager (RQM) 5.0 - 6.0.6
Use After Free Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Adobe Acrobat and Reader Multiple Versions Security Bypass Vulnerability
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Adobe Acrobat and Reader Privilege Escalation Vulnerability
Adobe Acrobat and Reader Privilege Escalation Vulnerability
Use After Free Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Missing Authorization Control for API Repository Storage
Sensitive Data Disclosure in Sidekiq Logs through Error Message
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager (RQM) 5.0 - 6.0.6
Persistent XSS in Merge Request Changes View
Orphaned Upload Files Exposure Vulnerability in GitLab
Authenticated Command Injection Vulnerability in pfSense before 2.4.4
Bluetooth Attribute Protocol Dissector Crash Vulnerability
Radiotap Dissector Crash Vulnerability in Wireshark
Bluetooth AVDTP Dissector Crash Vulnerability in Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16
Directory Traversal Vulnerability in Endress+Hauser WirelessHART Fieldgate SWG70 3.x Devices
Sensitive Information Disclosure Vulnerability in IBM Jazz Based Applications
Mitsubishi Electric SmartRTU Devices: Remote Information Disclosure Vulnerability
Cross-Site Scripting (XSS) Vulnerability in Mitsubishi Electric SmartRTU Devices
Heap-based Buffer Over-read in dwarf_getaranges.c in libdw in elfutils
Bypassing Navigation Restrictions via Crafted Chrome Extension in Google Chrome (CVE-2018-6177)
Use-after-free vulnerability in V8 allows remote code execution in Google Chrome
Use After Free Vulnerability in Google Chrome (CVE-2018-6177)
Use After Free Vulnerability in WebAudio in Google Chrome
Sandbox Escape Vulnerability in Google Chrome Prior to 69.0.3497.81
Cross-Origin Data Leakage Vulnerability in SwiftShader in Google Chrome
XML External Entity Injection (XXE) Vulnerability in IBM Rational Engineering Lifecycle Manager
Skia Integer Overflow Vulnerability in Google Chrome
Use After Free Vulnerability in WebRTC in Google Chrome
Bypassing Same Origin Policy via HLS Manifests in Google Chrome
Bypassing Site Isolation in Google Chrome: Insufficient Policy Enforcement Vulnerability
Bypassing Site Isolation in Google Chrome: Insufficient Policy Enforcement Vulnerability
Local File Data Disclosure Vulnerability in Google Chrome
Out of Bounds Memory Read Vulnerability in PDFium
Bypassing Content Security Policy via Object Lifecycle Issue in Google Chrome
Credit Card Data Leakage Vulnerability in Google Chrome Autofill
Omnibox Spoofing Vulnerability in Google Chrome prior to 69.0.3497.81
Weak Cryptographic Algorithms in IBM Rational Engineering Lifecycle Manager 6.0 through 6.0.6
Omnibox Spoofing Vulnerability in Google Chrome on macOS
Local File Access Vulnerability in Google Chrome DevTools
Out of Bounds Read Vulnerability in Swiftshader in Google Chrome
Out of Bounds Read Vulnerability in WebRTC in Google Chrome
Default Selected Dialog Button Remote Code Execution Vulnerability in Google Chrome
Use After Free Vulnerability in ResourceCoordinator in Google Chrome
Bypassing Navigation Restrictions via Crafted Chrome Extension in Google Chrome (CVE-2018-6177)
Bypassing Navigation Restrictions in Google Chrome Prior to 69.0.3497.81
Arbitrary File Download Vulnerability in Google Chrome (CVE-2018-6177)
Command Injection Vulnerability in System Management Module (SMM) Firmware Update Images
SMM Versions Prior to 1.06: Post-Authentication Command Injection Vulnerability
Buffer Overflow Vulnerabilities in SMM Certificate Creation and Parsing Logic
Sensitive Information Exposure in System Management Module (SMM) Versions Prior to 1.06
File Write Vulnerability in LXCI for VMware
Buffer Overflow Vulnerability in System Management Module (SMM) Versions Prior to 1.06
Password Hash Leakage in System Management Module (SMM) Versions Prior to 1.06
Cross-Site Scripting (XSS) Vulnerability in SMM Web Interface for Enclosure VPD
Insufficient Sanitization in LXCI Allows Authenticated User to Write to System Files
Unquoted Search Path Vulnerability in Lenovo ThinkPads: Unauthorized Code Execution Risk
Cross-Site Scripting (XSS) Vulnerability in IBM Rational DOORS Next Generation
Message Disclosure and Modification Vulnerability in Lightbend Akka 2.5.x
SQL Injection Vulnerability in AccountStatus.jsp in Sophos XG Firewall 17.0.8 MR-8 Admin Portal
Sophos XG Firewall 17.0.8 MR-8 - Remote Command Execution Vulnerability in Admin Portal
Sophos XG Firewall 17.0.8 MR-8 API Configuration Component Remote Command Execution Vulnerability
Remote Code Execution Vulnerability in TP-Link WR1043nd (Firmware Version 3) HTTP Server
Authentication Bypass Vulnerability in IBM QRadar Incident Forensics
Arbitrary System Command Execution in Xiaomi Mi Router 3 (v2.22.15) via request_mitv Vulnerability
Denial of Service Vulnerability in Lightbend Akka HTTP via ZIP Bomb
Memory Exhaustion Vulnerability in Open Whisper Signal iOS App
Directory Traversal Vulnerability in Cybrotech CyBroHttpServer 1.0.3
XSS Vulnerability in Cybrotech CyBroHttpServer 1.0.3 via URI
Location Permission Dialog Spoofing Vulnerability in Opera Mini for Android
CSRF Vulnerability in IPBRICK OS 6.3 Administrator Interface
Multiple SQL Injections in IPBRICK OS 6.3 Web Management Console
Multiple XSS Vulnerabilities in IPBRICK OS 6.3 Administration Page
Arbitrary Web Script Injection Vulnerability in BIBLIOsoft BIBLIOpac 2008
Remote Information Disclosure Vulnerability in IBM WebSphere Application Server
Buffer Underwrite Vulnerability in get_line() in fig2dev 3.2.7a
Arbitrary File Deletion Vulnerability in ThinkCMF X2.2.3
Reflected XSS Vulnerability in PHPOK 4.8.278 via _back Parameter
Command Injection Vulnerability in Opsview Monitor's NetAudit Test Connection Functionality
Privilege Escalation Vulnerability in Opsview Monitor
Arbitrary Command Injection in Opsview Monitor 5.4.x Web Management Console
Cross-Site Scripting (XSS) Vulnerability in Opsview Monitor's /settings/api/router Endpoint
Cross-Site Scripting (XSS) Vulnerability in Opsview Monitor's /rest Endpoint
Blind Trust in ASN.1 Lengths in sig_verify() in axTLS Version 2.1.3 and Earlier
PKCS#1 v1.5 Signature Verification Vulnerability in axTLS
RSA Signature Verification Vulnerability in GMP Plugin in strongSwan 4.x and 5.x before 5.7.0
RSA Signature Verification Vulnerability in GMP Plugin in strongSwan 4.x and 5.x before 5.7.0
Opencast Authentication Vulnerability: Disclosure of System Digest Credentials
Unauthenticated DLL Hijacking Vulnerability in PaperStream IP (TWAIN) 1.42.0.5685
Vulnerability: Logic Flaw in Waimai Super Cms 20150505 Allows Price Modification and Free Cart Checkout
Insecure SSH Key Management in Eaton Power Xpert Meter Devices
SQL Injection Vulnerability in Gift Vouchers Plugin for WordPress
Authentication Bypass Vulnerability in SecureCore Standard Edition Version 2.x
Privilege Escalation Vulnerability in OpenDolphin 2.7.0 and Earlier
User Credential Exposure in OpenDolphin 2.7.0 and Earlier
Authentication Bypass Vulnerability in OpenDolphin 2.7.0 and Earlier
Arbitrary Code Injection Vulnerability in Event Calendar WD Plugin
Arbitrary Web Script Injection Vulnerability in LogonTracer 1.2.0 and Earlier
XML External Entity (XXE) Vulnerability in LogonTracer 1.2.0 and Earlier
Arbitrary OS Command Execution Vulnerability in LogonTracer 1.2.0 and Earlier
Python Code Injection Vulnerability in LogonTracer 1.2.0 and Earlier
Remote Code Execution in Cybozu Remote Service 3.0.0 to 3.1.0
Cybozu Remote Service Directory Traversal Vulnerability
Cybozu Remote Service 3.0.0 to 3.1.8 Directory Traversal Remote Code Execution Vulnerability
Clickjacking Vulnerability in Cybozu Remote Service Allows Remote Deletion of Client Certificates
Cross-Site Scripting Vulnerability in LearnPress Prior to Version 3.1.0
Open Redirect Vulnerability in LearnPress Prior to Version 3.1.0: Remote Phishing Attack Vector
SQL Injection Vulnerability in LearnPress Prior to Version 3.1.0 Allows Arbitrary SQL Command Execution
Untrusted Search Path Vulnerability in Mapping Tool Installer Allows Privilege Escalation
Untrusted Search Path Vulnerability in Windows 10 Fall Creators Update Installer
Bypassing Access Restriction in Cybozu Garoon Single Sign-On Function
Unverified Server Certificate Vulnerability in Mizuho Direct App for Android
Directory Traversal Vulnerability in IBM Security Privileged Identity Manager Virtual Appliance 2.2.1
Cross-Site Scripting Vulnerability in i-FILTER Ver.9.50R05 and Earlier
HTTP Header Injection Vulnerability in i-FILTER Ver.9.50R05 and Earlier
Untrusted Search Path Vulnerability in MARKET SPEED Ver.16.4 and Earlier Installer
Unquoted Search Path Vulnerability in Pre-installed Applications on Panasonic PC
Remote Code Execution Vulnerability in RICOH Interactive Whiteboard D2200, D5500, D5510, D5520, D6500, D6510, D7500, and D8400
Remote Code Execution Vulnerability in RICOH Interactive Whiteboard and Controller
Hard-coded Credentials Vulnerability in RICOH Interactive Whiteboard and Controller
Unverified Server Certificates Vulnerability in RICOH Interactive Whiteboards
RICOH Interactive Whiteboard SQL Injection Vulnerability
Untrusted Search Path Vulnerability in UNLHA32.DLL Self-Extracting Archives
Untrusted Search Path Vulnerability in UNARJ32.DLL, LHMelting, and LMLzh32.DLL
Open Redirect Vulnerability in EC-CUBE (Versions 3.0.0 - 3.0.16)
Information Disclosure Vulnerability in Aterm WF1200CR and Aterm WG1200CR
Cross-site scripting vulnerability in Aterm WF1200CR and Aterm WG1200CR firmware versions 1.1.1 and earlier allows authenticated attackers to inject arbitrary web script or HTML.
Arbitrary OS Command Execution Vulnerability in Aterm WF1200CR and Aterm WG1200CR
Arbitrary OS Command Execution via SOAP Interface in Aterm WF1200CR and Aterm WG1200CR
Denial of Service Vulnerability in Yokogawa Vnet/IP Open Communication Driver
Toshiba Home Gateway Access Restriction Bypass Vulnerability
Undocumented Developer Screen Access Vulnerability in Toshiba Home Gateway HEM-GW16A and HEM-GW26A
Arbitrary Web Script Injection Vulnerability in Toshiba Home Gateway HEM-GW16A and HEM-GW26A
Arbitrary OS Command Execution in Toshiba Home Gateway HEM-GW16A and HEM-GW26A
Hard-coded Credentials Vulnerability in Toshiba Home Gateway HEM-GW16A and HEM-GW26A
Cordova-Plugin-Ionic-Webview Directory Traversal Vulnerability
Authentication Bypass Vulnerability in PgpoolAdmin 4.0 and Earlier
Cross-Site Scripting Vulnerability in Google XML Sitemaps Plugin
Arbitrary Code Injection Vulnerability in GROWI v3.2.3 and Earlier
Arbitrary Code Injection Vulnerability in WordPress Plugin Spam-ByeBye 2.2.1 and Earlier
Unauthorized File Alteration Vulnerability in PowerAct Pro Master Agent for Windows Version 5.13 and Earlier
Clear Text Password Exposure in IBM WebSphere Application Server
XSS Vulnerability in WAGO 750-88X and WAGO 750-89X Ethernet Controller Devices
Command Injection Vulnerability in AudioCodes 405HD VoIP Phone (Firmware 2.2.12)
Command Injection Vulnerability in Yeahlink Ultra-elegant IP Phone SIP-T41P (Firmware 66.83.0.35)
CSRF Vulnerability in Yeahlink Ultra-elegant IP Phone SIP-T41P Firmware 66.83.0.35
Missing Password Verification in AudioCodes 405HD VoIP Phone Firmware 2.2.12 Allows Unauthorized Password Change
Cross-Site Request Forgery Vulnerability in IBM Security Privileged Identity Manager Virtual Appliance 2.2.1
Cross Site Scripting (XSS) Vulnerability in AudioCodes 405HD VoIP Phone Firmware 2.2.12
Path Traversal Vulnerability in Yeahlink Ultra-elegant IP Phone SIP-T41P (Firmware 66.83.0.35)
Cleartext Storage of Credentials in iSmartAlarmData.xml Configuration File
Insecure Cryptographic Storage of Credentials in QBee Cam Android App
iSmartAlarm Cube One through 2.2.4.10 Diagnostic Files Access Control Vulnerability
Unencrypted Network Traffic Vulnerability in QBee MultiSensor Camera
Reflected Cross-Site Scripting (XSS) Vulnerability in Mitel MiVoice Office 400
Buffer Over-read Vulnerability in IEEE 802.11 Parser
Buffer Over-read Vulnerability in HNCP Parser of tcpdump
Buffer Over-read Vulnerability in tcpdump's DCCP Parser
Local File Disclosure Vulnerability in IBM Security Privileged Identity Manager Virtual Appliance 2.2.1
Buffer Over-read Vulnerability in BGP Parser of tcpdump
Denial of Service Vulnerability in Michael Roth Software Personal FTP Server (PFTP) through 8.4f
Authenticated Command Injection Vulnerability in IPFire Firewall
XSS Vulnerability in MiniCMS V1.10 via mc-admin/post-edit.php tags Parameter
XSS Vulnerability in MorningStar WhatWeb 0.4.9 via JSON Report Files
Cross-Site Scripting (XSS) Vulnerability in Telligent Community Feed RSS Widget
XSS Vulnerability in cPanel 74 via Crafted Filename in Logs Subdirectory
Directory Traversal Vulnerability in damiCMS V6.0.1 via '|' Characters in s Parameter
Remote Code Execution via Multipart/Form-Data POST in damiCMS V6.0.1
Vulnerability: Session Cookie Guessing in damiCMS V6.0.1
oBike Vulnerability: Bypassing Locking Mechanism via Bluetooth Low Energy Replay Attack
Multiple Persistent XSS Vulnerabilities in SolarWinds Database Performance Analyzer (DPA)
XSS Vulnerability in YzmCMS 5.1 via admin/system_manage/user_config_add.html Title Parameter
XSS Vulnerability in b3log Solo 2.9.3: Remote Code Injection via articleTags Field
Cross-Site Scripting (XSS) Vulnerability in Symphony 3.3.0 and earlier
Sensitive Information Disclosure in IBM Security Privileged Identity Manager Virtual Appliance 2.2.1
XSS Vulnerability in Utilisateur Menu of Creatiwity wityCMS 0.6.2
Search for User Discovery Injection Vulnerability in Creatiwity wityCMS 0.6.2
XML External Entity Injection in FsPro Labs Event Log Explorer 4.6.1.2115
PKCS#1 v1.5 Signature Verification Vulnerability in axTLS
XSS Vulnerability in WP All Import Plugin 3.4.9 for WordPress via action=options
XSS Vulnerability in WP All Import Plugin 3.4.9 for WordPress via action=evaluate
XSS Vulnerability in WP All Import Plugin 3.4.9 via Add Filtering Options (Add Rule)
XSS Vulnerabilities in WP All Import Plugin 3.4.9 via action=template (Admin-Only Exploit)
XSS Vulnerability in WP All Import Plugin 3.4.9 for WordPress via pmxi-admin-import custom_type
XSS Vulnerability in WP All Import Plugin 3.4.9 for WordPress via pmxi-admin-settings large_feed_limit
Session Fixation/Hijacking Vulnerability in IBM Security Privileged Identity Manager Virtual Appliance 2.2.1
Privilege Escalation Vulnerability in Pulse Secure Pulse Desktop Client: Dynamic Certificate Trust
Improper D-Bus Security Policy Configurations in Tizen's pkgmgr System Service Allow Unprivileged Process to Perform Package Management Actions
Unprivileged Process Control Vulnerability in Tizen's PulseAudio System Service
Improper D-Bus Security Policy Configurations in BlueZ System Service in Tizen
Improper D-Bus Security Policy Configurations in Tizen's bt/bt_core Service Allow Unauthorized Bluetooth Pairing
Improper D-Bus Security Policy Configurations in Tizen Allow Unprivileged Process to Control or Capture Windows
Improper D-Bus Security Policy Configurations in Tizen's system-popup System Service
Unprivileged Process Exploitation in Tizen SoundServer/FocusServer System Services
Improper D-Bus Security Policy Configurations in Samsung Galaxy Gear Series Allows Unauthorized Access to Notification Message Data
Unrestricted Bluetooth HCI Packet Dumping Vulnerability in Samsung Galaxy Gear Series
Improper D-Bus Security Policy Configurations in Samsung Galaxy Gear Series Allows Unauthorized Mailbox Manipulation and Email Spoofing
Unprivileged Process Exploitation: Full Wi-Fi Interface Control in Samsung Galaxy Gear Series
CSV Injection Vulnerability in OPSWAT MetaDefender (before v4.11.2)
Vulnerability in yurex USB Driver Allows Kernel Crash and Privilege Escalation
XSS Vulnerability in XWiki Image Import Function
Arbitrary SQL Command Execution Vulnerability in PhpOpenSourceCMS (POSCMS) V3.2.0
Incorrect Access Control in DEISER Profields - Project Custom Fields App for Jira (Version 6.0.2 and below)
Command Injection Vulnerability in Moxa EDR-810 V4.2 Build 18041013
Directory Traversal Vulnerability in Wechat Broadcast Plugin for WordPress
Cross-Site Scripting (XSS) Vulnerability in UserPro WordPress Plugin
Authentication Bypass Vulnerability in LG SuperSign CMS
File Upload Vulnerability in LG SuperSign CMS via signEzUI/playlist/edit/upload/..%2f URIs
Arbitrary File Reading Vulnerability in LG SuperSign CMS
Use-after-free vulnerability in Foxit Reader and PhantomPDF JavaScript Engine
Use-after-free vulnerability in Foxit Reader and PhantomPDF JavaScript Engine
Use-after-free vulnerability in Foxit Reader and PhantomPDF JavaScript Engine
Use-after-free vulnerability in Foxit Reader and PhantomPDF JavaScript Engine
Use-after-free vulnerability in Foxit Reader and PhantomPDF JavaScript Engine
Use-after-free vulnerability in Foxit Reader and PhantomPDF JavaScript Engine
Use-after-free vulnerability in Foxit Reader and PhantomPDF JavaScript Engine
XSS Vulnerability in MiniCMS 1.10: mc-admin/post.php?tag=
Directory Traversal Vulnerability in Localize My Post Plugin 1.0 for WordPress
Local Privilege Escalation Vulnerability in IBM Informix Dynamic Server Enterprise Edition 12.1
Unlimited Recursion Vulnerability in BGP Parser of tcpdump
Buffer Overflow Vulnerability in tcpdump's Command-Line Argument Parser
Buffer Overflow Vulnerability in MediaComm Zip-n-Go before 4.95
Denial of Service Vulnerability in PDF-XChange Editor
Out-of-band Resource Load Vulnerability in Xiaomi MIWiFi Xiaomi_55DD Version 2.8.50 Devices
CSV Injection Vulnerability in Ninja Forms Plugin for WordPress
Local Privilege Escalation Vulnerability in IBM Informix Dynamic Server Enterprise Edition 12.1
Denial of Service Vulnerability in Technicolor TG588V V2 Devices via MAC Address Flood
XSS Vulnerability in Bludit 2.3.4 via User Name
CSRF Token Bypass in idreamsoft iCMS 7.0.11
CSRF Vulnerability in waimai Super Cms 20150505 Allows Unauthorized Configuration Changes
Stored XSS Vulnerability in Portainer through 1.19.1 via Team Name Field
Local Privilege Escalation Vulnerability in IBM Informix Dynamic Server Enterprise Edition 12.1
Arbitrary PHP Code Execution Vulnerability in iCMS 7.0.11
Uninitialized Data Leak in ReadXBMImage Function of ImageMagick
Cross-Site Scripting (XSS) Vulnerability in IceWarp Server 12.0.3.1 and Earlier
XSS Vulnerability in GetSimple CMS 3.4.0.9: Admin/Edit.php Title Field
XSS Vulnerability in PHP Scripts Mall Olx Clone 3.4.2
Stored XSS Vulnerability in Subrion 4.2.1 Admin Panel URL Configuration
NULL Pointer Dereference in CheckEventLogging Function in ImageMagick
NULL Pointer Dereference in GetMagickProperty function in ImageMagick
Symbolic Link Vulnerability in IBM Informix Dynamic Server Enterprise Edition 12.1
XSS Vulnerability in Pandao Editor.md 1.5.0 via Crafted IMG Element Attributes
CSRF Vulnerability in DamiCMS v6.0.0 Allows Password Change for Administrator Account
CSRF Vulnerability in iCMS 7.0.9 AdminCP.php
Buffer Overflow Vulnerability in Tenda AC Series Routers
OS Command Injection in Tenda AC9 and AC10 Devices via POST Request
Heap-based Buffer Overflow in LibTIFF 4.0.9's ChopUpSingleUncompressedStrip Function
Exiv2 v0.26 Denial of Service Vulnerability in PngChunk::parseTXTChunk
CSRF Vulnerability in Cscms V4.1.8 Allows Unauthorized Modification of Website Configuration
CSRF Vulnerability in AuraCMS 2.3 Allows Unauthorized Password Change and Content Manipulation
CSRF Vulnerability in EmpireCMS 7.0 Allows Unauthorized Administrator Addition
Symbolic Link Vulnerability in IBM Informix Dynamic Server Enterprise Edition 12.1 Allows Local User to Gain Root Privileges
XSS Vulnerability in ShowDoc v1.8.0 via New Page
Arbitrary Code Execution Vulnerability in SeaCMS 6.61
Remote File Deletion Vulnerability in zzcms 8.3
CSRF Vulnerability in EasyCMS 1.5 Allows Unauthorized Password Update
XSS Vulnerability in ChemCMS 1.0.6 via Setting -> Website Information Field
Cross-Site Scripting (XSS) Vulnerability in Gleez CMS v1.2.0 via media/imagecache/resize
XSS Vulnerability in SeaCMS V6.61 via admin_video.php v_content Parameter
XSS Vulnerability in WUZHI CMS 4.1.0 via index.php?m=link&f=index&v=add Form[remark] Parameter
Stack-based Buffer Overflow in IBM Informix Dynamic Server Enterprise Edition 12.1 Allows Privilege Escalation
XSS Vulnerability in WUZHI CMS 4.1.0 via index.php?m=core&f=set&v=basic form[statcode] parameter
PHP Code Upload Vulnerability in WeaselCMS 0.3.6 via index.php
SQL Injection Vulnerability in FHCRM
SQL Injection Vulnerability in FHCRM
SQL Injection Vulnerability in PbootCMS via api.php/List/index Order Parameter
SQL Injection Vulnerability in PbootCMS via api.php/Cms/search Order Parameter
Cross-Site Scripting (XSS) Vulnerability in Dotclear Media Manager
Vulnerability: Unauthorized File Renaming in Google gVisor Seccomp Sandbox
Stack-based Buffer Overflow in IBM Informix Dynamic Server Enterprise Edition 12.1 Allows Privilege Escalation
XSS Vulnerability in BTITeam XBTIT 2.5.4 via news.php
Cross-Site Scripting (XSS) Vulnerability in Source Integration Plugin for MantisBT
XSS Vulnerability in mndpsingh287 File Manager Plugin V2.9 for WordPress
Remote Code Execution Vulnerability in Zoho ManageEngine Applications Manager via SMB Share
CSRF Vulnerability in idreamsoft iCMS V7.0.10
CSRF Vulnerability in idreamsoft iCMS V7.0.10
Sandbox Access Control Vulnerability in OnlineJudge 2.0 Allows Unauthorized File Writing and Data Leakage
Heap-based Buffer Over-read in Xpdf 4.00 via SplashXPath::strokeAdjust
Denial of Service Vulnerability in Xpdf 4.00 via Crafted PDF File (CVE-2018-7453)
Arbitrary PHP Code Execution Vulnerability in PESCMS Team 2.2.1
Multiple Reflected XSS Vulnerabilities in PESCMS Team 2.2.1 via keyword parameter
Reflected XSS Vulnerability in IdeaCMS (Discontinued)
Frog CMS 0.9.5 Upload Vulnerability
Stored XSS Vulnerability in Frog CMS 0.9.5 via /admin/?/plugin/comment/settings
Heap-based Buffer Overflow in OpenJPEG 2.3.0's pnmtoimage Function
Heap-based Buffer Overflow in OpenJPEG 2.3.0's t2_encode_packet Function
XSS Vulnerability in Ogma CMS 0.4 Beta via Footer Text footer Field
Lack of Two Factor Authentication (TFA) during password reset in IBM API Connect 5.0.0.0-5.0.8.3 Developer Portal
CSRF Vulnerability in Ogma CMS 0.4 Beta Allows Unauthorized Admin Account Creation
XSS Vulnerability in e107 2.1.8 via user_loginname parameter in e107_admin/users.php
Buffer Over-read Vulnerability in NASM 2.14rc15's x86/regflags.c
OWASP ModSecurity Core Rule Set SQL Injection Bypass Vulnerability
SQL Injection in ThinkPHP before 5.1.23 via public/index/index/test/index query string
Log Injection Vulnerability in SWIFT Alliance Web Platform 7.1.23
CSRF Vulnerability in Elefant CMS Allows Unauthorized Account Addition
Arbitrary PHP Code Execution via Image Upload in e107 2.1.8
SQL Injection Vulnerability in e107 2.1.8 via old_ip Parameter in e107_admin/banlist.php
Unauthorized Access to Sensitive Information in Jazz Reporting Service
Buffer Overflow Vulnerabilities in OpenSC's muscle_list_files Function
Buffer Overflow Vulnerabilities in libopensc/card-tcos.c in OpenSC
Buffer Overflow Vulnerabilities in OpenSC's Gemsafe V1 Smartcard Handling
OpenSSL Library Vulnerability: Illegitimate Certificate Acceptance
Unpacking Tainted Strings Vulnerability
Arbitrary File Read Vulnerability in LimeSurvey before 3.14.7
Regular Expression Mishandling in Twistlock AuthZ Broker 0.1 Allows Bypass of Container Policy
Arbitrary Command Execution Vulnerability in IBM Security Privileged Identity Manager Virtual Appliance 2.2.1
Double Free Vulnerability in libelf/elf_end.c in elfutils 0.173
Heap-based Buffer Over-read in libdw in elfutils 0.173
XSS Vulnerability in Mayan EDMS Appearance App
XSS Vulnerability in Mayan EDMS Cabinets App
XSS Vulnerability in Mayan EDMS Tags App
Remote Code Execution Vulnerability in D-Link DIR-846 Firmware 100.26
SSRF Vulnerability in Gogs 0.11.53 Allows Arbitrary HTTP GET Requests via Migrate Endpoint
SQL Injection Vulnerability in Vanilla 2.6.1
Heap-Based Buffer Over-Read Vulnerability in ImageMagick 7.0.8-11 Q16
Heap-Based Buffer Over-Read Vulnerability in ImageMagick 7.0.8-11 Q16
CSRF Vulnerability in FUEL CMS 1.4 Allows Password Change by Remote Attackers
Aruba Instant Command Injection Vulnerability
Buffer Overflow Vulnerability in OpenSC's util_acl_to_str Function
Buffer Overflow Vulnerabilities in OpenSC's Cryptoflex Card Handling
Buffer Overflow Vulnerabilities in ePass 2003 Card Handling in OpenSC
Buffer Overflow Vulnerability in OpenSC's CAC Card Handling
Buffer Overflow Vulnerability in OpenSC's sc_pkcs15emu_esteid_init Function
Double Free Vulnerability in OpenSC's sc_file_set_sec_attr Function
Double Free Vulnerability in OpenSC's eGK Card Tool
Double Free Vulnerability in OpenSC's HSM Card Response Handling
Endless Recursion Vulnerability in iasecc_select_file in OpenSC
Out of Bounds Read Vulnerability in OpenSC Library
NULL Pointer Dereference in g_markup_parse_context_end_parse() in GNOME GLib 2.56.1
Out-of-Bounds Read Vulnerability in GNOME GLib 2.56.1's g_markup_parse_context_parse()
Cross-Site Scripting Vulnerability in IBM WebSphere Application Server Installation Verification Tool
Out-of-Bounds Read Vulnerability in GNU Libextractor's EXTRACTOR_zip_extract_method()
CSRF Vulnerability in YFCMF v3.0 Allows Unauthorized Administrator Account Addition
SQL Injection Vulnerability in BlueCMS 1.6 via user_name Parameter
Heap-based Buffer Overflow in Little CMS 2.9
Critical SQL Injection Vulnerability in Gxlcms 2.0 (Pre-Bug Fix 20180915)
Directory Traversal Vulnerability in Gxlcms 2.0 (Pre-Bug Fix 20180915) Allows Administrator Exploitation
Out of Bounds Read Vulnerability in HDF HDF5 1.8.20 Library
User Information Disclosure Vulnerability in IBM WebSphere Commerce
SSRF Vulnerability in SeaCMS 6.61 via url Parameter in adm1n/admin_reslib.php
SQL Injection Vulnerability in SeaCMS 6.61 via tid Parameter in adm1n/admin_topic_vod.php
Arbitrary File Deletion Vulnerability in SeaCMS
CSRF Vulnerability in Frog CMS 0.9.5 User Edit Functionality
CSRF Vulnerabilities in CSCMS 4: Unauthorized Member Creation, VIP Authentication, and Super Admin Creation
CSRF Vulnerabilities in OneThink 1.1.141212
Reflected XSS Vulnerability in CraftedWeb (through 2013-09-24) via the p Parameter
Buffer Over-read Vulnerability in tcpdump's SMB Parser
Stack Exhaustion Vulnerability in SMB Parser of tcpdump
Cross-Site Scripting (XSS) Vulnerability in PHP Scripts Mall Domain Lookup Script 3.0.5
Denial of Service Vulnerability in PHP Scripts Mall Currency Converter Script 2.0.5
Cross-Site Scripting (XSS) Vulnerability in PHP Scripts Mall Market Place Script 1.0.1 via Keyword Parameter
XSS Vulnerability in PHP Scripts Mall Website Seller Script 2.0.5 via Keyword
Directory Listing Vulnerability in PHP Scripts Mall Open Source Real-estate Script 3.6.2
CSRF Vulnerability in baigo CMS v2.1.1 Allows Unauthorized Article Publication
Unescaped Payload in exceljs <v1.6: Possible XSS via Cell Value in Browser Display
Arbitrary Command Execution Vulnerability in ps Package for Node.js (Versions <1.0.0)
Arbitrary Command Execution Vulnerability in libnmapp Package
Command Injection Vulnerability in apex-publish-static-files npm Module (Version <2.0.1)
Session Fixation Vulnerability in Nextcloud Server Prior to 14.0.0, 13.0.3, and 12.0.8
Password Bypass Vulnerability in Nextcloud Server
Lack of Second Factor Enforcement in Nextcloud Server prior to 14.0.0
Access Control Bypass in Nextcloud Server versions prior to 14.0.0, 13.0.6, and 12.0.11
Unauthorized Access to Previews of Password Protected Shares in Nextcloud Server
Unsanitized JavaScript Vulnerability in Loofah Gem for Ruby
Prototype Pollution Vulnerability in merge.recursive function of merge package <1.2.1
Denial of Service Vulnerability in IBM QRadar Incident Forensics 7.2 and 7.3
Rack Multipart Parser Denial of Service Vulnerability
XSS Vulnerability in Rack's `scheme` Method
Prototype Pollution Vulnerability in Cached-Path-Relative Versions <=1.0.1
Path Traversal Vulnerability in takeapeek Module (<=0.2.2) Allows Directory and File Listing
Stored XSS Vulnerability in Tianma-Static Module (<=1.0.4) Allows Arbitrary JavaScript Execution
Path Traversal Vulnerability in Knightjs <= 0.0.1: Arbitrary File Read
Active Job Broken Access Control Vulnerability
Active Storage Bypass Vulnerability in Google Cloud Storage and Disk Services
Path Traversal Vulnerability in simplehttpserver <=0.2.1 Allows Listing Files Outside Web Root
Path Traversal Vulnerability in http-live-simulator <1.0.7 Allows Unauthorized Access to Arbitrary Files
Weak Cryptographic Algorithms in IBM QRadar SIEM 7.2 and 7.3: Vulnerability to Information Decryption
XSS Vulnerability in Module Public <0.1.4 Allows Execution of Malicious JavaScript Code
Critical XSS Vulnerability in html-page <=2.1.1 Allows Execution of Malicious JavaScript Code
Server Directory Traversal Vulnerability in mcstatic <=0.0.20: Exploiting Sensitive Information Disclosure
Privilege Escalation Vulnerability in express-cart <=1.1.5 Allows Unauthorized User Access
Critical XSS Vulnerability in m-server <1.4.2: Execution of Malicious Code via Unescaped Folder Names
Path Traversal Vulnerability in m-server <1.4.1: Unauthorized Access to File Content
Prototype Pollution Vulnerability in defaults-deep <=0.2.4 Allows Property Injection onto Object.prototype
Prototype Pollution Vulnerability in lodash <4.17.11: Exploiting merge and defaultsDeep Functions
Prototype Pollution Vulnerability in just-extend <4.0.0 Allows Property Injection onto Object.prototype
Directory Traversal Vulnerability in IBM QRadar Incident Forensics 7.2 and 7.3
Prototype Pollution Vulnerability in mpath <0.5.1 Allows Arbitrary Property Injection
Prototype Pollution Vulnerability in node.extend <1.1.7, ~<2.0.1
Prototype Pollution Vulnerability in extend <2.0.2, ~<3.0.2
Path Traversal Vulnerability in static-resource-server 1.7.2 Allows Unauthorized File Access
Vulnerability: Insecure Umask Setting in Versa Servers Allows Unauthorized Access
Session Hijacking Vulnerability in VOS: Failure to Issue New Session ID After Successful Login
Unauthenticated Access Vulnerability in Versa Director
Privilege Escalation Vulnerability in Versa Analytics Cron Jobs
Vulnerability: Unencrypted Backup Files in Versa Director Expose Credentials
VOS Compromised: Man-in-the-Middle Attack Vulnerability and Violation of Data Protection TSR
Hard-coded Credentials Vulnerability in IBM QRadar SIEM 7.2 and 7.3
Privilege Escalation Vulnerability in Artifex Ghostscript
Remote Code Execution Vulnerability in Artifex Ghostscript
Type Confusion Vulnerability in Artifex Ghostscript
Type Confusion Vulnerability in Artifex Ghostscript
Cross-Site Scripting (XSS) Vulnerability in MantisBT 2.1.0 through 2.17.0 via Crafted PATH_INFO
Improper Transaction and Event Signature Validation in Matrix Synapse before 0.33.3.1
Reflected XSS Vulnerability in Flask-Admin 1.5.2 via Crafted URL
NULL Pointer Dereference Vulnerability in asm/labels.c in Netwide Assembler (NASM)
Directory Traversal Vulnerability with Remote Code Execution in Prim'X Zed! FREE and Zed! Limited Edition
Cross-Site Scripting (XSS) Vulnerability in COYO 9.0.8, 10.0.11, and 12.0.4 via iFrame Widget URLs
Denial of Service Vulnerability in IBM DataPower Gateway and IBM MQ Appliance
XML External Entity (XXE) Vulnerability in OpenMRS Reference Application 2.8.0
Uninitialized Pointer Free Vulnerability in AWS FreeRTOS SOCKETS_SetSockOpt
Division by Zero Vulnerability in AWS FreeRTOS and WITTENSTEIN WHIS Connect TCP/IP Component
Information Disclosure Vulnerability in AWS FreeRTOS and WITTENSTEIN WHIS Connect TCP/IP Component
Buffer Overflow Vulnerability in AWS FreeRTOS, FreeRTOS+TCP, and WITTENSTEIN WHIS Connect TCP/IP Component
Buffer Overflow Vulnerability in Amazon Web Services (AWS) FreeRTOS and WITTENSTEIN WHIS Connect Middleware
Information Disclosure Vulnerability in AWS FreeRTOS and WITTENSTEIN WHIS Connect TCP/IP Component
Arbitrary Code Execution Vulnerability in AWS FreeRTOS through 1.3.1
Forcepoint Email Security 8.5.x Password Reset Exploitation Vulnerability
Cross-Site Scripting (XSS) Vulnerability in IBM Security Access Manager Appliance 9.0.x
Stack-based Buffer Overflow in Forcepoint Email Security v8.5: Potential Denial-of-Service and RCE Vulnerability
Improper Access Checking in Artifex Ghostscript Allows Disclosure of System Files
Open Redirect Vulnerability in IBM Curam Social Program Management
Use-after-free vulnerability in Artifex Ghostscript PDF14 Converter
Incorrect Free Logic in Pagedevice Replacement Vulnerability in Artifex Ghostscript
Insufficient Interpreter Stack-Size Checking Vulnerability in Artifex Ghostscript
Unspecified Impact Vulnerability in Artifex Ghostscript before 9.24
Arbitrary Code Execution Vulnerability via File Impersonation in Kaizen Asset Manager and Training Manager (Enterprise Edition)
Hardcoded SSL Private Key Vulnerability in Amcrest Networked Devices
Memory Leak in ZZIPlib: Denial of Service Vulnerability
Directory Traversal Vulnerability in HScripts PHP File Browser Script v1.0
Exposure of Kernel Memory via rmsock Command in IBM AIX
Bypassing Brute-Force Authentication Protection in TeamViewer 10.x-13.x
XSS Vulnerability in LavaLite 5.5 via /edit URI
CSRF Vulnerability in MicroPyramid Django-CRM 0.2
Remote Code Execution Vulnerability in Jspxcms 9.0.0
Inconsistent sprintf Format String in ProcessGpsInfo Function of jhead 3.00 Allows for Denial-of-Service Attack
Title: Cross-Site Scripting (XSS) Vulnerability in SCALANCE S602, S612, S623, and S627-2M Web Server
Vulnerability: Denial of Service in SIMATIC S7-400 CPUs
Denial of Service Vulnerability in SIMATIC S7-400 CPUs
Denial-of-Service Vulnerability in SIMATIC S7-1500 CPU
Denial-of-Service Vulnerability in SIMATIC S7-1500 CPU
Path Traversal Vulnerability in IBM Java Runtime Environment's Diagnostic Tooling Framework for Java (DTFJ)
Title: Denial-of-Service Vulnerability in SIMATIC S7-300 CPUs (All versions < V3.X.16)
Denial-of-Service Vulnerability in Multiple Firmware Variants and SIPROTEC 5 Relays
Cross-Site Scripting (XSS) Vulnerability in IBM Publishing Engine 2.1.2, 6.0.5, and 6.0.6
HTTP Header Injection Vulnerability in IBM Jazz Foundation
Memory Corruption Vulnerability in Artifex Ghostscript
Remote Code Execution via Malicious Email in OTRS
Arbitrary File Deletion Vulnerability in OTRS
Privilege Escalation via World-Writable Intermediate Directories in SUSE useradd.c
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Engineering Lifecycle Manager
Client-side JavaScript authentication in FURUNO FELCOM 250 and 500 devices poses a significant vulnerability.
Unauthenticated Password Change Vulnerability in FURUNO FELCOM 250 and 500 Devices
Shell Metacharacter Injection Vulnerability in Sony Bravia TV's Photo Sharing Plus Component
Directory Traversal Vulnerability in Sony Bravia TV's Photo Sharing Plus Component
Buffer Overflow Vulnerability in Sony Bravia TV's Photo Sharing Plus Component
LAN UPnP Service Stack-Based Buffer Overflow Vulnerability
Vulnerability in OverlayFS Mounts Allows Unauthorized File Modification or Truncation
Unauthenticated DNS Response Acceptance Vulnerability
Out of Bounds Memory Access Vulnerability in AWS FreeRTOS and WITTENSTEIN WHIS Connect
Cross-Site Scripting (XSS) Vulnerability in IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0
Out of Bounds Memory Access Vulnerability in AWS FreeRTOS and WITTENSTEIN WHIS Connect
Memory Space Copy Vulnerability in Amazon Web Services (AWS) FreeRTOS and WITTENSTEIN WHIS Connect Middleware
Out of Bounds Memory Access Vulnerability in AWS FreeRTOS and WITTENSTEIN WHIS Connect
Out of Bounds Access Vulnerability in AWS FreeRTOS and WITTENSTEIN WHIS Connect
Arbitrary PHP Code Execution Vulnerability in Nibbleblog v4.0.5
Cross-Site Scripting (XSS) Vulnerability in D-Link DIR-600M Dynamic DNS Configuration
Insecure Direct Object Reference (IDOR) vulnerability in ProConf before 6.1 allows unauthorized access to submitted papers and personal information.
Arbitrary Web Script Injection Vulnerability in Open-AudIT Professional Edition 2.2.7
Insecure Direct Object Reference (IDOR) allows unauthorized password changes in Monstra CMS 3.0.4
Cross-Site Request Forgery Vulnerability in IBM DataPower Gateways 7.5-7.6
Privilege Escalation Vulnerability in wpForo Forum Plugin
Remote Command Execution Vulnerability in VTech Storio Max (before 56.D3JM6)
Cross-Site Scripting (XSS) Vulnerability in Sonatype Nexus Repository Manager before 3.14
Incorrect Access Control in Sonatype Nexus Repository Manager before 3.14
Java Expression Language Injection in Sonatype Nexus Repository Manager before 3.14
Multiple Cross-Site Scripting (XSS) Vulnerabilities in DoraCMS v2.0.3
Persistent XSS Vulnerability in Kirby V2.5.12 via Site Options Title in Admin Panel Dashboard Dropdown
Cross-Site Scripting (XSS) Vulnerability in Kirby v2.5.12 via New Page Title
XSS Vulnerability in Typesetter 5.1 via SVG File Upload
XSS Vulnerability in Typesetter 5.1: Description of New Class Name in index.php/Admin/Classes
Host Header Injection in Kirby v2.5.12 Login Panel via Forget Password Feature
Cross-Site Scripting (XSS) Vulnerability in Kirby v2.5.12 Panel/Login
XSS Vulnerability in Subrion CMS v4.2.1 via SVG File with JavaScript in SCRIPT Element
Improper HTTP Strict Transport Security Configuration in IBM DataPower Gateways
XSS Vulnerability in Kirby v2.5.12 via Site Files SVG Upload
Cross-Site Scripting (XSS) Vulnerability in Subrion CMS v4.2.1 via SITE TITLE Parameter
XSS Vulnerability in Mezzanine CMS v4.3.1 via /admin/blog/blogcategory/add/?_to_field=id&_popup=1 title parameter
Cross-Site Scripting (XSS) Vulnerability in Pluck v4.7.7 via admin.php?action=editpage&page= Page Title
CSRF Vulnerability in Pluck v4.7.7 via admin.php?action=settings
XSS Vulnerability in Blackcat CMS 1.3.2 via willkommen.php?lang=DE Page Title
HTML Injection Vulnerability in Nucleus CMS 3.70 via index.php Body Parameter
Cross-Site Scripting (XSS) Vulnerability in Evolution CMS 1.4.x via page weblink title parameter
Cross-Site Scripting (XSS) Vulnerability in Evolution CMS 1.4.x via manager/search Parameter
Cross-Site Scripting (XSS) Vulnerability in Typesetter 5.1 via index.php/Admin LABEL Parameter
IBM DataPower Gateway AMP Management Interface Authorization Header Echoing Vulnerability
Memory Leak Vulnerability in ImageMagick 7.0.8-5: ReadOneJNGImage in coders/png.c
Memory Leak Vulnerability in ImageMagick 7.0.8-6's TIFFWritePhotoshopLayers Function
Out-of-Bounds Write Vulnerability in ImageMagick 7.0.7-37's InsertRow Function
Denial of Service Vulnerability in ImageMagick 7.0.8-4
Denial of Service Vulnerability in ImageMagick 7.0.8-11
Excessive Memory Allocation Vulnerability in ImageMagick 7.0.8-11
Infinite Recursion DoS Vulnerability in Poppler 0.68.0
Denial of Service Vulnerability in Artifex MuPDF 1.13.0
Denial of Service Vulnerability in Artifex MuPDF 1.13.0
Weak Cryptographic Algorithms in IBM DataPower Gateway
CSRF Vulnerability in phpMyFAQ before 2.9.11
CSV Injection Vulnerability in phpMyFAQ Admin Backend
XSS Vulnerability in rejucms 2.1 via ucenter/cms_user_add.php u_name parameter
Cross-Site Scripting (XSS) Vulnerability in Zurmo 3.2.4 Stable
XSS Vulnerability in Gxlcms 1.0 via PATH_INFO to ThinkException.tpl.php
Arbitrary Document Reading Vulnerability on Kyocera TASKalfa 4002i and 6002i Devices
Denial of Service and Arbitrary Code Execution Vulnerability in Kamailio
Information Leak in cdrom_ioctl_drive_status in Linux Kernel
SQL Injection Vulnerability in Rausoft ID.prove 2.95 Login Page
Arbitrary Message Injection Vulnerability in IBM DataPower Gateway
Command Injection Vulnerability in Imperva SecureSphere Gateway
Stack-based Buffer Overflow in parse_relations in Contiki-NG AQL Parser
Buffer Overflow in lvm_set_type while Parsing AQL in Contiki-NG
Buffer Overflow in AQL Parsing in Contiki-NG through 4.1
Stack-based Buffer Overflow in AQL Lexer while Parsing Next String
Buffer Over-read Vulnerability in Contiki-NG's AQL Parsing
Internal Installation Path Disclosure in CIRCONTROL CirCarLife
Unprivileged User Access to Admin Credentials in CIRCONTROL Open Charge Point Protocol (OCPP)
Cross-Site Scripting (XSS) Vulnerability in IBM DataPower Gateway
Unauthenticated PLC Status Disclosure in CIRCONTROL CirCarLife
Authentication Bypass Vulnerability in CIRCONTROL CirCarLife
Sensitive Information Exfiltration in CIRCONTROL CirCarLife
Null Login Vulnerability in IBM DataPower Gateway Appliances
XML External Entity Injection (XXE) Vulnerability in IBM DataPower Gateway
Information Disclosure Vulnerability in IBM Financial Transaction Manager for ACH Services for Multi-Platform 3.0.2
User Enumeration and Brute-Force Password Attack Vulnerability in Gleez CMS 1.2.0
Insecure Direct Object Reference vulnerability in Gleez CMS v1.2.0 allows unauthorized access to user profiles
Unauthenticated Access to Sensitive Credentials in FURUNO FELCOM 250 and 500 Devices
Unauthenticated Remote Reboot Vulnerability in LG SuperSign CMS
Remote File Read/Write Vulnerability in Fuji Xerox DocuCentre and ApeosPort Devices
HTML Injection Vulnerability in IBM Curam Social Program Management 7.0.3
OctoPrint Remote Information Disclosure and Denial of Service Vulnerability
Arbitrary Code Execution Vulnerability in IObit Advanced SystemCare
Vulnerability in IObit Advanced SystemCare Allows Unauthorized Access to Physical Memory
Arbitrary Code Execution Vulnerability in IObit Advanced SystemCare
Insecure Permissions Allow Unauthorized Modification of CTES Windows Agent Files
Path Traversal Vulnerability in NCBI ToolBox Allows Arbitrary File Access and Deletion
Heap-Based Buffer Overflow in nph-viewgif.cgi in NCBI ToolBox Legacy Versions
XSS Vulnerability in NCBI ToolBox Legacy Versions via Crafted -z1 Argument in wwwblast.c
Denial of Service and Potential Impact Vulnerability in Jingyun Antivirus v2.4.2.39
User Impersonation Vulnerability in IBM WebSphere Portal
Local Denial of Service Vulnerability in Jingyun Antivirus v2.4.2.39
Local Denial of Service Vulnerability in Jingyun Antivirus v2.4.2.39
Local Denial of Service Vulnerability in Jingyun Antivirus v2.4.2.39
Denial of Service Vulnerability in Jingyun Antivirus v2.4.2.39 Driver (ZySandbox.sys)
Blind SQL Injection Vulnerability in baijiacms V4 via order parameter
XSS Vulnerability in baijiacms V4 via Non-standard Use of Flash Component
HTML Injection Vulnerability in razorCMS 3.4.7 via Homepage Description in Settings Component
Stored XSS vulnerability in razorCMS 3.4.7 via homepage keywords in settings component
XSS Vulnerability in feindura 2.0.7 via tags field in new page creation
XSS Vulnerability in Pluck 4.7.7 via SVG File Upload
Cross-Site Scripting (XSS) Vulnerability in IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0
XSS Vulnerability in CScms 4.1 via site name in Install.php
Arbitrary File Upload Vulnerability in CScms 4.1
CSRF Vulnerability in CScms 4.1 Setting.php Plugin
Unverified Block Range Vulnerability in Go Ethereum (geth) TraceChain Function
Cross-Site Scripting (XSS) Vulnerability in rcfilters Plugin 2.1.6 for Roundcube
Critical Authentication Protocol Vulnerability in tinc (before 1.0.30)
Broken Authentication Protocol in Tinc 1.0.30 through 1.0.34 with Partial Mitigation
Path Traversal Vulnerability in ABUS TVIP Devices Allows Arbitrary Code Execution with Root Privileges
SQL Injection Vulnerability in IBM Business Process Manager 8.5 through 8.6 and 18.0.0.0 through 18.0.0.1
Command Injection Vulnerability in mgetty
Stack-based Buffer Overflow in mgetty
Stack-based Buffer Overflow in mgetty's login.c
Command Injection Vulnerability in mgetty
Buffer Overflow Vulnerability in mgetty's fax_notify_mail() Function
Denial of Service Vulnerability in ImageMagick 7.0.7-29 and Earlier
Exposure of Password Hashes in IBM Tivoli Application Dependency Discovery Manager
Memory Leak in ImageMagick's formatIPTCfromBuffer Function
Remote Code Execution Vulnerability in LINK-NET LW-N605R Devices
Man-in-the-Middle Attack Exploiting Missing Message Authentication in Tinc VPN
XSS Vulnerability in EasyCMS v1.4 via onhashchange Event
Cross-Site Scripting (XSS) Vulnerability in IBM Planning Analytics 2.0.0 through 2.0.4
Open Redirect Vulnerability in Eventum before 3.4.0
SQL Injection Vulnerability in FUEL CMS 1.4.1 via layout, published, or search_term parameters
Pre-Auth Remote Code Execution in FUEL CMS 1.4.1 via pages/select/ and preview/ parameters
Heap-based Buffer Over-read in WAVM Virtual Machine
Heap Buffer Overflow Vulnerability in WAVM
Denial of Service Vulnerability in WAVM Virtual Machine
Heap Buffer Overflow Vulnerability in WAVM Virtual Machine
Heap Buffer Overflow Vulnerability in WAVM
Denial of Service Vulnerability in WAVM Virtual Machine
Denial of Service Vulnerability in IBM DataPower Gateways and IBM MQ Appliance
Denial of Service Vulnerability in WAVM Virtual Machine
Hoosk v1.7.0 SiteUrl PHP Code Execution Vulnerability
XSS Vulnerability in Hoosk v1.7.0 via Navigation Title in admin/pages/new
XSS Vulnerability in EasyCMS 1.5 via index.php?s=/admin/fields/update/navTabId/listfields/callbackType/closeCurrent Content Field
Arbitrary File Deletion Vulnerability in HongCMS 3.0.0
XSS Vulnerability in Victor CMS Categories Menu
XSS Vulnerability in wityCMS 0.6.2 via Site Name Field in Contact Configuration Page
Jenzabar v8.2.1 through 9.2.0 Cross-Site Scripting (XSS) Vulnerability in Search Field
XSS Vulnerability in BlogCMS through 2016-10-25 via Comment
XSS Vulnerability in Complete Responsive CMS Blog (CVE-2018-05-20)
Denial of Service Vulnerability in ffjpeg.dll
Buffer Overflow in libimageworsener.a in ImageWorsener 1.3.2
DedeCMS 5.7 SP2 XML Injection Vulnerability
XML Injection Vulnerability in DedeCMS V5.7 SP2: Exploiting Webshell Creation via Script Injection
Cross-Site Scripting (XSS) Vulnerability in DedeCMS 5.7 SP2 via onhashchange Attribute in msg Parameter
Infinite Loop Denial of Service Vulnerability in shellinabox
Unauthenticated User Information Disclosure Vulnerability in IBM Sterling B2B Integrator Standard Edition 5.2 through 5.2.6
Heap-Based Buffer Over-Read Vulnerability in libbson 1.12.0
SolarWinds SFTP/SCP Server Configuration File Vulnerability
SolarWinds SFTP/SCP Server XXE Vulnerability
SSRF Vulnerability in Microsoft Exchange Server 2010 SP3 and Previous Versions via OWA Login Page
SSRF Vulnerability in Microsoft ADFS 4.0 Windows Server 2016 and Previous
Cross-Site Request Forgery (CSRF) vulnerability in OpenEMR 5.0.1.3 allows unauthorized file uploads
Unrestricted File Upload Vulnerability in HiScout GRC Suite before 3.1.5
Heap-based Buffer Overflow in PotPlayerMini.exe in PotPlayer 1.7.8556 via Malicious .wav File
Weak Password Requirement in IBM Security Privileged Identity Manager Virtual Appliance 2.2.1
Privilege Escalation via Incomplete Fix for CVE-2018-16509 in Artifex Ghostscript
SQL Injection Vulnerability in CIMTechniques CIMScan 6.x through 6.2 SOAP WSDL Parser
Cross-Site Scripting (XSS) Vulnerability in UCMS 1.4.6 Title Bar
Cross-Site Scripting (XSS) Vulnerability in b3log Solo 2.9.3 - Input Page under Publish Articles Menu
Vulnerability in Pektron Passive Keyless Entry and Start (PKES) System Allows Key Fob Cloning
Memory Leak Vulnerability in Bro's Kerberos Protocol Parser
Stored XSS in Dolibarr Expense Reports Plugin
SQL Injection in Dolibarr Expense Reports Module
Arbitrary File Deletion Vulnerability in Monstra CMS 3.0.4
IBM Watson Studio Local 1.2.3 Information Disclosure Vulnerability
Arbitrary Directory Listing Vulnerability in Monstra CMS 3.0.4
Arbitrary Directory Listing Vulnerability in SeaCMS 6.64
SQL Injection Vulnerability in SeaCMS 6.64 via upload/admin/admin_video.php order parameter
Unencrypted ORB Communication Vulnerability in IBM WebSphere Application Server Liberty
Bypassing trusted_dir Protection Mechanism in Smarty
CSRF Vulnerability in xunfeng 0.2.0 Allows Configuration Modification via Flash File
XSS Vulnerability in Zoho ManageEngine Desktop Central 10.0.271 via Features & Articles Search Field
Directory Traversal Vulnerability in Rubedo CMS Theme Component
Sensitive Data Leakage in Ansible User Module
SSSD Group Policy Objects Implementation Allows Unauthorized Access
Buffer Overrun Vulnerability in Curl SASL Authentication Code
IBM WebSphere MQ 8.0 through 9.1 MQTT Topic String Denial of Service Vulnerability
Heap Use-After-Free Vulnerability in Curl Versions 7.59.0 - 7.61.1
Double-free vulnerability in Samba's KDC leading to denial of service
Heap-based Buffer Over-read Vulnerability in Curl Versions 7.14.1 - 7.61.1
Excessive Memory Consumption Vulnerability in nginx HTTP/2 Implementation
Excessive CPU Usage Vulnerability in nginx HTTP/2 Implementation
Vulnerability in ngx_http_mp4_module in nginx
Authenticated Ceph RGW Users Denial of Service Vulnerability
OOB Heap Buffer Read/Write Vulnerability in QEMU's NVM Express Controller Emulation
Denial of Service (DoS) Vulnerability in OpenStack Mistral 7.0.3
OpenStack-Mistral SSH Private Key Filename Disclosure Vulnerability
Local File Read Vulnerability in IBM DB2 for Linux, UNIX and Windows
SQL Injection Vulnerability in PostgreSQL's pg_upgrade and pg_dump via CREATE TRIGGER ... REFERENCING
Samba LDAP Denial of Service Vulnerability
Samba DNS Management Server NULL Pointer Dereference Vulnerability
Vulnerability: Samba AD DC Crash via MIT Kerberos Configuration
Cross-Site Request Forgery Vulnerability in Moodle Login Form
Out-of-Bounds Memory Read Vulnerability in PowerDNS Recursor
Sensitive Information Exposure in Openstack-Octavia Log Files
Vulnerability: Inadequate Password Monitoring in Samba AD DC Configurations
LibreOffice Directory Traversal Vulnerability
Vulnerability: Plaintext Password Exposure in Ansible Playbooks on Windows Platforms
Cross-Site Scripting (XSS) Vulnerability in IBM Maximo Asset Management 7.6 through 7.6.3
Samba Heimdal KDC Implementation Man-in-the-Middle Vulnerability
Cross-Site Scripting (XSS) Vulnerability in Foreman Component of Satellite
Linux Kernel Cleancache Subsystem Inode Truncation Vulnerability
Vulnerability: Incomplete Fix for CVE-2018-16509 in Ghostscript 9.07
Stack Clash Vulnerability in systemd-journald Allows Privilege Escalation
Memory Allocation Vulnerability in systemd-journald
Vulnerability: Out of Bounds Read in systemd-journald
Path Traversal Vulnerability in qemu MTP (CVE-XXXX-XXXX)
Bleichenbacher Side-Channel Padding Oracle Attack in gnutls
Bleichenbacher Side-Channel Padding Oracle Attack in Nettle's RSA Decryption
Vulnerability: Bleichenbacher Attack Variant in wolfSSL
NFS Null Pointer Dereference Vulnerability
QEMU Media Transfer Protocol (MTP) TOCTTOU Vulnerability
Remote Code Execution Vulnerability in go get Command with -u Flag and Malicious Go Package Import Path
Directory Traversal Vulnerability in go get Command with Curly Brace Characters in Import Path
CPU Denial of Service Vulnerability in Go TLS Servers and Clients
Information Disclosure Vulnerability in Ansible's vvv+ Mode with no_log
Local Privilege Escalation Vulnerability in Pacemaker's Client-Server Authentication
Insufficient Verification in Pacemaker 2.0.1 Allows DoS Attacks
Insecure Channel Configuration in Ansible Tower Allows Data Leak and Denial of Service Attacks
Cross-Site Scripting Vulnerability in IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 through 6.0.6)
Out-of-Bounds Write Vulnerability in Linux Kernel's handle_rx() Function in vhost_net Driver
Denial of Service Vulnerability in rsyslog's imptcp Module
Use-After-Free Vulnerability in Linux Kernel's KVM Hypervisor with Nested Virtualization
Inadequate Access Restriction in SSSD Infopipe
Use-after-free vulnerability in Linux kernel's NFS41+ subsystem allows for host kernel memory corruption and system panic
Vulnerability in Linux Kernel 3.10.x Allows Memory Access Fault and System Halt
Improper Authentication in etcd with RBAC and Client-Cert-Auth
Cross-Site Scripting (XSS) Vulnerability in Katello Component of Satellite
Privilege Escalation Vulnerability in systemd
Ceph v4 Auth Encryption Key Leakage via Debug Logging
Heap Buffer Out-of-Bounds Read Vulnerability in libcurl
Cross-Site Scripting (XSS) Vulnerability in IBM Rhapsody Model Manager 6.0.6
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager (RQM) 5.0 - 6.0.6
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager (RQM) 5.0 through 5.02 and 6.0 through 6.0.6
Vulnerability: Failure to Enable HTTP Strict Transport Security in IBM Jazz Applications
Unauthenticated Access to Backup Files and User Credentials in LG Smart Network Cameras
Unauthenticated Remote Code Execution in OpenAFS Backup Tape Controller (butc) Process
Memory Leakage in OpenAFS RPC Server Routines
Unbounded Array Type Vulnerability in OpenAFS
Spoofing Vulnerability in IBM WebSphere Application Server 7.0, 8.0, and 8.5.5
Denial of Service Vulnerability in Inteno DG400 WU7U_ELION3.11.6-170614_1328 Devices
Xunfeng 0.2.0 CSRF Command Execution Vulnerability
Cross-Site Request Forgery Vulnerability in Oracle WebCenter Interaction Portal 10.3.3
Reflected Cross-Site Scripting (XSS) in Oracle WebCenter Interaction Portal 10.3.3
Insecure Redirection Vulnerability in Oracle WebCenter Interaction Portal 10.3.3
Reflected Cross-Site Scripting (XSS) in Oracle WebCenter Interaction Portal 10.3.3
Unvalidated Page Rename Request Vulnerability in Oracle WebCenter Interaction Portal 10.3.3
Hardcoded Password Vulnerability in Oracle WebCenter Interaction 10.3.3 Search Service
Session Hijacking Vulnerability in Oracle WebCenter Interaction Portal 10.3.3
Insecure Default User Profile Configuration in Oracle WebCenter Interaction Portal 10.3.3
Reflected XSS Vulnerability in Open XDMoD 7.5.0 via xd_user_formal_name Parameter
Path Traversal Vulnerability in Open XDMoD Allows Remote PDF File Reading
Privilege Escalation Vulnerability in Webroot SecureAnywhere for macOS
HTML Injection and Stored XSS in Zoho ManageEngine SupportCenter Plus before 8.1 Build 8109 via /ServiceContractDef.do contractName parameter
CSRF Vulnerability in mndpsingh287 File Manager Plugin 3.0 for WordPress
XSS Vulnerability in mndpsingh287 File Manager Plugin 3.0 for WordPress
Directory Traversal Vulnerability in Citrix ShareFile StorageZones Controller before 5.4.2
Information Exposure Through Error Message in Citrix ShareFile StorageZones Controller before 5.4.2
User Enumeration Vulnerability in IBM Maximo Asset Management 7.6
Insecure Direct Object Reference (IDOR) Vulnerability in Wisetail Learning Ecosystem (LE) v4.11.6
Insecure Direct Object Reference (IDOR) Vulnerability in Wisetail Learning Ecosystem (LE) v4.11.6
Elefant CMS 2.0.7 PHP Code Execution Vulnerability in File Manager
Elefant CMS 2.0.7 - PHP Code Execution Vulnerability in /designer/add/stylesheet.php
Unintended Access Vulnerability in Gitolite before 3.6.9
Information Leakage Risk in Monstra CMS V3.0.4: PATH, DOCUMENT_ROOT, and SERVER_ADMIN Vulnerability
XSS Vulnerability in Monstra CMS V3.0.4 Registration with Crafted Password Parameter
HTTP Header Injection in Monstra CMS V3.0.4 via plugins/captcha/crypt/cryptographp.php cfg parameter
Information Disclosure Vulnerability in IBM Maximo Asset Management 7.6 through 7.6.3
XSS Vulnerability in dotCMS V5.0.1: /html/portlet/ext/contentlet/image_tools/index.jsp fieldName and inode Parameters
Heap-Based Buffer Overflow in stb_image.h 2.19: Vulnerability in stbi__out_gif_code Function
Denial of Service Vulnerability in Open Chinese Convert (OpenCC) 1.0.5
Bypassing Script Blocking in NoScript Classic before 5.1.8.7
Unprivileged Users Can Read Password Hashes in Django Admin
Invalid Memory Address Vulnerability in Lizard (formerly LZ5) 2.0
Buffer Overflow Vulnerability in Texas Instruments BLE-STACK v2.2.1 for SimpleLink CC2640 and CC2650 Devices
Cleartext Password Exposure in Squash TM Administration Panel
Weak Password Reset Mechanism Allows for Account Takeover in Open XDMoD
SQL Injection Vulnerability in IBM Maximo Asset Management 7.6 through 7.6.3
Unauthenticated Remote Lock-Up Vulnerability in PHOENIX CONTACT and Bosch Rexroth Fieldbus Couplers
Invalid Memory Write Vulnerability in NASM 2.14rc15's expand_smacro in preproc.c
NULL Pointer Dereference Vulnerability in LibTIFF 4.0.9
HTML Injection and Stored XSS Vulnerabilities in RICOH SP 4510SF Printer's Address Entry System
HTML Injection and Stored XSS Vulnerabilities in RICOH MP 2001 Printer's Address Entry System
LimeSurvey 3.14.7: HTML Injection and Stored XSS Vulnerability in Appendix via surveyls_title Parameter
Denial of Service Vulnerability in TP-Link TL-WR886N Routers
Vulnerability: Denial of Service via Long JSON Data on TP-Link TL-WR886N Routers
Vulnerability: Denial of Service via Long JSON Data on TP-Link TL-WR886N Routers
Denial of Service Vulnerability in TP-Link TL-WR886N Routers
Vulnerability: Denial of Service (DoS) via Long JSON Data on TP-Link TL-WR886N Routers
Vulnerability: Denial of Service (DoS) via Long JSON Data on TP-Link TL-WR886N Routers
Command Injection Vulnerability in IBM InfoSphere Information Server 11.7
Vulnerability: Denial of Service (DoS) via Long JSON Data on TP-Link TL-WR886N Routers
Denial of Service Vulnerability in TP-Link TL-WR886N Routers
Vulnerability: Denial of Service (DoS) via Long JSON Data on TP-Link TL-WR886N Routers
Denial of Service Vulnerability in TP-Link TL-WR886N Routers
Denial of Service Vulnerability in TP-Link TL-WR886N Routers
Denial of Service Vulnerability in TP-Link TL-WR886N Routers
Vulnerability: Denial of Service via Long JSON Data on TP-Link TL-WR886N Routers
Denial of Service Vulnerability in TP-Link TL-WR886N Routers
Denial of Service Vulnerability in TP-Link TL-WR886N Routers
IRC Protocol Names Command Parsing DoS Vulnerability in Bro through 2.5.5
XML External Entity Injection (XXE) Vulnerability in IBM Platform Symphony and IBM Spectrum Symphony
Denial of Service Vulnerability in ASUS GT-AC5300 Firmware through 3.0.0.4.384_32738
Arbitrary Web Script Injection Vulnerability in ASUS GT-AC5300 Firmware through 3.0.0.4.384_32738
ASUS GT-AC5300 Router Stack-based Buffer Overflow Vulnerability
CSRF Vulnerability in ASUS GT-AC5300 Routers Allows Password Hijacking
XSS Vulnerability in Monstra CMS 3.0.4 via page_meta_title Parameter
XSS Vulnerability in Monstra CMS 3.0.4 via admin/index.php
XSS Vulnerability in Monstra CMS 3.0.4 via admin/index.php
Arbitrary Code Execution in BigTree CMS 4.2.23 via process.php
MIME Type Sniffing XSS Vulnerability in Gogs 0.11.53
XSS Vulnerability in UCMS 1.4.6 via install/index.php mysql_dbname Parameter
SQL Injection Vulnerability in UCMS 1.4.6 Installation via mysql_dbname Parameter
PHP Code Injection Vulnerability in UCMS 1.4.6 and 1.6 during Installation
User Level Escalation Vulnerability in UCMS 1.4.6
Cross-Site Scripting (XSS) Vulnerability in MiniCMS 1.10 via Crafted URI in Internet Explorer
Open Redirect Vulnerability in IBM Platform Symphony and IBM Spectrum Symphony
Infinite Loop Vulnerability in dbf2txt through 2012-07-19
Heap-based Buffer Overflow in doc2txt's Storage::init function
Stored XSS Vulnerability in YzmCMS 5.1 via admin/system_manage/user_config_add.html Title Parameter
CSRF Vulnerability in CMS MaeloStore V.1.5.0 Allows Unauthorized Password Change
XSS Vulnerability in containers/outputBox/outputBox.vue and store/index.js before 2018-08-21
SQL Injection Vulnerability in FDCMS 4.2
XSS Vulnerability in CQU-LANKERS (2017-11-02) via public/api.php callback parameter in uploadpic action
Information Disclosure Vulnerability in IBM Platform Symphony and IBM Spectrum Symphony
Integer Overflow Vulnerability in PolyAi (AI) Smart Contract Allows Arbitrary Balance Manipulation
XSS Vulnerability in K-Net Cisco Configuration Manager
Cross-site scripting (XSS) vulnerability in Progress Sitefinity CMS Identity Server versions 10.0 through 11.0
Cross-site scripting (XSS) vulnerability in Progress Sitefinity CMS Identity Server versions 10.0 through 11.0
Arbitrary File Upload Vulnerability in Progress Sitefinity CMS: Image Uploads
Arbitrary Web Script Injection Vulnerability in ServiceStack in Progress Sitefinity CMS versions 10.2 through 11.0
Arbitrary Data Deserialization Vulnerability in TCPDF
Arbitrary File Upload Vulnerability in JABA XPress Online Shop
Cross-Site Scripting Vulnerability in IBM Spectrum Symphony 7.2.0.2
Telerik Extensions for ASP.NET MVC: Unrestricted File Access Vulnerability
Cross-Site Scripting (XSS) Vulnerability in BullGuard Safe Browsing
Cross-Site Scripting (XSS) Vulnerability in SeaCMS 6.64 via Multiple Parameters
Command Injection Vulnerability in D-Link DIR-816 A2 1.10 B05 Devices
Command Injection Vulnerability in D-Link DIR-816 A2 1.10 B05 Devices
Stack-based Buffer Overflow in D-Link DIR-816 A2 1.10 B05 DDNS Handler Function
Command Injection Vulnerability in D-Link DIR-816 A2 1.10 B05 Devices
Stack-based Buffer Overflow in D-Link DIR-816 A2 1.10 B05 Devices
Command Injection Vulnerability in D-Link DIR-816 A2 1.10 B05 Devices
CSRF Vulnerability in UNL-CMS 7.59 Allows Unauthorized Content Creation
CSRF Vulnerability in UNL-CMS 7.59 Allows Unauthorized Website Settings Update
Lucky9io Lottery Smart Contract Vulnerability: Exploitable Random Number Generation and Currency Unit Misconfiguration
Buffer Over-read Vulnerability in JSON++ (CVE-2016-06-15)
NULL Pointer Dereference Vulnerability in Wernsey/Bitmap Prior to 2018-08-18 with 4-bit Image
Open Redirect Vulnerability in Feed Statistics Plugin for WordPress
HTML Parsing Vulnerability in Go's html package
Stack Overflow Vulnerability in GPP through 2.25
Stored XSS Vulnerability in yiqicms (through 2016-11-20) Allows Bypassing Length Limit in comment.php
Stored XSS Vulnerability in ZRLOG 2.0.1 Comment Nickname Field
Information Disclosure Vulnerability in IBM Spectrum Symphony WebUI
CSRF Vulnerability in e107 2.1.9: Arbitrary Page Title Modification
XSS Vulnerability in Apache2 Component of PHP
Cross-Site Scripting (XSS) Vulnerability in OTCMS 3.61 via admin/users.php Parameters
Cross-Site Scripting (XSS) Vulnerability in OTCMS 3.61 via admin/share_switch.php Parameters
Integer Overflow Vulnerability in ProcessGpsInfo Function of jhead 3.00
Stored XSS Vulnerability in DonLinkage 6.6.8
Information Disclosure Vulnerability in DonLinkage 6.6.8
SQL Injection Vulnerability in DonLinkage 6.6.8 Allows Unauthorized Database Access
Heap-based Buffer Overflow in Expand3To4Module::run in audiofile 0.3.x
Denial of Service Vulnerability in BPMDetect Class of Olli Parviainen SoundTouch 2.0
Double Free Vulnerability in WavFileBase Class of SoundTouch 2.0
Heap Corruption Vulnerability in WavFileBase Class of SoundTouch 2.0
Buffer Overflow Vulnerability in IBM DB2 db2licm Tool
Integer Overflow in multiply_ms in LibTIFF 4.0.9
Out-of-Bounds Write Vulnerabilities in LibTIFF 4.0.9
CSRF Vulnerability Allows Unauthorized Password Change in QuickAppsCMS
CSRF Vulnerability in GetSimple CMS v3.3.13 Allows Unauthorized Password Change
CSRF Vulnerability in Microweber 1.0.7 Allows Unauthorized Account Creation
Buffer Overflow Vulnerability in Tinyftp Tinyftpd 1.1
Authentication Bypass Vulnerability in Tgstation tgstation-server 3.2.4.0 through 3.2.1.0
Account Takeover Vulnerability in SBIbuddy Android Application (Versions 1.41 and 1.42)
Privilege Escalation Vulnerability in IBM DB2 for Linux, UNIX and Windows
SQL Injection Vulnerability in Simple POS 4.0.24 via products/get_products/1
Access Control Vulnerability in Coinlancer (CL) Smart Contract Implementation
XSS Vulnerability in EasyCMS 1.5 via uploadify.swf
Server Side Request Forgery Vulnerability in IBM API Connect's Developer Portal 5.0.0.0 through 5.0.8.3
Arbitrary Directory Deletion Vulnerability in CScms 4.1
Remote Code Execution Vulnerability in CScms 4.1
Denial of Service Vulnerability in ASUS GT-AC5300 Devices through 3.0.0.4.384_32738
Persistent XSS Vulnerability in MyBB Visual Editor via Video MyCode
SQL Injection in MetInfo 6.1.0 via doexport() in feedback_admin.class.php
XSS Vulnerability in PHPMyWind 5.5 via HTTP Referer Header in member.php
Arbitrary Code Execution Vulnerability in PHPMyWind 5.5 via varvalue Field
Arbitrary Code Execution Vulnerability in PHPMyWind 5.5 via admin/goods_update.php
Arbitrary Code Execution Vulnerability in PHPMyWind 5.5 via rewrite URL Setting
Arbitrary Code Execution Vulnerability in PHPMyWind 5.5 via cfg_author and cfg_webpath Fields
SQL Injection Vulnerability in zzcms 8.3 via Client-Ip HTTP Header
Prezi Next 1.3.101.11 Windows Vulnerability: Potential Bypass of Access Restrictions via SE_DEBUG_PRIVILEGE
Stored XSS Vulnerability in Jibu Pro WordPress Plugin's Quiz Name Field
Arbitrary File Upload Vulnerability in UltimatePOS 2.5 Allows Remote Command Execution
Stored XSS Vulnerability in Quizlord Plugin for WordPress
Arbitrary Code Execution via JPEG Bit in HylaFAX
HTML Package Vulnerability: Panic Error in parseCurrentToken during html.Parse
HTML Package Vulnerability: Panic Error in inBodyIM during html.Parse
Remote Denial of Service Vulnerability in Bitcoin Core and Bitcoin Knots
INVDoS Vulnerability in Bitcoin Core and Bitcoin Knots
Cross-Site Scripting Vulnerability in Nagios XI Account Information Page
XSS Vulnerability in Nagios XI Auto Login Admin Management Page
Insufficient Access Control Vulnerability in Nagios XI Configuration Snapshot Page Allows Credential Disclosure
Cross-Site Scripting (XSS) Vulnerability in IBM Maximo Asset Management 7.6 through 7.6.3
Cross-Site Scripting (XSS) Vulnerability in Intersystems Cache 2017.2.2.865.0
Intersystems Cache 2017.2.2.865.0 Incorrect Access Control Vulnerability
Intersystems Cache 2017.2.2.865.0 XXE Vulnerability
Authentication Bypass Vulnerability in Western Digital My Cloud Devices
NULL Pointer Dereference Vulnerability in FreeBSD getfsstat System Call
Memory Disclosure Vulnerability in FreeBSD getcontext and swapcontext System Calls
Buffer Underwrite Vulnerability in FreeBSD ICMP Reply Packet Construction
Integer Overflow Vulnerability in FreeBSD NFSv4 Request Handling
Integer Overflow Vulnerability in NFSv4 Request Handling
NFS Server Resource Exhaustion Vulnerability
Cross-Site Scripting (XSS) Vulnerability in IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0
Insufficient Bounds Checking in bhyve Device Model: Arbitrary Code Execution Vulnerability
Stack Buffer Overflow in FreeBSD bootpd
Multiple Authenticated Stored XSS Vulnerabilities in PrinterOn Enterprise 4.1.4
Multiple Cross Site Request Forgery (CSRF) Vulnerabilities in PrinterOn Enterprise 4.1.4 Administration Page
XML External Entity (XXE) Vulnerability in PrinterOn Version 4.1.4 and Lower: Arbitrary File Read and SSRF via Crafted DTD
Code Injection Vulnerability in Grouptime Teamwire Desktop Client 1.5.1 to 1.9.0 on Windows
Unauthenticated Command Injection Vulnerability in Xerox AltaLink B80xx and C80xx Series
Arbitrary Code Execution Vulnerability in LG SuperSign CMS
Stack-based Buffer Overflow in xtimor NMEA Library (nmealib) 0.5.3
Improper Handling of Empty only Option in Marshmallow Library
Replay Attack Vulnerability on Neato Botvac Connected 2.2.0 Devices
Static Encryption Vulnerability in Neato Botvac Connected 2.2.0 and Botvac 85 1.2.1
Unauthenticated Manual Drive Command Execution on Neato Botvac Connected 2.2.0 Devices
SQL Injection in make_task function in OpenEMR
Cross-Site Scripting (XSS) Vulnerability in IBM Sterling B2B Integrator Standard Edition 5.2.0.1 - 5.2.6.3
Directory Traversal Vulnerability in OpenEMR before 5.0.1 Patch 7
SQL Injection in SaveAudit and portalAudit Functions
Use-after-free vulnerability in vmacache_flush_all function in Linux kernel through 4.18.8
User-Writable Error Exception Table Vulnerability in Artifex Ghostscript
JavaScript Injection Vulnerability in Admin Console
DTD Vulnerability: Exploiting Administrator Workflow Definition Entitlements for Malicious Operations
Apache Qpid Proton-J Transport TLS Wrapper Vulnerability
CouchDB Runtime-Configuration Vulnerability
Apache HTTP Server Slow Loris Vulnerability in HTTP/2 (mod_http2) Connections
TLS Protocol Downgrade Vulnerability in IBM WebSphere Application Server 8.5 and 9.0
Apache Spark Standalone Resource Manager Code Execution Vulnerability
Apache NetBeans (incubating) 9.0 Proxy Auto-Configuration (PAC) Remote Command Execution Vulnerability
Inconsistent X-Frame-Options Headers Vulnerability
Reflected XSS Vulnerability in Apache NiFi 1.x Releases
Cluster Node Replication Vulnerability: Content-Length Header Timeout
Vulnerability: Cross-Site Request Forgery (CSRF) via Template Upload API Endpoint
Bypassing Transaction/Idempotent ACL Validation in Apache Kafka
Infinite Loop Vulnerability in Apache Tika's SQLite3Parser
Server-side Request Forgery (SSRF) and File Enumeration Vulnerability in Apache Roller 5.2.1 and Earlier Versions
Vulnerability: Session Expiry Time Bypass in Apache HTTP Server 2.4.37 and Prior
Weak Cryptographic Algorithms in IBM Sterling B2B Integrator Standard Edition
Apache OFBiz HTTP Service Deserialization Vulnerability
Denial of Service (DoS) Vulnerability in Apache Sanselan 0.97-incubator
Apache Sanselan 0.97-incubator Denial of Service Vulnerability
Invalid Group Type and Command Validation Vulnerability in Open vSwitch (OvS) 2.7.x through 2.7.6
Open vSwitch (OvS) 2.7.x through 2.7.6 Vulnerability: Assertion Failure in ofproto_rule_insert__
Buffer Over-read Vulnerability in Open vSwitch (OvS) 2.7.x through 2.7.6
Arbitrary Code Execution via Leftover Installer Files in Snap Creek Duplicator
Unauthenticated Command Injection Vulnerability in Linksys Velop 1.1.2.187020 Devices
XML External Entity Injection (XXE) Vulnerability in IBM Cognos Analytics 11.0 and 11.1
Session Cookie Verification Bypass in PrinterOn Central Print Services
PrinterOn Central Print Services (CPS) Information Disclosure Vulnerability
Authentication Bypass Vulnerability in PrinterOn Central Print Services (CPS)
Postman Information Disclosure Vulnerability
Password Hash Exposure in PTC ThingWorx Platform 6.5 through 8.2
Hardcoded Encryption Key Vulnerability in PTC ThingWorx Platform 6.5 through 8.2
Reflected XSS Vulnerability in PTC ThingWorx Platform's SQUEAL Search Function
Remote Code Execution Vulnerability in IBM Security Access Manager Appliance 9.0.4.0 and 9.0.5.0
Arbitrary Command Execution Vulnerability in nmap4j 1.1.0 via includeHosts Call
Heap-based Buffer Overflow in Exiv2 v0.26 via Crafted Image File
Arbitrary File Read Vulnerability in IBM Spectrum Scale
Heap-based Buffer Overflow in Exiv2 v0.26 via Crafted Image File
Denial of Service Vulnerability in Telegram Desktop 1.3.14
SQL Injection Vulnerability in ArchiveBot.py in Docmarionum1 Slack ArchiveBot
Remote Denial of Service Vulnerability in HDF HDF5 Library
HDF5 Library Memory Leak Vulnerability
Heap-based Buffer Over-read Vulnerability in mp4v2::impl::MP4Track::FinishSdtp() Function
Invalid Pointer Dereference in MP4Free() Function in libmp4v2 2.1.0
Division by Zero Vulnerability in H5D__chunk_set_info_real() Function of HDF HDF5 1.10.3 Library
Improper File Permission Settings in IBM Spectrum LSF 9.1.1-10.1 Allows Local User to Change Job User
Netwave IP Camera Memory Dump Vulnerability: Exfiltration of Network Configuration Data
SQL Injection Vulnerability in Zoho ManageEngine OpManager before 12.3 123205
Header Injection Vulnerability in Elasticsearch Security Versions 6.4.0 to 6.4.2
Insecure Credential Handling in Kibana PDF Report Generation
Arbitrary File Inclusion Vulnerability in Kibana Console Plugin
XXE Vulnerability in Elasticsearch Machine Learning's find_file_structure API
Information Disclosure Vulnerability in IBM QRadar SIEM 7.3 and 7.4 Multi-Tenant Configuration
SQL Injection Vulnerability in JCK Editor Component 6.4.4 for Joomla!
Persistent Cross-Site Scripting (XSS) Vulnerability in Umbraco CMS 7.12.3 via Header Name Injection
XML External Entity Injection (XXE) Vulnerability in IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7
Cross-Site Scripting (XSS) Vulnerability in IBM QRadar SIEM 7.2 and 7.3
Stack Consumption Vulnerability in Asterisk's res_http_websocket.so Module
NULL Pointer Dereference in Exiv2::DataValue::copy() Function
Unauthenticated Access and SQL Injection Vulnerabilities in Zoho ManageEngine OpManager
Exfiltration of Obfuscated Passwords in Kofax Front Office Server Administration Console 4.1.1.11.0.5212
Multiple Authenticated Stored XSS Vulnerabilities in Kofax Front Office Server 4.1.1.11.0.5212
XML External Entity (XXE) Vulnerability in Kofax Front Office Server Administration Console 4.1.1.11.0.5212
IBM QRadar SIEM 7.3 Unauthorized Information Disclosure Vulnerability
Denial of Service Vulnerability in WAVM's loadModule Function
Null Pointer Dereference Vulnerability in WAVM
Out-of-Bounds Read Vulnerability in Liblouis's matchCurrentInput Function
Arbitrary File Overwrite Vulnerability in Hutool's unzip function
Reset Password Links Not Invalidated After User Password Change
XML External Entity Injection (XXE) Vulnerability in IBM QRadar SIEM 7.2 and 7.3
Stored XSS Vulnerability in CuppaCMS via Administrator Section
Reflected XSS Vulnerability in EspoCRM 5.3.6 via Global Search Name Field
Stored XSS vulnerability in EspoCRM 5.3.6 via saved draft message in Email view
Arbitrary User Information Modification and Privilege Escalation in UiPath Orchestrator through 2018.2.4
HTML Injection and Stored XSS Vulnerabilities in RICOH MP C406Z Printer's Address Entry
Cross-Site Scripting (XSS) Vulnerability in IBM DOORS Next Generation (DNG/RRC) 5.0 through 5.0.3 and 6.0 through 6.0.6
Vulnerability: HTML Injection and Stored XSS in RICOH MP C1803 JPN Printer's Address Entry
Vulnerability: HTML Injection and Stored XSS in RICOH MP C6503 Plus Printer's Address Entry
Vulnerability: HTML Injection and Stored XSS in RICOH Aficio MP 301 Printer's Address Entry
RICOH MP C307 Printer: HTML Injection and Stored XSS Vulnerabilities in Address Entry
HTML Injection and Stored XSS Vulnerabilities in RICOH Aficio MP 305+ Printer's Address Entry
HTML Injection and Stored XSS Vulnerabilities in RICOH MP C2003 Printer's Address Entry System
Vulnerability: HTML Injection and Stored XSS in RICOH MP C6003 Printer's Address Entry
Arbitrary Command Execution in FruityWifi 2.1
IBM QRadar Advisor with Watson 1.14.0 Information Disclosure Vulnerability
Stored XSS Vulnerability in UCMS 1.4.6 via aaddpost.php
XSS Vulnerability in SeaCMS 6.64 via admin_datarelate.php
YUNUCMS 1.1.4 - Cross-Site Scripting (XSS) Vulnerability in index.php/index/category/index
Unfiltered User Input in IBM QRadar SIEM 7.2 and 7.3 Allows Content Modification
Memory Leak Vulnerability in libsvg2
Stack-based Buffer Overflow in libsvg2's svgStringToLength Function
Stack-based Buffer Overflow in libsvg2's svgGetNextPathField Function
Format String Vulnerability in UDisks 2.8.0
XSS Vulnerability in Intelbras NPLUG 1.0.0.14 Devices via Crafted SSID
Heap-Based Buffer Overflow in TextPage::dump Function in pdfalto
Sensitive Information Disclosure in IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1
Authentication Bypass Vulnerability in BigTree 4.2.23 on Windows
Memory Access Vulnerability in GNU Binutils 2.31
Memory Access Vulnerability in GNU Binutils 2.31 Allows Denial of Service via Crafted ELF File
Open Redirect Vulnerability in IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0
Heap-based Buffer Over-read in BFD Library Allows Denial of Service via Crafted PE File
Multiple XSS Vulnerabilities in WeaselCMS v0.3.6: Remote Code Injection via PATH_INFO
Arbitrary PHP Code Execution in OTCMS 3.61 via accBackupDir Parameter
Arbitrary File Deletion Vulnerability in SeaCMS 6.64 and 7.2
CSRF Vulnerability in MCMS 4.6.5 Allows Unauthorized Administrator Account Creation
Inconsistent Response Length in PublicCMS V4.0.180825 Allows for Brute-Force Attacks
Stored XSS Vulnerability in springboot_authority
SQL Injection Vulnerability in Auction Factory 4.5.5 Component for Joomla!
SQL Injection Vulnerability in Music Collection 3.0.3 Component for Joomla! via id Parameter
SQL Injection in Reverse Auction Factory 4.3.8 Component for Joomla!
SQL Injection Vulnerability in Joomla! Questions 1.4.3 Component via userid, users, or groups parameter
SQL Injection in Penny Auction Factory 2.0.4 Component for Joomla! via filter_order_Dir or filter_order Parameter
SQL Injection Vulnerability in Raffle Factory 3.5.2 Component for Joomla!
Improper Authentication Mechanisms in IBM Security Key Lifecycle Manager 2.6, 2.7, 3.0
SQL Injection Vulnerability in Article Factory Manager 4.3.9 Component for Joomla!
SQL Injection Vulnerability in Dutch Auction Factory 2.0.2 Component for Joomla!
SQL Injection Vulnerability in Jobs Factory 2.0.4 Component for Joomla!
SQL Injection Vulnerability in Collection Factory 4.1.9 Component for Joomla!
SQL Injection Vulnerability in Swap Factory 2.2.1 Component for Joomla!
SQL Injection Vulnerability in Social Factory 3.8.3 Component for Joomla!
SQL Injection Vulnerability in Micro Deal Factory 2.4.0 Component for Joomla!
CSRF Vulnerability in Nimble Messaging Bulk SMS Marketing Application 1.0 for Admin Account Addition
SQL Injection Vulnerability in Twilio WEB To Fax Machine System 1.0
CSRF Vulnerability in Live Call Support Application 1.5: Unauthorized Addition of Admin Account
SQL Injection in authors_post.php in Super Cms Blog Pro 1.0 via the author parameter
SQL Injection Vulnerability in HealthNode Hospital Management System 1.0
SQL Injection Vulnerability in Timetable Schedule 3.6.8 Component for Joomla! via eid Parameter
SQL Injection Vulnerability in AlphaIndex Dictionaries 1.0 Component for Joomla!
SQL Injection Vulnerability in AMGallery 1.2.3 Component for Joomla!
SQL Injection Vulnerability in Jimtawl 2.2.7 Component for Joomla! via id Parameter
Cross-Site Scripting (XSS) Vulnerability in IBM Security Access Manager Appliance 9.0.x
Account Takeover Vulnerability in PhonePe Wallet Application for Android
Vulnerability: Account Takeover via PhonePe Wallet's Forgot Password Feature
Vulnerability: Potential Disclosure of Credit/Debit Card Information in PhonePe Wallet App
Potential User Impersonation and Unauthorized Account Setup Vulnerability in PhonePe Wallet Application for Android
Sensitive Information Exposure in SBIbuddy Android Application (Versions 1.41 and 1.42)
Buffer Overflow Vulnerability in Type 1 Font Handling in TeX Live
Remote Code Execution Vulnerability in Zahir Accounting Enterprise Plus 6 through build 10b via Crafted CSV File
Denial of Service and Logic Compromise Vulnerability in IBM Tivoli Key Lifecycle Manager
Horus CMS SQL Injection Vulnerability
XML External Entity (XXE) Vulnerability in iWay Data Quality Suite Web Console 10.6.1.ga-2016-11-20
SQL Injection Vulnerability in zzcms v8.3 via X-Forwarded-For HTTP Header
Cross-Site Scripting (XSS) Vulnerability in zzcms v8.3 via /uploadimg_form.php noshuiyin Parameter
SQL Injection Vulnerability in zzcms v8.3 via bigclass parameter in /user/jobmanage.php
SQL Injection Vulnerability in zzcms V8.3 via id Parameter in /user/zs_elite.php
SQL Injection Vulnerability in zzcms v8.3 via /admin/adclass.php bigclassid Parameter
Arbitrary PHP Code Execution in Monstra CMS 3.0.4 via Mixed-Case File Extension
Segmentation Violation Denial of Service Vulnerability in Miek Gieben DNS Library
Hard-coded Credentials in IBM Tivoli Key Lifecycle Manager 2.6, 2.7, and 3.0
SQL Injection Vulnerability in ZrLog 2.0.3 Article Management Search Box
Stored XSS in ZrLog 2.0.3 via Crafted File Upload Pathname
Open Redirect Vulnerability in dotCMS before 5.0.2
XSS Vulnerability in e107 v2.1.9: e107_admin/comment.php
Stored XSS Vulnerability in WUZHI CMS 4.1.0 via Membership Center I want to ask detailed description field
Stored XSS Vulnerability in WUZHI CMS 4.1.0 via SMS in station Field
Heap-based Buffer Over-read Vulnerability in SIMDComp
SQL Injection Vulnerability in OPAC EasyWeb Five 5.7 via w2001/index.php?scelta=campi biblio Parameter
CSRF Vulnerability in JTBC v3.0(C) Allows Unauthorized Addition of Administrator Account
IBM Tivoli Key Lifecycle Manager Information Disclosure Vulnerability
Arbitrary Code Execution in Comodo UTM Firewall Web Console
NULL Pointer Dereference Vulnerability in H5O_sdspace_encode() in HDF HDF5 Library
Heap-based Buffer Overflow in HDF HDF5 Library Allows Denial of Service via Crafted HDF5 File
Remote Denial of Service Vulnerability in HDF HDF5 Library
Heap-based Buffer Over-read Vulnerability in H5O_attr_decode() in HDF HDF5 Library
Denial of Service Vulnerability in HDF HDF5 Library via Crafted HDF5 File
HDF5 Library Memory Leak Vulnerability
Remote Denial of Service Vulnerability in HDF HDF5 Library
Stack-based Buffer Overflow in HDF HDF5 Library
Directory Traversal Vulnerability in IBM Security Key Lifecycle Manager
Hardcoded Credentials and Arbitrary PHP Code Execution in D-Link Central WiFi Manager
Stored XSS Vulnerability in D-Link Central WiFi Manager
Unrestricted File Upload Vulnerability in D-Link Central WiFi Manager
Stored XSS Vulnerability in D-Link Central WiFi Manager
Directory Traversal Vulnerability in Citrix SD-WAN and NetScaler SD-WAN
Command Injection Vulnerability in Citrix SD-WAN and NetScaler SD-WAN
SQL Injection Vulnerability in Citrix SD-WAN and NetScaler SD-WAN
Information Exposure Through Log Files in Citrix SD-WAN and NetScaler SD-WAN
Incorrect Access Control Vulnerability in Citrix SD-WAN and NetScaler SD-WAN
Insecure Direct Object Reference in GitLab Allows Unauthorized Access to Sensitive Information
Unauthenticated Server Restart Vulnerability in IBM Security Key Lifecycle Manager 2.7 and 3.0
Server-Side Request Forgery (SSRF) vulnerability in GitLab's Kubernetes integration leading to GCP service token disclosure
Cross Site Request Forgery (CSRF) vulnerability in GitLab Slack Integration for Slash Commands
Server-Side Request Forgery (SSRF) Vulnerability in GitLab Community and Enterprise Edition
Sensitive Access-Token Data Leakage via GRPC::Unknown Exception in GitLab
Stored XSS Vulnerability in GitLab Community and Enterprise Edition
Insecure Direct Object Reference in GitLab's Merge Request Approvals Feature
Remote Code Execution Vulnerability in Git's Recursive git clone
Use After Free Vulnerability in WebAudio in Google Chrome
WebAssembly Dispatch Table Update Vulnerability in Google Chrome
Omnibox Click Spoofing Vulnerability in Google Chrome
Spoofing of Omnibox Contents via Crafted Domain Name in Google Chrome
Out of Bounds Memory Read Vulnerability in PDFium
Sandbox Escape Vulnerability in Google Chrome AppCache (CVE-2018-17463)
Arbitrary Code Execution Vulnerability in V8 Engine in Google Chrome
Spoofing Omnibox Contents in Google Chrome on iOS
Object Corruption Vulnerability in V8 Engine of Google Chrome (CVE-2018-17463)
Out of Bounds Memory Read Vulnerability in Google Chrome's Angle Texture Handling
Remote URL Spoofing Vulnerability in Google Chrome
Cross-Origin URL Disclosure Vulnerability in Google Chrome
Out of Bounds Memory Read Vulnerability in PDFium in Google Chrome
XML External Entity Injection (XXE) Vulnerability in IBM Security Key Lifecycle Manager
Heap Buffer Overflow in GPU Allows Remote Sandbox Escape in Google Chrome
Dialog Placement Vulnerability in Google Chrome
Remote Code Execution via googlechrome:// URL Scheme on iOS in Google Chrome
Omnibox Spoofing Vulnerability in Google Chrome
HTMLImportsController Use After Free Vulnerability in Google Chrome
Spoofing of Omnibox Contents in Google Chrome on iOS
Dialog Placement Vulnerability in Google Chrome Cast UI
Extension Popup Spoofing Vulnerability
Array Position Calculation Vulnerability in V8 in Google Chrome (CVE-2018-17463)
Heap Corruption Vulnerability in Google Chrome Prior to 70.0.3538.110
Arbitrary Code Execution via Array Deserialization in V8
Heap Corruption Vulnerability in PDFium in Google Chrome
Information Disclosure Vulnerability in Lobby Track Desktop Reports in Kiosk Mode
Information Disclosure Vulnerability in Lobby Track Desktop's Kiosk Mode Reports
Local Attacker Exploits Vulnerability in Lobby Track Desktop to Access Sensitive Information
Default Administrative Credentials in Lobby Track Desktop
Local Attacker Exploits Security Bypass in Lobby Track Desktop's Find Visitor Function in Kiosk Mode
Local Privilege Escalation Vulnerability in Lobby Track Desktop
Local Privilege Escalation Vulnerability in Lobby Track Desktop
Plaintext Storage of Social Security Numbers in EasyLobby Solo
Incomplete Blacklisting Vulnerability in IBM Tivoli Key Lifecycle Manager 2.6, 2.7, and 3.0
EasyLobby Solo Vulnerability: Denial of Service via Kiosk Task Manager Exploit
EasyLobby Solo Local Privilege Escalation Vulnerability
Default Administrative Credentials in EasyLobby Solo: A Gateway to Full Access
Local Privilege Escalation Vulnerability in eVisitorPass via Fullscreen Button
eVisitorPass Local Privilege Escalation via Virtual Keyboard Start Menu Vulnerability
eVisitorPass Local Privilege Escalation via Virtual Keyboard Help Dialog
eVisitorPass Local Privilege Escalation Vulnerability
Default Administrative Credentials in eVisitorPass
Unencrypted Data Storage in Envoy Passport for Android and iPhone Logs Vulnerability
Unintended Access Control Vulnerability in IBM Security Key Lifecycle Manager 3.0
Hardcoded OAuth Credentials Stored in Plaintext in Envoy Passport for Android and iPhone
Contact Information Disclosure Vulnerability in Receptionist for iPad
Weak Cryptographic Algorithms in IBM Security Key Lifecycle Manager 3.0 through 3.0.0.2: A Critical Vulnerability
Sensitive Information Disclosure in IBM Tivoli Key Lifecycle Manager 2.6, 2.7, and 3.0
Unauthenticated OS Command Injection Vulnerabilities in Teltonika RUT9XX Routers
Cross-Site Scripting Vulnerability in Teltonika RUT9XX Routers
Unauthenticated Root Terminal Access Vulnerability in Teltonika RUT9XX Routers
Stored XSS Vulnerability in GitLab Community and Enterprise Edition
Stored XSS Vulnerability in GitLab's blog-viewer during Repository Browsing
Process Injection Vulnerability in Axon (formerly TASER International) Evidence Sync 3.15.89
Denial of Service Vulnerability in IP Infusion ZebOS and OcNOS BGP Daemon
Buffer Overflow Vulnerability in gmp Plugin of strongSwan
SQL Injection Vulnerability in MailSherlock Allows Unauthorized Access to Email Subjects
Vulnerability: Information Disclosure in IBM WebSphere Application Server Liberty
SQL Injection in login.php in Naviwebs Navigate CMS 2.8: Bypassing Authentication via navigate-user Cookie
Remote Code Execution Vulnerability in Naviwebs Navigate CMS 2.8
Sensitive Information Disclosure Vulnerability in ARRIS TG2492LG-NA 061213 Web Component
Stored XSS Vulnerability in MODX Revolution v2.6.5-pl via Create New Media Source Action
Remote Code Execution via Hardcoded Credentials and OS Command Injection in ABUS TVIP Cameras
Unauthenticated Remote Access to ABUS TVIP Camera Video Stream
SQL Injection Vulnerability in IBM Security Identity Governance and Intelligence 5.2.3.2 and 5.2.4
Stored XSS Vulnerability in Grouptime Teamwire Client 1.5.1 to 1.9.0 on-premises Messenger Server
SQL Injection in Multi-Tech FaxFinder before 5.1.6: Extracting Database Schema and Disclosing Fax Server Information
Cleartext Configuration Dump Vulnerability in Grandstream GXP16xx VoIP 1.0.4.128 Phones
Remote Code Execution Vulnerability in Grandstream GXP16xx VoIP 1.0.4.128 Phones via /cgi-bin/delete_CA
Grandstream GXP16xx VoIP 1.0.4.128 Phones: Shell Metacharacter Injection Vulnerability
SQL Injection Vulnerability in ThinkPHP 5.1.24's delete Function
Arbitrary File Access via Symlink in Jekyll's _config.yml File
Integer Overflow Vulnerability in ViaBTC Exchange Server
Integer Overflow Vulnerability in ViaBTC Exchange Server
Missing Authentication in IBM Security Identity Governance and Intelligence 5.2.3.2 and 5.2.4 Survey Application
Integer Overflow Vulnerability in ViaBTC Exchange Server
Cross-Site Scripting (XSS) Vulnerability in Vanilla 2.6.1 and Earlier Versions via Profile Email Field
Critical Reflected XSS Vulnerability in InfluxDB 0.9.5 Write Data Module
Arbitrary PHP Code Upload Vulnerability in Wp-Insert Plugin for WordPress
Stored XSS in Name Field of YMFE YApi 1.3.23 Project
SQL Injection Vulnerability in SWA SWA.JACAD 3.1.37 Build 024 via studentId Parameter
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1
Heap-based Buffer Over-read Vulnerability in Tcpreplay v4.3.0 beta1
Excessive Stack Consumption in CiffDirectory::readDirectory() Function in Exiv2 0.26 Leads to Denial of Service Vulnerability
Heap-based Buffer Over-read in Tcpreplay v4.3.0 beta1
XSS Vulnerability in WP Fastest Cache Plugin 0.8.8.5 for WordPress
CSRF Vulnerability in WP Fastest Cache Plugin 0.8.8.5 for WordPress
XSS Vulnerability in WP Fastest Cache Plugin 0.8.8.5 for WordPress
XSS Vulnerability in WP Fastest Cache Plugin 0.8.8.5 for WordPress
XSS Vulnerability in AirTies Air 5750 Devices with Software 1.0.0.18
XSS Vulnerability in AirTies Air 5021 Devices with Software 1.0.0.18
XSS Vulnerability in AirTies Air 5650 Devices with Software 1.0.0.18
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager 5.0 through 6.0.6
XSS Vulnerability in AirTies Air 5442 Devices with Software 1.0.0.18
XSS Vulnerability in AirTies Air 5343v2 Devices with Software 1.0.0.18
XSS Vulnerability in AirTies Air 5453 Devices with Software 1.0.0.18
XSS Vulnerability in AirTies Air 5443v2 Devices with Software 1.0.0.18
HTML Injection and Stored XSS Vulnerabilities in Fork CMS 5.4.0 via /backend/ajax URI
Stored XSS Vulnerability in Zoho ManageEngine AssetExplorer 6.2.0 via /AssetDef.do ciName or assetName Parameter
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1
Directory Traversal Vulnerability in Asset Pipeline Plugin for Grails
Use-after-free vulnerability in Foxit PhantomPDF and Reader before 9.3 allows remote code execution or denial of service
Use-after-free vulnerability in Foxit PhantomPDF and Reader before 9.3 allows remote code execution or denial of service
Use-after-free vulnerability in Foxit PhantomPDF and Reader before 9.3 allows remote code execution or denial of service
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Team Concert 5.0 through 6.0.6
Use-after-free vulnerability in Foxit PhantomPDF and Reader before 9.3 allows remote code execution or denial of service
Use-after-free vulnerability in Foxit PhantomPDF and Reader before 9.3 allows remote code execution or denial of service
Insecure Certificate Handling in Sennheiser HeadSetup 7.3.4903
Cleartext Transmission of Credentials and Application Data in Telegram Desktop
Arbitrary Code Execution Vulnerability in Losant Arduino MQTT Client (ZDI-CAN-6436)
Remote Code Execution Vulnerability in Foxit Reader 9.0.1.5096 via Mouse Exit Events
Remote Code Execution Vulnerability in Foxit Reader 9.0.1.5096
Arbitrary Code Execution via onFocus Event Handling in Foxit Reader 9.0.1.5096
Arbitrary Code Execution via Selection Change Events in Foxit Reader 9.0.1.5096
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.5096 (ZDI-CAN-6352)
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Collaborative Lifecycle Management
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.5096 (ZDI-CAN-6353)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.5096 (ZDI-CAN-6355)
Remote Code Execution Vulnerability in Foxit Reader 9.1.0.5096 (ZDI-CAN-6354)
Remote Code Execution Vulnerability in Foxit Reader 9.0.1.5096
Remote Code Execution Vulnerability in Foxit Reader 9.1.0.5096 via OCG Objects
Arbitrary Code Execution Vulnerability in Foxit Reader 9.1.0.5096
Arbitrary Code Execution Vulnerability in Foxit Reader 9.2.0.9297
Remote Code Execution Vulnerability in Foxit Reader 9.2.0.9297 via XFA MouseUp Event Handling
Arbitrary Code Execution Vulnerability in Foxit Reader 9.2.0.9297 (ZDI-CAN-6458)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.1.0.5096 (ZDI-CAN-6614)
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager 5.0 through 6.0.6
Arbitrary Code Execution Vulnerability in Foxit Reader 9.1.0.5096 (ZDI-CAN-6616)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.2.0.9297
Arbitrary Code Execution Vulnerability in Foxit Reader 9.2.0.9297 (ZDI-CAN-6700)
Arbitrary Code Execution via Subject Property Handling in Foxit Reader 9.2.0.9297
Arbitrary Code Execution via attachIcon Property in Foxit Reader 9.2.0.9297
Remote Code Execution Vulnerability in Foxit Reader 9.2.0.9297 (ZDI-CAN-6471)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.2.0.9297 (ZDI-CAN-6472)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.2.0.9297 (ZDI-CAN-6473)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.2.0.9297 (ZDI-CAN-6474)
Remote Code Execution Vulnerability in Foxit Reader 9.2.0.9297 (ZDI-CAN-6475)
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager 5.0 through 6.0.6
Remote Code Execution Vulnerability in Foxit Reader 9.2.0.9297 (ZDI-CAN-6477)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.2.0.9297
Arbitrary Code Execution via TimeField colSpan Property in Foxit Reader 9.2.0.9297
Arbitrary Code Execution Vulnerability in Foxit Reader 9.2.0.9297
Remote Code Execution Vulnerability in Foxit Reader 9.2.0.9297 via TimeField addItem Method (ZDI-CAN-6481)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.2.0.9297
Arbitrary Code Execution Vulnerability in Foxit Reader 9.2.0.9297
Remote Code Execution Vulnerability in Foxit Reader 9.2.0.9297 via TimeField BoundItem Method
Arbitrary Code Execution Vulnerability in Foxit Reader 9.2.0.9297
Arbitrary Code Execution Vulnerability in Foxit Reader 9.2.0.9297
Arbitrary Code Execution Vulnerability in Foxit Reader 9.2.0.9297 (ZDI-CAN-6487)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.2.0.9297
Arbitrary Code Execution Vulnerability in Foxit Reader 9.2.0.9297
Arbitrary Code Execution Vulnerability in Foxit Reader 9.2.0.9297 (ZDI-CAN-6503)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.2.0.9297 (ZDI-CAN-6504)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.2.0.9297 (ZDI-CAN-6505)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.2.0.9297 (ZDI-CAN-6506)
Remote Code Execution Vulnerability in Foxit Reader 9.2.0.9297 via gotoURL Method
Arbitrary Code Execution Vulnerability in Foxit Reader 9.2.0.9297
Arbitrary Code Execution via Title Property in Foxit Reader 9.2.0.9297
Cross-Site Scripting (XSS) Vulnerability in IBM Team Concert (RTC) 5.0 through 5.0.2 and 6.0 through 6.0.5
Arbitrary Code Execution Vulnerability in Foxit Reader 9.2.0.9297 (ZDI-CAN-6512)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.2.0.9297 (ZDI-CAN-6513)
Remote Code Execution Vulnerability in Foxit Reader 9.2.0.9297 via Beep Method (ZDI-CAN-6514)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.2.0.9297 (ZDI-CAN-6517)
Remote Code Execution Vulnerability in Foxit Reader 9.2.0.9297 (ZDI-CAN-6518)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.2.0.9297 (ZDI-CAN-6519)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.2.0.9297 (ZDI-CAN-6520)
Remote Code Execution Vulnerability in Foxit Reader 9.2.0.9297 (ZDI-CAN-6521)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.2.0.9297 (ZDI-CAN-6522)
Remote Code Execution Vulnerability in Foxit Reader 9.2.0.9297 (ZDI-CAN-6523)
Cross-Site Scripting (XSS) Vulnerability in IBM WebSphere Application Server Cachemonitor
Arbitrary Code Execution Vulnerability in Foxit Reader 9.2.0.9297 (ZDI-CAN-6524)
Remote Code Execution Vulnerability in Foxit Reader 9.2.0.9297 (ZDI-CAN-6617)
Remote Code Execution Vulnerability in Foxit Reader 9.2.0.9297 (ZDI-CAN-6817)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.2.0.9297 (ZDI-CAN-6820)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.2.0.9297
Arbitrary Code Execution Vulnerability in Foxit Reader 9.2.0.9297 (ZDI-CAN-6848)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.2.0.9297 (ZDI-CAN-6849)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.2.0.9297 (ZDI-CAN-6850)
Remote Code Execution Vulnerability in Foxit Reader 9.2.0.9297 (ZDI-CAN-6851)
Remote Code Execution Vulnerability in Foxit Reader 9.2.0.9297
Sensitive Information Disclosure in IBM Spectrum Protect Plus 10.1.0 and 10.1.1
Remote Code Execution Vulnerability in Foxit Reader 9.2.0.9297
Arbitrary Code Execution Vulnerability in Foxit Reader 9.2.0.9297 (ZDI-CAN-7141)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.2.0.9297 (ZDI-CAN-7157)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.2.0.9297 (ZDI-CAN-7163)
Remote Code Execution Vulnerability in Foxit Reader 9.2.0.9297 (ZDI-CAN-6470)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.2.0.9297
Remote Code Execution Vulnerability in Foxit Reader 9.2.0.9297 via Malicious BMP Images (ZDI-CAN-6844)
Arbitrary Code Execution Vulnerability in Foxit PhantomPDF 9.2.0.9297
Arbitrary Code Execution Vulnerability in Foxit PhantomPDF 9.2.0.9297 (ZDI-CAN-7069)
Arbitrary Code Execution via Foxit PhantomPDF 9.2.0.9297 Radio Button fillColor Property Vulnerability
Arbitrary Code Execution via Link Object Handling Vulnerability in Foxit PhantomPDF 9.2.0.9297
Arbitrary Code Execution via HTML to PDF Conversion in Foxit PhantomPDF 9.2.0.9297
Arbitrary Code Execution via HTML to PDF Conversion in Foxit PhantomPDF 9.2.0.9297
Arbitrary Code Execution via HTML to PDF Conversion in Foxit PhantomPDF 9.2.0.9297
Remote Code Execution Vulnerability in Foxit PhantomPDF 9.2.0.9297
Arbitrary Code Execution Vulnerability in Foxit PhantomPDF 9.2.0.9297
Arbitrary Code Execution Vulnerability in Foxit Reader 9.2.0.9297 (ZDI-CAN-7169)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.2.0.9297
Arbitrary Code Execution Vulnerability in Foxit PhantomPDF 9.2.0.9297 (ZDI-CAN-7067)
Remote Code Execution Vulnerability in Foxit Reader 9.2.0.9297
Directory Traversal Vulnerability in IBM WebSphere Application Server
Remote Code Execution Vulnerability in Foxit PhantomPDF 9.2.0.9297 (ZDI-CAN-7131)
Arbitrary Code Execution Vulnerability in Foxit PhantomPDF 9.2.0.9297
Arbitrary Code Execution Vulnerability in Foxit Reader 9.2.0.9297 (ZDI-CAN-7252)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.2.0.9297
Arbitrary Code Execution Vulnerability in Foxit Reader 9.2.0.9297
Remote Code Execution Vulnerability in Foxit Reader 9.2.0.9297 via CheckBox Display Property Handling
Arbitrary Code Execution Vulnerability in Foxit PhantomPDF Phantom PDF 9.1.5096 (ZDI-CAN-6230)
Arbitrary Code Execution via Epic Games Launcher URI Handler
Buffer Overflow Vulnerability in IBM Domino 9.0 and 9.0.1
Cross-Site Scripting (XSS) Vulnerability in IBM SPSS Analytic Server 3.1.1.1
Authentication Bypass Vulnerability in IBM Datacap Fastdoc Capture 9.1.1, 9.1.3, and 9.1.4
CSV Injection Vulnerability in IBM API Connect
Arbitrary File Download Vulnerability in IBM Storage Products
Undeclared TRACE Protocol Commands in Ingenico Telium 2 POS Terminals
Bypass of File-Reading Restrictions in Ingenico Telium 2 POS Telium2 OS via NTPT3 Protocol
Hardcoded PPP Credentials Vulnerability in Ingenico Telium 2 POS Terminals
Insecure TRACE Protocol in Ingenico Telium 2 POS Terminals
Buffer Overflow Vulnerability in Ingenico Telium 2 POS Terminals via NTPT3 Protocol Command 0x26
Cross-Site Scripting (XSS) Vulnerability in IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0
Buffer Overflow Vulnerability in Ingenico Telium 2 POS Terminals via RemotePutFile Command
Hardcoded FTP Credentials Vulnerability in Ingenico Telium 2 POS Terminals
Arbitrary Code Execution Vulnerability in Ingenico Telium 2 POS Terminals via TRACE Protocol
Buffer Overflow Vulnerability in Ingenico Telium 2 POS Terminals via SOCKET_TASK in NTPT3 Protocol
Insecure NTPT3 Protocol in Ingenico Telium 2 POS Terminals
Privilege Escalation Vulnerability in Seqrite End Point Security v7.4
Privilege Escalation Vulnerability in PCProtect Anti-Virus v4.8.35
Bypassing Login Form and Gaining Administrator Access on D-Link DVA-5592 A1_WI_20180823 Devices
Authentication Bypass in IBM LoopBack REST API for AccessToken Model
Vulnerability: Leakage of End-User IP Addresses in Telegram Desktop and Telegram WP8.1
Uninitialized Object Information Disclosure in Foxit PhantomPDF and Reader
Arbitrary Code Injection through Crafted Project Name in MantisBT
Arbitrary Code Injection through Crafted Project Name in MantisBT
Cross-Site Scripting (XSS) Vulnerabilities in YUI and FlashCanvas in SugarCRM Community Edition 6.5.26
Directory Traversal Vulnerability in Blynk-Server Allows Unauthorized File Access
Unauthenticated Remote Code Execution on D-Link DIR-823G Devices
D-Link DIR-823G Devices: HNAP1 Command Injection Vulnerability
CSRF Vulnerability in Prospecta Master Data Online (MDO)
Unauthenticated Denial of Service Vulnerability in IBM API Connect 2018.1 through 2018.3.7
Stored XSS Vulnerability in Prospecta Master Data Online (MDO) 2.0
Improper Server Side Validation Vulnerability in Newgen OmniFlow iBPS 7.0
CSRF Vulnerability in MDaemon Webmail (formerly WorldClient)
NULL Pointer Dereference in GNU libiberty's cplus-dem.c
Heap-based Buffer Overflow in LibTIFF's t2p_write_pdf Function
SQL Injection Vulnerability in MRCMS (aka mushroom) through 3.1.2
Directory Traversal Vulnerability in zzcms 8.3 Allows Arbitrary File Deletion
Remote File Deletion Vulnerability in zzcms 8.3
Local Privilege Escalation Vulnerability in IBM DB2 for Linux, UNIX and Windows
Local Privilege Escalation Vulnerability in IBM DB2 for Linux, UNIX and Windows
Local Privilege Escalation Vulnerability in IBM GPFS (IBM Spectrum Scale 5.0.1.0 and 5.0.1.1)
Double-Free Vulnerabilities in AdPlug's CEmuopl Class
Arbitrary PHP Code Execution via CSRF in HisiPHP 1.0.8
Arbitrary PHP Code Execution in HisiPHP 1.0.8 via Plugin Name Injection
Directory Traversal Vulnerability in ZZIPlib 0.13.69 Allows Arbitrary File Overwrite
IBM GPFS Command Line Utility Denial of Service Vulnerability
Unfiltered $args Variable in REDAXO 5.6.2 Allows XSS Payload Injection
Critical SQL Injection Vulnerability in REDAXO 5.6.3 and Earlier Versions
Cross-Site Scripting (XSS) Vulnerability in WUZHI CMS 2.0 via index.php v or f parameter
Stored XSS Vulnerability in GetSimple CMS 3.3.15 via Custom Permalink Structure Parameter
Arbitrary PHP Code Execution in JTBC(PHP) 3.0.1.6 via File Upload Vulnerability
Arbitrary File Deletion Vulnerability in JTBC(PHP) 3.0.1.6
Arbitrary File Read Vulnerability in JTBC(PHP) 3.0.1.6
NoSQL Injection Vulnerability in IBM API Connect 5.0.0.0 and 5.0.8.4
SQL Injection Vulnerability in Scriptzee Education Website 1.0: Exploiting college_list.html Parameters
SQL Injection in Scriptzee Flippa Marketplace Clone 1.0 via site-search sortBy or sortDir parameter
SQL Injection Vulnerability in Scriptzee Hotel Booking Engine 1.0 via h_room_type Parameter
SQL Injection Vulnerability in Multiple MLM Software Versions
Infinite Loop Vulnerability in Go's html package
Panic: Runtime Error in Go HTML Package due to Mishandling of SVG and Template Tags
HTML Package Vulnerability: Panic Error in (*insertionModeStack).pop
Stored XSS Vulnerability in Navigate CMS 2.8 via navigate_upload.php
Weak Cryptographic Algorithms in IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1)
SQL Injection Vulnerability in WUZHI CMS 4.1.0
Incomplete Fix for Heap-Based Buffer Over-read in SIMDComp (CVE-2018-17427)
User Activation Bypass Vulnerability in Joomla!
Arbitrary Code Execution Vulnerability in Joomla! com_joomlaupdate
Access Level Violation in Joomla! Tags Search Fields
Insufficient CSRF Hardening in Joomla! com_installer Actions
Vulnerability: Mail Submission in Disabled Forms in Joomla!
IBM Spectrum Protect 7.1 and 8.1 TCP/IP Resource Leakage Vulnerability
Insecure Permissions Vulnerability in Cloudera CDH Versions 5.x - 6.0.1
Cross-Site Scripting (XSS) Vulnerability in Unsupported SAP J2EE Engine/7.01/Portal/EPP
Cross-Site Scripting (XSS) Vulnerability in Unsupported SAP J2EE Engine/7.01/Fiori
Cross-Site Scripting (XSS) Vulnerability in Unsupported SAP J2EE Engine 7.01
Cross-Site Scripting (XSS) Vulnerabilities in Ultimate Member Plugin for WordPress
Arbitrary Code Execution Vulnerability in DASAN H660GW Port Forwarding Functionality
Stored XSS Vulnerability in DASAN H660GW Port Forwarding Functionality
Lack of CSRF Protection in DASAN H660GW Devices
Insecure File Permissions in IBM Spectrum Protect 7.1 and 8.1: Password Exposure Vulnerability
Open Redirect Vulnerability in BTITeam XBTIT 2.5.4: Account_change.php returnto Parameter
Incorrect Access Control in Verba Collaboration Compliance and Quality Management Platform before 9.2.1.5545
Insecure Permissions in Verba Collaboration Compliance and Quality Management Platform before 9.2.1.5545
FTP Configuration Vulnerability in WiFiRanger Devices Allows Unauthorized Access to SSH Private Key and Root Account
Reflected XSS vulnerability in ExpressionEngine before 4.3.5
Remote Code Execution Vulnerability in Poly Trio 8800 5.7.1.4145 Devices
Coaster CMS v5.5.0: Stored XSS Vulnerability
Predictable Random Value Vulnerability in Greedy 599 Lottery Smart Contract
Buffer Overflow Vulnerability in ABUS TVIP Cameras: Exploiting sprintf() Function for Remote Code Execution
Remote Code Execution Vulnerability in ABUS TVIP Cameras
Information Disclosure Vulnerability in IBM Spectrum Protect Server 7.1 and 8.1
Unauthenticated Reboot Vulnerability in D-Link DIR-823G 2018-09-19 Devices
Unauthenticated Admin Password Change Vulnerability in D-Link DIR-823G 2018-09-19 Devices
Arbitrary Token Creation Vulnerability in CryptoBotsBattle (CBTB) Smart Contract
Cross-Site Scripting (XSS) Vulnerability in OTRS 6.0.x before 6.0.12
Cross-Site Scripting (XSS) Vulnerability in Gwolle Guestbook Plugin for WordPress
Incomplete Fix for XSS Filter Bypass in JEESNS 1.3
Arbitrary Remote Code Execution in NUUO CMS Versions 3.1 and Prior via Session ID Vulnerability
XML External Entity Injection Vulnerability in WECON PI Studio HMI
Server Side Request Forgery Vulnerability in IBM API Connect v2018.1.0 through v2018.3.4
Arbitrary Code Execution Vulnerability in NUUO CMS Versions 3.1 and Prior
Information Leakage Vulnerability in Carestream Vue RIS Client Builds
User Account Control Bypass and Remote Code Execution in NUUO CMS
Untrusted Pointer Dereference Vulnerability in LAquis SCADA Versions 4.1.0.3870 and Prior
Default Accounts with Hard-Coded Passwords in NUUO CMS Versions 3.1 and Prior
Out-of-Bounds Read Vulnerabilities in LAquis SCADA Versions 4.1.0.3870 and Prior
Hard-coded Credentials Vulnerability in Yokogawa STARDOM Controllers
Integer Overflow to Buffer Overflow Vulnerabilities in LAquis SCADA Versions 4.1.0.3870 and Prior: Remote Code Execution Risk
Memory Exhaustion Vulnerability in Yokogawa STARDOM Controllers
Path Traversal Vulnerability in LAquis SCADA Versions 4.1.0.3870 and Prior: Remote Code Execution
Cross-Site Request Forgery Vulnerability in IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.0.2
Improper Credential Protection in Yokogawa STARDOM Controllers: Remote Access Vulnerability
Stack-based Buffer Overflow in LAquis SCADA Versions 4.1.0.3870 and Prior
Denial of Service Vulnerability in Yokogawa STARDOM Controllers
Replay Attack and Command Forgery Vulnerability in SAGA1-L8B Firmware Versions Prior to A0.10
Arbitrary Code Injection Vulnerability in Reliance 4 SCADA/HMI, Version 4.7.3 Update 3 and prior
Memory Corruption Vulnerability in Omron CX-Supervisor Versions 3.4.1.0 and Prior
Default Credentials and No Authentication Vulnerability in Philips iSite and IntelliSpace PACS
Arbitrary Value Read Vulnerability in Omron CX-Supervisor Versions 3.4.1.0 and Prior
Privilege Escalation Vulnerability in WebAccess Versions 8.3.2 and Prior
Memory Reference Vulnerability in Omron CX-Supervisor Versions 3.4.1.0 and Prior
IBM Connections External Service Interaction Vulnerability
Arbitrary Remote Code Execution via Buffer Overflow in WebAccess Versions 8.3.2 and Prior
Stack-Based Buffer Overflow Vulnerabilities in LAquis SCADA Versions 4.1.0.3870 and Prior: Remote Code Execution Risk
Remote File Disclosure Vulnerability in CASE Suite Versions 3.10 and Prior
Type Confusion Vulnerability in Omron CX-Supervisor Versions 3.4.1.0 and Prior
Remote Code Execution Vulnerability in InduSoft Web Studio and InTouch Edge HMI
Unencrypted Communication Vulnerability in Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server
Stack-based Buffer Overflow Vulnerability in InduSoft Web Studio and InTouch Edge HMI
Vulnerability: Enumeration of Potential Cloud IDs in Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server
Authentication Bypass Vulnerability in Circontrol CirCarLife (Versions Prior to 4.3.1)
Undocumented Default User Account Vulnerability in Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server
Local Privilege Escalation Vulnerability in IBM WebSphere MQ
Force-Pairing Vulnerability in SAGA1-L8B Firmware Versions Prior to A0.10
Clear Text Storage of PAP Credentials in Circontrol CirCarLife (Versions Prior to 4.3.1)
Physical Access Vulnerability in SAGA1-L8B Firmware Versions Prior to A0.10
Vulnerability: Remote IP Configuration Overwrite in Rockwell Automation Controllers
Unsafe ActiveX Control Marked Safe For Scripting Vulnerability in Gigasoft Charting Package for GE iFIX
Authentication Bypass Vulnerability in M2M ETHERNET (FW Versions 2.22 and prior, ETH-FW Versions 1.01 and prior)
Multiple Out-of-Bounds Write Vulnerabilities in Delta Industrial Automation TPEditor Versions 1.90 and Prior
Authentication Bypass Vulnerability in CMS-770 (Software Versions 1.7.1 and prior)
Multiple Stack-Based Buffer Overflow Vulnerabilities in Delta Industrial Automation TPEditor Versions 1.90 and Prior
Cross-Site Scripting (XSS) Vulnerability in IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 using SAML ear
Remote Code Execution Vulnerability in Teledyne DALSA Sherlock Version 7.2.7.4 and Prior
VGo Robot Physical Access Code Execution Vulnerability
JUUKO K-800 Firmware Vulnerability: Replay Attack and Command Forgery
Privilege Escalation Vulnerability in VGo Robot Connected to VGo XAMPP
Path Traversal Vulnerability in NUUO CMS
Vulnerability: Fixed Code Reproduction in Telecrane F25 Series Radio Controls
Arbitrary File Upload Vulnerability in NUUO CMS (Versions 3.3 and Prior)
Stack-based Buffer Overflow in gpsd and microjson: Remote Code Execution Vulnerability
Zimbra Collaboration LoginErrorCode Text Content Spoofing Vulnerability
Information Exposure via Merge Request JSON Endpoint
Cross-Site Scripting (XSS) Vulnerability in IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0
Heap-based Buffer Overflow in convert_to_decimal function in Gnulib
Vulnerability: Credential Exposure via Hostname Manipulation on Lexmark Devices
Cross-Site Scripting (XSS) Vulnerability in Tribulant Slideshow Gallery Plugin for WordPress
XSS Vulnerability in Snazzy Maps Plugin for WordPress
Open Redirect Vulnerability in Access Manager Identity Provider (Version < 4.4 SP3)
Critical Cross-Site Scripting Vulnerability in iManager Prior to 3.1 SP2
Cross-Site Scripting Vulnerability in IBM Robotic Process Automation with Automation Anywhere Enterprise 10
Authorization Bypass Vulnerability in eDirectory prior to 9.1 SP2
eDirectory 9.1 SP2 and Earlier: Cross-Site Scripting Vulnerability
Incorrect Variable in SUSE Patch for PAM Access Rule Matching Vulnerability
Improper Privilege Management in SUSE OpenStack Cloud Crowbar Versions
Static Temporary Filename Vulnerability in yast2-multipath Allows Local File Overwrite
Command Line Password Exposure in yast2-samba-provision
Exposure of MySQL Database Passwords in YaST2 RMT Module
Buffer Overflow in rtl8139_do_receive in Qemu's rtl8139.c due to incorrect integer data type usage
Local Privilege Escalation Vulnerability in IBM Informix Dynamic Server Enterprise Edition 12.1
User-Assisted XSS Vulnerability in CKEditor 4.x before 4.11.0
Incomplete Fix for CVE-2018-17183 Allows Bypass of Sandbox Protection in Artifex Ghostscript 9.25 and Earlier
Buffer Overflow in Qemu's pcnet_receive function in hw/net/pcnet.c due to incorrect integer data type usage
QEMU net/net.c Vulnerability: Integer Overflow in qemu_deliver_packet_iov
XSS Vulnerability in Aryanic HighPortal 12.5: Add Tags Action
Memory Leak Vulnerability in ImageMagick 7.0.7-28's WriteSGIImage in coders/sgi.c
Memory Leak Vulnerability in ImageMagick 7.0.7-28's WritePDBImage in coders/pdb.c
Memory Leak Vulnerability in ImageMagick 7.0.7-28's ReadBGRImage in coders/bgr.c
Predictable Random Number Generation Vulnerability in RuletkaIo Ethereum Gambling Smart Contract
Cleartext Credential Exposure in Samsung SCX-6545X V2.00.03.01 03-23-2012 Devices via SNMP Requests
Zip-Slip Vulnerability in IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0
Kernel Stack Leakage Vulnerability
Heap-based Buffer Over-read Vulnerability in Tcpreplay 4.3.0 beta1
Information Exposure via GFM Markdown API in GitLab Community Edition 11.x before 11.1.8, 11.2.x before 11.2.5, and 11.3.x before 11.3.2
Information Exposure via Epic Change Descriptions in GitLab Community Edition
Linux Kernel 4.14.67 Local Denial of Service Vulnerability
Cross-Site Scripting (XSS) Vulnerability in IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0
Privilege Escalation via Trojan Horse DLL in NoMachine
XSS Vulnerability in Lifesize Express ls ex2_4.7.10 2000 (14) Devices via interface/interface.php Brand Parameter
Out-of-Bounds Read Vulnerability in Mercurial's Manifest Parsing
Arbitrary File Inclusion Vulnerability in ISPConfig before 3.1.13
Stack Consumption Vulnerability in GNU libiberty's cp-demangle.c
CSRF Vulnerability in razorCMS 3.4.8 Allows Unauthorized Password Change for Admin User
Blockhash Vulnerability in HashHeroes Tiles Smart Contract Implementation
SQL Injection Vulnerability in LayerBB 1.1.1 and 1.1.3 via search.php search_query Parameter
Stored XSS Vulnerability in D-Link DSL-3782 Firmware 1.01 Allows Injection of Malicious Payload in ACL Page
Local Privilege Escalation Vulnerability in IBM DB2 for Linux, UNIX and Windows
OS Command Injection Vulnerability in D-Link DSL-3782 Firmware 1.01
CSRF Vulnerabilities in LayerBB 1.1.3: User Addition, User Deletion, and Content Deletion
Cross-Site Scripting (XSS) Vulnerability in LayerBB 1.1.1 via Conversation Titles (PMs)
Local User Information Disclosure during Installation in IBM Sterling B2B Integrator Standard Edition 5.2.6.0 and 6.2.6.1
Arbitrary System Service Activation Vulnerability in VIVOTEK Network Camera Series
Arbitrary JavaScript Execution via URL Query String Parameter in VIVOTEK Network Camera Series
Hardcoded Credentials Expose Sensitive Data in Ricoh myPrint Application
Remote Unauthenticated Discovery of Admin Credentials in D-Link DSL-2770L Devices
Remote Unauthenticated Discovery of Admin Credentials in Multiple D-Link Devices (DSL, DIR, DWR)
Remote Unauthenticated Credential Discovery in D-Link DIR-140L and DIR-640L Devices
XML External Entity Injection (XXE) Vulnerability in IBM App Connect, IBM Integration Bus, and WebSphere Message Broker
Xen Mobile 10.8.0 Unauthenticated Deserialization Remote Code Execution Vulnerability
Privilege Escalation via Unauthenticated Requests in Citrix Xen Mobile
Memory Leak Vulnerability in ImageMagick 7.0.7-28's WritePCXImage in coders/pcx.c
Cross-Site Scripting (XSS) Vulnerability in Tribulant Slideshow Gallery Plugin 1.6.8 for WordPress
SQL Injection in Tribulant Slideshow Gallery Plugin 1.6.8 for WordPress
Cross-Site Scripting (XSS) Vulnerability in Tribulant Slideshow Gallery Plugin 1.6.8 for WordPress
Shared Library Loading Vulnerability in IBM DB2 for Linux, UNIX, and Windows
Denial of Service Vulnerability in QPDF 8.2.1
KVM ARM64 Virtual Machine Control Flow Manipulation Vulnerability
Heap-based Buffer Over-read Vulnerability in ImageMagick 7.0.8-13 Q16's SVGStripString Function
Denial of Service Vulnerability in ImageMagick 7.0.8-13 Q16 via Crafted BMP File
Heap-based Buffer Over-read Vulnerability in ImageMagick 7.0.8-13 Q16's EncodeImage Function in coders/pict.c
Stack-based Buffer Overflow in IMFCameraProtect.sys in IObit Malware Fighter 6.2 and Lower Versions
Stored XSS Vulnerability in Navigate CMS via the navigate.php Title Field
Click Hijacking Vulnerability in IBM Security Access Manager Appliance 9.0.x.x
Cross-Site Scripting (XSS) Vulnerability in OpenEMR before 5.0.1 Patch 6 via flashcanvas.swf
Insecure Token and Cookie Handling in IBM Security Access Manager Appliance
Sensitive Information Disclosure in IBM Security Access Manager Appliance 9.0.x.x
Vulnerability: Instruction Oracle Exploitation in TI Microcontrollers
Bitdefender Engines iso.xmd Parser Division-by-Zero Denial-of-Service Vulnerability
Buffer Overflow Vulnerability in Bitdefender RAR Parser
Bitdefender Engines < 7.76808: Dalvik.xmd Parser Buffer Overflow Vulnerability
Unauthenticated File Manager Interface Access in tecrail Responsive FileManager 9.8.1
Reflected XSS Vulnerability in tecrail Responsive FileManager 9.8.1
Out-of-Bounds Stack-Memory Write Vulnerability in Cairo through 1.15.14
Net-SNMP 5.8 _set_key NULL Pointer Exception Remote Crash Vulnerability
NULL Pointer Exception in snmp_oid_compare function in Net-SNMP before 5.8 allows remote attackers to cause Denial of Service
ARM-based Hardware Debugging Vulnerability Allows Unauthorized Access to EL3 Memory/Registers
XSS Vulnerability in WPML Plugin: Authenticated Theme-Localization.php Request
Navigation Route Freeze and Reboot Vulnerability in Daimler Mercedes-Benz COMAND 17/13.0 50.12
Vulnerability: Intercepting Encrypted Data Exchange in Mercedes-Benz Me App
Sandbox Bypass Vulnerability in Artifex Ghostscript
HTTP Authorization Header Leakage in Requests Package
SQL Injection in WikidForum 2.20 via Multiple Parameters
Server-side Code Injection Vulnerability in IBM WebSphere Commerce 9.0.0.0 through 9.0.0.6
Cross-Site Scripting (XSS) Vulnerability in Waimai Super Cms 20150505 via fname Parameter
Remote PHP Code Execution in DuomiCMS 3.0 via search.php searchword Parameter
SQL Injection Vulnerability in DuomiCMS 3.0 via ajax.php
Arbitrary File Upload Vulnerability in EmpireCMS v7.5
XSS Vulnerability in Bixie Portfolio Plugin 1.2.0 for Pagekit
NULL Pointer Dereference in OpenJPEG 2.3.0's imagetopnm Function
Out of Bounds Read Vulnerability in Intel Graphics Driver for Windows
Denial of Service Vulnerability in Intel Graphics Driver for Windows
Kernel Mode Driver Use After Free Vulnerability in Intel(R) Graphics Driver for Windows
Privilege Escalation Vulnerability in Intel VTune Amplifier 2018 Update 3 and Earlier
Privilege Escalation Vulnerability in Intel(R) Media SDK Installer
Firmware Vulnerability in Intel(R) SSD DC S4500 and DC S4600 Series: Potential Privilege Escalation via Physical Access
Denial of Service Vulnerability in Intel QuickAssist Technology for Linux
Privilege Escalation Vulnerability in Intel Solid State Drive Toolbox
Escalation of Privilege Vulnerability in Intel(R) SGX SDK and Platform Software for Windows
Persistent Cross-Site Scripting Vulnerability in IBM Robotic Process Automation with Automation Anywhere Enterprise 10
Incomplete Blacklisting Vulnerability in IBM Security Access Manager Appliance 9.0.x.x
Weak Cryptographic Algorithms in IBM Security Access Manager Appliance 9.0.x.x
Cross-Site Scripting Vulnerability in IBM Security Access Manager Appliance 9.x for Enterprise Single-Sign On
Cross-Site Scripting (XSS) Vulnerability in IBM Security Guardium 10 and 10.5
Hard-coded Credentials Vulnerability in IBM Security Guardium 10 and 10.5
SQL Injection Vulnerability in IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.0.2, 3.0.4, 3.0.6, and 3.2.0
Divide-by-Zero Error in GoPro gpmf-parser
CSRF Vulnerability in FineCms 5.4 Allows Password Change for Administrator
NULL Pointer Dereference in libgig 4.1.0's DLS::File::GetFirstSample() Function
Operator new[] Failure in DLS::File::File in libgig 4.1.0
Heap-based Buffer Over-read in libgig 4.1.0's DLS::Region::GetSample()
FPE (Divide-by-Zero Error) in libgig 4.1.0 DLS::Sample::Sample in DLS.cpp
Heap-based Buffer Over-read in libgig 4.1.0: RIFF::List::GetListTypeString in RIFF.cpp
Operator new[] Failure in DLS::Sampler::Sampler in libgig 4.1.0
Unfiltered Input Field in REDAXO 5.6.3 Allows XSS Injection
XSS Vulnerability in REDAXO Mediamanager before 5.6.4
Cross-Site Scripting (XSS) Vulnerability in IBM WebSphere Portal 8.0, 8.5, and 9.0
Critical SQL Injection Vulnerability in REDAXO Benutzerverwaltung (before 5.6.4)
CSRF Vulnerability in qibosoft V7.0: Unauthorized User Account Addition
Undocumented Support and Diagnostics Accounts with Passwords in QLogic Fibre Channel Modules for IBM BladeCenter
Subaru StarLink Harman Head Units Firmware Rewrite Vulnerability
Information Disclosure Vulnerability in Topvision CC8800 CMTS C-E Devices
Negative idx values in checkTopicRegister in Bytom client before 1.0.6 leading to a crash vulnerability
Frame Injection Vulnerability in Virtualmin 6.03 via settings-editor_read.cgi
XSS Vulnerability in Virtualmin 6.03 via webmin_search.cgi URI
Cross-Site Scripting (XSS) Vulnerability in DiliCMS 2.4.0 via attachment_type Parameter in admin/index.php/setting/site?tab=site_attachment
XML External Entity Injection (XXE) Vulnerability in IBM Operational Decision Management 8.5-8.9
Cross-Site Scripting (XSS) Vulnerability in DiliCMS 2.4.0 via attachment_url Parameter
SQL Injection Vulnerability in PbootCMS 1.2.1 via api.php/cms/addform?fcode=1 URI
CSRF Vulnerability in youke365 v1.1.5 Allows Unauthorized User Account Addition
Authentication Bypass Vulnerability in IBM FlashSystem 900 GUI
Vulnerability in Open Design Alliance Drawings SDK 2019Update1: Information Disclosure and Crash
Buffer Overflow Vulnerability in Open Design Alliance Drawings SDK 2019Update1 on Non-Windows Platforms
CoAP Dissector Crash Vulnerability in Wireshark 2.6.0 to 2.6.3
Memory Consumption Vulnerability in Wireshark 2.6.0 to 2.6.3 Steam IHS Discovery Dissector
MS-WSP Protocol Dissector Crash Vulnerability
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager 5.0 through 6.0.6
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager 5.0 through 6.0.6
Remote Code Execution via Unrestricted Unmarshalling in Pippo through 1.11.0
SQL Injection Vulnerability in youke365 v1.1.5 via admin/login.html
Arbitrary JavaScript Code Execution via HTTP Referer Header in VIVOTEK Network Camera Series
Cross-Site Scripting (XSS) Vulnerability in Nagios Core 4.4.2 via Alert Summary Reports
CSRF Vulnerability in Icinga Web 2 Allows Unauthorized Module Manipulation
Cross-Site Scripting (XSS) Vulnerability in Icinga Web 2 before 2.6.2
Cross-Site Scripting (XSS) Vulnerabilities in Icinga Web 2
PHP ini-file directive injection vulnerability in Icinga Web 2 before 2.6.2
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager 5.0 through 6.0.6
Icinga Web 2 before 2.6.2 Navigation Dashlet Parameter Vulnerability
Remote Code Execution via Custom RPC over HTTP Protocol in Deltek Vision 7.x before 7.6
Privilege Escalation Vulnerability in CapMon Access Manager 5.4.1.1005
Race condition and persistent privilege escalation vulnerability in CapMon Access Manager 5.4.1.1005
Unprivileged User Privilege Escalation via CAL Database in CapMon Access Manager 5.4.1.1005
Elevated Privileges Vulnerability in CapMon Access Manager 5.4.1.1005
Privilege Escalation via Custom App Launcher in CapMon Access Manager 5.4.1.1005
Arbitrary File and Folder Deletion Vulnerability in BageCMS 3.1.3
Arbitrary PHP Code Execution and File Read Vulnerability in BageCMS 3.1.3
Stored XSS Vulnerability in LUYA CMS Software (Version 1.0.12) via /admin/api-cms-nav/create-page
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1
Stored XSS Vulnerability in Camaleon CMS 2.4
XSS Vulnerability in waimai Super Cms 20150505 via /admin.php/Foodcat/addsave fcname parameter
XSS Vulnerability in Zoho ManageEngine OpManager 12.3 before build 123214
Kubernetes Dashboard Authentication Bypass and Secret Reading Vulnerability
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1
Cross-Site Scripting (XSS) in CMS Made Simple 2.2.7 via m1_news_url parameter in admin/moduleinterface.php
Cross-Site Scripting (XSS) Vulnerability in CMS Made Simple 2.2.7 via m1_extra Parameter in admin/moduleinterface.php
Heap-Based Buffer Overflow in TextPage::addAttributsNode Function in pdfalto 0.2
Cross-Site Scripting (XSS) Vulnerability in ProFiles 1.5 Component for Joomla!
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1
Stale TLB Entry Vulnerability in Linux Kernel
XSS Vulnerability in Next.js 7.0.0 and 7.0.1 via 404 or 500 /_error Page
Sandbox Bypass Vulnerability in Artifex Ghostscript 9.25 and Earlier via 1Policy Operator
Unauthenticated SQL Injection Vulnerability in CMG Suite 8.4 SP2 and Earlier
SQL Injection Vulnerability in CMG Suite 8.4 SP2 and Earlier: Insufficient Input Validation in changepwd Interface
Information Disclosure Vulnerability in ASUS RT-AC58U 3.0.0.4.380_6516: Exposing Hostnames and IP Addresses via Main_Login.asp Page
URL Redirection Vulnerability in CrushFTP through 8.3.0 Allows Credentials Theft
Arbitrary File Read Vulnerability in MESILAT Zabbix Plugin for Atlassian Confluence
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Quality Manager 5.0 through 6.0.6
XSS Vulnerability in nc-cms HTML Source Editor
Cross Site Scripting (XSS) Vulnerability on ASUS RT-AC58U 3.0.0.4.380_6516 Devices
XSS Vulnerability in MetInfo 6.1.2 via /admin/index.php bigclass parameter
Stored XSS Vulnerability in AlchemyCMS 4.1.0 via /admin/pictures Image Field
Stored XSS Vulnerability in BigTree Image Upload Area
Invalid Memory Address Dereference in BFD Library: Denial of Service Vulnerability
Invalid Memory Address Dereference Vulnerability in libdwfl
Buffer Overflow in Perl Regular Expression Handling
Buffer Overflow in Perl Regular Expression Handling
Buffer Over-read Vulnerability in Perl
Buffer Overflow in Perl's Regular Expression Handling
Arbitrary File Upload Vulnerability in lemon 1.9.0
CSRF Vulnerability in emlog v6.0.0 via admin/user.php?action=new URI
CSRF Vulnerability in DESHANG DSCMS 1.1 via public/index.php/admin/admin/add.html URI
Denial of Service Vulnerability in /dev/block/mmcblk0rpmb Driver on Qiku 360 Phone N6 Pro 1801-A01 Devices
Arbitrary Command Execution in Merlin.PHP Component 0.6.6 for Asuswrt-Merlin Devices
Arbitrary Command Execution Vulnerability in Merlin.PHP for Asuswrt-Merlin Devices
Command Injection Vulnerability in CentOS Web Panel 0.9.8.480
Local File Inclusion Vulnerability in CentOS Web Panel 0.9.8.480
Cross-Site Scripting (XSS) Vulnerability in CentOS Web Panel 0.9.8.480
Weak Encryption Algorithm in DNN 9.2 through 9.2.2
Incomplete Fix for Encryption Key Conversion Vulnerability in DNN 9.2 through 9.2.2
Trend Micro Antivirus for Mac Privilege Escalation Vulnerability
Trend Micro Antivirus for Mac Privilege Escalation Vulnerability
Trend Micro Antivirus for Mac Privilege Escalation Vulnerability
Spoofing Vulnerability in IBM Event Streams 2018.3.0
Address Bar Spoofing Vulnerability in Trend Micro Dr. Safety for Android: Exploiting Private Browser for Malicious URL Visits
OfficeScan XG Weak File Permissions Vulnerability: Exploiting Folder Access for Unauthorized File Alteration
OfficeScan XG Weak File Permissions Vulnerability
DLL Hijacking Vulnerability in Trend Micro Security 2019 (Consumer) Versions Below 15.0.0.1163
Same Origin Policy Bypass Vulnerability in Trend Micro Dr. Safety for Android
Heap Buffer Overflow in Skia: Remote Code Execution in Google Chrome
Heap Corruption Vulnerability in PDFium in Google Chrome
Use After Free Vulnerability in Google Chrome Prior to 71.0.3578.80
Heap Corruption Vulnerability in SkImage Usage in Google Chrome
Heap Corruption Vulnerability in WebAudio in Google Chrome
Privilege Escalation via Symbolic Link Attack in IBM DB2
Heap Corruption Vulnerability in MediaRecorder in Google Chrome
Integer Overflow and Heap Buffer Overflow Vulnerability in Google Chrome (CVE-2018-17480)
Arbitrary Code Execution via Object Deserialization in V8 in Google Chrome
Use After Free Vulnerability in Skia in Google Chrome (CVE-2018-17462)
Insecure Access to Local File System via Chrome Extension in Google Chrome prior to 71.0.3578.80
Remote Code Execution via Blob URL Handling in Google Chrome
Confusing Browser UI Presentation Vulnerability in Google Chrome prior to 71.0.3578.80
Arbitrary Origin Execution via Invalid URL Handling in Google Chrome Navigation (CVE-2018-18335)
Omnibox Spoofing Vulnerability in Google Chrome prior to 71.0.3578.80
Remote Frame Navigations Allow Unauthorized Access to Local Files in Google Chrome
XML External Entity Injection (XXE) Vulnerability in IBM Daeja ViewONE Professional, Standard & Virtual 5
CSP Bypass Vulnerability in Google Chrome prior to 71.0.3578.80
SameSite Cookie Bypass Vulnerability in Google Chrome (prior to 71.0.3578.80)
Cross-Origin Audio Access Vulnerability in Google Chrome (CVE-2018-17463)
Confusion of Origin in Network Authentication Dialogs on Google Chrome for Android
Remote Code Execution via Shell Integration in Google Chrome on Windows
URL Spoofing Vulnerability in Google Chrome
Integer Overflow in Path Handling Leading to Use After Free in Skia
URL Spoofing Vulnerability in Google Chrome
Local Network Proxy Bypass Vulnerability in Google Chrome
Out of Bounds Memory Read Vulnerability in V8 Engine
Cross-Site Scripting (XSS) Vulnerability in IBM WebSphere MQ Console
Cross-Site Scripting (XSS) Vulnerability in nc-cms through 2017-03-10
Cross-Site Scripting Vulnerability in Norton Password Manager for Android
Norton App Lock Bypass Vulnerability
DLL Hijacking Vulnerability in Symantec Ghost Solution Suite (GSS) versions prior to 3.3 RU1
Address Spoofing Vulnerability in Norton Password Manager
Kernel Memory Disclosure Vulnerability in Symantec Norton Security, SEP, and SEP SBE
DLL Preloading Vulnerability in Symantec Endpoint Protection Manager (SEPM)
Privilege Escalation Vulnerability in Symantec Endpoint Protection Manager (SEPM)
DLL Preloading Vulnerability in Norton Security and SEP SBE (Windows Client)
Stored Cross-Site Scripting (XSS) Vulnerability in ASG/ProxySG's WebFTP Mode
Information Disclosure Vulnerability in ASG/ProxySG FTP Proxy WebFTP Mode
Stored XSS Vulnerability in KAASoft Library CMS 2.1.1 via /admin/book/create/ Title Parameter
Stored XSS Vulnerability in Schiocco Support Board - Chat And Help Desk Plugin 1.2.3 for WordPress
Cross-Site Scripting (XSS) Vulnerability in MetInfo 6.1.2 Admin Panel
APN Data Extraction Vulnerability in Orange AirBox Y858_FL_01.16_04
Information Disclosure in Orange AirBox Y858_FL_01.16_04: Remote Discovery of Connected Devices
Factory Reset Vulnerability in Orange AirBox Y858_FL_01.16_04 Devices
XSS Vulnerability in Elementor Pro Plugin for WordPress
Improper Handling of Passwords in IBM WebSphere Application Server 8.5 and 9.0
Session Fixation Vulnerability in Bigtree CMS
Stored XSS Vulnerability in Z-BlogPHP 1.5.2.1935 (Zero) via Content-Type Header in Image Attachment Upload
Remote Code Execution Vulnerability in Advanced HRM 1.6 via User Avatar Update
Buffer Overflow in Info-ZIP UnZip 6.0's list.c due to Crafted Relationship in ZIP Archive
Denial of Service Vulnerability in Asciidoctor < 1.5.8 due to Infinite Loop
Pseudo Terminal Hang/Block Vulnerability in Linux Kernel
Privilege Escalation Vulnerability in playSMS 1.4.2 through Daemon Abuse
Remote Code Execution in eScan Agent Application (MWAGENT.EXE) 4.0.2.98
LDAP Authentication Bypass Vulnerability in Neo4j Enterprise Database Server 3.4.x before 3.4.9
User Enumeration Vulnerability in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1
Critical User Privilege Escalation Vulnerability in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions v2.1
Privilege Escalation in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions v2.1
Critical Password Management Vulnerability in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions v2.1
Clear Text Storage of Sensitive Information in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions v2.1
Hidden Token Access Vulnerability in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1
Critical Remote Code Execution Vulnerability in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions v2.1
Userfaultfd Access Control Vulnerability
Out-of-Bounds Read and SEGV Vulnerability in Xfce Thunar 1.6.15
SQL Injection Vulnerability in ArchiveNews.aspx in KARMA 6.0.0
Privilege Escalation Vulnerability in IBM WebSphere Application Server 8.5 and 9.0
XSS Vulnerability in jQuery v2.2.2 via Crafted onerror Attribute of IMG Element
Blind XXE Vulnerability in Tufin SecureTrack 18.1
Heap-Based Buffer Over-Read Vulnerability in Tcpreplay 4.3.0 beta1
Use-After-Free Vulnerability in Tcpreplay 4.3.0 beta1's tcpbridge Binary
Stack-based Buffer Over-read Vulnerability in setbit() Function of TCPFLOW 1.5.0
World-readable CA Private Key in IBM Cloud Private 2.1.0
XSS Vulnerability in LANGO Codeigniter Multilingual Script 1.0
Stored XSS Vulnerability in Ekushey Project Manager CRM 3.1
Stored XSS Vulnerability in ARDAWAN.COM User Management 1.1 Upload Section
Bypass of OIDC Namespace Signature Verification in IBM Cognos Analytics 11 Configuration Tool
CSRF Vulnerability in Zenario Content Management System 8.3 via admin/organizer.ajax.php?path=zenario__content%2Fpanels%2Fcontent URI
CSRF Vulnerability in UsualToolCMS 8.0: Unauthorized User Account Addition
Arbitrary Currency Issuance Vulnerability in Primeo (PEO) Token's doAirdrop Function
Arbitrary PHP Code Execution in s-cms 3.0 via User-agent Disallow Value in robots.php txt Parameter
SQL Injection Vulnerability in s-cms 3.0 via member/post.php and member/member_login.php
Unauthenticated RTSP Stream Access Vulnerability in TP-Link TL-SC3130 1.6.18P12_121101 Devices
Insecure Communication Channel in IBM Cloud Private IAM Services
XSS Vulnerability in DESTOON B2B 7.0 via admin\setting.inc.php
XSS Vulnerability in DESTOON B2B 7.0 via admin.php?moduleid=2&action=add URI
CSRF Vulnerability in DESTOON B2B 7.0 via admin.php URI
XSS Vulnerability in DESTOON B2B 7.0 via admin/category.inc.php
Arbitrary File Download Vulnerability in litemall-wx-api Component
Privilege Escalation and Weak Folder Permissions in KioWare Server Version 4.9.6 and Older
CSRF Vulnerability in JTBC(PHP) 3.0: Account Creation via console/account/manage.php?type=action&action=add URI
XSS Vulnerability in AXIOS ITALIA Axioscloud Sissiweb Registro Elettronico 1.7.0 via secret/relogoff.aspx
Integer Overflow Vulnerability in Qemu's IOReadHandler
Remote and Local Exploitation Vulnerabilities in DENX U-Boot through 2018.09-rc1
XML External Entity Injection (XXE) Vulnerability in IBM FileNet Content Manager 5.2.1 and 5.5.0
Local Buffer Overflow in DENX U-Boot through 2018.09-rc1 via Crafted Kernel Image
D-Link DCS Series Wi-Fi Cameras Expose Sensitive Configuration Information Remotely
Vulnerability: Denial-of-Service (DoS) Attacks on D-Link DCS-825L Devices with Firmware 1.08
Memory Leak in ThreadPool in OpenEXR 2.3.0
Out-of-Bounds Write Vulnerability in makeMultiView.cpp in OpenEXR 2.3.0
Out-of-bounds Memory Access Vulnerability in Linux Kernel BPF Verifier
Deserialization of Untrusted Data in dotPDN Paint.NET (Issue 1 of 2)
Deserialization of Untrusted Data in dotPDN Paint.NET (Issue 2 of 2)
CSRF Vulnerability in EmpireCMS 7.5 Allows Unauthorized User Account Addition
XML External Entity Injection (XXE) Vulnerability in IBM InfoSphere Information Server 11.3, 11.5, and 11.7
SQL Injection in PbootCMS before V1.3.0 build 2018-11-12 in SingleController.php
Heap-based Buffer Over-read in CCITTFaxStream::readRow() in Xpdf 4.00
Heap-based Buffer Over-read Vulnerability in GfxImageColorMap Class of Xpdf 4.00
Stack-based buffer over-read vulnerability in Xpdf 4.00 allows denial of service via crafted PDF file
NULL Pointer Dereference Vulnerability in Xpdf 4.00's DCTStream::readScan Function
NULL Pointer Dereference Vulnerability in Xpdf 4.00's DCTStream::decodeImage Function
NULL Pointer Dereference Vulnerability in Xpdf 4.00
XML External Entity Injection (XXE) Vulnerability in IBM Rational Engineering Lifecycle Manager
Cross-Site Scripting (XSS) Vulnerability in wp-live-chat-support v8.0.15 WordPress Plugin
Arigato Autoresponder and Newsletter Plugin Remote Code Execution Vulnerability
Cleartext Storage of Emergency Credentials in SecurEnvoy SecurAccess 9.3.502 Logs
Intent Spoofing Vulnerability in Daniel Gultsch Conversations 2.3.4
Directory Traversal Vulnerability in IBM Financial Transaction Manager (FTM)
XXE and SSRF Vulnerabilities in Axentra Firmware: Remote Command Execution as Root
Root Remote Command Execution Vulnerability in Western Digital WD My Book Live and WD My Book Live Duo
Hidden Backdoor Vulnerability in PATLITE NH-FB, NH-FV, and NBM Series Devices Allows Remote Code Execution
Unrestricted Arbitrary File Upload in Zoho ManageEngine OpManager before 12.3 build 123214
SQL Injection Vulnerability in mysql-binuuid-rails 1.1.0 and Earlier
Persistent Cross-Site Scripting (XSS) Vulnerability in LibreNMS before 1.44
Cross-Site Scripting (XSS) Vulnerability in IBM Business Automation Workflow 18.0.0.0 and 18.0.0.1
Heap-based Buffer Over-read in libopencad 0.2.0's ReadMCHAR Function
Heap-based Buffer Over-read Vulnerability in libopencad 0.2.0
Memory Leak in libpg_query 10-1.0.2: Potential Denial of Service Vulnerability
Integer-Overflow Vulnerability in get_count Function of GNU libiberty
Stack Exhaustion Vulnerability in GNU libiberty's C++ Demangling Functions
Arbitrary File Deletion Vulnerability in PHPSHE 1.7
SQL Injection Vulnerability in PHPSHE 1.7 via admin.php?mod=user&act=del user_id[] parameter
Predictable Database Backup File Locations in Gxlcms v2.0
SQL Injection Vulnerability in Gxlcms v2.0 via ids[] Parameter
Denial of Service Vulnerability in TP-LINK WR840N v2 Firmware 3.16.9 Build 150701 Rel.51516n
Weak Reference Use-After-Free Vulnerability in Thunderbird and Firefox
Buffer Overflow Vulnerability in Skia Library with Hardware Accelerated Canvas 2D Actions
Same-Origin Policy Violation in Thunderbird and Firefox Versions < 64: Cross-Origin URL Entry Theft via Javascript Location Property
WebExtension Content Scripts Bypass Permissions Vulnerability
Clickjacking Vulnerability in Firefox RSS Feed Preview
Bypassing URI Limitations in Firefox WebExtensions
Integer Overflow Vulnerability in Image Buffer Size Calculation
Same-Origin Policy Violation in Firefox and Thunderbird: Cross-Origin URL Entry Theft via Meta Refresh
Unauthorized Administration Operations in IBM Security Access Manager Appliance
HTML5 Stream Parser Use-After-Free Vulnerability
Memory Corruption Vulnerabilities in Firefox 64 and Firefox ESR 60.4
Memory Corruption Vulnerability in Firefox 64
Compartment Mismatch Vulnerability in JavaScript Audio Buffer Manipulation in Firefox < 65
Buffer Freed While In Use: Exploitable Crash and Memory Read Vulnerability in Firefox < 65
Insufficient Authentication in Inter-process Communication (IPC) Channels
Proxy Auto-Detection Vulnerability in Firefox < 65
Denial of Service Vulnerability in Network Security Services (NSS)
S/MIME Signature Verification Flaw in Thunderbird < 60.5.1 Allows Content Manipulation
Arbitrary Code Execution Vulnerability in IBM WebSphere Application Server Liberty OpenID Connect
Non-persistent Denial of Service (DOS) Attack via about:crashcontent and about:crashparent Pages in Firefox < 64
Cross-origin image reading vulnerability in Firefox 65.0.1
Use-After-Free Vulnerability in Thunderbird Sound Notification
Denial-of-Service (DOS) Vulnerability in Thunderbird < 60.5
Cross-Site Scripting (XSS) Vulnerability in Citrix NetScaler Gateway
Insecure Permissions in BestXsoftware Best Free Keylogger before 6.0.0 Allow Privilege Escalation
Invalid Memory Address Dereference in elf_end function in libelf in elfutils through v0.174
Denial of Service Vulnerability in arlib_add_symbols() Function in elfutils 0.174
Stored XSS Vulnerability in Evernote 6.15 on Windows Allows Remote Code Execution
SQL Injection Vulnerability in OwnTicket 2018-05-23 via showTicketId or editTicketStatusId Parameter
SQL Injection Vulnerability in ThinkPHP 3.2.4 via count Parameter
Remote Clickjacking Vulnerability in IBM Tivoli Storage Manager (IBM Spectrum Protect 7.1 and 8.1)
SQL Injection in ThinkPHP 5.1.25 via count parameter
Insecure Random Number Generation in CAPTCHA Generation
ASUS Aura Sync v1.07.22 and Earlier: Arbitrary Ring-0 Code Execution via Asusgio Low-Level Driver Vulnerability
Vulnerability: Privilege Escalation via GLCKIo and Asusgio Low-Level Drivers in ASUS Aura Sync
Arbitrary DWORD Write Vulnerability in ASUS Aura Sync v1.07.22 and Earlier
XSS Vulnerability in TeaKKi 2.7 via Crafted onerror Attribute
Teeworlds 0.6.5 Vulnerability: Connection Packet Forgery and Server Slot Occupation
Memory Leak Vulnerability in WriteMSLImage and ProcessMSLScript Functions
XSS Vulnerability in Fiyo CMS 2.0.7 via name parameter in edit_user.php
SQL Injection Vulnerability in ThinkPHP 3.2.4 via order Parameter
Cross-Site Scripting (XSS) Vulnerabilities in Vesta Control Panel 0.9.8-22
XSS Vulnerability in Ajenti Docker Control Panel's File Manager
SQL Injection Vulnerability in ServersCheck Monitoring Software (before 14.3.4) Allows Authenticated User Exploitation
Persistent and Reflected XSS Vulnerabilities in ServersCheck Monitoring Software
Directory Traversal Vulnerability in ServersCheck Monitoring Software Allows Denial of Service
XSS Vulnerability in Leanote 2.6.1: Blog Basic Setting Title Field
VyOS 1.1.8 Sandbox Escape Vulnerability
Privilege Escalation Vulnerability in VyOS 1.1.8: Operator Users Can Execute pppd Binary with Elevated Permissions
Arbitrarily-sized JBIGDecode Out-of-Bounds Write in LibTIFF
Insecure Input Validation in ESP-IDF Bootloader Allows Arbitrary Code Execution
Race condition vulnerability in Linux kernel through 4.19 allows for use-after-free and potential Program Counter control
Insecure Permissions in Roche Accu-Chek Inform II and CoaguChek/cobas h232 Handheld Base Units Allow Remote Command Execution
Weak Access Credentials Vulnerability
Improper Access Control in Roche Accu-Chek and CoaguChek Devices Allows Arbitrary Code Execution
Improper Access Control Vulnerability in Roche Accu-Chek Inform II Instrument, CoaguChek Pro II, and cobas h 232
Arbitrary File Overwrite Vulnerability in Roche Medical Devices
Information Disclosure Vulnerability in Polycom VVX 500 and 601 Devices with Skype for Business Integration
Vulnerability: Man-in-the-Middle Attack on AudioCodes 440HD and 450HD Devices with Skype for Business Integration
Man-in-the-Middle Vulnerability in Polycom VVX Devices with Skype for Business Integration
Server-Side Request Forgery Vulnerability in Dundas BI Server
Bypassing Fine-Grained Access Control (FGAC) in IBM DB2 11.1
Cross-Site Scripting (XSS) Vulnerability in Planon before Live Build 41
Impersonation and Unauthorized Actions Vulnerability in Citrix XenMobile Server
Incomplete '.htaccess' Filter Allows Arbitrary PHP Code Execution in osCommerce 2.3.4.1
Arbitrary PHP Code Execution Vulnerability in osCommerce 2.3.4.1
Directory Traversal Vulnerability in The Hustle WordPress Plugin
XSS Vulnerability in DedeCMS 5.7 SP2 via plus/qrcode.php Type Parameter
Reflected XSS Vulnerability in DedeCMS 5.7 SP2 via /member/pm.php Folder Parameter
Cross-Site Request Forgery Vulnerability in IBM API Connect 5.0.0.0 through 5.0.8.6
Heap-Based Buffer Over-Read Vulnerability in LuPng's internalPrintf
Heap-based Buffer Overflow in LuPng's insertByte Function
Heap-based Buffer Overflow in LuPng's insertByte Function
Out-of-Bounds Write Vulnerability in mspack/cab.h
Null Character Filename Vulnerability in libmspack
Directory Traversal Vulnerability in chmextract.c
Insecure Password Storage: BigProf AppGini 5.70 Uses MD5 Hash
Critical Remote Arbitrary Code Execution Vulnerability in Micro Focus Real User Monitoring Software
Privilege Escalation Vulnerability in IBM API Connect 5.0.0.0 through 5.0.8.4
Remote Code Execution and Information Disclosure Vulnerability in Micro Focus Operations Bridge Containerized Suite
Micro Focus Service Manager Unauthorized Data Disclosure Vulnerability
Remote Directory Traversal and Remote Disclosure of Privileged Information in UCMDB Configuration Management Service
Out-of-Bounds Write Vulnerability in Stegdetect's f5_compress Function
Command Injection Vulnerability in Guardzilla GZ180 Remote Upgrade Feature
Buffer Overflow Vulnerability in Guardzilla GZ621W Firmware 0.5.1.4
Cloud API User Enumeration Vulnerability in Guardzilla Smart Cameras
Sandbox Escape Vulnerability in 360 Total Security 3.5.0.1033
Heap-based Buffer Over-read Vulnerability in GNU Binutils 2.31
NULL Pointer Dereference in merge_strings function in libbfd
NULL Pointer Dereference in elf_link_input_bfd in GNU Binutils 2.31
Cross-Site Scripting (XSS) Vulnerability in DedeCMS 5.7 SP2 via GetPageList Function
SQL Injection Vulnerability in Advanced Comment System 1.0
Stored XSS Vulnerability in CommuniGate Pro 6.2 via Pronto! Mail Composer
XSS Vulnerability in Waimai Super Cms 20150505 via index.php?m=public&a=doregister username parameter
Incomplete Fix for XSS Vulnerability in Grafana 5.3.1 via Dashboard > Text Panel Screen
Incomplete Fix for XSS Vulnerability in Grafana 5.3.1 via Column Style on Dashboard Table Panel
Incomplete Fix for XSS Vulnerability in Grafana 5.3.1 via Link on Dashboard > All Panels > General Screen
Arbitrary File and Directory Deletion Vulnerability in PHPYun V4.6
Remote Code Execution via Deserialization in Pippo 1.11.0
Untrusted Search Path Vulnerability in Keybase Command-Line Client
Insecure File Permissions in McKesson Cardiology Product 13.x and 14.x: Local System Access Vulnerability
Persistent XSS Vulnerability in Synacor Zimbra Collaboration Suite 8.6, 8.7, and 8.8
Cross-Site Scripting (XSS) Vulnerability in MailCleaner CE 2018.08 and 2018.09 Administration Login Interface
Cross-Site Scripting (XSS) Vulnerability in D-link DSL-2640T Routers via cgi-bin/webcm
Command Injection Vulnerability in Neato Botvac Connected 2.2.0 Setup API
Information Exposure Through Browser Caching Vulnerability in GitLab Community and Enterprise Edition
Cleartext Storage of Sensitive Information Vulnerability in GitLab
Cross-Site Scripting (XSS) Vulnerability in GitLab Community and Enterprise Edition
Persistent XSS Vulnerability in GitLab CE & EE 11.2 and later
Information Exposure via GitLab Prometheus Integration
Information Exposure via Unsubscribe Links in Email Replies
SSRF Vulnerability in GitLab Community and Enterprise Edition
Missing Authorization Vulnerability in GitLab Community and Enterprise Edition
Information Exposure Through Error Messages in GitLab Community and Enterprise Edition
Remote Code Execution Vulnerability in GitLab Wiki API
Integer Overflow Denial of Service Vulnerability in Xpdf 4.00
Denial of Service Vulnerability in Xpdf 4.00 via Large Loop in AcroForm.cc
Remote Command Execution Vulnerability in Veritas NetBackup Appliance 3.1.2 and Earlier
UEFI Secure Boot Bypass Vulnerability in Linux Kernel
Local Privilege Escalation Vulnerability in Crossroads 2.81
Username Leakage Vulnerability in Prayer 1.3.5
Clear-text Storage of Login Credentials in PureVPN Client for Windows
Unauthenticated Sensitive Information Disclosure in Arcserve Unified Data Protection (UDP) through 6.5 Update 4
Unauthenticated Sensitive Information Disclosure in Arcserve UDP
Unauthenticated XXE Vulnerability in Arcserve Unified Data Protection (UDP)
Reflected Cross-site Scripting Vulnerability in Arcserve Unified Data Protection (UDP)
NULL Pointer Dereference in LibTIFF's LZWDecode Function
Out-of-Bounds Read Vulnerability in MuPDF 1.14.0
Integer Overflow Vulnerability in NexxusToken's mintToken Function
Integer Overflow Vulnerability in SwftCoin (SWFTC) Token's mintToken Function
Integer Overflow Vulnerability in PylonToken's mintToken Function
XSS Vulnerability in GNUBOARD5 (before 5.3.2.0) via homepage title Parameter
XSS Vulnerability in GNUBOARD5 5.3.1.9: Injection via board title contents parameter
XSS Vulnerability in GNUBOARD5 5.3.1.9 via Extra Contents Parameter
XSS Vulnerability in GNUBOARD5 5.3.1.9 via mobile board head contents Parameter
XSS Vulnerability in GNUBOARD5 5.3.1.9 via board head contents Parameter
XSS Vulnerability in GNUBOARD5 5.3.1.9 via Menu Link Parameter
XSS Vulnerability in GNUBOARD5 5.3.1.9 via board tail contents Parameter
XSS Vulnerability in GNUBOARD5 5.3.1.9 via mobile board title contents Parameter
XSS Vulnerability in GNUBOARD5 5.3.1.9 via mobile board tail contents Parameter
XSS Vulnerability in GNUBOARD5 before 5.3.2.0 via board group extra contents parameter
Signature Validation Bypass via Incremental Saving in PDF Readers and Editors
Signature Wrapping Vulnerability in Multiple PDF Products
Unchecked Error Condition in xfs_attr_shortform_addname Leads to Non-Operational Filesystem Vulnerability
Reflected XSS Vulnerability in SEMCO Semcosoft 5.3 Login Form
Stored XSS in Monstra CMS 3.0.4 via File Upload without Extension
Buffer Overflow Vulnerability in M2SOFT Report Designer Viewer 5.0 via Crafted MRD File
CSRF Vulnerability in Microstrategy Analytics 10.4.0026.0049 and Earlier
Cleartext Wi-Fi Password Storage Vulnerability on Xiaomi Mi A1 Devices
Out-of-Bounds Write Vulnerability in GoPro gpmf-parser 1.2.1
Stack Consumption Vulnerability in GNU libiberty
Stack Consumption Vulnerability in GNU libiberty
SQL Injection Vulnerability in iCMS v7.0.11 via spider.admincp.php
Multiple Arbitrary File Read Vulnerabilities in PhpTpoint Mailing Server Using File Handling 1.0
SQL Injection Vulnerability in PhpTpoint Pharmacy Management System
Multiple SQL Injection Vulnerabilities in PhpTpoint Hospital Management System
Buffer Overflow Vulnerability in Tenda AC Series Routers
Buffer Overflow Vulnerability in Tenda AC Series Routers' Web Server
Buffer Overflow Vulnerability in Tenda Router's Web Server
Buffer Overflow Vulnerability in Tenda Router's Web Server
Cross-Site Scripting (XSS) Vulnerability in IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.0.0, 3.0.2, and 3.0.5
Information Leak in cdrom_ioctl_select_disc in Linux Kernel
CSRF Vulnerability in WUZHI CMS 4.1.0 Allows Unauthorized Password Change
CSRF Vulnerability in WUZHI CMS 4.1.0 Allows Unauthorized Username Change
Arbitrary File Read Vulnerability in PHPYun 4.6
Stack-based Buffer Overflow in RegFilter.sys of IOBit Malware Fighter 6.2 and Earlier via IOCTL 0x8006E010
Stored XSS Vulnerability in Zoho ManageEngine OpManager 12.3
Self XSS Vulnerability in Zoho ManageEngine OpManager 12.3 before 123219
XSS Vulnerability in Eleanor CMS (ajax.php)
Double-Free Vulnerability in gThumb's add_themes_from_dir Method
Cross-Site Scripting (XSS) Vulnerability in IBM Maximo Asset Management 7.6
Cross-Site Scripting (XSS) Vulnerability in YUNUCMS 1.1.5
Cross-Site Scripting (XSS) Vulnerability in YUNUCMS 1.1.5 - admin/link/editlink?id=5
Cross-Site Scripting (XSS) Vulnerability in YUNUCMS 1.1.5 - admin/content/editcontent?id=29&gopage=1
XSS Vulnerability in YUNUCMS 1.1.5's Edit Area Functionality
Cross-Site Scripting (XSS) Vulnerability in YUNUCMS 1.1.5
Cross-Site Scripting (XSS) Vulnerability in YUNUCMS 1.1.5 - admin/banner/editbanner?id=20
Cross-Site Scripting (XSS) Vulnerability in YUNUCMS 1.1.5's admin/sitelink/editsitelink?id=16
Buffer Overflow Vulnerability in Tenda Router's Web Server
Remote Code Execution Vulnerability in Tenda AC9, AC15, and AC18 Devices
Heap-based Buffer Overflow Vulnerability in Tenda Router's Web Server
Buffer Overflow Vulnerability in Tenda Router's Web Server
Buffer Overflow Vulnerability in Tenda Router's Web Server
Buffer Overflow Vulnerability in Tenda Router's Web Server
XSS Vulnerability in Catfish CMS 4.8.30: Write Source Code
CSRF Vulnerability in Catfish CMS 4.8.30
CSRF Vulnerability in catfish blog 2.0.33's admin/Index/tiquan
Catfish Blog 2.0.33 XSS Vulnerability: Write Source Code
XXE and SSRF Vulnerability in Douchat 4.0.4 via Data\notify.php
XSS Vulnerability in SEMCMS 3.4 via category_key Parameter
XSS Vulnerability in SEMCMS 3.4 via admin/SEMCMS_Products.php?lgid=1 Keywords Field
Information Disclosure Vulnerability in IBM API Connect 5.0.0.0 through 5.0.8.5
XSS Vulnerability in SEMCMS 3.4 via admin/SEMCMS_Link.php?lgid=1 URI
XSS Vulnerability in SEMCMS 3.4 via admin/SEMCMS_Download.php?lgid=1
CSRF Vulnerability in SEMCMS 3.4 via admin/SEMCMS_User.php?Class=add&CF=user URI
XSS Vulnerability in SEMCMS 3.4 via admin/SEMCMS_Categories.php?pid=1&lgid=1 URI
XSS Vulnerability in SEMCMS 3.4 via Admin Panel
XSS Vulnerability in SEMCMS 3.4 via admin/SEMCMS_Menu.php?lgid=1
Sandboxie 5.26 Sandbox Escape via import os Statement
Integer Overflow in data-tools leads to incorrect end value in write_wchars function
Open Redirect Vulnerability in IBM InfoSphere Information Governance Catalog
Double Free Vulnerability in GNU Gettext 0.19.8
Arbitrary File Upload Vulnerability in Webiness Inventory 2.3 via logo Parameter in WsSaveToModel.php
Typecho V1.1 Remote Command Execution via SSRF
Backdoor Root Account Vulnerability in ZyXEL VMG3312-B10B 1.00(AAPP.7) Devices
SQL Injection in K-iwi Framework 1775 via user_group_id and user_id parameters
Buffer Overflow Vulnerability in Local Server 1.0.9 on Port 4008
Open Faculty Evaluation System 5.6 for PHP 5.6 - SQL Injection in submit_feedback.php
Open Faculty Evaluation System 7 for PHP 7 - SQL Injection in submit_feedback.php
Buffer Overflow Vulnerability in Modbus Slave 7.0.0
Password Exposure in IBM Robotic Process Automation with Automation Anywhere 11 Control Room Log File
CSRF Vulnerability in RhinOS 3.0 build 1190
SQL Injection Vulnerability in SaltOS 3.1 r8126
Database Download Vulnerability in SaltOS 3.1 r8126
SQL Injection in SaltOS 3.1 r8126 via action=ajax&query=numbers&page=usuarios&action2 parameter.
Arbitrary Memory Read Vulnerability in Cesanta Mongoose 6.13 MQTT Packet Parsing
Cesanta Mongoose 6.13 MQTT Packet Parsing Heap-Based Buffer Over-read Vulnerability
Elevation of Privilege Vulnerability in Provisio SiteKiosk Call Dispatcher
Cleartext Transmission of Credentials in D-Link 'myDlink Baby App'
Unencrypted Password Storage Vulnerability in IBM Robotic Process Automation with Automation Anywhere 11
Arbitrary File Upload Vulnerability in LuLu CMS
CSRF Vulnerability in CentOS Web Panel (CWP) Allows Arbitrary OS Command Execution
CSRF Vulnerability in CentOS Web Panel (CWP) Allows Unauthorized Root Password Change
Cross-Site Scripting (XSS) Vulnerability in CentOS Web Panel (CWP) 0.9.8.740
Cross-Site Scripting (XSS) Vulnerability in Microstrategy Web 7 Login.asp
Cross-Site Scripting (XSS) Vulnerability in Microstrategy Web 7 via admin/admin.asp ShowAll Parameter
Directory Traversal Vulnerability in Microstrategy Web 7
Arbitrary File Read Vulnerability in ACME mini_httpd before 1.30
Information Disclosure Vulnerability in IBM Robotic Process Automation with Automation Anywhere 11 (IBM X-Force ID: 151714)
Cross-Site Scripting (XSS) Vulnerability in DedeCMS 5.7 SP2 via /member/uploads_select.php
Reflected XSS Vulnerability in DedeCMS 5.7 SP2 via /member/myfriend.php ftype Parameter
XSS Vulnerability in SEMCMS V3.4 via semcms_remail.php?type=ok umail Parameter
SQL Injection Vulnerability in zzcms 8.3 via admin/tagmanage.php
SQL Injection Vulnerability in zzcms 8.3
SQL Injection Vulnerability in zzcms 8.3 via pxzs Cookie
SQL Injection Vulnerability in zzcms 8.3 via pxzs Cookie
SQL Injection Vulnerability in zzcms 8.3 via tablename Parameter in admin/classmanage.php
SQL Injection Vulnerability in zzcms 8.3 via Host HTTP Header
SQL Injection Vulnerability in zzcms 8.3 via zxbigclassid Cookie
SQL Injection Vulnerability in zzcms 8.3 via pxzs Cookie
SQL Injection Vulnerability in zzcms 8.3 via pxzs Cookie
Arbitrary File Upload Vulnerability in School Event Management System 1.0
CSRF Vulnerability in School Event Management System 1.0
SQL Injection Vulnerability in School Event Management System 1.0
SQL Injection Vulnerability in Library Management System 1.0's Search for Books Feature
CSRF Vulnerability in School Attendance Monitoring System 1.0
SQL Injection Vulnerability in Attendance Monitoring System 1.0
CSRF Vulnerability in School Attendance Monitoring System 1.0
Tubigan Welcome to our Resort 1.0 Software SQL Injection Vulnerability
SQL Injection Vulnerability in BSEN Ordering Software 1.0
CSRF Vulnerability in Tubigan Welcome to our Resort 1.0 Software
SQL Injection Vulnerability in Curriculum Evaluation System 1.0
Bakeshop Inventory System 1.0: SQL Injection Vulnerability in Login Screen
SQL Injection Vulnerability in Point Of Sales 1.0 Login Screen (LoginForm1.vb)
SQL Injection Vulnerability in School Equipment Monitoring System 1.0
Cross-Site Scripting (XSS) Vulnerability in TIBCO Statistica Server
Race-condition vulnerability in TIBCO JasperReports Server allows privilege escalation
Directory Traversal Vulnerability in TIBCO JasperReports Library and Server
Credential Exposure Vulnerability in TIBCO Managed File Transfer Command Center and Internet Server
Spotfire Library External Storage File Modification Vulnerability
Multiple Cross-Site Scripting Vulnerabilities in TIBCO Spotfire Analytics Platform and Server
TIBCO Spotfire Authentication Bypass Vulnerability
Unauthenticated Bypass of Authorization Checks in TIBCO JasperReports Server
Persistent Cross Site Scripting Vulnerability in TIBCO JasperReports Server and Related Products
Remote Registry Key Modification Vulnerability in Leostream Agent
Unauthorized Chat Session Creation Vulnerability in MiCollab and MiVoice Business Express
Vulnerability: Plain Text Display of Node Password in IBM Spectrum Protect Client Trace File
Buffer Overflow Vulnerability in Icecast URL-Authentication Backend
SQL Injection Vulnerability in Grapixel New Media v2.0 via pages.aspx pageref Parameter
Cross-Site Scripting (XSS) Vulnerability in WolfCMS 0.8.3.1 via SVG File in File Manager Plugin
Cross-Site Scripting (XSS) Vulnerability in WolfCMS v0.8.3.1 via SVG File Upload
XSS Vulnerability in Pagoda Linux Panel V6.0 Login Log Rendering
Heap-based Buffer Overflow in Libav 12.3's vc1_decode_p_mb_intfi Function
Heap-based Buffer Over-read Vulnerability in Libav 12.3's ff_vc1_pred_dc
Heap-based Buffer Overflow in Libav 12.3's vc1_decode_i_block_adv Function
NULL Pointer Dereference Vulnerability in Libav 12.3's ff_vc1_parse_frame_header_adv Function
Denial of Service Vulnerability in IBM MQ Console REST API
Unauthenticated File Upload Vulnerability in MCMS 4.6.5
Directory Traversal Vulnerability in MCMS 4.6.5
SQL Injection via ASPSESSIONID Cookie in DKCMS 9.4
Heap-Based Buffer Overflow in libIEC61850 v1.3's BerEncoder_encodeOctetString
Arbitrary PHP Code Execution via upload_template() in DocCms 2016.5.12
JSON Injection in Netdata 1.10.0 via api/v1/data tqx parameter
HTTP Header Injection in Netdata 1.10.0 via api/v1/data filename parameter
Netdata 1.10.0 Log Injection Vulnerability
Full Path Disclosure (FPD) Vulnerability in Netdata 1.10.0 via api/v1/alarms
Zip Slip Vulnerability in IBM Case Manager 5.x.x.x
Cross-Site Scripting (XSS) Vulnerability in SEMCMS PHP V3.4 via SEMCMS_SeoAndTag.php
Cross-Site Scripting (XSS) Vulnerability in SEMCMS PHP V3.4 via SEMCMS_SeoAndTag.php?Class=edit&CF=SeoAndTag tag_indexkey Parameter
CSRF Vulnerability in Z-BlogPHP 1.5.2.1935 (Zero) Allows Remote Code Execution
SSRF Vulnerability in GitLab Kubernetes Integration
Reflected Cross-Site Scripting Vulnerability in Advanced Comment System 1.0
Out-of-Bounds Access Vulnerability in Qemu 3.0.0's lsi_do_msgin Function
Sensitive Information Disclosure in IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, and 18.0.0.2
Arbitrary Code Execution via Malicious YAML Configuration in Octopus Deploy
Cerio DT-300N OS Command Injection Vulnerability
Algorithmic Complexity Denial of Service in Lightbend Spray spray-json through 1.3.4
Denial of Service Vulnerability in Lightbend Spray spray-json through 1.3.4
Local Privilege Escalation Vulnerabilities in LiquidVPN Client for macOS
Local Privilege Escalation Vulnerabilities in LiquidVPN Client for macOS
Local Privilege Escalation Vulnerabilities in LiquidVPN Client for macOS
Local Privilege Escalation Vulnerabilities in LiquidVPN Client for macOS
Sensitive Information Disclosure Vulnerability in IBM Security Access Manager Appliance 9.0.x
SwitchVPN Client 2.1012.03 for macOS - Local Privilege Escalation Vulnerability
Remote Code Execution Vulnerability in PCMan FTP Server 2.0.7 via APPE Command
Incorrect Access Control in BMC Remedy Mid-Tier 7.1.00 and 9.1.02.003 for BMC Remedy AR System
Local File Inclusion Vulnerability in NGA ResourceLink 20.0.2.1
XSS Vulnerability in Loadbalancer.org Enterprise VA MAX before 8.3.3
Credentials Disclosure in Royal Browser Extensions TS and TSX
Incomplete Fix for SSRF Vulnerability in tecrail Responsive FileManager 9.13.4
Persistent XSS Vulnerability in No-CMS 1.1.3 via contact_us name parameter
Directory Traversal Vulnerability in EmpireCMS V7.5 Allows Arbitrary Code Execution
Hard-coded Credentials Vulnerability in IBM Security Access Manager Appliance 9.0.x.x
Unauthenticated Password Change Vulnerability in Gigaset Maxwell Basic VoIP Phones
Stored XSS Vulnerability in Kieran O'Shea Calendar Plugin for WordPress
NULL Pointer Dereference in ras_putdatastd function in JasPer 2.0.14
Arbitrary PHP Code Execution in nc-cms through 2017-03-10
Stored Cross-site Scripting (XSS) Vulnerability in Columbia Weather MicroServer Firmware Version MS_2.6.9900
Directory Traversal Vulnerability in Columbia Weather MicroServer Firmware Version MS_2.6.9900
Authenticated Web User Access to Alternative Configuration Page in Columbia Weather MicroServer Firmware Version MS_2.6.9900
Remote Denial of Service Vulnerability in Columbia Weather MicroServer Firmware MS_2.6.9900
Command Injection Vulnerability in Columbia Weather MicroServer Firmware Version MS_2.6.9900
Untrusted Search Path Vulnerability in IBM i Access for Windows: Arbitrary Code Execution via Trojan Horse DLL
Columbia Weather MicroServer Firmware Version MS_2.6.9900 - Reflected XSS Vulnerability in networkdiags.php
ControlByWeb X-320M-I Web-Enabled Instrumentation-Grade Data Acquisition Module 1.05 Firmware v1.05 - Denial of Service (DOS) Vulnerability
Stored Cross-Site Scripting (XSS) Vulnerability in ControlByWeb X-320M-I Web-Enabled Instrumentation-Grade Data Acquisition Module 1.05
Nested VT-x Vulnerability in Xen Hypervisor
Stored XSS Vulnerability in Helpy v2.1.0 via Ticket Title
SQL Injection Vulnerability in S-CMS PHP 1.0 via type parameter in member_news.php
Arbitrary PHP File Upload Vulnerability in laravelCMS
Cross-Site Scripting (XSS) Vulnerability in IBM Security Guardium 10.0 and 10.5
Full Path Disclosure Vulnerability in MiniCMS 1.10 via /mc-admin/post.php?state=delete&delete=
File Deletion Vulnerability in MiniCMS 1.10
Arbitrary PHP Code Execution Vulnerability in MiniCMS 1.10
Jinjava before 2.4.6 Vulnerability: Unblocked getClass Method in JinjavaBeanELResolver
Directory Traversal Vulnerability in Older Lexmark Devices' Embedded Web Server
Memory Leak in GfxColorSpace::setDisplayProfile in Poppler 0.71.0
Denial of Service Vulnerability in Best Practical Request Tracker Email-Ingestion Feature
Absolute RPATHs in IBM SDK, Java Technology Edition Version 8 on AIX Platform Vulnerability
Remote Code Execution Vulnerability in Vanilla 2.6.x before 2.6.4
D-Link DIR-850L 1.21WW Partial WPA Handshake Vulnerability
Cleartext HTTP Requests in Sky Go Desktop Application for Windows: Vulnerability for Man-in-the-Middle Attacks
XSS Vulnerability in xhEditor 1.2.2 via SRC Attribute of IFRAME Element
Cross-Site Scripting (XSS) Vulnerability in IBM Security Guardium 10 and 10.5
Stack-based Buffer Overflow in Easy File Sharing (EFS) Web Server 7.2 Allows Remote Code Execution
DLL Search Order Hijacking Vulnerability in Opera
Remote Denial of Service Vulnerability in Exiv2 0.27-RC1
XSS Vulnerability in WP Editor.md Plugin 10.0.1 for WordPress via Comment Area
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1
Invalid Opcode Vulnerability in Py-EVM v0.2.0-alpha.33
CSRF Vulnerability in PHP Server Monitor before 3.3.2
Remote Code Execution via AbiSoft Ticketly 1.0 add_user Vulnerability
Multiple SQL Injection Vulnerabilities in AbiSoft Ticketly 1.0
Arbitrary Code Execution via Image-Upload in ProjeQtOr 7.2.5
Remote Code Execution Vulnerability in Gogs 0.11.66
Remote Code Execution Vulnerability in Gitea before 1.5.4
Cross-Site Scripting (XSS) Vulnerability in PublicCMS V4.0
Integer Overflow in ICU's DecimalQuantity::toScientificString() Function
Default Local Administrator Credentials Vulnerability in Tightrope Media Carousel Seneca HDn Windows-based Appliance 7.0.4.104
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1
Arbitrary File Upload Vulnerability in Tightrope Media Carousel Digital Signage Product 7.0.4.104
Privilege Escalation via Insecure Default Permissions in Tightrope Media Carousel
Remote Denial of Service and Information Disclosure Vulnerability in Foxit Reader 9.3.0.10826
Arbitrary PHP Code Execution via ZIP File Upload in PopojiCMS v2.0.1
CSRF Vulnerability in PopojiCMS v2.0.1 via po-admin/route.php?mod=component&act=addnew URI
Arbitrary File Deletion Vulnerability in PopojiCMS v2.0.1
NULL Pointer Dereference in ClientDataSet_getValues in libIEC61850 v1.3
Stored XSS Vulnerability in WUZHI CMS 4.1.0 via index.php?m=core&f=index
Stored XSS Vulnerability in WUZHI CMS 4.1.0 via index.php?m=core&f=index
Reflected XSS Vulnerability in Netscape Enterprise 3.63 SnoopServlet
Remote Privilege Escalation in Vignette Content Management Version 6
Arbitrary PHP Code Execution in baserCMS ThemeConfig Logo Parameter
Cross-Site Scripting (XSS) Vulnerability in baserCMS 4.1.4
Buffer Overflow Vulnerability in Artha ~ The Open Thesaurus 1.0.3.0
SQL Injection Vulnerability in Zoho ManageEngine OpManager 12.3
Cross-Site Scripting (XSS) Vulnerability in IBM InfoSphere Information Server 11.3, 11.5, and 11.7
Path Traversal Vulnerability in KindEditor through 4.1.11: Unauthenticated File and Directory Browsing
XSS Vulnerability in JEECMS 9.3 via index.do#/content/update?type=update URI
Out-of-Bounds Memory Access in pnv_lpc_do_eccb Function in Qemu
Privilege Escalation in Linux Kernel User Namespace Handling
Denial of Service Vulnerability in Suricata 4.x (CVE-2018-18956)
Stack-Based Buffer Overflow in libIEC61850 v1.3's prepareGooseBuffer Function
Incorrect Access Control in OPNsense 18.7.x before 18.7.7
Denial of Service Vulnerability on Epson WorkForce WF-2861
Possible Host Header Injection Vulnerability in IBM Connections 5.0, 5.5, and 6.0
Amplification Attack Vulnerability in Epson WorkForce WF-2861 Devices
SQL Injection Vulnerability in Degrau Publicidade e Internet Plataforma de E-commerce's Busca.aspx.cs
Incomplete '.htaccess' for Blacklist Filtering in osCommerce 2.3.4.1 Product Page
Incomplete '.htaccess' for Blacklist Filtering in osCommerce 2.3.4.1 Product Page
Incomplete '.htaccess' blacklist filtering in osCommerce 2.3.4.1 product page allows HTML rendering in .eml files
Stack-based Buffer Overflow in IBM DB2 db2pdcfg (CVE-2020-4414)
Weak Certificate-Pinning Implementation in Ascensia Contour NEXT ONE iOS App Allows Disclosure of Medical Information
Direct Object Reference Vulnerability in Ascensia Contour NEXT ONE Application
Weak Obfuscation in Ascensia Contour NEXT ONE Android App Allows Extraction of Sensitive Medical Data
Static Encryption Key Vulnerability in Ascensia Contour NEXT ONE Android App
Static Initialization Vector in Ascensia Contour NEXT ONE Android App Allows Unauthorized Access to Patient Medical Information
XML External Entity (XXE) Injection Vulnerability in Zoho ManageEngine Network Configuration Manager and OpManager
Denial-of-Service Vulnerability in Rockwell Automation FactoryTalk Services Platform 2.90 and Earlier
Arbitrary SQL Injection Vulnerability in NUUO CMS Versions 3.3 and Prior
Heap-based Buffer Overflow in VT-Designer Version 2.1.7.31
Unencrypted Storage of Sensitive Information in Medtronic Programmers
Cross-Site Scripting Vulnerability in Tridium Niagara Enterprise Security and Niagara AX
LCDS Laquis SCADA Prior to Version 4.1.0.4150 Report Format File Vulnerability
Arbitrary Memory Write Vulnerability in VT-Designer Version 2.1.7.31
Remote Code Execution Vulnerability in LCDS Laquis SCADA
Memory Reference Vulnerability in CX-One Versions 4.42 and Prior
Improper Access Control in IBM InfoSphere Information Server 11.3, 11.5, and 11.7
Path Traversal Vulnerability in LCDS Laquis SCADA
Reflected Cross-Site Scripting Vulnerability in SCADA WebServer (Versions prior to 2.03.0001)
Remote Code Execution Vulnerability in LCDS Laquis SCADA prior to version 4.1.0.4150
Stack-based Buffer Overflow Vulnerabilities in CX-One Versions 4.42 and Prior
Out of Bounds Read Vulnerability in LCDS Laquis SCADA Prior to Version 4.1.0.4150
Unauthenticated Access Vulnerability in ABB GATE-E1 and GATE-E2 Ethernet Devices
Unauthenticated Remote Code Execution in LCDS Laquis SCADA (prior to version 4.1.0.4150)
Unauthenticated Remote Code Execution in ABB GATE-E1 and GATE-E2 Ethernet Devices
Hard Coded Credentials in LCDS Laquis SCADA Prior to Version 4.1.0.4150
Stack Buffer Overflow Vulnerability in WebAccess/SCADA Version 8.3.2
Cross-Site Scripting (XSS) Vulnerability in IBM Curam Social Program Management
Authentication Bypass Vulnerability in LCDS Laquis SCADA Prior to Version 4.1.0.4150
Weak Encryption Vulnerability in Philips HealthSuite Health Android App
LCDS Laquis SCADA Prior to Version 4.1.0.4150 Project File Code Generation Vulnerability
Path Traversal Vulnerability in GE Mark VIe, EX2100e, EX2100e_Reg, and LS2100e Versions 03.03.28C to 05.02.04C, EX2100e All versions prior to v04.09.00C, EX2100e_Reg All versions prior to v04.09.00C, and LS2100e All versions prior to v04.09.00C
Out of Bounds Read Vulnerability in LCDS Laquis SCADA Prior to Version 4.1.0.4150
Improper Input Validation Vulnerability in Cscape, Version 9.80.75.3 SP3 and Prior
Cross-Site Scripting Vulnerability in OSIsoft PI Vision
OS System Command Injection Vulnerability in Geutebrueck GmbH E2 Camera Series
Arbitrary Code Execution Vulnerability in ABB CP400 Panel Builder's TextEditor 2.0
Clear-text Credential Data Exposure in Pilz PNOZmulti Configurator (Prior to Version 10.9)
Elevated Privileges Vulnerability in IBM WebSphere Application Server 8.5 and 9.0
Vulnerability: Network Packet Reboot Disruption in Drager Infinity Delta and Infinity Explorer C700 Monitors
Arbitrary Code Execution in CX-Supervisor (Versions 3.42 and prior)
Vulnerability: Kiosk Mode Breakout in Drager Infinity Delta, Delta XL, Kappa, and Infinity Explorer C700
Command Injection Vulnerability in CX-Supervisor (Versions 3.42 and prior) Allows File Deletion and Content Manipulation
Unauthenticated Network Access to Log Files Reveals Sensitive Information in Drager Infinity Delta and Delta XL Patient Monitors
Command Injection and Code Execution Vulnerability in CX-Supervisor (Versions 3.42 and prior)
Denial-of-Service Vulnerability in Rockwell Automation EtherNet/IP Web Server Modules
Use After Free Vulnerabilities in CX-Supervisor (Versions 3.42 and Prior) Allow Code Execution
Uninitialized Pointer Vulnerability in CX-Supervisor (Versions 3.42 and prior) Allows Code Execution
Type Confusion Vulnerability in CX-Supervisor (Versions 3.42 and prior) Allows Code Execution
Remote Connection Spoofing Vulnerability in IBM WebSphere Application Server
Array Out-of-Bounds Read Vulnerability in CX-Supervisor (Versions 3.42 and prior)
Authentication Bypass Vulnerability in Emerson DeltaV DCS Versions 11.3.1 - R6
Fixed Code Vulnerability in Hetronic Nova-M Remote Control
Arbitrary Command Execution Vulnerability in JUUKO K-808 Firmware (Versions Ending in ...9A, ...9B, ...9C, etc.)
Type Confusion Vulnerabilities in CX-One and CX-Protocol: Code Execution via Crafted Project Files
Remote Code Execution and Memory Manipulation in LCDS Laquis SCADA (CVE-2021-XXXX)
Privilege Escalation Vulnerability in IBM Sterling Connect:Direct for UNIX
Command Injection Vulnerability in 360 Router Series Products (V2.0.61.58897)
Remote Code Execution Vulnerability in Bosch IP Cameras
Denial of Service Vulnerability in Virgin Media Wireless Router 3.0 Hub Web Interface
Arbitrary File Read Vulnerability in Grafana
Arbitrary Code Execution Vulnerability in IBM WebSphere Application Server
Directory Listing Vulnerability in Media File Manager Plugin 1.4.2 for WordPress
Cross-Site Scripting (XSS) Vulnerability in Media File Manager Plugin 1.4.2 for WordPress
Arbitrary File Movement Vulnerability in Media File Manager Plugin for WordPress
Arbitrary File Renaming Vulnerability in Media File Manager Plugin for WordPress
Arbitrary File Overwrite Vulnerability in keepalived 2.0.8
Sensitive Information Leakage in keepalived 2.0.8 via PrintData and PrintStats Functions
Potential Information Leakage in keepalived 2.0.8 via Temporary File
SSRF Vulnerability in mPDF through 7.1.6
DOM XSS via onload attribute in malformed SVG element in Simditor through 2.3.21
XML External Entity Injection (XXE) Vulnerability in IBM WebSphere Application Server 9.0.0.0 through 9.0.0.9
XSS Vulnerability in MetInfo 6.1.3 via admin/index.php?a=dogetpassword langset Parameter
XSS Vulnerability in MetInfo 6.1.3 via abt_type Parameter in admin/index.php?a=dogetpassword
Path Traversal Vulnerability in mod_alias_physical_handler
Arbitrary PHP Code Execution in PbootCMS 1.2.2
DOM XSS vulnerability in pandao Editor.md 1.5.0 via mishandling of input starting with <<.
XSS Vulnerabilities in SimpleMDE 1.11.2
Denial of Service Vulnerability in Poppler 0.71.0
Out-of-Bounds Read Vulnerability in Poppler 0.71.0
Code Download Vulnerability in IBM InfoSphere Information Server
NULL Pointer Dereference in Poppler 0.71.0 Leads to Denial of Service
SQL Injection Vulnerability in DedeCMS 5.7 SP2 via dede\co_do.php ids Parameter
Blank Password Vulnerability on Foscam C2 and Opticam i5 Devices
Blank Password Vulnerability on Foscam C2 and Opticam i5 Devices
Hardcoded Password Vulnerability in Foscam C2 and Opticam i5 Devices
Hardcoded Password Encryption Vulnerability in Foscam C2 and Opticam i5 Devices
Hardcoded Password Vulnerability in Foscam C2 and Opticam i5 Devices
Unauthorized Access to Telnet Switch Feature on Foscam Opticam i5 Devices
Vulnerability: Unauthorized Telnet Access with Default Credentials
Arbitrary OS Command Execution Vulnerability in Foscam C2 and Opticam i5 Devices
Insecure Permissions on /mnt/mtd/boot.sh Allows Local Command Execution
Insecure Permissions on Foscam C2 and Opticam i5 Devices
Arbitrary OS Command Execution Vulnerability in Foscam C2 and Opticam i5 Devices
Vulnerability: Ineffective Firewall on Foscam C2 and Opticam i5 Devices
Vulnerability: Firewall Feature Disclosure in Foscam C2 and Opticam i5 Devices
Vulnerability: Brute-Force Authentication Bypass on Foscam C2 and Opticam i5 Devices
Denial of Service Vulnerability in Foscam Opticam i5 Devices
Foscam Opticam i5 Devices: Administrator Credentials Exposed in ONVIF Media GetStreamUri Response
Unauthenticated Reboot Vulnerability in Foscam Opticam i5 Devices
Cross-Site Scripting Vulnerability in IBM Robotic Process Automation with Automation Anywhere 11
Unauthenticated Persistent XSS in Foscam Opticam i5 ONVIF Devicemgmt SetHostname Method
Arbitrary OS Command Execution via ONVIF SetDNS Method in Foscam Opticam i5 Devices
Stack-based Buffer Overflow Vulnerability in Foscam Opticam i5 ONVIF Devicemgmt SetDNS Method
XSS Vulnerability in WeCenter 3.2.0 - 3.2.2 via htmlspecialchars_decode Function
Stack-based Buffer Overflow in RegFilter.sys of IOBit Malware Fighter 6.2
Stack-based Buffer Overflow in RegFilter.sys of IOBit Malware Fighter 6.2
Stack-based Buffer Overflow in RegFilter.sys of IOBit Malware Fighter 6.2
Stack-based Buffer Overflow in RegFilter.sys of IOBit Malware Fighter 6.2
Stored XSS in Tianti 2.3 Userlist Module via Mishandled Name Parameter
Stored XSS Vulnerability in Tianti 2.3 Article Management Module via Article Title
Reflected XSS Vulnerability in Tianti 2.3 User Management Module
XSS Vulnerability in YzmCMS v5.2 via search/index/archives/pubtime/ Query String
SEGV Vulnerability in libIEC61850 v1.3: ControlObjectClient_setCommandTerminationHandler
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6
CSRF Vulnerability in BageCMS 3.1.3 Allows Arbitrary File Upload and Server Privilege Escalation
Remote Code Execution Vulnerability in LibreCAD 2.1.3
Invalid URL Encoding Vulnerability in Avi Vantage (AV-33959)
Integer Overflow Vulnerability in Exiv2 0.26 Allows Denial of Service via Crafted PSD Image File
Integer Overflow Vulnerability in Exiv2::PsdImage::readMetadata in PSD Image Reader
Tianti 2.3 Remote Authentication Bypass Vulnerability
Cross-Site Scripting (XSS) Vulnerability in IBM DOORS Next Generation (DNG/RRC) 5.0 through 5.0.2 and 6.0 through 6.0.6
Unauthenticated Access to Skin Management in Tianti 2.3
Google Cardboard App 1.8 and 1.2 Sends Potentially Private Cleartext Information to Unity 3D Stats Web Site
Privilege Escalation Vulnerability in Pronestor PNHM Outlook Add-in
Arbitrary File Upload and Privilege Escalation Vulnerability in MinDoc
Heap-based Buffer Overflow in keepalived before 2.0.7 when Parsing HTTP Status Codes
Remote Denial of Service Vulnerability in Zoho ManageEngine ADAudit
Cross-Site Scripting (XSS) Vulnerability in IBM DOORS Next Generation (DNG/RRC) 6.0.2 through 6.0.6
Outbound TCP Connection Disclosure Vulnerability in KDE HTML Thumbnailer Plugin
SEGV Vulnerability in libIEC61850 v1.3 Ethernet_receivePacket
NULL Pointer Dereference Vulnerability in libIEC61850 v1.3 Ethernet_sendPacket
Arbitrary Image File Write Vulnerability in PrestaShop 1.6.x and 1.7.x on Windows
Remote Directory Deletion Vulnerability in PrestaShop 1.6.x and 1.7.x
Arbitrary Code Execution via File Upload in PrestaShop 1.6.x and 1.7.x
Arbitrary Code Execution via Code Injection in PHPCMS 2008
Heap-based Buffer Over-read Vulnerability in Libav 12.3's decode_frame Function
NULL Pointer Dereference Vulnerability in Libav 12.3
Cross-Site Scripting (XSS) Vulnerability in IBM DOORS Next Generation (DNG/RRC) 5.0 through 5.0.3 and 6.0 through 6.0.6
Invalid Memory Access Vulnerability in Libav 12.3's vc1_decode_frame Function
XSS Vulnerability in Squid 4.4 and Earlier Versions via Crafted X.509 Certificate
Denial of Service Vulnerability in Squid (Memory Leak via SNMP Packet)
Critical Email Address Leak Vulnerability in Flarum Core 0.1.0-beta.7.1
Type Confusion Vulnerability in Artifex Ghostscript through 9.25
CSRF Vulnerability in ClipperCMS 1.3.3 Allows Unauthorized File Upload and Access
XSS Vulnerability in DomainMOD 4.11.01 via assets/edit/registrar-account.php raid Parameter
XSS Vulnerability in DomainMOD 4.11.01 via assets/edit/ip-address.php
CSRF Vulnerability in WSTMart 2.0.7 via index.php/admin/staffs/add.html URI
Memory Leak in JasPer 2.0.14: jas_malloc.c and jpc_unk_getparms in jpc_cs.c Vulnerability
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Engineering Lifecycle Manager 5.0 through 6.0.6
XSS Vulnerability in OTRS 4.0.x and 5.0.x
XSS Vulnerability in OTRS 6.0.x before 6.0.13
File Deletion Vulnerability in OTRS 4.0.x, 5.0.x, and 6.0.x
XSS Vulnerability in S-CMS v1.5 search.php via keyword Parameter
XSS Vulnerability in Concrete5 8.4.3 via SVG File Uploads
Caddy 0.11.0 Vulnerability: Incorrect Certificate Disclosure for Invalid Requests
NULL Pointer Dereference in Poppler Attachment Handling
Memory Corruption Vulnerability in PDMODELProvidePDModelHFT in pdmodel.dll
Remote Denial of Service Vulnerability in Qtum 0.16: Exploiting Invalid Headers/Blocks
Remote Denial of Service Vulnerability in Emercoin 0.7: Disk and RAM Exhaustion via Invalid Headers/Blocks
Remote Denial of Service Vulnerability in Particl 0.17: Exploiting Invalid Headers/Blocks
HTMLCOIN 2.12 Vulnerability: Remote Denial of Service via Invalid Headers/Blocks
Remote Denial of Service Vulnerability in NavCoin 4.3.0: Disk and RAM Exhaustion via Invalid Headers/Blocks
Remote Denial of Service Vulnerability in PIVX 3.1.03: Exploiting Invalid Headers/Blocks Storage
Remote Denial of Service Vulnerability in Phore 1.3.3.1: Exploiting Invalid Headers/Blocks Storage
Remote Denial of Service Vulnerability in ColossusCoinXT 1.0.5: Exploiting Invalid Headers/Blocks Storage
Remote Denial of Service Vulnerability in Lux (through version 5.2.2) via Invalid Headers/Blocks
Cross-Site Scripting (XSS) Vulnerability in IBM Jazz Foundation
Remote Denial of Service Vulnerability in Diamond 3.0.1.2: Exploiting Invalid Headers/Blocks Storage
Remote Denial of Service Vulnerability in Alqo through 4.1
Remote Denial of Service Vulnerability in Divi Cryptocurrency
Remote Denial of Service Vulnerability in StratisX 2.0.0.5: Exploiting Invalid Headers/Blocks Storage
Remote Denial of Service Vulnerability in Reddcoin 2.1.0.5: Exploiting Invalid Headers/Blocks Storage
Remote Denial of Service Vulnerability in Neblio 1.5.1: Exploiting Invalid Headers/Blocks Storage
Remote Denial of Service Vulnerability in Peercoin 0.6.4: Exploiting Invalid Headers/Blocks Storage
Remote Denial of Service Vulnerability in CloakCoin 2.2.2.0: Exploiting Invalid Headers/Blocks Storage
Arbitrary Code Execution via Shell Metacharacter Injection in FruityWifi (PatatasFritas/PatataWifi)
Authenticated User Access to JSP Files and Sensitive Information Disclosure in IBM InfoSphere Information Server
Stored XSS Vulnerability in JPress v1.0-rc.5 via starter-tomcat-1.0/admin/setting URI
Stored XSS vulnerability in com/lxinet/jeesns/core/utils/XssHttpServletRequestWrapper.java in JEESNS 1.3 via HTML EMBED element
Cross-Site Scripting (XSS) Vulnerability in IBM Jazz Reporting Service (JRS) 6.0.3-6.0.6
Arbitrary PHP Code Execution in YUNUCMS 1.1.5 via Install.php Vulnerability
Arbitrary File Deletion Vulnerability in YUNUCMS 1.1.5
CSRF Vulnerability in Engelsystem before commit hash 2e28336
Denial of Service Vulnerability in ethereumjs-vm 2.4.0 via code: Buffer.from(my_code, 'hex') Attribute
Denial of Service Vulnerability in Go Ethereum (geth) 1.8.17 via Crafted Bytecode
Heap-based Buffer Overflow in libIEC61850 v1.3's BerEncoder_encodeOctetString
XSS Vulnerability in Amazon PAYFORT payfort-php-SDK: Exploiting route.php paymentMethod Parameter
XSS Vulnerability in Amazon PAYFORT payfort-php-SDK Payment Gateway SDK
XSS Vulnerability in Amazon PAYFORT payfort-php-SDK: success.php fort_id Parameter
XSS Vulnerability in Amazon PAYFORT payfort-php-SDK Payment Gateway SDK
XSS Vulnerability in Amazon PAYFORT payfort-php-SDK: Exploiting error.php error_msg Parameter
Cross-Site Scripting (XSS) Vulnerabilities in Webmin 1.890
CSRF Vulnerability in XiaoCms 20141229
XSS Vulnerability in XiaoCms 20141229: Exploiting the New News Input Box
Full Path Disclosure in XiaoCms 20141229
XSS Vulnerability in XiaoCms 20141229: template\default\show_product.html
Arbitrary Code Execution Vulnerability in XiaoCms 20141229
Arbitrary Directory Deletion Vulnerability in XiaoCms 20141229
Out-of-Bounds Write Vulnerability in uriparser before 0.9.0
Integer Overflow in uriparser's UriQuery.c
XML External Entity Injection (XXE) Vulnerability in IBM Marketing Platform 9.1.0, 9.1.2, and 10.1
Null Pointer Dereference in uriparser's UriCommon.c
Reflected XSS Vulnerability in MyBB ModCP Profile Editor (CVE-2020-12345)
Reflected XSS Vulnerability in MyBB 1.8.x through 1.8.19 via 'upsetting[bburl]' Parameter
Remote Unauthenticated Termination of PRTG Core Server Service Vulnerability
Arbitrary Code Execution and OS Command Injection in PRTG Network Monitor
GnuPG MDC Integrity-Protection Warning Vulnerability in Roundcube
XSS Vulnerability in Roundcube before 1.3.8 via Crafted SVG Style
Arbitrary Code Execution Vulnerability in Van Ons WP GDPR Compliance Plugin (CVE-2018-19207)
NULL Pointer Dereference in WP6ContentListener::defineTable Function in libwpd 0.10.2
NULL Pointer Dereference in NASM 2.14rc15: A DoS Vulnerability in find_label Function
Cross-Site Scripting (XSS) Vulnerability in IBM Campaign 9.1.0, 9.1.2, 10.1, and 11.0
NULL Pointer Dereference Vulnerability in LibTIFF 4.0.9
NULL Pointer Dereference in _nc_parse_entry Function Leads to Denial of Service Attack in ncurses 6.1
Denial of Service Vulnerability in libwebm through 2018-10-03
Memory Leaks in NASM (Netwide Assembler) Version 2.14rc16: Potential DoS Vulnerability
Heap-Based Buffer Over-Read Vulnerability in NASM 2.14rc15
Heap-Based Buffer Over-Read Vulnerability in NASM 2.14rc16's expand_mmac_params Function
Use-after-free vulnerability in NASM before 2.13.02 in detoken at asm/preproc.c
NULL Pointer Dereference Vulnerability in ncurses
Illegal Address Access Vulnerability in LibSass 3.5-stable Leading to DoS Attack
Illegal Address Access Vulnerability in LibSass 3.5-stable: Exploitable DoS Attack via Sass::Eval::operator
Buffer Overflow Vulnerability in IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1
Arbitrary PHP Code Execution in LAOBANCMS 2.0 via install/ URI
SQL Injection Vulnerability in LAOBANCMS 2.0 via admin/login.php guanliyuan parameter
Vulnerability: LAOBANCMS 2.0 Admin Password Reset via /install/mysql_hy.php?riqi=0&i=0 Attack
Cross-Site Scripting (XSS) Vulnerability in LAOBANCMS 2.0 via admin/type.php?id=1 URI
Spoofing Vulnerability in LAOBANCMS 2.0 Allows Unauthorized Access
CSRF Vulnerability in LAOBANCMS 2.0's admin/mima.php
Directory Traversal Vulnerability in LAOBANCMS 2.0 Allows Remote File Listing
XSS Vulnerability in LAOBANCMS 2.0 via admin/liuyan.php neirong[] Parameter
Arbitrary File Deletion Vulnerability in LAOBANCMS 2.0
XSS Vulnerability in LAOBANCMS 2.0 via admin/art.php?typeid=1 biaoti Parameter
Buffer Overflow Vulnerability in IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1
Denial of Service Vulnerability in Epson WorkForce WF-2861 Firmware Update Service
Hard-coded Credentials Vulnerability in COMPAREX Miss Marple Enterprise Edition
Arbitrary Code Execution Vulnerability in COMPAREX Miss Marple Updater Service
OS Command Injection Vulnerability in TRENDnet TEW-673GRU v1.00b40 Devices
Buffer Overflow Vulnerability in TRENDnet TV-IP110WN and TV-IP121WN Devices
Buffer Overflow Vulnerability in TRENDnet TV-IP110WN and TV-IP121WN Devices
Buffer Overflow Vulnerability in TRENDnet TEW-632BRP and TEW-673GRU Devices: Control Flow Hijacking via Crafted POST Request
XML External Entity (XXE) Vulnerability in Charles 4.2.7 Import/Export Setup
Local File Inclusion Vulnerability in PHP-Proxy 5.1.0
Unauthenticated Firmware Upload and Printer Reset Vulnerability in Epson WorkForce WF-2861 Devices
Replay Attack Vulnerability in Stripe API v1
Weak Cryptographic Algorithms in IBM WebSphere MQ 9.1.x
Cross-Site Request Forgery (CSRF) Vulnerability in IBM WebSphere Application Server Admin Console
Cross-Site Request Forgery Vulnerability in IBM StoredIQ 7.6
SQL Injection Vulnerability in Centreon 3.4.x (Fixed in Centreon 18.10.0 and Centreon web 2.8.28)
Remote Code Execution through Object Injection in phpBB 3.2.4 and earlier versions
Default Password Vulnerability in Mitel InAttend and CMG Suite Servers
Insecure Object Deserialization Allows Arbitrary Command Execution in OpenMRS
XXE Bypass Vulnerability in PHPOffice PhpSpreadsheet through 1.5.0 via UTF-7 Encoding
Buffer Overflow in DNS SRV and NAPTR Lookups in Digium Asterisk 15.x and 16.x before 15.6.2 and 16.0.1
Vulnerability: Plaintext Leakage of NTFS Files in PRIMX ZoneCentral
Improper Authorization in IBM StoredIQ 7.6.0 Allows Low Privileged User Access to High Privileged User Endpoints
Cross-Site Scripting (XSS) Vulnerability in Centreon 3.4.x
Centreon 3.4.x SNMP Trap SQL Injection Vulnerability
Denial of Service Vulnerability in Rockwell Automation PowerFlex 525 AC Drives
XSS Vulnerability in Mubu Note 2018-11-11 via Crafted Account Name
Cross-Site Scripting (XSS) in Ninja Forms Plugin for WordPress (<= 3.3.18) via Submissions Page Parameters
XSS Vulnerability in Zoho ManageEngine OpManager 12.3 before Build 123223 via updateWidget API
HTML Injection and JavaScript Execution via EMBED Element in Valine v1.3.3
Unauthenticated Access to Restricted Views in IBM Rational Engineering Lifecycle Manager
Command Injection Vulnerability in Budabot's HELPBOT_MODULE
CSRF Vulnerability in DiliCMS 2.4.0 Allows Unauthorized User or Group Deletion
Improper Input Validation Vulnerability in Sylabs Singularity 2.4 to 2.6
Object Injection Vulnerability in PHPMailer
Arbitrary Command Execution Vulnerability on D-Link DAP and DWR Series Routers
Cross-Site Scripting (XSS) Vulnerability in tp4a TELEPORT 3.1.0 Login Page
Cross-Site Scripting (XSS) Vulnerability in Centreon 3.4.x
SQL Injection Vulnerability in Centreon 3.4.x (Fixed in Centreon 18.10.0 and Centreon web 2.8.24)
CSRF Vulnerability in SRCMS 3.0.0 Allows Unauthorized Account Modification
CSRF Vulnerability in SRCMS 3.0.0 Allows Unauthorized Price Manipulation
Role-based Access Control Vulnerability in IBM API Connect 5.0.0.0 through 5.0.8.4
Ring0 memcpy-like functionality vulnerability in GDrv driver allows complete system takeover
Privilege Escalation via GPCIDrv and GDrv Low-Level Drivers in GIGABYTE APP Center and Related Software
Privilege Escalation via GPCIDrv and GDrv Low-Level Drivers in GIGABYTE APP Center and Related Software
GDrv Low-Level Driver Exposes Machine Specific Register (MSR) Read/Write Vulnerability
XSS Vulnerability in kimsQ Rb 2.3.0 via /?r=home&mod=mypage&page=info URI
Zyxel VMG1312-B10D Directory Traversal Vulnerability
CSRF Vulnerability in JTBC(PHP) 3.0.1.7 aboutus/manage.php
Directory Traversal Vulnerability in LAOBANCMS 2.0 via install/mysql_hy.php
Arbitrary File Deletion Vulnerability in GreenCMS v2.3.0603
Cross-Site Scripting (XSS) Vulnerability in IBM Planning Analytics 2.0 through 2.0.6
SQL Injection Vulnerability in S-CMS v1.5 search.php
CSRF Vulnerability in S-CMS v1.5 Allows Unauthorized User Addition
Memory Overwrite Vulnerability in gVisor's Shared Memory Handling
Cross-Site Search (XS-Search) Vulnerability in Google Monorail
Cross-Site Search (XS-Search) Vulnerability in Google Monorail
Cross-Site Request Forgery Vulnerability in IBM Cognos Business Intelligence 10.2.2
Cross-Site Scripting (XSS) Vulnerability in Guriddo Form PHP 5.3
Denial of Service and Information Disclosure Vulnerability in Foxit Reader U3D Plugin
Remote Code Execution Vulnerability in Foxit Reader U3D Plugin
Remote Code Execution Vulnerability in Foxit Reader U3D Plugin
Denial of Service and Information Disclosure Vulnerability in Foxit Reader U3D Plugin
Remote Code Execution Vulnerability in Foxit Reader U3D Plugin
Out-of-Bounds Read Vulnerability in Foxit Reader U3D Plugin
Out-of-Bounds Read Vulnerability in Foxit Reader U3D Plugin
Denial of Service and Information Disclosure Vulnerability in Foxit Reader U3D Plugin
SQL Injection Vulnerability in SeaCMS v6.64 via admin_makehtml.php
Sensitive Information Disclosure in IBM Connections 5.0, 5.5, and 6.0
Stored XSS Vulnerability in SeaCMS v6.6.4 via member.php?action=chgpwdsubmit Email Parameter
Cross-Site Scripting (XSS) Vulnerability in Jupyter Notebook before 5.7.1
Cross-Site Scripting (XSS) Vulnerability in Jupyter Notebook before 5.7.2
Denial of Service Vulnerability in libansilove 1.0.0
Arbitrary Code Execution via File Upload in PrestaShop Customer Files Upload Addon
Stack-based Buffer Overflow in XMPlay 3.8.3 via Crafted .m3u File URL
Local Credential Retrieval Vulnerability in GNOME Keyring
Incorrect Access Control in GitLab Community and Enterprise Edition 8.9 and later
Stack-based Buffer Overflow in IBM DB2 libdb2e.so.1 (CVE-2020-4414)
Unspecified Impact Vulnerability in FasterXML Jackson-databind 2.x
Unspecified Impact Vulnerability in FasterXML Jackson-databind 2.x
Unspecified Impact Vulnerability in FasterXML Jackson-databind 2.x
Use-after-free vulnerability in QEMU's 9pfs file system implementation
Directory Traversal Vulnerability in Wowza Streaming Engine 4.7.4.01 REST API
Insecure Admin User Verification Endpoint in Portainer
Local Privilege Escalation Vulnerability in IBM Cloud Private 3.1.1
Race Condition Vulnerability in Yoast SEO Plugin Allows Command Execution via ZIP Import
XXE Vulnerability in SaveUserSettings service in SDL Web 8.5.0 allows reading sensitive files
Local Privilege Escalation in Zoho ManageEngine ADManager Plus 6.6 Build 6657
CSRF Vulnerability in GreenCMS v2.3.0603 Allows Log File Deletion
Local Privilege Escalation Vulnerability in IBM Cloud Private 3.1.1
Reflected XSS Vulnerability in SolarWinds Database Performance Analyzer 11.1.457
Denial of Service Vulnerability in Foxit Reader 9.3.0.10826
Denial of Service Vulnerability in Foxit Reader 9.3.0.10826
Open Redirect Vulnerability in IBM Cloud Private 3.1.1 Allows for Phishing Attacks
Denial of Service Vulnerability in Foxit Reader 9.3.0.10826
Persistent XSS Vulnerability in Cobham Satcom Sailor 250 and 500 Devices
Unauthenticated Password Reset Vulnerability in Cobham Satcom Sailor 250 and 500 Devices
Arbitrary Content Writing and Denial of Service Vulnerability in Cobham Satcom Sailor 800 and 900 Devices
Persistent XSS Vulnerability in Cobham Satcom Sailor 800 and 900 Devices
NULL Pointer Dereference Vulnerability in PHP COM Extension
Denial of Service Vulnerability in PHP's var_unserializer.c
Remote Code Execution Vulnerability in YXcms 1.4.7 via ZIP Archive Upload
NULL pointer dereference and BUG in kvm_pv_send_ipi vulnerability in Linux kernel (CVE-2018-19407)
Denial of Service Vulnerability in vcpu_scan_ioapic Function
Improper LockSafetyParams Check in Artifex Ghostscript
Local Privilege Escalation Vulnerability in IBM Campaign 9.1.0 and 9.1.2
Unauthenticated Remote User Creation and Privilege Escalation in PRTG Network Monitor
Privilege Escalation Vulnerability in PRTG Network Monitor
Improper Access Controls in SonarQube API Expose Sensitive User Information
Multiple Cross-Site Scripting (XSS) Vulnerabilities in Plikli CMS 4.0.0
SQL Injection Vulnerabilities in Plikli CMS 4.0.0
Out-of-Bounds Read Vulnerability in sysstat 12.1.1
Stack-smashing vulnerability in Contiki-NG MQTT Server allows for Remote Code Execution
Command Injection Vulnerability in Foxit PDF ActiveX (CVE-XXXX-XXXX)
Unrestricted HTML Execution Vulnerability in GetSimpleCMS 3.3.15
Vulnerability: HTML Uploads Allowed in GetSimpleCMS 3.3.15
Arbitrary PHP Code Execution in Subrion CMS 4.2.1 via .pht or .phar File
Arbitrary Code Execution Vulnerability in Codiad 2.8.4
Remote File Upload Vulnerability in ClipperCMS 1.3.3
HTTP HOST Header Injection Vulnerability in IBM Cloud Private 3.1.0 and 3.1.1
NULL Pointer Dereference in libsndfile 1.0.28 Leads to Denial of Service
XSS Vulnerability in ShowDoc 2.4.1 via lang Parameter
Blind SQL Injection Vulnerability in Bank Account Matching - Receipts Screen
SQL Injection in SortBy Parameter in SalesInquiry.php in webERP 4.15
Blind SQL Injection in webERP 4.15 Manufacturing Component
Arbitrary Cookie Value Vulnerability in UCMS 1.4.7
Reflected XSS in Oracle Secure Global Desktop Administration Console via helpwindow.jsp
Hard-coded Credentials Vulnerability in IBM Security Identity Governance and Intelligence Virtual Appliance
ARM Trusted Firmware-A: Information Disclosure Vulnerability
Insufficiently Random Generation of Robot Secret Keys in Neato Botvac Connected 2.2.0
Remote Code Execution Vulnerability in Neato Botvac Connected 2.2.0
Insecure Connection Attempt in Tryton 5.x Allows Session Theft
Use After Free Vulnerability in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031
Command Injection Vulnerability in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031 via app.launchURL JavaScript API
Remote Code Execution Vulnerability in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031 via Specially Crafted PDF Files
Stack-based Buffer Overflow in Foxit Reader SDK (ActiveX) 5.4.0.1031 Allows Remote Code Execution via Crafted PDF Files
Uninitialized Object Vulnerability in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031
Remote Code Execution Vulnerability in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031 via Specially Crafted PDF Files
Remote Click Hijacking Vulnerability in IBM Security Identity Governance and Intelligence Virtual Appliance
Command Injection Vulnerability in Foxit Reader SDK (ActiveX) 5.4.0.1031 Allows Remote Code Execution via Specially Crafted PDF Files
Command Injection Vulnerability in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031 via Specially Crafted PDF Files
Use After Free Vulnerability in TextBox Field Mouse Enter Action in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031
Unrestricted File Upload Vulnerability in Kentico CMS before 11.0.45
WP Backup+ Plugin Information Disclosure Vulnerability
Arbitrary File Upload Vulnerability in Logicspice FAQ Script 2.9.7
Unauthenticated File Read Vulnerability in PHP Proxy 3.0.3
Buffer Overflow Vulnerability in Adult Filter 1.0 via Crafted Black Domain List File
Weak Algorithm Negotiation in IBM Security Identity Governance and Intelligence Virtual Appliance
Cross-Site Scripting (XSS) Vulnerability in EmpireCMS 7.5 via admin\db\DoSql.php
Arbitrary PHP Code Execution via SQL Injection in EmpireCMS 7.5
Arbitrary PHP Code Execution via Image Upload in Z-BlogPHP
Cross-Site Scripting (XSS) Vulnerability in Discuz! X3.4 via admin.php
Cross-Site Scripting (XSS) Vulnerability in Maccms through 8.0 via site_keywords Field
Clear-text Storage of LDAP Credentials in Portainer
SQL Injection in HuCart 5.7.4 via X-Forwarded-For HTTP Header
XSS Vulnerability in ArticleCMS: Exploiting /update_personal_infomation Endpoint
Cross-Site Scripting (XSS) Vulnerability in IBM Security Identity Governance and Intelligence Virtual Appliance
Stack Overflow Vulnerability in Artifex Ghostscript
Type Confusion Vulnerability in Artifex Ghostscript 9.26
Type Confusion Vulnerability in Artifex Ghostscript
Denial of Service Vulnerability in Artifex Ghostscript
Insecure Cookie Handling in IBM Security Identity Governance and Intelligence Virtual Appliance
Command Execution Vulnerability in Git on Linux and UNIX
Unauthenticated User Enumeration Vulnerability in WP-jobhunt Plugin
Unauthenticated Remote Password Reset Vulnerability in WP-jobhunt Plugin
Race Condition in v9fs_wstat Function in QEMU Allows for Denial of Service
Sensitive Information Disclosure Vulnerability in IBM Security Identity Governance and Intelligence Virtual Appliance
Heap-based Buffer Overflow in Gnuplot 5.2.5's df_generate_ascii_array_entry Function
Buffer Overflow Vulnerability in Gnuplot 5.2.5's post.trm
Buffer Overflow Vulnerability in Gnuplot's cairo.trm Terminal
Persistent XSS Vulnerability in GitLab Community and Enterprise Edition
Incorrect Access Vulnerability in GitLab Community and Enterprise Edition
SSRF Vulnerability in GitLab Prometheus Integration
Incorrect Access Control Vulnerability in GitLab Community and Enterprise Edition
Denial of Service Vulnerability in The Sleuth Kit (TSK) through 4.6.4
XSS Vulnerability in Simplenia Pages Plugin 2.6.0 for Atlassian Bitbucket Server
Remote Code Execution in Vanilla Forums before 2.5.5 and 2.6.x before 2.6.2 via Unserialize in Gdn_Format Class
Sensitive Information Disclosure in IBM Security Identity Governance and Intelligence Virtual Appliance
Heap-Based Buffer Overflow in FAAD2 2.8.1: excluded_channels() Function in libfaad/syntax.c
Stack-based Buffer Overflow in calculate_gain() Function in FAAD2 2.8.1
NULL Pointer Dereference in ifilter_bank() in FAAD2 2.8.1
User Impersonation Vulnerability in Remedy AR System Server
Cross-Site Scripting (XSS) Vulnerability in Zurmo 3.2.4 Reports Section
XSS Vulnerability in CMSimple 4.7.5 via ?file=config&action=array URI
XSS Vulnerability in CMSimple 4.7.5 via SVG File Upload
Opportunistic Use of htmlspecialchars() in wg7.php Leads to XSS Vulnerability
Cross-Site Scripting (XSS) Vulnerability in IBM Publishing Engine 2.1.2, 6.0.5, and 6.0.6
SQL Injection Vulnerability in subscriber.php of Webgalamb through 7.0 via Client-IP HTTP Request Header
CSRF Vulnerability in Webgalamb 7.0 Allows Unauthorized Password Change
Arbitrary Code Execution Vulnerability in Webgalamb 7.0
Exposure of Sensitive Client Data and SQL Injection Exploitation via Predictable Log File Names in Webgalamb
Arbitrary Code Execution Vulnerability in Webgalamb 7.0
Unauthenticated Access to Administrator Functionality in Webgalamb through 7.0
Improper Handling of http-equiv=REFRESH Value in KDE Applications
Out-of-Bounds Read Vulnerability in sysstat 12.1.1
Remote Command Execution in University of Washington IMAP Toolkit 2007f
Stack-based Buffer Over-read Vulnerability in tcpdump 4.9.2
Cross-Site Scripting (XSS) Vulnerability in IBM Jazz Foundation
Arbitrary Code Execution Vulnerability in SDCMS 1.6
Arbitrary Code Execution Vulnerability in DriverAgent 2.2015.7.14
Buffer Overflow Vulnerability in DriverAgent 2.2015.7.14
Remote Code Execution Vulnerability in Shenzhen Skyworth DT741 Converged Intelligent Terminal
CSRF and XSS Vulnerability in Systrome ISG-600C, ISG-600H, and ISG-800W Devices
XSS Vulnerability in i4 Assistant 7.85 via Crafted Machine Name Field in iOS Settings
Denial of Service Vulnerability in TP-Link TL-WR886N 7.0 1.1.0 Devices via Crafted DNS Packets
Remote Command Execution in HTTL (Hyper-Text Template Language) 1.0.11 via Unsafe XStream Configuration
Remote Command Execution in HTTL (Hyper-Text Template Language) 1.0.11
NULL Pointer Dereference Vulnerability in PdfTranslator::setTarget() Function of PoDoFo 0.9.6
Heap-based Buffer Over-read Vulnerability in Exiv2's PngChunk::readRawProfile
Remote Command Execution Vulnerability in TP-Link Archer C5 Devices
Access Violation in JasPer 2.0.14: Denial of Service Vulnerability
Heap-based Buffer Overflow in JasPer's jas_icctxtdesc_input Function
Heap-based buffer over-read vulnerability in JasPer
NULL Pointer Dereference in JasPer 2.0.14: Denial of Service Vulnerability
Heap-Based Buffer Over-read in JasPer 2.0.14: jp2_decode Function Vulnerability
CSRF Vulnerability in JEECMS 9.3 Allows Unauthorized News Addition via api/admin/content/save URI
CSRF Vulnerability in JEECMS 9.3 Allows Unauthorized User Addition
CSRF and XSS Vulnerability in JTBC(PHP) 3.0.1.7 via console/xml/manage.php?type=action&action=edit URI
XSS Vulnerability in JTBC(PHP) 3.0.1.7 via console/xml/manage.php?type=action&action=edit content parameter
Unrestricted Parameter Sending in EduSec 4.2.6 Allows Brute-Force Attacks on Login
SQL Injection Vulnerability in Interspire Email Marketer 6.1.6 via Dynamiccontenttags.php
Arbitrary File Upload Vulnerability in Interspire Email Marketer 6.1.6
SQL Injection Vulnerability in Interspire Email Marketer 6.1.6 via Dynamiccontenttags.php
SQL Injection Vulnerability in Interspire Email Marketer 6.1.6 via Dynamiccontenttags.php
SQL Injection Vulnerability in Interspire Email Marketer 6.1.6 via Dynamiccontenttags.php
Cross-Site Scripting (XSS) Vulnerability in Dotcms through 5.0.3
CSRF Vulnerability in tp4a TELEPORT 3.1.0 Allows Unauthorized Password Changes
Content Spoofing Vulnerability in Z-BlogPHP 1.5's UploadMng Module
Unauthenticated Access Vulnerability in arcms
SQL Injection Vulnerability in arcms through 2018-03-19
SQL Injection Vulnerability in CuppaCMS (before 2018-11-12) via reference_id parameter
Weak Password Policy in IBM Security Identity Manager 6.0.0
CSRF Vulnerability in BageCMS 3.1.3 Allows Unauthorized User Account Modification
CSRF Vulnerability in sikcms 1.1 Allows Unauthorized Administrator Account Addition
Arbitrary Code Execution via ZIP Archive in PHPok 4.9.015
Stored XSS Vulnerability in Easy Testimonials Plugin 3.2 for WordPress
Buffer Over-read Vulnerability in crop_masked_pixels in dcraw through 9.28
Heap Buffer Over-read Vulnerability in parse_tiff_ifd in dcraw through 9.28
Floating Point Exception Vulnerability in parse_tiff_ifd in dcraw through 9.28
Floating Point Exception Vulnerability in Kodak RAD C Library
Authorization Bypass Vulnerability in GitLab CE/EE
Sensitive Information Exposure in IBM WebSphere Application Server 9
XSS Vulnerability in GitLab CE/EE Markdown Fields via Unrecognized HTML Tags
SSRF Vulnerability in GitLab CE/EE Webhooks
Symlink Time-of-Check-to-Time-of-Use Race Condition in GitLab Pages Chroot Environment
XSS Vulnerability in GitLab CE/EE Markdown Fields via Mermaid
XSS Vulnerability in GitLab CE/EE OAuth Authorization Page
Insecure Direct Object Reference Vulnerability in GitLab CE/EE
Access Control Issue Allowing Guest Users to Modify or Delete Their Own Comments on Confidential Issues
Unauthorized User Access to Confidential Issue Titles and Namespace in Gitlab CE/EE
Insecure Object Reference Vulnerability in GitLab EE 11.5
Persistent XSS Vulnerability in GitLab EE Operations Page (Fixed in Version 11.5.1)
Email Address Change Notification Vulnerability in GitLab
Insecure Object Reference Vulnerability in GitLab EE Allows Guest Users to Manipulate Issue Weight
Insecure Direct Object Reference Vulnerability in GitLab EE Allows Unauthorized Publishing of Draft Merge Request Comments
Access Token Exposure in GitLab Workhorse Logs
Insecure Direct Object Reference Vulnerability in GitLab EE
CRLF Injection in Project Mirroring in GitLab CE/EE versions 8.18 up to 11.x before 11.3.11, 11.4.x before 11.4.8, and 11.5.x before 11.5.1
Authenticated Directory Traversal Vulnerability in Silverpeas 5.15 through 6.0.2
SIGSEGV vulnerability in Cesanta Mongoose 6.13: mg_mqtt_add_session() function
Incorrect Access Control in Alarm.com ADC-V522IR 0100b9 Devices
Incorrect Access Controls of Security Officer (SO) in PKCS11 R2 Provider of Utimaco CryptoServer HSM: Reverse Ransomware Attack Vulnerability
Hard-coded Credentials in IBM Security Identity Manager 7.0.1 Virtual Appliance
Unresolved Socket Descriptor Allocation Vulnerability in GNU C Library
Insecure Permissions in Corsair Link 4.9.7.35 Service: Potential System Takeover
Arbitrary Code Execution Vulnerability in PbootCMS V1.3.1
HTML Injection Vulnerability in Zurmo 3.2.4 Report Section
XSS Vulnerability in CMS Made Simple 2.2.8 via Uploaded SVG Document
Cross-Site Scripting (XSS) Vulnerability in Statamic 2.10.3 via 'Add new user' Request
XSS Vulnerability in Monstra CMS 1.6 via Uploaded SVG Document
XSS Vulnerability in Rhymix CMS 1.9.8.1 via SVG Upload
SSRF Vulnerability in Rhymix CMS 1.9.8.1 via SVG Upload
NULL Pointer Dereference Vulnerability in Exiv2 v0.27-RC2
Local Unprivileged RSA Decryption Plaintext Recovery Vulnerability in Arm Mbed TLS
Sensitive Information Disclosure in ShowDoc 2.4.1 via Modified page_id
Information Disclosure Vulnerability in IBM Emptoris Contract Management 10.0.0 and 10.1.3.0
Remote Code Execution via File Upload in Westermo DR-250 and DR-260 Routers
CSRF Vulnerability in Westermo DR-250 and DR-260 Routers
Cross-Site Scripting (XSS) Vulnerability in Westermo DR-250 and DR-260 Routers
Arbitrary Code Injection Vulnerability in Rockwell Automation Allen-Bradley PowerMonitor 1000
Unauthenticated User Can Manipulate Administrators in Rockwell Automation Allen-Bradley PowerMonitor 1000
Session Token Invalidation Vulnerability in IBM Security Identity Manager 7.0.1 Virtual Appliance
Remote Code Execution in ShowDoc 2.4.1: Unauthorized Editing of User Notes
CSRF Vulnerability in ShowDoc 2.4.2 Allows Unauthorized Addition of Team Members
Infinite Loop Vulnerability in Wireshark MMSE Dissector
Vulnerability: LBMPDM Dissector Crash and Arbitrary Memory Write
Vulnerability: Crash in PVFS Dissector due to NULL Pointer Dereference
Heap-based Buffer Over-read Vulnerability in Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10
DCOM Dissector Crash Vulnerability in Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10
Buffer Overflow Vulnerability in Wireshark IxVeriWave File Parser
ZigBee ZCL Dissector Crash Due to Divide-by-Zero Error in Wireshark 2.6.0 to 2.6.4
ImageNow Server Denial of Service Vulnerability
Unauthenticated Reflected XSS in uhttpd in OpenWrt and LEDE
Survey Information Exposure Vulnerability in CA Service Desk Manager 14.1 and 17
Privilege Escalation Vulnerability in CA Service Desk Manager 14.1 and 17
Arbitrary Execution of ndspath Binary with Root Privileges
Local File Overwrite Vulnerability in Supportutils
Arbitrary File Overwrite Vulnerability in supportutils
Arbitrary Command Execution Vulnerability in supportutils (CVE-2018-19638)
Arbitrary Process Killing Vulnerability in supportutils (CVE-2018-19638)
Unauthenticated Remote Code Execution Vulnerability in Micro Focus Solutions Business Manager (SBM)
Critical Denial of Service Vulnerability in Micro Focus Solutions Business Manager (SBM) Versions Prior to 11.5
Information Leakage Vulnerability in Micro Focus Solutions Business Manager (SBM) Versions Prior to 11.5
Vulnerability: Reflected Cross-Site Scripting in Micro Focus Solutions Business Manager (SBM) versions prior to 11.5
Authentication Bypass Vulnerability in Solutions Business Manager (SBM) Versions Prior to 11.5
Arbitrary OS Command Execution in Python CGI Scripts in Imperva SecureSphere
Privilege Escalation and Command Execution via NETCONF Access Management in ADTRAN PMAA
Reflected XSS Vulnerability in InfoVista VistaPortal SE Version 5.1 (build 51029) via ConnPoolName Parameter
Stack-based Buffer Overflow in Antiy-AVL ATool Security Management v1.0.0.22
Server Side Request Forgery (SSRF) vulnerability in Interspire Email Marketer through 6.1.6 allows unauthorized access to remote and local resources
Cleartext Agent-to-Agent RPC Communication Vulnerability in HashiCorp Consul
Username Duplication Vulnerability in Sales & Company Management System (SCMS)
Stack-based Buffer Overflow in find_green() Function of dcraw through 9.28
Stored XSS Vulnerability in YXBJ Markdown Editor
Authenticated Command-Injection Vulnerability in Moxa NPort W2x50A Products
Command-Injection Vulnerability in Moxa NPort W2x50A Products
Buffer Over-read Vulnerability in libsndfile 1.0.28: Denial of Service
Buffer Over-read Vulnerability in libsndfile 1.0.28: Denial of Service
Heap-Based Buffer Over-Read Vulnerability in libjpeg-turbo 2.0.1's put_pixel_rows Function
QEMU Bluetooth Subsystem Memory Corruption Vulnerability
Directory Traversal Vulnerability in OSSEC Agent on Windows
Cross-Site Scripting Vulnerability in IBM Security Identity Manager 6.0.0
IBM Security Identity Manager 7.0.1 Unauthorized Information Disclosure Vulnerability
File Upload Vulnerability in IBM Security Identity Manager 6.0.0
Arbitrary PHP Code Execution Vulnerability in tp5cms
Cross-Site Scripting (XSS) Vulnerability in tp5cms through 2017-05-25
Reflected XSS Vulnerability in HMS Industrial Networks Netbiter WS100 3.30.5 and Previous Versions
Use After Free Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
XML External Entity Injection (XXE) Vulnerability in IBM Security Identity Manager 7.0.1
Use After Free Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Session Token Exposure Vulnerability in Adobe Connect 9.8.1 and Earlier
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Untrusted Pointer Dereference Vulnerability in Adobe Acrobat and Reader
Out-of-bounds read vulnerability in Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011.30099 and earlier, and 2015.006.30448 and earlier
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Stored Cross-Site Scripting Vulnerability in Adobe Experience Manager Forms (Versions 6.2, 6.3, and 6.4)
Adobe Acrobat and Reader Privilege Escalation Vulnerability
Stored Cross-Site Scripting Vulnerability in Adobe Experience Manager Versions 6.0-6.4
Reflected Cross-Site Scripting Vulnerability in Adobe Experience Manager Versions 6.0-6.4
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Privilege Escalation Vulnerability in IBM API Connect 5.0.0.0 through 5.0.8.4
Privilege Escalation Vulnerability in IBM WebSphere 8.0.0.0 through 9.1.1 via Multiplexed Channels
Arbitrary File Read Vulnerability in SDCMS 1.6 Admin Controller
XSS Vulnerability in DomainMOD 4.11.01 via Owner Name Field in assets/add/account-owner.php
Cross-Site Scripting (XSS) Vulnerability in IBM Rational DOORS Web Access
XSS Vulnerability in DomainMOD 4.11.01 via Add Custom Field Action
XSS Vulnerability in DomainMOD 4.11.01: Admin SSL Fields Notes Field
XSS Vulnerability in DomainMOD 4.11.01 via Registrar Notes Field
Directory Traversal Vulnerability in Tarantella Enterprise before 3.11
Bypassing Access Control in Tarantella Enterprise before 3.11
Denial of Service Vulnerability in Netwide Assembler (NASM) 2.14rc16 due to Illegal Address Access in asm/preproc.c
Heap-based Buffer Over-read Vulnerability in libsixel 1.8.2 (stb_image.h - stbi__tga_load)
NULL Pointer Dereference Vulnerability in libsixel 1.8.2: Denial of Service
Heap-Based Buffer Over-Read Vulnerability in libsndfile 1.0.28
Heap-based Buffer Over-read Vulnerability in libsixel 1.8.2: Denial of Service
Sensitive Information Disclosure in IBM API Connect 5.0.0.0 through 5.0.8.4 via REST API
Memory Leak in cfg_init function in libConfuse 3.2.2
Denial of Service Vulnerability in libsixel 1.8.2: Illegal Address Access in sixel_decode_raw_impl
Heap-based Buffer Overflow in libsixel 1.8.2's image_buffer_resize function in fromsixel.c
Heap-Based Buffer Over-Read Vulnerability in libsixel 1.8.2: Denial of Service
Reflected XSS Vulnerability in InfoVista VistaPortal SE Version 5.1 (build 51029)
Reflected XSS Vulnerability in InfoVista VistaPortal SE Version 5.1 (build 51029) via GroupRessourceAdmin.jsp
Reflected XSS Vulnerability in InfoVista VistaPortal SE Version 5.1 (build 51029) via PresentSpace.jsp
Reflected XSS Vulnerability in InfoVista VistaPortal SE Version 5.1 (build 51029)
Reflected XSS Vulnerability in InfoVista VistaPortal SE Version 5.1 (build 51029) via UserProperties.jsp
Denial of Service Vulnerability in IBM DB2 for Linux, UNIX and Windows 11.1
Reflected XSS Vulnerability in InfoVista VistaPortal SE Version 5.1 (build 51029) via ConnPoolName Parameter in Users.jsp
Reflected XSS Vulnerability in InfoVista VistaPortal SE Version 5.1 (build 51029) via EditCurrentPool.jsp
Reflected XSS Vulnerability in InfoVista VistaPortal SE Version 5.1 (build 51029)
Reflected Cross Site Scripting in InfoVista VistaPortal SE Version 5.1 (build 51029) via EditCurrentUser.jsp
Reflected XSS Vulnerability in InfoVista VistaPortal SE Version 5.1 (build 51029)
Reflected Cross Site Scripting in InfoVista VistaPortal SE Version 5.1 (build 51029) via Variables.jsp
Infinite Loop Vulnerability in Artifex MuPDF 1.14.0's svg_dev_end_tile Function
Buffer Overflow Vulnerability in IBM DB2 for Linux, UNIX and Windows
Multiple Cross-Site Scripting (XSS) Vulnerabilities in FreshRSS 1.11.1 via GET Requests
Authentication Bypass Vulnerability in Kentix MultiSensor-LAN 5.63.00 and Earlier Versions
Weak Cryptography in str_rot_pass Function in PHP-Proxy 5.1.0 Allows for Local File Inclusion
Cross-Site Scripting (XSS) Vulnerability in PHP-Proxy through 5.1.0 via URL Field
Insecure Logging of Master Key in HashiCorp Vault
XSS Vulnerability in lxml.html.clean Module
Vulnerability in PolicyKit 0.115 Allows Unauthorized Execution of systemctl Commands
Path Disclosure and Potential Remote Code Execution via Scalar Type Hint Vulnerability
Open Redirect Vulnerability in Symfony 2.7.x - 4.2.x
HTTP Range Header Amplification Vulnerability in LiteSpeed OpenLiteSpeed
Buffer Overflow Vulnerability in LiteSpeed OpenLiteSpeed Server
Arbitrary Command Execution in jiacrontab 1.4.5
Arbitrary Code Injection via UiV2Public.index in Internet2 Grouper 2.2 and 2.3
Vulnerability: Weak Password Storage in ChipsBank UMPTool
Open Redirect Vulnerability in Ninja Forms Plugin for WordPress
NULL Pointer Dereference in LibSass 3.5.5: Denial of Service via Crafted Input File
Arbitrary PHP File Upload and Remote Command Execution in Fleetco Fleet Maintenance Management (FMM) 1.2 and Earlier
Dolibarr ERP/CRM 8.0.3 - Cross-Site Scripting (XSS) in /exports/export.php?datatoexport=
Buffer Overflow Vulnerability in IBM DB2 for Linux, UNIX and Windows
Buffer Overflow in new_aubio_tempo: Vulnerability in Aubio v0.4.0 to v0.4.8
Vulnerability: NULL Pointer Dereference in Aubio v0.4.0 to v0.4.8
New Aubio Onset Vulnerability: NULL Pointer Dereference in Versions 0.4.0 to 0.4.8
Reflected Cross Site Scripting in InfoVista VistaPortal SE Version 5.1 (build 51029) via /VPortal/mgtconsole/GroupCopy.jsp
Reflected Cross Site Scripting in InfoVista VistaPortal SE Version 5.1 (build 51029) via /VPortal/mgtconsole/GroupMove.jsp
Reflected XSS Vulnerability in InfoVista VistaPortal SE Version 5.1 (build 51029)
Reflected XSS Vulnerability in InfoVista VistaPortal SE Version 5.1 (build 51029)
Reflected XSS Vulnerability in InfoVista VistaPortal SE Version 5.1 (build 51029)
Reflected XSS Vulnerability in InfoVista VistaPortal SE Version 5.1 (build 51029)
Reflected XSS Vulnerability in InfoVista VistaPortal SE Version 5.1 (build 51029)
Reflected XSS Vulnerability in InfoVista VistaPortal SE Version 5.1 (build 51029)
Reflected XSS Vulnerability in InfoVista VistaPortal SE Version 5.1 (build 51029)
Reflected XSS Vulnerability in InfoVista VistaPortal SE Version 5.1 (build 51029)
Reflected XSS Vulnerability in InfoVista VistaPortal SE Version 5.1 (build 51029)
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Team Concert 5.0 through 6.0.6
Reflected XSS Vulnerability in InfoVista VistaPortal SE Version 5.1 (build 51029)
Reflected XSS Vulnerability in InfoVista VistaPortal SE Version 5.1 (build 51029)
Reflected XSS Vulnerability in InfoVista VistaPortal SE Version 5.1 (build 51029)
Use-after-free vulnerability in Linux kernel ALSA driver through 4.19.6
Denial of Service Vulnerability in LibSass 3.5.5 due to Endless Loop in inspect.cpp
Use-After-Free Vulnerability in LibSass 3.5.5 SharedPtr Class
XSS Vulnerability in Artica Integria IMS 5.0.83 via search_string Parameter
CSRF Vulnerability in Artica Integria IMS 5.0.83 Allows Arbitrary User Deletion
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Team Concert 5.0 through 6.0.6
BAFC Smart Contract Vulnerability: Unauthorized Ownership Transfer via UBSexToken() Function
Insecure Ownership Transfer Vulnerability in Cryptbond Network (CBN) Smart Contract
Owner Manipulation Vulnerability in NETM Smart Contract Implementation
Unauthenticated Ownership Transfer Vulnerability in DDQ Token Smart Contract
Critical Vulnerability: Unauthenticated Ownership Transfer in BOMBBA (BOMB) Smart Contract
Reflected XSS Vulnerability in Metinfo 6.1.3 via admin/column/move.php lang_columnerr4 Parameter
Arbitrary HTTP Header Injection in Metinfo 6.1.3
Denial-of-Service Vulnerability in LibSass Prior to 3.5.5
Denial-of-Service Vulnerability in LibSass Prior to 3.5.5
Heap-based Buffer Over-read Vulnerability in LibSass prior to 3.5.5
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Team Concert 5.0 through 6.0.6
Denial-of-Service Vulnerability in WavPackPackInit Function
Denial-of-Service Vulnerability in WavPack through 5.1.0
Denial of Service Vulnerability in getToken Function in radare2
Buffer Over-read Vulnerability in radare2 Library
XSS Vulnerability in FROG CMS 0.9.5 via admin/?/snippet/add Name Parameter
Stored XSS in GetSimple CMS 3.3.12 via admin/edit.php post-menu parameter
Cross-Site Scripting (XSS) Vulnerability in YzmCMS 5.2 via admin/content/search.html searinfo Parameter
Unused Legacy Driver in IBM Trusteer Rapport/Apex 3.6.1908.22 Allows Buffer Overflow and Kernel Panic (IBM X-Force ID: 154207)
Elevation-of-Privilege Vulnerability in hitshop: Unauthorized Administrator Account Creation
Incomplete Initialization of Structures in crypto_report_one() in Linux Kernel (CVE-2013-2547 Regression)
CSV Injection Vulnerability in UiPath Orchestrator
Directory Traversal Vulnerability in GitLab Templates API
Uninitialized Pointer Read Vulnerability in VLC Media Player 3.0.4
XXE vulnerability in PrinceXML versions 10 and below allows for SSRF and file-read access
Directory Traversal Vulnerability in OpenRefine ZIP Archive Processing
Vulnerability: Improper Restriction of LMP Commands Execution
Buffer Overflow in MiniShare 1.4.1 and Earlier: Remote Code Execution via Long HTTP HEAD Request
Buffer Overflow in MiniShare 1.4.1 and Earlier: Remote Code Execution via Long HTTP POST Request
Sensitive Data Logging Vulnerability in 1Password 7.2.3.BETA
Remote Code Execution and Denial of Service Vulnerability in NUUO NVRmini2 Network Video Recorder Firmware
Virtual Keyboard Keystroke Logging Vulnerability
Segmentation Fault Vulnerability in Qt's SVG Image Handling
Plain Text Password Disclosure in IBM Spectrum Protect for Enterprise Resource Planning Tracing
NULL Pointer Dereference in QGifHandler Causing Segmentation Fault
QTgaFile Uncontrolled Resource Consumption Vulnerability
Division by Zero Crash in Qt 5.11 due to Malformed PPM Image
Buffer Overflow in QBmpHandler via BMP Data
Memory Freeing Vulnerability in Cairo 1.16.0
XSS Vulnerability in Adiscon LogAnalyzer Login Button Referer Field
Unlimited Login Vulnerability on Teltonika RTU950 R_31.04.89 Devices
Unprotected Authentication Functionality Allows for Unlimited Login Attempts on Teltonika RTU9XX Devices
Denial of Service Vulnerability in Artifex MuPDF 1.14.0 via Crafted SVG File
NULL Pointer Dereference Vulnerability in Artifex MuPDF 1.14.0
Invalid Memory Address Dereference in huffcode Function in FAAC 1.29.9.2
Invalid Memory Address Dereference in huffcode Function in FAAC 1.29.9.2
Invalid Memory Address Dereference in huffcode function leads to Denial of Service in FAAC 1.29.9.2
Invalid Memory Address Dereference in huffcode Function in FAAC 1.29.9.2
Invalid Memory Address Dereference in huffcode Function in FAAC 1.29.9.2
Invalid Memory Address Dereference in huffcode Function in FAAC 1.29.9.2
Cross-Site Scripting (XSS) in DomainMOD 4.11.01 via admin/dw/add-server.php
SQL Injection Vulnerability in PbootCMS 1.2.1 via SearchController.php
SQL Injection in ThinkCMF X2.2.2 CommentadminController.class.php via check() and delete() functions
SQL Injection in ThinkCMF X2.2.2 via edit_post() function in NavController.class.php
SQL Injection in ThinkCMF X2.2.2 SlideController.class.php via delete() Function
SQL Injection in ThinkCMF X2.2.2 via _listorders() function in AdminbaseController.class.php
SQL Injection in ThinkCMF X2.2.2 via ArticleController.class.php edit_post Method
Sensitive Configuration Information Disclosure in IBM Cloud App Management V2018.2.0, V2018.4.0, and V2018.4.1
Persistent XSS Vulnerability in No-CMS 1.1.3 via article_title Parameter
Persistent XSS vulnerability in No-CMS 1.1.3 via blog/manage_article keyword parameter
Persistent XSS Vulnerability in XSLT CMS: Exploiting the create/?action=items.edit&type=Page title field
Persistent XSS Vulnerability in XSLT CMS via body Field in create/?action=items.edit&type=Page
HTML Injection Vulnerability in razorCMS 3.4.8 via /#/page Keywords Parameter
Stored XSS vulnerability in razorCMS 3.4.8 via the /#/page description parameter
Server-Side Template Injection Vulnerability in Crafter CMS 3.0.18
Arbitrary Command Execution via Unescaped Filename in MISP STIX Import
Information Disclosure Vulnerability in IBM API Connect 5.0.0.0 and 5.0.8.6
Arbitrary Command Execution in FreeSWITCH through 1.8.2 with mod_xml_rpc Enabled
XSS Vulnerability in DomainMOD 4.11.01 via registrar-accounts.php
XSS Vulnerability in DomainMOD 4.11.01 via assets/add/dns.php Profile Name or Notes Field
XSS Vulnerability in DomainMOD 4.11.01 via assets/edit/host.php
Reflected Cross-Site Scripting (XSS) Vulnerabilities in Microweber 1.0.8
XSS Vulnerability in CuppaCMS via SVG Document Upload
Persistent XSS in Pixelimity 1.0 via admin/portfolio.php data[title] parameter
Buffer Overflow Vulnerability in IBM Power 9 Bootloader Firmware
XSS Vulnerability in Zoho ManageEngine OpManager 12.3
Persistent Cross-Site Scripting (XSS) in Actiontec C1000A Router's Website Blocking Page
CSRF Vulnerability in SCMS Member Email Edit Action
Email Address XSS Vulnerability in SCMS
SQL Injection Vulnerability in SCMS via member/member_order.php Type Parameter
Reflected XSS Vulnerability in Zenitel Norway IP-StationWeb before 4.2.3.9
Stored XSS and Authentication Bypass in Zenitel Norway IP-StationWeb
Data Leakage Vulnerability in IBM Spectrum Scale (GPFS) with Local Read Only Cache (LROC)
Heap-based Buffer Overflow in BFD Library's bfd_elf32_swap_phdr_in Function
Integer Overflow and Infinite Loop Vulnerability in GNU Binutils' BFD Library
XSS Vulnerability in Bolt CMS <3.6.2 via Text Input Click Preview Button
SolarWinds Serv-U FTP Server 15.1.6.25 Reflected XSS Vulnerability in Web Management Interface
NULL Pointer Dereference and Application Crash in PHP imap_mail Function
Arbitrary File Deletion Vulnerability in PrinterOn Enterprise 4.1.4
Passcode Bypass Vulnerability in VideoLAN VLC Media Player for iOS
NULL Pointer Dereference in Goodix GT9xx Touchscreen Driver
SQL Injection Vulnerability in IBM InfoSphere Information Server 11.5 and 11.7
Title: QNAP NAS Vulnerability Allows Unauthorized Access to Cleartext Cookies
Title: Cross-Site Scripting (XSS) Vulnerability in Earlier Versions of File Station
Critical Cross-Site Scripting Vulnerability Patched in QNAP QTS Versions
Cleartext Transmission of Sensitive Information Vulnerability in QTS Devices
Arbitrary File Renaming Vulnerability in QNAP Devices Running QTS 4.3.4 to 4.3.6
Improper Certificate Validation Vulnerability in Helpdesk
Information Exposure Vulnerability in Earlier Versions of Helpdesk
Title: Cross-Site Request Forgery (CSRF) Vulnerability in Earlier Versions of Helpdesk Allows Unintended Actions Execution
Remote Command Injection Vulnerability in QNAP QTS Versions
Command Injection Vulnerability in QNAP Systems Inc. Music Station
Cross-Site Scripting Vulnerability in QNAP Systems Inc. Music Station
Remote Code Execution Vulnerability in QNAP Systems Inc. Music Station
Remote Code Injection Vulnerability in QNAP QTS Versions
Remote Code Injection Vulnerability in QNAP Photo Station
Remote Code Injection Vulnerability in QNAP Photo Station
Remote Code Injection Vulnerability in QNAP Photo Station
Insufficient HTTP Security Headers Vulnerability in QNAP NAS
Improper TLS Configuration in IBM WebSphere Application Server Allows Man-in-the-Middle Attacks
Local File Overwrite Vulnerability in OnionShare
TLB Flush Vulnerability in Xen on AMD x86 Platforms
Xen Vulnerability: Unsafe Combination of Small IOMMU Mappings on AMD x86 Platforms
Xen 4.11 Vulnerability: HVM Guest OS Denial of Service and Host OS Privilege Escalation
Denial of Service Vulnerability in Xen 4.11.x
Denial of Service Vulnerability in Xen due to Incorrect Meltdown Mitigation
Xen x86 PV Guest OS Denial of Service and Privilege Escalation Vulnerability
Denial of Service Vulnerability in Xen on Intel x86 Platforms
Local File Disclosure Vulnerability in phpMyAdmin before 4.8.4
CSRF Vulnerabilities in phpMyAdmin 4.7.x and 4.8.x versions prior to 4.8.4
Denial of Service Vulnerability in IBM Business Automation Workflow and Business Process Manager 18.0.0.0-18.0.0.2
XSS Vulnerability in phpMyAdmin Navigation Tree via Crafted Database/Table Name
JFrog Artifactory Pro 6.5.9 Incorrect Access Control Vulnerability
Uninitialized Data Disclosure Vulnerability in YARA 3.8.1
Arbitrary Memory Read Vulnerability in YARA 3.8.1
Exposure of Environment Information in YARA 3.8.1 Virtual Machine
Command Injection Vulnerability in Auerswald COMfort 1200 IP Phone 3.4.4.1-10589
Remote Code Execution Vulnerability in Auerswald COMfort 1200 IP Phone
Privilege Escalation Vulnerability in IBM WebSphere MQ 8.0.0.0 through 9.1.1
Denial of Service Vulnerability in Anker Nebula Capsule Pro NBUI_M1_V2.1.9 Devices
Insecure Storage of AWS STS Temporary Credentials in Android SharedPreferences
Vulnerability: Cleartext Sniffing and Z-Wave Network Key Extraction on KT MC01507L Z-Wave S0 Devices
Z-Wave S0 Security Version Denial of Service Vulnerability
Arbitrary Read Vulnerability in hso_get_config_data Function
RemotePort Parameter Vulnerability in D-Link DIR-818LW Rev.A 2.05.B03 and DIR-822 B1 202KRb06 Devices
Command Injection Vulnerability in D-Link DIR-822, DIR-860L, DIR-868L, DIR-880L, and DIR-890L Routers
Command Injection Vulnerability in D-Link DIR-868L Rev.B 2.05B02 Devices via /HNAP1/SetClientInfoDemo
Unvalidated Input Handling in D-Link DIR-822 QoS Settings
Sensitive Version Information Disclosure in IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, and 18.0.0.2
Vulnerability: Command Injection in D-Link DIR-822 B1 202KRb06 Devices
Unauthorized Modification of Configuration Vulnerability in Jenkins
Arbitrary File Read Vulnerability in Jenkins Stapler Web Framework
Improper Authorization Vulnerability in Jenkins Allows Unauthorized Cancellation of Queued Builds
Improper Authorization Vulnerability in Jenkins Allows Unauthorized Agent Launches and Aborts
Cross-Site Scripting Vulnerability in Jenkins BuildTimelineWidget
Sensitive Information Exposure in Jenkins Plugin Extraction Date and Time
Cross-Site Scripting Vulnerability in Jenkins Stapler Debug Mode
Cross Site Scripting (XSS) Vulnerability in October CMS Media Module
Local File Inclusion Vulnerability in October CMS (prior to Build 437) Allows Remote Code Execution and Sensitive Information Disclosure
Out-of-Array Access Vulnerabilities in FFmpeg MMS Protocol
Buffer Overflow Vulnerability in FFmpeg's asf_o Format Demuxer
Infinite Loop Vulnerability in FFmpeg PVA Format Demuxer
Use-after-free vulnerability in FFmpeg realmedia demuxer allows attacker to read heap memory
Out-of-Array Access Vulnerability in FFmpeg MXF Format Demuxer
Out-of-Array Read Vulnerability in FFmpeg's ASF_F Format Demuxer
Cross Site Scripting (XSS) Vulnerability in Pydio version 8.2.0 and earlier
Server-Side Request Forgery (SSRF) vulnerability in Pydio version 8.2.0 and earlier
Unvalidated User Input in Pydio AntivirusScanner.php Allows Remote Code Execution
Unauthenticated Remote Code Execution in Chamilo LMS version 11.x
Arbitrary File Deletion Vulnerability in ONF ONOS Version 1.13.2 and Earlier
Cross Site Scripting (XSS) Vulnerability in Gleez CMS 1.3.0 Profile Page Editor
Eval Injection (CWE-95) Vulnerability in PEAR HTML_QuickForm 3.2.14
Code Injection Vulnerability in Battle for Wesnoth Project
MathJax \unicode{} Macro Cross Site Scripting (XSS) Vulnerability
Jenkins TraceTronic ECU-TEST Plugin 2.3 and Earlier: Man-in-the-Middle Vulnerability
Server-Side Request Forgery Vulnerability in Jenkins TraceTronic ECU-TEST Plugin 2.3 and Earlier
Jenkins SaltStack Plugin Vulnerability: Credential Exposure via Known Credentials ID
Jenkins Accurev Plugin 0.7.16 and Earlier: Sensitive Information Exposure Vulnerability
Cross-Site Scripting Vulnerability in Jenkins Shelve Project Plugin 1.5 and Earlier
Jenkins Maven Artifact ChoiceListProvider (Nexus) Plugin: Sensitive Information Exposure Vulnerability
Sensitive Information Exposure in Jenkins meliora-testlab Plugin
Data Modification Vulnerability in Jenkins Agiletestware Pangolin Connector for TestRail Plugin
Jenkins Anchore Container Image Scanner Plugin Vulnerability: Password Exposure
Jenkins Inedo ProGet Plugin 0.8 and Earlier: Man-in-the-Middle Vulnerability
Jenkins Inedo BuildMaster Plugin: Man-in-the-Middle Vulnerability
Jenkins SSH Agent Plugin: Sensitive Information Exposure Vulnerability
Jenkins Resource Disposer Plugin 0.11 and Earlier: Data Modification Vulnerability
Confused Deputy Vulnerability in Jenkins Publisher Over CIFS Plugin
Server-Side Request Forgery Vulnerability in Jenkins Confluence Publisher Plugin 2.0.1 and Earlier
Jenkins Kubernetes Plugin 1.10.1 and Earlier: Sensitive Information Exposure Vulnerability
Sensitive Information Exposure in Jenkins Tinfoil Security Plugin 1.6.1 and Earlier
Jenkins XStream2 Deserialization Remote Code Execution Vulnerability
Ephemeral User Record Creation Vulnerability in Jenkins
Denial of Service Vulnerability in Jenkins CronTab.java
Persistent Login Vulnerability in Jenkins 2.137 and earlier, 2.121.2 and earlier
Sensitive Information Exposure Vulnerability in Jenkins
Improper Authorization Vulnerability in Jenkins Update Center
Bypassing Web Application Firewall in VeryNginx 0.3.3 due to Missing Error Handler
Stored Cross-Site Scripting (XSS) Vulnerability in Dolibarr 8.0.2
Reflected Cross-Site Scripting (XSS) Vulnerability in Dolibarr 8.0.2 via transphrase Parameter
Arbitrary SQL Command Execution Vulnerability in Dolibarr 8.0.2
Stored Cross-Site Scripting (XSS) Vulnerability in Dolibarr 8.0.2
SQL Injection Vulnerability in Dolibarr 8.0.2: Remote Code Execution via employee Parameter
Privilege Escalation via Incorrect Access Controls in SolarWinds Serv-U FTP Server 15.1.6.25
Cross-Site Request Forgery Vulnerability in IBM Business Automation Workflow 18.0.0.0 and 18.0.0.1
XXE Vulnerability in Apereo Bedework bw-webdav before 4.0.3
Floating Point Exception Vulnerability in Libav 12.3 Leads to Remote Denial of Service
Memory Leak Vulnerability in _bfd_generic_read_minisymbols Function in GNU Binutils 2.31
Stack-based Buffer Overflow in Mini-XML (mxml) 2.12 via mxml_write_node in mxml-file.c
Use-after-free vulnerability in Mini-XML (mxml) 2.12 in mxml-search.c
Stored XSS Vulnerability in PHPok v5.0.055 via title parameter in api.php?c=post&f=save
Improper Access Control in Yeelight Smart AI Speaker 3.3.10_0074 Allows Root Shell Access and Data Exfiltration
Vulnerability: Improper Access Control in iBall Baton iB-WRB302N20122017 Devices
XSS Vulnerability in DomainMOD 4.11.01 via SSL Provider Name or URL Field
Cross-Site Request Forgery Vulnerability in IBM Cram Social Program Management
XSS Vulnerability in DomainMOD 4.11.01 via assets/add/ssl-provider-account.php Username Field
XSS Vulnerability in DomainMOD 4.11.01 via assets/add/category.php Category Name or Stakeholder Field
XSS Vulnerability in PHPCMF 4.1.3 Registration Page
UrBackup 2.2.6 Client Application Shutdown Vulnerability
UrBackup 2.2.6 Client Application Shutdown Vulnerability
CSRF Vulnerability in YzmCMS v5.2 Admin Role Add Page
XSS Vulnerability in SEMCMS 3.5 via SEMCMS_Main.php URI
SQL Injection Vulnerability in S-CMS V3.0 via S_id Parameter
Multiple Heap Out-of-Bound Write Vulnerabilities in LibVNC
Heap Out-of-Bound Write Vulnerability in LibVNC: Remote Code Execution
Title: LibVNC Infinite Loop Vulnerability Allows Resource Exhaustion
Vulnerability Title: Improper Initialization in LibVNC Allows Stack Memory Reading and ASLR Bypass
CWE-665: Improper Initialization Vulnerability in LibVNC VNC Repeater Client Code Allows Stack Memory Reading and ASLR Bypass
Null Pointer Dereference in LibVNC Client Code Leading to DoS Vulnerability
Insufficient Random Value Generation in CODESYS V3 Products
Improper Communication Address Filtering in CODESYS V3 Products
Code Injection Vulnerability in yaml_parse.load Method of Pylearn2
Incorrect Access Control in Contao 3.x, 4.4.x, and 4.6.x before specified versions
Uninitialized Memory Read Vulnerability in DokanFS Library 0.6.0
CPU Resource Exhaustion Vulnerability in libexif version 0.6.21
Preemptive Item Deletion Vulnerability in FlexNet Publisher 11.16.1.0 and Earlier: Remote Denial of Service
FlexNet Publisher Denial of Service Vulnerability in lmgrd and Vendor Daemon Components
Remote Code Execution Vulnerability in FlexNet Publisher
Remote Denial of Service Vulnerability in FlexNet Publisher 11.16.1.0 and Earlier: Disrupting Heartbeat and Shutting Down Vendor Daemon
Cross-Site Scripting (XSS) Vulnerability in IBM Jazz Reporting Service (JRS) 6.0 through 6.0.6
Information Disclosure Vulnerability in IBM BigFix Platform 9.2 and 9.5
Denial of Service Vulnerability in Jooan JA-Q1H Wi-Fi Camera Firmware 21.0.0.91
Remote Denial of Service Vulnerability in Jooan JA-Q1H Wi-Fi Camera Firmware 21.0.0.91
Privilege Escalation Vulnerability in Cerner Connectivity Engine (CCE) 4 Devices
Command Injection Vulnerability in Cerner Connectivity Engine (CCE) 4 Devices
Stack-based Buffer Overflow in D-Link DIR-619L and DIR-605L Devices
Arbitrary OS Command Execution in D-Link DIR-619L and DIR-605L Devices
Local File Path Traversal Vulnerability in Evernote Attachment Previewing (MACOSNOTE-28634)
XXE (XML External Entity) Vulnerability in Pippo 1.11.0's JaxbEngine.java
Arbitrary File Upload Vulnerability in IBM Robotic Process Automation with Automation Anywhere 11
Authorization Header Exposure in urllib3 Cross-Origin Redirects
SQL Injection Vulnerability in ERPNext 10.x and 11.x through 11.0.3-beta.29
Arbitrary PHP Code Execution Vulnerability in NoneCms V1.3
Unrestricted File Upload Vulnerability in Gurock TestRail 5.6.0.3853
Arbitrary File Write Vulnerability in doorGets 7.0
Unrestricted URI Action Vulnerability in PDFium
Heap Corruption Vulnerability in Google Chrome Extensions
Confusion of Origin in Google Chrome Navigation
Confusion of Page Origin via 304 Status Code Handling in Google Chrome
Confusion of Origin in Google Chrome on iOS prior to 71.0.3578.80
Weak Cryptographic Algorithms in IBM API Connect 2018.1 and 2018.4.1.2: A Threat to Sensitive Data Encryption
URL Spoofing Vulnerability in Google Chrome
Remote Code Execution via Insufficient Origin Checks in Google Chrome Payments
Local File Disclosure Vulnerability in Google Chrome
Information Disclosure Vulnerability in IBM TRIRIGA Application Platform 3.5.3 and 3.6.0
Information Disclosure Vulnerability in IBM API Connect v2018.1 and 2018.4.1: Unauthorized Access to User Data
Bypassing Project Permission Checks in Cloudera Data Science Workbench
SQL Injection Vulnerability in Cloudera Data Science Workbench (CDSW) 1.4.0 - 1.4.2: Unauthorized Query Execution
Directory Traversal Vulnerability in PTC ThingWorx Platform 8.3.0
Path Traversal Vulnerability in XXL-CONF 1.6.0 Allows Unauthorized File Download
Excessive Memory Allocation Vulnerability in Bento4 1.5.1-627
Heap-Based Buffer Over-Read Vulnerability in Exiv2 0.27-RC3
Remote Denial of Service Vulnerability in Exiv2 0.27-RC3
Heap-Based Buffer Over-Read Vulnerability in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3
Remote Denial of Service Vulnerability in Exiv2 0.27-RC3: Infinite Loop in Exiv2::Jp2Image::encodeJp2Header
Insecure Data Transfer in August Connect Devices: Exposing Home Wi-Fi Credentials
XSS Vulnerability in Import users from CSV with meta Plugin for WordPress
Out-of-Bounds Read Vulnerability in HAProxy (CVE-2018-20102)
Infinite Recursion and Stack Exhaustion Vulnerability in HAProxy
Insecure Logging of Passwords in yast2-rmt of SUSE Linux Enterprise Server 15 and openSUSE Leap
Improper Character Escaping in yast2-printer Allows Code Execution as Root
Information Disclosure Vulnerability in IBM API Connect 2018.1 through 2018.4.1.5
Unauthenticated Remote OS Command Execution in D-Link DIR-818LW and DIR-860L Devices
Stored Cross-Site Scripting (XSS) Vulnerability in Podcast Generator 2.7 via addcategory Parameter
Command Injection Vulnerability in FASTGate Fastweb Devices
Memory Leak in pvrdma_realize function in QEMU
Out-of-Bounds Access Vulnerability in QEMU's RDMA Backend
Denial of Service Vulnerability in QEMU's PVRDMA Command Handling
Memory Leak Vulnerability in QEMU's pvrdma_cmd.c
Arbitrary File Deletion Vulnerability in zzzphp CMS 1.5.8
Arbitrary File Deletion Vulnerability in UsualToolCMS v8.0
Arbitrary PHP Code Execution Vulnerability in DedeCMS V5.7 SP2
Information Disclosure Vulnerability in IBM API Connect 2018.1 through 2018.4.1.5
Privilege Escalation and Sensitive File Disclosure Vulnerability in Code42 App
Code Injection Vulnerability in ymlref
Arbitrary Hostname Modification Vulnerability in Samsung Galaxy Apps
Cross-Site Scripting (XSS) Vulnerability in FUEL CMS 1.4.3 via Layout Variables in new-page creation
Cross-Site Scripting (XSS) Vulnerability in FUEL CMS 1.4.3 via Page Data Management
Stored XSS in PHP Scripts Mall Entrepreneur B2B Script 3.0.6 via Account Settings Fields
Multiple Cross-Site Scripting (XSS) Vulnerabilities in Zenphoto 1.4.14
Reflected Cross-Site Scripting (XSS) Vulnerability in AbanteCart 1.2.12 via sort parameter
Incorrect Access Control in GitLab Community and Enterprise Edition 11.x before 11.3.13, 11.4.x before 11.4.11, and 11.5.x before 11.5.4
ACL Bypass Vulnerability in Eclipse Mosquitto 1.5.x before 1.5.5
Privilege Escalation Vulnerability in Liquidware ProfileUnity and FlexApp
Metadata Bypass Vulnerability in WordPress
PHP Object Injection Vulnerability in WordPress XMLRPC wp.getMediaItem
MIME Type Bypass Vulnerability in WordPress
Remote Clickjacking Vulnerability in IBM API Connect 2018.1 and 2018.4.1.4
Crafted URLs Triggering XSS in WordPress Plugins
User Activation Page Information Disclosure Vulnerability
Post Type Bypass Vulnerability in WordPress
WordPress Comment XSS Vulnerability
Information Disclosure Vulnerability in WP Maintenance Mode Plugin
Bypassing Access Restrictions in WP Maintenance Mode Plugin
Arbitrary PHP Code Execution Vulnerability in WP Maintenance Mode Plugin for WordPress
XML External Entity (XXE) Vulnerability in OpenRefine's Data Import Functionality
Remote Code Execution via ZIP Archive Upload in i-doit open 1.11.2
XXE Vulnerability in ZxChat (ZeXtras Chat) in Synacor Zimbra Collaboration Suite
Wi-Fi Disconnection Vulnerability in BlinkForHome Sync Module 2.10.4 and Earlier
Improper Input Validation in Digi TransPort LR54 4.4.0.26 and Earlier Devices Allows Privilege Escalation
Regular Expression Denial of Service (ReDoS) in UA-Parser UAP-Core before 0.6.0
OpenText Portal 7.4.4 Cross-Site Scripting (XSS) Vulnerability
File-Upload Vulnerability in Rukovoditel 2.3.1: Mishandling of Extension Checking
Remote Code Execution Vulnerability in Terminology before 1.3.1 via Mishandled popmedia Control Sequence
gVisor Prior to 2018-08-22: Denial of Service Vulnerability via Reused Pagetable
USB Subsystem Size Check Vulnerability
OpenStack Keystone User Enumeration Vulnerability
XSS Vulnerability in Nagios XI RSS Dashlet
XSS Vulnerability in Nagios XI RSS Dashlet
SQL Injection Vulnerability in Zoho ManageEngine OpManager 12.3
Out-Of-Bounds Read Vulnerability in rdesktop v1.8.3: Information Leak in ui_clip_handle_data()
Integer Signedness Errors in rdesktop v1.8.3: Out-Of-Bounds Read Vulnerability
Out-of-Bounds Read Vulnerability in rdesktop v1.8.3: Denial of Service (segfault)
Heap-Based Buffer Overflow in rdesktop v1.8.3: Integer Overflow Vulnerability
Out-Of-Bounds Read Vulnerability in rdesktop v1.8.3: Denial of Service (segfault)
Integer Underflow in rdesktop v1.8.3: Heap-Based Buffer Overflow in lspci_process() with Remote Code Execution
Heap-Based Buffer Overflow in rdesktop v1.8.3: Integer Underflow Vulnerability
Integer Underflow in rdesktop v1.8.3: Heap-Based Buffer Overflow and Remote Code Execution
Buffer Overflow Vulnerability in rdesktop v1.8.3: Remote Code Execution
Heap-based Buffer Overflow in WriteTGAImage Function of GraphicsMagick 1.4 Snapshot-20181209 Q8
Heap-based Buffer Over-read in ReadBMPImage Function of GraphicsMagick 1.4 Snapshot-20181209 Q8
Memory Allocation Vulnerability in Bento4 1.5.1-627
Timing Side-Channel Vulnerability in Botan ECC Key Generation
CSRF Vulnerability in FUEL CMS 1.4.3 Allows Unauthorized Administrator Account Creation
Denial of Service Vulnerability in GraphicsMagick 1.3.31's ReadDIBImage Function
XML External Entity Injection (XXE) Vulnerability in IBM Security Identity Manager 6.0.0 Virtual Appliance
NULL Pointer Dereference in LibSass 3.5.5: Denial of Service Vulnerability
QEMU PVRDMA Driver Null Pointer Dereference Vulnerability
Privilege Escalation Vulnerability in Certain Secure Access SA Series SSL VPN Products
Stack-based Buffer Underflow in calculate_gain function in FAAD2 2.8.8
NULL Pointer Dereference Vulnerability in FAAD2 2.8.8
Stack-based Buffer Overflow in calculate_gain function in FAAD2 2.8.8
Stack-based Buffer Underflow in calculate_gain function in FAAD2 2.8.8
NULL Pointer Dereference Vulnerability in FAAD2 2.8.8
NULL Pointer Dereference Vulnerability in FAAD2 2.8.8
Bypassing Certificate Pinning in OkHttp 3.x through 3.12.0
Stack-based Buffer Over-read Vulnerability in Espruino 2V00's jsfNameFromString Function
Cross-Site Scripting (XSS) Vulnerability in IBM QRadar SIEM 7.2 and 7.3
ExifTool 8.32 DLL Hijacking Vulnerability
Cross-Site Scripting (XSS) Vulnerability in bin/statistics in TWiki 6.0.2 via webs parameter
Denial of Service Vulnerability in libexcel 0.01 via Long Name in wbook_addworksheet
Infinite Loop Vulnerability in QEMU's pvrdma_dev_ring.c
KDC Crash Vulnerability via S4U2Self Request
Command Injection Vulnerability in Teracue ENC-400 Devices
Authentication Bypass Vulnerability in Teracue ENC-400 Devices
IBM QRadar SIEM 7.2 and 7.3 Information Disclosure Vulnerability
Unauthenticated Access to Sensitive Information on Teracue ENC-400 Devices
Remote Code Execution Vulnerability in Deltek Ajera Timesheets 9.10.16 and Prior
Critical XXE Vulnerability in Airsonic before 10.1.2: Parsing Exploit
Vulnerability: Unintended Installation of Private Packages via --extra-index-url
Lack of Role.toString Method Override Allows Unauthorized Super Administrator Addition in THEHIVE PROJECT Cortex
Directory Traversal Vulnerability in RDF4J 2.4.2 via ZIP Archive Entry
CSRF Vulnerability in Subsonic V6.1.5 Allows SSRF via internetRadioSettings.view streamUrl
Directory Traversal Vulnerability in GitLab Community and Enterprise Edition
Heap-based Buffer Overflow in PSPP 1.2.0's read_bytes_internal Function
CSRF Vulnerability in WordPress Two-Factor-Authentication Plugin Allows 2FA Disabling
Cross-Site Scripting (XSS) Vulnerability in Atlassian Jira Labels Widget Gadget
XML External Entity (XXE) Vulnerability in Atlassian Universal Plugin Manager
Argument Injection Vulnerability in Atlassian Sourcetree for macOS via Mercurial Filenames
Argument Injection Vulnerability in Atlassian Sourcetree for Windows via Mercurial Repository Filenames
Command Injection Vulnerability in Sourcetree for Windows via URI Handling
Authenticated User Can Download Deleted Pages in Atlassian Confluence Server and Data Center
Insufficient Session Expiration Vulnerability in Atlassian Crowd
Cross-Site Scripting (XSS) Vulnerability in Application Links
Insecure Permissions in IBM QRadar SIEM 7.2 and 7.3
Cross-Site Scripting (XSS) Vulnerability in Atlassian Fisheye and Crucible Administrative Linker Functionality
Cross-Site Scripting (XSS) Vulnerability in Atlassian Fisheye and Crucible Edit Upload Resource
Apache JSPWiki XSS Vulnerability: Session Hijacking Exploit
URL Parameter Exposure of Credentials in POST Requests
Arbitrary JavaScript Execution Vulnerability in Apache Airflow
Improper Exception Handling in LDAP Auth Backend Disables Server Certificate Checking
Stack Overflow Vulnerability in Foxit Quick PDF Library
Out-of-Bounds Memory Access Vulnerability in Foxit Quick PDF Library
Out-of-Bounds Memory Access Vulnerability in Foxit Quick PDF Library
Insecure Permissions in IBM Spectrum Protect Backup-Archive Client and IBM Spectrum Protect for Virtual Environments
WinRAR ACE Format Path Traversal Vulnerability
WinRAR ACE Format Path Traversal Vulnerability
Out-of-Bounds Write Vulnerability in WinRAR 5.60 and Earlier Versions
Out-of-Bounds Write Vulnerability in WinRAR 5.60 and Earlier Versions
Directory Listing Vulnerability in IBM Financial Transaction Manager 3.2.1 for Digital Payments
IBM Maximo Asset Management 7.6 Authenticated User Phishing Vulnerability
XML External Entity (XXE) Vulnerability in S3 Browser before 8.1.5
Buffer Overflow Vulnerability in Bosch Smart Home Cameras
Arbitrary PHP Code Execution in Empire CMS 7.5 via ftemp Parameter
Coherence User Registration Endpoint Mass Assignment Vulnerability
XSS Vulnerability in Steve Pallen Xain 0.6.2 via Order Parameter
Directory Traversal Vulnerability in Gogs File Upload Functionality
Denial of Service Vulnerability in libexcel 0.01 via Long Argument in wbook_addworksheet
Arbitrary Remote Code Execution in D-Link DIR-816 A2 1.10 B05 via Stack-Based Buffer Overflow
Stored XSS Vulnerability in Pulse Secure Virtual Traffic Manager Web Administration Interface
Sensitive Historical Activity Information Disclosure in Pulse Secure Virtual Traffic Manager 9.9 and 10.4 versions
Race Condition Vulnerability in Foxit Reader and PhantomPDF
Race Condition Vulnerability in Foxit Reader and PhantomPDF
Race Condition Vulnerability in Foxit Reader and PhantomPDF
Race Condition Vulnerability in Foxit Reader and PhantomPDF
Race Condition Vulnerability in Foxit Reader and PhantomPDF
Race Condition Vulnerability in Foxit Reader and PhantomPDF
Race Condition Vulnerability in Foxit Reader and PhantomPDF
Race Condition Vulnerability in Foxit Reader and PhantomPDF
XXE Vulnerability in getXmlDoc Method of BaseWxPayResult.java in weixin-java-tools v3.2.0
Privilege Escalation Vulnerability in Rancher 2 through 2.1.5
Cross-site scripting (XSS) vulnerability in LimeSurvey version 3.15.5 allows for Javascript code execution against LimeSurvey administrators
Arbitrary OS Command Execution in MailCleaner Community Edition 2018.08
Arbitrary Command Execution Vulnerability in Danijar Hafner Definitions Package
XSS Vulnerability in ChinaMobile PLC Wireless Router GPN2.4P21-C-CN Firmware W2001EN-00
XSS Vulnerability in Chamilo LMS Gradebook Dependencies Tool
XSS Vulnerability in Chamilo LMS 1.11.8 Social Groups Tool
SQL Injection Vulnerability in Chamilo LMS Version 1.11.8
Integer Overflow and Heap-Based Buffer Overflow in libjpeg-turbo 2.0.1's tjLoadImage Function
Kernel Pool Buffer Overflow in Antiy AVL ATool v1.0.0.22: Privilege Escalation and Denial of Service Vulnerability
Arbitrary File Reading and Directory Listing Vulnerability in OpenWebif Plugin
Unauthenticated Access to USB Device and App Information in ASUSWRT Router
Command Injection Vulnerability in ASUSWRT 3.0.0.4.384.20308 via fb_email Parameter
Unauthenticated DoS Vulnerability in ASUSWRT 3.0.0.4.384.20308
Stack-based Buffer Overflow in ASUSWRT 3.0.0.4.384.20308: Information Leak Vulnerability
Stack-based Buffer Overflow in LibRaw 0.19.1's parse_makernote Function
SQL Injection Vulnerability in Zoho ManageEngine OpManager 12.3 (Build 123239) Alarms Section
XSS Vulnerability in Zoho ManageEngine OpManager 12.3
Unchecked Buffers in Yubico libu2f-host 1.1.6: Exploiting Buffer Overflow via USB Device
Unquoted Service Path Vulnerability in WINMAGIC SecureDoc Disk Encryption Software
Root Terminal Vulnerability in Floureon IP Camera SP012
Buffer Overflow Vulnerabilities in Ken Silverman Build Engine 1: Arbitrary Code Execution via Crafted Map File
Improper Access Control in StackStorm API Allows Unauthorized Data Retrieval
Magellan: Integer Overflow and Buffer Overflow Vulnerability in SQLite FTS3 Extension
Denial of Service Vulnerability in libpff_item_tree_create_node in libpff
NULL Pointer Dereference in igraph_i_strdiff Function
Stored XSS Vulnerability in Evernote (Chinese) Markdown Component (MAC-832)
Use-after-free vulnerability in mg_cgi_ev_handler function in Cesanta Mongoose Embedded Web Server Library allows remote code execution
Use-after-free vulnerability in mg_http_get_proto_data function in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows for remote code execution
Use-after-free vulnerability in Cesanta Mongoose Embedded Web Server Library allows for remote code execution
Use-after-free vulnerability in mg_http_free_proto_data_cgi function allows for remote code execution
Use-after-free vulnerability in mg_http_free_proto_data_cgi function in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier
NULL Pointer Dereference in sbr_process_channel of FAAD2 2.8.8
Invalid Memory Address Dereference in FAAD2 2.8.8: Denial of Service Vulnerability
Invalid Memory Address Dereference in FAAD2 2.8.8: Denial of Service Vulnerability
Invalid Memory Address Dereference in FAAD2 2.8.8: Denial of Service Vulnerability
Invalid Memory Address Dereference in FAAD2 2.8.8: Denial of Service Vulnerability
NULL Pointer Dereference in ifilter_bank of FAAD2 2.8.8
NULL Pointer Dereference in LibRaw::raw2image() in libraw_cxx.cpp
NULL Pointer Dereference in LibRaw::copy_bayer() in libraw_cxx.cpp
Heap-based Buffer Overflow in LibRaw::raw2image()
Stored XSS Vulnerability in WSTMart 2.0.8_181212 via consultContent Parameter
XSS Vulnerability in Master Slider Plugin for WordPress
XSS Vulnerability in Barracuda Message Archiver 2018's ldap_load_entry.cgi Module
XSS Vulnerability in SZ NetChat before 7.9 Allows Command Injection
Authorization Bypass Vulnerability in PhotoRange Photo Vault 1.2
XSS Vulnerability in TP-Link TD-W8961ND Devices via DHCP Client Hostname
XSS Vulnerability in Tenda ADSL Modem Routers 1.0.1 via DHCP Client Hostname
Out-of-Bounds Write Vulnerability in Tiny C Compiler 0.9.27
Out-of-Bounds Write Vulnerability in Tiny C Compiler 0.9.27
Out-of-Bounds Write Vulnerability in Tiny C Compiler 0.9.27
Remote Wi-Fi Credential Disclosure in Orange Livebox 00.96.320S Devices
Remote Code Execution and Denial of Service Vulnerability in OpenSynergy Blue SDK 3.2-6.0
Cross Protocol Injection Vulnerability in Technicolor DPC3928SL Devices via setSSID Parameter
SNMP Credential Discovery Vulnerability in Ambit DDW2600, DDW2602, T60C926, and U10C019 Devices
Vulnerability: Unauthorized Credential Discovery in Technicolor DPC2320 Devices via SNMP Requests
Remote Credential Discovery Vulnerability in Jiuzhou BCM93383WRG 139.4410mp1.3921132mp1.899.004404.004 Devices via SNMP Requests
Vulnerability: Unauthorized Credential Discovery in ARRIS DG950A and DG950S Devices
Credential Exposure via SNMP Requests in iNovo Broadband IB-8120-W21 and IB-8120-W21E1 Devices
SNMP Credential Discovery Vulnerability in CastleNet Devices
Remote Credential Discovery in ARRIS SBG6580-2 D30GW-SEAEAGLE-1.5.2.5-GA-00-NOSH Devices
SNMP Credential Disclosure Vulnerability in Bnmux BCW700J, BCW710J, and BCW710J2 Devices
Remote Credential Discovery Vulnerability in Comtrend CM-6200un and CM-6300n Devices
SNMP Credential Disclosure Vulnerability in D-Link DCM-604 and DCM-704 Devices
Information Disclosure Vulnerability in Kaonmedia CG2001 Devices
Vulnerability: Credential Discovery in TEKNOTEL CBW700N 81.447.392110.729.024 Devices via SNMP Requests
Credential Discovery Vulnerability in S-A WebSTAR DPC2100 v2.0.2r1256-060303 Devices
Vulnerability: Credential Discovery via SNMP Requests in Technicolor CGA0111, CWA0101, DPC3928SL, TC7110.AR, TC7110.B, TC7110.D, TC7200.d1I, and TC7200.TH2v2 Devices
SNMP Credential Discovery Vulnerability in Thomson DWG849, DWG850-4, DWG855, and TWG870 Devices
Remote Credential Discovery in NETWAVE MNG6200 C4835805jrc12FU121413.cpr Devices via SNMP Requests
Credential Discovery Vulnerability in NET&SYS MNG2120J and MNG6300 Devices
Vulnerability: Credential Discovery in mplus CBC383Z and CBC383Z_mplus_MDr026 Devices via SNMP Requests
Credential Discovery Vulnerability in Skyworth CM5100 Series Devices
Motorola SBG901, SBG941, and SVG1202 Devices SNMP Credential Discovery Vulnerability
Ubee DVW2108 and DVW2110 SNMP Credential Discovery Vulnerability
Zoom 5352 v5.5.8.6Y SNMP Credential Discovery Vulnerability
Default User Accounts with Weak Passwords in Safe Software FME Server
Denial of Service Vulnerability in ETK_E900.sys Driver for VIA Technologies EPIA-E900 System Board
Full Path Disclosure Vulnerability in BigTree 4.3
Integer Overflow in _pickle.c in Python before 3.7.1
Memory Leak in AP4_DescriptorFactory::CreateDescriptorFromStream in Bento4 1.5.1-627
Memory Leak in AP4_StdcFileByteStream::Create in Bento4 1.5.1-627
Heap-based Buffer Over-read in AP4_AvccAtom::Create in Bento4 1.5.1-627
Stack-Based Buffer Overflow in WellinTech KingSCADA before 3.7.0.0.1 via Specially Crafted Packet to AlarmServer Service
Cross-Site Scripting (XSS) Vulnerability in Craft CMS 3.0.25 via Console Tab
CSRF Vulnerability in DouCo DouPHP 1.5 Allows Unauthorized Addition of Administrator Account
Directory Traversal Vulnerability in Z_CreateCompanyTemplateFile.php
Denial of Service Vulnerability in Go Ethereum (geth) 1.8.19 via Memory Consumption
Authentication Bypass Vulnerability in Discuz! DiscuzX 3.4 with WeChat Login
Bypassing Disabled Registration Setting in Discuz! DiscuzX 3.4 with WeChat Login
Remote Code Execution via WeChat Login in Discuz! DiscuzX 3.4
NULL Pointer Dereference in pushdup function of libming 0.4.8's decompile.c
NULL Pointer Dereference in newVar3 Function of libming 0.4.8
NULL Pointer Dereference in getInt Function of libming 0.4.8's decompile.c File
NULL Pointer Dereference in strlenext function of libming 0.4.8
NULL Pointer Dereference in getName Function of libming 0.4.8's decompile.c File
Out-of-Bounds Read Vulnerability in GNU Libextractor's history_extract() Function
NULL Pointer Dereference vulnerability in process_metadata() function in GNU Libextractor through 1.8
Hardcoded Telnet Credentials Vulnerability in D-Link COVR-2600R and COVR-3902 Kit
XXE vulnerability in c3p0 0.9.5.2 during initialization
Arbitrary OS Command Execution in LibreNMS 1.46
SSRF Vulnerability in Telegram's Secret Chat Feature
Arbitrary File Download Vulnerability in FEBS-Shiro
Title: Remote Discovery of Wi-Fi Credentials in Technicolor TC7110.AR STD3.38.03 Devices via SNMP Requests
Wi-Fi Credential Discovery Vulnerability in Technicolor DPC3928SL Devices
Title: Remote Discovery of Wi-Fi Credentials in Technicolor CWA0101 CWA0101E-A23E-c7000r5712-170315-SKC Devices via SNMP Requests
Title: Remote Discovery of Wi-Fi Credentials in Technicolor TC7200.TH2v2 SC05.00.22 Devices via SNMP Requests
Title: Remote Discovery of Wi-Fi Credentials in Technicolor TC7110.B STC8.62.02 Devices via SNMP Requests
Vulnerability: Unauthorized Wi-Fi Credential Discovery in Technicolor TC7200.d1I and TC7200.d1IE-N23E-c7000r5712-170406-HAT Devices
Title: Remote Discovery of Wi-Fi Credentials in Technicolor CGA0111 CGA0111E-ES-13-E23E-c8000r5712-170217-0829-TRU Devices via SNMP Requests
Vulnerability: Unauthorized Wi-Fi Credential Discovery in D-Link DCM-604 and DCM-704 Devices
XSS Vulnerability in Frog CMS 0.9.5 via Database Name Field
Information Disclosure Vulnerability in hidma_chan_stats Function
Double Free Vulnerability in libxls 1.4.0 Allows Denial of Service
Heap-based Buffer Over-read Vulnerability in libdoc's process_file Function
Memory Management Vulnerability in libxls 1.4.0 Allows for Denial of Service and Possible Impact
Heap-based Buffer Over-read in getlong Function of libdoc
XSS Vulnerability in 74cms v4.2.111: upload/index.php?c=resume&a=resume_list
Stack-based buffer overflow in parseOperand function in radare2 prior to 3.1.1
Stack-based buffer over-read vulnerability in parseOperand function in radare2 prior to 3.1.1
Denial-of-Service Vulnerability in radare2 through 3.1.3 via Assemble Function in asm_arm_cs.c
Out-of-Bounds Read Vulnerability in r_bin_dyldcache_extract in radare2
Denial-of-Service Vulnerability in radare2 through 3.1.3: armass_assemble Function Allows Out-of-Bounds Read
Stack-based Buffer Overflow in parseOperands function in radare2 prior to 3.1.2
Out-of-Bounds Read Vulnerability in radare2 prior to 3.1.1
Cross-Site Scripting (XSS) Vulnerability in JSmol2WP Plugin 1.07 for WordPress
Arbitrary File Read and SSRF Vulnerability in JSmol2WP Plugin 1.07 for WordPress
Reflected XSS Vulnerability in CMS Made Simple 2.2.8 admin/myaccount.php
Server-side Template Injection in Craft CMS through 3.0.34 allows sensitive information disclosure
Denial of Service Vulnerability in ImageMagick's bmp.c
CSV Injection Vulnerability in Tyto Sahi Pro's Web Reports Module
H2 SQL Injection Vulnerability in Tyto Sahi Pro
Directory Traversal Vulnerability in Tyto Sahi Pro Web Reports Module
Stored XSS Vulnerability in Tyto Sahi Pro Logs Web Interface
Cross-Site Scripting (XSS) Vulnerability in S-CMS 3.0 via admin/demo.php T_id Parameter
SQL Injection Vulnerability in S-CMS 3.0 via bank/callback1.php P_no Field
Arbitrary File Disclosure in S-CMS 1.0 via admin/download.php DownName Parameter
SQL Injection Vulnerability in S-CMS 1.0 via wap_index.php?type=newsinfo S_id Parameter
SQL Injection Vulnerability in S-CMS 1.0 via js/pic.php P_id Parameter
NULL Pointer Dereference in XRef::getEntry in Poppler 0.72.0
Denial of Service Vulnerability in GNU Tar through 1.30 with --sparse Option
Information Disclosure via user.xdg.origin.url and user.xdg.referrer.url Metadata Attributes in GNU Wget
XSS Vulnerability in Zoho ManageEngine ADSelfService Plus 5.7
XSS Vulnerability in Zoho ManageEngine ADSelfService Plus 5.7
Cross-Site Scripting (XSS) Vulnerability in MetInfo 6.x through 6.1.3 via /admin/login/login_check.php url_array[] Parameter
Arbitrary Code Execution via Firewall Rule Inclusion in Inteno IOPSYS
Information Exposure Vulnerability in GitLab Community and Enterprise Edition
Incorrect Access Control Vulnerability in GitLab Community and Enterprise Edition
Cross-Site Scripting (XSS) Vulnerability in GitLab Community and Enterprise Edition
Cross-Site Scripting (XSS) Vulnerability in GitLab Enterprise Edition
Incorrect Access Control Vulnerability in GitLab Community and Enterprise Edition
Incorrect Access Control Vulnerability in GitLab Community and Enterprise Edition
Incorrect Access Control Vulnerability in GitLab Community and Enterprise Edition
Information Exposure Vulnerability in GitLab Community and Enterprise Edition
Cross-Site Scripting (XSS) Vulnerability in GitLab Community and Enterprise Edition
SSRF Vulnerability in GitLab Community and Enterprise Edition
Incorrect Access Control Vulnerability in GitLab Community and Enterprise Edition
SSRF Vulnerability in GitLab Community and Enterprise Edition
Insecure Permissions Issue: Unresettable Runner Registration Token in GitLab
Incorrect Access Control Vulnerability in GitLab Community and Enterprise Edition
Excessive Memory Allocation Vulnerability in Bento4 1.5.1-627
Cross-Site Scripting (XSS) Vulnerability in Allied Telesis 8100L/8 Devices via edit-ipv4_interface.php
Denial of Service Vulnerability in SQLite 3.25.2
Integer Overflow and Buffer Overflow in SQLite FTS3 Merge Operation
Incorrect Access Control Vulnerability in GitLab Enterprise Edition
SQL Injection Vulnerability in CrashFix 1.0.4 via User[status] Parameter
Information Disclosure Vulnerability in Linux Kernel 4.14.90 via print_binder_ref_olocked Function
Information Disclosure Vulnerability in Linux Kernel 4.14.90's print_binder_transaction_ilocked Function
Sensitive Kernel Address Information Disclosure in ipddp_ioctl Function
Privilege Escalation Vulnerability in EPON CPE-WiFi Devices 2.0.4-X000
Arbitrary Resume Access and Modification Vulnerability in 74cms v4.2.111
XSS Vulnerability in MiniCMS V1.10 via mc-admin/post-edit.php Query String
Content Provider Injection Vulnerability in Xiaomi Stock Browser on Redmi Android Phones
Cross-Site Scripting (XSS) vulnerability in Chat Anywhere extension 2.4.0 for Chrome
Directory Traversal Vulnerability in Roxy Fileman 1.4.5 copydir.php, copyfile.php, and fileslist.php
Unrestricted File Upload Vulnerability in Roxy Fileman 1.4.5
SSRF Vulnerability in JEECMS 9 via ueditor/getRemoteImage.jspx upfile Parameter
XSS Vulnerability in PHP Scripts Mall Website Seller Script 2.0.5 via Profile Field
NULL Pointer Dereference Vulnerability in libsolvext.a
NULL Pointer Dereference Vulnerability in libsolvext.a
Illegal Address Access Vulnerability in libsolv.a
Use-After-Free Vulnerability in NASM 2.14rc16: Denial of Service in pp_getline()
Heap-Based Buffer Over-Read Vulnerability in libLAS 1.8.1's liblas::SpatialReference::GetGTIF() Function
NULL Pointer Dereference Denial of Service Vulnerability in libLAS 1.8.1
Use-After-Free Vulnerability in NASM 2.14rc16's pp_getline Function
Denial of Service Vulnerability in libLAS 1.8.1: Segmentation Fault Triggered by Illegal Address Access at liblas::SpatialReference::GetGTIF()
Memory Leak in libLAS 1.8.1 at liblas::Open (liblas/liblas.hpp)
Heap-based Buffer Overflow in libxsmm_sparse_csc_reader
Heap-based Buffer Overflow in libxsmm_sparse_csc_reader
Denial of Service Vulnerability in LIBXSMM 1.10: Excessive Memory Allocation in libxsmm_sparse_csc_reader
Floating Point Exception in caca/dither.c (libcaca 0.99.beta19)
Illegal WRITE Memory Access Vulnerability in libcaca 0.99.beta19 for 4bpp Data
Illegal READ Memory Access Vulnerability in libcaca 0.99.beta19
Illegal READ Memory Access Vulnerability in libcaca 0.99.beta19 for 24bpp Data
Illegal WRITE Memory Access Vulnerability in libcaca 0.99.beta19 for 1bpp Data
Illegal WRITE Memory Access Vulnerability in libcaca 0.99.beta19
Denial of Service Vulnerability in Poppler 0.72.0: Reachable Object::getString Assertion in AnnotRichMedia Class
Heap-Based Buffer Over-Read Vulnerability in Tcpreplay before 4.3.1
Heap-Based Buffer Over-Read Vulnerability in Tcpreplay before 4.3.1
Twitter Account Takeover Vulnerability in Design Chemical Social Network Tabs Plugin for WordPress
SQL Injection Vulnerability in Booking Calendar Plugin 8.4.3 for WordPress
Cross-Site Scripting (XSS) Vulnerability in DouCo DouPHP 1.5 20181221
Cross-Site Scripting (XSS) Vulnerability in DouCo DouPHP 1.5 20181221 via site_name Parameter
Cross-Site Scripting (XSS) Vulnerability in DouCo DouPHP 1.5 20181221 via name parameter in admin/product.php?rec=update
XSS Vulnerability in DouCo DouPHP 1.5 20181221 via show_name Parameter
XSS Vulnerability in DouCo DouPHP 1.5 20181221 via title parameter in admin/article.php?rec=update
XSS Vulnerability in DouCo DouPHP 1.5 20181221 via cat_name Parameter
XSS Vulnerability in DouCo DouPHP 1.5 20181221 via mobile_name Parameter
XSS Vulnerability in DouCo DouPHP 1.5 20181221 via cat_name Parameter
XSS Vulnerability in DouCo DouPHP 1.5 20181221 via nav_name Parameter
Full Path Disclosure in DouCo DouPHP 1.5 20181221 Installation Page
Opportunistic Product Reload Vulnerability in DouCo DouPHP 1.5 20181221
SQL Injection Vulnerability in Ivan Cordoba Generic Content Management System (CMS) Allows Authentication Bypass
SQL Injection Vulnerability in Ivan Cordoba Generic Content Management System (CMS) Allows Authentication Bypass
Heap-Based Buffer Over-Read in jp2_encode function of JasPer 2.0.14
Arbitrary File Read Vulnerability in DamiCMS 6.0.1
SQL Injection in WUZHI CMS 4.1.0 via index.php?m=promote&f=index&v=search keywords parameter
Denial of Service Vulnerability in yaml-cpp (aka LibYaml-C++) 0.6.2
Denial of Service Vulnerability in yaml-cpp (aka LibYaml-C++) 0.6.2
Undocumented URI for Manual Firmware Update in Orange Livebox 00.96.320S Devices
CSRF Vulnerability in Orange Livebox 00.96.320S Devices Allows Arbitrary Outbound Telephone Calls
CSRF Vulnerability in Orange Livebox 00.96.320S Devices
Infinite Loop Vulnerability in NuttX's netlib_parsehttpurl() Function
Stack-based Buffer Overflow in Contiki-NG JSON Parsing Function
Arbitrary Code Execution Vulnerability in SmartBear ReadyAPI WSDL Import Functionality
Cross-Site Request Forgery Vulnerability in GREE+ Android Application (Version 1.4.0.8)
PHP League CommonMark Library XSS Vulnerability
Denial of Service Vulnerability in JasPer 2.0.14 via jp2 Conversion
Arbitrary Data Injection Vulnerability in bitcoind and Bitcoin-Qt (CVE-2018-17144)
Incorrect Access Control in Bitcoin Core and Bitcoin Knots allows local users to steal currency by exploiting a loophole in RPC port binding.
Buffer Over-read Vulnerability in libotfcc.a in otfcc v0.10.3-alpha
XSS Vulnerability in Ivan Cordoba Generic CMS (2018-04-28) via Administrator/add_pictures.php Article ID
XSS Vulnerability in Ivan Cordoba Generic CMS (2018-04-28) via Administrator/users.php User ID
Heap-based Buffer Over-read Vulnerability in libming v0.4.8's decompileJUMP Function
Use-After-Free Vulnerability in Mini-XML (mxml) v2.12
Stack-based Buffer Overflow in Mini-XML (mxml) v2.12's scan_file Function
Reflected XSS Vulnerability in hsweb 3.0.4
CSRF Vulnerability in hsweb 3.0.4: Inadequate State Parameter Comparison
SSRF Vulnerability in Jspxcms v9.0.0
XSS Vulnerability in UCMS 1.4.7 via dir Parameter in index.php sadmin_fileedit Action
CSRF Vulnerability in UCMS 1.4.7: User Addpost
Arbitrary PHP Code Execution in UCMS 1.4.7 via sadmin_fileedit Action
XSS Vulnerability in UCMS 1.4.7 via sadmin\cedit.php and index.php sadmin_cedit action
XSS Vulnerability in UCMS 1.4.7 via description parameter in index.php list_editpost action
Full Path Disclosure in Lei Feng TV CMS (LFCMS) 3.8.6 via /install.php?s=/1 URI
CSRF Vulnerability in Lei Feng TV CMS (LFCMS) 3.8.6: admin.php?s=/Member/add.html
Directory Traversal Vulnerability in Lei Feng TV CMS (LFCMS) 3.8.6
Remote Code Execution in imcat 4.4 via root/run/adm.php and boot/bootskip.php Modification
Full Path Disclosure Vulnerability in imcat 4.4 via dev.php?tools-ipaddr&api=Pcoln&uip= URI
Remote Information Disclosure Vulnerability in imcat 4.4
Remote Code Execution Vulnerability in imcat 4.4 via root/tools/adbug/binfo.php?phpinfo1 URI
Remote Information Disclosure Vulnerability in imcat 4.4
Directory Traversal Vulnerability in imcat 4.4 via root/run/adm.php efile Parameter
XSS Vulnerability in imcat 4.4 via Crafted Cookie in root/tools/adbug/binfo.php
CSRF Vulnerability in UWA 2.3.11: index.php?g=admin&c=admin&a=add_admin_do
CSRF Vulnerability in TEMMOKU T1.09 Beta Allows Unauthorized User Addition
Remote Code Execution via public/install/#/step3 URI in CIM 0.9.3
HTTP/2 Protocol Decoder Out-of-Bounds Read Vulnerability in HAProxy 1.8.x and 1.9.x
Heap-Based Buffer Overflow in ok_wav_decode_ms_adpcm_data Function
Heap-Based Buffer Overflow in ok_csv_decode2 Function
Heap-Based Buffer Over-Read Vulnerability in ok-file-formats (CVE-2018-10-16)
Local Privilege Escalation through Insecure Permissions in Microvirt MEmu 6.0.6
Memory Leak in JasPer 2.0.14 when Using --output-format jp2
Use-after-free vulnerability in GNU Binutils 2.31.1: Exploiting the error function in elfcomm.c via crafted ELF file
Directory Traversal Vulnerability in PHP Scripts Mall Consumer Reviews Script 4.0.3
HTML Injection Vulnerability in PHP Scripts Mall Consumer Reviews Script 4.0.3
Directory Traversal Vulnerability in PHP Scripts Mall Charity Foundation Script
Directory Traversal Vulnerability in PHP Scripts Mall Charity Donation Script
Directory Traversal Vulnerability in PHP Scripts Mall Advance Crowdfunding Script 2.0.3
Full Path Disclosure in PHP Scripts Mall Website Seller Script 2.0.5 via Arbitrary Image URL Request
Stored Cross-Site Scripting (XSS) in PHP Scripts Mall Advance B2B Script 2.1.4 via FIRST NAME or LAST NAME field
Cross-Site Request Forgery (CSRF) Vulnerability in PHP Scripts Mall Advance B2B Script 2.1.4
Remote Denial of Service Vulnerability in PHP Scripts Mall Advance B2B Script 2.1.4
Directory Traversal Vulnerability in PHP Scripts Mall Advance B2B Script 2.1.4
HTML Injection Vulnerability in PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1
Denial of Service Vulnerability in PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1
Directory Traversal Vulnerability in PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1
HTML Injection Vulnerability in PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 via Search Bar
Stored Cross-Site Scripting (XSS) Vulnerability in PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1
Cross-Site Request Forgery (CSRF) Vulnerability in PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1
Denial of Service Vulnerability in PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1
Directory Traversal Vulnerability in PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1
Cross-Site Request Forgery (CSRF) Vulnerability in PHP Scripts Mall Basic B2B Script 2.0.9
HTML Injection Vulnerability in PHP Scripts Mall Basic B2B Script 2.0.9
Directory Traversal Vulnerability in PHP Scripts Mall Basic B2B Script 2.0.9
Directory Traversal Vulnerability in PHP Scripts Mall Car Rental Script 2.0.8
Cross-Site Request Forgery (CSRF) Vulnerability in PHP Scripts Mall Car Rental Script 2.0.8
Denial of Service Vulnerability in Poppler 0.72.0 due to Object::dictLookup Assertion
NULL Pointer Dereference Vulnerability in GNU Binutils 2.31.1
Excessive Memory Allocation Vulnerability in tinyexr v0.9.5
Stack-based overflow vulnerability in WhatsApp for iOS prior to v2.18.90.24 and WhatsApp Business for iOS prior to v2.18.90.24
Memory Leak Vulnerability in demangle_template Function of GNU libiberty
Denial of Service Vulnerability in Core FTP 2.0 Build 653
Excessive Memory Allocation Vulnerability in Bento4 1.5.1-627
Denial-of-Service Vulnerability in Poppler 0.72.0 PDFDoc::setup
Persistent XSS Vulnerability in CUBA Platform's Reporting Addon
XXE Vulnerability in Zoho ManageEngine ADSelfService Plus 5.x before build 5701 via Uploaded Product License
Privilege Escalation Vulnerability in i915_gem_execbuffer2_ioctl
Integer Overflow Vulnerability in load_specific_debug_section in GNU Binutils
Integer Overflow Vulnerability in demangle_template Function in GNU libiberty
Authenticated Remote Command Execution in D-Link DIR-822, DIR-822-US, DIR-850L, and DIR-880L Devices
Authentication Bypass Vulnerability in D-Link DIR-822, DIR-822-US, DIR-850L, and DIR-880L Devices
XSS Vulnerability in Bootstrap Tooltip's data-viewport Attribute
XSS Vulnerability in Bootstrap Affix Configuration Target Property
SQL Injection Vulnerability in LibreNMS 1.47: Exploitable via html/ajax_table.php sort[hostname] Parameter
Out of Bounds Read Vulnerability in BusyBox DHCP Components
XSS Vulnerability in Frog CMS 0.9.5 Admin Page Edit Body Field
Vulnerability in mate-screensaver: Unauthorized Access and Application Control via External Output Devices
Stored XSS in Fork CMS 5.0.6 via Facebook Admin IDs input
Command Injection Vulnerability in Gitolite before 3.6.11
Arbitrary File Overwrite Vulnerability in WinSCP's SCP Implementation
OpenSSH 7.9 Vulnerability: Bypassing Access Restrictions via . or Empty Filename in scp.c
XML External Entity (XXE) Vulnerability in Raritan CommandCenter Secure Gateway Allows Arbitrary File Read and SSRF Attacks
URL Injection Vulnerability in floragunn Search Guard Plugin for Kibana
Denial of Service Vulnerability in Docker Engine 18.09
Reflected XSS Vulnerability in CubeCart 6.2.2 via /{ADMIN-FILE}/ Query String
Heap-based Buffer Over-read Vulnerability in GNU libiberty
SQL Injection Vulnerability in Shopware (SW-21404)
File Deletion Vulnerability in Automattic WooCommerce Plugin Allows Privilege Escalation
SQL Injection Vulnerability in OXID eSales 4.10.6 DB Abstraction Layer
SQL Injection in CubeCart I forgot my Password! feature
Remote Code Execution Vulnerability in PrestaShop Orders Section
PHP Object Injection Vulnerability in Pydio before 8.2.2
SQL Injection Vulnerability in Tiki User Task Component
Denial of Service Vulnerability in ABB Relion 630 Devices
Out-of-Bounds Read Vulnerability in uriparser before 0.9.1
Cross-Site Scripting (XSS) Vulnerability in Cacti color_templates.php
Cross-Site Scripting (XSS) Vulnerability in Cacti pollers.php
Cross-Site Scripting (XSS) Vulnerability in Cacti graph_templates.php
Cross-Site Scripting (XSS) Vulnerability in Cacti's host.php
Command Injection Vulnerabilities in NeDi 1.7Cp3: Remote Code Execution
CSRF Vulnerability in NeDi Allows Privilege Escalation via User-Management.php
Reflected XSS Vulnerability in NeDi 1.7Cp3 via mh.php
SQL Injection Vulnerability in NeDi 1.7Cp3's query.php Component
Stored XSS Vulnerability in NeDi User-Chat.php
Arbitrary Code Execution via Java Deserialization in SAS Web Infrastructure Platform
XXE Vulnerability in BI Web Services in SAS Web Infrastructure Platform
Privilege Escalation and Lateral Movement Vulnerability in BMC PATROL Agent
DOM-based XSS in WSO2 API Manager Store
Reflected XSS Vulnerability in WSO2 API Manager's Carbon Component
Unbounded Memory Allocation Vulnerability in UC Berkeley RISE Opaque
Denial of Service Vulnerability in Mumble 1.2.19
CORS Misconfiguration Vulnerability in Olivier Poitrey Go CORS Handler
Arbitrary Origin Header Reflection Vulnerability in Yii 2.x through 2.0.15.1
Heap Out-of-Bounds Write Vulnerabilities in LibVNC (CVE-2018-20019 Incomplete Fix)
Incomplete Fix for Heap Out-of-Bounds Write Vulnerability in LibVNC (CVE-2018-15127)
Incomplete Fix for Heap Out-of-Bounds Write Vulnerability in LibVNC (CVE-2018-15127)
NULL Pointer Dereference in crop_page function of PoDoFo 0.9.6
CSV Injection in Recon-ng before 4.9.5 allows Remote Code Execution
Kaseya VSA RMM Remote Code Execution Vulnerability
Cross-Site Scripting (XSS) Vulnerability in MODX Revolution User Photo Field
Cross-Site Scripting (XSS) Vulnerability in MODX Revolution through v2.7.0-pl
Cross-Site Scripting (XSS) in MODX Revolution through v2.7.0-pl via Extended User Fields
Cross-Site Scripting (XSS) in MODX Revolution User Settings
Out-of-Bounds Write Vulnerability in GPAC 0.7.1 and Earlier
Buffer Overflow Vulnerability in GPAC Version 0.7.1 and Earlier
Buffer Overflow Vulnerability in GPAC Version 0.7.1 and Earlier
Out-of-Bounds Write Vulnerability in GPAC 0.7.1 and Earlier
Buffer Overflow Vulnerability in HelpSystems tcpcrypt on Linux for BoKS Encrypted Telnet
Authenticated Remote Command Execution Vulnerability on Xerox WorkCentre Devices
Remote Code Execution Vulnerability on Xerox WorkCentre Devices
Local File Inclusion Vulnerability on Xerox WorkCentre Devices
Blind SQL Injection Vulnerability in Xerox WorkCentre Devices
Unauthenticated Remote Command Execution Vulnerability on Xerox WorkCentre Devices
Remote Code Execution in Frog CMS 0.9.5 via admin/?/layout/edit/1 URI
Remote Code Execution Vulnerability in Frog CMS 0.9.5 via admin/?/page/edit/1
XSS Vulnerability in Frog CMS 0.9.5 via admin/?/layout/edit/1 Body Field
Remote Code Execution in Frog CMS 0.9.5 via admin/?/plugin/file_manager Vulnerability
Directory Listing Vulnerability in Frog CMS 0.9.5
XSS Vulnerability in Frog CMS 0.9.5 via admin/?/snippet/edit/1 Body Field
Cross-Site Scripting (XSS) Vulnerability in Frog CMS 0.9.5 via admin/?/plugin/file_manager
SQL Injection Vulnerability in Traq 3.7.1 via tickets?search= URI
CSRF Vulnerability in Traq 3.7.1 Allows Creation of Admin Account
Exposure of User Password in GNOME Keyring
IPN Message Mishandling Vulnerability in GloBee Plugin for WooCommerce
Buffer Over-read Vulnerability in PHAR Reading Functions
Denial of Service Vulnerability in Linux Kernel's Fair Scheduler
Vulnerability: Secure Boot Bypass and Memory Extraction on Neato Botvac Connected 2.2.0 Devices
Out-of-Memory Denial of Service Vulnerability in libvterm
Integer Overflow and OOPS Vulnerability in ft5x46 Touchscreen Driver on Xiaomi MIX 3
Integer Overflow Vulnerability in LED Driver on Xiaomi Redmi 6pro
Arbitrary Directory Deletion Vulnerability in tecrail Responsive FileManager 9.13.4
Arbitrary File Deletion Vulnerability in tecrail Responsive FileManager 9.13.4
XSS Vulnerability in tecrail Responsive FileManager 9.13.4 via Media File Upload
Arbitrary File Read Vulnerability in tecrail Responsive FileManager 9.13.4
Arbitrary File Write Vulnerability in tecrail Responsive FileManager 9.13.4
Arbitrary Image File Write Vulnerability in tecrail Responsive FileManager 9.13.4
Arbitrary File Read Vulnerability in tecrail Responsive FileManager 9.13.4
Uncontrolled Recursion Vulnerability in GNU C Library (glibc) through 2.29
Excessive Memory Allocation Vulnerability in PoDoFo 0.9.6
Incompatible Block Durations in pfSense 2.4.4_1 and sshguard Vulnerability
Inconsistent Blocking of Source IP Addresses in pfSense 2.4.4_1 for Failed Authentication
Data Loss Vulnerability in Open Ticket Request System (OTRS) 5.0.31 and 6.0.13
Regular Expression Denial of Service (ReDoS) in Highcharts JS SVGRenderer Component
Compound Index Denial of Service Vulnerability in MongoDB Server
Denial of Service Vulnerability in MongoDB Server Versions Prior to 4.0.5, 3.6.10, and 3.4.19
Denial of Service Vulnerability in MongoDB Server Versions 3.6 and 4.0
MongoDB Server Denial of Service Vulnerability
Cross-Site Scripting (XSS) Vulnerability in Phamm 0.6.8 Login Page
Cross-Site Scripting (XSS) Vulnerability in Pulse Secure Pulse Connect Secure (PCS) 8.1.x before 8.1R12, 8.2.x before 8.2R9, and 8.3.x before 8.3R3
Improper Header Sanitization in Pulse Secure Pulse Connect Secure 8.3RX before 8.3R3 (XSS Vulnerability)
Denial of Service Vulnerability in Pulse Secure Pulse Connect Secure (PCS) and Pulse Policy Secure (PPS)
Insecure Session Data Encryption in Pulse Secure Pulse Connect Secure (PCS) and Pulse Policy Secure (PPS)
Hidden RPC Service Vulnerability in Pulse Secure Pulse Connect Secure 8.3RX and 8.1RX
IPv6 DNS Traffic Leakage Vulnerability
Input Validation Issue in Pulse Secure Pulse Connect Secure 8.3RX before 8.3R2: login_meeting.cgi Vulnerability
Cross-Site Scripting (XSS) Vulnerability in Pulse Secure Pulse Connect Secure (PCS) and Pulse Policy Secure (PPS)
Buffer Overflow Risk in QEMU 3.1.0's load_device_tree Function
XSS and CSRF Vulnerability in SalesAgility SuiteCRM Allows Session Hijacking
Remote Code Execution Vulnerability in Activision Infinity Ward Call of Duty Games
Buffer Overflow Vulnerability in OpenPLC Controller: Potential Runtime Crash and Unspecified Impact
Heap-based Buffer Overflow in Dropbox Lepton 1.2.1 JPEG Decompression Component
Integer Overflow Vulnerability in read_ujpg Function of Dropbox Lepton 1.2.1
Denial-of-Service Vulnerability in LibSass Parsing Component
Denial-of-Service Vulnerability in LibSass 3.5.4
Xiaomi Mi 5s Gyroscope Vulnerability: MEMS Ultrasound Attack
Cross-Site Scripting (XSS) Vulnerability in Jira WallboardServlet
Unauthenticated Remote Attackers Can Set Reporter in Jira Issues via Missing Authorization Check
Cross-Site Scripting (XSS) Vulnerability in Jira Activity Stream Gadget
Arbitrary File Overwrite Vulnerability in node-tar
Arbitrary File Overwrite Vulnerability in tar-fs before 1.16.2
Race Condition Leading to Use-After-Free in sas_expander.c
XSS Vulnerability in Typesetter 5.1: index.php/Admin/Menu/Ajax?cmd=AddHidden
Stored XSS vulnerability in ampforwp_save_steps_data in AMP for WP plugin (<=0.9.97.21) for WordPress.
Cleartext Password Vulnerability in systemd 242
Unhandled Exception Vulnerability in Google Sign-In with Google API C++ Client
Remote Command Execution Vulnerability in HooToo TripMate Titan HT-TM05 and HT-05 Routers
Denial-of-Service Vulnerability in libexpat XML Parser
Division-by-zero vulnerabilities in pi_next_pcrl, pi_next_cprl, and pi_next_rpcl functions in OpenJPEG through 2.3.0: Remote Denial of Service
Denial of Service Vulnerability in OpenJPEG through 2.3.0
Integer Overflow in opj_get_encoding_parameters in OpenJPEG through 2.3.0
CSRF and XSS Vulnerability in Advisto PEEL SHOPPING 9.0.0
Arastta eCommerce 1.6.2 XSS Vulnerability in Login URI via PATH_INFO
Self-XSS vulnerability in Stormshield Network Security's Command Line Interface (CLI)
Agent Privilege Escalation in Helpy before 2.2.0
Improper Validation of Domain in Python Cookiejar Library
MailPoet Newsletters Plugin Vulnerable to SPAM Attacks
Off-by-one Error in Linux Kernel's Ocelot SerDes PHY Driver Leads to Out-of-bounds Read
Stack Memory Leak in mlx5_ib_create_qp_resp in Linux Kernel
Use-after-free vulnerability in Linux kernel before 4.18.7
XML Comment Attack in Zendesk Samlr Plugin Allows User Enumeration
Pre-2018 Recommender Vulnerability: Cross-Site Scripting (XSS) Exploit
Cross-Site Scripting (XSS) Vulnerability in edx-platform before 2018-07-18 via Chemical Equation Advanced Problem Response
Crash Vulnerability in libopenmpt with Malformed MED Files
Crash Vulnerability in libopenmpt before 0.3.11 with Malformed Custom Tunings in MPTM Files
Insecure Password Changes in cPanel (SEC-366)
Arbitrary Code Execution via Mailing-List Attachments in cPanel (SEC-452)
Persistent Virtual FTP Accounts Vulnerability in cPanel (SEC-454)
Self XSS vulnerability in cPanel's WHM Additional Backup Destination field (SEC-459)
Stored XSS Vulnerability in cPanel's Reset a DNS Zone Feature (SEC-461)
Open Redirect Vulnerability in cPanel before 76.0.8 (SEC-462)
Stored XSS Vulnerability in cPanel's WHM MultiPHP Manager Interface (SEC-464)
Arbitrary Code Execution Vulnerability in cPanel (SEC-465)
Debug Logging Enabled in cPanel WebDAV Transport Feature (SEC-467)
Weak File Permissions in Univa Grid Engine Docker Jobs with root_squash Spooling (GE-6890)
CSRF Vulnerability in DrayTek Routers Allows Unauthorized DNS and DHCP Settings Modification
Local Privilege Escalation Vulnerability in cPanel (SEC-409)
Self XSS vulnerability in cPanel's WHM Create a New Account interface (SEC-428)
Self XSS vulnerability in cPanel's WHM Security Questions interface (SEC-433)
Self XSS vulnerability in cPanel Site Software Moderation interface (SEC-434)
Self XSS vulnerability in cPanel's WHM Style Upload interface (SEC-437)
Stored XSS Vulnerability in cPanel WHM File and Directory Restoration Interface (SEC-441)
Arbitrary Code Execution Vulnerability in cPanel (SEC-444)
Account Suspension Vulnerability in cPanel (SEC-445)
Self-stored XSS vulnerability in cPanel before 74.0.8 on Security Questions login page (SEC-446)
Arbitrary File-Write Vulnerability in cPanel (SEC-447)
FTP Access Vulnerability in cPanel before 74.0.8 (SEC-449)
Stored XSS Vulnerability in cPanel WHM File Restoration Interface (SEC-367)
Apache HTTP Server Configuration Injection in cPanel (SEC-416)
Insecure Storage of phpMyAdmin Session Files in cPanel (SEC-418)
SQL Injection Vulnerability in cPanel Database Backups (SEC-420)
Root Account File Modification Vulnerability in cPanel (SEC-424)
File-read vulnerability in cPanel before 74.0.0 via password file caching (SEC-425)
Arbitrary Zone File Modifications Vulnerability in cPanel (SEC-426)
Arbitrary File-Read Vulnerability in cPanel File Restoration (SEC-436)
Arbitrary Zone File Modifications in cPanel (SEC-439)
Insecure File-Rename Operations in cPanel (SEC-442)
Local User Access to Web-site Contents via Git Repositories in cPanel (SEC-443)
API Tokens Retain Access Control Lists (ACLs) After Removal from Corresponding Accounts (SEC-393)
Code Injection Vulnerability in cPanel WHM cPAddons Interface (SEC-394)
Arbitrary File-Unlink Vulnerability in cPanel's cPAddons Moderation System (SEC-395)
Email Injection Vulnerability in cPanel's cPAddons Moderation (SEC-396)
Stored XSS Vulnerability in cPanel WHM cPAddons Installation Interface (SEC-398)
Stored XSS Vulnerability in cPanel YUM Autorepair Functionality (SEC-399)
Remote-Stored XSS Vulnerability in cPanel WHM Save Theme Interface (SEC-400)
ClamAV Installation Vulnerability Allows Unauthorized Access to Root's Crontab File (SEC-408)
Self XSS vulnerability in cPanel's WHM Backup Configuration interface (SEC-421)
Bypassing Cron Feature Restriction in cPanel (SEC-427)
Bypassing Backup Feature Restriction in cPanel (SEC-429)
Bypassing Images Feature Restriction in cPanel (SEC-430)
Unrestricted Mime::list_hotlinks API Access in cPanel (SEC-432)
Arbitrary File-Read Vulnerability in cPanel (SEC-435)
Arbitrary File-Chmod Vulnerability in cPanel Legacy Incremental Backups (SEC-338)
Self XSS vulnerability in cPanel's WHM cPAddons showsecurity Interface (SEC-357)
Code Execution Vulnerability in cPanel (SEC-359)
Vulnerability: Code Execution in cPanel Demo Accounts via Awstats (SEC-362)
Root Accesshash Disclosure in cPanel before 70.0.23 via WHM /cgi/trustclustermaster.cgi (SEC-364)
OpenID Injection Vulnerability in cPanel (SEC-368)
Stored XSS Vulnerability in cPanel's WHM Edit DNS Zone Action (SEC-369)
Stored XSS Vulnerability in cPanel's WHM Edit MX Entry (SEC-370)
cPanel Vulnerability: Unauthorized Disabling of Solr (SEC-371)
Stored XSS Vulnerability in cPanel WHM DNS Cluster (SEC-372)
Stored XSS Vulnerability in cPanel's WHM Create Account Action (SEC-373)
Stored XSS Vulnerability in cPanel's WHM Edit DNS Zone Action (SEC-374)
Stored XSS Vulnerability in cPanel's Delete a DNS Zone Action (SEC-375)
Stored XSS Vulnerability in cPanel's WHM DNS Cleanup Action (SEC-376)
Stored XSS Vulnerability in cPanel's WHM Synchronize DNS Records Action (SEC-377)
Arbitrary File Read and Unlink Vulnerability in cPanel (SEC-378)
Local Privilege Escalation in cPanel via WHM Legacy Language File Upload Interface (SEC-379)
Local Privilege Escalation in cPanel via WHM Locale XML Upload Interface (SEC-380)
Jailshell Escape Vulnerability in cPanel (SEC-382)
Stored XSS Vulnerability in cPanel's cpaddons Vendor Interface (SEC-391)
Open Redirect Vulnerability in cPanel (SEC-392)
Htaccess Restrictions Bypass in cPanel (SEC-401)
cPanel Landing Page Code Execution Vulnerability
Apache HTTP Server Log Exposure Vulnerability in cPanel (SEC-406)
Stored XSS Vulnerability in cPanel's WHM Edit DNS Zone Action (SEC-410)
Unowned Account Suspension Vulnerability in cPanel (SEC-411)
Stored XSS Vulnerability in cPanel via WHM Reset a DNS Zone Action (SEC-412)
SRS Secret Disclosure Vulnerability in cPanel (SEC-308)
Insecure Database and Dbuser Renaming in cPanel (SEC-321)
Insecure Ownership Enforcement in cPanel API Calls (SEC-324)
Directory Traversal Vulnerability in cPanel (SEC-339)
cPanel Backup Enablement Vulnerability (SEC-342)
Arbitrary File-Read Vulnerability in cPanel (SEC-349)
cPanel Vulnerability: Unauthorized Access to Root's Crontab File (SEC-351)
cPanel Pre-68.0.27 Vulnerability: Unauthorized Access to Root's Crontab File (SEC-352)
cPanel before 68.0.27 Vulnerability: Unauthorized Access to httpd.conf during Syntax Test (SEC-353)
Insecure File Operations Vulnerability in bin/csvprocess in cPanel before 68.0.27 (SEC-354)
World-readable archive vulnerability in cPanel before 68.0.27 (SEC-355)
Insecure File Write Vulnerability in cPanel (SEC-356)
Self XSS vulnerability in cPanel Backup Restoration (SEC-383)
Self XSS vulnerability in cPanel's WHM Apache Configuration Include Editor (SEC-385)
Self-stored XSS Vulnerability in cPanel WHM Account Transfer (SEC-386)
Self XSS vulnerability in cPanel's WHM Spamd Startup Config (SEC-387)
World-readable file vulnerability in cPanel before 68.0.27 via WHM Apache Includes Editor (SEC-388)
Self XSS vulnerability in cPanel's WHM listips interface (SEC-389)
Insecure Encryption Handling in Mailpile: Allowing Disabled, Revoked, and Expired Keys
Swann SWWHD-INTCAM-HD Devices: FTP Access as Root via Twipc Root Password Vulnerability
Security Vulnerability: Swann SWWHD-INTCAM-HD Devices Log PSK After Factory Reset
Replay Attack Vulnerability in Tapplock Bluetooth Low Energy (BLE) Subsystem
Tapplock Vulnerability: MAC Address-based Key Derivation in Bluetooth Low Energy (BLE) Subsystem
Jura E8 Bluetooth Vulnerability: Unsecured Connection Exposes Devices to Attacks
Bluetooth Security Vulnerability Found in Nespresso Prodigio Devices
Double Free Vulnerability in Linux Kernel's f_midi_set_alt Function
XSS Vulnerability in Backpack\CRUD Backpack Component for Laravel
XSS Vulnerability in WordPress Contact Form to Email Plugin (<=1.2.66)
CSRF Vulnerability in Contact-Form-to-Email Plugin for WordPress
XSS Vulnerability in Ultimate Member Plugin for WordPress (Version < 2.0.4)
XSS Vulnerability in WooCommerce-Jetpack Plugin's Products Per Page Feature
CSRF Vulnerability in wp-ultimate-csv-importer Plugin for WordPress
CSRF Vulnerability in wp-ultimate-exporter Plugin for WordPress
Unrestricted Command Execution in GNU Patch through 2.7.6
Multiple XSS Vulnerabilities in pdf-print Plugin for WordPress
CSRF Vulnerability in Church-Admin Plugin for WordPress Allows Unauthorized Bible Reading Plan Upload
CSRF Vulnerability in Companion Auto Update Plugin for WordPress
Local File Inclusion Vulnerability in Companion Auto Update Plugin for WordPress
CSRF Vulnerability in js-jobs Plugin for WordPress
XSS Vulnerability in Fat Free CRM Tags Helper
Use After Free Vulnerability in XFS File System Initialization
XSS Vulnerability in all-in-one-schemaorg-rich-snippets Plugin for WordPress
XSS Vulnerability in wp-all-import Plugin for WordPress (Version < 3.4.7)
Privilege Escalation Vulnerability in Contact Form 7 Plugin for WordPress
Parameter Tampering Vulnerability in Ninja Forms Plugin for WordPress
Insufficient Restrictions on Submission-Data Retrieval in Ninja Forms Plugin for WordPress
Cross-Site Scripting (XSS) Vulnerability in Media Library Assistant Plugin for WordPress
XSS Vulnerability in wp-retina-2x Plugin for WordPress (<=5.2.3)
Patreon-Connect Plugin for WordPress: Object Injection Vulnerability
Local File Inclusion Vulnerability in wp-payeezy-pay Plugin for WordPress
XSS Vulnerability in Advanced Custom Fields Plugin for WordPress
PHP Object Injection Vulnerability in Newsletters-Lite Plugin for WordPress
Eval Injection Vulnerability in wpgform Plugin for WordPress
Integer Underflow and Panic Vulnerability in untrusted crate (Rust)
Arbitrary File Overwrite Vulnerability in Rust Tar Crate
Double Free Vulnerability in smallvec Crate
Uninitialized Memory Exposure in Claxon Crate
Uncontrolled Recursion Vulnerability in yaml-rust Crate
Infinite Recursion Vulnerability in trust-dns-proto Crate
Memory Corruption Vulnerability in slice-deque Crate: Mishandling of Deque Updates in move_head_unchecked
Double Free Vulnerability in Crossbeam Crate
Use-after-free vulnerability in CMS Signing in openssl crate before 0.10.9 for Rust
Memory Corruption Vulnerability in arrayfire Crate
Incorrect Results Caused by reset() Calls in Orion Crate
Heap Memory Corruption Due to Incorrect Constructor Argument Order
XSS Vulnerability in anycomment Plugin for WordPress (Version < 0.0.33)
CSRF Vulnerability in js-support-ticket Plugin for WordPress
SQL Injection Vulnerability in BuddyForms Plugin for WordPress
SQL Injection Vulnerability in rsvpmaker Plugin for WordPress
Code Injection Vulnerability in bbp-move-topics Plugin for WordPress
CSRF Vulnerability in bbp-move-topics Plugin for WordPress
Unrestricted Access to Supportive XL Folders in Woo-Confirmation-Email Plugin for WordPress
Use-after-free vulnerability in rsi_mac80211_detach function in Linux kernel
Integer Overflow in Poppler's Parser::makeStream in Parser.cc
Heap Buffer Overflow in color_apply_icc_profile in OpenJPEG
Unauthenticated Access to User and Donation Details in Charitable Plugin for WordPress
XSS Vulnerability in cf7-invisible-recaptcha Plugin for WordPress
Incorrect Access Control in Swape Theme for WordPress Allows Unauthorized Administrator Account Creation via xmlPath
Stored XSS Vulnerability in BuddyBoss-Media Plugin for WordPress
NULL Pointer Dereference in AVC_DuplicateConfig() Function in GPAC 0.7.1
Denial of Service Vulnerability in GPAC 0.7.1
Memory Leak in dinf_Read in GPAC 0.7.1
Timeout Mishandling in Mastodon before 2.6.3
Information Disclosure Vulnerability in Home Assistant (CVE-2018-12345)
PHP Type Juggling Vulnerability in Centreon Web Allows Authentication Bypass
SQL Injection Vulnerability in img_gantt.php in Centreon Web before 2.8.27
SQL Injection in makeXML_ListServices.php in Centreon Web before 2.8.28 via host_id parameter
Arbitrary Code Execution in Centreon Web via ns_id Parameter
Arbitrary File Upload Vulnerability in Centreon Web before 2.8.27
Privilege Escalation Vulnerability in Centreon VM through 19.04.3
Unauthenticated Remote Information Disclosure Vulnerability in Hitachi Command Suite
Remote Code Execution via Out-of-Memory (OOM) Vulnerability in Boa Web Server
Memory Leak Vulnerability in Boa Web Server (0.94.14rc21)
Vulnerability: Lack of Hostname Validation in systemd 239-245 for DNS Over TLS
Lack of Content Security Policy (CSP) Header in Jupyter Notebook before 5.5.0 Allows XSS Payload in SVG Documents
Remote Access Control Bypass in Tautulli Versions 2.1.38 and Below
Exposure of Technical Information through Error Messages in Hitachi Command Suite and Hitachi Automation Director
Arbitrary CSS Token Sequence Loading Vulnerability in Hitachi Command Suite, Automation Director, and Infrastructure Analytics Advisor
Arbitrary Access to Secrets and Manifests in Argo Git Storage
WebSocket Denial of Service Vulnerability in Qt
Denial of Service Vulnerability in Sails.js before v1.0.0-46
CSRF Vulnerability in Subrion CMS 4.1.5 Allows Unauthorized Password Change
Authentication Bypass Vulnerability in Samsung Secure Folder App (SVE-2018-11628)
Lockscreen Bypass Vulnerability on Samsung Mobile Devices with N(7.0) Software
Race Condition and Use-After-Free Vulnerability in Samsung Exynos 9810 Chipsets (SVE-2018-12959)
Unauthenticated Access to Gallery in Secure Folder on Samsung Mobile Devices (SVE-2018-13057)
Arbitrary APK Installation Vulnerability on Samsung Mobile Devices
Information Disclosure Vulnerability in Samsung Exynos 9810 Chipsets (SVE-2018-13035)
Buffer Overflow Vulnerability in Samsung Mobile Devices' sem Trustlet
Clipboard Access Vulnerability on Samsung Mobile Devices
Clipboard Data Exposure via Emergency Dialer on Samsung Mobile Devices
Factory Reset Protection (FRP) Bypass Vulnerability on Samsung Mobile Devices with O(8.x) Software
Notification Leak Vulnerability on Samsung Mobile Devices in Standalone Dex Mode
Arbitrary Memory Write Vulnerability in Samsung Mobile Devices with Exynos Chipsets (SVE-2018-12881)
Buffer Overflow Vulnerability in Samsung Exynos Chipsets (SVE-2018-12852)
Invalid Free Vulnerability in Samsung Fingerprint Trustlet (SVE-2018-12853)
Arbitrary Code Execution Vulnerability in Samsung Mobile Devices with Exynos Chipsets (SVE-2018-12855)
Clipboard Access Vulnerability on Samsung Mobile Devices with N(7.x), O(8.x), and P(9.0) Software
eCryptFS Integer Underflow Buffer Overflow Vulnerability
Rooting Vulnerability on Samsung Mobile Devices with N(7.0) Software
Smartwatch Secure Folder Notification Content Disclosure Vulnerability
Stack-based Buffer Overflow in Shannon Baseband on Samsung Mobile Devices (SVE-2018-12757)
Cache Attacks on Samsung Mobile Devices with Exynos Chipsets
Clipboard Content Visibility in Locked State via Emergency Contact Picker on Samsung Mobile Devices (SVE-2018-11806)
Keyboard Learned Words Leak via Emergency Contact Picker on Samsung Mobile Devices
Fake Charger Vulnerability on Samsung Mobile Devices
Vulnerability: Unauthorized Access to Locked Secure Folder Content on Samsung Mobile Devices
Keymaster Vulnerability in Samsung Exynos Chipsets
Array Overflow Vulnerability in Samsung Mobile Devices (SVE-2017-11816)
Integer Underflow Vulnerability in Samsung Mobile Devices (SVE-2017-11855)
Buffer Overflow Vulnerability in Samsung Mobile Devices with M(6.0) Software
Information Disclosure Vulnerability in Samsung Trustlet (SVE-2018-11600)
Vulnerability: Unauthorized Access to Secure Folder via Split Screen on Samsung Mobile Devices
Information Disclosure Vulnerability in MediaTek Driver on Samsung Mobile Devices
Samsung Mobile Devices with MSM8998 or SDM845 Chipsets Secure Boot Bypass Vulnerability
Unprotected Intent Vulnerability on Samsung Mobile Devices (SVE-2018-11633)
Exynos Kernel Driver Out-of-Bounds Read/Write Vulnerability (SVE-2018-11358)
Clipboard Access Vulnerability on Samsung Mobile Devices
Information Disclosure Vulnerability in Samsung Mobile Devices (SVE-2017-10638)
Unintended Path Class Loading Vulnerability in Samsung Call+ Application (SVE-2017-10886)
Information Disclosure Vulnerability in Samsung Secure Driver on Exynos8890/8895 Chipsets
Clipboard Content Disclosure Vulnerability in Samsung Mobile Devices
Insecure SS and USSD Codes in Samsung Contacts Application (SVE-2018-11469)
Kernel Pointer Leak in Samsung USB Gadget Driver (SVE-2017-10993)
NFC Lockscreen Bypass Vulnerability on Samsung Mobile Devices
Unauthorized Permission Access in Samsung Dual Messenger
Dex Station App Pinning and Lock-Screen Bypass Vulnerability
Information Disclosure Vulnerability in Samsung Mobile Devices (SVE-2017-11175)
Race Condition and Read-After-Free Vulnerability in Samsung Mobile Devices (SVE-2017-11174)
Race Condition and Use-After-Free Vulnerability in Samsung Mobile Devices (SVE-2017-11176)
Race Condition and Double Free Vulnerability in Samsung Mobile Devices (SVE-2017-11177)
Samsung Mobile Devices vnswap Heap-Based Buffer Overflow Vulnerability
Unprotected System Service in InputMethodManagerService on Samsung Mobile Devices (SVE-2017-9995)
Integer Overflow Vulnerability in Samsung Mobile Devices (SVE-2017-10732)
Exynos Modem Chipset Baseband Buffer Overflow Vulnerability
System Crash via Abnormal Exception Handling on Samsung Mobile Devices (SVE-2017-10906)
Crafted AT Command Vulnerability on Samsung Mobile Devices via NFC Tag
Stack-based Buffer Overflow Vulnerability in Multiple NETGEAR Devices
Vulnerability: Incorrect Configuration of Security Settings in Certain NETGEAR Devices
Stored XSS Vulnerability in NETGEAR SRR60 and SRS60 Devices
CSRF Vulnerability in Certain NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Command Injection Vulnerability in NETGEAR R7800 Devices
Command Injection Vulnerability in NETGEAR R7800 Devices
Command Injection Vulnerability in NETGEAR R7800 Devices
Command Injection Vulnerability in NETGEAR R7800 Devices
CSRF Vulnerability in NETGEAR ReadyNAS Devices
Command Injection Vulnerability in NETGEAR R7800 Devices
Command Injection Vulnerability in NETGEAR R7800 Devices
Command Injection Vulnerability in NETGEAR R7800 Devices
Command Injection Vulnerability in NETGEAR R7800 Devices
Command Injection Vulnerability in NETGEAR R7800 Devices
Command Injection Vulnerability in NETGEAR R7800 Devices
Command Injection Vulnerability in NETGEAR R7800 Devices
Command Injection Vulnerability in NETGEAR R7800 Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Command Injection Vulnerability in NETGEAR Devices
Command Injection Vulnerability in Certain NETGEAR Devices
Command Injection Vulnerability in Certain NETGEAR Devices
Critical Remote Code Execution Vulnerability in NETGEAR XR500 Devices
Remote Code Execution Vulnerability in NETGEAR XR500 Devices
Remote Code Execution Vulnerability in NETGEAR XR500 Devices
Authentication Bypass Vulnerability in NETGEAR XR500 Devices
Command Injection Vulnerability in NETGEAR WAC505 and WAC510 Devices
CSRF Vulnerability in Certain NETGEAR Devices
Authentication Bypass Vulnerability in NETGEAR Devices
Denial of Service Vulnerability in NETGEAR Devices
Command Injection Vulnerability in NETGEAR Devices
Privilege Escalation Vulnerability in NETGEAR WAC510 Devices
Authentication Bypass Vulnerability in NETGEAR WAC510 Devices
Command Injection Vulnerability in NETGEAR WAC505 and WAC510 Devices
Command Injection Vulnerability in NETGEAR WAC505 and WAC510 Devices
Authentication Bypass Vulnerability in NETGEAR WAC505 and WAC510 Devices
Sensitive Information Disclosure Vulnerability in NETGEAR WAC505 and WAC510 Devices
Command Injection Vulnerability in NETGEAR WAC505 and WAC510 Devices
Unauthenticated Firmware Downgrade Vulnerability in NETGEAR WAC505 and WAC510 Devices
Authentication Bypass Vulnerability in NETGEAR WAC505 and WAC510 Devices
Stack-Based Buffer Overflow Vulnerability in NETGEAR WAC505 and WAC510 Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Sensitive Information Disclosure Vulnerability in NETGEAR D3600 and D6000 Routers
Critical Vulnerability: Hardcoded Password in NETGEAR D3600 and D6000 Routers
NETGEAR D3600 and D6000 Devices Vulnerable to Incorrect Security Configuration
Disclosure of Sensitive Information Vulnerability in Multiple NETGEAR Devices
NETGEAR D3600 and D6000 Devices Vulnerable to Incorrect Security Configuration
Denial of Service Vulnerability in Certain NETGEAR Devices
Denial of Service Vulnerability in Certain NETGEAR Devices
Sensitive Information Disclosure in NETGEAR GS810EMX Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Command Injection Vulnerability in NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Buffer Overflow Vulnerability in NETGEAR Devices
Command Injection Vulnerability in NETGEAR Devices
Buffer Overflow Vulnerability in Multiple NETGEAR Devices
Command Injection Vulnerability in NETGEAR Devices
Stored XSS Vulnerability in Certain NETGEAR Devices
Buffer Overflow Vulnerability in Multiple NETGEAR Devices
Command Injection Vulnerability in Certain NETGEAR Devices
Incorrect Configuration of Security Settings in NETGEAR R7800 Devices
Insecure Configuration of Security Settings in NETGEAR ReadyNAS Devices
CSRF Vulnerability in NETGEAR ReadyNAS Devices
Vulnerability: Incorrect Security Settings Configuration in NETGEAR Devices
Command Injection Vulnerability in Certain NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Command Injection Vulnerability in NETGEAR R6220 and WNDR3700v5 Devices
Denial of Service Vulnerability in Certain NETGEAR Devices
Denial of Service Vulnerability in Certain NETGEAR Devices
Stored XSS Vulnerability in Multiple NETGEAR Devices
Sensitive Information Disclosure Vulnerability in Certain NETGEAR Devices
Incorrect Configuration of Security Settings in Certain NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Stack-based buffer overflow vulnerability in certain NETGEAR devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in NETGEAR Devices
Stack-Based Buffer Overflow Vulnerability in NETGEAR R7800 and R9000 Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Command Injection Vulnerability in NETGEAR Devices
Reflected XSS Vulnerability in Certain NETGEAR Devices
Buffer Overflow Vulnerability in Multiple NETGEAR Devices
Buffer Overflow Vulnerability in Certain NETGEAR Devices
Buffer Overflow Vulnerability in Multiple NETGEAR Devices
Buffer Overflow Vulnerability in Certain NETGEAR Devices
Buffer Overflow Vulnerability in Certain NETGEAR Devices
Buffer Overflow Vulnerability in Certain NETGEAR Devices
Buffer Overflow Vulnerability in NETGEAR Devices
Buffer Overflow Vulnerability in NETGEAR Devices
Buffer Overflow Vulnerability in Certain NETGEAR Devices
Buffer Overflow Vulnerability in Certain NETGEAR Devices
Buffer Overflow Vulnerability in Certain NETGEAR Devices
Buffer Overflow Vulnerability in NETGEAR Devices
Buffer Overflow Vulnerability in Certain NETGEAR Devices
Buffer Overflow Vulnerability in Certain NETGEAR Devices
Buffer Overflow Vulnerability in Certain NETGEAR Devices
Command Injection Vulnerability in Multiple NETGEAR Devices
Authentication Bypass Vulnerability in NETGEAR Devices
Command Injection Vulnerability in Certain NETGEAR Devices
Command Injection Vulnerability in Certain NETGEAR Devices
Insecure Configuration Vulnerability in NETGEAR Devices
Incorrect Configuration of Security Settings in Certain NETGEAR Devices
Incorrect Configuration of Security Settings in Multiple NETGEAR Devices
Uncontrolled Recursion in find_fixed_tags Leads to Stack Consumption in re2c before 2.0
Integer Overflow Vulnerability in TensorFlow BMP Decoder
Deserialization of Untrusted JSON Data in Jodd before 5.0.4 with setClassMetadataName
Authentication Bypass and Information Disclosure Vulnerability in Foxit E-mail Advertising System
NULL Pointer Dereference Vulnerability in Foxit Reader
NTLM Credential Theft via GoToE or GoToR Action in Foxit PhantomPDF
Memory Consumption Vulnerability in Foxit PhantomPDF
NTLM Credential Theft Vulnerability in Foxit Reader and PhantomPDF
Memory Consumption Vulnerability in Foxit Reader and PhantomPDF
Untrusted Search Path Vulnerability in Foxit PhantomPDF
Remote Code Execution via GoToE or GoToR Action in Foxit PhantomPDF
COM Object Mishandling in Foxit PhantomPDF with Microsoft Word
Arbitrary Application Execution via Embedded Executable in Foxit PhantomPDF PDF Portfolio (FG-VD-18-029)
HTTP Request Smuggling Vulnerability in Pound 2.8
Authentication Bypass in Caddy Server (CVE-2018-12686)
Information Leak in LibVNCServer's ConnectToRFBRepeater Function
Authentication Credential Mishandling Vulnerability
Timing Mishandling Vulnerability in Mattermost Server
Denial of Service Vulnerability in Mattermost Server
Authorization Bypass Vulnerability in Mattermost Server
Multiple E-mail Address Bypass Vulnerability in Mattermost Server
Unauthorized User Invitation Vulnerability
Bypassing Access Control via Message Slash Command in Mattermost Server
Channel Modification Vulnerability
Bypassing Access Restrictions via Group Message Slash Command
Bypassing Access Restrictions via Channel Header Slash Command API in Mattermost Server
Denial of Service Vulnerability in Mattermost Server via invite_people Slash Command
Denial of Service Vulnerability in Mattermost Server
WebSocket Privacy Violation in Mattermost Server
Excessive Invitation Privileges in Mattermost Server
Denial of Service Vulnerability in Mattermost Server 4.7.3
Authentication Bypass via Crafted SAML Response in Mattermost Server
SAML Response Expiration Date Enforcement Vulnerability
Same Origin Policy Mishandling in Mattermost Desktop App
Remote Command Injection Vulnerability in Node.js Traceroute Package
Symlink Vulnerability in OpenRC's checkpath Function
Out-of-Bounds Read Vulnerability in Node.js stringstream Module (Versions < 0.0.6)
Missing Authentication Check in SAP Startup Service and SAP KERNEL 7.45, 7.49, and 7.52
Excessive Authorization in SAP Solution Manager 7.20 Role SAP_BPO_CONFIG
SAP HANA Remote Information Disclosure Vulnerability
Arbitrary Code Execution Vulnerability in SAP NetWeaver and SAP BASIS
Cross-Site Scripting (XSS) Vulnerability in SAP CRM WebClient UI and S4FND
Cross-Site Scripting (XSS) vulnerability in SAP NetWeaver Portal, WebDynpro Java, 7.30-7.50
Path Traversal Vulnerability in SAP Business Process Automation (BPA) By Redwood 9.0 and 9.1
Insufficient Path Validation in ABAP File Interface in SAP BASIS
Unauthenticated Access Vulnerability in SAP NetWeaver System Landscape Directory
SAP HANA Unauthenticated Information Disclosure Vulnerability
SSRF Vulnerability in SAP Central Management Console, BI Launchpad, and Fiori BI Launchpad
SAP Netweaver AS Java Web Application 7.50 SAML 2.0 Service Provider XSS Vulnerability
Insecure Logging of Keystore Password in SAP HANA Extended Application Services, 1.0
Unauthenticated SQL Injection Vulnerability in SAP HANA Extended Application Services, 1.0
Sensitive Data Exposure in SAP HANA Extended Application Services 1.0
Unauthorized Access to Application Environments in SAP HANA Extended Application Services
Unauthorized Access to Application Environments in SAP HANA Extended Application Services
Unauthorized Access to Server Statistics and Status Information in SAP HANA Extended Application Services 1.0
Unauthorized Access to Statistical Data in SAP HANA Extended Application Services
SAP HANA Extended Application Services 1.0 Username Validation Vulnerability
Insufficient Path Validation Vulnerability in SAP CRM
Privilege Escalation Vulnerability in SAP ERP Financials Information System
SAP Internet Graphics Server Vulnerability: Unauthorized Access to System Area
Reflected Cross-Site Scripting Vulnerability in SAP Internet Graphics Server Versions 7.20, 7.20EXT, 7.45, 7.49, 7.53
Null Pointer Dereference Vulnerability in SAP Internet Graphics Server
Denial of Service Vulnerability in SAP Internet Graphics Server
Buffer Overflow Vulnerability in SAP Internet Graphics Server (IGS) 7.20, 7.20EXT, 7.45, 7.49, 7.53
SAP Internet Graphics Server Information Disclosure Vulnerability
SAP Internet Graphics Server: Stored Cross-Site Scripting Vulnerability
Log File Injection Vulnerability in SAP Internet Graphics Server (IGS)
Denial of Service Vulnerability in SAP Internet Graphics Server (IGS) Chart Service
IGS Portwatcher Service Denial of Service Vulnerability
XML External Entity (XXE) Vulnerability in SAP Internet Graphics Server (IGS)
XML External Entity (XXE) Vulnerability in SAP Internet Graphics Server (IGS)
Denial of Service Vulnerability in SAP Internet Graphics Server (IGS)
SAP Internet Graphic Server (IGS) Information Retrieval and File Corruption Vulnerability
Denial of Service Vulnerability in SAP Internet Graphics Server (IGS) Interpreter Service
Cross-Site Scripting (XSS) Vulnerability in SAP Business Objects Business Intelligence Platform CMC
SAP Business Client 6.5 Information Disclosure Vulnerability
Inefficient Encoding Vulnerability in Process Monitoring Infrastructure
SAP Business Process Automation (BPA) By Redwood Information Disclosure Vulnerability
XML External Entity (XXE) Vulnerability in SAP Business Process Automation (BPA) By Redwood
Clear Text Storage of User Credentials in SAP HANA Capture & Replay Functionality
Unauthorized Access to Restricted Information in SAP Disclosure Management 10.1
File Upload Vulnerability in SAP Disclosure Management 10.1
SAP Solution Manager Incident Management Work Center Cross-Site Scripting Vulnerability
Unquoted Windows Search Path Vulnerability in Crystal Reports Server, OEM Edition (CRSE)
Session Hijacking Vulnerability in SAP Business Objects
Session Hijacking Vulnerability in SAP Cloud Platform 2.0
Cross-Site Scripting (XSS) Vulnerability in SAP Business One Browser Access
Privilege Escalation Vulnerability in SAP Disclosure Management 10.1
Privilege Escalation Vulnerability in SAP Disclosure Management 10.1
Content Spoofing Vulnerability in SAP NetWeaver Application Server Java Web Container and HTTP Service
XML External Entity (XXE) Injection Vulnerability in SAP Identity Management 7.2 and 8.0
SAP Identity Management 8.0 Vulnerability: Unauthorized Information Access via ToASCII Pass Type
SAP MaxDB ODBC Driver Code Injection Vulnerability
Privilege Escalation Vulnerability in SAP Enterprise Financial Services
Arbitrary File Upload Vulnerability in SAP Internet Graphics Server (IGS)
SAP Internet Graphics Server (IGS) Portwatcher Denial of Service Vulnerability
SAP Internet Graphics Server (IGS) Portwatcher Denial of Service Vulnerability
SAP Internet Graphics Server (IGS) Denial of Service Vulnerability
DOM-based Cross-Site Scripting (XSS) Vulnerability in SAP UI5
SAP Business One Backup Service Information Disclosure Vulnerability
Code Injection Vulnerability in SAP BusinessObjects Business Intelligence Suite and SAP Crystal Reports
SAP UI5 Handler Information Disclosure Vulnerability
Cross-Site Scripting (XSS) Vulnerability in SAP BusinessObjects Business Intelligence Suite 4.10 and 4.20
HTTP Response Header Injection Vulnerability in SAP BusinessObjects Business Intelligence
Denial of Service Vulnerability in SAP Gateway
Arbitrary Content Spoofing Vulnerability in SAP NetWeaver UI Components
Cross-Site Scripting (XSS) Vulnerability in SAP NetWeaver Enterprise Portal
Privilege Escalation Vulnerability in SAP R/3 Enterprise Retail (EHP6)
External Command Execution Vulnerability in SAP Internet Graphics Service (IGS)
SAP Internet Graphics Server (IGS) Denial-of-Service Vulnerabilities
Insufficient Request Validation Vulnerability in SAP Internet Graphics Server (IGS)
Sensitive Information Exposure in SAP Dynamic Authorization Management (DAM) by NextLabs (Java Policy Controller versions 7.7 and 8.5)
SAP Change and Transport System Information Disclosure Vulnerability
Session Hijacking Vulnerability in SAP BusinessObjects Business Intelligence
Cross-Site Scripting (XSS) Vulnerability in SAP BusinessObjects Financial Consolidation
Server-Side Request Forgery (SSRF) Vulnerability in AdminTools of SAP BusinessObjects Business Intelligence
Unauthenticated Information Disclosure in SAP BusinessObjects Business Intelligence
SAP BusinessObjects Business Intelligence (Launchpad Web Intelligence) InfoObject Query Execution Vulnerability
SAP SRM-MDM Utilities Information Disclosure Vulnerability
Unauthenticated SMB Relaying Vulnerability in SAP SRM MDM Catalog
SAP MaxDB (liveCache) Privilege Escalation and Data Manipulation Vulnerability
Unintended Prolonged Validity of XS CLI User Sessions in SAP HANA Extended Application Services (XS)
Cross-Site Scripting (XSS) Vulnerability in SAP NetWeaver AS Java 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50 Logon Application
Privilege Escalation Vulnerability in SAP Enterprise Financial Services
Privilege Escalation Vulnerability in SAP Enterprise Financial Services
Privileged User Information Access Vulnerability in SAP Adaptive Server Enterprise 16.0
SAP Business One Crystal Report Connection Type Information Disclosure Vulnerability
Data Leakage in SAP Mobile Platform Offline OData Application
Insecure Certificate Verification in SAP Business One Android Application v1.2
Privilege Escalation Vulnerability in SAP HCM Fiori People Profile (GBX01 HR version 6.0)
XML Document Validation Vulnerability in BEx Web Java Runtime Export Web Service
Server-Side Request Forgery (SSRF) Vulnerability in SAP Hybris Commerce OCC API
Stored Cross-Site Scripting (XSS) Vulnerability in SAP WebDynpro Java
SAP HANA Extended Application Services Classic Model OData Parser XML Validation Vulnerability
Cross-Site Scripting (XSS) Vulnerability in SAP Data Services 4.2 Management Console
Information Disclosure Vulnerability in SAP BusinessObjects BI Platform Servers
Backup Server Information Disclosure Vulnerability in SAP Adaptive Server Enterprise (ASE)
Unauthorized Information Access in SAP Adaptive Server Enterprise (ASE) Versions 15.7 and 16.0
Cross-Site Scripting (XSS) Vulnerability in SAP NetWeaver Application Server for ABAP
Unauthorized Information Access in SAP BusinessObjects Business Intelligence Platform 4.10 and 4.20
Cross-Site Scripting (XSS) Vulnerability in SAP BusinessObjects Business Intelligence Platform 4.10 and 4.20 (Web Intelligence DHTML Client)
Denial of Service Vulnerability in SAP BusinessObjects Business Intelligence Platform Server
Insufficient CSRF Protection in SAP Fiori 1.0 for SAP ERP HCM (Approve Leave Request, version 2) Application
Missing Network Isolation in Kubernetes Apiserver of Gardener Shoot Clusters
Insufficient URL Validation in SAP NetWeaver Forums: Open Redirect Vulnerability
XML Document Validation Vulnerability in SAP NetWeaver's Knowledge Management (XMLForms)
Command Execution Vulnerability in TREX / BWA Installation on SAP Basis 7.0 to 7.02, 7.10 to 7.11, 7.30, 7.31, 7.40, and 7.50 to 7.53
Cross-Site Scripting (XSS) Vulnerability in SAP BusinessObjects Business Intelligence Platform (BIWorkspace) Versions 4.1 and 4.2
Unauthorized Transaction Execution in SAP Standard Roles
Denial of Service Vulnerability in SAP Mobile Secure Android Application
HTTP Verb Tampering Vulnerability in SAP BusinessObjects Business Intelligence Platform CMC
Privilege Escalation in SAP Enterprise Financial Services
Vulnerability: Remote Code Execution in SAP Fiori Client
Cross-Site Scripting (XSS) Vulnerability in SAP Marketing (UICUAN, SAPSCORE)
Zip File Extraction Vulnerability in SAP Disclosure Management 10.x
Android Malware Exploits SAP Fiori Client with Empty Push Notifications Vulnerability
Vulnerability: Unauthorized Deletion of SSO Configuration in SAP Fiori Client
Unprotected Broadcast Messages Vulnerability in SAP Fiori Client
Vulnerability: Remote Code Execution via Log Viewer in SAP Fiori Client
Insufficient XML Validation in SAML 2.0 Functionality in SAP NetWeaver AS Java
Vulnerability: Authorization Checks Bypass in SAP Basis AS ABAP
Incomplete Logging of SELECT Events in SAP HANA Audit Log
Password Hash Disclosure Vulnerability in SAP Financial Consolidation Cube Designer
SAP Mobile Secure Android Client Information Disclosure Vulnerability
Use-after-free vulnerability in libpulse-binding crate before 2.5.0 for Rust
Insecure Validation in KCFinder Integration Project for Drupal (SA-CONTRIB-2018-024)
Denial of Service Vulnerability in MongoDB Server Versions 3.6 and 4.0
Vulnerability in UIDL Request Handler Allows Property Value Manipulation
Weak Synchronization in Rust's Arc::get_mut Method: A Memory Safety Vulnerability
Heap-Based Buffer Overflow in libwebp's GetLE16() Function
Heap-Based Buffer Overflow in libwebp's ApplyFilter() Function
Heap-Based Buffer Overflow in libwebp's PutLE16() Function
Heap-Based Buffer Overflow in libwebp's GetLE24() Function
Heap-Based Buffer Overflow in libwebp's ShiftBytes() Function
Uninitialized Value Vulnerability in libwebp's ReadSymbol() Function
Use-after-free vulnerability in Linux kernel before 4.14.16
Host Header Injection Vulnerability in Greenbone Security Assistant (GSA) and Greenbone OS (GOS)
Heap-Based Buffer Overflow in RawSpeed 3.1's TableLookUp::setTable
Out-of-Bounds Write Vulnerability in UnRAR 5.6.1.7 through 5.7.4 and 6.0.3
Unauthenticated File Upload Vulnerability in LearnDash LMS WordPress Plugin
XST (Cross Site Tracing) Vulnerability in SAP Business One Service Layer
BPF Subsystem Overflow Vulnerability in Linux Kernel
TCP Server Module Memory Exhaustion Vulnerability
Onion Routing Vulnerability in toxcore: Remote IP Address Discovery
Uninitialized Value Vulnerability in smallvec Crate
Memory Corruption Vulnerability in actix-web Crate
Memory Corruption Vulnerability in actix-web Crate
Memory Corruption Vulnerability in actix-web Crate
Use-after-free vulnerability in libpulse-binding crate before 1.2.1
Use-after-free vulnerability in libpulse-binding crate before 1.2.1
Z-Wave Vulnerability: Downgrade Attack Exploiting CVE-2013-20003
Insufficient Access Restriction in SAP NetWeaver AS Java Keystore Service
Local Authentication Bypass Vulnerability in Mirmay Secure Private Browser and File Manager up to 2.5
Remote OpenAPI Definition Display Vulnerability in Swagger UI
Memory Corruption Vulnerability in zlib 1.2.12 and Earlier Versions during Deflation
Heap-Based Buffer Over-Read Vulnerability in ADMesh 0.98.4
Thomson TCW710 ST5D.10.05 - Cross Site Scripting (Persistent) in /goform/wlanPrimaryNetwork
Cross-Site Scripting (XSS) Vulnerability in Thomson TCW710 ST5D.10.05
Cross-Site Scripting (Persistent) Vulnerability in Thomson TCW710 ST5D.10.05
Cross-Site Scripting (Persistent) Vulnerability in Thomson TCW710 ST5D.10.05
Cross-Site Scripting (Persistent) Vulnerability in Thomson TCW710 ST5D.10.05
Cross-Site Scripting (XSS) Vulnerability in Thomson TCW710 ST5D.10.05
SAP NetWeaver AS Java Web Container HTTP Host Header Manipulation and XSS Vulnerability
Critical Privilege Escalation Vulnerability in uTorrent Web
Critical Privilege Escalation Vulnerability in uTorrent's JSON RPC Server
Critical Remote Memory Corruption Vulnerability in uTorrent
Critical Vulnerability in uTorrent: Remote Code Execution via Weak Authentication
Critical Privilege Escalation Vulnerability in uTorrent
XSS Vulnerability in Django REST Framework Browsable API View Templates
Path Traversal Vulnerability
XSS Vulnerability in Smarty's function.mailto Plugin
Path Traversal Vulnerability in CODESYS Runtime System Allows Unauthorized Access and System File Modification
Inefficient Regular Expression Complexity in email-existence (VDB-216854)
Cross-Site Scripting (XSS) Vulnerability in SAP Commerce Storefronts
Cross Site Scripting (XSS) Vulnerability in Harvest Chosen up to 1.8.6
Cross Site Scripting (XSS) Vulnerability in JmPotato Pomash
Cross-Site Scripting (XSS) Vulnerability in Catalyst-Plugin-Session up to 0.40
Cross-Site Scripting (XSS) Vulnerability in moappi Json2html up to 1.1.x (CVE-2021-216959)
Cross Site Scripting (XSS) Vulnerability in shred cilla
Cross-Site Scripting (XSS) Vulnerability in FarCry Solr Pro Plugin up to 1.5.x
Cross Site Scripting (XSS) Vulnerability in yolapi's render_description function (VDB-216966)
Critical SQL Injection Vulnerability in simple_php_link_shortener
Remote Code Execution Vulnerability in Twitter-Post-Fetcher up to 17.x
Path Traversal Vulnerability in pastebinit up to 0.2.2 (VDB-217040)
Vulnerability: Macaron CSRF - Sensitive Cookie without Secure Attribute
Inefficient Regular Expression Complexity Vulnerability in rgb2hex up to 0.1.5
Denial of Service Vulnerability in flar2 ElementalX up to 6.x on Nexus 9
Cross-Site Scripting (XSS) Vulnerability in Zenoss Dashboard up to 1.3.4
Cross Site Scripting (XSS) Vulnerability in OSM Lab show-me-the-way
Cross-Site Scripting Vulnerability in Wikimedia mediawiki-extensions-I18nTags
Critical SQL Injection Vulnerability in PeterMu Nodebatis up to 2.1.x (VDB-217554)
Critical SQL Injection Vulnerability in JoomGallery up to 3.3.3
Critical Remote Code Execution Vulnerability in devent globalpom-utils up to 4.5.0
Critical Vulnerability in Netis Netcore Router: Remote Attack Exploits Hard-Coded Password (VDB-217593)
Critical SQL Injection Vulnerability in polterguy Phosphorus Five up to 8.2
Critical SQL Injection Vulnerability in roxlukas LMeve up to 0.1.58 (VDB-217610)
Critical SQL Injection Vulnerability in lojban jbovlaste
Cross Site Scripting (XSS) Vulnerability in Newcomer1989 TSN-Ranksystem up to 1.2.6 (CVE-2021-218002)
Regular Expression Complexity Vulnerability in Prestaul Skeemas (VDB-218003)
Critical SQL Injection Vulnerability in karsany OBridge up to 1.3 (VDB-218376)
Critical SQL Injection Vulnerability in Events Extension on BigTree (VDB-218395)
Inefficient Regular Expression Complexity Vulnerability in melnaron mel-spintax
Privilege Escalation in man-db on Gentoo
Regular Expression Complexity Vulnerability in Segmentio is-url up to 1.2.2 (VDB-220058)
Cross-Site Scripting (XSS) Vulnerability in MobileDetect 2.8.31
Cross-Domain Password Auto-Fill Vulnerability in Bitwarden
Critical XML External Entity (XXE) Vulnerability in zwczou WeChat SDK Python 0.3.0 (VDB-223403)
OS Command Injection in pullit package before 1.4.0 for Node.js via Git branch name evaluation
Cross-Site Scripting (XSS) Vulnerability in Ping Identity Self-Service Account Manager 1.1.2
Cross-Site Scripting (XSS) Vulnerability in Responsive Menus 7.x-1.x-dev on Drupal
Cross-Site Scripting (XSS) Vulnerability in sea75300 FanPress CM up to 3.6.3
Arborator Server: Denial of Service Vulnerability in project.cgi
Critical SQL Injection Vulnerability in Blue Yonder postgraas_server up to 2.0.0b2 (VDB-234246)
Untrusted Target Access Vulnerability in glb Meetup Tag Extension 0.1 on MediaWiki
CVE-2018-25090
Authorization Header Exposure in urllib3 before 1.24.2
Improper Access Controls in Vaerys-Dawn DiscordSailv2 up to 2.10.2 (VDB-244483)
Improper Access Controls in Vaerys-Dawn DiscordSailv2 up to 2.10.2 (VDB-244484)
Path Traversal Vulnerability in ???????????????? Online Accounting System up to 1.4.0 (VDB-246641)
Arbitrary Code Execution Vulnerability in Duplicator WordPress Plugin
Cross-Site Request Forgery Vulnerability in MdAlAmin-aol Own Health Record 0.1-alpha/0.2-alpha/0.3-alpha/0.3.1-alpha
Cross-Site Scripting Vulnerability in Acumos Design Studio up to 2.0.7 (VDB-249420)
Denial of Service Vulnerability in blockmason credit-protocol (CVE-2021-252799)
CVE-2018-25099
CVE-2018-25100
Solaris Kernel Privilege Escalation Vulnerability
Oracle HTTP Server Denial of Service Vulnerability
Vulnerability in MySQL Server: Unauthorized Access and Denial of Service
LDAP Library Vulnerability in Solaris Component of Oracle Sun Systems Products Suite
Oracle WebCenter Content Vulnerability: Unauthorized Access and Data Manipulation
Title: High-Privilege Network Access Vulnerability in MySQL Server (InnoDB Component)
Vulnerability in Oracle Sun Systems Products Suite: Unauthorized Access and Data Manipulation in ILOM
Vulnerability in Oracle Communications Order and Service Management: Unauthorized Data Access and Manipulation
Vulnerability in Oracle Sun Systems ILOM Remote Console Application
Java ME SDK Installer Vulnerability
Vulnerability in Oracle Communications Unified Inventory Management: Unauthorized Access and Partial Denial of Service
Vulnerability in Oracle Communications Unified Inventory Management: Unauthorized Data Access and Manipulation
Vulnerability in Oracle Agile Product Lifecycle Management for Process: Unauthorized Data Access and Manipulation
Vulnerability in MySQL Server: Unauthorized Denial of Service (DoS)
Vulnerability in Siebel CRM Desktop component of Oracle Siebel CRM: Unauthorized Data Access and Modification
Oracle Database Server Core RDBMS Unauthorized Read Access Vulnerability
MySQL Server Denial of Service Vulnerability
Solaris Kernel Unauthorized Access Vulnerability
Solaris Kernel Privilege Escalation Vulnerability
Java SE, Java SE Embedded, JRockit Vulnerability: Unauthorized Data Access via Multiple Protocols
Oracle Applications DBA Component Vulnerability in Oracle E-Business Suite
Vulnerability in Java SE component of Oracle Java SE (JavaFX) allows unauthorized data access
Vulnerability in Oracle Java SE: Unauthorized Data Access
Vulnerability in MySQL Server Allows for Unauthorized Denial of Service Attacks
Unauthorized Read Access Vulnerability in Oracle WebCenter Sites
MySQL Connectors Denial of Service Vulnerability
MySQL Server Denial of Service Vulnerability
Oracle Access Manager Web Server Plugin Unauthenticated Access Vulnerability
Vulnerability in Oracle Java SE, Java SE Embedded, and JRockit (LDAP Subcomponent) Allows Unauthorized Data Access
Oracle Hospitality Simphony Unauthenticated Remote Access Vulnerability
MySQL Server Denial of Service Vulnerability
MySQL Server Denial of Service Vulnerability
Oracle Financial Services Balance Sheet Planning User Interface Unauthorized Data Access Vulnerability
Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Takeover
Vulnerability in Oracle Hyperion BI+ Component: Unauthorized Data Access and Partial Denial of Service
Vulnerability in Oracle Hyperion BI+ Component: Unauthorized Data Access and Partial Denial of Service
Vulnerability in Oracle WebCenter Content component allows unauthorized access and data manipulation
Vulnerability in Oracle Hospitality Cruise Dining Room Management: Unauthorized Access and Data Compromise
Unauthenticated Unauthorized Read Access Vulnerability in MySQL Workbench
Vulnerability in Oracle Java SE, Java SE Embedded, and JRockit (JNDI Component) Allows Unauthorized Data Manipulation and Partial Denial of Service
MySQL Server Optimizer Hang/Crash Vulnerability
Oracle Internet Directory Remote Code Execution Vulnerability
Vulnerability in Java SE and Java SE Embedded: Unauthorized Data Access and Partial Denial of Service
Vulnerability in Oracle Java SE, Java SE Embedded, and JRockit Libraries: Unauthorized Partial Denial of Service
Oracle Hospitality Guest Access Component Unauthorized Access Vulnerability
Critical Data Access Vulnerability in Oracle PeopleSoft Products
Oracle Hospitality Guest Access Component Unauthorized Access Vulnerability
Oracle Hospitality Guest Access Denial of Service Vulnerability
Oracle Hospitality Simphony Component Vulnerability: Unauthorized Access to Critical Data
Vulnerability in Oracle Agile PLM Component of Oracle Supply Chain Products Suite: Unauthorized Data Access and Manipulation
Unauthenticated Read Access Vulnerability in Oracle Hyperion Data Relationship Management
Critical Remote Code Execution Vulnerability in Oracle Sun ZFS Storage Appliance Kit (AK)
Vulnerability in MySQL Server component allows unauthorized data access and server compromise
Oracle Argus Safety Login Vulnerability
Oracle FLEXCUBE Universal Banking Component Unauthorized Access Vulnerability
Oracle Support Tools OSS Support Tools Component Prior to 2.11.33 Vulnerability
Oracle Support Tools OSS Support Tools Component Prior to 2.11.33 Vulnerability
Unauthenticated Remote Access Vulnerability in Oracle Support Tools
Java SE, Java SE Embedded, JRockit Vulnerability: Unauthorized Access to Critical Data
Oracle Hospitality Simphony Component Vulnerability: Unauthorized Access to Critical Data
Vulnerability in Primavera Unifier component of Oracle Construction and Engineering Suite: Unauthorized Data Access and Modification
Vulnerability in Oracle Hospitality Cruise Shipboard Property Management System: Unauthorized Access and Data Compromise
MySQL Server Denial of Service Vulnerability
Vulnerability in Sun ZFS Storage Appliance Kit (AK) Allows Unauthorized Access and Data Compromise
Vulnerability in Sun ZFS Storage Appliance Kit (AK) Allows Unauthorized Access to Critical Data
Oracle WebLogic Server Unauthenticated Read Access Vulnerability
Oracle Financial Services Balance Sheet Planning User Interface Vulnerability
Java SE Installer Vulnerability: Unauthorized Takeover of Java SE
Oracle WebLogic Server T3 Takeover Vulnerability
Vulnerability in Java SE, Java SE Embedded, and JRockit: Unauthorized Data Access
Vulnerability in Oracle FLEXCUBE Universal Banking Allows Unauthorized Data Access and Manipulation
Oracle Transportation Management Unauthorized Data Access Vulnerability
Vulnerability in Oracle Siebel CRM's Siebel Engineering - Installer and Deployment Component: Unauthorized Data Access
Java SE, Java SE Embedded, JRockit Vulnerability: Unauthenticated Remote Code Execution
Vulnerability in Java SE and Java SE Embedded: Unauthorized Access to Critical Data
Oracle E-Business Suite Login Vulnerability
Oracle Hospitality Simphony Component Takeover Vulnerability
Vulnerability in Oracle Java SE, Java SE Embedded, and JRockit: Unauthorized Access to Critical Data
Vulnerability in Java SE Deployment Component Allows Takeover
Vulnerability in Java SE Deployment Component Allows Takeover
MySQL Server Denial of Service Vulnerability
Vulnerability in Java SE AWT Component Allows Unauthorized Data Access
Vulnerability in Oracle Argus Safety File Upload Component
Oracle Argus Safety Component Vulnerability: Unauthorized Data Access and Manipulation
Vulnerability in Oracle Argus Safety Worklist Component: Unauthorized Data Access and Manipulation
Critical Vulnerability in Oracle MySQL Server: Unauthorized Access to Critical Data
MySQL Server Denial of Service Vulnerability
Vulnerability in MySQL Server Replication Component: Unauthorized Data Access and Server Crash
Vulnerability in Oracle FLEXCUBE Universal Banking: Remote Takeover
Vulnerability in Oracle FLEXCUBE Universal Banking: Unauthorized Data Access and Denial of Service
Oracle Hospitality Reporting and Analytics Component Unauthorized Data Access Vulnerability
XML Publisher Component Vulnerability in PeopleSoft Enterprise PeopleTools
Unauthenticated Remote Code Execution Vulnerability in Oracle PeopleSoft Integration Broker
Unauthenticated Read Access Vulnerability in Oracle PeopleSoft Enterprise PeopleTools
Vulnerability in PeopleSoft Enterprise HCM Human Resources Component: Unauthorized Data Access and Manipulation
Oracle Work in Process Component Vulnerability: Unauthorized Access and Data Manipulation
Oracle General Ledger Component Vulnerability in Oracle E-Business Suite: Unauthorized Access and Data Manipulation
Vulnerability in Java SE and JRockit: Unauthorized Partial Denial of Service
JD Edwards EnterpriseOne Tools Component Vulnerability
JD Edwards EnterpriseOne Tools Component Vulnerability
Vulnerability in Oracle Financial Services Analytical Applications Infrastructure component allows unauthorized access and data manipulation
Vulnerability in Oracle Financial Services Analytical Applications Infrastructure component allows unauthorized data access and manipulation
Oracle Transportation Management Component Vulnerability
Vulnerability in Oracle Java SE, Java SE Embedded, and JRockit Libraries
Sun ZFS Storage Appliance Kit (AK) Remote Code Execution Vulnerability
MySQL Server Denial of Service Vulnerability
Oracle Hospitality Labor Management Webservice Endpoint Unauthorized Data Access Vulnerability
MySQL Server Optimizer Denial of Service Vulnerability
MySQL Server Denial of Service Vulnerability
Oracle Hospitality Reporting and Analytics Component Unauthorized Data Access Vulnerability
Vulnerability in Oracle Financial Services Profitability Management: Unauthorized Data Access and Manipulation
Critical Data Access Vulnerability in Oracle PeopleSoft SCM Purchasing Component (Supplier Registration)
Oracle Hospitality Simphony Component Vulnerability
Oracle Hospitality Simphony Unauthenticated Access Vulnerability
Vulnerability in Oracle FLEXCUBE Direct Banking Logoff Component
Java Advanced Management Console Server Vulnerability: Unauthorized Data Access
Vulnerability in Oracle VM VirtualBox Allows Takeover
Vulnerability in Java SE AWT Component Allows Partial Denial of Service
Unauthenticated Remote Denial of Service Vulnerability in Oracle Java SE, Java SE Embedded, and JRockit (CVE-2018-2638)
Vulnerability in Oracle Financial Services Profitability Management User Interface
Vulnerability in Java VM component of Oracle Database Server allows for unauthorized takeover
Vulnerability in Oracle PeopleSoft Products: Unauthorized Data Access and Manipulation in PeopleSoft Enterprise HCM Human Resources
Vulnerability in Oracle Financial Services Liquidity Risk Management User Interface (Version 8.0.x) Allows Unauthorized Data Access
Oracle Hospitality Simphony Denial of Service Vulnerability
Oracle E-Business Suite User Management Registration Process Unauthorized Access Vulnerability
Vulnerability in Oracle VM VirtualBox Allows Unauthorized Takeover
Vulnerability in Oracle VM VirtualBox Allows Unauthorized Takeover
Vulnerability in Oracle VM VirtualBox Allows Unauthorized Takeover
Vulnerability in Oracle VM VirtualBox Allows Unauthorized Takeover
Vulnerability in Oracle VM VirtualBox Allows Unauthorized Takeover
Vulnerability in Oracle VM VirtualBox Allows Unauthorized Takeover
Oracle E-Business Suite User Management Proxy User Delegation Vulnerability
Vulnerability in Oracle Financial Services Asset Liability Management User Interface
Vulnerability in Oracle VM VirtualBox Guest Additions Prior to 5.1.32 and Prior to 5.2.6
Vulnerability in Oracle VM VirtualBox Allows Takeover
Critical Data Access Vulnerability in Oracle PeopleSoft Products
MySQL Server Denial of Service Vulnerability
Oracle Hospitality Cruise Fleet Management Component Unauthorized Data Access Vulnerability
Vulnerability in Oracle VM VirtualBox Allows Takeover
Vulnerability in Oracle Database Server's Application Express Component (Prior to 5.1.4.00.08) Allows Unauthorized Data Access and Manipulation
Oracle Hospitality Cruise Fleet Management Emergency Response System Unauthorized Access Vulnerability
Vulnerability in Oracle Hospitality Cruise Fleet Management: Unauthorized Access and Data Compromise
Critical Data Access Vulnerability in PeopleSoft Enterprise FSCM Component (Strategic Sourcing)
MySQL Server Privilege Escalation Vulnerability
Oracle Banking Payments Component Vulnerability
Oracle Banking Payments Component Takeover Vulnerability
Oracle Banking Corporate Lending Takeover Vulnerability
Oracle Banking Corporate Lending Component Unauthorized Data Access and Denial of Service Vulnerability
Oracle Banking Payments Component Unauthorized Access Vulnerability
Oracle Banking Corporate Lending Component Unauthorized Access Vulnerability
Solaris Kernel Denial of Service Vulnerability
Oracle JDeveloper Security Framework Unauthenticated Remote Code Execution Vulnerability
Vulnerability in Oracle Financial Services Loan Loss Forecasting and Provisioning User Interface
Oracle WebCenter Portal Unauthenticated Access Vulnerability
Oracle Financial Services Market Risk User Interface Vulnerability
Oracle Business Intelligence Enterprise Edition Remote Code Execution Vulnerability
Oracle Financial Services Market Risk Measurement and Management User Interface Unauthenticated Remote Code Execution Vulnerability
Solaris Solaris Component Vulnerability in Oracle Sun Systems Products Suite
Solaris RPC Vulnerability: Unauthorized Access and Denial of Service
Oracle Financial Services Hedge Management and IFRS Valuations User Interface Unauthorized Data Access Vulnerability
Vulnerability in Oracle Financial Services Liquidity Risk Management User Interface (Version 8.0.x) Allows Unauthorized Data Access and Modification
Oracle Financial Services Price Creation and Discovery User Interface Unauthorized Data Access Vulnerability
Vulnerability in Oracle Financial Services Price Creation and Discovery Component
Oracle Financial Services Asset Liability Management User Interface Vulnerability
Vulnerability in Oracle Financial Services Loan Loss Forecasting and Provisioning User Interface
Vulnerability in Oracle Financial Services Hedge Management and IFRS Valuations User Interface
Oracle Financial Services Market Risk User Interface Unauthorized Data Access Vulnerability
Vulnerability in Oracle Financial Services Market Risk Measurement and Management User Interface (Version 8.0.5) Allows Unauthorized Data Access and Modification
Vulnerability in Oracle Financial Services Funds Transfer Pricing User Interface
Oracle Financial Services Funds Transfer Pricing User Interface Vulnerability
Vulnerability in Oracle Retail Merchandising System Allows Unauthorized Data Access and Manipulation
Vulnerability in PeopleSoft Enterprise SCM eProcurement Component: Unauthorized Data Access and Manipulation
Oracle Financial Services Analytical Applications Reconciliation Framework User Interface Unauthorized Access Vulnerability
Oracle Hyperion Planning Vulnerability: Unauthorized Takeover of System
Oracle Retail Returns Management Component Vulnerability
Oracle Retail Central Office Unauthenticated Access Vulnerability
Oracle Access Manager Web Server Plugin Unauthenticated Remote Code Execution Vulnerability
Vulnerability in Oracle Enterprise Manager Ops Center: Unauthorized Access and Data Manipulation
Oracle Banking Corporate Lending Component Unauthorized Access Vulnerability
Oracle Banking Corporate Lending Component Unauthorized Access Vulnerability
Vulnerability in Oracle Banking Corporate Lending Component of Oracle Financial Services Applications
Vulnerability in Oracle Banking Corporate Lending Component of Oracle Financial Services Applications
Vulnerability in Oracle Enterprise Manager Base Platform: Unauthorized Data Access and Partial Denial of Service
Vulnerability in PeopleSoft Enterprise HCM Component of Oracle PeopleSoft Products (9.2)
Solaris Python Modules Unauthorized Data Access Vulnerability
Solaris ZVNET Driver Unauthorized Access and Denial of Service Vulnerability
Vulnerability in MySQL Server Replication Component: Unauthenticated Takeover
Vulnerability in Oracle Communications Order and Service Management WebUI Component
MySQL Server Denial of Service Vulnerability
MySQL Server Denial of Service Vulnerability
Unauthenticated Remote Code Execution Vulnerability in Oracle HTTP Server
MySQL Server Denial of Service Vulnerability
MySQL Server Vulnerability: Unauthorized Hang and Crash
Solaris NTPD Unauthorized Data Access Vulnerability
Solaris NFS Denial of Service Vulnerability
Oracle Fusion Middleware Oracle SSL API Unauthenticated Access Vulnerability
MySQL Server Denial of Service Vulnerability
MySQL Server Encryption Vulnerability
Oracle Outside In Technology Component Vulnerability
MySQL Server Pluggable Auth Vulnerability
Vulnerability in Oracle Adaptive Access Manager component of Oracle Fusion Middleware: Unauthorized Access and Data Compromise
MySQL Server Locking Vulnerability
Critical Vulnerability in PeopleSoft Enterprise PeopleTools: Rich Text Editor Component
Vulnerability in MySQL Server Allows for Denial of Service Attacks
Vulnerability in PeopleSoft Enterprise PT PeopleTools component allows unauthorized access and data manipulation
MySQL Server Vulnerability: Unauthorized Hang or Crash
Vulnerability in MySQL Server's Group Replication GCS Component Allows for DOS Attacks
MySQL Server Denial of Service Vulnerability
MySQL Server Optimizer Denial of Service Vulnerability
MySQL Server Optimizer Denial of Service Vulnerability
MySQL Server Vulnerability: Unauthorized Hang or Crash
MySQL Server Denial of Service Vulnerability
MySQL Server Denial of Service Vulnerability
Java SE, Java SE Embedded, JRockit Vulnerability: Unauthorized Access and Data Manipulation
MySQL Server Denial of Service Vulnerability
Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Data Manipulation
Vulnerability in MySQL Server component allows unauthorized data access and server compromise
Vulnerability in MySQL Server component allows unauthorized data access and server compromise
Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Data Access and Manipulation
Vulnerability in Oracle Siebel CRM 17.0 Allows Unauthorized Read Access
Java SE and Java SE Embedded Vulnerability: Unauthorized Access and Data Manipulation
Vulnerability in Oracle WebCenter Sites component of Oracle Fusion Middleware: Unauthorized Access and Data Compromise
Vulnerability in Oracle Sun Systems Hardware Management Pack: Unauthorized Data Access and Manipulation
Unauthenticated Remote Code Execution Vulnerability in Oracle PeopleSoft Products
Java SE, JRockit Vulnerability: Unauthenticated Takeover of Java SE, JRockit
Vulnerability in Oracle Java SE Allows Partial Denial of Service
Java SE, Java SE Embedded, JRockit Concurrency Vulnerability
Unauthenticated Remote Denial of Service Vulnerability in Oracle Java SE
Java SE, Java SE Embedded, JRockit AWT Component Denial of Service Vulnerability
Unauthenticated Remote Denial of Service Vulnerability in Oracle Java SE
Java SE, JRockit RMI Unauthenticated Remote Code Execution Vulnerability
Oracle Outside In Technology Image Export SDK Unauthenticated Remote Code Execution Vulnerability
Vulnerability in Oracle Hospitality Simphony Component: Unauthorized Data Access and Manipulation
Oracle Hospitality Reporting and Analytics Component Unauthorized Data Access Vulnerability
Oracle E-Business Suite Oracle Application Object Library Component DB Privileges Vulnerability
MySQL Server GIS Extension Denial of Service Vulnerability
Oracle Outside In Technology Component Vulnerability
Vulnerability in Oracle FLEXCUBE Core Banking Allows Unauthorized Data Access and Manipulation
Solaris Kernel Denial of Service Vulnerability
Unauthenticated Remote Code Execution Vulnerability in PeopleSoft Enterprise PeopleTools
MySQL Server Denial of Service Vulnerability
Java SE Install Vulnerability: Unauthorized Takeover of Java SE
Vulnerability in MySQL Server: Unauthorized Data Access and Denial of Service
MySQL Server DDL Vulnerability
Vulnerability in Oracle Java SE: Unauthenticated Takeover via Multiple Protocols
Java SE, Java SE Embedded, JRockit Serialization Vulnerability
MySQL Server Optimizer Denial of Service Vulnerability
MySQL Server Denial of Service Vulnerability
MySQL Server Privilege Escalation Vulnerability
MySQL Server Denial of Service Vulnerability
Unauthorized Read Access Vulnerability in PeopleSoft Enterprise PeopleTools
Vulnerability in PeopleSoft Enterprise PeopleTools Rich Text Editor Component
Solaris Cluster Geo Vulnerability: Unauthorized Access and Data Compromise
Critical Data Manipulation Vulnerability in Oracle Transportation Management 6.4.3
Oracle Hospitality Simphony Component Vulnerability
Java SE Libraries Vulnerability: Unauthenticated Takeover of Java SE
Java SE Libraries Vulnerability: Unauthenticated Takeover of Java SE
Vulnerability in Oracle Hospitality Suite8: Unauthorized Access and Data Compromise
Vulnerability in Oracle WebCenter Content component allows unauthorized access and data manipulation
Oracle Hospitality Simphony Component Vulnerability
Vulnerability in Oracle VM VirtualBox allows for takeover
Vulnerability in Oracle VM VirtualBox Allows Unauthorized Data Access
Oracle GoldenGate Unauthenticated Remote Code Execution Vulnerability
Oracle Hospitality Simphony Component Vulnerability
Vulnerability in Oracle Data Visualization Desktop: Unauthorized Access and Data Manipulation
Vulnerability in Oracle VM VirtualBox allows for takeover
Vulnerability in Oracle VM VirtualBox allows for takeover
Vulnerability in Oracle VM VirtualBox allows for takeover
Vulnerability in PeopleSoft Enterprise PRTL Interaction Hub component of Oracle PeopleSoft Products (subcomponent: EPPCM_HIER_TOP) - Version 9.1
MySQL Server Denial of Service Vulnerability
Vulnerability in Oracle Retail Xstore Point of Service: Unauthorized Access and Data Compromise
Java VM Component Vulnerability in Oracle Database Server
Vulnerability in Oracle VM VirtualBox Allows Takeover
Vulnerability in Oracle VM VirtualBox Allows Takeover
Vulnerability in Oracle VM VirtualBox Allows Takeover
Vulnerability in Oracle VM VirtualBox Allows Unauthorized Access and Denial of Service
MySQL Server Performance Schema Denial of Service Vulnerability
Oracle Hospitality Simphony First Edition Component Vulnerability
Oracle Hospitality Simphony First Edition Client Application Loader Vulnerability
Vulnerability in Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite: Unauthorized Access to Critical Data
Oracle Hospitality Cruise Fleet Management System Vulnerability
Oracle Hospitality Simphony First Edition: Unauthorized Data Access and Modification Vulnerability
Vulnerability in Oracle Hospitality Guest Access component allows unauthorized data access and manipulation
Vulnerability in Oracle Hospitality Simphony First Edition: Unauthorized Data Access and Manipulation
Vulnerability in Oracle Financial Services Basel Regulatory Capital Basic: Unauthorized Data Access and Manipulation
Oracle Financial Services Basel Regulatory Capital Basic Vulnerability
Vulnerability in Oracle Financial Services Basel Regulatory Capital Internal Ratings Based Approach component of Oracle Financial Services Applications (subcomponent: Portfolio, Attribution)
Vulnerability in Sun ZFS Storage Appliance Kit (AK) Allows Unauthorized Data Access and Partial Denial of Service
Unauthenticated Unauthorized Read Access Vulnerability in Sun ZFS Storage Appliance Kit
Vulnerability in Oracle Financial Services Basel Regulatory Capital Internal Ratings Based Approach component of Oracle Financial Services Applications
Oracle VM VirtualBox Vulnerability: High Privileged Takeover (CVE-2018-2698)
Oracle Retail Back Office Unauthenticated Access and Data Disclosure Vulnerability
Oracle Retail Point-of-Service User Interface Unauthorized Access Vulnerability
Vulnerability in Sun ZFS Storage Appliance Kit (AK) Allows Unauthorized Data Access
Oracle E-Business Suite Application Object Library Unauthorized Read Access Vulnerability
Oracle General Ledger Consolidation Hierarchy Viewer Unauthorized Data Access Vulnerability
Oracle General Ledger Consolidation Hierarchy Viewer Unauthorized Data Access Vulnerability
Oracle E-Business Suite Application Object Library Unauthorized Read Access Vulnerability
Oracle Human Resources Component Unauthorized Data Access Vulnerability
Oracle Human Resources Component Unauthorized Data Access Vulnerability
Oracle Human Resources Component Vulnerability in Oracle E-Business Suite: Unauthorized Access and Data Manipulation
Oracle Human Resources Component Vulnerability in Oracle E-Business Suite: Unauthorized Access and Data Manipulation
Oracle General Ledger Account Hierarchy Manager Unauthorized Read Access Vulnerability
Oracle General Ledger Account Hierarchy Manager Unauthorized Read Access Vulnerability
Vulnerability in Oracle Application Object Library Allows Unauthorized Access to Critical Data
Vulnerability in Oracle Database Server: Unauthorized Read Access to Core RDBMS Data
Vulnerability in Oracle Retail Integration Bus component of Oracle Retail Applications (RIB Kernal) allows unauthorized access and partial denial of service
MySQL Cluster Vulnerability: Unauthorized Hang and Crash
Vulnerability in PeopleSoft Enterprise HCM Shared Components: Unauthorized Data Access and Manipulation
Oracle Access Manager Vulnerability: Unauthorized Takeover via HTTP
Critical Unauthorized Access Vulnerability in MICROS Retail-J Component of Oracle Retail Applications
Vulnerability in MICROS Retail-J component of Oracle Retail Applications: Unauthorized Data Access and Partial Denial of Service
Vulnerability in MICROS Retail-J component of Oracle Retail Applications: Unauthorized Data Access and Modification
Vulnerability in Oracle Retail Xstore Office component allows unauthorized data access and partial denial of service
Vulnerability in MICROS Retail-J component of Oracle Retail Applications: Unauthorized Data Access and Manipulation
Vulnerability in MICROS Retail-J component of Oracle Retail Applications: Unauthorized Access and Data Manipulation
Critical Vulnerability in MICROS Retail-J Component of Oracle Retail Applications (Version 12.1.2)
Oracle Retail Bulk Data Integration Component Vulnerability
Solaris Availability Suite Service Takeover Vulnerability
Oracle WebLogic Server T3 Takeover Vulnerability
Oracle WebLogic Server Remote Code Execution Vulnerability
Vulnerability in Oracle Banking Corporate Lending component of Oracle Financial Services Applications: Unauthorized Data Access and Manipulation
Vulnerability in Oracle Banking Payments component of Oracle Financial Services Applications: Unauthorized Data Access and Manipulation
Oracle FLEXCUBE Enterprise Limits and Collateral Management Unauthorized Data Access Vulnerability
Vulnerability in Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications
Vulnerability in Oracle FLEXCUBE Universal Banking: Unauthorized Data Access and Manipulation
Vulnerability in Oracle BI Publisher Layout Tools Allows Unauthorized Data Access and Modification
Solaris DHCP Vulnerability: Unauthorized Partial Denial of Service
Oracle WebLogic Server Console Unauthorized Read Access Vulnerability
Solaris Kernel Privilege Escalation Vulnerability
Vulnerability in Oracle Communications EAGLE LNP Application Processor component allows unauthorized data access and manipulation
Unauthenticated Read Access Vulnerability in Sun ZFS Storage Appliance Kit
Unauthorized Read Access Vulnerability in Oracle Sun Systems Hardware Management Pack (Ipmitool)
Critical Vulnerability in Oracle Hyperion Financial Reporting Allows Unauthorized Access to Critical Data
Solaris Kernel Denial of Service Vulnerability
Oracle VM VirtualBox Vulnerability: Unauthorized Takeover of Virtualization Component
Oracle GlassFish Server Vulnerability: Unauthorized Access and Data Manipulation
Oracle GoldenGate Manager Denial of Service Vulnerability
Oracle GoldenGate Monitoring Manager Unauthenticated Remote Code Execution Vulnerability
Oracle GoldenGate Manager Denial of Service Vulnerability
Unauthenticated Remote Access Vulnerability in Oracle Hyperion Data Relationship Management (CVE-2021-12345)
Vulnerability in Sun ZFS Storage Appliance Kit (AK) Allows Partial Denial of Service
Unauthenticated Remote Denial of Service Vulnerability in Sun ZFS Storage Appliance Kit (AK)
Sun ZFS Storage Appliance Kit (AK) Takeover Vulnerability
Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Data Access
Vulnerability in Sun ZFS Storage Appliance Kit (AK) Allows Unauthorized Data Access and Partial Denial of Service
Unauthenticated Unauthorized Read Access Vulnerability in Sun ZFS Storage Appliance Kit
Solaris Kernel Unauthorized Read Access Vulnerability
Unauthorized Read Access Vulnerability in Oracle Sun ZFS Storage Appliance Kit (AK)
Vulnerability in Sun ZFS Storage Appliance Kit (AK) Allows Unauthorized Data Access and Partial Denial of Service
Critical Vulnerability in Oracle BI Publisher Component of Fusion Middleware (Web Server Subcomponent)
Solaris NVIDIA-GFX Kernel Driver Vulnerability
Unauthorized Read Access Vulnerability in Sun ZFS Storage Appliance Kit (AK) Component
Solaris RAD Vulnerability: Unauthorized Access to Critical Data
Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Data Access and Manipulation
Solaris Cluster NAS Device Addition Vulnerability
Oracle SuperCluster Specific Software Vulnerability: Unauthorized Access and Data Compromise
Critical Vulnerability in Oracle WebLogic Server: Unauthorized Access and Data Manipulation
Vulnerability in Oracle E-Business Suite: Unauthorized Data Manipulation in Application Object Library
Oracle WebLogic Server JSF Component Vulnerability
Vulnerability in Oracle Communications Messaging Server: Unauthorized Data Access
Unauthenticated Access Vulnerability in Sun ZFS Storage Appliance Kit (AK)
Java SE Component Vulnerability: Remote Takeover of Java SE (CVE-2018-2938)
Vulnerability in Core RDBMS component of Oracle Database Server: Unauthorized Data Access and Denial of Service
Java SE and Java SE Embedded Vulnerability: Unauthorized Read Access
Java SE JavaFX Vulnerability: Unauthenticated Network Access Compromising Java SE
Vulnerability in Oracle Java SE Allows Takeover
Oracle Fusion Middleware MapViewer Remote Code Execution Vulnerability
Critical Vulnerability in JD Edwards EnterpriseOne Tools Allows Unauthorized Access to Critical Data
JD Edwards EnterpriseOne Tools Web Runtime Unauthenticated Access Vulnerability
JD Edwards EnterpriseOne Tools Web Runtime Unauthenticated Access Vulnerability
Critical Vulnerability in JD Edwards EnterpriseOne Tools Allows Unauthorized Access to Critical Data
JD Edwards EnterpriseOne Tools Web Runtime Unauthenticated Access Vulnerability
JD Edwards EnterpriseOne Tools Web Runtime Unauthenticated Access Vulnerability
JD Edwards EnterpriseOne Tools Web Runtime Unauthenticated Access Vulnerability
Unauthenticated Remote Code Execution Vulnerability in PeopleSoft Enterprise PeopleTools
Java SE, Java SE Embedded, JRockit Concurrency Vulnerability
Oracle One-to-One Fulfillment Print Server Unauthenticated Remote Code Execution Vulnerability
Oracle Order Management Component Vulnerability in E-Business Suite: Product Diagnostic Tools Subcomponent
Oracle Hospitality OPERA 5 Property Services Unauthorized Data Access Vulnerability
Vulnerability in Oracle Hospitality OPERA 5 Property Services component allows for unauthorized takeover
Oracle Hospitality OPERA 5 Property Services Logging Vulnerability
Vulnerability in Oracle BI Publisher component allows unauthorized access and data manipulation
Vulnerability in Siebel UI Framework component of Oracle Siebel CRM (subcomponent: UIF Open UI) allows unauthorized data manipulation
Vulnerability in Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite: Unauthorized Data Access and Manipulation
Vulnerability in Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite: Unauthorized Data Access and Manipulation
Vulnerability in Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite: Unauthorized Data Access and Manipulation
Vulnerability in Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite: Unauthorized Data Access
Vulnerability in Java SE Deployment Component Allows for Takeover
Vulnerability in Primavera Unifier component of Oracle Construction and Engineering Suite (16.x)
Vulnerability in Primavera Unifier component of Oracle Construction and Engineering Suite: Unauthorized Data Access and Modification
Physical Access Vulnerability in Oracle Primavera Unifier Component of Construction and Engineering Suite
Unauthenticated Remote Code Execution Vulnerability in Primavera Unifier
Unauthorized Read Access Vulnerability in Primavera Unifier Component of Oracle Construction and Engineering Suite (Core)
Unauthorized Read Access Vulnerability in PeopleSoft Enterprise PeopleTools (PIA Search Functionality)
Oracle E-Business Suite Oracle Applications Framework REST Services Unauthorized Read Access Vulnerability
Java SE Security Vulnerability: Unauthorized Access to Critical Data
Vulnerability in Java SE and Java SE Embedded: Unauthorized Data Access
Vulnerability in Oracle FLEXCUBE Universal Banking Allows Unauthorized Data Access and Partial Denial of Service
Oracle FLEXCUBE Universal Banking Unauthorized Read Access Vulnerability
Vulnerability in Oracle Enterprise Manager Ops Center Allows Unauthorized Access and Data Manipulation
Unauthenticated Remote Code Execution Vulnerability in PeopleSoft Enterprise PeopleTools
Oracle Hospitality Simphony Import/Export Vulnerability
Oracle FLEXCUBE Universal Banking Infrastructure Component Denial of Service Vulnerability
Vulnerability in Oracle FLEXCUBE Universal Banking: Unauthorized Data Access and Partial Denial of Service
Vulnerability in Oracle FLEXCUBE Universal Banking Allows Unauthorized Data Access and Manipulation
Oracle FLEXCUBE Universal Banking Component Unauthorized Access Vulnerability
Vulnerability in Oracle Hospitality Cruise Fleet Management System: Unauthorized Data Access and Modification
Vulnerability in PeopleSoft Enterprise PeopleTools Workflow Component
Vulnerability in PeopleSoft Enterprise PeopleTools Workflow Component
Vulnerability in Oracle WebLogic Server Console component allows unauthorized data access and manipulation
Oracle E-Business Suite Oracle Marketing Component Vulnerability
Oracle iLearning Vulnerability: Unauthorized Access and Data Compromise
Unauthenticated Remote Code Execution Vulnerability in PeopleSoft Enterprise PeopleTools
Oracle Trade Management User Interface Vulnerability
Oracle Outside In Technology Component Vulnerability
Oracle E-Business Suite CRM Technical Foundation Preferences Unauthenticated Remote Code Execution Vulnerability
Oracle iStore Shopping Cart Unauthorized Data Access Vulnerability
Oracle iStore Component Vulnerability: Unauthorized Access and Data Compromise
Oracle Applications Manager Unauthenticated Access Vulnerability
Oracle E-Business Suite Script Author Component Vulnerability
Oracle WebLogic Server SAML Vulnerability
JD Edwards EnterpriseOne Tools Web Runtime Unauthenticated Access Vulnerability
Oracle Hospitality Cruise Shipboard Property Management System Vulnerability
Oracle Hospitality Cruise Shipboard Property Management System Vulnerability
Oracle Hospitality Cruise Fleet Management System Vulnerability
Oracle Hospitality Cruise Fleet Management System Vulnerability
Java VM Component Vulnerability in Oracle Database Server
Oracle VM VirtualBox Core Vulnerability: Unauthorized Partial Denial of Service
JD Edwards EnterpriseOne Tools Web Runtime Unauthenticated Access Vulnerability
Oracle Tuxedo Jolt Vulnerability
Oracle E-Business Suite Oracle Marketing User Interface Unauthenticated Remote Code Execution Vulnerability
Oracle Outside In Technology Component Vulnerability
Oracle Outside In Technology Component Vulnerability
Oracle Trade Management User Interface Vulnerability
Oracle Trade Management User Interface Vulnerability
Critical Data Access Vulnerability in Oracle Hospitality OPERA 5 Property Services
Critical Data Access Vulnerability in Oracle Hospitality OPERA 5 Property Services
Vulnerability in Oracle FLEXCUBE Universal Banking Allows Unauthorized Access and Data Manipulation
Vulnerability in PeopleSoft Enterprise PeopleTools Integration Broker Component
Oracle E-Business Suite CRM Technical Foundation Preferences Component Vulnerability
Oracle iStore Component Vulnerability: Unauthorized Access and Data Compromise
Vulnerability in Oracle FLEXCUBE Universal Banking: Unauthorized Data Access and Manipulation
Vulnerability in Oracle Banking Payments component of Oracle Financial Services Applications: Unauthorized Data Access and Partial Denial of Service
Oracle Banking Payments Unauthorized Read Access Vulnerability
Oracle Banking Payments Component Denial of Service Vulnerability
Vulnerability in Oracle Banking Payments component of Oracle Financial Services Applications: Unauthorized Data Access and Partial Denial of Service
Vulnerability in Oracle Banking Payments Component of Oracle Financial Services Applications: Unauthorized Data Access and Manipulation
Oracle Banking Payments Component Unauthorized Access Vulnerability
Vulnerability in Oracle Banking Payments component of Oracle Financial Services Applications: Unauthorized Data Access and Manipulation
Oracle Banking Payments Component Vulnerability
Vulnerability in Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications: Unauthorized Data Access and Partial Denial of Service
Oracle FLEXCUBE Investor Servicing Unauthorized Data Access Vulnerability
Oracle FLEXCUBE Investor Servicing Denial of Service Vulnerability
Vulnerability in Oracle FLEXCUBE Investor Servicing component allows unauthorized data access and partial denial of service
Vulnerability in Oracle FLEXCUBE Investor Servicing component allows unauthorized data access and manipulation
Oracle FLEXCUBE Investor Servicing Component Unauthorized Access Vulnerability
Vulnerability in Oracle FLEXCUBE Investor Servicing component of Oracle Financial Services Applications
Vulnerability in Oracle FLEXCUBE Investor Servicing component allows unauthorized access and data manipulation
Vulnerability in Oracle Banking Corporate Lending component of Oracle Financial Services Applications: Unauthorized Data Access and Partial Denial of Service
Vulnerability in Oracle FLEXCUBE Enterprise Limits and Collateral Management: Unauthorized Data Access and Partial Denial of Service
Oracle Banking Corporate Lending Unauthorized Data Access Vulnerability
Oracle FLEXCUBE Enterprise Limits and Collateral Management Unauthorized Read Access Vulnerability
Oracle Banking Corporate Lending Component Denial of Service Vulnerability
Oracle FLEXCUBE Enterprise Limits and Collateral Management Denial of Service Vulnerability
Vulnerability in Oracle Banking Corporate Lending component of Oracle Financial Services Applications: Unauthorized Data Manipulation and Partial Denial of Service
Vulnerability in Oracle FLEXCUBE Enterprise Limits and Collateral Management: Unauthorized Data Manipulation and Partial Denial of Service
Vulnerability in Oracle Banking Corporate Lending component allows unauthorized data access and manipulation
Vulnerability in Oracle FLEXCUBE Enterprise Limits and Collateral Management: Unauthorized Data Access and Manipulation
Vulnerability in Oracle Banking Corporate Lending component of Oracle Financial Services Applications: Unauthorized Access to Critical Data
Oracle FLEXCUBE Enterprise Limits and Collateral Management Unauthorized Access Vulnerability
Vulnerability in Oracle Banking Corporate Lending component of Oracle Financial Services Applications: Unauthorized Data Access and Manipulation
Vulnerability in Oracle FLEXCUBE Enterprise Limits and Collateral Management: Unauthorized Data Access and Manipulation
Vulnerability in Oracle Banking Corporate Lending component of Oracle Financial Services Applications: Unauthorized Data Access and Modification
Vulnerability in Oracle FLEXCUBE Enterprise Limits and Collateral Management: Unauthorized Data Access and Modification
Vulnerability in MICROS Relate CRM Software: Unauthorized Data Access and Partial Denial of Service
Vulnerability in Oracle Retail Customer Management and Segmentation Foundation component allows unauthorized data access and partial denial of service
MySQL Server Denial of Service Vulnerability
Oracle VM VirtualBox Core Vulnerability: Unauthorized Access and Denial of Service
MySQL Server Privilege Escalation Vulnerability
Vulnerability in Sun ZFS Storage Appliance Kit (AK) Allows Takeover
Vulnerability in MySQL Server component allows unauthorized data manipulation
Vulnerability in Siebel UI Framework component of Oracle Siebel CRM: Unauthorized Data Access and Manipulation
Vulnerability in MySQL Server component allows unauthorized data access and server compromise
High Privilege Network Access Vulnerability in MySQL Server (CVE-XXXX)
MySQL Server Memcached Denial of Service Vulnerability
MySQL Server Privilege Escalation Vulnerability
Vulnerability in MySQL Server component allows unauthorized access and DOS attacks
MySQL Server Denial of Service Vulnerability
MySQL Server Vulnerability: Unauthorized Data Access and Manipulation
Vulnerability in MySQL Server Replication Component: Unauthorized Server Crash
Vulnerability in PeopleSoft Enterprise HCM Human Resources Component: Unauthorized Data Access and Manipulation
Unauthorized Read Access Vulnerability in Oracle Agile Product Lifecycle Management for Process
MySQL Server Denial of Service Vulnerability
MySQL Server Audit Log Denial of Service Vulnerability
Unauthenticated Access Vulnerability in PeopleSoft HRMS Component
Vulnerability in MySQL Server: Unauthorized Server Hang or Crash
Vulnerability in MySQL Server component allows for Denial of Service (DoS) attacks
MySQL Server Privilege Escalation Vulnerability
Vulnerability in PeopleSoft Enterprise CS Financial Aid Component Allows Unauthorized Data Access
MySQL Server Denial of Service Vulnerability
Vulnerability in MySQL Server component allows for Denial of Service (DoS) attacks
MySQL Server InnoDB Component Denial of Service Vulnerability
Vulnerability in MySQL Server component allows for Denial of Service (DoS) attacks
Vulnerability in MySQL Client component allows unauthorized data access and denial of service
MySQL Server Vulnerability: Unauthorized Data Access via Multiple Protocols
Vulnerability in MySQL Server Allows Partial Denial of Service
Vulnerability in Oracle VM VirtualBox Prior to 5.2.16: Unauthorized Data Access and System Compromise
Oracle VM VirtualBox Vulnerability: Unauthorized Takeover of Virtualization Component
Oracle VM VirtualBox Vulnerability: Unauthorized Takeover of Virtualization Component
Oracle VM VirtualBox Vulnerability: Unauthorized Takeover of Virtualization Component
Oracle VM VirtualBox Vulnerability: Unauthorized Takeover of Virtualization Component
Oracle VM VirtualBox Vulnerability: Unauthorized Takeover of Virtualization Component
Vulnerability in Oracle VM VirtualBox Prior to 5.2.16: Unauthorized Access to Critical Data
Oracle Outside In Technology Component Vulnerability
Oracle Outside In Technology Component Vulnerability
Oracle Outside In Technology Component Vulnerability
Oracle Outside In Technology Component Vulnerability
Oracle Outside In Technology Component Vulnerability
Oracle Outside In Technology Component Vulnerability
Oracle Outside In Technology Component Vulnerability
Oracle Outside In Technology Component Vulnerability
Oracle Business Process Management Suite Vulnerability: Unauthorized Access and Data Manipulation
Oracle WebCenter Portal Unauthenticated Read Access Vulnerability
Oracle Outside In Technology Component Vulnerability
Oracle Outside In Technology Component Vulnerability
Oracle Outside In Technology Component Vulnerability
Vulnerability in Oracle SOA Suite Allows Unauthorized Read Access
Critical Vulnerability in Oracle Fusion Middleware: Unauthorized Access to Critical Data
Oracle Fusion Middleware MapViewer Component Unauthorized Access Vulnerability
Oracle Database Server Java VM Component Vulnerability
Vulnerability in Oracle Retail Xstore Office component allows unauthorized access and data manipulation
Vulnerability in Oracle Retail Sales Audit component of Oracle Retail Applications: Unauthorized Access and Data Compromise
Critical Vulnerability in MICROS Lucas Component of Oracle Retail Applications Allows Takeover
Vulnerability in Oracle Retail Open Commerce Platform Allows Unauthorized Access and Data Manipulation
Critical Vulnerability in Oracle MySQL Server: Unauthorized Access to Critical Data
Oracle Retail Merchandising System SQL Logger Unauthorized Data Access Vulnerability
Oracle Retail Xstore Point of Service Takeover Vulnerability
Unauthenticated Remote Code Execution Vulnerability in Oracle Demantra Demand Management
Oracle Hospitality Reporting and Analytics Component Unauthorized Data Access Vulnerability
Unauthenticated Remote Code Execution Vulnerability in Oracle PeopleSoft Enterprise PeopleTools
Vulnerability in PeopleSoft Enterprise Interaction Hub component allows unauthorized data access and manipulation
Oracle Hospitality Gift and Loyalty Component Unauthorized Access Vulnerability
Vulnerability in PeopleSoft Enterprise PeopleTools Rich Text Editor Component
MySQL Server Denial of Service Vulnerability
Vulnerability in Oracle Agile Product Lifecycle Management for Process User Group Management Component (CVE-2021-12345)
Unauthenticated Remote Code Execution Vulnerability in PeopleSoft Enterprise PeopleTools
Unauthenticated Remote Code Execution Vulnerability in Oracle Java SE
Vulnerability in MySQL Server: Unauthorized Server Hang or Crash
Vulnerability in Oracle E-Business Suite's Oracle Application Object Library: Unauthorized Access and Data Compromise
Java SE Networking Vulnerability
Vulnerability in Hyperion Essbase Administration Services: Unauthorized Data Access and Manipulation
Unauthenticated Remote Code Execution Vulnerability in Oracle Hyperion Essbase Administration Services (EAS Console) 11.1.2.4
Critical Vulnerability in Oracle Hyperion Essbase Administration Services (EAS Console) Allows Unauthorized Access to Critical Data
MySQL Server Denial of Service Vulnerability
MySQL Server Denial of Service Vulnerability
MySQL Server Parser Vulnerability
Oracle iLearning Learner Administration Component Vulnerability
Vulnerability in Oracle Outside In Technology Allows Unauthorized Read Access
Vulnerability in Primavera Unifier Web Access component of Oracle Construction and Engineering Suite
Java SE, Java SE Embedded, JRockit Vulnerability: Unauthenticated Remote Code Execution
Java SE Utility Component Unauthenticated Access Vulnerability
Oracle iProcurement E-Content Manager Catalog Unauthenticated Access Vulnerability
Oracle GlassFish Server 3.1.2 Denial of Service Vulnerability
Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Data Access and Manipulation
Vulnerability in PeopleSoft Enterprise PeopleTools Portal Component
Vulnerability in MySQL Server Component: Unauthorized Server Crash
MySQL Server Denial of Service Vulnerability
Java SE Sound Component Unauthorized Read Access Vulnerability
Oracle Hospitality Cruise Fleet Management Component Unauthorized Access Vulnerability
Oracle Hospitality Cruise Fleet Management Component Vulnerability
Oracle Hospitality Cruise Shipboard Property Management System Vulnerability
MySQL Server Partition Vulnerability
MySQL Server Denial of Service Vulnerability
Vulnerability in Oracle Hospitality Cruise Fleet Management: Unauthorized Data Access and Partial Denial of Service
Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Data Access and Manipulation
Critical Vulnerability in Oracle PeopleSoft Products: Compromise of PeopleSoft Enterprise PeopleTools
Critical Vulnerability in Oracle Hospitality Cruise Fleet Management: Unauthorized Data Access and Modification
Unauthenticated Remote Read Access Vulnerability in Oracle E-Business Suite Application Management Pack
Oracle Identity Analytics Component Vulnerability
Vulnerability in Oracle Java SE Allows Unauthorized Takeover
MySQL Server Denial of Service Vulnerability
Vulnerability in MySQL Server: Unauthorized Access and Denial of Service
Solaris RPC Portmap v3 Denial of Service Vulnerability
MySQL Server Denial of Service Vulnerability
MySQL Server Component Vulnerability: Unauthorized Hang and Crash
Vulnerability in Oracle Hyperion Common Events: Unauthorized Data Access and Manipulation
Vulnerability in Oracle Hyperion Common Events: Unauthorized Data Access and Manipulation
Vulnerability in Oracle Hyperion Common Events: Unauthorized Data Access and Manipulation
Vulnerability in Oracle Hyperion Common Events: Unauthorized Data Access and Manipulation
Oracle Identity Manager Vulnerability: Unauthorized Access and Partial Denial of Service
Vulnerability in Oracle Java SE: Unauthorized Access and Denial of Service
Vulnerability in Oracle Hospitality Cruise Shipboard Property Management System Allows Unauthorized Access to Critical Data
Critical Denial of Service Vulnerability in Oracle MySQL Server (Versions 8.0.12 and Prior)
Vulnerability in Java SE, Java SE Embedded, JRockit: Scripting Component
Vulnerability in Oracle Hyperion BI+ Allows Unauthorized Read Access to Data
Vulnerability in MySQL Server component allows unauthorized data access and server compromise
Vulnerability in MySQL Server: Optimizer Component (CVE-2018-12345)
Vulnerability in MySQL Server: Unauthorized Data Access and Denial of Service
Oracle iStore Component Vulnerability in Oracle E-Business Suite
Oracle E-Business Suite Customer Interaction History Unauthorized Access Vulnerability
Vulnerability in Oracle E-Business Intelligence component allows unauthorized access and data manipulation
Oracle WebLogic Server T3 Network Access Vulnerability
Critical Vulnerability in Oracle PeopleSoft Products: Compromise of PeopleSoft Enterprise PeopleTools
Vulnerability in PeopleSoft Enterprise PeopleTools Activity Guide Component
Vulnerability in PeopleSoft Enterprise PeopleTools Activity Guide Component
Vulnerability in MySQL Server: Unauthorized Data Access and Server Crash
Oracle Partner Management Component Vulnerability in E-Business Suite: Unauthorized Access and Data Compromise
Oracle WebLogic Server Remote Code Execution Vulnerability
Unauthenticated Read Access Vulnerability in Oracle PeopleSoft Enterprise PeopleTools
MySQL Server Denial of Service Vulnerability
Oracle WebLogic Server Remote Code Execution Vulnerability
Unauthenticated Unauthorized Read Access Vulnerability in PeopleSoft Enterprise PeopleTools
Vulnerability in MySQL Server: Unauthorized Server Hang or Crash
Vulnerability in Oracle Business Intelligence Enterprise Edition: Unauthorized Access and Data Compromise
Vulnerability in PeopleSoft Enterprise PeopleTools Workflow Component
Vulnerability in PeopleSoft Enterprise PeopleTools Portal Component
Vulnerability in PeopleSoft Enterprise PeopleTools Portal Component
Vulnerability in Oracle Hyperion Data Relationship Management Allows Unauthorized Access to Critical Data
Java SE Vulnerability: Unauthenticated Takeover via JavaFX
Oracle GlassFish Server Vulnerability: Unauthorized Data Access via Java Server Faces
Vulnerability in Java SE and Java SE Embedded Allows Unauthorized Data Access and Modification
MySQL Server Information Schema Denial of Service Vulnerability
Unauthenticated Remote Code Execution Vulnerability in Oracle WebLogic Server via Docker Images
Java SE, Java SE Embedded, JRockit Sound Component Denial of Service Vulnerability
Vulnerability in Oracle Endeca Information Discovery Integrator: Unauthorized Data Access and Manipulation
Vulnerability in Oracle Outside In Technology Allows Unauthorized Access and Data Compromise
Vulnerability in Oracle Outside In Technology Allows Unauthorized Access and Data Compromise
Vulnerability in Oracle Outside In Technology Allows Unauthorized Access and Partial Denial of Service
Vulnerability in Oracle Outside In Technology Allows Unauthorized Access and Partial Denial of Service
Vulnerability in Oracle Outside In Technology Allows Unauthorized Access and Denial of Service
Vulnerability in Oracle Outside In Technology Allows Unauthorized Access and Denial of Service
Vulnerability in Oracle Outside In Technology Allows Unauthorized Access and Denial of Service
Vulnerability in Oracle Outside In Technology Allows Unauthorized Access and Denial of Service
Vulnerability in Oracle Outside In Technology Allows Unauthorized Access and Denial of Service
Oracle Outside In Technology Unauthenticated Remote Code Execution Vulnerability
Vulnerability in Oracle Outside In Technology Allows Unauthorized Access and Denial of Service
Vulnerability in Oracle Outside In Technology Allows Unauthorized Access and Denial of Service
Vulnerability in Oracle Outside In Technology Allows Unauthorized Access and Denial of Service
Vulnerability in Oracle Outside In Technology Allows Unauthorized Access and Denial of Service
Vulnerability in Oracle Outside In Technology Allows Unauthorized Access and Denial of Service
Vulnerability in Oracle Outside In Technology Allows Unauthorized Access and Denial of Service
Vulnerability in Oracle Outside In Technology Allows Unauthorized Access and Denial of Service
Vulnerability in Oracle Outside In Technology Allows Unauthorized Access and Denial of Service
Vulnerability in Oracle Applications Manager component of Oracle E-Business Suite: Unauthorized Access and Data Compromise
Vulnerability in Oracle User Management component of Oracle E-Business Suite: Unauthorized Access and Data Manipulation
Oracle Applications Manager Unauthenticated Read Access Vulnerability
Oracle WebCenter Sites Component Vulnerability: Unauthorized Access and Data Compromise
Unauthenticated Read Access Vulnerability in PeopleSoft Enterprise PeopleTools
Vulnerability in Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite: Unauthorized Data Access and Manipulation
Vulnerability in Oracle Marketing component of Oracle E-Business Suite: Unauthorized Access and Data Compromise
Vulnerability in Oracle Applications Framework component of Oracle E-Business Suite: Unauthorized Access and Data Compromise
Oracle E-Business Suite Attachment/File Upload Vulnerability
Oracle WebLogic Server T3 Vulnerability
Oracle WebLogic Server Component Vulnerability
Vulnerability in MySQL Server: Unauthorized Access and Denial of Service
Oracle WebLogic Server Vulnerability: Unauthorized Access to Critical Data
Oracle WebLogic Server Component Vulnerability
Oracle WebLogic Server Vulnerability: Unauthorized Access and Data Manipulation
MySQL Server Denial of Service Vulnerability
Oracle WebLogic Server T3 Vulnerability
Oracle Virtual Directory Component Vulnerability
Unauthenticated Unauthorized Read Access Vulnerability in Oracle WebCenter Portal
Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Data Access and Manipulation
Vulnerability in Oracle Email Center component of Oracle E-Business Suite: Unauthorized Data Access
Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Data Access and Manipulation
MySQL Connectors Component Vulnerability
Oracle Database Server Java VM Component Vulnerability
Unauthenticated Read Access Vulnerability in PeopleSoft Enterprise PeopleTools
Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Data Manipulation
Solaris Sudo Vulnerability: Unauthorized Access and Partial Denial of Service
Solaris Kernel Unauthorized Access and Partial Denial of Service Vulnerability
Solaris Component Vulnerability: Unauthorized Access and Partial Denial of Service
Solaris Verified Boot Vulnerability
Solaris LFTP FTP Access Vulnerability
Solaris SMB Server Denial of Service Vulnerability
Solaris SMB Server Denial of Service Vulnerability
Solaris Kernel Denial of Service Vulnerability
Solaris Kernel Zones Denial of Service Vulnerability
Solaris Kernel Zones Virtualized NIC Driver Denial of Service Vulnerability
Solaris Remote Administration Daemon (RAD) Vulnerability
Solaris SMB Remote Crash Vulnerability
Solaris LibKMIP Vulnerability: Unauthorized Access to Critical Data
MySQL Server Component Vulnerability: Unauthorized Hang and Crash
MySQL Server Denial of Service Vulnerability
MySQL Server Denial of Service Vulnerability
MySQL Server Vulnerability: Unauthorized Hang or Crash (CVE-XXXX-XXXX)
Vulnerability in MySQL Server JSON Component: Unauthorized Server Crash
Vulnerability in Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite: Unauthorized Data Access and Manipulation
MySQL Server Denial of Service Vulnerability
MySQL Server Logging Vulnerability
MySQL Server Denial of Service Vulnerability
MySQL Server Denial of Service Vulnerability
Privilege Escalation Vulnerability in Oracle MySQL Server
Oracle VM VirtualBox Vulnerability: Unauthorized Takeover of Virtualization Component
Vulnerability in Oracle VM VirtualBox Prior to 5.2.20 Allows Unauthorized Takeover
Vulnerability in Oracle VM VirtualBox Prior to 5.2.20 Allows Unauthorized Takeover
Oracle VM VirtualBox Vulnerability: Unauthorized Takeover of Virtualization Component
Oracle VM VirtualBox Vulnerability: Unauthorized Takeover of Virtualization Component
Oracle VM VirtualBox Vulnerability: Unauthorized Takeover of Virtualization Component
Oracle VM VirtualBox Vulnerability: Unauthorized Takeover of Virtualization Component
Vulnerability in Oracle VM VirtualBox allows for Remote Takeover
Vulnerability in Oracle VM VirtualBox Prior to 5.2.20: Unauthorized Takeover
Oracle VM VirtualBox Vulnerability: Unauthorized Takeover of Virtualization Component
Oracle VM VirtualBox Vulnerability: Unauthorized Takeover of Virtualization Component
Oracle VM VirtualBox Vulnerability: Unauthorized Takeover of Virtualization Component
Oracle Text Component Vulnerability: Unauthorized Access and Denial of Service
Vulnerability in Oracle Retail Xstore Office 7.1 Allows Unauthorized Data Access and Manipulation
Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Data Access and Manipulation
Vulnerability in Oracle Outside In Technology Allows Unauthorized Access and Denial of Service
Vulnerability in Oracle Enterprise Manager Base Platform: Unauthorized Data Access and Manipulation
Oracle Application Testing Suite Component Vulnerability
Vulnerability in Oracle Application Testing Suite component of Oracle Enterprise Manager Products Suite: Unauthorized Data Access and Partial Denial of Service
Oracle VM VirtualBox Vulnerability: High Privileged Takeover (CVE-2018-xxxx)
Oracle Retail Xstore Payment Component Vulnerability
Vulnerability in Oracle Retail Customer Engagement Component: Unauthorized Data Access and Partial Denial of Service
Vulnerability in MICROS Relate CRM Software Allows Unauthorized Access and Data Manipulation
Vulnerability in Oracle Retail Customer Management and Segmentation Foundation component allows unauthorized access and data manipulation
Vulnerability in Oracle Retail Customer Management and Segmentation Foundation: Unauthorized Access and Data Compromise
Double Free Vulnerability in Audio Driver: Exploiting Sound Compression Device in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases
Race Condition in diag_ioctl_lsm_deinit() Leads to Use After Free Vulnerability in Android for MSM, Firefox OS for MSM, QRD Android, and CAF Android Releases
Buffer Over-read Vulnerability in Android's FILS Authentication Frame Processing
Untrusted Pointer Dereference in apr_cb_func: Arbitrary Code Execution Vulnerability
Use After Free Vulnerability in FastRPC Driver in Android Releases from CAF
Buffer Overflow Vulnerability in lim_send_sme_probe_req_ind() in Android Releases from CAF
Buffer Overwrite Vulnerability in Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android
Buffer Overflow Vulnerability in Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with Linux Kernel
Buffer Overwrite Vulnerability in Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with Linux Kernel
Buffer Over-read Vulnerability in Android Fast Initial Link Setup (FILS) Connection
Untrusted Pointer Dereference in Android's cpuidle Driver
Use After Free Vulnerability in KGSL Driver on Android Devices
Unchecked Buffer Access Vulnerability in Android Audio Driver's Event Handler
Out of Bounds Access Vulnerability in Android Releases with CAF Linux Kernel
Vulnerability: Unauthorized Cache Maintenance on Insecure ION Buffer in Android Releases
Array Out-of-Bounds Access Vulnerability in WiFi Driver Function sapInterferenceRssiCount() in Android Releases from CAF
Integer Overflow and Buffer Overflow Vulnerability in Android Releases from CAF
Heap Buffer Overflow Vulnerability in Android WLAN Driver due to Type Mismatch for ie_len
WLAN Driver Buffer Over-read Vulnerability in Android Releases
Stack-based Buffer Overflow in WLAN Driver Due to pmkid_count Value in Android Releases from CAF
Buffer Overwrite Vulnerability in Android WLAN Driver
Improper Input Validation in WMA Event Handler Functions Leads to Buffer Overflow in Android Releases
Buffer Overflow Vulnerability in Snapdragon Auto, Consumer Electronics Connectivity, Consumer IOT, Industrial IOT, Mobile, Wearables in MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA9379, QCS605, SD 625, SD 636, SD 820, SD 820A, SD 835, SD 855, SDA660, SDM630, SDM660, SDX20
Use After Free Vulnerability in Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with Linux Kernel
Integer Overflow to Buffer Overflow Vulnerability in ADSPRPC Heap Manager
Use After Free Vulnerability in Android Firmware Memory Dump Feature
Improper Access Control Vulnerability in Snapdragon Processors
Buffer Overflow Vulnerability in Qualcomm Snapdragon Mobile Devices
Use After Free Vulnerability in Android RIL Handling Requests
Vulnerability: Unrestricted Memory Access in Qualcomm Snapdragon Devices
Null Pointer Dereference Vulnerability in Android on Qualcomm Snapdragon Mobile and Snapdragon Wear Devices
Double Free Vulnerability in Qualcomm Snapdragon Devices
Buffer Over-read Vulnerability in Android Qualcomm Snapdragon Devices
Improper Error Handling in RPMB Writes Allows Bypass of Anti-Rollback in Snapdragon Devices
Legacy Code Vulnerability in Qualcomm Android, Firefox OS, and QRD Android with Linux Kernel
Arbitrary Kernel Write Vulnerability in ADSP RPC Driver in Android Releases
Insufficient Validation in Qualcomm Android and Firefox OS Camera Driver: Information Leak and Out-of-Bounds Access Vulnerability
Use After Free Vulnerability in Qualcomm Android, Firefox OS, and QRD Android
Trend Micro Control Manager 6.0 XXE Information Disclosure Vulnerability
Authentication Bypass Vulnerability in Trend Micro Control Manager 6.0
AdHocQuery_Processor SQL Injection RCE Vulnerability in Trend Micro Control Manager 6.0
CGGIServlet SQL Injection RCE Vulnerability in Trend Micro Control Manager 6.0
Trend Micro Control Manager 6.0 Remote Code Execution Vulnerability
Trend Micro Control Manager 6.0 SQL Injection Remote Code Execution Vulnerabilities
Trend Micro Control Manager 6.0 SQL Injection Remote Code Execution Vulnerability
Trend Micro Control Manager 6.0 Remote Code Execution Vulnerability
User-Mode Hooking (UMH) Driver Vulnerability in Trend Micro Maximum Security 2018
Unauthenticated Access to Sensitive Log File in Trend Micro InterScan Messaging Security Virtual Appliance
Memory Status Register Vulnerability in Intel Driver and Support Assistant
User Mode Driver Bounds Check Vulnerability in Intel Graphics Driver 15.40.x.4 and 21.20.x.x: Local Denial of Service Exploit
Insufficient Input Validation in Intel NUC Firmware Allows Privilege Escalation to SMM
Variable Service Module Logic Issue
Speculative Execution Side-Channel Vulnerability in Intel SGX
Unauthenticated Network-based Key Extraction Vulnerability in Intel Active Management Technology
Intel Optane Memory Module Information Disclosure Vulnerability
Speculative Execution Side-Channel Vulnerability: Unauthorized Disclosure of L1 Data Cache Information
Insufficient Input Validation in Intel Driver & Support Assistant Allows Information Disclosure via Adjacent Access
Buffer Overflow Vulnerability in ETWS Processing Module of Intel XMM71xx, XMM72xx, XMM73xx, XMM74xx, and Sofia 3G/R: Remote Code Execution
Side Channel Vulnerability in Edger8r Tool in Intel SGX SDK
Arbitrary Code Execution Vulnerability in Intel Converged Security Management Engine 11.x
Arbitrary Code Execution via Buffer Overflow in Intel Active Management Technology
Buffer Overflow Vulnerability in Intel Active Management Technology Event Handler
Local Administrator Exploit: Memory Corruption in Intel Active Management Technology
Local Denial of Service Vulnerability in Intel Online Connect Access 1.9.22.0 NDIS Filter Driver
Insufficient Input Validation in Intel Rapid Store Technology (RST) Installer: Privilege Escalation and Denial of Service Vulnerability
Critical Privilege Escalation Vulnerability in Intel Remote Keyboard
Speculative Store Bypass (SSB), Variant 4: Unauthorized Information Disclosure Vulnerability
Rogue System Register Read (RSRE), Variant 3a: Unauthorized Disclosure of System Parameters via Speculative Execution
Critical Vulnerability: Intel Remote Keyboard Allows Network Attackers to Inject Keystrokes as Local Users
Power Management Controller Firmware Vulnerability in Intel Systems
Critical Vulnerability: Local Attackers Can Inject Keystrokes in Intel Remote Keyboard Sessions
Speculative Execution Side-Channel Vulnerability: Unauthorized Information Disclosure via L1 Data Cache
DLL Injection Vulnerability in Intel Wireless Drivers: Privilege Escalation via Remote Code Execution
Bypassing URI Sanitization in Bleach Module in INTEL Distribution for Python
Vulnerability: Unauthorized Access to Platform Secrets via Debug Interfaces in Intel Xeon Processors
Physical Access Vulnerability in Intel CSME, Intel Server Platform Services, and Intel Trusted Execution Engine Firmware
Buffer Overflow Vulnerabilities in Intel AMT Firmware: Exploiting Privileged Execution
Memory Leaks in Intel AMT Firmware: Potential Denial of Service Vulnerability
Intel PTT Module Vulnerability: Information Disclosure via Physical Access
Buffer Overflow Vulnerability in Intel System Configuration Utilities Selview.exe and Syscfg.exe
Critical Privilege Escalation Vulnerability in Intel Saffron MemoryBase
Intel Saffron MemoryBase Privilege Escalation Vulnerability
Lazy FP State Restore Vulnerability
Arbitrary Code Execution via Non-Paged Pool Overflow in Intel Smart Sound Technology Driver
Incorrect File Permissions in IPDT Installation Tool: Arbitrary Code Execution and Privilege Escalation Vulnerability
Unquoted Service Paths Vulnerability in Intel Processor Diagnostic Tool (IPDT)
Remote Code Execution Vulnerability in Intel Centrino Wireless N and Intel Centrino Advanced N Adapters
Buffer Overflow Vulnerability in Intel Smart Sound Technology Driver Module
Intel Saffron Admin Application: Authenticated User Unauthorized Information Access Vulnerability
Arbitrary Code Execution Vulnerability in Intel Smart Sound Technology Driver
Remote Code Execution Vulnerability in Intel Data Center Manager SDK 5.0 and Earlier
BMC Firmware Vulnerability: Unauthorized SMBUS Read/Write Access
Unquoted Service Paths Vulnerability in Intel Quartus Prime (Versions 15.1 - 18.0)
Unquoted Service Paths Vulnerability in Intel Quartus II (Versions 11.0 - 15.0)
INTEL-SA-00086 Detection Tool Code Injection Vulnerability
Unquoted Service Paths Vulnerability in Intel Quartus II Programmer and Tools (Versions 11.0 - 15.0)
Unquoted Service Paths Vulnerability in Intel Quartus Prime Programmer and Tools (Versions 15.1 - 18.0)
Denial of Service Vulnerability in Intel SGX AESM Daemon
Timing Vulnerability in Intel Integrated Performance Primitives Cryptography Library
Speculative Execution Vulnerability: Unauthorized Information Disclosure via Speculative Buffer Overflow and Side-Channel Analysis
Intel RAID Web Console 3 for Windows Authentication Bypass Vulnerability
Privilege Escalation via Improper Directory Permissions in Intel Media Server Studio Installer
Privilege Escalation via Improper File Permissions in Intel Ready Mode Technology Installer
Cross-Site Scripting Vulnerability in Intel RAID Web Console v3 for Windows Allows Privilege Escalation via Remote Access
Privilege Escalation via Code Injection in Intel USB 3.0 eXtensible Host Controller Driver Installer
Privilege Escalation Vulnerability in Intel(R) PROSet/Wireless WiFi Software Installer
Privilege Escalation Vulnerability in ITE Tech* Consumer Infrared Driver Installer
Improper Directory Permissions in Intel(R) SSD Data Center Tool Installer: Local Privilege Escalation Vulnerability
Privilege Escalation via Improper Directory Permissions in Intel Parallel Studio Installer
Improper Directory Permissions in Intel System Defense Utility Installer: Potential Denial of Service Vulnerability
Insecure Temporary File Vulnerability in Gitlab Community and Enterprise Editions 10.3.3
Fastify Node Module Denial-of-Service Vulnerability
Path Traversal Vulnerability in Serve Node Module (before 6.4.9) Allows Unauthorized Directory Access
Path Traversal Vulnerability in angular-http-server Node Module Allows Unauthorized File Access
Path Traversal Vulnerability in node-srv Node Module Allows Unauthorized File Access
Path Traversal Vulnerability in Glance Node Module (before 3.0.4) Allows Unauthorized File Access
Cross-Site Scripting (XSS) Vulnerability in simplehttpserver Node Module
Cross-Site Scripting (XSS) Vulnerability in connect-node-module
Vulnerability: Serve Node Module Allows Access to Ignored Files via URL Encoding
Mixin-Deep Node Module Prototype Pollution Vulnerability
Modification of Assumed-Immutable Data (MAID) vulnerability in assign-deep node module before 0.4.7 allows prototype modification of Object via __proto__
Lodash Node Module < 4.17.5: Modification of Assumed-Immutable Data (MAID) Vulnerability via defaultsDeep, merge, and mergeWith Functions
Merge-deep Node Module MAID Vulnerability: Prototype Modification of Object
MAID vulnerability in defaults-deep node module before 0.2.4 allows prototype modification of Object via __proto__
Path Traversal Vulnerability in general-file-server Node Module Allows Unauthorized File Access
Path Traversal Vulnerability in Hekto Node Module Allows Unauthorized File Access
Cross-Site Scripting (XSS) Vulnerability in crud-file-server Node Module
Path Traversal Vulnerability in 626 Node Module Allows Unauthorized File Access
Vulnerability: Modification of Assumed-Immutable Data (MAID) in hoek Node Module
Path Traversal Vulnerability in localhost-now Node Module Allows Unauthorized File Access
Path Traversal Vulnerability in mcstatic Node Module Allows Unauthorized File Access
Path Traversal Vulnerability in Public Node Module Allows Unauthorized File Access
Path Traversal Vulnerability in resolve-path Node Module (<=1.4.0) Allows Unauthorized File Access
Path Traversal Vulnerability in crud-file-server Node Module (CVE-XXXX-XXXX)
Path Traversal Vulnerability in Stattic Node Module Allows Unauthorized File Access
Reflected XSS Vulnerability in bracket-template via GET Parameter
SSHpk Vulnerability: Remote Denial of Service (ReDoS) via Crafted Invalid Public Keys
Protobufjs: Crafted Invalid .proto File Parsing Vulnerability
Improper Sanitization of 'auth' Parameter in https-proxy-agent Leads to DoS and Memory Leak
Sanitize Gem for Ruby: Whitelisted HTML Element Attribute Vulnerability
Possible XSS Vulnerability in rails-html-sanitizer Gem
Open Redirect Vulnerability in Hekto <=0.2.3: Exploiting Target Domain Name as HTML Filename
Path Traversal Vulnerability in html-pages Node Module Allows Unauthorized File Access
Uninitialized Buffer Allocation Vulnerability in atob 2.0.3 and Earlier on Node.js 4.x and Below
Command Injection Vulnerability in pdfinfojs NPM Module (<= 0.3.6)
HTML Injection in File Names: Exploiting Public Node Module Versions <= 1.0.3
Stored XSS Vulnerability in Glance Node Module (<= 3.0.5) Allows Execution of Malicious JavaScript
Prototype Manipulation Vulnerability in deap Node Module
Prototype Pollution Vulnerability in deep-extend Node Module
Prototype Pollution in merge-recursive Node Module (<= 0.3.0)
Prototype Pollution Vulnerability in merge-options Node Module
Prototype Pollution Vulnerability in merge-objects Node Module
SQL Injection Vulnerability in Node.js third-party module query-mysql (versions 0.0.0 - 0.0.2)
Stored XSS Vulnerability in sexstatic <=0.6.2: HTML Injection via Directory Name
Transaction and Block Signature Verification Bypass in Hyperledger Iroha
Unescaped String Parameter Vulnerability in pdf-image v2.0.0
Unrestricted File Upload Vulnerability in Express-Cart Module (RCE) Allows Privileged User Access
Time-of-Check Time-of-Use (TOCTOU) Race Condition in private_address_check Ruby Gem
Sprockets Information Leak Vulnerability
Improper Authentication on Nextcloud Server OAuth2 Token Endpoint
Improper Permission Checks in Nextcloud Server: Unauthorized Access to File Previews
Stored XSS Vulnerability in Nextcloud Calendar Autocomplete Field
Stored XSS Vulnerability in Nextcloud Contacts Autocomplete Field
Path Traversal Vulnerability in Buttle Module Versions <= 0.2.0: Unauthorized File Access
Buffer Allocation and Uninitialized Memory Vulnerability in memjs <= 1.1.0
Cross-Site Scripting (XSS) Vulnerability in Ruby Grape Gem via format Parameter
Path Traversal Vulnerability in markdown-pdf <9.0.0 Allows Local File Reading
XSS Vulnerability in statics-server <= 0.0.9 via Injected Iframe in Filename
Arbitrary Command Execution in Deprecated `whereis` npm Module
Stored Cross-Site Scripting Vulnerability in `metascrape` npm Module <= 3.9.2
URL parsing vulnerability in url-parse <1.4.3 allows for SSRF, Open Redirect, and Bypass Authentication Protocol.
Authentication Bypass Vulnerability in Nextcloud Server prior to version 12.0.3
Audit Log Bypass Vulnerability in Nextcloud Server
Arbitrary Parameter Injection Vulnerability in Restforce before 3.0.0
Improper Authorization Allows Unauthorized LWT Publication in aedes <0.35.0
Arbitrary Code Execution Vulnerability in Active Support Ruby Gem 5.2.0
Stored XSS Vulnerability in NextCloud Server <13.0.5: User-Generated Search Results Exploitation
Stored XSS Vulnerability in NextCloud Talk <3.2.5 due to Missing Sanitization of Autocomplete Search Results
Account Takeover Vulnerability in FlintCMS <= 1.1.9: Blind MongoDB Injection in Password Reset
Arbitrary Code Execution Vulnerability in Cryo 0.0.6
Command Injection Vulnerability in git-dummy-commit v1.3.0: Unescaped Parameter Allows OS Command Execution
Arbitrary Shell Command Execution Vulnerability in egg-scripts <v2.8.1
Path Traversal Vulnerability in simplehttpserver <v0.2.1: Unauthorized File Listing
Directory Listing Information Exposure Vulnerability in Serve 6.5.3
Authentication Bypass Vulnerability in Oturia Smart Google Code Inserter Plugin for WordPress
SQL Injection Vulnerability in Oturia Smart Google Code Inserter Plugin for WordPress
Incorrect Access Control in getConfigExportFile.cgi on FLIR Brickstream 2300 devices 2.0 4.1.53.166
Remote Code Execution via Image Upload in Craft CMS 2.6.3000
XIMSS Protocol Implementation Vulnerability Allows Email Spoofing Attack
Sensitive Information Leakage in Logstash Versions 5.6.6 and 6.x before 6.1.2
Cross-Site Scripting (XSS) Vulnerability in Kibana Versions 5.1.1 to 6.1.2 and 5.6.6 via Colored Fields Formatter
Open Redirect Vulnerability in Kibana Login Page
Cross-Site Scripting (XSS) Vulnerability in Kibana Labs Visualizations
Cross-Site Scripting (XSS) Vulnerability in Kibana Tag Cloud Visualization
User Impersonation Vulnerability in X-Pack Security 6.2.0-6.2.2
Cross-Site Scripting (XSS) Vulnerability in X-Pack Machine Learning Versions before 6.2.4 and 5.6.9
Cross-Site Scripting (XSS) Vulnerability in X-Pack Machine Learning
Predictable Master Encryption Key in Elastic Cloud Enterprise (ECE) Allows Unauthorized Access to Configuration Information
Exposure of Access and Security Keys in Elasticsearch _snapshot API
Elasticsearch Repository-Azure Plugin Vulnerability: Inadvertent Logging of Azure Credentials
Information Exposure Vulnerability in Elastic Cloud Enterprise (ECE) Prior to 1.1.4
Unauthorized Access to Clusters via Invalid Roles Token in Elastic Cloud Enterprise (ECE) Versions Prior to 1.1.4
Cross-Site Scripting (XSS) Vulnerability in Kibana Versions 5.3.0 to 6.4.1
Information Disclosure Vulnerability in Elasticsearch Alerting and Monitoring
Insteon Hub Firmware Update Vulnerability: Arbitrary MPFS Binary Upload and Unsigned Firmware Image Exploit
Insteon Hub Firmware Downgrade Vulnerability
Insteon Hub Firmware Upgrade Vulnerability
PTEX Version 2.2 Out of Bounds Write Vulnerability
Command Injection Vulnerability in Leptonica 1.74.4's gplotMakeOutput Function
PCX Image Rendering Vulnerability in SDL2_image-2.0.2 Allows Information Disclosure
XCF Image Rendering Heap Out-of-Bounds Read Vulnerability
XCF Image Rendering Heap-Based Code Execution Vulnerability in SDL2_image
Denial-of-Service Vulnerability in Pixar Renderman IT Display Service 21.6 (0x67)
Denial-of-Service Vulnerability in Pixar Renderman IT Display Service 21.6 (0x69)
Uninitialized Pointer Vulnerability in Foxit PDF Reader 9.0.1.1049
Type Confusion Vulnerability in Foxit PDF Reader 9.0.1.1049 Allows Memory Disclosure and Code Execution
Use-after-free vulnerability in Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux allows for code execution via crafted DOCX document.
Double Free Vulnerability in Hyland Perceptive Document Filters 11.4.0.2647 - Exploiting Crafted OpenDocument Document for Code Execution
Stack-based Buffer Overflow in NASA CFITSIO 3.42: Arbitrary Code Execution via Crafted FIT Images
CFITSIO Library Image Parsing Buffer Overflow Vulnerabilities
Stack-based Buffer Overflow in NASA CFITSIO 3.42 Allows Arbitrary Code Execution
Stack-based Buffer Overflow in NASA CFITSIO 3.42 Allows Arbitrary Code Execution
Use-After-Free Vulnerability in Foxit PDF Reader 9.0.1.1049 Allows Arbitrary Code Execution
Stack-based Buffer Overflow in Hyland Perceptive Document Filters 11.4.0.2647 - DOC-to-HTML Conversion Functionality
Ocularis 5.5.0.242 Denial of Service Vulnerability
Use-After-Free Vulnerability in Foxit PDF Reader 9.0.1.1049 Allows Arbitrary Code Execution
Password Protection Bypass Vulnerability in Quicken Deluxe 2018 for Mac
Double Free Vulnerability in Hyland Perceptive Document Filters 11.4.0.2647 - Exploiting Crafted OpenDocument Document for Code Execution
Arbitrary Command Injection in Samsung SmartThings Hub STH-ETH-250 Firmware 0.20.17
Heap Overflow in TIFF Parsing Functionality of Canvas Draw 4.0.0
Heap Overflow in Canvas Draw TIFF Parsing Functionality (CVE-2020-XXXX)
Out-of-Bounds Write Vulnerability in Canvas Draw 4.0.0 TIFF Parsing Functionality
Out-of-Bounds Write Vulnerability in Canvas Draw 4.0.0 TIFF Parsing Functionality
Arbitrary Code Execution via Out-of-Bounds Write in TIFF Image Processing
Out-of-Bounds Write Vulnerability in TIFF Image Processing
Buffer Overflow Vulnerability in Samsung SmartThings Hub STH-ETH-250 Firmware 0.20.17
Buffer Overflow Vulnerability in Samsung SmartThings Hub STH-ETH-250 Firmware 0.20.17
Buffer Overflow Vulnerability in Samsung SmartThings Hub STH-ETH-250 Firmware 0.20.17
Buffer Overflow Vulnerability in Samsung SmartThings Hub STH-ETH-250 Firmware 0.20.17
Stack-based Buffer Overflow in Samsung SmartThings Hub STH-ETH-250's samsungWifiScan Callback Notification
Arbitrary Code Execution via Out-of-Bounds Write in TIFF Image Processing
Canvas Draw 4.0.0 PCX Parsing Out-of-Bounds Write Vulnerability
Canvas Draw 4.0.0 PCX Parsing Out-of-Bounds Write Vulnerability
Buffer Overflow Vulnerability in Samsung SmartThings Hub STH-ETH-250 Firmware 0.20.17
Buffer Overflow Vulnerability in Samsung SmartThings Hub STH-ETH-250-Firmware 0.20.17
Buffer Overflow Vulnerability in Samsung SmartThings Hub STH-ETH-250-Firmware 0.20.17
Buffer Overflow Vulnerability in Samsung SmartThings Hub STH-ETH-250 Firmware 0.20.17
Buffer Overflow Vulnerability in Samsung SmartThings Hub STH-ETH-250 Firmware 0.20.17
Buffer Overflow Vulnerability in Samsung SmartThings Hub STH-ETH-250-Firmware 0.20.17
Buffer Overflow Vulnerabilities in Samsung SmartThings Hub STH-ETH-250 Devices
JSON Injection Vulnerability in Samsung SmartThings Hub STH-ETH-250 Devices
Stack-based Buffer Overflow in Samsung SmartThings Hub STH-ETH-250's 'find-by-cameraId' Functionality
Unauthenticated XML External Injection Vulnerability in FocalScope v2416
SQL Injection Vulnerability in ERPNext v10.1.6
SQL Injection Vulnerability in ERPNext v10.1.6
SQL Injection Vulnerability in ERPNext v10.1.6
SQL Injection Vulnerability in ERPNext v10.1.6 Allows Data Compromise
Memory Corruption Vulnerability in Computerinsel Photoline 20.53 PCX Parsing Functionality
Memory Corruption Vulnerability in Computerinsel Photoline 20.53 PCX Parsing Functionality
Memory Corruption Vulnerability in Computerinsel Photoline 20.53 PCX Parsing Functionality
Arbitrary Code Execution via Specially Crafted PCX Image
Firmware Update Logic Flaw and Command Injection Vulnerability in Yi Home Camera 27US 1.8.7.0D
Firmware Downgrade Vulnerability in Yi Home Camera 27US 1.8.7.0D
Firmware Downgrade Vulnerability in Yi Home Camera 27US 1.8.7.0D Allows Code Execution
Buffer Overflow Vulnerability in Samsung SmartThings Hub STH-ETH-250 Firmware 0.20.17
Buffer Overflow Vulnerability in Samsung SmartThings Hub STH-ETH-250-Firmware 0.20.17
Buffer Overflow Vulnerability in Samsung SmartThings Hub STH-ETH-250 Firmware 0.20.17
Buffer Overflow Vulnerability in Samsung SmartThings Hub's /cameras/XXXX/clips Handler
Buffer Overflow Vulnerability in Samsung SmartThings Hub's /cameras/XXXX/clips Handler
Buffer Overflow Vulnerability in Yi Home Camera 27US 1.8.7.0D QR Code Scanning Functionality
Buffer Overflow Vulnerability in Yi Home Camera 27US 1.8.7.0D QR Code Scanning Functionality
QR Code Buffer Overflow Vulnerability in Yi Home Camera 27US 1.8.7.0D
Buffer Overflow Vulnerability in Samsung SmartThings Hub STH-ETH-250 Camera Replace Feature
Buffer Overflow Vulnerability in Samsung SmartThings Hub STH-ETH-250 Firmware 0.20.17
Buffer Overflow Vulnerability in Samsung SmartThings Hub STH-ETH-250 Firmware 0.20.17
Buffer Overflow Vulnerability in Samsung SmartThings Hub STH-ETH-250 Camera Create Feature
Stack-based Buffer Overflow in Samsung SmartThings Hub's Video-Core HTTP Server
Vulnerability: HTTP Request Overwrite in Samsung SmartThings Hub STH-ETH-250 Firmware 0.20.17
REST Parser Vulnerability in Samsung SmartThings Hub STH-ETH-250-Firmware 0.20.17
HTTP Request Method Overwrite Vulnerability in Samsung SmartThings Hub STH-ETH-250 Firmware 0.20.17
Code Execution Vulnerability in Yi Home Camera 27US 1.8.7.0D via Crafted SSID
HTTP Header Injection Vulnerability in Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17
Buffer Overflow Vulnerability in Samsung SmartThings Hub STH-ETH-250 Firmware 0.20.17
Stack-based Buffer Overflow in Samsung SmartThings Hub STH-ETH-250 Firmware 0.20.17
Stack-based Buffer Overflow in Samsung SmartThings Hub STH-ETH-250 Firmware 0.20.17
Stack-based Buffer Overflow in Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17
Stack-based Buffer Overflow in Samsung SmartThings Hub STH-ETH-250 Firmware 0.20.17
Buffer Overflow Vulnerability in Samsung SmartThings Hub STH-ETH-250 Firmware 0.20.17
Arbitrary Deletion of Cameras in Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17
Stack-based Buffer Overflow in Samsung SmartThings Hub STH-ETH-250 Video-Core HTTP Server
Firmware Update Code Execution Vulnerability in Yi Home Camera 27US 1.8.7.0D
Stack Overflow Vulnerability in Computerinsel Photoline 20.54 PSD Parsing Functionality
Stack Overflow Vulnerability in Computerinsel Photoline 20.54 ANI Parsing Functionality
Memory Corruption Vulnerability in Computerinsel Photoline 20.54 PCX Parsing Functionality
Use-after-free vulnerability in Foxit PDF Reader allows arbitrary code execution
Buffer Overflow Vulnerability in Samsung SmartThings Hub STH-ETH-250 Devices
Integer Underflow Vulnerability in Samsung SmartThings Hub STH-ETH-250 Firmware 0.20.17
Insecure HTTPS Connection in Samsung SmartThings Hub STH-ETH-250 Allows Information Disclosure
Firmware Update Denial of Service Vulnerability in Yi Home Camera 27US 1.8.7.0D
Heap Corruption Vulnerability in Antenna House Office Server Document Converter
Out-of-Bounds Write Remote Code Execution in Antenna House Office Server Document Converter
Remote Code Execution via Crafted Microsoft Word Document in Antenna House Office Server Document Converter
Stack-based Buffer Overflow in Antenna House Office Server Document Converter
Out-of-Bounds Write Vulnerability in Antenna House Office Server Document Converter
Firmware Update Authentication Bypass Vulnerability in Yi Home Camera 27US 1.8.7.0D
UDP Network Functionality Denial of Service Vulnerability in Yi Home Camera 27US 1.8.7.0D
Remote Code Execution Vulnerability in Antenna House Office Server Document Converter v6.1 Pro MR2 for Linux64
Command Injection Vulnerability in Sony IPELA E Series Network Camera G5 Firmware 1.87.00
Stack-based Buffer Overflow in Sony IPELA E Series Camera G5 Firmware 1.87.00
Use-After-Free Vulnerability in Foxit PDF Reader 9.1.0.5096
Use-After-Free Vulnerability in Foxit PDF Reader 9.1.0.5096
Use-After-Free Vulnerability in Foxit PDF Reader 9.1.0.5096 Allows Arbitrary Code Execution
Use-After-Free Vulnerability in Foxit PDF Reader 9.1.0.5096 Allows Arbitrary Code Execution
Use-After-Free Vulnerability in Foxit PDF Reader 9.1.0.5096
Use-After-Free Vulnerability in Foxit PDF Reader 9.1.0.5096
Use-After-Free Vulnerability in Foxit PDF Reader 9.1.0.5096 Allows Arbitrary Code Execution
Use-After-Free Vulnerability in Foxit PDF Reader 9.1.0.5096 Allows Arbitrary Code Execution
Phone-to-Camera Information Disclosure Vulnerability in Yi Home Camera 27US 1.8.7.0D
TP-Link TL-R600VPN HTTP Server Denial-of-Service Vulnerability
TP-Link TL-R600VPN HTTP Server Directory Traversal Information Disclosure Vulnerability
Remote Code Execution Vulnerability in TP-Link TL-R600VPN HTTP Server
TP-Link TL-R600VPN HTTP Server Remote Code Execution Vulnerability
Privilege Escalation via Specially Crafted Configuration File in NordVPN 6.14.28.0
OS Command Injection Vulnerability in Linksys ESeries Routers
OS Command Injection Vulnerability in Linksys ESeries Routers (Linksys E1200 Firmware Version 2.0.09 and Linksys E2500 Firmware Version 3.0.04)
Operating System Command Injection in Linksys ESeries Routers
Out-of-Bounds Read Vulnerability in Foxit PDF Reader 9.1.0.5096
Use-After-Free Vulnerability in Foxit PDF Reader 9.1.0.5096
Use-After-Free Vulnerability in Foxit PDF Reader 9.1.0.5096
Use-After-Free Vulnerability in Foxit PDF Reader 9.1.0.5096
Use-After-Free Vulnerability in Foxit PDF Reader 9.1.0.5096
Use-After-Free Vulnerability in Foxit PDF Reader 9.1.0.5096
Use-After-Free Vulnerability in Foxit PDF Reader 9.1.0.5096
Command Injection Vulnerability in CUJO Smart Firewall's DHCP Daemon Configuration
Use-after-free vulnerability in Foxit PDF Reader 9.1.0.5096 allows arbitrary code execution
Use-after-free vulnerability in Foxit PDF Reader 9.1.0.5096 allows arbitrary code execution
Use-after-free vulnerability in Foxit PDF Reader 9.1.0.5096 allows arbitrary code execution
Use-after-free vulnerability in Foxit PDF Reader 9.1.0.5096 allows arbitrary code execution
Bypassing Verified Boot Protection in Das U-Boot: Execution of Unsigned Kernel
Persistent Command Injection in CUJO Smart Firewall's Verified Boot Protection
Memory Disclosure Vulnerability in Sophos HitmanPro.Alert 3.7.6.744
Arbitrary Write Vulnerability in Sophos HitmanPro.Alert 3.7.6.744
Levin Deserialization Logic Flaw Allows Code Execution in Monero 'Lithium Luna' and Other Cryptocurrencies
Out of Bounds Write Vulnerability in Canvas Draw 5.0.0 Allows Arbitrary Data Overwrite
GOG Galaxy Local Privilege Elevation Vulnerability
Uninitialized Variable Vulnerability in Atlantis Word Processor 3.2.6
CALS Raster File Format Parsing Out-of-Bounds Write Vulnerability in Canvas Draw 5.0.0.28
Heap Overflow Vulnerability in SDL2_image-2.0.3 XCF Image Rendering
Atlantis Word Processor 3.0.2.3, 3.0.2.5 Out-of-Bounds Write Vulnerability
Title: Remote Denial-of-Service Vulnerability in Nouveau Display Driver Allows Attackers to Crash Systems via Specially Crafted Pixel Shader
Canvas Draw 5.0.0 TIFF Image Processing Out-of-Bounds Write Vulnerability
Out-of-Bounds Write Vulnerability in Canvas Draw 5.0.0 TIFF Parsing
Arbitrary Write Vulnerability in Atlantis Word Processor 3.0.2.3 and 3.0.2.5
Uninitialized Pointer Vulnerability in Atlantis Word Processor's Document Parser
Uninitialized Length Vulnerability in Atlantis Word Processor 3.0.2.3 and 3.0.2.5
Double Free Vulnerability in CUJO Smart Firewall's mdnscap Binary
Persistent Photo Storage Vulnerability in Telegram Secret Chats
Information Disclosure Vulnerability in Rakuten Viber's 'Secret Chats' Feature on Android 9.3.0.6
Vulnerability: Signal Messenger for Android 4.24.8 Exposes Private Photos in Cache Directory
Kernel Memory Disclosure Vulnerability in WIBU-SYSTEMS WibuKey.sys Version 6.40 (Build 2400)
WibuKey.sys Version 6.40 (Build 2400) IOCTL Handler Buffer Overflow Vulnerability
Heap Overflow Vulnerability in WibuKey Network Server Management (Version 6.40.2402.500) Allows Remote Code Execution
Use-After-Free Vulnerability in Foxit PDF Reader 9.2.0.9297 Allows Arbitrary Code Execution
Use-After-Free Vulnerability in Foxit PDF Reader 9.2.0.9297
Use-After-Free Vulnerability in Foxit PDF Reader 9.2.0.9297
Use-After-Free Vulnerability in Foxit PDF Reader 9.2.0.9297
Use-After-Free Vulnerability in Foxit PDF Reader 9.2.0.9297
Use-After-Free Vulnerability in Foxit PDF Reader 9.2.0.9297 Allows Arbitrary Code Execution
Heap-based Buffer Overflow in Atlantis Word Processor 3.2.5.0 via Crafted Image
Stack-based Buffer Overflow in Atlantis Word Processor JPEG Parser
Double-Free Vulnerability in Atlantis Word Processor 3.2.5.0 Office Open XML Parser
Uninitialized Pointer Vulnerability in Atlantis Word Processor 3.2.5.0
Denial-of-Service Vulnerability in CUJO Smart Firewall's mdnscap Binary
Heap Overflow Vulnerability in CUJO Smart Firewall Firmware 7003
Privilege Escalation Vulnerability in Shimo VPN 4.1.5.1 Helper Service
Privilege Escalation Vulnerability in Shimo VPN 4.1.5.1 Helper Service
Privilege Escalation Vulnerability in Shimo VPN 4.1.5.1 Helper Service
Privilege Escalation Vulnerability in Shimo VPN 4.1.5.1 Helper Service
Privilege Escalation Vulnerability in Shimo VPN 4.1.5.1 Helper Service
Privilege Escalation Vulnerability in Shimo VPN Helper Service
Privilege Escalation via Specially Crafted Configuration File in ProtonVPN VPN Client 1.5.1
Integer Underflow Vulnerability in CUJO Smart Firewall (Version 7003) Allows Remote Crash
Buffer Overflow Vulnerability in Webroot BrightCloud SDK's HTTP Header-Parsing Function
Stack-based Buffer Overflow in LIVE555 RTSP Server Library (Version 0.92) Allows Remote Code Execution
Stack-based Buffer Overflow in Roav A1 Dashcam Wi-Fi Command 9999
Insecure TLS Certificate Validation in Webroot BrightCloud SDK
Roav A1 Dashcam URL Parsing Function Stack-Based Buffer Overflow Vulnerability
Default Credentials Vulnerability in Roav A1 Dashcam Wi-Fi Access Point
Firmware Update Vulnerability in Anker Roav A1 Dashcam (RoavA1SWV1.9)
Command Injection Vulnerability in Netgate pfSense CE 2.4.4-RELEASE
Command Injection Vulnerability in Netgate pfSense CE 2.4.4-RELEASE
Command Injection Vulnerability in Netgate pfSense CE 2.4.4-RELEASE
Use-After-Free Vulnerability in MKVToolNix MKVINFO v25.0.0 Allows Arbitrary Code Execution
Stack-based Buffer Overflow in XML_UploadFile Wi-Fi Command of Anker Roav A1 Dashcam Firmware
Denial-of-Service Vulnerability in Anker Roav A1 Dashcam Firmware
Denial-of-Service Vulnerability in Anker Roav A1 Dashcam Firmware
Denial-of-Service Vulnerability in Anker Roav A1 Dashcam Firmware
Denial-of-Service Vulnerability in Anker Roav A1 Dashcam Firmware
Firmware Update Vulnerability in Anker Roav A1 Dashcam (RoavA1SWV1.9) Allows Denial of Service
Code Execution Vulnerability in Anker Roav A1 Dashcam Firmware
CUJO Smart Firewall Version 7003: Safe Browsing Function Host Header Extraction Vulnerability
Arbitrary Lua Script Execution in CUJO Smart Firewall (Version 7003) via Safe Browsing Function
Privilege Escalation Vulnerability in CleanMyMac X Software Allows Unauthorized File System Modifications
Privilege Escalation Vulnerability in CleanMyMac X Software Allows Unauthorized File System Modifications
Privilege Escalation Vulnerability in CleanMyMac X Software Allows Unauthorized File System Modifications
Privilege Escalation Vulnerability in CleanMyMac X Software Allows Unauthorized File System Modifications
Privilege Escalation Vulnerability in CleanMyMac X Allows Unauthorized Kernel Extension Modification
Privilege Escalation Vulnerability in CleanMyMac X Software Allows Unauthorized File System Modifications
Arbitrary Write Vulnerability in Atlantis Word Processor 3.2.7.2
Out-of-Bounds Write Vulnerability in Atlantis Word Processor 3.2.7.2
Uninitialized Pointer Vulnerability in Atlantis Word Processor 3.2.7.2
Privilege Escalation Vulnerability in Clean My Mac X 4.04 Helper Service
Privilege Escalation Vulnerability in Clean My Mac X 4.04 Helper Service
Privilege Escalation Vulnerability in Clean My Mac X Helper Service (Version 4.04) Allows Unauthorized File System Modifications
Privilege Escalation Vulnerability in Clean My Mac X 4.04 Helper Service
Privilege Escalation Vulnerability in Clean My Mac X 4.04 Helper Service
Local Privilege Escalation Vulnerability in Clean My Mac X Helper Service
Privilege Escalation Vulnerability in Clean My Mac X 4.04 Helper Service
Local Privilege Elevation Vulnerability in GOG Galaxy 1.2.48.36
Local Privilege Elevation Vulnerability in GOG Galaxy's Games Directory
GOG Galaxy Games Privileged Helper Tool Local Privilege Escalation Vulnerability
GOG Galaxy Games Privileged Helper Tool Local Privilege Escalation Vulnerability
Privileged Helper Tool Information Leak Vulnerability in GOG Galaxy Games for macOS
GOG Galaxy's Games Privileged Helper Tool Local Denial-of-Service Vulnerability
Local Privilege Escalation Vulnerability in Pixar Renderman for Mac OS X
Local Privilege Escalation Vulnerability in Pixar Renderman for Mac OS X (Version 22.2.0)
SQL Injection Vulnerability in coTURN Administrator Web Portal
Unsafe Default Configuration Vulnerability in coTURN Server Allows Unauthorized Access to Private Services
Unsafe Default Configuration Vulnerability in coTURN Server
Command Injection Vulnerability in Sierra Wireless AirLink ES450 FW 4.9.3
Hard-coded Credentials Vulnerability in Sierra Wireless AirLink ES450 FW 4.9.3
Remote Code Execution Vulnerability in Sierra Wireless AirLink ES450 FW 4.9.3 Upload.cgi Functionality
Unverified Password Change Vulnerability in Sierra Wireless AirLink ES450 FW 4.9.3
Cross-Site Scripting (XSS) Vulnerability in Sierra Wireless AirLink ES450 FW 4.9.3
Cross-Site Request Forgery Vulnerability in Sierra Wireless AirLink ES450 FW 4.9.3
ACEManager template_load.cgi Information Disclosure Vulnerability
Default Configuration Disclosure in Sierra Wireless AirLink ES450 FW 4.9.3
Plaintext XML Information Disclosure Vulnerability in Sierra Wireless AirLink ES450 FW 4.9.3
Information Disclosure Vulnerability in Sierra Wireless AirLink ES450 FW 4.9.3
Information Disclosure Vulnerability in Sierra Wireless AirLink ES450 FW 4.9.3
ACEManager EmbeddedAceSet_Task.cgi Permission Assignment Vulnerability
Arbitrary Setting Writes Vulnerability in Sierra Wireless AirLink ES450 FW 4.9.3
Arbitrary Code Execution and Denial of Service Vulnerability in Apple Kernel
Vulnerability in macOS Touch Bar Support Component Allows Arbitrary Code Execution
Memory-read bypass vulnerability in macOS Wi-Fi component
Remote Code Execution Vulnerability in QuartzCore Component
Certificate Validation Spoofing Vulnerability
Vulnerability in Core Bluetooth Component Allows Arbitrary Code Execution or Denial of Service
Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products
Remote Code Execution Vulnerability in Apple WebKit
Memory-read bypass vulnerability in Apple Kernel component
Bypassing Sandbox Protection Mechanism in macOS
Race condition vulnerability allows memory-read bypass in Apple products
Memory-read bypass vulnerability in Apple Kernel component
Arbitrary Code Execution and Denial of Service Vulnerability in Apple Audio Component
Vulnerability in Core Bluetooth Component Allows Arbitrary Code Execution or Denial of Service
Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products
Arbitrary Code Execution Vulnerability in macOS Kernel
Arbitrary Code Execution and Denial of Service Vulnerability in macOS IOHIDFamily Component
Denial of Service Vulnerability in Apple LinkPresentation Component
Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products
Address Bar Spoofing Vulnerability in Safari
Memory-read bypass vulnerability in Apple Kernel component
APFS Volume Password Truncation Vulnerability
Arbitrary Command Injection Vulnerability in macOS Terminal's Bracketed Paste Mode
PDFKit URL Bypass Vulnerability
APFS Volume Password Truncation Vulnerability
Arbitrary Code Execution and Denial of Service Vulnerability in Apple Graphics Driver
Cookie Persistence Bypass Vulnerability in iOS Web App Component
Vulnerability: S/MIME Encryption Bypass in macOS Mail Component
Symlink Mishandling Vulnerability in macOS ATS Component
JavaScriptCore Array Indexing Assertion Failure Vulnerability
Remote Code Execution Vulnerability in Apple Products
Vulnerability: Bypassing Access Restrictions in CFPreferences
Address Bar Spoofing Vulnerability in Safari
Remote Code Execution Vulnerability in Apple Products
Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products
Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products
Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products
Remote Code Execution Vulnerability in Apple Products
Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products
iTunes Email Address Disclosure Vulnerability in Apple iOS Clock Component
Apple CoreText Telugu Character Denial of Service Vulnerability
Remote Code Execution Vulnerability in Apple Products
Memory Corruption Vulnerability Patched in Multiple Apple Products
Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products
Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products
Remote Code Execution Vulnerability in Apple Products
Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products
Vulnerability: Keystroke Logging via WindowServer Component
Vulnerability in Intel Graphics Driver Allows Arbitrary Code Execution in macOS
Safari XSS Vulnerability in WebKit Component
Remote User Interface Spoofing Vulnerability in Safari
Arbitrary Code Execution and Denial of Service Vulnerability in macOS IOFireWireFamily Component
Arbitrary Code Execution and Denial of Service Vulnerability in macOS Kernel
Safari Login AutoFill Remote Data Reading Vulnerability
Vulnerability: Memory-read Bypass in NVIDIA Graphics Drivers on macOS
Arbitrary Code Execution and Denial of Service Vulnerability in macOS kext tools Component
Denial of Service Vulnerability in iOS Telephony Component
Vulnerability: Memory-read Bypass in Intel Graphics Driver on macOS
Denial of Service Vulnerability in CoreText Component
Arbitrary Code Execution and Denial of Service Vulnerability in Apple Kernel
Buffer Overflow Vulnerability in Apple Products
Memory Corruption Vulnerabilities Patched in iOS 11.3 and Other Apple Products
Memory Corruption Vulnerability in Apple Products
Multiple Memory Corruption Vulnerabilities in Apple Software
Buffer Overflow Vulnerability in iOS Telephony Component Allows Remote Code Execution
Remote User Interface Spoofing Vulnerability in SafariViewController
Arbitrary Code Execution and Denial of Service Vulnerability in Apple Kernel
Race Condition Vulnerability in iCloud Drive Component Allows Arbitrary Code Execution
Race Condition Vulnerability in macOS Notes Component
Improved Validation Addresses Injection Issue in macOS Versions Prior to Mojave 10.14
Race Condition Vulnerability in Apple Storage Component Allows Arbitrary Code Execution
Race Condition Vulnerability in CoreFoundation Component Allows Arbitrary Code Execution
Race Condition Vulnerability in PluginKit Allows Arbitrary Code Execution
Race Condition Vulnerability in Quick Look Component Allows Arbitrary Code Execution
Race Condition Vulnerability in CoreFoundation Component Allows Arbitrary Code Execution
Memory-read bypass vulnerability in macOS Graphics Drivers
Arbitrary Code Execution and Denial of Service Vulnerability in macOS Kernel
Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products
Remote Code Execution Vulnerability in Apple Products
Remote Code Execution Vulnerability in Apple Products
Unspecified Vulnerability in LLVM Component of Xcode
Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products
Race Condition Vulnerability in NSURLSession Component Allows Arbitrary Code Execution
Race Condition Vulnerability in File System Events Component
iOS Files Widget Information Disclosure Vulnerability
Out-of-Bounds Read Vulnerability in macOS High Sierra and Earlier Versions
Local Password Discovery Vulnerability in macOS Admin Framework
Information Disclosure Vulnerability in macOS Bluetooth Component
Vulnerability: Bypassing iCloud Password Requirement in Find My iPhone Feature
Invisible Microphone Access Vulnerability in Apple iOS and macOS
Inconsistent User Interface in Apple Mail Allows Reading of S/MIME Encrypted Messages
Code-Signing Bypass Vulnerability in macOS LaunchServices
Vulnerability: App Launch Triggered by Crafted Disk Image in macOS
Improper Execute Permission Granting Vulnerability
Smartcard PIN Handling Vulnerability in macOS High Sierra
Improper Access Restrictions in CUPS on macOS High Sierra
Improper Access Restrictions in CUPS on macOS High Sierra
Access Issue with CUPS Sandbox Restrictions in macOS High Sierra
macOS High Sierra Access Issue with Sandbox Restrictions
Vulnerability: Sandbox Bypass in macOS Speech Component Allows Unauthorized Microphone Access
Improved State Handling in Apple Operating Systems
Information Leakage in Safari Private Browsing Downloads
Remote UI Spoofing Vulnerability in Apple LinkPresentation Component
Address Bar Spoofing Vulnerability in Apple Products
Memory Corruption Vulnerability in Apple Operating Systems
Remote Code Execution via CSS Mask-Image Fetch in Apple Products
Memory Corruption Vulnerability in Older Apple Software Versions
Race condition vulnerability in WebKit allows remote code execution
Privilege Escalation and Denial of Service Vulnerability in macOS Windows Server Component
Out-of-bounds read vulnerability addressed in iOS, iCloud for Windows, watchOS, iTunes, and macOS High Sierra
Inconsistent User Interface Issue Resolved with Enhanced State Management in Safari 12
Arbitrary Code Execution and Information Disclosure Vulnerability in macOS Accessibility Framework
Use After Free Vulnerability Patched in Multiple Apple Products
Denial of Service Vulnerability in Apple Products via Crafted Text File
Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products
WebKit Use-After-Free Remote Code Execution Vulnerability
Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products
Vulnerability: Password Prompt Spoofing in iBooks Component
Improved Bounds Checking for Out-of-Bounds Read Vulnerability
Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products
Address Bar Spoofing Vulnerability in Safari
Arbitrary Code Execution and Denial of Service Vulnerability in Apple's Crash Reporter Component
ASSERT failure vulnerability in iOS, Safari, iCloud, tvOS, watchOS, and iTunes
ASSERT failure vulnerability in iOS, Safari, iCloud, tvOS, watchOS, and iTunes
ASSERT failure vulnerability in iOS, Safari, iCloud, tvOS, watchOS, and iTunes
Array Indexing Issue in JavaScript Core
FontParser Remote Code Execution Vulnerability
ASSERT failure vulnerability in iOS, Safari, iCloud, tvOS, watchOS, and iTunes
ASSERT failure vulnerability in iOS, Safari, iCloud, tvOS, watchOS, and iTunes
WebKit Memory Corruption Vulnerability
Buffer Overflow Vulnerability in iOS Bluetooth Component
Improper Handling of Call URLs in iOS Versions Prior to 11.4.1
Improved Indexing for Open Directory Records in macOS High Sierra 10.13.5
WebKit Use-After-Free Remote Code Execution Vulnerability
Privilege Escalation Vulnerability in macOS ATS Component
Arbitrary Code Execution Vulnerability in Swift for Ubuntu
S/MIME Client Certificate Tracking Vulnerability
Remote Code Execution Vulnerability in Apple WebKit Component
Local User Account Identifier Bypass Vulnerability
Local Bypass of Persistent Device Identifier Restrictions in Apple Products
Local Privilege Escalation Vulnerability in Apple Products
Local User Information Disclosure Vulnerability
S/MIME Encryption Vulnerability in Apple Mail Component
Privilege Escalation Vulnerability in macOS IOFireWireAVC Component
Sandbox Bypass Vulnerability in macOS Grand Central Dispatch
Race condition vulnerability in NVIDIA Graphics Drivers in macOS before 10.13.5 allows for arbitrary code execution in privileged context
Remote Cookie Overwrite Vulnerability in Apple Products
Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products
Arbitrary Code Execution and Denial of Service Vulnerability in macOS IOHIDFamily Component
Local Impersonation Attack Vulnerability in Apple Messages Component
Arbitrary Code Execution and Denial of Service Vulnerability in macOS IOGraphics Component
Privilege Escalation Vulnerability in Apple Products via libxpc Component
Lock-screen Bypass Vulnerability in iOS Siri
Lock-Screen Bypass Vulnerability in iOS Magnifier Component
Denial of Service Vulnerability in Apple Messages Component
Buffer Overflow Vulnerability in Kernel Component Allows Arbitrary Code Execution
Vulnerability in macOS Hypervisor Component Allows Arbitrary Code Execution
Buffer Overflow Vulnerability in Kernel Component Allows Arbitrary Code Execution
Siri Contacts Privacy Disclosure Vulnerability
Type Confusion Vulnerability in Apple WebKit Component
Denial of Service Vulnerability in Safari Component
Improper Input Validation Leads to Out-of-Bounds Read Vulnerability
Arbitrary Code Execution and Denial of Service Vulnerability in Apple Products
Denial of Service Vulnerability in iOS Messages Component
EFI Flash-Memory Region Modification Vulnerability in macOS
Lock-Screen Bypass Vulnerability in Siri on iOS before 11.4
Vulnerability in macOS AMD Component Allows Memory-Read Bypass and Denial of Service
Kernel Input Validation Issue in macOS High Sierra
Improved Input Validation for Out-of-Bounds Read in macOS High Sierra before 10.13.5
Improved Input Validation for Out-of-Bounds Read in macOS High Sierra before 10.13.5
Buffer Overflow Vulnerability in macOS High Sierra
Buffer Overflow Vulnerability in macOS High Sierra
Memory Corruption Vulnerabilities in macOS High Sierra 10.13.6 and Earlier Versions
Inconsistent User Interface Issue Resolved with Enhanced State Management
Memory Corruption Vulnerabilities Patched in iOS, tvOS, Safari, iTunes, and iCloud
Multiple Memory Corruption Vulnerabilities in Apple Software
Memory Corruption Vulnerabilities Patched in iOS, tvOS, Safari, iTunes, and iCloud
Memory Corruption Vulnerabilities Patched in Multiple Apple Products
Memory Corruption Vulnerabilities Patched in iOS, tvOS, Safari, iTunes, and iCloud
Race Condition Vulnerability Patched in Multiple Apple Products
Memory Corruption Vulnerabilities Patched in iOS, tvOS, Safari, iTunes, and iCloud
Memory Corruption Vulnerability in macOS High Sierra 10.13.6 and Earlier Versions
Memory Corruption Vulnerability in Multiple Apple Products
Memory Corruption Vulnerability in Multiple Apple Products
Memory Corruption Vulnerabilities in Multiple Apple Products
Memory Corruption Vulnerabilities Patched in Multiple Apple Products
Memory Corruption Vulnerabilities in Multiple Apple Products
URL Spoofing Vulnerability in iOS and Safari
Memory Corruption Vulnerability in iOS Versions Prior to 11.4.1
Null Pointer Dereference Vulnerability Patched in macOS High Sierra 10.13.6
URL Spoofing Vulnerability in Apple Devices
Cross-Origin Audio Exfiltration Vulnerability
Inconsistent User Interface Issue in Safari Versions Prior to 11.1.2
Memory Corruption Vulnerability in iOS, macOS, tvOS, and watchOS Prior to 11.4.1
Buffer Overflow Vulnerability in SwiftNIO (<= 1.8.0) with Improved Size Validation
Kernel Memory Disclosure Vulnerability in iOS, tvOS, and watchOS
Kernel Memory Disclosure Vulnerability in macOS High Sierra 10.13.6 and Earlier
Type Confusion Vulnerability Patched in Multiple Apple Products
Improved Memory Handling to Address Type Confusion Vulnerability
Memory Corruption Vulnerabilities in macOS High Sierra 10.13.6 and Earlier Versions
Memory Corruption Vulnerabilities in macOS High Sierra 10.13.6 and Earlier Versions
Memory Corruption Vulnerabilities in macOS High Sierra 10.13.6 and Earlier Versions
Information Disclosure Vulnerability Patched in macOS High Sierra 10.13.6
Improved Memory Handling to Address Denial of Service Vulnerability
Memory Corruption Vulnerabilities in macOS High Sierra 10.13.6 and Earlier Versions
Cookie Management Vulnerability Patched in Multiple Apple Products
Improved Input Validation in macOS Mojave 10.14
DiskArbitration Permissions Issue in macOS Mojave 10.14
Permissions Issue in macOS Remote Management
Memory Corruption Vulnerabilities Patched in Multiple Apple Products
Session Cookie Vulnerability in CUPS Web Interface
Null Pointer Dereference Vulnerability Patched in macOS High Sierra, iCloud for Windows, watchOS, iOS, and iTunes
Improved Input Validation for Pre-Mojave Versions: Addressing an Input Validation Issue
Improved Validation Fixes Denial of Service Vulnerability in iOS, macOS, tvOS, and watchOS
Improved Input Validation in iOS 12, tvOS 12, and watchOS 5 Addresses Vulnerability
Use After Free Vulnerability Patched in Multiple Apple Products
Improved State Management for Logic Issue in iOS 12 and Safari 12
Improved Bounds Checking for Out-of-Bounds Read Vulnerability in macOS Mojave 10.14
Cross-Site Scripting Vulnerability in Safari Prior to iOS 12 and Safari 12
Sandbox Restriction Vulnerability in iOS and macOS Prior to iOS 12 and macOS Mojave 10.14
Origin Information Leak Vulnerability
Use After Free Vulnerability Patched in Multiple Apple Products
Inconsistent Handling of Application Snapshots in iOS, tvOS, and watchOS Versions Prior to 12/5
Use After Free Vulnerability Patched in Multiple Apple Products
Use After Free Vulnerability Patched in Multiple Apple Products
Improved State Management Addresses Memory Corruption Vulnerability
Use After Free Vulnerability Patched in Multiple Apple Products
Use After Free Vulnerability Patched in Multiple Apple Products
Cross-Origin Vulnerability in iframe Elements
Improper Entitlement Validation in Pre-iOS 12, macOS Mojave 10.14, and tvOS 12 Versions
Improved Entitlements in iOS 12: Addressing a Pre-existing Vulnerability
Memory Corruption Vulnerabilities Patched in iOS 12, tvOS 12, Safari 12, iTunes 12.9, and iCloud for Windows 7.7
Apple ID Permissions Vulnerability
Logic Issue Patched: Enhanced Restrictions in iOS 12
Improved Memory Handling in iOS 12 and macOS Mojave 10.14 Addresses Memory Corruption Vulnerability
Memory Corruption Vulnerability in iOS Versions Prior to 11.4.1
Memory Corruption Vulnerabilities Patched in iOS 12, tvOS 12, Safari 12, iTunes 12.9, and iCloud for Windows 7.7
Vulnerability: Incomplete History Item Clearing in iOS 12 and Safari 12
Memory Corruption Vulnerability in iOS Pre-11.4: Improved Memory Handling
Improved Memory Handling in iOS, macOS, tvOS, and watchOS: Addressing Memory Corruption Vulnerability
Improved Memory Handling in iOS, macOS, tvOS, and watchOS: Addressing Memory Corruption Vulnerability
Improved Input Sanitization for Validation Issue in iOS 12 and macOS Mojave 10.14
Improved Memory Handling in macOS Mojave 10.14 Addresses Memory Corruption Vulnerability
Improved Input Sanitization in iOS 12: Addressing a Validation Issue
Improved Memory Handling in iOS, macOS, tvOS, and watchOS: Addressing Memory Corruption Vulnerability
Improved Memory Handling in iOS, macOS, tvOS, and watchOS: Addressing Memory Corruption Vulnerability
Improved Input Sanitization in macOS Mojave 10.14
Persistent Device Identifier Disclosure Vulnerability
Improved Memory Handling in iOS, macOS, tvOS, and watchOS: Addressing Memory Corruption Vulnerability
Improved Memory Handling in iOS, macOS, tvOS, and watchOS: Addressing Memory Corruption Vulnerability
Configuration Issue in macOS Prior to Mojave 10.14.1 Allows Unauthorized Access
Improved Memory Handling in iOS, macOS, tvOS, and watchOS: Addressing Memory Corruption Vulnerability
Improved Memory Handling in iOS, macOS, tvOS, and watchOS: Addressing Memory Corruption Vulnerability
Cross-Site Scripting Vulnerability in Safari Prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7
Local File Access Vulnerability in macOS Versions Prior to Mojave 10.14
Use After Free Vulnerability Patched in Apple Devices
Improved Logic for Validation Issue in macOS Versions Prior to Mojave 10.14
Memory Corruption Vulnerability in macOS Mojave 10.14 and Earlier Versions
Memory Initialization Issue in macOS Versions Prior to Mojave 10.14
Inconsistent Handling of Application Snapshots in iOS Versions Prior to iOS 12
Configuration Issue in Pre-Mojave macOS Versions: Addressed with Enhanced Restrictions
Improved Memory Handling in iOS, macOS, tvOS, and watchOS: Addressing Memory Corruption Vulnerability
Configuration Issue Patched: Vulnerability in iOS 12 and macOS Mojave 10.14
Improved Permission Validation in iOS 12: Addressing a Permissions Issue
Memory Corruption Vulnerability in Xcode 10 and Earlier Versions
Memory Corruption Vulnerabilities Patched in Multiple Apple Products
Memory Corruption Vulnerabilities Patched in Multiple Apple Products
Memory Corruption Vulnerabilities Patched in iOS 12, tvOS 12, Safari 12, iTunes 12.9, and iCloud for Windows 7.7
Memory Consumption Issue in Older Apple Software Versions
Inconsistent User Interface Issue in Safari and iOS Versions Prior to 11.1.2 and 12
Input Validation Vulnerability in Pre-iOS 12, tvOS 12, and watchOS 5 Versions
Improved Bounds Checking for Out-of-Bounds Read in iOS Versions Prior to 12.1
Memory Corruption Vulnerability in iOS Versions Prior to 12.1 Resolved with Enhanced Input Validation
Memory Corruption Vulnerability in iOS Versions Prior to 12.1 Resolved with Enhanced Input Validation
Improved Validation Fixes Denial of Service Vulnerability in iOS, macOS, tvOS, and watchOS
Improved State Management for Logic Issue in iOS, macOS, tvOS, and watchOS
Improper Input Validation Leads to Out-of-Bounds Read Vulnerability
Memory Corruption Vulnerabilities Patched in Multiple Apple Products
Memory Corruption Vulnerabilities Patched in Multiple Apple Products
Logic Issue Vulnerability in Pre-iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8
Memory Corruption Vulnerabilities Patched in Multiple Apple Products
Memory Corruption Vulnerabilities Patched in Multiple Apple Products
Cross-Site Scripting Vulnerability in Safari Prior to iOS 12.1 and Safari 12.0.1
Memory Corruption Vulnerability in Apple Software Prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8
Lock Screen Vulnerability Allows Unauthorized Access to Share Function on iOS Devices
Lock Screen Vulnerability Exposed Photos and Contacts on iOS Devices
Resource Exhaustion Vulnerability in tvOS and iOS 12.1
Memory Corruption Vulnerabilities Patched in Multiple Apple Products
Improved State Management Addresses Memory Corruption Vulnerability
Memory Corruption Vulnerability in iOS and watchOS Versions Prior to 12.1 and 5.1
Improved State Management in iOS 12.1: Addressing a Logic Issue
Memory Corruption Vulnerabilities Patched in Multiple Apple Products
Lock Screen Vulnerability: Unauthorized Photo Access via Reply With Message
Lock Screen Share Function Vulnerability
Inconsistent User Interface Issue Resolved with Enhanced State Management
UI Spoofing Vulnerability in macOS, watchOS, and iOS
UI Spoofing Vulnerability in macOS, watchOS, and iOS
Memory Corruption Vulnerabilities Patched in Multiple Apple Products
Improved Memory Handling in macOS Mojave 10.14 Addresses Memory Corruption Vulnerability
Memory Corruption Vulnerability in Apple Operating Systems and iTunes
Improved Checks for Pre-iOS 12 Vulnerability
Improved Input Sanitization in macOS Mojave 10.14
Insecure Transmission of Analytics Data in Apple Support iOS App
Vulnerability in Prime Number Determination Method
Privileged API Access Vulnerability Patched in iOS 12, macOS Mojave 10.14, tvOS 12, and watchOS 5
Improper Validation Logic in Earlier iOS, macOS, and watchOS Versions
Improved Memory Handling in iOS, macOS, tvOS, and watchOS: Addressing Memory Corruption Vulnerability
Memory Corruption Vulnerability in macOS Mojave 10.14.1 and Earlier Versions
Vulnerability in macOS Mojave 10.14.1 and Earlier Allows Unauthorized Entitlement Access
Memory Corruption Vulnerability in iOS and macOS
Improved Validation Addresses Denial of Service Vulnerability in macOS Mojave 10.14
Memory Corruption Vulnerability in Older Apple Operating Systems
Memory Corruption Vulnerability in Earlier Apple Operating Systems
Resource Exhaustion Vulnerability in Apple Software
Memory Corruption Vulnerability in macOS Mojave 10.14.1 and Earlier Versions
Memory Corruption Vulnerability in macOS Mojave 10.14 and Earlier Versions
Memory Corruption Vulnerability Patched in Apple Devices
Memory Initialization Issue in iOS, macOS, tvOS, and watchOS Prior to 12.1
Memory Corruption Vulnerability Patched in Apple Devices
Memory Corruption Vulnerability in macOS Mojave 10.14.1 and Earlier Versions
Memory Corruption Vulnerabilities Patched in Multiple Apple Products
Improved Input Sanitization in macOS Mojave 10.14
Improved Input Sanitization in macOS Mojave 10.14
Memory Corruption Vulnerability Patched in iOS, macOS, tvOS, and watchOS
Memory Corruption Vulnerability Patched in iOS, macOS, tvOS, and watchOS
Memory Initialization Vulnerability in macOS Mojave 10.14.1 and Earlier Versions
Memory Corruption Vulnerability in macOS Mojave 10.14.1 and Earlier Versions
Logic Issue Vulnerability Patched in macOS Mojave 10.14.1
Buffer Overflow Vulnerability Patched in macOS Mojave 10.14.1
Improved Memory Handling in iOS, macOS, tvOS, and watchOS: Addressing Memory Corruption Vulnerability
Improved Memory Handling in iOS, macOS, tvOS, and watchOS: Addressing Memory Corruption Vulnerability
Memory Corruption Vulnerability Patched in Multiple Apple Operating Systems
Lock Screen Share Function Vulnerability
URL Spoofing Vulnerability in iOS and watchOS Versions Prior to 12.1.1 and 5.1.2
Lock Screen Vulnerability: Unauthorized Access to Contacts on Locked iOS Devices
Memory Initialization Vulnerability
File System Modification Vulnerability
Improper Input Validation Leads to Out-of-Bounds Read in macOS Mojave 10.14.2
Improved Logic Restrictions in iOS, macOS, tvOS, and watchOS Versions Prior to 12.1.1
Certificate Validation Issue in Configuration Profiles
Memory Corruption Vulnerabilities Patched in Multiple Apple Products
Memory Corruption Vulnerability in Multiple Apple Products
Improper Validation in Earlier iOS, Safari, iTunes, and iCloud Versions
Logic Issue in State Management: Vulnerability in iOS, Safari, iTunes, and iCloud
Memory Corruption Vulnerability Patched in Multiple Apple Products
Memory Corruption Vulnerability Patched in Multiple Apple Products
Memory Corruption Vulnerability Patched in Multiple Apple Products
Improved State Management in Safari and iOS Fixes Logic Issue Vulnerability
Ineffective Data Deletion in 'Clear History and Website Data' Feature
Improved Entitlements Patch Vulnerability in iOS Versions Prior to 12.1.1
Improved State Management for Memory Corruption Vulnerability
Memory Initialization Vulnerability in macOS and iOS
Memory Corruption Vulnerability in macOS Mojave 10.14.2 and Earlier Versions
Memory Corruption Vulnerability in macOS Mojave 10.14.2 and Earlier Versions
Memory Corruption Vulnerability in macOS Mojave 10.14
Memory Consumption Vulnerability in macOS Mojave and High Sierra
Improved Input Validation for Memory Corruption Vulnerability
Vulnerability Patched: Denial of Service Exploit in iOS, macOS, tvOS, and watchOS
Memory Corruption Vulnerability in Apple Operating Systems
Improved Input Sanitization in macOS Mojave 10.14.2: Addressing a Validation Issue
Memory Corruption Vulnerability in macOS Mojave 10.14.2 and Earlier Versions
Memory Corruption Vulnerabilities Patched in Multiple Apple Products
Improved Memory Handling in iOS, macOS, tvOS, and watchOS
Privilege Escalation Vulnerability in macOS Mojave and High Sierra
Vulnerability: Unauthorized Access to Restricted Files in macOS
Privacy Vulnerability in Open Directory Records Handling: Addressed in macOS High Sierra 10.13.6
Memory Consumption Vulnerability in Multiple Apple Products
Privilege Escalation Vulnerability in macOS High Sierra 10.13.5 and Security Updates
Denial-of-Service Vulnerability in Siemens Industrial Software
Title: Remote Code Execution Vulnerability in Industrial Networking Devices
Unauthenticated Remote Firmware Upload Vulnerability in Desigo PXC and PXM Devices
Authentication Bypass Vulnerability in TeleControl Server Basic < V3.1
Privilege Escalation Vulnerability in TeleControl Server Basic < V3.1
TeleControl Server Basic < V3.1 Denial-of-Service Vulnerability
Firmware Downgrade Vulnerability in EN100 Ethernet Modules
Vulnerability: Password Reconstruction in DIGSI 4 and SIPROTEC Relays
Unauthenticated Remote User Can Upload Modified Device Configuration and Overwrite Access Authorization Passwords
Unauthenticated Remote Administrative Operations Vulnerability in TIM 1531 IRC (All versions < V1.1)
Vulnerability in SCALANCE Switch Family Allows Remote Code Execution via XSS
Denial of Service Vulnerability in SIMATIC S7-400 and Other Siemens Devices
Insufficient Limitation of CONTROL Script Capabilities in SIMATIC WinCC OA UI for Android and iOS
Vulnerability in RAPIDLab and RAPIDPoint Systems: Privilege Escalation via Remote View Feature
Vulnerability: Hardcoded Password in RAPIDLab and RAPIDPoint Systems
Insufficient Protection of Sensitive Information in SIMATIC WinCC OA Operator iOS App
Cross-Site Scripting (XSS) Vulnerability in SCALANCE X-200 and X-300 Switch Families
Improper Certificate Validation in Siveillance VMS Video for Android and iOS
Denial-of-Service Vulnerability in SIMATIC S7-400 and S7-400H CPUs
Denial-of-Service Vulnerability in SICLOCK TC100 and TC400 Devices
Authentication Bypass Vulnerability in SICLOCK TC100 and TC400 Devices
Firmware Modification Vulnerability in SICLOCK TC100 and TC400 Devices
Vulnerability: Code Execution via Modified Administrative Client
Unencrypted Storage and Transmission of Passwords in SICLOCK TC100 and TC400
Administrative Access Lockout Vulnerability in SICLOCK TC100 and TC400 Devices
Vulnerability in Siemens IEC 61850 System Configurator and DIGSI: Data Exfiltration and Code Execution
Authenticated Remote Command Execution Vulnerability in SCALANCE M875
Authenticated Remote Command Execution Vulnerability in SCALANCE M875
Authenticated Remote File Read and Download Vulnerability in SCALANCE M875
Privilege Escalation via Azure Account Scoping Bypass in Octopus Deploy
Bypassing Tamper Protection in Sophos Endpoint Protection 10.7
Excessive Memory Allocation Vulnerability in Exiv2 0.26
Adobe Flash Player Out-of-bounds Read Vulnerability
Adobe Acrobat Reader Cross Call Security Bypass and Sandbox Escape Vulnerability
Unquoted Search Path Vulnerability in Adobe Creative Cloud Desktop Application
Reflected Cross-Site Scripting Vulnerability in Adobe Experience Manager 6.1 and 6.0
Cross-Site Scripting Vulnerability in Adobe Experience Manager Versions 6.3, 6.2, and 6.1 via Sling XSSAPI Bypass
Use-After-Free Vulnerability in Adobe Flash Player Allows Arbitrary Code Execution
Adobe Flash Player Use-After-Free Vulnerability (CVE-2018-4878)
Buffer Overflow Vulnerability in Adobe Acrobat Reader
Buffer Overflow Vulnerability in Adobe Acrobat Reader
Buffer Overflow Vulnerability in Adobe Acrobat Reader
Buffer Overflow Vulnerability in Adobe Acrobat Reader
Buffer Overflow Vulnerability in Adobe Acrobat Reader
Buffer Overflow Vulnerability in Adobe Acrobat Reader
Buffer Overflow Vulnerability in Adobe Acrobat Reader
Buffer Overflow Vulnerability in Adobe Acrobat Reader
Buffer Overflow Vulnerability in Adobe Acrobat Reader
Use After Free Vulnerability in Adobe Acrobat Reader
Buffer Overflow Vulnerability in Adobe Acrobat Reader
Heap Overflow Vulnerability in Adobe Acrobat Reader's Image Conversion Engine
Buffer Overflow Vulnerability in Adobe Acrobat Reader
Use After Free Vulnerability in Adobe Acrobat Reader's JBIG2 Decoder Allows Arbitrary Code Execution
Buffer Overflow Vulnerability in Adobe Acrobat Reader
Buffer Overflow Vulnerability in Adobe Acrobat Reader
Buffer Overflow Vulnerability in Adobe Acrobat Reader
Buffer Overflow Vulnerability in Adobe Acrobat Reader
Buffer Overflow Vulnerability in Adobe Acrobat Reader
Buffer Overflow Vulnerability in Adobe Acrobat Reader
Buffer Overflow Vulnerability in Adobe Acrobat Reader
Buffer Overflow Vulnerability in Adobe Acrobat Reader
Buffer Overflow Vulnerability in Adobe Acrobat Reader
Use After Free Vulnerability in Adobe Acrobat Reader
Buffer Overflow Vulnerability in Adobe Acrobat Reader
Heap Overflow Vulnerability in Adobe Acrobat Reader
Buffer Overflow Vulnerability in Adobe Acrobat Reader
Buffer Overflow Vulnerability in Adobe Acrobat Reader
Buffer Overflow Vulnerability in Adobe Acrobat Reader
Buffer Overflow Vulnerability in Adobe Acrobat Reader
JPEG Image Metadata Buffer Overflow Vulnerability
Heap Overflow Vulnerability in Adobe Acrobat Reader's JavaScript Engine
Use After Free Vulnerability in Adobe Acrobat Reader's JavaScript API for Bookmark Functionality
Buffer Overflow Vulnerability in Adobe Acrobat Reader
Use After Free Vulnerability in Adobe Acrobat Reader XFA Engine
Buffer Overflow Vulnerability in Adobe Acrobat Reader
Buffer Overflow Vulnerability in Adobe Acrobat Reader
Buffer Overflow Vulnerability in Adobe Acrobat Reader
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Flash Player (CVE-2018-4878)
Type Confusion Vulnerability in Adobe Flash Player (CVE-2018-4878)
Unrestricted SWF File Upload Vulnerability in Adobe Connect 9.7 and Earlier
Arbitrary File Deletion Vulnerability in Adobe Connect Versions 9.7 and Earlier
OS Command Injection Vulnerability in Adobe Dreamweaver CC Versions 18.0 and Earlier
Out-of-bounds Read Vulnerability in Adobe Digital Editions 4.5.7 and Below: Risk of Information Disclosure
Stack Overflow Vulnerability in Adobe Digital Editions 4.5.7 and Below: Risk of Information Disclosure
Untrusted Search Path Vulnerability in Adobe InDesign Versions 13.0 and Below
Memory Corruption Vulnerability in Adobe InDesign Versions 13.0 and Below: Arbitrary Code Execution
Stored Cross-Site Scripting Vulnerability in Adobe Experience Manager 6.2 and Earlier: Risk of Sensitive Information Disclosure
Cross-site Scripting Vulnerability in Adobe Experience Manager 6.3 and Earlier: Risk of Sensitive Information Disclosure
Stored Cross-Site Scripting Vulnerability in Adobe Experience Manager 6.1 and Earlier: Risk of Sensitive Information Disclosure
Use-After-Free Vulnerability in Adobe Flash Player (CVE-2018-5002)
Out-of-Bounds Read Vulnerability in Adobe Flash Player Versions 29.0.0.113 and Earlier
Out-of-Bounds Read Vulnerability in Adobe Flash Player Versions 29.0.0.113 and Earlier
Critical Out-of-Bounds Write Vulnerability in Adobe Flash Player (CVE-2018-5002)
Heap Overflow Vulnerability in Adobe Flash Player (Versions 29.0.0.113 and Earlier)
Critical Out-of-Bounds Write Vulnerability in Adobe Flash Player (CVE-2018-5002)
Insecure Library Loading Vulnerability in Adobe ColdFusion: Local Privilege Escalation
Arbitrary Code Execution Vulnerability in Adobe ColdFusion
Cross-Site Scripting Vulnerability in Adobe ColdFusion and ColdFusion 11
Cross-Site Scripting Vulnerability in Adobe ColdFusion and ColdFusion 11
Unsafe XML External Entity Processing Vulnerability in Adobe ColdFusion: Risk of Information Disclosure
Same-Origin Method Execution Vulnerability in Adobe PhoneGap Push Plugin
Type Confusion Vulnerability in Adobe Flash Player (CVE-2018-5002)
Type Confusion Vulnerability in Adobe Flash Player: Arbitrary Code Execution
Out-of-bounds Write Vulnerability in Adobe Photoshop CC
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Out-of-bounds read vulnerability in Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier
Out-of-bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-bounds read vulnerability in Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier
Use-after-free vulnerability in Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier
Type Confusion Vulnerability in Adobe Acrobat and Reader
Use-after-free vulnerability in Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier
Out-of-bounds read vulnerability in Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier
Out-of-bounds read vulnerability in Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier
Out-of-bounds read vulnerability in Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier
Use-after-free vulnerability in Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier
Use-after-free vulnerability in Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier
Out-of-bounds read vulnerability in Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier
Use-after-free vulnerability in Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier
Out-of-bounds read vulnerability in Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier
Out-of-bounds read vulnerability in Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier
Out-of-bounds read vulnerability in Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier
Memory Corruption Vulnerability in Adobe Acrobat and Reader
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Out-of-bounds read vulnerability in Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Out-of-bounds read vulnerability in Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier
Out-of-bounds read vulnerability in Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier
Use-after-free vulnerability in Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier
Out-of-bounds read vulnerability in Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier
Out-of-bounds read vulnerability in Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier
Use-after-free vulnerability in Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier
Out-of-bounds read vulnerability in Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier
Out-of-bounds read vulnerability in Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier
Use-after-free vulnerability in Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Adobe Acrobat and Reader Security Bypass Vulnerability
Use-after-free vulnerability in Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier
Out-of-bounds read vulnerability in Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Use-after-free vulnerability in Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Out-of-bounds read vulnerability in Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier
Out-of-bounds read vulnerability in Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier
Untrusted Pointer Dereference Vulnerability in Adobe Acrobat and Reader
Use-after-free vulnerability in Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier
Use-after-free vulnerability in Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier
Double Free Vulnerability in Adobe Acrobat and Reader
Improper Certificate Validation Vulnerability in Adobe Creative Cloud Desktop Application
Local Privilege Escalation Vulnerability in Adobe Creative Cloud Desktop Application
NTLM SSO Hash Theft Vulnerability in Adobe Acrobat and Reader
Authentication Bypass Vulnerability in Adobe Connect Versions 9.7.5 and Earlier
XFA '\n' POST Injection Vulnerability in Adobe Acrobat and Reader
Use-after-free vulnerability in Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier
Out-of-bounds write vulnerability in Adobe Acrobat and Reader versions 2018.009.20050 and earlier, 2017.011.30070 and earlier, and 2015.006.30394 and earlier
Memory Corruption Vulnerability in Adobe Acrobat and Reader
Out-of-bounds read vulnerability in Adobe Acrobat and Reader versions 2018.009.20050 and earlier, 2017.011.30070 and earlier, and 2015.006.30394 and earlier
Integer Overflow Vulnerability in Adobe Flash Player (Versions 29.0.0.171 and Earlier) Could Result in Information Disclosure
Out-of-bounds Read Vulnerability in Adobe Flash Player (CVE-2018-5002)
Stack-based Buffer Overflow Vulnerability in Adobe Flash Player
Insecure Library Loading (DLL Hijacking) Vulnerability in Adobe Creative Cloud Desktop Application
Server-Side Request Forgery Vulnerability in Adobe Experience Manager 6.2 and 6.3: Risk of Sensitive Information Disclosure
Cross-site Scripting Vulnerability in Adobe Experience Manager Versions 6.0-6.4
Server-Side Request Forgery Vulnerability in Adobe Experience Manager 6.4 and Earlier: Risk of Sensitive Information Disclosure
Type Confusion Vulnerability in Adobe Flash Player 30.0.0.113 and Earlier Versions
Out-of-bounds Read Vulnerability in Adobe Flash Player 30.0.0.113 and Earlier Versions
Use-after-free vulnerability in Adobe Acrobat and Reader versions 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Use-after-free vulnerability in Adobe Acrobat and Reader versions 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier
Untrusted Pointer Dereference Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Untrusted Pointer Dereference Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Buffer Errors Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Buffer Errors Vulnerability in Adobe Acrobat and Reader
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Write Vulnerability in Adobe Acrobat and Reader
Buffer Errors Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Type Confusion Vulnerability in Adobe Acrobat and Reader
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Write Vulnerability in Adobe Acrobat and Reader
Use-after-free vulnerability in Adobe Acrobat and Reader versions 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-bounds Write Vulnerability in Adobe Acrobat and Reader
Persistent XSS Vulnerability in Cobham Sea Tel 116 Build 222429 Satellite Communication System Devices
XSS Vulnerability in Online Ticket Booking: admin/sitesettings.php keyword parameter
CSRF Vulnerability in Online Ticket Booking System via admin/movieedit.php
XSS Vulnerability in Online Ticket Booking: admin/manageownerlist.php contact parameter
XSS Vulnerability in Online Ticket Booking: admin/snacks_edit.php (snacks_name parameter)
XSS Vulnerability in Online Ticket Booking: admin/newsedit.php newstitle Parameter
XSS Vulnerability in Online Ticket Booking: admin/movieedit.php moviename parameter
XSS Vulnerability in Online Ticket Booking: admin/eventlist.php cast Parameter
Denial of Service Vulnerability in K7 AntiVirus 15.1.0306
Denial of Service Vulnerability in K7 AntiVirus 15.1.0306
Denial of Service Vulnerability in K7 AntiVirus 15.1.0306
Denial of Service Vulnerability in K7 AntiVirus 15.1.0306
Denial of Service and Potential Impact Vulnerability in K7 AntiVirus 15.1.0306
Denial of Service Vulnerability in K7 AntiVirus 15.1.0306
Denial of Service Vulnerability in K7 AntiVirus 15.1.0306
Denial of Service and Potential Impact Vulnerability in K7 AntiVirus 15.1.0306
Denial of Service Vulnerability in K7 AntiVirus 15.1.0306
Denial of Service Vulnerability in K7 AntiVirus 15.1.0306
Memory Corruption Vulnerabilities in Firefox 57, Firefox ESR 52.5, Thunderbird < 52.6
Memory Corruption Vulnerability in Firefox 57: Potential for Arbitrary Code Execution
WebRTC DTMF Timer Use-After-Free Vulnerability in Firefox
Use-After-Free Vulnerability in Firefox < 58
WebAssembly Memory/Table Resizing Heap Buffer Overflow Vulnerability in Firefox < 58
WebAssembly Heap Buffer Overflow Vulnerability in Firefox < 58
Integer Overflow Vulnerability in Skia Library: Potential Exploitable Crash
Use-After-Free Vulnerability in Firefox ESR and Thunderbird Allows for Potentially Exploitable Crashes
Use-after-free vulnerability in XSL transformations allows for potentially exploitable crashes
Use-after-free vulnerability in Thunderbird and Firefox versions < 58
Use-after-free vulnerability in Thunderbird and Firefox versions < 58
Use-After-Free Vulnerability in Firefox < 58: IsPotentiallyScrollable Function Argument Handling
Use-After-Free Vulnerability in Firefox < 58: Exploitable Crash via Manipulation of Floating 'first-letter' Style Elements
HTML Media Elements Use-After-Free Vulnerability
Use-after-free vulnerability in Thunderbird and Firefox versions < 58 during mouse event handling
Use-after-free vulnerability in font face manipulation leading to potential crash
Arbitrary File Execution Vulnerability in Firefox WebExtensions
Cross-Origin Information Leakage in Firefox Developer Tools
Symlink Vulnerability in Firefox < 58 Allows Bypassing Local Access Protections
Blob URL Access Violation in Firefox < 58
Incorrect Origin Display in Audio Capture Prompt
Cursor Visibility Toggling Vulnerability in Firefox < 58 on OS X
URL Spoofing Vulnerability in Firefox < 58
Privileged Page Access Vulnerability in Firefox Extension Development Tools Panels
Insecure Enforcement of https: Requirement in WebExtensions Allows Privileged Page Loading in Firefox < 58
Firefox < 58 Cookie Vulnerability: Access to Original Value via Script
Confusing HTTP Authentication Prompt Vulnerability in Firefox < 58
Cross-Origin Frame Injection Vulnerability in Firefox WebExtensions
URL Spoofing Vulnerability in Thunderbird and Firefox
Local File System Data Exposure Vulnerability in Firefox < 58
Cross-Origin Content Access in Reader View Vulnerability
Tibetan Character Clipping Vulnerability in OS X: Domain Name Spoofing Attack
Integer Overflow Vulnerability in WebCrypto Function of Firefox < 58
Information Leakage Vulnerability in Bugzilla Versions Prior to 4.4
HTML Injection Vulnerability in Firefox (Versions before 58.0.1)
Memory Corruption Vulnerabilities in Firefox 58 and Firefox ESR 52.6
Memory Corruption Vulnerability in Firefox 58 Allows Arbitrary Code Execution
Buffer Overflow Vulnerability in SVG animatedPathSegList Manipulation
Use-After-Free Vulnerability in Firefox < 59: Exploitable Crash during Editor Operations
IPC Message Parameter Validation Vulnerability
WebRTC RTP Payload Type Mismatch Vulnerability
Vulnerability in fetch() API allows access to locally cached data in Firefox
Privileged Page Search Vulnerability in Firefox WebExtensions
Arbitrary Code Execution via Unsanitized app.support.baseURL Preference in Firefox < 59
WebExtensions Vulnerability: Bypassing Content Restrictions in Firefox < 59
WebExtensions Privilege Escalation Vulnerability in Firefox < 59
Cross-Origin Shared Worker Vulnerability in Firefox < 59
Legacy Extension Resource Loading Vulnerability in Firefox < 59
Spoofing Vulnerability in Android Custom Tab with Firefox for Android (Firefox < 59)
Moz-Icon Protocol Information Leakage Vulnerability
Unauthenticated Remote Code Execution and Content Spoofing in Firefox Push API
Improper Display of Originating Domain in Media Capture and Streams API Permission Notifications
Tab character bypasses javascript: URL protocol removal in Firefox < 59
Unchecked Length Parameter Leads to Integer Overflow in Firefox ESR and Thunderbird
Memory Corruption Vulnerabilities in Firefox ESR 52.6 and Thunderbird 52.6
Vulnerability: Out of Bounds Memory Write in Vorbis Audio Processing
Vulnerability in libtremor library used by Firefox on Android and ARM platforms
Use-after-free vulnerability in Firefox ESR < 52.7.3 and Firefox < 59.0.2
Memory Corruption Vulnerabilities in Firefox and Thunderbird
Memory Corruption Vulnerability in Firefox 59
WebExtensions Privilege Escalation: Intercepting Login Credentials on Mozilla Sites
WebSocket Message Corruption Vulnerability in Firefox < 60
Use-after-free vulnerability in SVG animation attribute enumeration with clip paths
Use-after-free vulnerability in SVG animations with text paths in Thunderbird and Firefox
Media Stream Type Change Vulnerability
Same-origin bypass vulnerability in Firefox PDF Viewer
PDF Viewer PostScript Calculator Function Injection Vulnerability
Integer Overflow in Skia Library: Potential Out-of-Bounds Writes
WebRTC Pixel Buffer Use-After-Free Vulnerability in Firefox < 60
Thunderbird Hang Vulnerability in Message Header Processing
Vulnerability: Plaintext Email Leakage via Remote Image or Link src Attribute
Privilege Escalation through JavaScript Start-up Bytecode Cache (JSBC) in Firefox < 60
Improper Application of Content Security Policy (CSP) in Firefox < 60 Allows for XSS and Other Attacks
Misleading Adobe Flash Protected Mode Setting in Firefox < 60
WebExtensions Request Redirection Vulnerability in Firefox < 60
Vulnerability: Unsanitized Hyperlinks in Web Console and JavaScript Debugger
Vulnerability: Unauthorized Installation of Offensive Themes
Firefox < 60 Drag and Drop Home Page Reset Vulnerability
Arbitrary Attachment Name Spoofing Vulnerability in Thunderbird ESR < 52.8 and Thunderbird < 52.8
Clipboard Script Injection Vulnerability in Firefox < 60
Unicode Character Spoofing Vulnerability in Firefox < 60
Windows Defender SmartScreen Bypass via Firefox SEE_MASK_FLAG_NO_UI Flag
CSP Bypass Vulnerability in Firefox < 60
Clickjacking Vulnerability in JSON Viewer of Firefox < 60
Buffer Overflow Vulnerability in XSLT Number Formatting in Firefox < 60
Buffer Overflow Vulnerability in UTF8 to Unicode String Conversion in JavaScript
Persistent Service Worker Vulnerability in Firefox Versions Prior to 60
Use-After-Free Vulnerability in WebGL Operations in Firefox < 60
URL Drag and Drop Local File Access Vulnerability in Firefox < 60
Drag-and-Drop File Execution Vulnerability in Firefox < 60
Memory Corruption Vulnerability in Skia Library Affects Thunderbird and Firefox ESR Versions < 52.8
Remote Content Disclosure in Thunderbird ESR and Thunderbird versions prior to 52.8
Email Decryption Vulnerability in Thunderbird ESR and Thunderbird
Memory Corruption Vulnerability in Firefox 60: Potential for Arbitrary Code Execution
Memory Corruption Vulnerabilities in Firefox 60 and Firefox ESR 60
Memory Corruption Vulnerability in Firefox and Thunderbird
Race Condition Exploit in Jungo Windriver 12.5.1: Double Fetch Vulnerability
Arbitrary Customer Account Access in PicturesPro Photo Cart 6 and 7
Buffer Overflow Vulnerability in Hancom NEO Versions 9.6.1.5183 and Earlier: Remote Code Execution via Hyperlink Attributes
Stack Overflow Vulnerability in Alzip 10.76.0.0 and Earlier Allows Arbitrary Code Execution
Command Injection Vulnerability in ExtCommon.dll User Extension Module
Race Condition Vulnerability in Veraport G3 ALL on MacOS Allows Remote Code Execution
Insufficient Domain Validation in Veraport G3 ALL on MacOS Allows Remote Code Execution
Heap Based Buffer Overflow Vulnerability in KMPlayer 4.2.2.15 and Earlier: Remote Code Execution via Crafted FLV Format File
Heap Overflow Vulnerability in Hancom Office Software
Arbitrary Code Execution Vulnerability in SKCertService 2.5.5 and Earlier
Arbitrary File Download and Execution Vulnerability in DEXTUploadX5
Arbitrary File Download and Execution Vulnerability in ML Report Version 2.00.000.0000 - 2.18.628.5980
Incomplete Escape Codes in Irssi before 1.0.6: Accessing Data Beyond String End
Null Pointer Dereference Vulnerability in Irssi before 1.0.6
Incomplete Variable Argument Vulnerability in Irssi before 1.0.6 Allows Access to Data Beyond String End
Heap Buffer Overflow in Irssi Completion Code
Trustlet Stack Overflow Vulnerability on Samsung Mobile Devices with Exynos Chipsets (SVE-2017-10733)
SQL Injection Time-based Attack in PHP Melody 2.7.1 via ajax.php (playlist parameter)
Cross-Site Scripting (XSS) Vulnerability in Simple Download Monitor Plugin for WordPress
Cross-Site Scripting (XSS) Vulnerability in Simple Download Monitor Plugin for WordPress
XSS Vulnerability in Add Link to Facebook WordPress Plugin
XSS Vulnerability in Fork CMS 5.0.7: /private/en/pages/edit (title parameter)
XSS Vulnerability in Radiant CMS 1.1.4 via Crafted Markdown Input
Denial of Service and Potential Impact Vulnerability in K7 Antivirus 15.1.0306
Denial of Service and Potential Impact Vulnerability in K7 Antivirus 15.1.0306
Denial of Service and Potential Impact Vulnerability in K7 Antivirus 15.1.0306
Denial of Service and Potential Impact Vulnerability in K7 Antivirus 15.1.0306
Buffer Overflow Vulnerabilities in BarCodeWiz BarCode ActiveX Control (BarcodeWiz.DLL)
Remote Code Execution Vulnerability in Fisheye and Crucible
Bamboo Remote Code Execution Vulnerability
Remote Code Execution via Symbolic Link Editing in Atlassian Bitbucket Server
Code Execution Vulnerability in Sourcetree for Windows via Mercurial Repository Tag Name
Cross-Site Scripting (XSS) Vulnerability in Atlassian Application Links
Cross-Site Scripting (XSS) Vulnerability in Atlassian Fisheye and Crucible
Cross-Site Scripting (XSS) Vulnerability in Atlassian Universal Plugin Manager
Cross-Site Scripting (XSS) Vulnerability in Atlassian Jira's Issue Collector
Denial of Service Vulnerability in Atlassian Jira
Cross-Site Scripting (XSS) Vulnerability in Atlassian Jira EditIssue.jspa Resource
Arbitrary Script Injection via PATH_INFO in Grav CMS
Norton Core Router v237 Command Injection Vulnerability
DLL Preloading Vulnerability in Norton Utilities (prior to 16.0.3.44)
Race Condition Vulnerability in Symantec Endpoint Protection
Privilege Escalation Vulnerability in Symantec Endpoint Protection
DLL Preloading Vulnerability in Norton Power Eraser and SymDiag
Norton App Lock Vulnerability: Bypass Exploit Allows Device Access
Privilege Escalation Vulnerability in Symantec Management Agent Inventory Plugin
SAML Authentication Bypass Vulnerability in Symantec ASG and ProxySG
Norton App Lock Vulnerability: Device Access Bypass Exploit
Denial of Service Vulnerability in Symantec Encryption Management Server (SEMS) Prior to Version 3.4.2 MP1
Denial of Service Vulnerability in Xen 4.10 MSR Emulation Infrastructure
Memory Leaks in ReadPATTERNImage in ImageMagick 7.0.7-17 Q16
Memory Leaks in ReadRLAImage in ImageMagick 7.0.7-17 Q16
Heap-based Buffer Over-read in ImageMagick's ReadSIXELImage Function
Arbitrary Code Injection via Login Form in Shaarli
Integer Signedness Error Vulnerability in libming 0.4.8's readSBits Function
Large Loop Vulnerability in ImageWorsener 1.3.2 with libjpeg 8d
Infinite Loop Vulnerability in Bento4 1.5.1.0's AP4_FtypAtom Class
Denial of Service Vulnerability in Arista EOS BGP Peering
Denial of Service Vulnerability in Arista EOS Mlag Agent
Unauthenticated API Endpoint Information Disclosure in CoreOS Tectonic
Unverified X.509 Certificates in Neon App 1.6.14 iOS Allow Server Spoofing and Information Disclosure
Remote authenticated users can bypass attachment-deletion restrictions in Discuz! DiscuzX X3.4
Plaintext Information Disclosure in Flexense DiskBoss
Stack-Based Buffer Overflow in Flexense DiskBoss 8.8.16 and Earlier: Remote Code Execution
Cross-Site Scripting (XSS) Vulnerability in StackIdeas EasyDiscuss Extension for Joomla!
Vulnerability: Bypassing Free Time Wi-Fi Usage Restrictions in Ubiquiti UniFi 52 Devices
Arbitrary Code Execution Vulnerability in Ubiquiti EdgeOS 1.9.1 on EdgeRouter Lite Devices
Cobham Sea Tel 121 Build 222701 Devices Information Disclosure Vulnerability
Authentication Bypass Vulnerability in Cobham Sea Tel 121 Build 222701 Devices
Heap-Based Buffer Overflow in cv::Jpeg2KDecoder::readComponent8u
Assertion Failure in cv::RBaseStream::setPos due to Incorrect Integer Cast
Denial of Service Vulnerability in Malwarebytes Premium 3.3.1.2183 Driver (FARFLT.SYS)
Denial of Service Vulnerability in Malwarebytes Premium 3.3.1.2183 Driver (FARFLT.SYS)
Denial of Service Vulnerability in Malwarebytes Premium 3.3.1.2183 Driver (FARFLT.SYS)
Denial of Service Vulnerability in Malwarebytes Premium 3.3.1.2183 Driver (FARFLT.SYS)
Denial of Service Vulnerability in Malwarebytes Premium 3.3.1.2183 Driver (FARFLT.SYS)
Denial of Service Vulnerability in Malwarebytes Premium 3.3.1.2183 Driver (FARFLT.SYS)
Denial of Service Vulnerability in Malwarebytes Premium 3.3.1.2183 Driver (FARFLT.SYS)
Denial of Service Vulnerability in Malwarebytes Premium 3.3.1.2183 Driver (FARFLT.SYS)
Denial of Service Vulnerability in Malwarebytes Premium 3.3.1.2183 Driver (FARFLT.SYS)
Denial of Service Vulnerability in Malwarebytes Premium 3.3.1.2183 Driver (FARFLT.SYS)
XSS Vulnerability in SonicWall SonicOS on NSA 2016 Q4 Devices via Configure SSO Screens
Cross-Site Scripting (XSS) Vulnerability in SonicWall SonicOS on NSA 2017 Q4 Devices
Stack-based Buffer Overflow in Kentico 9.0 through 11.0 SilentInstall XML Document Parsing
Directory Traversal Vulnerability in Photos in Wifi Application 1.0.1 for iOS
XSS Vulnerability in ImageInject Plugin 1.15 for WordPress via flickr_appid Parameter
CSRF Vulnerability in ImageInject Plugin 1.15 for WordPress
XSS Vulnerability in GD Rating System Plugin 2.3 for WordPress
Directory Traversal Vulnerability in GD Rating System Plugin 2.3 for WordPress
XSS Vulnerability in GD Rating System Plugin 2.3 for WordPress
Directory Traversal Vulnerability in GD Rating System Plugin 2.3 for WordPress
Directory Traversal Vulnerability in GD Rating System Plugin 2.3 for WordPress
Directory Traversal Vulnerability in GD Rating System Plugin 2.3 for WordPress
XSS Vulnerability in GD Rating System Plugin 2.3 for WordPress
XSS Vulnerability in GD Rating System Plugin 2.3 for WordPress
Integer Overflow in readUInt32 Function in libming 0.4.8 Allows for Denial-of-Service Attacks via Crafted SWF File
Integer Overflow in PdfXRefStreamParserObject::ParseStream Function in PoDoFo 0.9.5 Allows for Denial-of-Service Attacks via Crafted PDF File
Uncontrolled Memory Allocation Vulnerability in PoDoFo 0.9.5
Insecure AES Encryption in Procter & Gamble Oral-B App for Android
Stack-based Buffer Overflow Vulnerability in Pulse Secure Pulse Connect Secure and Pulse Policy Secure
CSRF Vulnerability in Magento Community and Enterprise Editions
Cross-Site Scripting (XSS) Vulnerability in Impinj Speedway Connect R420 RFID Reader
ClickJacking Vulnerability in Impinj Speedway Connect R420 RFID Reader
Multiple Cross-Site Scripting (XSS) Vulnerabilities in Sonatype Nexus Repository Manager 3.x before 3.8
Multiple Cross-Site Scripting (XSS) Vulnerabilities in Sonatype Nexus Repository Manager (NXRM) 2.x before 2.14.6
Memory Corruption Vulnerability in PoDoFo 0.9.5
Integer Overflow in PdfObjectStreamParserObject::ReadObjectsFromStream Function in PoDoFo 0.9.5
Directory Traversal Vulnerability in Media from FTP Plugin for WordPress
XSS Vulnerability in Easy Custom Auto Excerpt Plugin 2.4.6 for WordPress
XSS Vulnerability in tabs-responsive Plugin 1.8.0 for WordPress via post_title Parameter
Privilege Escalation Vulnerability in Rapid Scada 5.5.0 due to Weak Access Control Permissions
Remote Command Injection Vulnerability in Citrix NetScaler ADC and NetScaler Gateway
SQL Injection Vulnerability in Wachipi WP Events Calendar Plugin 1.0 for WordPress
Cross-Site Scripting (XSS) Vulnerability in SagePay Server Gateway for WooCommerce Plugin
Remote Code Execution Vulnerability in RAVPower FileHub 2.000.056
Same Origin Policy Bypass in Cheetah Mobile CM Browser 5.22.06.0012 on Older Android Platforms
Same Origin Policy Bypass in Cheetah Mobile Armorfly Browser & Downloader 1.1.05.0010 on Older Android Platforms
Unauthenticated Access to Privileged Modules in ZUUSE BEIMS ContractorWeb .NET 5.18.0.0
Cross-Site Request Forgery (CSRF) Vulnerability in ZUUSE BEIMS ContractorWeb .NET 5.18.0.0
Denial of Service Vulnerability in ZyXEL P-660HW v3 Devices
XSS Vulnerability in DiscuzX X3.4 via view Parameter in space_poll.php
Heap-based Out-of-Bounds Write Vulnerability in Linux Kernel through 3.2
NULL pointer dereference vulnerability in rds_cmsg_atomic function in Linux kernel through 4.14.13
Vulnerability: Crash in Wireshark IxVeriWave File Parser
Buffer Overflow Vulnerability in Wireshark WCP Dissector
Recursion Depth Limitation Vulnerability in Wireshark Dissectors
Directory Traversal Vulnerability in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184
Missing Authentication/Authorization in Zoho ManageEngine Desktop Central Database Query Mechanism
Insufficient Enforcement of Database Query Type Restrictions in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184
Database Access Vulnerability in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184
File Type/Extension Validation Bypass in Zoho ManageEngine Desktop Central
Privilege Escalation Vulnerability in Zoho ManageEngine Desktop Central
Use-after-free vulnerability in Linux kernel through 4.14.13 allows for denial of service or other impact in drivers/block/loop.c
Stack-Based Buffer Overflow in GNOME gcab (CVE-2021-XXXX): Remote Code Execution Vulnerability
Unauthenticated Command Injection Vulnerability in Seagate Media Server
Privilege Escalation Vulnerability in Heimdal PRO v2.2.190
Remote Code Execution and Privilege Escalation Vulnerability in Zoho ManageEngine ADSelfService Plus
ANIXIS Password Reset Client before version 3.22 allows remote code execution and privilege escalation via spoofing vulnerability
Memory Leaks in ImageMagick 7.0.7-22 Q16's ReadDCMImage Function
Memory Leaks in ImageMagick 7.0.7-22 Q16: Vulnerability in EncodeImageAttributes Function
Remote Code Execution Vulnerability in Flexense SysGauge 3.6.18
Heap-based Buffer Over-read in LibTIFF before 4.0.6
CSRF Vulnerability in WPGlobus Plugin 1.9.6 for WordPress
XSS Vulnerability in WPGlobus Plugin 1.9.6 for WordPress
XSS Vulnerability in WPGlobus Plugin 1.9.6 for WordPress
XSS Vulnerability in WPGlobus Plugin 1.9.6 for WordPress
XSS Vulnerability in WPGlobus Plugin 1.9.6 for WordPress
XSS Vulnerability in WPGlobus Plugin 1.9.6 for WordPress
XSS Vulnerability in WPGlobus Plugin 1.9.6 for WordPress
CSRF Vulnerability in SrbTransLatin Plugin 1.46 for WordPress
XSS Vulnerability in SrbTransLatin Plugin 1.46 for WordPress
XSS Vulnerability in BizLogic xnami 1.0 via Comment Parameter
Arbitrary OS Command Execution in D-Link DSL-2640U and DSL-2540U Devices
SQL Injection Vulnerability in Testimonial Slider Plugin for WordPress
SQL Injection Vulnerability in Smooth Slider Plugin for WordPress
SQL Injection Vulnerability in Dbox 3D Slider Lite Plugin for WordPress
XSS Vulnerability in DiscuzX X3.4 via appid Parameter in delete Action
XSS Vulnerability in DiscuzX X3.4 via op parameter in spacecp_upload.php
Remote Access Bypass Vulnerability in Discuz! DiscuzX X3.4
Quagga BGP Daemon (bgpd) Invalid Attribute Length Vulnerability
Double-Free Memory Vulnerability in Quagga BGP Daemon (bgpd)
Quagga BGP Daemon (bgpd) Debug Code-to-String Conversion Table Overrun Vulnerability
Denial of Service Vulnerability in Quagga BGP Daemon (bgpd) Prior to Version 1.2.3
Weak HMAC in Default BKS Keystore Vulnerability
Vulnerability in Bluetooth Key Exchange Protocol
Unauthenticated Blind SQL Injection Vulnerability in Navarino Infinity Web Interface
Session Fixation Vulnerability in Navarino Infinity
Authentication Bypass Vulnerability in Navarino Infinity Functions (up to version 2.2)
SAMLBase Vulnerability: Bypassing Authentication via Manipulation of SAML Data
Buffer Underflow Vulnerability in stroke_socket.c in strongSwan
IKEv1 Main Mode Vulnerability: Offline Dictionary and Brute Force Attacks
Denial of Service Vulnerability in Linux Kernel Versions 4.9+
Linux Kernel Denial of Service Vulnerability via IP Fragment Re-assembly
ASLR Compatibility Vulnerability in mingw-w64 Version 5.0.4
Unauthenticated Remote Control and Code Execution in TP-LINK EAP Controller
Undocumented Dropbear SSH Server with Hard-coded Credentials in Auto-Maskin DCU 210E Firmware
Undocumented Custom Protocol Vulnerability in Auto-Maskin Products
Cleartext Transmission of Sensitive Data in Auto-Maskin DCU-210E, RP-210E, and Marine Pro Observer Android App
Unencrypted Transmission of Administrator PIN in Auto-Maskin DCU 210E, RP-210E, and Marine Pro Observer Android App
Vulnerability: Remote Code Execution in Imperva SecureSphere Gateway
Blind SQL Injection Vulnerabilities in Quest Kace K1000 Appliance
Arbitrary JavaScript Injection and Session Hijacking in Quest Kace K1000 Appliance
Misconfigured CORS Mechanism in Quest Kace K1000 Appliance Allows Unauthorized Access and Privilege Escalation
Exploiting Port Contention: A Side-Channel Timing Attack on Simultaneous Multi-threading (SMT) Processors
Insecure SSL Certificate Validation in PrinterLogic Print Management Software
Code Execution Vulnerability in PrinterLogic Print Management Software
Stack-based Buffer Overflow in Dokan1.sys Driver (Versions 1.0.0.5000 - 1.2.0.1000)
Stored Cross-Site Scripting Vulnerability in Pixar's Tractor Software (Versions 2.2 and Earlier)
Local Arbitrary Code Execution Vulnerability in Imperva SecureSphere v12.0.0.50
Privilege Escalation Vulnerability in Imperva SecureSphere v13.0, v12.0, and v11.5
Arbitrary Command Execution Vulnerability in TIBCO Data Virtualization
Arbitrary Code Execution Vulnerability in TIBCO JasperReports Server and Jaspersoft Studio
Vulnerability: Unauthorized Read-Only Access to TIBCO JasperReports Server Web Application
Persistent Cross-Site Scripting (XSS) Vulnerability in TIBCO JasperReports Server and Related Products
Cross-Site Scripting (XSS) Vulnerabilities in TIBCO Administrator Server Component
XML External Entity Expansion (XXE) Vulnerability in TIBCO Administrator Server Component
XML External Entity Expansion (XXE) Vulnerability in TIBCO Runtime Agent and TIBCO Runtime Agent for z/Linux
Multiple Remote Code Execution Vulnerabilities in TIBCO Spotfire Software
Multiple Information Disclosure Vulnerabilities in TIBCO Spotfire Server and Spotfire Analytics Platform
Multiple Unauthorized Information Disclosure Vulnerabilities in TIBCO Spotfire Software
Insufficient Session Expiration Vulnerability in Philips ISCV Application Prior to Version 2.3.0
Command Injection Vulnerability in Nortek Linear eMerge E3 Series Versions V0.32-07e and Prior
Stack-based Buffer Overflow in 3S-Smart CODESYS Web Server
Vulnerability: Improper Validation of Integrity Check Value in PHOENIX CONTACT mGuard Firmware
Stack-based Buffer Overflow Vulnerability in Fuji Electric V-Server VPR 4.0.1.0 and Prior
SQL Injection Vulnerability in Advantech WebAccess/SCADA
Path Traversal Vulnerability in Advantech WebAccess/SCADA
Vulnerability: Per-Product Credentials Exposure in Medtronic 2090 Carelink Programmer
Improper Input Validation Vulnerability in Nari PCS-9611 Relay
Medtronic 2090 Carelink Programmer Directory Traversal Vulnerability
NULL Pointer Dereference Vulnerability in Moxa OnCell G3100-HSPA Series
Insufficient Identity Verification in Philips Alice 6 System Version R8.0.2 or Prior
Stack-based Buffer Overflow Vulnerability in Emerson ControlWave Micro Process Automation Controller
Improper Handling of Length Parameter Inconsistency in Moxa OnCell G3100-HSPA Series
Remote Code Execution Vulnerability in Philips IntelliSpace Portal
Cookie Parameter Brute Force Attack Vulnerability in Moxa OnCell G3100-HSPA Series
Uncontrolled Search Path Element Vulnerability in Vyaire Medical CareFusion Upgrade Utility
SSL Legacy Encryption Vulnerability in Philips IntelliSpace Portal
Improper Authentication in WAGO PFC200 Series 3S CoDeSys Runtime
Inadequate Encryption Strength Vulnerability in Belden Hirschmann Switches
SSL Incorrect Hostname Certificate Vulnerability in Philips IntelliSpace Portal
LCDS LTDA ME LAquis SCADA 4.1.0.3391 and Earlier: Code Execution Vulnerability
Untrusted SSL Certificate Vulnerability in Philips IntelliSpace Portal
Session Fixation Vulnerability in Belden Hirschmann Switches: Web Session Hijacking
Critical SSL Certificate Vulnerability in Philips IntelliSpace Portal: Unauthorized Access Risk
Information Exposure Through Query Strings in Belden Hirschmann Switches
Critical Remote Desktop Access Vulnerability in Philips Intellispace Portal 7.0.x and 8.0.x
Belden Hirschmann Switches: Excessive Authentication Attempts Vulnerability
Unquoted Search Path Vulnerability in Philips IntelliSpace Portal
Cleartext Transmission of Sensitive Information in Belden Hirschmann Switches
Insecure Windows Permissions Vulnerability in Philips Intellispace Portal Versions 7.0.x and 8.0.x
Buffer Overflow Vulnerability in GE D60 Line Distance Relay Devices
Input Validation Vulnerability in Philips Intellispace Portal Versions 7.0.x and 8.0.x
GE D60 Line Distance Relay Firmware Version 7.11 and Prior: Remote Code Execution Vulnerability
Remote Code Execution Vulnerability in Delta Electronics Delta Industrial Automation DOPSoft
netCADOPS Web Application Password Entry Information Exposure Vulnerability
XSS Vulnerability in Contao Newsletter Unsubscribe Module
XSS Vulnerability in FoxSash ImgHosting 1.5 Allows Session Hijacking
Cookie Insecurity in OnCommand Unified Manager for 7-Mode: Impersonation via MITM Attacks
Insecure Transmission of Sensitive Cookie in NetApp SnapCenter Server
Privilege Escalation Vulnerability in NetApp OnCommand Unified Manager for Windows
Vulnerability: Unauthorized Code Execution in NetApp OnCommand Unified Manager for Linux (Versions 7.2-7.3)
Unauthenticated Remote Code Execution in NetApp OnCommand Unified Manager for Linux Versions 7.2-7.3
Unauthenticated Remote Code Execution in NetApp SANtricity Web Services Proxy and SANtricity Storage Manager
NetApp 7-Mode Transition Tool Privilege Escalation Vulnerability
Vulnerability: Inadequate Enforcement of Read-Only Export Policy Rules in Clustered Data ONTAP 8.3 RC Versions
Unauthenticated Remote Code Execution in NetApp E-Series SANtricity OS Controller Software 11.30 and later
ATTO FibreBridge 7500N Firmware DoS Vulnerability
Vulnerability: Unauthenticated Remote Code Execution in StorageGRID Webscale Admin Node
Sensitive Information Disclosure Vulnerability in Data ONTAP Operating in 7-Mode Versions Prior to 8.2.5P2
Sensitive Information Disclosure Vulnerability in Clustered Data ONTAP versions prior to 9.1P16, 9.3P10, and 9.4P5
Clustered Data ONTAP Versions 9.0-9.4: Remote Authenticated DoS Vulnerability in NFS and SMB Environments
ATTO FibreBridge 7500N Firmware Version 2.95 Denial of Service Vulnerability
Memory Leak Vulnerability in F5 BIG-IP Systems with Multipath TCP (MCTCP) Feature
Excessive Buffering Vulnerability in F5 BIG-IP TCP DNS Profile
Client Certificate Authentication Disruption Vulnerability on F5 BIG-IP Versions 13.0.0 - 13.1.0.3
TMM Restart Vulnerability in F5 BIG-IP
Websockets Request/Response Handling Vulnerability in F5 BIG-IP Systems
Vulnerability: TMM Restart in F5 BIG-IP with ASM and AVR Provisioned
Unauthenticated Brute Force Vulnerability in F5 BIG-IP Apache Modules
SSL decryption vulnerability on F5 BIG-IP versions 13.0.0, 12.1.0-12.1.3.1, 11.6.1-11.6.2, or 11.5.1-11.5.5 with small MTU
TMM Crash Vulnerability in F5 BIG-IP PEM
Denial of Service Vulnerability in F5 BIG-IP Versions 13.0.0 and 12.1.0 - 12.1.3.1
IPv6 Virtual Server Packet Sequence Vulnerability
Command Execution Vulnerability in F5 BIG-IP Configuration Utility
Vulnerability: TMM Restart on F5 BIG-IP 13.1.0-13.1.0.5 with LRO and SYN Cookies Enabled
F5 BIG-IP Proxy SSL Configuration Malformed TLS Handshake Vulnerability
Denial of Service Vulnerability in F5 BIG-IP 13.1.0-13.1.0.5 with HTTP/2 Profile Enabled
IPv6 RADIUS Authentication Response Vulnerability on F5 BIG-IP 13.0.0-13.1.0.5
Authenticated User File System Exfiltration Vulnerability
Malformed TCP Packets Vulnerability on F5 BIG-IP 13.1.0-13.1.0.5
Vulnerability: F5 BIG-IP VCMP Guest Disruption of Service
Arbitrary File Write Vulnerability in F5 BIG-IP
Unauthorized File System Access via TMOS Shell (tmsh) on F5 BIG-IP Systems
Arbitrary Content Reflection in F5 BIG-IP GeoIP Lookup Responses Vulnerability
F5 BIG-IP DIAMETER Attribute-Value Pairs Crash Vulnerability
Command Execution Vulnerability in F5 BIG-IP Configuration Utility
Vulnerability in F5 BIG-IP Virtual Servers with HSM-enabled SSL Profiles
F5 BIG-IP Configuration Utility Local File Exposure Vulnerability
Behavioral DOS (BADOS) Protection Failure Vulnerability
Memory Leak Vulnerability in BIG-IP 13.1.0-13.1.0.7 with SSL Forward Proxy Enabled
TMM Restart and Core File Generation Vulnerability in BIG-IP 13.0.1 and 13.1.0.4-13.1.0.7
Privilege Escalation Vulnerability in F5 BIG-IP APM Client
HPACK Bomb Vulnerability in F5 BIG-IP Virtual Servers with HTTP/2 Profiles
Denial of Service Vulnerability in F5 BIG-IP VCMP Guest and Host Systems
Persistent DNS Cache Poisoning Vulnerability in F5 BIG-IP
SSL Forward Proxy Traffic Processing Vulnerability in F5 BIG-IP
SSL Forward Proxy Traffic Processing Vulnerability
F5 BIG-IP Virtual Server Denial of Service Vulnerability
F5 BIG-IP APM Memory Leak Vulnerability
Remote Code Execution Vulnerability in F5 BIG-IP TMM Virtual Server
Unrestricted NOTIFY Message Acceptance on F5 BIG-IP DNS Management Interface
F5 BIG-IP ASM CSRF Protection Bypass Vulnerability
Privilege Escalation Vulnerability in F5 BIG-IP and Related Products
Excessive CPU Usage Vulnerability in F5 BIG-IP ASM
Unauthenticated HTTPS Health Monitor Vulnerability
Command Line Credential Disclosure in F5 BIG-IP Controller for Kubernetes
F5 BIG-IP APM Information Disclosure Vulnerability
Remote Code Execution Vulnerability in F5 WebSafe Alert Server 1.0.0-4.2.6
Privilege Escalation Vulnerability in F5 BIG-IP APM Client
Privilege Escalation via Windows Logon Integration in F5 BIG-IP APM Client
Insecure AES ECB Mode Vulnerability in BIG-IP APM 11.6.0-11.6.3
SAML Assertion Processing Vulnerability in BIG-IP APM
Reflective Cross-Site Scripting (XSS) Vulnerability in Epson AirPrint
Vulnerability: Known Passwords in DocuTrac QuicDoc and Office Therapy
Hard-coded Cryptographic Salt Vulnerability in DocuTrac QuicDoc and Office Therapy
Command Injection Vulnerability in Crestron Console Service on DGE-100, DM-DGE-200-C, and TS-1542-C Devices
Unencrypted API Response Vulnerability in Rapid7 Komand Versions 0.41.0 and Prior
Static, Hard-Coded Credential Vulnerability in Practecol's Guardzilla All-In-One Video Security System
Denial of Service Vulnerability in Long Range Zip (lrzip) 0.631
XSS Vulnerability in WordPress Dark Mode Plugin 1.6 via dark_mode_start Parameter
XSS Vulnerability in WordPress Dark Mode Plugin 1.6
Cross-Site Scripting (XSS) Vulnerability in Weblizar Pinterest Feeds Plugin for WordPress
Cross-Site Scripting (XSS) Vulnerability in Weblizar Pinterest Feeds Plugin for WordPress
XSS Vulnerability in Weblizar Pinterest Feeds Plugin for WordPress
CSRF Vulnerability in Weblizar Pinterest Feeds Plugin for WordPress
Cross-Site Scripting (XSS) Vulnerability in responsive-coming-soon-page Plugin for WordPress
CSRF Vulnerability in Responsive Coming Soon Page Plugin for WordPress
Cross-Site Scripting (XSS) Vulnerability in responsive-coming-soon-page Plugin for WordPress
Cross-Site Scripting (XSS) Vulnerability in Responsive Coming Soon Page Plugin for WordPress
Cross-Site Scripting (XSS) Vulnerability in responsive-coming-soon-page Plugin for WordPress
Cross-Site Scripting (XSS) Vulnerability in responsive-coming-soon-page Plugin for WordPress
Cross-Site Scripting (XSS) Vulnerability in responsive-coming-soon-page Plugin for WordPress
Cross-Site Scripting (XSS) Vulnerability in responsive-coming-soon-page Plugin for WordPress
Cross-Site Scripting (XSS) Vulnerability in responsive-coming-soon-page Plugin for WordPress
Cross-Site Scripting (XSS) Vulnerability in responsive-coming-soon-page Plugin for WordPress
Cross-Site Scripting (XSS) Vulnerability in read-and-understood Plugin for WordPress
Cross-Site Scripting (XSS) Vulnerability in read-and-understood Plugin 2.1 for WordPress
CSRF Vulnerability in Read-and-Understood Plugin 2.1 for WordPress
Cross-Site Scripting (XSS) Vulnerability in Booking-Calendar Plugin 2.1.7 for WordPress
Cross-Site Scripting (XSS) Vulnerability in Booking-Calendar Plugin 2.1.7 for WordPress
Cross-Site Scripting (XSS) Vulnerability in Booking-Calendar Plugin 2.1.7 for WordPress
CSRF Vulnerability in Booking-Calendar Plugin 2.1.7 for WordPress
Arbitrary Code Execution via Crafted PDF Files in Foxit Reader and PhantomPDF
Arbitrary Code Execution via Crafted PDF Files in Foxit Reader and PhantomPDF
Arbitrary Code Execution via Crafted PDF Files in Foxit Reader and PhantomPDF
Arbitrary Code Execution via Crafted PDF Files in Foxit Reader and PhantomPDF
Arbitrary Code Execution via Crafted PDF Files in Foxit Reader and PhantomPDF
Arbitrary Code Execution via Crafted PDF Files in Foxit Reader and PhantomPDF
Arbitrary Code Execution via Crafted PDF Files in Foxit Reader and PhantomPDF
XSS Vulnerability in PrestaShop 1.7.2.4: Source-code Editing on Pages > Edit page Screen
User Enumeration Vulnerability in PrestaShop 1.7.2.4 via Reset Password Feature
Improper Memory Address Validation in QEMU's vga_draw_text Function Allows for Denial of Service
Invalid memcpy call in ff_mov_read_stsd_entries function of libavformat/mov.c leading to denial of service and program failure
Denial of Service Vulnerability in GraphicsMagick 1.3.27 via Crafted BMP Image
Infinite Loop Vulnerability in MuPDF 1.12.0 Allows Remote Denial of Service
NewsBee Vulnerability: Cross-Site Scripting (XSS) Exploit via Company Name Field
Cross-Site Scripting (XSS) Vulnerability in ILIAS Setup Component
Arbitrary Script Injection via Email in Dotclear 2.12.1
Arbitrary Script Injection in Dotclear 2.12.1 admin/users.php
XSS Vulnerability in SonicWall Global Management System (GMS) 8.1 via `/sgms/TreeControl` Module
Cross-Site Scripting (XSS) Vulnerability in Piwigo v2.8.2's admin.php File
Information Disclosure Vulnerability in LinuxMagic MagicSpam Extension for Plesk
Arbitrary Command Execution Vulnerability in Flash Operator Panel (FOP) 2.31.03
SQL Injection Vulnerability in WpJobBoard Plugin 4.4.4 for WordPress
SQL Injection Vulnerability in iJoomla com_adagency Plugin 6.0.9 for Joomla!
SQL Injection Vulnerability in Icy Phoenix 2.2.0.105 via admin_kb_art.php and admin_jr_admin.php
Heap-Based Buffer Over-Read Vulnerability in WizardMac ReadStat 0.1.1
Remote Code Execution via Directory Traversal in Winmail Server 6.2
Arbitrary Write Vulnerability in Iolo System Shield AntiVirus and AntiSpyware 5.0.0.136
Remote Code Execution and File Write Vulnerability in Transmission 2.92
Denial of Service and Slab Out-of-Bounds Write Vulnerability in Linux Kernel's tcp_v6_syn_recv_sock Function
Cross-Protocol Scripting Vulnerability in OpenOCD 0.10.0
XSS Vulnerability in Reservo Image Hosting 1.6's Search Engine Allows Session Hijacking
Privilege Escalation Vulnerability in Octopus Deploy
Unauthenticated User Can Obtain Admin Credentials in D-Link DIR-601 B1 2.02NA
Kerberos 5 Database Dump Variable Type Mismatch Vulnerability
NULL Pointer Dereference in MIT Kerberos 5 (krb5) Plugin
Infinite Loop Vulnerability in GD Graphics Library
Reflected XSS Vulnerability in PHP PHAR 404 Error Page
Denial of Service and Potential Impact Vulnerability in Malwarefox Anti-Malware 2.72.169
Denial of Service and Potential Impact Vulnerability in Malwarefox Anti-Malware 2.72.169
XSS Vulnerability in phprint.php of SugarCRM 3.5.1 via Query String Parameter Name
Path Traversal Vulnerability in Reprise License Manager 11.0
Firmware Downgrade Vulnerability in NCR S2 Dispenser Controller
Memory Buffer Write Vulnerability in snscore.sys in SoftControl/SafenSoft SysWatch, SoftControl/SafenSoft TPSecure, SoftControl/SafenSoft Enterprise Suite before version 4.4.1
CSRF Vulnerability Allows Unauthorized Modification of Settings on DODOCOOL DC38 3-in-1 N300 Mini Wireless Range Extender
ASUS Router Stack-based Buffer Overflow Vulnerability
Hardcoded Password Vulnerability in MASTER IPCAMERA01 3.3.4.2103 Devices
Unauthenticated Configuration Download and Upload Vulnerability in MASTER IPCAMERA01 3.3.4.2103 Devices
Unauthenticated Configuration Change in MASTER IPCAMERA01 3.3.4.2103 Devices via Web Server Port Number
Sensitive Information Disclosure in MASTER IPCAMERA01 3.3.4.2103 Devices via Crafted HTTP Request
Integer Overflow Vulnerability in OpenJPEG 2.3.0's opj_t1_encode_cblks Function
Remote Information Disclosure Vulnerability in Cobham Sea Tel 121 Build 222701 Devices
LDAP Kerberos Database Denial of Service and Bypass Vulnerability
LDAP Kerberos Database Container Bypass Vulnerability
Vulnerability: File Overwrite and Execution Race Condition in Heimdal PRO 2.2.190
Buffer Overflow Vulnerability in ISC DHCP
DHCP Server Vulnerability: Denial of Service via Overflow of Reference Counter
BIND Vulnerability: Assertion Failure in badcache.c
Assertion failure vulnerability in Debian backport of CVE-2017-3137 fix
Zone Database Reference Counting Vulnerability in BIND 9.12.0 and 9.12.1
Vulnerability: Assertion Failure and Undesirable Behavior in BIND 9.12 Serve-Stale Feature
Vulnerability: Improper Inheritance of allow-recursion Setting in BIND Nameserver
Memory Leak in Kea DHCP 1.4.0 Hooks Library
Deny-Answer-Aliases Assertion Failure Vulnerability in BIND DNS Server
Misleading Documentation for BIND Update-Policy Vulnerability
Assertion Failure Vulnerability in BIND9 (RedHat Versions)
BIND Vulnerability: Exploitable TCP Connection Limit Bypass (CVE-2018-5743)
Memory Leak Vulnerability in BIND DNS Server
BIND managed-keys Key Rollover Vulnerability
Use-after-free vulnerability in lrzip 0.631 allows remote attackers to cause denial of service via crafted lrz file
Denial of Service Vulnerability in libvirt's QEMU Monitor
Arbitrary PHP Code Execution in Minecraft Servers List Lite and Premium Minecraft Servers List
Sensitive Address Information Disclosure in Linux Kernel ACPI SBS HC printk Call
Information Disclosure Vulnerability in Open-Xchange OX App Suite
Server-side Request Forgery (SSRF) Vulnerability in Open-Xchange OX App Suite
Email Spoofing Vulnerability in Open-Xchange OX App Suite
Arbitrary Script Injection via Office-Web Component in Open-Xchange OX App Suite
Absolute Path Traversal Vulnerability in Open-Xchange OX App Suite
Arbitrary Task Deletion Vulnerability in Open-Xchange OX App Suite
Remote Code Execution Vulnerability in AudioCodes 450HD IP Phone Devices
XML External Entity (XXE) Vulnerability in Aurea Jive Jive-n 9.0.2.1 On-Premises Upload File Functionality
Denial of Service Vulnerability in Artifex MuJS through 1.0.2
Rubrik CDM Vulnerability: Man-in-the-Middle Attack on vCenter Access
ROBOT Attack: Bleichenbacher RSA Padding Oracle Vulnerability in Unisys ClearPath MCP Systems
Denial of Service Vulnerability in OXID eShop with High Performance Option and Varnish
Multiple --protect-args Bypass Vulnerability in rsyncd
Invalid memcpy in av_packet_ref function leads to denial of service vulnerability in Libav through 12.2
Remote Code Execution Vulnerability in Tenda AC15 V15.03.1.16_multi Devices
Remote Code Execution Vulnerability in Tenda AC15 Router via Specially Crafted COOKIE Header
Default Root Accounts with Telnet Access on Tenda AC15 Devices
Exiv2 0.26 Denial of Service Vulnerability via Crafted TIF File
XSS Vulnerability in markdown2 (python-markdown2) through 2.3.5
XSS Vulnerability in WordPress MediaElement Flash Fallback Files
Arbitrary Command Execution Vulnerability in Ipswitch WhatsUp Gold TFTP Server
Multiple SQL Injection Vulnerabilities in Ipswitch WhatsUp Gold
Arbitrary Code Execution Vulnerability in Mitel Connect ONSITE and Mitel ST
Arbitrary PHP Code Execution Vulnerability in Mitel Connect ONSITE and Mitel ST
Arbitrary PHP Code Execution Vulnerability in Mitel Connect ONSITE and Mitel ST
Arbitrary PHP Code Execution Vulnerability in Mitel Connect ONSITE and Mitel ST
Uncontrolled Memory Allocation Vulnerability in PoDoFo 0.9.5
Uncontrolled Resource Consumption in LibTIFF 4.0.9 TIFFSetDirectory Function
Integer Overflow in OpenJPEG 2.3.0: Denial of Service via Crafted BMP File
Denial of Service Vulnerability in Long Range Zip (lrzip) 0.631
Remote, Unauthenticated Stack Overflow in ExtremeWireless WiNG Access Point
Remote, Unauthenticated Denial of Service Vulnerability in ExtremeWireless WiNG Access Point
Remote, Unauthenticated XML Entity Expansion Denial of Service in ExtremeWireless WiNG Access Point/Controller
Remote, Unauthenticated Global Denial of Service in ExtremeWireless WiNG Access Points via Crafted MINT Protocol Packets
Remote, Unauthenticated Heap Overflow in ExtremeWireless WiNG Access Point via Crafted Packets
Remote, Unauthenticated Heap Overflow in ExtremeWireless WiNG Access Point via Crafted Packets
Remote, Unauthenticated Heap Overflow in ExtremeWireless WiNG Access Point via Crafted Packets
Unauthenticated Access to AeroScout Service via Crafted UDP Packet in ExtremeWireless WiNG
Arbitrary File Write Vulnerability in ExtremeWireless WiNG Access Point / Controller
Hidden Root Shell Vulnerability in ExtremeWireless WiNG 5.x and 5.9.x
Smint_encrypt Hardcoded AES Key Vulnerability
Unspecified Cross Site Scripting Vulnerability in Cloudera Manager
Zoho ManageEngine ServiceDesk Plus XSS Vulnerability (SD-69139)
Heap-based Buffer Overflow in LibRaw's kodak_ycbcr_load_raw() Function
NULL Pointer Dereference in LibRaw's LibRaw::unpack() Function
Out-of-Bounds Read Vulnerability in LibRaw's kodak_radc_load_raw() Function
SCTP Packet Length Handling Vulnerability in Linux Kernel
Type Confusion Vulnerability in LibRaw's identify() Function Leading to Division by Zero
Stack-based Buffer Overflow in LibRaw's quicktake_100_load_raw() Function
NULL Pointer Dereference Vulnerability in LibRaw's leaf_hdr_load_raw() Function
Out-of-Bounds Read Vulnerability in LibRaw's samsung_load_raw() Function
Stack-based buffer overflow vulnerability in LibRaw versions prior to 0.18.9 in find_green() function in internal/dcraw_common.cpp
Stack-based buffer overflow in LibRaw::parse_exif() function in LibRaw versions prior to 0.18.9
Heap-based Buffer Overflow in rollei_load_raw() Function in LibRaw Versions Prior to 0.18.9
Out-of-Bounds Read Vulnerability in LibRaw's nikon_coolscan_load_raw() Function
NULL Pointer Dereference Vulnerability in LibRaw's nikon_coolscan_load_raw() Function
Infinite Loop Vulnerability in LibRaw's parse_minolta() Function
Race condition vulnerabilities in Linux Kernel USB over IP handling
Integer Overflow Vulnerability in LibRaw's parse_qt() Function
Integer Overflow Vulnerability in LibRaw's identify() Function
Infinite Loop Vulnerability in LibRaw's unpacked_load_raw() Function
Infinite Loop Vulnerability in LibRaw's parse_rollei() Function
CPU Resource Exhaustion Vulnerability in LibRaw versions prior to 0.19.1
Heap Overwrite Vulnerability in Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android
Out-of-Bounds Read Vulnerability in Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android
WLAN FW Buffer Overwrite Vulnerability in Qualcomm Android and Firefox OS
Buffer Overflow Vulnerability in Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android
Buffer Overflow Vulnerability in Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android
Use After Free Vulnerability in Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with Linux Kernel
Race Condition Vulnerability in Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with Linux Kernel
Buffer Overflow Vulnerability in WLAN Processing of Extscan Hotlist Event
Buffer Overwrite Vulnerability in Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android
Buffer Over-read Vulnerability in wlan_hdd_cfg80211_set_privacy_ibss()
Buffer Overflow Vulnerability in Android Releases from CAF before Security Patch Level 2018-06-05
Use After Free Vulnerability in KGSL Driver in Android Releases
Race Condition Vulnerability in Camera Driver Ioctl Handler in Android Releases
Buffer Overwrite Vulnerability in __wlan_hdd_cfg80211_vendor_scan()
Buffer overflow vulnerability in __wlan_hdd_cfg80211_add_key() in Android releases from CAF before security patch level 2018-06-05
Out-of-Bounds Access Vulnerability in wma_nan_rsp_event_handler() in Android Releases
Flawed RNG in Snapdragon Devices Leads to Improper MAC Address Randomization
Out-of-Bounds Access Vulnerability in SurfaceFlinger of Snapdragon Devices
Memory Protection Misconfiguration Vulnerability in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile
Buffer Overflow Vulnerability in DRM SDE Driver Initialization Sequence in Android Releases from CAF
Invalid Initialization of dcc_curr_list in Android Releases from CAF: Potential Linux Kernel Vulnerability
Arbitrary Address Write Vulnerability in Android WLAN Firmware
Buffer Overwrite Vulnerability in wma_pdev_div_info_evt_handler() Function
Vulnerability: Use-After-Free in set_output_buffers() Function in Android Video Driver
Race Condition in drm_atomic_nonblocking_commit() Can Lead to Use After Free Vulnerability in Android Releases
Use After Free Vulnerability in IPA Driver for Android Releases
Use After Free Vulnerability in Android Releases from CAF
Unsigned Integer Overflow in wmi_set_ie() Function Leads to Buffer Overflow in Android Releases
Race Condition Vulnerability in QTEECOM Driver Leads to Use After Free in Android Releases
Integer Underflow Vulnerability in csr_update_fils_params_rso() Function
Buffer Overflow Vulnerability in Android Releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android)
Race Condition Vulnerability in Android Driver
Stack-Based Buffer Overflow Vulnerability in Fastboot on Android Releases
Buffer Over-read Vulnerability in Android Releases from CAF before Security Patch Level 2018-07-05
Race Condition Vulnerability in Audio Leading to Use After Free in CAF Android Releases
Use After Free Vulnerability in WCD CPE Codec in Android Releases
Out of Bounds Access Vulnerability in Android Audio Debugfs
Race Condition Vulnerability in MDSS MDP Driver in Android Releases
Uninitialized Data Structure Vulnerability in MDSS Driver on Android
Incomplete Partition Size Checks Leading to Heap Overwrite Vulnerabilities in Android Releases from CAF
Buffer Overwrite Vulnerability in wlan_hdd_cfg80211_vendor_scan() in Android Releases
Buffer Overflow Vulnerability in Android's WPA RSN IE Length Handling
Buffer Over-read and Information Leak in WMI_APFIND Event Processing in Android Releases from CAF
Integer Underflow and Buffer Over-read Vulnerability in Android CAF Firmware
Untrusted Pointer Vulnerability in Snapdragon Mobile and Snapdragon Wear Devices
Buffer Overflow Vulnerability in WideVine in Snapdragon Devices
Buffer Overflow Vulnerability in WideVine on Snapdragon Automobile and Snapdragon Mobile Devices
Improper Input Validation in QTEE Keymaster App: Vulnerability in Snapdragon Mobile and Snapdragon Wear
Untrusted Pointer Dereference Vulnerability in Snapdragon Mobile (SD 835, SDA660, SDX24)
Flawed RNG in Snapdragon Devices Leads to Inadequate MAC Address Randomization
Out-of-Range Pointer Offset Vulnerability in Android Releases from CAF
Race Condition Vulnerability in Linux Kernel and Android Releases
Stack-based Buffer Overflow in Snapdragon Automobile, Mobile, and Wear: Vulnerability in MP4 File Parsing
Integer Overflow and Buffer Overflow Vulnerability in Snapdragon Platforms
Buffer Overflow Vulnerability in Snapdragon Automobile, Mobile, and Wear: Parsing MP4 Files
Improper NULL Termination Vulnerability in Snapdragon Devices
Buffer Overflow Vulnerability in Snapdragon Automobile, Mobile, and Wear Devices during RIL_REQUEST_GET_SMSC_ADDRESS Response Handling
MQTT Message Length Check Vulnerability in Snapdragon Mobile and Snapdragon Wear Devices
Buffer Overflow Vulnerability in Snapdragon Mobile and Snapdragon Wear Devices
Buffer Overflow Vulnerability in Snapdragon Mobile and Snapdragon Wear Devices
Buffer Over-read Vulnerability in Snapdragon Automobile, Mobile, and Wear
Buffer Overflow Vulnerability in WLAN Driver Event Handlers
Unrestricted Access to Qualcomm-Specific Proprietary Intents in Snapdragon Mobile and Snapdragon Wear
Buffer Overflow Vulnerability in Snapdragon Mobile and Snapdragon Wear during Dynamic Font Loading
Unvalidated Pointer Vulnerability in Android CAF Releases
Array Index Out of Bounds Vulnerability in USB StrSerialDescriptor Array Processing in Android Releases from CAF
Out of Bounds Access Vulnerability in Android Releases from CAF
Buffer Overflow Vulnerability in Android Releases from CAF Using Linux Kernel
Device Tree Size Bypass Vulnerability in Android Releases from CAF
Use After Free Vulnerability in Snapdragon Mobile and Snapdragon Wear
Privacy Breach: Touch Pal App Collects User Behavior Data Without Consent in Snapdragon Mobile and Snapdragon Wear
Buffer Overwrite Vulnerability in Android Releases from CAF
Out-of-Bounds Access Vulnerability in Snapdragon Multimedia Parsing
Buffer Over-read Vulnerability in wma_process_utf_event() in Android Releases from CAF
Out-of-Bound Read Vulnerability in Android Releases from CAF
Buffer Over-read Vulnerability in dci_process_ctrl_status() in Android Releases from CAF
Integer Overflow in msm_pcm_adsp_stream_cmd_put() Function in Android Releases from CAF
Use After Free Vulnerability in TDLS Connection Setup in Android Releases from CAF
Improper Validation of Array Leads to Out of Bounds Read Vulnerability in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music in Multiple Qualcomm Chipsets
LPM Status Driver Use After Free Vulnerability in Android Releases
Race Condition Vulnerability in DIAG Services Leading to Out-of-Boundary Access
Possible Buffer Overflow in Debugfs Module in CAF Android Releases
Buffer Overflow Vulnerability in msm_adsp_stream_callback_put
Possible Buffer Overflow Vulnerability in Display Function in CAF Android Releases
Buffer Overflow Vulnerability in Display Handlers of CAF Android Releases
Memory Corruption Vulnerability in CAF Android Releases with Improper Check in Display Handlers
Buffer Overflow Vulnerability in WLAN Function in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCS605, SD 625, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820A, SD 855, SDM630, SDM660, SDX20, SDX24
Critical Buffer Overflow Vulnerability in Snapdragon Processors: Video Component
Side Channel Vulnerability in Non-Time Constant Function memcmp in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High
Array Out of Bounds Vulnerability in TZ Function of Snapdragon Mobile and Wear Devices
IPv6 Packet Processing Vulnerability in Snapdragon Automobile, Mobile, and Wear Devices
Buffer Overread Vulnerability in Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear Devices
Critical Buffer Overflow Vulnerability in Snapdragon Processors: OEM Crypto Function Input Validation Issue
Buffer Overflow Vulnerability in Snapdragon Processors
Use After Free Vulnerability in WLAN Host Driver Can Cause Device Reboot
Cross Site Request Forgery Vulnerability in HP Printers and MFPs Firmware
Vulnerability: Arbitrary Code Execution via Solution Application Signature Checking in HP Printers
Stack Buffer Overflow Vulnerability in HP Inkjet Printers Allows Remote Code Execution
HP Inkjet Printers Vulnerability: Remote Code Execution via Buffer Overflow
HP Remote Graphics Software Certificate Authentication Vulnerability
Local Privilege Escalation in HP Support Assistant
Mailman Web UI XSS Vulnerability
IPv6 Packet Size Vulnerability in MikroTik RouterOS
Sensitive Address Information Disclosure in Linux Kernel's swiotlb_print_info Function
Denial of Service Vulnerability in phpFreeChat 1.7 and Earlier
Unauthenticated User Addition Vulnerability in GitStack
Denial of Service Vulnerability in Zillya! Antivirus 3.0.2230.0
Unvalidated Input in Zillya! Antivirus Driver (zef.sys) Allows Denial of Service
Denial of Service Vulnerability in Zillya! Antivirus 3.0.2230.0
SQL Injection in Zenario v7.1 - v7.6 via Categories - Edit Module
XSS Vulnerability in CentOS Web Panel (CWP) v0.9.8.12 via index.php
XSS Vulnerability in CentOS-WebPanel.com (CWP) v0.9.8.12
XSS Vulnerability in CMS Made Simple (CMSMS) 2.2.5 via title parameter in admin/addbookmark.php
XSS Vulnerability in CMS Made Simple (CMSMS) 2.2.5 via m1_messages Parameter
XSS Vulnerability in CMS Made Simple (CMSMS) 2.2.5 via m1_errors Parameter
Cross-Site Scripting (XSS) Vulnerability in Netis WF2419 V2.2.36123 Bandwidth Control Rule Settings
Unauthenticated Remote Code Execution in FasterXML Jackson-Databind
CSRF Vulnerability in Photography CMS 1.0 Allows Unauthorized Admin Account Creation
SQL Injection in JGive 2.0.9 Component for Joomla! via filter_org_ind_type or campaign_countries parameter
SQL Injection Vulnerability in MediaLibrary Free 4.0.12 Component for Joomla!
SQL Injection in Classified Ads CMS Quickad 4.0: Exploiting Keywords, Placeid, Cat, and Subcat Parameters
SQL Injection in Professional Local Directory Script 1.0 via IndustryID and CategoryID Parameters
SQL Injection Vulnerability in SimpleCalendar 3.1.9 Component for Joomla!
SQL Injection in Smart Shoutbox 3.0.0 Component for Joomla! via shoutauthor Parameter
CSRF Vulnerability in RSVP Invitation Online 1.0 Allows Unauthorized Password Modification
SQL Injection Vulnerability in Affiligator Affiliate Webshop Management System 2.1.0 via search/?q=&price_type=range&price= Request
SQL Injection Vulnerability in Facebook Style Php Ajax Chat Zechat 1.5 via login.php User Field
SQL Injection in Wchat Fully Responsive PHP AJAX Chat Script 1.5: Login.php User Field Vulnerability
SQL Injection Vulnerability in Solidres 2.5.1 Component for Joomla!
SQL Injection Vulnerability in Gallery WD 1.3.6 Component for Joomla!
SQL Injection Vulnerability in Advertisement Board 3.1.0 Component for Joomla!
SQL Injection Vulnerability in JquickContact 1.3.2.2.1 Component for Joomla!
SQL Injection Vulnerability in Tumder 2.1 Component for Joomla!
SQL Injection Vulnerability in LiveCRM SaaS Cloud 1.0 Component for Joomla!
SQL Injection Vulnerability in Easy Car Script 2014 via site_search.php
Multiple SQL Injection Vulnerabilities in Pinterest Clone Social Pinboard 2.0 Component for Joomla!
SQL Injection in Flexible Poll 1.2 via id parameter in mobile_preview.php or index.php
SQL Injection in ccNewsletter 2.x Component for Joomla! via id parameter in task=removeSubscriber action
SQL Injection Vulnerability in AllVideos Reloaded 1.2.x Component for Joomla! via divid Parameter
SQL Injection in Form Maker 3.6.12 Component for Joomla! via view=stats Parameter
SQL Injection Vulnerability in Staff Master Component for Joomla!
SQL Injection Vulnerability in Aist through 2.0 Component for Joomla! via id Parameter in view=showvacancy Request
SQL Injection in JS Jobs 1.1.9 Component for Joomla! via Zipcode and TA Parameters
Sensitive Address Information Disclosure in Linux Kernel
Memory Corruption Vulnerability in NCompress::NRar3::CDecoder::Code Method of 7-Zip
Unrestricted Upload and Path Traversal Vulnerability Leading to Remote Code Execution as Root in RAVPower Filehub 2.000.056
Authentication Bypass Vulnerability in AsusWRT
Remote Administrative Access Vulnerability in AsusWRT
Cross-Site Scripting Vulnerability in Soundy Audio Playlist Plugin for WordPress
Cross-Site Scripting Vulnerability in Soundy Background Music Plugin for WordPress
Unlimited Recursion in GNU Libtasn1 BER Decoder Leads to Stack Exhaustion and DoS
SQL Injection Vulnerability in File Download Tracker 3.0 Component for Joomla!
SQL Injection Vulnerability in Realpin Component for Joomla! (Version 1.5.04) via Pinboard Parameter
SQL Injection Vulnerability in JS Autoz 1.0.9 Component for Joomla!
CSRF Vulnerability in JS Support Ticket 1.1.0 Component for Joomla!
Arbitrary File Download Vulnerability in Jtag Members Directory 5.3.7 Component for Joomla!
CSRF Token Regeneration Vulnerability in Yii Framework 2.x before 2.0.14
Information Disclosure and Reflected XSS Vulnerability in Yii Framework 2.x
Use of Password Hash Instead of Password for Authentication in Green Electronics RainMachine Mini-8 (2nd generation)
Arbitrary Code Injection Vulnerability in Green Electronics RainMachine Mini-8 (2nd generation) 'Weather Service' Feature
Arbitrary Web Script Injection Vulnerability in BigTree 4.2.19
Insecure Cross-Domain Policy in Subsonic v6.1.3 Allows for User Data Theft via SWF Exploit
Arbitrary CSV Data Download Vulnerability in Email Subscribers & Newsletters Plugin
Unquoted Windows Search Path Privilege Escalation Vulnerability in 10-Strike Network Monitor 5.4
Privacy Breach: Unencrypted Image Transmission in Tinder iOS and Android Apps Exposes Sensitive Data
Fixed-size HTTPS responses in Tinder apps enable information extraction through network traffic sniffing
Failure to Use Encryption in Samsung Display Solutions App Allows Man-in-the-Middle Attackers to Spoof B2B Content
Unauthenticated Modification of System Settings in Silex SX-500 and GE MobileLink (GEH-500)
Remote Code Execution Vulnerability in Silex SD-320AN and GE MobileLink
Arbitrary File Deletion via Directory Traversal in NoneCms 1.3.0
CSRF Vulnerability in Fastweb FASTgate 0.00.47 Devices: Wi-Fi Password Changing and Guest Wi-Fi Activation
SQL Injection Vulnerability in Project Log 1.5.3 Component for Joomla!
Server Side Request Forgery (SSRF) vulnerability in NoneCms 1.3.0 allows unauthorized access to internal and external network resources via the copy function in application/admin/controller/Article.php.
PDFium Use After Free Vulnerability in Google Chrome
Cross-Origin Data Leakage Vulnerability in Google Chrome
Remote Code Execution via Crafted Chrome Extension in Google Chrome
Out of Bounds Memory Read Vulnerability in WebGL in Google Chrome
File Data Leakage Vulnerability in Google Chrome DevTools
Data Leakage Vulnerability in V8 Engine of Google Chrome (CVE-2018-6031)
Insufficient User Gesture Vulnerability in Google Chrome Autofill
WebGL Heap Buffer Overflow in Google Chrome: Remote Memory Read Vulnerability
Cross-Origin Data Leakage via Crafted Chrome Extension in Google Chrome
Bypassing Content Security Policy in Google Chrome prior to 64.0.3282.119
Omnibox Spoofing Vulnerability in Google Chrome
Omnibox Spoofing Vulnerability in Google Chrome
Arbitrary Program Execution Vulnerability in Google Chrome External Protocol Handler
File Data Leakage Vulnerability in Google Chrome DevTools
Cross-Origin Data Leakage via Crafted Chrome Extension in Google Chrome
WebGL Policy Enforcement Vulnerability in Google Chrome
Referrer Information Leakage Vulnerability in Google Chrome
Origin Spoofing Vulnerability in Google Chrome
Omnibox Spoofing Vulnerability in Google Chrome
Cross-Site Scripting (XSS) Auditor Bypass in Google Chrome prior to 64.0.3282.119
Referrer Leakage Vulnerability in Google Chrome prior to 64.0.3282.119
Local Information Disclosure Vulnerability in Google Chrome New Tab Page
Use After Free Vulnerability in Google Chrome WebUI
Remote Code Execution Vulnerability in Google Chrome Catalog Service
Type Confusion Vulnerability in V8 Allows Remote Code Execution in Google Chrome
Remote Code Execution Vulnerability in Google Chrome Prior to 65.0.3325.146
WebAudio Use After Free Vulnerability in Google Chrome
Race Condition Vulnerability in SharedArrayBuffers Handling in Google Chrome
Skia Heap Overflow Write Vulnerability in Google Chrome (CVE-2018-6061)
Out of Bounds Memory Write Vulnerability in Mojo in Google Chrome
Type Confusion Vulnerability in V8's __defineGetter__ Implementation in Google Chrome (CVE-2018-6065)
Integer Overflow in V8 JavaScript Object Instantiation Vulnerability
Cross-Origin Resource Sharing (CORS) Vulnerability in Google Chrome prior to 65.0.3325.146
Heap Corruption Vulnerability in Skia in Google Chrome
Spoofing Vulnerability in Chrome Custom Tab Allows URL Bar Manipulation
Skia Stack Buffer Overflow Vulnerability in Google Chrome
CSP Bypass Vulnerability in Google Chrome Prior to 65.0.3325.146
Integer Overflow Vulnerability in Skia in Google Chrome
Integer Overflow and Use After Free Vulnerability in PDFium in Google Chrome
Heap Buffer Overflow in WebGL in Google Chrome (CVE-2018-6065)
Bypassing OS Level Controls via Mark-of-the-Web Vulnerability in Google Chrome
Cross-Origin Data Leakage in Google Chrome Prior to 65.0.3325.146
DOM-based XSS Vulnerability in Google Chrome
Cross-Origin Data Leakage via Displacement Map Filters in Google Chrome (CVE-2018-6066)
Omnibox Spoofing Vulnerability in Google Chrome
Cross-Origin Data Leakage in WebGL Texture Sharing
Remote Memory Metadata Leak in Google Chrome prior to 65.0.3325.146
XSS Vulnerabilities in Interstitials in Google Chrome: Arbitrary Script Injection via Crafted HTML Page
FTP Port Enumeration Vulnerability in Google Chrome (prior to 65.0.3325.146)
Privileged API Access Vulnerability in Google Chrome Prior to 65.0.3325.146
Arbitrary Code Execution via Insufficiently Sanitized Distributed Objects in Google Chrome Updater on macOS
Remote Code Execution Vulnerability in Google Chrome Networking Disk Cache
Double-eviction Vulnerability in Google Chrome's Incognito Mode Cache
WebAssembly Use-After-Free Remote Code Execution Vulnerability in Google Chrome
PDFium Iterator-Invalidation Bug Allows Remote Code Execution in Google Chrome
CORS Bypass Vulnerability in Google Chrome Service Worker
Integer Overflow Leading to Heap Buffer-Overflow in Skia in Google Chrome
Cross-Origin Data Leakage via Fetch API in Google Chrome
Integer Overflow Vulnerability in WebAssembly in Google Chrome
Cross-Origin Data Leakage in Google Chrome Prior to 66.0.3359.117
Heap Corruption Vulnerability in Google Chrome Prior to 66.0.3359.117 via Crafted HTML Page
File Picker Dismissal Vulnerability in Google Chrome (prior to 66.0.3359.117) Allows Remote File Reading
Full Screen Warning Obscuration Vulnerability in Google Chrome (prior to 66.0.3359.117)
Fullscreen Bypass Vulnerability in Google Chrome on macOS
Domain Spoofing via IDN Homographs in Google Chrome
CORS Vulnerability in Google Chrome: Remote Data Leakage via Crafted HTML Page
Domain Spoofing Vulnerability in Google Chrome on macOS
Remote Code Execution Vulnerability in Google Chrome DevTools
Omnibox Spoofing Vulnerability in Google Chrome
Stagnant Permission Prompt Vulnerability in Google Chrome (prior to 66.0.3359.117)
Domain Spoofing via IDN Homographs in Google Chrome
Domain Spoofing via IDN Homographs in Google Chrome
Object Corruption Vulnerability in Asynchronous Generator in Google Chrome (prior to 66.0.3359.117)
Domain Spoofing via IDN Homographs in Google Chrome
Domain Spoofing via IDN Homographs in Google Chrome
File API in Google Chrome prior to 66.0.3359.117 allows unauthorized indefinite file reading
Remote Code Execution via Local Non-HTML Page in Google Chrome (prior to 66.0.3359.117)
Arbitrary Code Execution Vulnerability in Google Chrome Developer Tools Network Handler
Clickjacking Vulnerability in Google Chrome Prior to 66.0.3359.117
Domain Spoofing Vulnerability in Google Chrome on iOS (prior to 66.0.3359.117)
CSP Bypass Vulnerability in Blink in Google Chrome (prior to 66.0.3359.117)
Bypassing OS Malware Checks in Google Chrome File Downloads
WebAssembly Nullptr Dereference Vulnerability in Google Chrome
Autofill Vulnerability in Google Chrome (prior to 66.0.3359.117) Allows Remote Information Disclosure
Double-eviction Vulnerability in Google Chrome's Incognito Mode Cache
Omnibox Spoofing Vulnerability in Google Chrome
Integer Overflow Vulnerability in PDFium in Google Chrome
Privilege Escalation via Insufficient Input Validation in Google Chrome (CVE-2018-6126)
WebAssembly Type Confusion Vulnerability in Google Chrome
Use After Free Vulnerability in Google Chrome (CVE-2018-6149)
Type Confusion Vulnerability in ReadableStreams in Google Chrome
Insufficient Policy Enforcement in USB in Google Chrome on Windows Prior to 67.0.3396.62: Remote Information Disclosure Vulnerability
Out of Bounds Memory Write Vulnerability in Skia in Google Chrome
Sandbox Escape Vulnerability in Google Chrome's IndexDB Prior to 67.0.3396.62
Domain Spoofing Vulnerability in WebKit on Google Chrome for iOS
Out of Bounds Array Access Vulnerability in WebRTC in Google Chrome
Out of Bounds Memory Access Vulnerability in WebRTC in Google Chrome
WebAssembly Object Lifecycle Issue in Google Chrome: Remote Heap Corruption Vulnerability
Uninitialized Data Vulnerability in WebRTC in Google Chrome (CVE-2018-6149)
Domain Spoofing Vulnerability in Google Chrome
Bypassing No-Referrer Policy in Google Chrome: Information Leak Vulnerability
Domain Spoofing Vulnerability in Google Chrome (prior to 67.0.3396.62)
Out of Bounds Memory Read Vulnerability in V8 Engine
Cross-Origin Data Leakage via CSS Paint API in Google Chrome
Bypassing Navigation Restrictions via Crafted Chrome Extension in Google Chrome (CVE-2018-6148)
Arbitrary Code Execution via Insufficient Target Checks in Chrome Debugger API
Arbitrary Code Execution via Malicious Chrome Extension in Google Chrome (CVE-2018-6148)
Out of Bounds Memory Read Vulnerability in Skia Image Filter in Google Chrome
Out of Bounds Memory Read Vulnerability in V8 in Google Chrome
Out of Bounds Memory Read Vulnerability in V8 in Google Chrome (CVE-2018-6122)
PDFium Off-by-One Error Allows Remote Memory Write via Crafted PDF File
Bypassing Same Origin Policy via Crafted HTML Page in Google Chrome (CVE-2018-6149)
Insecure Text Entry Mode in Google Chrome on Mac Prior to 67.0.3396.62
Bypassing Navigation Restrictions in Google Chrome via Content Security Policy Implementation Vulnerability
Type Confusion Vulnerability in Google Chrome (prior to 67.0.3396.87) Allows Remote Out-of-Bounds Memory Write
CORS Vulnerability in ServiceWorker in Google Chrome (prior to 66.0.3359.117) Allows Cross-Origin Data Leakage
Out of Bounds Memory Read Vulnerability in Google Chrome DevTools
Unconditional Marking of Downloaded Files as Safe in Google Chrome Allows Sandbox Escape
Out of Bounds Memory Write Vulnerability in Skia in Google Chrome
Heap Corruption Vulnerability in WebGL in Google Chrome (prior to 68.0.3440.75)
Heap Corruption Vulnerability in Google Chrome VP8 Parser
WebRTC Packet Length Derivation Vulnerability
WebRTC Type Confusion Vulnerability in Google Chrome
Race Condition Vulnerability in Oilpan in Google Chrome
Information Disclosure Vulnerability in Google Chrome ServiceWorker
Omnibox Spoofing Vulnerability in Google Chrome (prior to 68.0.3440.75)
Bypassing Same Origin Policy in Blink in Google Chrome prior to 68.0.3440.75
Heap Corruption Vulnerability in WebGL in Google Chrome on Mac
Domain Spoofing Vulnerability in Google Chrome URL Formatter
Cross-Origin Data Leakage in Google Chrome Prior to 68.0.3440.75
Omnibox Spoofing Vulnerability in Google Chrome
Domain Spoofing Vulnerability in Google Chrome URL Formatter
Domain Spoofing Vulnerability in Google Chrome
Remote Information Leak Vulnerability in Google Chrome Media Engine
Unwanted Extension Installation Vulnerability in Google Chrome
PDFium Heap Corruption Vulnerability
Bluetooth Use After Free Vulnerability in Google Chrome
Domain Spoofing Vulnerability in Google Chrome URL Formatter
Domain Spoofing Vulnerability in Google Chrome URL Formatter
Arbitrary Code Execution via Integer Overflow in Swiftshader
Domain Spoofing Vulnerability in Google Chrome URL Formatter
Privilege Escalation via Crafted Chrome Extension in Google Chrome
Cross-Origin Information Leak in Google Chrome's Media Engine
Vulnerability: Chrome Extension Allows Hiding of Security UI in Google Chrome DevTools
File Access Permission Vulnerability in Google Chrome Extensions
Arbitrary Password Setting Vulnerability in Online Voting System 1.0
Vulnerability: Bad Input Bypassing TinyMCE in Mahara
Insecure Named Pipe Creation in BitDefender Total Security 2018: Privilege Escalation and Denial of Service Vulnerability
Directory Traversal Vulnerability in ZEIT Next.js 4 before 4.2.3
Incorrect Default ACL Values in Cloudera Navigator Key Trustee KMS Allow Remote Access to Purge and Undelete API Calls on Encryption Zone Keys
SSRF Vulnerability in Citrix NetScaler VPX through NS12.0 53.13.nc
Heap-based Buffer Overflow in Artifex MuPDF 1.12.0's do_pdf_save_document Function
Information Disclosure in Django AuthenticationForm
XSS Vulnerability in F-Secure Radar (on-premises) before 2018-02-15 via Tags Parameter
Cross-Site Scripting (XSS) Vulnerability in Netis WF2419 V3.2.41381 MAC Filtering Description Field
Integer Overflow in js_strtod Function in Artifex MuJS
Denial of Service Vulnerability in Artifex MuPDF 1.12.0
Cross-Site Scripting (XSS) Vulnerability in Routers2 2.24 via 'rtr' GET Parameter
Cross-Site Scripting (XSS) Vulnerability in Splashing Images Plugin for WordPress
PHP Object Injection vulnerability in Splashing Images plugin (wp-splashing-images) before 2.1.1 for WordPress
Infinite Recursion Vulnerability in w3m HTMLlineproc0
NULL Pointer Dereference Vulnerability in w3m through 0.5.3
Symlink Attack Vulnerability in w3m through 0.5.3
Open Redirect Vulnerability in vBulletin 3.x.x and 4.2.x through 4.2.5
eScan Antivirus 14.0.1400.2029 Local Denial of Service Vulnerability
eScan Antivirus 14.0.1400.2029 Local Denial of Service Vulnerability in econceal.sys Driver
eScan Antivirus 14.0.1400.2029 Local Denial of Service Vulnerability
Denial of Service Vulnerability in Max Secure Anti Virus 19.0.3.019
Denial of Service Vulnerability in Max Secure Anti Virus 19.0.3.019
Denial of Service and Potential Impact Vulnerability in Max Secure Anti Virus 19.0.3.019
Denial of Service Vulnerability in Max Secure Anti Virus 19.0.3.019
Denial of Service Vulnerability in Max Secure Anti Virus 19.0.3.019
Denial of Service Vulnerability in Max Secure Anti Virus 19.0.3.019
Hardcoded rostel Account Vulnerability in D-Link DIR-620 Devices
OS Command Injection Vulnerability in D-Link DIR-620 Devices with Customized Firmware
Reflected Cross-Site Scripting (XSS) Vulnerability in D-Link DIR-620 Devices
Hardcoded Password Vulnerability in D-Link DIR-620 Devices
Denial of Service Vulnerability in Kingsoft WPS Office 10.1.0.7106 and 10.2.0.5978
Arbitrary Code Execution Vulnerability in Trend Micro's User-Mode Hooking Module (UMH)
Vulnerability in Trend Micro Email Encryption Gateway 5.5 Allows Eavesdropping and Tampering of Update Data
Arbitrary File Write Vulnerability in Trend Micro Email Encryption Gateway 5.5
Unvalidated Software Update Vulnerability in Trend Micro Email Encryption Gateway 5.5
Arbitrary Logs Location Vulnerability in Trend Micro Email Encryption Gateway 5.5
Vulnerability in Trend Micro Email Encryption Gateway 5.5 Allows Unauthorized Manipulation of Appliance Registration
CSRF Vulnerability in Trend Micro Email Encryption Gateway 5.5
XML External Entity Injection (XXE) Vulnerability in Trend Micro Email Encryption Gateway 5.5
Reflected Cross-Site Scripting (XSS) Vulnerabilities in Trend Micro Email Encryption Gateway 5.5 Configuration Files
Stored XSS Vulnerability in Trend Micro Email Encryption Gateway 5.5
SQL Injection Vulnerability in Trend Micro Email Encryption Gateway 5.5 Allows Arbitrary Code Execution
SQL Injection Vulnerability in Trend Micro Email Encryption Gateway 5.5 Edit Policy Script
SQL Injection Vulnerability in Trend Micro Email Encryption Gateway 5.5 Search Configuration Script
Privilege Escalation Vulnerability in Trend Micro Smart Protection Server (Standalone) Versions 3.3 and Below
Buffer Overflow Privilege Escalation Vulnerability in Trend Micro Maximum Security 2018
Buffer Overflow Privilege Escalation Vulnerability in Trend Micro Maximum Security 2018
Trend Micro Maximum Security 2018 Local Information Disclosure Vulnerability
Privilege Escalation Vulnerability in Trend Micro Maximum Security 2018
Time-of-Check Time-of-Use Privilege Escalation Vulnerability in Trend Micro Maximum Security 2018
Denial of Service Vulnerability in Trend Micro Smart Protection Server (Standalone) 3.x
Information Disclosure Vulnerability in NVIDIA Jetson TX2 Prior to R28.3
Critical Vulnerability in NVIDIA Tegra BootRom Allows Arbitrary Value Write to Physical Addresses
Unvalidated Input Parameter in NVIDIA Tegra Gralloc Module: Arbitrary Code Execution and Privilege Escalation Vulnerability
Buffer Overflow Vulnerability in NVIDIA Tegra BootROM Recovery Mode (RCM)
Vulnerability in NVIDIA Tegra TLK Widevine Trust Application: Arbitrary Code Execution, Denial of Service, and Privilege Escalation
NVIDIA Widevine Trustlet Information Disclosure Vulnerability
NVIDIA Windows GPU Display Driver Kernel Mode NULL Pointer Dereference Vulnerability
NVIDIA Windows GPU Display Driver DxgkDdiEscape Buffer Overflow Vulnerability
NULL Pointer Dereference Vulnerability in NVIDIA GPU Display Driver
NULL Pointer Dereference Vulnerability in NVIDIA Windows GPU Display Driver
NVIDIA Windows GPU Display Driver DirectX 10 Usermode Driver Memory Write Vulnerability
NVIDIA Windows GPU Display Driver DxgkDdiEscape Denial of Service Vulnerability
Infinite Recursion Denial of Service Vulnerability in NVIDIA GPU Display Driver
NVIDIA Media Server Out-of-Bounds Read Vulnerability
Vulnerability in NVIDIA GeForce Experience GameStream Feature
Potential Man-in-the-Middle (MitM) Attack Vulnerability in NVIDIA GeForce Experience GameStream Installation
Potential Information Disclosure Vulnerability in NVIDIA GeForce Experience
Local User Exploitation of NVIDIA Graphics Driver Side Channel Vulnerability
Vulnerability in NVIDIA GeForce Experience GameStream Feature Allows Code Execution and Privilege Escalation
Vulnerability in NVIDIA GeForce Experience GameStream Feature Allows Information Disclosure
Privilege Escalation Vulnerability in NVIDIA GeForce Experience
Privilege Escalation Vulnerability in NVIDIA GeForce Experience on Windows 7
Vulnerability in NVIDIA GeForce Experience Allows Information Disclosure
NVIDIA Tegra OpenMax Driver (libnvomx) Input Validation Vulnerability
NVIDIA Tegra libnvmmlite_video.so Memory Reference Vulnerability
Vulnerability in NVIDIA Jetson TX2 Kernel Driver: Non-Trusted Pointer Dereference in IOCTL Handling
NVIDIA Tegra OpenMax Driver (libnvomx) Buffer Overflow Vulnerability
Critical Cross-Site Request Forgery Vulnerability Enables Administrative Account Takeover in Kaspersky Secure Mail Gateway 1.1
Critical Vulnerability: Remote Code Execution as Root via Configuration File Injection in Kaspersky Secure Mail Gateway 1.1
Kaspersky Secure Mail Gateway 1.1 Local Privilege Escalation Vulnerability
Cross-Site Scripting Vulnerability in Kaspersky Secure Mail Gateway version 1.1
Critical Remote Code Execution Vulnerability in Saperion Web Client 7.5.2 83166
Arbitrary File Read Vulnerability in Saperion Web Client 7.5.2 83166
Critical Vulnerability: Unsecured Firmware Update in Hanwha Techwin Smartcams
Critical Vulnerability: Unencrypted Remote Control and Communications in Hanwha Techwin Smartcams
Hidden Vulnerability: Undocumented Web Interface Switching in Hanwha Techwin Smartcams
Critical Buffer Overflow Vulnerability Found in Hanwha Techwin Smartcams
Critical Remote Code Execution Vulnerability in Hanwha Techwin Smartcams
Smartcam Authentication Bypass Vulnerability
Critical Vulnerability: Remote Password Change Exploit in Hanwha Techwin Smartcams
Cloud-based Vulnerability Allows Unauthorized Camera Access and Monitoring in Hanwha Techwin Smartcams
Cloud Server Vulnerability: Denial of Service via Blocking New Camera Registration in Hanwha Techwin Smartcams
Critical Vulnerability: Denial of Service Exploit via Malformed Firmware Upload in Hanwha Techwin Smartcams
Remote Denial of Service Vulnerability in Gemalto's Sentinel LDK RTE XML Parser
Gemalto's Sentinel LDK RTE version before 7.65 Denial of Service Vulnerability
DLL Hijacking Vulnerability in Kaspersky Password Manager versions before 8.0.6.538
Heap Use-After-Free Vulnerability in LibVNC Server Code Allows Remote Code Execution
Multiple SQL Injection Vulnerabilities in SugarCRM Community Edition 6.5.26 and Below
Root Access Vulnerability on Foxconn Femtocell FEMTO AP-FC4064-T
Privileged Account Weak Default Password Vulnerability on Foxconn Femtocell
Arbitrary Code Injection via Modify Page Screen in WBCE CMS 1.3.1
Integer Overflow and Out-of-Bounds Read Vulnerability in libming
Bypassing Application Whitelisting in Ivanti Endpoint Security
Claymore Dual Miner 10.5 and Earlier: Unauthenticated Format String Vulnerability in Remote Management Interface
DLL Hijacking Vulnerability in Sophos Tester Tool 3.2.0.7 Beta
Denial of Service Vulnerability in Sophos Tester Tool 3.2.0.7 Beta
Unvalidated Host Header Vulnerability in Pulse Secure Pulse Connect Secure and Pulse Policy Secure
Unquoted Windows Search Path Privilege Escalation Vulnerability in Panda Global Protection 17.0.1
Insecure Named Pipe Creation in Panda Global Protection 17.0.1
Unsigned Integer Overflow in elf_object_p Function in libbfd
Unvalidated Redirect Vulnerability in F-Secure Radar (on-premises) before 2018-02-15
Authentication Bypass Vulnerability in Unitrends Backup (UB) User Interface
Unitrends Backup (UB) before 10.1.0 libbpext.so SQL Injection Vulnerability
Error-Based SQL Injection Vulnerability in Laravel 5.4.15 via save.php
Java Serialized Object Deserialization Vulnerability in Buck Parser-Cache Command
Denial-of-Service Vulnerability in Proxygen's Handling of Invalid HTTP2 Settings
Remote Code Execution Vulnerability in Nuclide's hhvm-attach Deep Link Handler
Improper Variable Registration in Global Scope in Multipart-File Uploads
Denial-of-Service Vulnerability in HHVM's Proxygen Server when Parsing Malformed h2 Frame
Code Signing Bypass in osquery Prior to v3.2.7
Insecure Buffer Reuse in folly::secureRandom during fork()
Stack Overflow Vulnerability in WhatsApp for Android and WhatsApp Business for Android
Out-of-Bounds Read Vulnerability in Memcache::getextendedstats Function in HHVM
Cross-Site Scripting (XSS) Vulnerability in ReactDOMServer API
Arbitrary Command Execution Vulnerability in react-dev-utils on Windows
Denial of Service Vulnerability in Proxygen's Certificate/CertificateRequest Parsing
WhatsApp Heap Corruption Vulnerability
Heap Overflow Vulnerability in number_format Function
Circular Dependency Denial-of-Service Vulnerability in Proxygen HTTP2 Priority Handling
Denial-of-Service Vulnerability in Proxygen's HTTP2 Header/Trailer Parsing
Stack-based overflow vulnerability in WhatsApp for Android and WhatsApp Business for Android prior to 2.18.248 and 2.18.132 respectively
WhatsApp Vulnerability: Out-of-Bounds Read in RTP Extension Headers Parsing
Excessive Iteration Denial of Service Vulnerability in PoDoFo 0.9.5
Arbitrary Code Execution Vulnerability in Electrum Python Console
Cross-Site Scripting (XSS) vulnerability in Formspree before 2018-01-23 via _next parameter in templates/forms/thanks.html
Unauthenticated Stored Cross Site Scripting in iBall 300M Devices
Path Traversal Vulnerability in Jenkins
CSRF and XSS Vulnerability in acurax-social-media-widget Plugin for WordPress
Heap-based Buffer Overflow in printDefineFont2 function in libming
Use-after-free vulnerability in decompileIF function in libming through 0.4.8
Arbitrary Code Execution via Crafted Web Site in mpv
XSS Vulnerability in Easy Hosting Control Panel (EHCP) v0.37.12.b via op Parameter
XSS Vulnerability in Easy Hosting Control Panel (EHCP) v0.37.12.b via domainop Action Parameter
SQL Injection Vulnerability in Task Rabbit Clone 1.0 via single_blog.php id Parameter
SQL Injection in Multilanguage Real Estate MLM Script 3.0 via /product-list.php srch parameter
SQL Injection Vulnerability in TSiteBuilder 1.0 via id Parameter
SQL Injection in Vastal I-Tech Buddy Zone Facebook Clone 2.9.9 via request_id or category parameter
SQL Injection Vulnerability in JomEstate PRO through 3.7 Component for Joomla!
SQL Injection Vulnerability in NeoRecruit 4.1 Component for Joomla!
SQL Injection Vulnerability in JB Bus 2.3 Component for Joomla! via order_number Parameter
SQL Injection Vulnerability in Fastball 2.5 Component for Joomla! via season Parameter in view=player Action
Insecure SSL Certificate Validation in Pulse Secure Desktop Linux Clients
SQL Injection Vulnerability in Joomla! Hathor Postinstall Message
XSS Vulnerability in Multiple Field Types in Joomla! before 3.8.4
XSS Vulnerability in Joomla! Core Media Manager
XSS Vulnerability in Joomla! Uri Class (CVE-2018-xxxx)
XSS Vulnerabilities in Joomla! Module Chromes
Segmentation Fault Vulnerability in ZZIPlib 0.13.56-0.13.67
SQL Injection Vulnerability in MantisBT 2.10.0 via vendor/adodb/adodb-php/server.php
Incomplete Forbidden Types List in Monstra CMS Allows Arbitrary PHP Code Execution
Unquoted Windows Search Path Vulnerability in NSClient++
Hardcoded Password Vulnerability in iBall iB-WRA150N 1.2.6 Build 110401 Rel.47776n Devices
Remote Command Execution in iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n Devices via Ping Test Arguments
WordPress Denial of Service Vulnerability through Large List of Registered .js Files
Memory Block Size Validation Vulnerability in Kingsoft WPS Office 10.1.0.7106 and 10.2.0.5978
Netis WF2419 V2.2.36123 Devices Vulnerable to Cross-Site Request Forgery Attack: Address Reservation List Deletion
Out-of-Array Access Vulnerability in FFmpeg's filter_slice Function
Post-Authentication SQL Injection Vulnerability in FreePBX
SQL Injection Vulnerability in InviteX 3.0.5 Component for Joomla!
SQL Injection Vulnerability in Visual Calendar 3.1.3 Component for Joomla!
SQL Injection Vulnerability in Google Map Landkarten Component for Joomla!
Directory Traversal Vulnerability in Picture Calendar 3.1.4 Component for Joomla!
SQL Injection Vulnerability in CP Event Calendar 3.0.1 Component for Joomla!
Insecure Named Pipe Creation in Kingsoft WPS Office Free 10.2.0.5978
Undocumented Admin Account with Blank Password in Meross MSS110 Devices
Vulnerability: Forced Deauthentication and Connection to Unencrypted Wi-Fi Network on Ecobee Ecobee4 4.2.0.171 Devices
Memory Leak Vulnerability in ReadDCMImage Function in ImageMagick
Unvalidated Child Frame Length in libwebm Allows Information Leak and Denial of Service
Denial of Service Vulnerability in Conceptronic CIPCAMPTIWL V3 0.61.30.21 Devices
CSRF Vulnerability in Conceptronic CIPCAMPTIWL V3 0.61.30.21 Devices
Path Traversal Vulnerability in Appnitro MachForm
SQL Injection Vulnerability in Appnitro MachForm's download.php
SQL Injection Vulnerability in Appnitro MachForm
Arbitrary Information Leakage Vulnerability in sbusfb_ioctl_helper() Function
Buffer Overflow Vulnerability in Hikvision Camera DS-2CD9111-S (V4.1.2 build 160203 and earlier) Allows Remote Denial of Service Attack
Buffer Overflow Vulnerability in Hikvision IP Cameras' Web Server
Vulnerability: File Copy Bypass in Brocade Fabric OS Versions
Session ID Interception and Manipulation Vulnerability in Brocade Fabric OS
Root Access Vulnerability in Brocade Fabric OS CLI Versions Before 8.2.1
Root Access Vulnerability in Brocade Fabric OS CLI
Escape from Restricted Shell Vulnerability in Brocade Fabric OS CLI
Root Access Vulnerability in Brocade Fabric OS CLI Versions
Root Access Vulnerability in Brocade Fabric OS CLI Versions Before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d
Proxy Service Vulnerability in Brocade Fabric OS
Arbitrary Environment Variable Injection Vulnerability in Brocade Fabric OS
Remote Code Execution Vulnerability in Brocade Webtools Firmware Update Section
Undocumented User Credentials Vulnerability in Brocade Network Advisor Versions before 14.3.1
Remote Code Execution and OS Command Injection Vulnerability in Brocade Network Advisor
Critical Vulnerability in Brocade Network Advisor: Unauthorized Access to User Database and Password Extraction
Undocumented User Credentials Exploit in Brocade Network Advisor Version Before 14.3.1
Session Hijacking Vulnerability in Brocade Fabric OS HTTP Management Interface
Denial of Service Vulnerability in Brocade Fabric OS Management Interface
Brocade Fabric OS HTTP Management Interface Host Header Injection Vulnerability
Cross-Site Request Forgery (CSRF) Vulnerability in Easy Hosting Control Panel (EHCP) v0.37.12.b
Denial of Service Vulnerability in strongSwan 5.6.1
Unauthenticated Information Disclosure in Hotspot Shield Webserver
Insecure Library Loading Vulnerability in March Hare WINCVS and CVS Suite
Arbitrary Code Execution Vulnerability in Tracker PDF-XChange Viewer and Viewer AX SDK
XSS Vulnerability in Simditor v2.3.11 via SVG Onload in TEXTAREA
Cross-Site Scripting (XSS) Vulnerability in PropertyHive Plugin for WordPress
Cross-Site Scripting (XSS) Vulnerability in flickrRSS Plugin for WordPress
CSRF Vulnerability in flickrRSS Plugin 5.3.1 for WordPress
Cross-Site Scripting (XSS) Vulnerability in flickrRSS Plugin for WordPress
Arbitrary Web Script Injection Vulnerability in flickrRSS Plugin for WordPress
DS_Store Information Leakage Vulnerability in Nibbleblog 4.0.5 on macOS
Denial of Service Vulnerability in SUPERAntiSpyware Professional Trial 6.0.1254
Denial of Service Vulnerability in SUPERAntiSpyware Professional Trial 6.0.1254
Denial of Service Vulnerability in SUPERAntiSpyware Professional Trial 6.0.1254
Denial of Service Vulnerability in SUPERAntiSpyware Professional Trial 6.0.1254
DLL Hijacking Vulnerability in SUPERAntiSpyware Professional Trial 6.0.1254 Allows Escalation of Privileges
Privilege Escalation Vulnerability in SUPERAntiSpyware Professional Trial 6.0.1254
Netwave IP Camera Devices: Denial of Service Vulnerability
Type Confusion Vulnerability in CCN-lite 2 Leads to Memory Access Violation and Nonce Failure
Buffer Overflow Vulnerability in Disk Savvy Enterprise v10.4.18 Control Protocol
Memory Alignment Error and Bus Error in __zzip_fetch_disk_trailer Function of ZZIPlib 0.13.67
Integer Overflow in GNU C Library's posix_memalign and memalign Functions
XML External Entity (XXE) Injection Vulnerability in Micro Focus Fortify Audit Workbench and Software Security Center
Remote Information Disclosure Vulnerability in Micro Focus Universal CMDB Foundation Software
Remote Arbitrary Code Execution Vulnerability in Micro Focus Universal CMDB (Versions 4.10-4.12)
Exploiting XML External Entity (XXE) Vulnerability in Micro Focus Project and Portfolio Management Center 9.32
Remote Denial of Service Vulnerability in Micro Focus Operations Orchestration Software, version 10.x
Remote Exploitation of Local Escalation of Privilege Vulnerability in Micro Focus Universal CMDB
Persistent Cross-Site Scripting and HTML Injection Vulnerabilities in HP Network Operations Management Ultimate and Network Automation
Remote SQL Injection Vulnerability in HP Network Operations Management Ultimate and Network Automation
HP Service Manager Software Web Tier Remote SQL Injection Vulnerability
Remote Cross-Site Scripting (XSS) Vulnerability in Micro Focus Universal CMDB and UCMDB Browser
Vulnerability in UCMBD Browser Allows for Remote Cross-Site Request Forgery (CSRF) and Unsafe Deserialization
Vulnerability: Remote Cross-Site Request Forgery (CSRF) and Unsafe Deserialization in UCMBD and CMS Servers
Critical Remote Code Execution Vulnerability in Hybrid Cloud Management and Operations Bridge Containerized Suites
Remote Code Execution Vulnerability in Multiple Micro Focus Products
Remote Directory Traversal Vulnerability in ArcSight Management Center (ArcMC)
Insufficient Access Controls Vulnerability in ArcSight Management Center (ArcMC) Versions Prior to 2.81
Reflected Cross-Site Scripting (XSS) Vulnerability in ArcSight Management Center (ArcMC) Versions Prior to 2.81
Critical Access Control Vulnerability in ArcSight Management Center (ArcMC) Versions Prior to 2.81
Cross-Site Request Forgery (CSRF) Vulnerability in ArcSight Management Center (ArcMC) Versions Prior to 2.81
Unauthenticated File Download Vulnerability in ArcSight Management Center (ArcMC) Versions Prior to 2.81
Cross-Site Scripting (XSS) Vulnerability in miniBB 3.2.2 Administrative Panel's Add Forum Feature
Remote Execution Bug in Puppet Enterprise 2017.3.x
Cross-Site Scripting Vulnerability in Puppet Enterprise Console
Cross-Site Scripting Vulnerability in Puppet Enterprise Console
Unsafe Code Execution Vulnerability in Puppet Enterprise 2018.1.x and pe-razor-server
Privilege Escalation through Custom Facts in Puppet Enterprise and Puppet Agent
DLL Preloading Vulnerability in Puppet Agent and Facter on Windows
Privilege Escalation Vulnerability in Puppet Agent on Windows
Arbitrary Code Execution and Privilege Escalation in Puppet PE Client Tools on Windows
Unconfirmed Host Fingerprint Addition Vulnerability
XSS Vulnerability in Composr CMS 10.0.13 via site_name Parameter
SAML2 Library Denial of Service Vulnerability for Fraction-of-Seconds Timestamps
Open Redirect Vulnerability in SimpleSAMLphp before 1.15.2
SQL Injection Vulnerability in SimpleSAMLphp's sqlauth Module
Denial of Service and Potential Impact Vulnerability in nProtect AVS V4.0
Denial of Service Vulnerability in nProtect AVS V4.0
Denial of Service Vulnerability in nProtect AVS V4.0
Denial of Service and Potential Impact Vulnerability in nProtect AVS V4.0
Path Disclosure Vulnerability in MantisBT 2.10.0-development
XSS Vulnerability in D-Link DIR-868L, DIR-865L, and DIR-860L Allows Remote Cookie Reading
XSS Vulnerability in D-Link DIR-868L, DIR-865L, and DIR-860L Allows Remote Cookie Reading
XSS Vulnerability in D-Link DIR-868L, DIR-865L, and DIR-860L Allows Cookie Theft
Remote OS Command Injection Vulnerability in D-Link Routers
Memory Exhaustion Vulnerability in Icinga 2.x through 2.8.1
Privilege Escalation Vulnerability in Icinga 2.x through 2.8.1
NULL Pointer Dereference Vulnerability in Icinga 2.x through 2.8.1
Password Disclosure Vulnerability in Icinga 2.x through 2.8.1
Privilege Escalation via Icinga2.pid File Manipulation
Buffer Overflow Vulnerability in Flexense SyncBreeze Enterprise v10.4.18 Control Protocol
Bus Error Vulnerability in ZZIPlib 0.13.67 Allows Remote Denial of Service
Bus Error Vulnerability in ZZIPlib 0.13.67 Allows for Denial of Service via Crafted Zip File
Bus Error Vulnerability in ZZIPlib 0.13.67
Integer Overflow in GNU Binutils 2.30: Denial of Service Vulnerability
Denial of Service Vulnerability in Artifex MuPDF 1.12.0
Stored Cross-Site Scripting (XSS) Vulnerability in Ipswitch MoveIt v8.1
Unauthenticated Remote Code Execution in plays.tv Service
Unauthenticated Remote Code Execution in plays.tv Service
Use-after-free vulnerability in libwebm through 2018-02-02
XSS Vulnerability in Monstra CMS 3.0.4: Title Function in pages.plugin.php
Heap Corruption Vulnerability in GNU C Library (glibc) on PowerPC and i386
Apport Local Privilege Escalation and Container Escape Vulnerability
CUPS AppArmor Profile Hard Link Confinement Escape Vulnerability
Memory Leak Vulnerability in Linux Kernel's AF_IRDA Socket Binding
Use-after-free vulnerability in irda_setsockopt function in Linux kernel before 4.17
Unconditional Path Opening Vulnerability in lxc-user-nic
Improper Handling of Temporary Files in MOTD Update Script in Ubuntu 18.04 LTS and 18.10
Privilege Escalation via Incorrect Group ID Restoration in pam_fscrypt
OverlayFS Mount Vulnerability in Linux Kernel
Sandbox Escape Vulnerability in Flatpak Proxy
XSS Vulnerability in dijit.Editor of Dojo Toolkit 1.13 via SVG onload Attribute
JSONP Hijacking Vulnerability in totemomail Encryption Gateway
CSRF Vulnerabilities in totemomail Encryption Gateway before 6.0.0_Build_371
Unauthenticated Access to /ADMIN.ASP in West Wind Web Server 6.x
Remote Command Execution Vulnerability in Go's go get Command
SQL Injection Vulnerability in JEXTN Classified 1.0.0 Component for Joomla!
SQL Injection in Event Manager 1.0 via event.php and page.php parameters
SQL Injection Vulnerability in JEXTN Membership 3.1.0 Component for Joomla!
SQL Injection Vulnerability in JE PayperVideo 3.0.0 Component for Joomla!
SQL Injection Vulnerability in JEXTN Reverse Auction 3.1.0 Component for Joomla! via view=products&uid= Request
Arbitrary File Upload Vulnerability in Jimtawl Component for Joomla!
SQL Injection Vulnerability in JMS Music 1.1.1 Component for Joomla!
SQL Injection Vulnerability in Zh GoogleMap 8.4.0.0 Component for Joomla!
SQL Injection Vulnerability in Timetable Responsive Schedule 1.5 Component for Joomla!
SQL Injection Vulnerability in DT Register 3.2.7 Component for Joomla!
SQL Injection Vulnerability in JTicketing 2.0.16 Component for Joomla!
Stored Cross-Site Scripting Vulnerability in CA API Developer Portal 3.5 CR6
Reflected Cross-Site Scripting Vulnerability in CA API Developer Portal 3.5 CR6
Reflected Cross-Site Scripting Vulnerability in CA API Developer Portal 3.5 CR5
Denial of Service Vulnerability in CA Spectrum 10.1 and 10.2.x
Unspecified Reflected Cross-Site Scripting Vulnerability in CA API Developer Portal 4.x
Lack of Safe Publication Configuration in Converse.js and Inverse.js Allows Information Disclosure
Improper Memory Cleanup in Unisys Stealth 3.3 Windows Endpoints
Privilege Escalation via Improper Access Control in MalwareFox AntiMalware
Weak ElGamal Key Parameter Vulnerability in PyCrypto
Timing Attack Vulnerability in Anymail's Webhooks Authorization
Hidden Privilege Escalation Vulnerability in Alcatel A30 Device
Unprotected Component Allows Unauthorized Factory Reset on Orbic Wonder Devices
Vulnerability: Unauthorized Access to Android Log on Orbic Wonder Devices
Vulnerability: Cross-Site Scripting (XSS), HTTP Response Splitting, and CRLF Injection in Promise Technology WebPam Pro-E Devices via PHPSESSID Cookie
SQL Injection Vulnerability in Zh YandexMap 6.2.1.0 Component for Joomla!
SQL Injection Vulnerability in Zh BaiduMap 3.0.0.1 Component for Joomla!
Privilege Escalation Vulnerability in MalwareFox AntiMalware 2.74.0.150
WebRTC in Opera 51.0.2830.55 Vulnerability: Private IP Address Disclosure in STUN Request
SQL Injection Vulnerability in JSP Tickets 1.1 Component for Joomla!
Information Leakage in jLike 1.0 Component for Joomla! via getUserByCommentId Request
Out-of-Bounds Read Vulnerability in OpenMPT and libopenmpt
Integer Underflow Vulnerability in jhead 3.00's process_EXIF Function
Excessive Iteration Denial of Service Vulnerability in OpenJPEG 2.3.0
Password Change Vulnerability in Easy Hosting Control Panel (EHCP) v0.37.12.b
Cleartext Password Storage Vulnerability in Easy Hosting Control Panel (EHCP) v0.37.12.b
Weak Hashing Algorithm and Lack of Salt in EHCP v0.37.12.b Expose Database Passwords to Attackers
Out-of-Array Read Denial of Service Vulnerability in FFmpeg's decode_frame Function
Vulnerability: Insecure Handling of Abnormal S3 Sleep Clears TPM 2.0 and Compromises Security Features
Privilege Escalation via Arbitrary Code Execution in Hola 1.79.859
Authentication Bypass Vulnerability in OMRON NS Devices 1.1 through 1.3
Denial of Service Vulnerability in WatchDog Anti-Malware 2.74.186.150
Denial of Service Vulnerability in Micropoint Proactive Defense Software 2.0.20266.0146
Denial of Service Vulnerability in WatchDog Anti-Malware 2.74.186.150
Denial of Service Vulnerability in Micropoint Proactive Defense Software 2.0.20266.0146
Denial of Service Vulnerability in Micropoint Proactive Defense Software 2.0.20266.0146
Denial of Service Vulnerability in Micropoint Proactive Defense Software 2.0.20266.0146
Denial of Service Vulnerability in Micropoint Proactive Defense Software 2.0.20266.0146
Denial of Service Vulnerability in Micropoint Proactive Defense Software 2.0.20266.0146
Denial of Service Vulnerability in Micropoint Proactive Defense Software 2.0.20266.0146
Persistent Unauthorized Access Vulnerability in Parsec Windows 142-0 and Parsec 'Linux Ubuntu 16.04 LTS Desktop' Build 142-1
SMGR-26896: SSL Authentication Bypass in Avaya Aura System Manager
MathType 6.9c Stack-Based Buffer Overflow (Remote Code Execution) Vulnerability
Design Science MathType 6.9c Out-of-Bounds Write Remote Code Execution Vulnerability
Heap Overflow Vulnerability in Design Science MathType 6.9c
Arbitrary Free Vulnerability in Design Science MathType 6.9c
Reflected Cross-Site Scripting Vulnerability in Infoblox NetMRI 7.1.1 via /api/docs/index.php
Null Pointer Denial of Service Vulnerability in SBLIM Small Footprint CIM Broker (SFCB) 1.4.9
Arbitrary Origin Header Validation Vulnerability in uncurl
Insecure TLS Cipher Suite Selection in comforte SWAP and comforte Secur Products
Authentication Token Exposure in Grammarly Extension for Chrome
Stored XSS Vulnerability in PHP Scripts Mall Doctor Search Script 1.0.2 via Arbitrary Profile Field
CSRF Vulnerability in Z-BlogPHP 1.5.1 via zb_users/plugin/AppCentre/app_del.php
Unsanitized User Input Leads to Reflected Cross-Site Scripting in McAfee ePolicy Orchestrator (ePO)
Directory Traversal Vulnerability in McAfee ePolicy Orchestrator (ePO) Allows Bypassing File Extensions via Windows Alternate Data Streams
Privilege Elevation through DLL Side-Loading in McAfee True Key
Privilege Escalation in McAfee Management of Native Encryption (MNE) before 4.1.4
Bypassing Product Block Action in McAfee Data Loss Prevention Endpoint
Authentication Bypass Vulnerability in McAfee Web Gateway Administrative User Interface
Whitelist Bypass Vulnerability in McAfee Application Control / Change Control 7.0.1 and Earlier
Whitelist Bypass Vulnerability in McAfee Application Control / Change Control 7.0.1 and Earlier
External Entity Attack Vulnerability in McAfee Common UI (CUI) 2.0.2 Extension
Application Protection Bypass Vulnerability in McAfee ePolicy Orchestrator (ePO)
McAfee ePolicy Orchestrator (ePO) Information Disclosure Vulnerability
Privilege Escalation Vulnerability in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 13
Elevated Privilege Directory Traversal Vulnerability in McAfee Web Gateway (MWG) MWG 7.8.1.x
Arbitrary Command Execution Vulnerability in McAfee Web Gateway (MWG) Administrative Interface
Arbitrary HTML Code Reflection Vulnerability in McAfee Network Security Management (NSM)
Cross Site Scripting Vulnerability in McAfee True Key (TK) 4.0.0.0 and earlier
Access Control Bypass Vulnerability in McAfee Data Loss Prevention (DLP) for Windows
TPM Autoboot Authentication Bypass Vulnerability in McAfee Drive Encryption
Infinite Loop Vulnerability in McAfee GetSusp 3.0.0.461 and Earlier
McAfee Data Loss Prevention Endpoint (DLPe) Authentication Bypass Vulnerability
Arbitrary Code Execution Vulnerability in McAfee Application and Change Control (MACC) 8.0.0 Hotfix 4 and Earlier
Remote Bypass of Local Security Protection in Belkin Wemo Insight Smart Plug
Privilege Escalation Vulnerability in ENSLTP 10.5.1, 10.5.0, and 10.2.3 Hotfix 1246778 and Earlier
SSH Host Keys Generation Vulnerability in McAfee Threat Intelligence Exchange Server (TIE Server)
DLL Search Order Hijacking Vulnerability in McAfee True Key (TK) before 5.1.165
Use After Free Vulnerability in McAfee Agent (MA) 5.x prior to 5.6.0 Allows Remote Code Execution via Crafted HTTP Header
Privilege Escalation Vulnerability in McAfee Agent for Linux
Privilege Escalation Vulnerability in McAfee Agent for Linux
Insecure Handling of Temporary Files in McAfee Agent Installation on Linux
Denial of Service and Unauthorized Code Execution Vulnerability in McAfee Agent
Local Privilege Escalation Vulnerability in McAfee True Key (TK) 5.1.230.7 and earlier
Local Privilege Escalation Vulnerability in McAfee True Key (TK) 5.1.230.7 and earlier on Microsoft Windows Client
Privilege Escalation Vulnerability in McAfee True Key for Windows Client
Stack-based Buffer Overflow in uwsgi_expand_path Function
Unchecked strnlen operation in bfd_get_debug_link_info_1 function leads to denial of service vulnerability in GNU Binutils 2.30
Arbitrary Command Execution Vulnerability in libvirt's LXC Container Protection Mechanism
Arbitrary Code Execution Vulnerability in Swisscom MySwisscomAssistant 2.17.1.1065
Arbitrary Code Execution Vulnerability in Swisscom TVMediaHelper 1.1.0.50
Stack-based Buffer Over-read in ParseRiffHeaderConfig Function of WavPack 5.1.0
Denial of Service Vulnerability in Jiangmin Antivirus 16.0.0.100
Denial of Service Vulnerability in Jiangmin Antivirus 16.0.0.100
Denial of Service Vulnerability in Jiangmin Antivirus 16.0.0.100
Denial of Service Vulnerability in Jiangmin Antivirus 16.0.0.100
Denial of Service Vulnerability in Jiangmin Antivirus 16.0.0.100
Denial of Service Vulnerability in Jiangmin Antivirus 16.0.0.100
Denial of Service Vulnerability in Jiangmin Antivirus 16.0.0.100
Denial of Service Vulnerability in Jiangmin Antivirus 16.0.0.100
Denial of Service Vulnerability in Jiangmin Antivirus 16.0.0.100
Denial of Service Vulnerability in Jiangmin Antivirus 16.0.0.100
Denial of Service Vulnerability in Jiangmin Antivirus 16.0.0.100
Denial of Service Vulnerability in Jiangmin Antivirus 16.0.0.100
Denial of Service Vulnerability in Jiangmin Antivirus 16.0.0.100
Denial of Service Vulnerability in Jiangmin Antivirus 16.0.0.100
Denial of Service Vulnerability in Jiangmin Antivirus 16.0.0.100
Denial of Service Vulnerability in Jiangmin Antivirus 16.0.0.100
Denial of Service Vulnerability in Jiangmin Antivirus 16.0.0.100
Denial of Service Vulnerability in Jiangmin Antivirus 16.0.0.100
Denial of Service Vulnerability in Jiangmin Antivirus 16.0.0.100
Denial of Service Vulnerability in Jiangmin Antivirus 16.0.0.100
Denial of Service Vulnerability in Jiangmin Antivirus 16.0.0.100
Remote Code Execution Vulnerability in Exim SMTP Listener
Remote IP Address Discovery in KDE Plasma Workspace
Arbitrary Command Execution Vulnerability in KDE Plasma Workspace
Multiple SQL Injection Vulnerabilities in Saifor CVMS HUB 1.3.1
HTTP Detection Bypass Vulnerability in Suricata
Stored XSS Vulnerability in PHP Scripts Mall Naukri Clone Script 3.0.3
Stored XSS Vulnerability in PHP Scripts Mall Multilanguage Real Estate MLM Script 3.0
Heap-based Buffer Overflow in Perl Regular Expression Processing
Heap-based Buffer Over-read in Perl 5.22 through 5.26
Heap Overwrite Vulnerability in GraphicsMagick's AcquireCacheNexus Function
Arbitrary File Read Vulnerability in Marked 2 through 2.5.11
Arbitrary File Download Vulnerability in NetScaler ADC and Gateway
Remote Privilege Escalation in NetScaler ADC and NetScaler Gateway
NetScaler ADC and Gateway Directory Traversal Vulnerability
Cross-Site Scripting (XSS) Vulnerabilities in Citrix NetScaler ADC and NetScaler Gateway
Unprotected XPC Service in PureVPN 6.0.1 on macOS Allows Root-Level Command Execution
Unprotected XPC Service in Mailbutler Shimo VPN Client Allows Root Script Execution
Cozy Version 2 XSS Vulnerability: Remote Administrative Access via URL Parameter
Hardcoded SSH Server Vulnerability in VOBOT CLOCK Devices
Cleartext HTTP Vulnerability in VOBOT CLOCK Allows Arbitrary Code Execution
Insecure SSL Certificate Verification in VOBOT CLOCK before 0.99.30
Improper Encoding in Libgcrypt's ElGamal Implementation Allows Ciphertext-Only Attacks
Directory Traversal Vulnerability in Foscam Cameras
Arbitrary Command Execution via ntpServer Argument in Foscam Cameras
Stack-based Buffer Overflow in Foscam Cameras C1 Lite V3 and C1 V3 Firmware 2.82.2.33 and Earlier
Cross-Site Scripting (XSS) Vulnerability in Etherpad Lite v1.6.3 and Earlier
JSONP Mishandling in Etherpad Lite Allows Bypass of Access Restrictions
Uninitialized Memory Address Vulnerability in Wireshark's netmonrec_comment_destroy Function
XSS Vulnerability in Kentico 10 and 11 Allows for Improper Construction of System Page
SQL Injection Vulnerability in Kentico 10 and 11 Administration Interface
XSS Vulnerability in MyBB 1.8.14 Edit Forum Screen
XSS Vulnerability in PHP Scripts Mall Multi Language Olx Clone Script 2.0.6
Path Disclosure Vulnerability in Z-BlogPHP 1.5.1
WebRTC Vulnerability: Private IP Address Disclosure in DuckDuckGo 4.2.0
Local Privilege Escalation via IOCTL 0x80206040 in Sophos SafeGuard Enterprise, SafeGuard Easy, and SafeGuard LAN Crypt
Local Privilege Escalation via IOCTL 0x80202298 in Sophos SafeGuard Enterprise, SafeGuard Easy, and SafeGuard LAN Crypt
Local Privilege Escalation via IOCTL 0x80206024 in Sophos SafeGuard Enterprise, SafeGuard Easy, and SafeGuard LAN Crypt
Local Privilege Escalation via IOCTLs in Sophos SafeGuard Enterprise, SafeGuard Easy, and SafeGuard LAN Crypt
Local Privilege Escalation via IOCTL 0x80202014 in Sophos SafeGuard Enterprise, SafeGuard Easy, and SafeGuard LAN Crypt
Local Privilege Escalation via IOCTL 0x8020601C in Sophos SafeGuard Enterprise, SafeGuard Easy, and SafeGuard LAN Crypt
Local Privilege Escalation via IOCTL 0x802022E0 in Sophos SafeGuard Enterprise, SafeGuard Easy, and SafeGuard LAN Crypt
XSS Vulnerability in PHP Scripts Mall Facebook Clone Script
SQL Injection Vulnerability in Schools Alert Management Script 2.0.2 via Login Parameter
Arbitrary File Upload and Remote Code Execution in PHP Scripts Mall Schools Alert Management Script 2.0.2 via Profile Picture
XSS Vulnerability in PHP Scripts Mall Lawyer Search Script 1.0.2 via Profile Update Parameter
XSS Vulnerability in PHP Scripts Mall Bitcoin MLM Software 1.0.2 via Profile Field
SQL Injection Vulnerability in PHP Scripts Mall Select Your College Script 2.0.2 via Login Parameter
XSS Vulnerability in PHP Scripts Mall Multi Religion Responsive Matrimonial 4.7.2
XSS Vulnerability in PHP Scripts Mall Learning and Examination Management System Script 2.3.1
Cross Site Scripting (XSS) Vulnerability in PHP Scripts Mall Alibaba Clone Script 1.0.2 via Profile Parameter
XSS Vulnerability in PHP Scripts Mall Slickdeals / DealNews / Groupon Clone Script 3.0.2 via User Profile Field
Uncontrolled Memory Allocation and Denial of Service Vulnerability in ZZIPlib 0.13.68
Reflected XSS vulnerability in PHP Scripts Mall Website Seller Script 2.0.3 via Listings Search feature
Arbitrary File Read Vulnerability in LibreOffice's WEBSERVICE Function
Denial of Service Vulnerability in elf_parse_notes Function of libbfd
Privilege Escalation in Auth0 Authentication Service: Unvalidated JWT Audience
CSRF Vulnerability in Auth0 Authentication Service with Legacy Lock API Flag Enabled
KeepKey Version 4.0.0 Format String Vulnerability Allows Unauthorized Information Display
Stack-based buffer under-read vulnerability in OLEProperty class in libfpx 1.3.1-10
XSS Vulnerability in PHP Scripts Mall Hot Scripts Clone Script Classified 3.1 Review Section
Remote Code Modification Vulnerability in PHP Scripts Mall Website Seller Script 2.0.3
Path Disclosure Vulnerability in EmpireCMS 6.6 through 7.2
Path Disclosure Vulnerability in EmpireCMS 6.6 via admin/tool/ShowPic.php
Arbitrary Web Script Injection via Content-Location Header in Zimbra Collaboration Suite
SQL Injection in Piwigo Administration Panel via admin/tags.php
Unauthenticated Path Traversal Vulnerability in MicroStrategy Web Services
Critical Cross-Site Request Forgery Vulnerability in Typesetter 5.1
Host Header Injection Vulnerability in Typesetter 5.1
Wolf CMS 0.8.3.1 Cross-Site Scripting (XSS) Vulnerability in Page Editing Feature
XSS Vulnerability in Bookly #1 WordPress Booking Plugin Lite
Buffer Overflow Vulnerability in CloudMe Sync Application
SQL Injection in controllers/member/Api.php in dayrui FineCms 5.2.0
XSS Vulnerability in PHP Scripts Mall Website Broker Script 3.0.6 via Last Name Field
XSS Vulnerability in PHP Scripts Mall Image Sharing Script 1.3.3 via Edit Profile Action
Email Address Validation Bypass in PHP Scripts Mall Hot Scripts Clone Script Classified v3.1
XSS Vulnerability in PHP Scripts Mall Car Rental Script 2.0.8 Edit Profile Action
XSS Vulnerability in TYPO3 Page Module via Crafted Site Name
Persistent Cross Site Scripting (XSS) Vulnerability in Green Electronics RainMachine Mini-8 (2nd Generation) and Touch HD 12 Web Application via REST API Injection
Control Vulnerability in Green Electronics RainMachine Mini-8 (2nd Gen) and Touch HD 12 Web Application
Authentication Bypass Vulnerability in Green Electronics RainMachine Mini-8 (2nd Generation) and Touch HD 12 Web Application
Clickjacking Vulnerability in Green Electronics RainMachine Mini-8 (2nd Generation) and Touch HD 12 Web Application
Path Disclosure Vulnerability in DedeCMS 5.7
Arbitrary OS Command Execution in Advantech WebAccess 8.3.0
Out-of-Array Read Denial of Service Vulnerability in FFmpeg's decode_plane Function
Heap-based Buffer Overflow in Perl's pack Function
Arbitrary Directory/File Creation Vulnerability in Ruby's Dir.mktmpdir Method
IPsec Packet Validation and Use-After-Free Vulnerability in FreeBSD
Integer Overflow Vulnerability in FreeBSD
Infinite Loop Vulnerability in FreeBSD IPsec Option Header
Memory Disclosure Vulnerability in FreeBSD
Memory Disclosure Vulnerability in FreeBSD Linux Subsystem and Atheros Wireless Driver
Memory Disclosure Vulnerability in FreeBSD Network Subsystem
TCP Reassembly Algorithm Vulnerability in FreeBSD
Excessive Resource Consumption Vulnerability in FreeBSD IP Fragment Reassembly Code
Insufficient Validation in ELF Header Parser in FreeBSD
IPv6 Protocol Control Block Flags Maintenance Vulnerability
Arbitrary OS Command Injection Vulnerability in MISP 2.4.87
Integer Overflow Vulnerability in Linux Kernel's futex_requeue Function
SQL Injection Vulnerability in PHP Scripts Mall News Website Script 2.0.4 via Search Term
Stack-based Buffer Over-read Vulnerability in ImageMagick 7.0.7-22
CSRF Vulnerability in PHP Scripts Mall Online Tutoring Script 2.0.3
XSS Vulnerability in PHP Scripts Mall Student Profile Management System Script v2.0.6
Cross Site Scripting (XSS) Vulnerability in D-Link DIR-600M C1 3.01 via SSID or User Account Name
Remote Code Execution Vulnerability in NAT32 v2.2 Build 22284 Devices
Remote Code Execution Vulnerability in NAT32 v2.2 Build 22284 Devices
NULL Pointer Dereference in FreeType 2.9: DoS Vulnerability
Cross-Site Scripting (XSS) Vulnerability in UltimateMember Plugin 2.0 for WordPress
Cross-Site Scripting (XSS) Vulnerability in UltimateMember Plugin 2.0 for WordPress
Uninitialized Stack Variable Vulnerability in nxfuse Component of NoMachine
Buffer Overflow Vulnerability in ccnl_prefix_to_str_detailed Function in CCN-lite 2
Segmentation Fault and Denial of Service Vulnerability in GNU Patch
Double Free Vulnerability in GNU Patch through 2.7.6
Buffer Overflow and Out-of-Bounds Memory Access Vulnerability in CCN-lite 2's NDNTLV Parser
Privilege Escalation via systemd-tmpfiles Symlink Vulnerability
Denial-of-Service Vulnerability in VMware Workstation and Fusion
DOM-based Cross-Site Scripting (XSS) Vulnerability in VMware vRealize Automation (vRA)
Session Hijacking Vulnerability in VMware vRealize Automation (vRA)
Broken Authentication Vulnerability in VMware Horizon DaaS (7.x before 8.0.0) Allows Bypass of Two-Factor Authentication
Command Injection Vulnerability in VMware NSX SD-WAN Edge by VeloCloud
Signature Bypass Vulnerability in VMware Fusion (10.x before 10.1.2) Allows Local Privilege Escalation
Multiple Denial-of-Service Vulnerabilities in VMware Workstation and Fusion
Local Privilege Escalation Vulnerability in VMware Horizon Client for Linux
Out-of-Bounds Read Vulnerability in VMware ESXi, Workstation, and Fusion
Out-of-Bounds Read Vulnerability in VMware ESXi, Workstation, and Fusion
Out-of-Bounds Read Vulnerability in VMware ESXi, Workstation, and Fusion
Remote Code Execution Vulnerability in VMware AirWatch Agent for Android and Windows Mobile
Out-of-Bounds Read Vulnerability in VMware Tools HGFS
Out-of-bounds read vulnerability in VMware Horizon Connection Server, Horizon Agent, and Horizon Client
Local Information Disclosure Vulnerability in VMware Horizon View Agents
NULL pointer dereference vulnerability in VMware ESXi, Workstation, and Fusion
Out-of-Bounds Write Vulnerability in VMware Workstation and Fusion Allows Guest-to-Host Code Execution
Out-of-Bounds Read Vulnerability in VMware ESXi, Workstation, and Fusion
Unencrypted Data Vulnerability in AirWatch Agent for iOS
Unencrypted Filenames and Metadata Vulnerability in VMware Content Locker for iOS
Denial-of-Service Vulnerability in VMware ESXi, Workstation, and Fusion due to Infinite Loop in 3D-Rendering Shader
Local Privilege Escalation Vulnerability in vRealize Operations
SAML Authentication Bypass Vulnerability in VMware Workspace ONE Unified Endpoint Management Console
Improper Authorization in User Registration Method in VMware vRealize Log Insight
Uninitialized Stack Memory Usage in VMware Virtual Network Adapter Allows Guest-to-Host Code Execution
Uninitialized Stack Memory Usage in VMware ESXi 6.7 and 6.5 Allows Information Leak from Host to Guest
Integer Overflow Vulnerability in VMware Workstation and Fusion Virtual Network Devices
Arbitrary Code Execution Vulnerability in webcheckout through 1.20171231
SQL Injection Vulnerability in SchedMD Slurm
Authentication Bypass Vulnerability in TRENDnet TEW-751DR, TEW-752DRU, and TEW733GR Devices
Stored Cross-Site Scripting (XSS) Vulnerability in Gleez CMS 1.2.0 and 2.0
Buffer Overflow Vulnerability in CCN-lite 2.0.0 Beta
Arbitrary Code Execution Vulnerability in Kentico 9-11 via Dynamic .NET Code Evaluation
Default JMX Credentials Vulnerability in Wowza Streaming Engine
Denial of Service Vulnerability in Wowza Streaming Engine 4.7.1
XSS Vulnerability in Wowza Streaming Engine's HTTP Providers
NULL Pointer Dereference Vulnerability in Irssi
Out-of-Bounds Access Vulnerability in Irssi
NULL Pointer Dereference Vulnerability in Irssi
Use-after-free vulnerability in Irssi
Use-after-free vulnerability during server disconnection in Irssi
SSRF Vulnerability in GroupViewProxyServlet in RoomWizard before 4.4.x
Information Disclosure Vulnerability in RoomWizard
Cross-Site Scripting (XSS) Vulnerability in RoomWizard before 4.4.x via HelpAction.action pageName Parameter
Aruba ClearPass Authentication Bypass Vulnerability
Aruba ClearPass API Privilege Escalation Vulnerability
Aruba ClearPass CSRF Vulnerability: Unauthorized Actions on Web Admin Interface
Vulnerability: Unauthorized Access and Compromise of Aruba ClearPass API
Reflected Cross-Site Scripting (XSS) Vulnerability in Aruba Instant Web Interface
Authenticated SQL Injection Vulnerability in Aruba ClearPass Policy Manager: Privilege Escalation and Cluster Compromise
Aruba ClearPass Policy Manager Unauthenticated Remote Command Execution Vulnerability
Aruba ClearPass Policy Manager Remote Authentication Bypass Vulnerability
Remote HOST Header Attack Vulnerability in HPE CentralView Fraud Risk Management
Remote Unauthenticated Access to Files Vulnerability in HPE CentralView Fraud Risk Management
Remote Disclosure of Information Vulnerability in HPE CentralView Fraud Risk Management
Remote Access to Sensitive Information Vulnerability in HPE Network Function Virtualization Director (NFVD) 4.2.1
Remote Bypass of Security Restrictions in HPE Moonshot Provisioning Manager
Local Arbitrary File Modification Vulnerability in HPE Moonshot Provisioning Manager v1.24 and earlier
Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) PLAT 7.3 E0506P07
Title: Remote Cross-Site Scripting (XSS) Vulnerability in HPE Intelligent Management Center (iMC) PLAT v7.3 (E0506)
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC)
Unauthorized Access Vulnerability in HPE XP P9000 Command View Advanced Edition (CVAE) Device Manager
Critical Remote Code Execution Vulnerability in HPE Integrated Lights-Out (iLO) Versions Prior to v2.60 (iLO 4) and v1.30 (iLO 5)
Aruba ClearPass Policy Manager Guest Authorization Bypass
Vulnerability in Aruba Access Points' Embedded BLE Radio Firmware
ArubaOS Remote Code Execution Vulnerability
Aruba Instant Command Injection Vulnerability
Aruba Instant Web Interface Unauthorized Access to Core Dumps Vulnerability
Aruba Instant Web Interface Command Injection Vulnerability
Cross-Site Scripting Vulnerability in HPE XP P9000 Command View Advanced Edition Software (CVAE)
Open URL Redirection Vulnerability in HPE XP P9000 Command View Advanced Edition Software (CVAE)
Remote Directory Traversal Vulnerability in HPE Intelligent Management Center Platform (IMC Plat) 7.3 E0506P09
Remote Denial of Service Vulnerability in HPE Integrated Lights-Out and Moonshot Chassis Manager
Local Privilege Escalation Vulnerability in 3PAR Service Processor (SP)
Remote Access Restriction Bypass Vulnerability in 3PAR Service Processor
Remote Code Execution Vulnerability in 3PAR Service Processor (SP)
3PAR Service Processor (SP) Remote Cross-Site Request Forgery Vulnerability
3PAR Service Processor (SP) Local Directory Traversal Vulnerability
3PAR Service Processor (SP) Local Information Disclosure Vulnerability
Local Disclosure of Sensitive Information in HPE OfficeConnect 1810 Switch Series
Remote Denial of Service Vulnerability in HPE Integrated Lights Out 4 and iLO 5
Remote Arbitrary File Modification Vulnerability in HPE Intelligent Management Center (iMC) PLAT E0506P09
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) Wireless Services Manager Software
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (iMC) Wireless Services Manager Software
Remote Code Execution and Information Disclosure Vulnerability in HPE Integrated Lights-Out (iLO)
Remote SQL Injection and Privilege Escalation Vulnerability in HPE Device Entitlement Gateway (DEG) v3.2.4 - v3.3.1
HPE StorageWorks XP7 Automation Director Authentication Bypass Vulnerability
HPE eIUM v9.0FP1 Remote Arbitrary File Modification Vulnerability
Remote Unauthorized Disclosure of Information Vulnerability in HPE Service Governance Framework (SGF) 4.2 and 4.3
Remote Unauthorized Access Vulnerability in HPE UIoT: Malfunction in DSM Portal and APIs
Local Disclosure of Privileged Information in HPE Windows Firmware Installer for Certain Servers
Local Exploit to Bypass Firmware Update Security Restrictions in HPE iLO 5
Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC)
Remote Buffer Overflow Vulnerability in HPE Intelligent Management Center (IMC)
Remote Denial of Service Vulnerability in HPE Intelligent Management Center (IMC)
Remote Cross-Site Scripting Vulnerability in HPE iLO 5 Web User Interface
Local Access Restriction Bypass Vulnerability in HPE Service Pack for ProLiant (SPP) Bundled Software
Local Disclosure of Sensitive Information Vulnerability in HPE NonStop Safeguard and NonStop Standard Security Software
Elevation of Privilege Vulnerability in HPE Virtual Connect SE 16Gb Fibre Channel Module
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Remote Disclosure of Information Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Denial of Service Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Regular Expression Denial of Service (ReDoS) in Node.js 4.x `'path'` Module
HTTP Parser in Node.js Allows Spaces in Content-Length Header
Remote Code Execution Vulnerability in Node.js Inspector: Exploiting DNS Rebinding Attack
Denial of Service (DoS) Vulnerability in Node.js HTTP2 Server
Denial of Service (DoS) Vulnerability in Node.js TLS Implementation
Denial of Service Vulnerability in Node.js Versions 9.7.0 and Later
Uninitialized Memory Disclosure Vulnerability in Node.js 10
Buffer.fill() and Buffer.alloc() Hang Vulnerability
Privilege Escalation via newgidmap in shadow-utils
Sybil Attack Vulnerability in ntpd
Twonky Server Directory Traversal Vulnerability
Arbitrary File Deletion Vulnerability in WonderCMS before 2.4.1
Denial of Service Vulnerability in xpdf 4.00 via JBIG2Stream::readSymbolDictSeg
Infinite Loop Denial of Service Vulnerability in xpdf 4.00
NULL Pointer Dereference in readCodestream Allows Denial of Service in xpdf 4.00
CSRF Vulnerability in FrontAccounting 2.4.3 Allows Unauthorized User Account Addition
SQL Injection Vulnerability in Saxum Numerology 3.0.4 Component for Joomla!
SQL Injection Vulnerability in Saxum Picker 3.2.10 Component for Joomla! via publicid Parameter
SQL Injection Vulnerability in SquadManagement 1.0.3 Component for Joomla! via id Parameter
SQL Injection Vulnerability in Saxum Astro 4.0.14 Component for Joomla!
Out-of-Bounds Read Vulnerability in ntpd
Remote Code Execution Vulnerability in ntpq's decodearr Function
Denial of Service Vulnerability in ntpd (CVE-2016-1549)
Denial of Service Vulnerability in NTP 4.2.6
Stack-based Buffer Overflow in Leptonica before 1.75.3
Arbitrary OS Command Execution via Insecure go get Implementation in Go 1.9.4
XSS Vulnerability in Tiki before 18 Allows Privilege Escalation via SVG Image
Denial of Service Vulnerability in Linux Kernel's TUN Subsystem
Arbitrary Script Injection in Enhancesoft osTicket 1.10.2
Arbitrary Web Script Injection in Enhancesoft osTicket 1.10.2
Denial-of-Service Vulnerability in Enhancesoft osTicket Ticket Number Generator
Password Reset Vulnerability in Enhancesoft osTicket
Arbitrary Web Script Injection in Enhancesoft osTicket 1.10.2
Stored Cross-Site Scripting (XSS) Vulnerability in Pluck 4.7.4
Cross-Site Scripting (XSS) Vulnerability in October CMS 1.0.431 Add Posts Page
CSV Injection in ProjectSend: Exploiting Microsoft Excel Import Vulnerability
Cross-Site Scripting (XSS) Vulnerability in ProjectSend
Arbitrary Script Injection Vulnerability in Twonky Server 7.0.11 through 8.5
Sensitive Information Exposure in Giribaz File Manager Plugin for WordPress
Reflected Cross-Site Scripting Vulnerability in Kentico's Edit Device Layout
Improper Group Membership Validation in JupyterHub OAuthenticator
Unvalidated Index Vulnerability in coff_pointerize_aux Function in libbfd
Sensitive Information Disclosure in iDashboards 9.6b via idashboards/config.xml URI
Sensitive Information Disclosure in iDashboards 9.6b via Direct Request for idb/config?CMD=installLicense URI
Weak Obfuscation Library in iDashboards 9.6b SSO Implementation Allows Credential Discovery
Path Traversal Vulnerability in Sinatra 2.x on Windows
Vulnerability: Bypassing Multi-Factor Authentication and macOS Disk-Encryption Protection in Abine Blur 7.8.242*
CSRF Vulnerability in Bravo Tejari Procurement Portal Allows Unauthorized Modification of User Data
File Upload Vulnerability in Bravo Tejari Procurement Portal
Arbitrary Code Execution Vulnerability in Citrix NetScaler Application Delivery Controller and NetScaler Gateway
CSRF Vulnerability in NoneCms 1.3.0 Allows Unauthorized Account Manipulation
Uninitialized Data Access Vulnerability in LibVNCServer
Integer Overflow Vulnerability in LinuxVNC and VNCommand
Unauthenticated URL Retrieval Vulnerability in Schneider Electric's Pelco Sarix Professional
Authentication Bypass Vulnerability in Schneider Electric's Pelco Sarix Professional Firmware
Hardcoded Credentials Vulnerability in Schneider Electric's Pelco Sarix Professional Firmware
XML External Entity (XXE) Vulnerability in Schneider Electric's Pelco Sarix Professional Firmware Versions Prior to 3.29.67
Command Execution Vulnerability in Schneider Electric's Pelco Sarix Professional Firmware
Command Execution Vulnerability in Schneider Electric's Pelco Sarix Professional Firmware
Command Execution Vulnerability in Schneider Electric's Pelco Sarix Professional Firmware
Arbitrary System File Download Vulnerability in Schneider Electric's Pelco Sarix Professional Firmware
Arbitrary System File Download Vulnerability in Schneider Electric's Pelco Sarix Professional
Unauthenticated SSH Service Vulnerability in Schneider Electric's Pelco Sarix Professional
Arbitrary System File Deletion Vulnerability in Schneider Electric's Pelco Sarix Professional
Buffer Overflow Vulnerability in Schneider Electric's Pelco Sarix Professional Web-based GUI
DLL Hijacking Vulnerability in Schneider Electric's SoMove Software and DTM Components
Arbitrary Code Execution Vulnerability in Schneider Electric's Modicon Quantum Communication Modules
Vulnerability: Hard Coded Accounts in Schneider Electric's Modicon Controllers
Vulnerability: Hash Collision Attacks in Schneider Electric's Modicon Controllers
Authorization Bypass Vulnerability in Schneider Electric's 66074 MGE Network Management Card Transverse
Information Disclosure Vulnerability in Schneider Electric's 66074 MGE Network Management Card Transverse
Unauthorized Control and Configuration Access in Schneider Electric's 66074 MGE Network Management Card Transverse
Cleartext Transmission of Sensitive Information Vulnerability in Schneider Electric's 66074 MGE Network Management Card Transverse
Buffer Overflow Vulnerability in pixHtmlViewer in Leptonica
Unauthenticated User Account Validation Vulnerability in Zoho ManageEngine ServiceDesk Plus 9.3 Build 9317
Race Condition Vulnerability in secdrv.sys Allows Arbitrary Code Execution
Uninitialized Kernel Pool Allocation Vulnerability in secdrv.sys
Exposure of MySQL Credentials in Anchor 0.12.3
Heap-based Buffer Over-read Vulnerability in WavPack 5.1.0's ParseDsdiffHeaderConfig Function
Remote Denial-of-Service and Buffer Overflow Vulnerability in WavPack 5.1.0
Sensitive Information Disclosure in Flight Sim Labs A320-X Installer
Arbitrary Code Injection via Crafted URL in phpMyAdmin
Multiple Persistent XSS Vulnerabilities in Radiant CMS 1.1.4
Ceph RGW Malformed HTTP Headers Denial of Service Vulnerability
Denial of Service and Possible Remote Code Execution in Underbit libmad through 0.15.1b
Multiple Out of Bounds Write and Sign Errors in Pictview Image Processing Library Embedded in ActivePDF Toolkit
Stored XSS Vulnerability in Shimmie 2 2.6.0 via Crafted SVG File Upload
Information Exposure Vulnerability in MagniComp SysInfo
SQL Injection Vulnerability in Yii 2.x ActiveRecord findByCondition Function
MetInfo 6.0.0 Installation Process Arbitrary Command Execution Vulnerability
Sensitive Information Disclosure via SSOToken ID in ForgeRock AM REST APIs
Floppy Driver Information Disclosure Vulnerability
Multiple Persistent Cross-Site Scripting Vulnerabilities in Yab Quarx 2.4.3
Information Disclosure Vulnerability in Lutron Quantum BACnet Integration 2.0
Persistent XSS Vulnerability in RLE Wi-MGR/FDS-Wi 6.2 Devices
Persistent XSS Vulnerability in RLE Protocol Converter FDS-PC / FDS-PC-DP 2.1 Devices
Critical Remote Code Execution Vulnerability in AlienVault USM and OSSIM
Cross-Site Scripting (XSS) Vulnerability in Ninja Forms Plugin for WordPress
Root Privilege Escalation Vulnerability in CactusVPN 5.3.6 for macOS
TITool PrintMonitor Solution: Username Parameter SQL Injection Vulnerability
Buffer Overflow Vulnerability in Asterisk SUBSCRIBE Request Processing
NULL Pointer Access Vulnerability in Asterisk 15.x through 15.2.1
Remote Crash Vulnerability in Asterisk through 15.2.1
WebSocket Payload Size 0 Mishandling Vulnerability in Asterisk 15.x through 15.2.1
Vulnerability: Malware Bypasses Detection in Armadito 0.12.7.2 due to UTF-16 Filename Handling
Cross Site Scripting (XSS) Vulnerability in Tiki before 12.13, 15.6, 17.2, and 18.1
Improper Enforcement of Message Integrity in FFXIV Launcher Allows Credential Theft
Arbitrary File Read Vulnerability in eQ-3 AG Homematic CCU2 2.29.2 and Earlier
Remote Code Execution in eQ-3 AG Homematic CCU2 2.29.2 and earlier
Arbitrary Malicious Firmware Updates Vulnerability in eQ-3 AG HomeMatic CCU2 2.29.22
Arbitrary File Creation and Software Installation Vulnerability in eQ-3 AG Homematic CCU2 2.29.2 and Earlier
Arbitrary File Write and Remote Code Execution in eQ-3 AG Homematic CCU2 2.29.2 and earlier
Open XML-RPC Port Without Authentication in eQ-3 AG HomeMatic CCU2 2.29.22 Devices
SVG Content Upload Vulnerability in Tiki 17.1
HTML Injection Vulnerability in Tiki 17.1 Calendar Component
CSV Injection Vulnerability in Tiki 17.1 Allows Remote Code Execution
CSRF Vulnerability in MyBB 1.8.14 Allows Arbitrary Deletion of User Accounts
CSRF Vulnerability in Auth0.js Library: Mishandling of Missing State Parameter in Authorization Response
Arbitrary File Manipulation Vulnerability in DanWin Hosting
Root Privilege Escalation Vulnerability in PrivateVPN 2.0.31 for macOS
SQL Injection Vulnerability in Alexandria Book Library 3.1.2 Component for Joomla!
SQL Injection Vulnerability in CW Tags 2.0.6 Component for Joomla!
SQL Injection in PrayerCenter 3.0.2 Component for Joomla! via sessionid Parameter
SQL Injection Vulnerability in Ek Rishta 2.9 Component for Joomla!
Arbitrary File Upload Vulnerability in Proclaim 9.1.1 Component for Joomla!
Proclaim 9.1.1 Joomla! Component Backup Download Vulnerability
SQL Injection in CheckList 1.1.1 Component for Joomla! via Multiple Parameters
SQL Injection Vulnerability in OS Property Real Estate 3.12.7 Component for Joomla!
SIGCOMP Protocol Dissector Crash Vulnerability in Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12
Loop Vulnerability in Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12
Integer Wraparound Vulnerability in Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12
Loop Vulnerability in Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12
Infinite Loop Vulnerability in Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12
Infinite Loop Vulnerability in Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12
Infinite Loop Vulnerability in Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12
Infinite Loop Vulnerability in Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12
Infinite Loop Vulnerability in Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12
Infinite Loop Vulnerability in Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12
Infinite Loop Vulnerability in Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12
Infinite Loop Vulnerability in Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12
Infinite Loop Vulnerability in Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12
Infinite Loop Vulnerability in Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12
UMTS MAC Dissector Crash Vulnerability
IEEE 802.11 Dissector Crash Vulnerability in Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12
FCP Protocol Dissector Null Pointer Crash Vulnerability
Vulnerability: Crash in DOCSIS Protocol Dissector in Wireshark 2.4.0 to 2.4.4
MP4v2 MP4Atom Class Entry Number Validation Vulnerability
XML Signature Wrapping Vulnerability in Duo Network Gateway 1.2.9 and Earlier
Cross-Site Scripting Vulnerability in ZTE MF65 and MF65M1 Devices
ZTE ZXR10 8905E Product: TCP Initial Sequence Number (ISN) Reuse Vulnerability
Improper Access Control Vulnerability in ZTE ZXHN H168N
Improper Change Control Vulnerability in ZTE ZXHN H168N
Heap-Based Buffer Overflow Vulnerability in ZTE ZXHN F670 (Versions up to V1.1.10P3T18)
Information Exposure Vulnerability in ZTE ZXHN F670: Unauthorized Access to GPON SN Information
Null Pointer Dereference Vulnerability in ZTE ZXHN F670: Denial of Service via appviahttp Service
Improper Access Control Vulnerability in ZTE ZXHN F670 Routers
Improper Authorization Vulnerability in ZTE ZXHN F670: Brute Force Account Credential Attack
Improper Access Control Vulnerability in ZTE ZXIN10 Product European Region
Untrusted Search Path Vulnerability in ZTE uSmartView Product
Authentication Bypass Vulnerability in ZTE ZXV10 B860AV2.1
Arbitrary Code Injection through Cross-Site Scripting (XSS) in Zoho ManageEngine EventLog Analyzer
Arbitrary Code Execution via u3d Images in Foxit Reader and PhantomPDF
Remote Code Execution via U3D Image Rendering in Foxit Reader and PhantomPDF
Local Privilege Escalation Vulnerability in npm 5.7.0 Pre-release
Buffer Overflow in unicode_to_ansi_copy() function in unixODBC
IPMI Dissector Crash Vulnerability in Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4
SIGCOMP Dissector Crash Vulnerability in Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4
NBAP Dissector Crash Vulnerability in Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4
PCAPNG File Parser Crash Vulnerability
Infinite Loop Vulnerability in Wireshark DMP Dissector
Local File Inclusion Vulnerability in Site Editor Plugin for WordPress
Arbitrary web script injection vulnerability in Splunk Web
Denial of Service Vulnerability in Splunk Enterprise and Splunk Light
Directory Traversal Vulnerability in Splunk Django App
Denial of Service Vulnerability in Splunk Enterprise and Splunk Light
Improper Data Escaping in iThemes Security Plugin for WordPress Logs Page
Path Disclosure Vulnerability in zzcms 8.2
Heap-Based Buffer Over-Read in FreeXL's destroy_cell Function
Heap-Based Buffer Over-Read in parse_SST Function in FreeXL
Heap-Based Buffer Over-Read in FreeXL's parse_SST Function
Heap-Based Buffer Over-Read in FreeXL's parse_unicode_string Function
Heap-Based Buffer Over-Read in FreeXL's read_mini_biff_next_record Function
Command Injection Vulnerability in Leptonica through 1.75.3
Hardcoded /tmp Pathnames Vulnerability in Leptonica
Path Traversal and Arbitrary File Overwrite Vulnerability in Leptonica
Memory Allocation Failure in ReadTIFFImage Function in ImageMagick 7.0.7-23 Q16
Buffer Overflow in MikroTik RouterOS SMB Service Allows Remote Code Execution
Persistent Cross-Site Scripting Vulnerabilities in mojoPortal 2.6.0.0
Arbitrary PHP Code Injection Vulnerability in CMS Made Simple 2.1.6 Installation Procedure
Denial of Service Vulnerability in SEGGER FTP Server for Windows
NULL Pointer Dereference Vulnerability in xpdf 4.00 Allows Denial of Service
Denial of Service Vulnerability in xpdf 4.00: Infinite Recursion in AcroForm::scanField
NULL Pointer Dereference Vulnerability in Xpdf 4.00 Allows Denial of Service
Denial of Service Vulnerability in xpdf 4.00 via Out-of-Bounds Read in JPXStream::readTilePart
NULL Pointer Dereference in TIFFPrintDirectory function in LibTIFF
Arbitrary SQL Command Execution in ASANHAMAYESH CMS 3.4.6 via files.php
Vulnerability: Cross-Site Scripting (XSS) in VirtueMart before 3.2.14
Injection Vulnerability in TestLink's installNewDB.php Allows Remote Attackers to Conduct Injection Attacks
Directory Traversal Vulnerability in AxxonSoft Axxon Next
XSS Vulnerability in PHP Scripts Mall Entrepreneur Job Portal Script 2.0.9
Denial of Service Vulnerability in ImageMagick 7.0.7-22 Q16
Integer Overflow Vulnerability in KingView 7.5SP1's stgopenstorage API
Denial of Service Vulnerability in INVT Studio 1.2
Open Redirect Vulnerability in SO Connect SO WIFI Hotspot Web Interface
SQL Injection Vulnerability in Textpattern CMS 4.6.2 and Earlier
IceWarp Mail Server 12.0.3 Cross-Site Scripting (XSS) Vulnerability in webdav/ticket/ URIs
Cross Site Scripting (XSS) in dayrui FineCms 5.3.0 via id or lid parameter in c=linkage,m=import request
SQL Injection Vulnerability in PHP Scripts Mall School Management Script 3.0.4
Path Disclosure Vulnerability in YzmCMS 3.6
Double Free Vulnerability in blkcg_init_queue Function in Linux Kernel
Directory Traversal Vulnerability in K2 Component 2.8.0 for Joomla!
Privilege Escalation through DLL Hijacking in PureVPN
Improper Argument Order in SQLWriteFileDSN Function in unixODBC 2.3.5
Arbitrary Code Execution via Unrestricted Inline Function Calls in Blue River Mura CMS
Heap-Based Buffer Overflow in LoadPCX Function of sam2p 0.49.4
Unauthenticated Remote Code Execution in FasterXML Jackson-Databind
Directory Traversal Vulnerability in uWSGI before 2.0.17
PrestaShop UI-Redressing/Clickjacking Vulnerability
NULL Pointer Dereference Vulnerability in Linux Kernel's net/rds/rdma.c __rds_rdma_map() Function
Root Privilege Escalation Vulnerability in CactusVPN for macOS
Stack Buffer Overflow in WPLSoft in Delta Electronics Versions 2.45.0 and Prior
External Control of File Name or Path Vulnerability in Advantech WebAccess
Unintended Information Disclosure in OSIsoft PI Vision Versions 2017 and Prior
Untrusted Pointer Dereference Vulnerabilities in Advantech WebAccess and WebAccess Dashboard
Lack of Data Encryption in Philips Alice 6 System R8.0.2 or Prior: A Breach of Confidentiality, Integrity, and Accountability
Stack-based Buffer Overflow Vulnerabilities in Advantech WebAccess
Privilege Escalation Vulnerability in OSIsoft PI Web API
Multiple SQL Injection Vulnerabilities in Advantech WebAccess
Improper Validation of User-Supplied Pointers in Beckhoff TwinCAT: Privilege Escalation Vulnerability
Path Traversal Vulnerability in Advantech WebAccess
Reflected Cross-Site Scripting Vulnerability in OSIsoft PI Vision Versions 2017 and Prior
Unrestricted File Upload Vulnerability in Advantech WebAccess
Vulnerability: Disclosure of Private Key in Moxa MXview Versions 2.8 and Prior
Heap Buffer Overflow in WPLSoft in Delta Electronics Versions 2.45.0 and Prior
Cross-Site Scripting Vulnerability in OSIsoft PI Web API Versions 2017 R2 and Prior
Buffer Overflow Vulnerability in WPLSoft (Delta Electronics) Versions 2.45.0 and Prior
Plaintext Password Exposure in BeaconMedaes TotalAlert Scroll Medical Air Systems
Buffer Overflow Vulnerability in Eaton ELCSoft Versions 2.04.02 and Prior
Remote Code Execution Vulnerability in Geutebruck G-Cam/EFD-2250 and Topline TopFD-2125 IP Cameras
Stack-Based Buffer Overflow in Omron CX-Supervisor Versions 3.30 and Prior
Stack-based buffer overflow vulnerability in Omron CX-One versions 4.42 and prior
Uninitialized Pointer Vulnerability in Omron CX-Supervisor Versions 3.30 and Prior
Server-Side Request Forgery Vulnerability in Geutebruck G-Cam/EFD-2250 and Topline TopFD-2125 IP Cameras Allows Proxied Network Scans
Out of Bounds Vulnerability in Omron CX-Supervisor Versions 3.30 and Prior
Insecure Storage and Transmission of Credentials in TotalAlert Web Application
Heap-Based Buffer Overflow in Omron CX-Supervisor Versions 3.30 and Prior
Improper Access Control Vulnerability in Geutebruck G-Cam/EFD-2250 and Topline TopFD-2125 IP Cameras
Use After Free Vulnerability in Omron CX-Supervisor Versions 3.30 and Prior
Vulnerability: Privilege Escalation via Fixed Memory Location in Schneider Electric Triconex Tricon MP Model 3008 Firmware Versions 10.0-10.4
Double Free Vulnerability in Omron CX-Supervisor Versions 3.30 and Prior
Unauthorized User Addition Vulnerability in Geutebruck G-Cam/EFD-2250 and Topline TopFD-2125 IP Cameras
Untrusted Pointer Dereference Vulnerability in Omron CX-Supervisor Versions 3.30 and Prior
Unauthenticated Information Disclosure Vulnerability in TotalAlert Web Application
Buffer Overflow Vulnerability in LeviStudio HMI Editor and PI Studio HMI Project Programmer
SQL Injection Vulnerability in Geutebruck G-Cam/EFD-2250 and Topline TopFD-2125 IP Cameras
Deserialization of Untrusted Data Vulnerability in OSIsoft PI Data Archive
Pointer Misuse Vulnerability in Omron CX-One Software Suite
Unauthenticated Custom Request Vulnerability in OSIsoft PI Data Archive
Unauthenticated Remote Code Execution Vulnerability in Geutebruck G-Cam/EFD-2250 and Topline TopFD-2125 IP Cameras
OSIsoft PI Data Archive 2017 and Prior: Incorrect Default Permissions Vulnerability
Memory Leakage of Encryption Key in Stealth Authorization Server
Privilege Escalation Vulnerability in TotalAV v4.1.7
Catastrophic Backtracking Vulnerability in Django's urlize() Function
Catastrophic Backtracking Vulnerability in Django's Truncator Methods
SQL Injection Vulnerability in Enalean Tuleap Tracker Functionality
Vulnerability: Directory Traversal in Appear TV XC5000 and XC5100 Devices
Denial of Service Vulnerability in Xen through 4.10.x via Non-Preemptable L3/L4 Pagetable Freeing
Grant-table transition vulnerability in Xen allows for denial of service and privilege escalation
Denial of Service Vulnerability in Xen Hypervisor due to Mishandling of Configurations without Local APIC
Arbitrary JavaScript Injection in SnapCreek Duplicator Plugin for WordPress
Cross-Protocol Scripting Vulnerability in OpenVPN Management Interface
Denial of Service Vulnerability in Kingsoft WPS Office 2016 and Jinshan PDF 10.1.0.6621
XSS Vulnerability in lyadmin 1.x via config[WEB_SITE_TITLE] Parameter
NULL Pointer Dereference Vulnerability in zsh through 5.4.2
Crash Vulnerability in zsh 5.4.2: Empty Hash Table Copy
Out-of-Bounds Memory Access in QEMU's load_multiboot Function
Invalid Free Vulnerability in MiniPS::delete0 in sam2p 0.49.4
Invalid Free Vulnerability in Mapping::DoubleHash::clear in sam2p 0.49.4
Heap-Based Buffer Overflow in pcxLoadRaster Function of sam2p 0.49.4
Invalid Free Vulnerability in ReadImage Function of sam2p 0.49.4
Remote Code Execution in LimeSurvey InstallerController.php
Out-of-Array Read Denial of Service Vulnerability in FFmpeg
OPC UA Server Private Key Disclosure Vulnerability
Regular Expression Denial of Service (ReDoS) in aws-lambda-multipart-parser NPM Package
Stack-based Buffer Overflow in Tenda AC9 Devices V15.03.05.14_EN HTTPD
Race Condition Vulnerability in GLPI through 9.2.1 Allows Temporary Access to Uploaded Executable Files
Cross-Site Scripting (XSS) Vulnerability in GLPI through 9.2.1
Stored XSS Vulnerability in Polycom QDX 6000 Devices
CSRF Vulnerability Discovered on Polycom QDX 6000 Devices
Buffer Overflow Vulnerability in Linux Kernel 4.15 via SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl
Blind Remote Code Execution in OTRS Admin Package Manager
Integer Overflow and Application Crash in parse_die function of libbfd
Integer Underflow/Overflow and Application Crash in libbfd
Denial of Service Vulnerability in assign_file_positions_for_non_load_sections function in libbfd
Pulse Secure Client Authentication Bypass and Command Execution Vulnerability
FTPShell Client 6.7 Remote Code Execution Vulnerability
Buffer Overflow Vulnerability in Google TensorFlow 1.7.x and Earlier
Null Pointer Dereference Vulnerability in Google TensorFlow 1.6.x and Earlier
Memcpy Parameter Overlap Vulnerability in Google Snappy Library 1.1.4
SQL Injection in YzmCMS 3.6 via catids array parameter in update_category_url.html
Title: Denial of Service Vulnerability in Philips Hue Hub: Freezing and Unresponsiveness during SYN Flood Attack
Weak Permissions in WebLog Expert Web Server Enterprise 9.4 Allow Local Users to Set Cleartext Password and Login as Admin
Remote Denial Of Service Vulnerability in WebLog Expert Web Server Enterprise 9.4
Remote Denial of Service Vulnerability in DualDesk 20's Proxy.exe
Stack-based Buffer Under-read Vulnerability in PHP HTTP Response Parsing
Unsecured Gallery Paths in NextGen Gallery Plugin for WordPress
Denial of Service Vulnerability in CImg v.220: Allocation Failure in load_bmp
Heap-Based Buffer Over-Read Vulnerability in CImg v.220's load_bmp Function
Double Free Vulnerability in CImg v.220's load_bmp Function
CSRF Vulnerability in Hoosk 1.7.0 Allows Unauthorized Account Creation
Arbitrary Code Execution Vulnerability in Drupal
Highly Critical Remote Code Execution Vulnerability in Drupal Core (SA-CORE-2018-002)
Cross Site Scripting (XSS) Vulnerability in Drupal's Search Autocomplete Module
Remote Code Execution Vulnerability in EpiCentro E_7.3.2+ HTTPD
Remote Denial of Service Vulnerability in EpiCentro E_7.3.2+ HTTPD
Epicentro E_7.3.2+ /ui/login Form Language Parameter Code Injection Vulnerability
CSRF Vulnerability in Enalean Tuleap 9.17 Allows Account Takeover via E-mail Address Change
Whale Browser before 1.0.41.8 Vulnerability: Displaying Fake Domain Name on Address Bar
Arbitrary Code Injection Vulnerability in PAN-OS URL Filtering Continue Page
Heap-based Buffer Over-read in CImg v.220's load_bmp Function
Heap-based Buffer Over-read in CImg v.220's load_bmp Function
Heap-based Buffer Over-read in CImg v.220's load_bmp Function
Heap-based Buffer Over-read in load_bmp function in CImg v.220
Heap-based Buffer Over-read in CImg v.220's load_bmp Function
Denial of Service Vulnerability in libbfd's swap_std_reloc_in Function
Integer Overflow and Application Crash in GNU Binutils 2.30
Key Confusion Vulnerability in XmlSecLibs Library Allows Impersonation in SimpleSAMLphp
Buffer Overflow Vulnerability in OpenJPEG 2.3.0
Cross-Site Scripting (XSS) Vulnerability in Monitorix before 3.10.1
Stored XSS Vulnerability in PHP Scripts Mall Hot Scripts Clone:Script Classified Version 3.1 Application
Regular Expression Denial of Service (ReDoS) Vulnerability in ssri Module for Node.js
Cross-Site Scripting (XSS) Vulnerability in Zonemaster Web GUI before 1.0.11
XSS Vulnerability in YzmCMS 3.6 via a, c, or m Parameter in index.php
Path Traversal Vulnerability in 3CX 15.5.6354.2: Unrestricted File Access via /api/RecordingList/download?file= Parameter
Denial of Service Vulnerability in Softros Network Time System 2.3.4
Stored Cross-Site Scripting Vulnerability in OpenText Documentum D2 Webtop v4.6.0030 build 059 via Uploaded Image Filename
Reflected Cross-Site Scripting Vulnerability in OpenText Documentum D2 Webtop v4.6.0030 build 059
Remote Audio Data Leakage in Papenmeier WiFi Baby Monitor Free & Lite
Path Disclosure Vulnerability in Couch through 2.0
Server-side Template Injection in Voten.co User Profile Bio Field
Arbitrary OS Command Injection in ClipBucket
Arbitrary File Upload Vulnerability in ClipBucket
Multiple SQL Injection Vulnerabilities in ClipBucket
Server-Side Request Forgery (SSRF) Vulnerability in Adminer 4.3.1 via the server Parameter
Arbitrary Attachment Read Vulnerability in TestLink 1.9.16
Directory Traversal Vulnerability in Sitecore Log Viewer Application
NetIQ Identity Manager Communication Channel Denial of Service Vulnerability
URL Redirection Vulnerability in NetIQ Identity Manager User Console (Versions prior to 4.7)
Session Hijacking Vulnerability in NetIQ Sentinel Web Interface
Sensitive Information Leakage in NetIQ Identity Manager UserApp (Versions Prior to 4.7)
CSRF Vulnerability in NetIQ Access Manager (NAM) 4.4 Identity Server
Cross Site Scripting Vulnerability in NetIQ Access Manager (NAM) Administration Console
Remote Code Execution in Micro Focus Solutions Business Manager
HTTP Header Reflection Vulnerability in Micro Focus Solutions Business Manager
JavaScript Injection in Micro Focus Solutions Business Manager Favorites Folder
Cross-Domain Invocation Vulnerability in Micro Focus Solutions Business Manager
Sensitive Information Exposure in Micro Focus Solutions Business Manager Server Log Files
Vulnerability: Corrupted RPM Installation Bypass in libzypp
Shared Memory Information Leakage Vulnerability in NetIQ eDirectory
Buffer Overflow Vulnerability in Micro Focus Client for OES Allows Privilege Escalation
OpenSUSE Open Build Service Vulnerability: Unauthorized Modification of Sources
Insufficient Permission Checks in InitializeDevelPackage Function in openSUSE Open Build Service before 2.9.3
Remote Unauthorized Access Vulnerability in Micro Focus Fortify Software Security Center (SSC) Versions 17.10, 17.20, 18.10
Remote Unauthorized Access Vulnerability in Micro Focus Fortify Software Security Center (SSC) Versions 17.10, 17.20, 18.10
Unvalidated Redirect Vulnerability in NetIQ eDirectory
Unencrypted Transmission of Credentials in D-Link mydlink+ App
Arbitrary Code Execution Vulnerability in DedeCMS 5.7 via CSRF
CSRF Vulnerabilities in SecurEnvoy SecurMail before 9.2.501
Arbitrary Email Spoofing and Modification in SecurEnvoy SecurMail
Arbitrary Script Injection in SecurEnvoy SecurMail before 9.2.501
Arbitrary Email Message Reading Vulnerability in SecurEnvoy SecurMail
SecurEnvoy SecurMail Directory Traversal Vulnerability
SecurEnvoy SecurMail Directory Traversal Vulnerability
Arbitrary Script Injection in SecurEnvoy SecurMail before 9.2.501
Incorrect Signature Validation in SimpleSAMLphp Library
Denial of Service Vulnerability in OpenCV 3.4.1's validateInputImageSize Function
Denial of Service Vulnerability in OpenCV 3.4.1's validateInputImageSize Function
Denial of Service Vulnerability in OpenCV 3.4.1's validateInputImageSize Function
Root Privilege Escalation Vulnerability in PrivateVPN 2.0.31 for macOS
Root Privilege Escalation Vulnerability in PrivateVPN 2.0.31 for macOS
XSS Vulnerability in Kubik-Rubik Simple Image Gallery Extended (SIGE) Extension 3.2.3 for Joomla!
User Account Takeover via Serialized Request Manipulation in Telexy QPath 5.4.462
Directory Traversal Vulnerability in Acrolinx Server before 5.2.5 on Windows
CSRF Vulnerability in Western Bridge Cobub Razor 0.7.2 Allows Unauthorized Account Creation
Cross Site Scripting (XSS) Vulnerability in MetInfo 6.0.0 Feedback Module
Stored XSS vulnerability in Piwigo 2.9.3 management panel via name parameter in /ws.php?format=json request
Stored XSS vulnerability in Piwigo 2.9.3 management panel via virtual_name parameter
Stored XSS vulnerability in Piwigo 2.9.3 management panel via name parameter
ZZIPlib 0.13.68 - Invalid Memory Address Dereference in zzip_disk_fread in mmapped.c
ZZIPlib 0.13.68 Denial of Service Vulnerability in __zzip_parse_root_directory Function
Memory Leak in ZZIPlib 0.13.68: Denial of Service Vulnerability
Heap-based Buffer Over-read in Exempi TIFF_Handler.cpp
Stack-based Buffer Over-read in PostScript_MetaHandler::ParsePSFile() Function
Heap-based Buffer Over-read in PSD_MetaHandler::CacheFileData() Function
NULL Pointer Dereference in WEBP::VP8XChunk Class
SQL Injection in YxtCMF 3.1 via ShitiController.class.php
CSRF Vulnerability in YxtCMF 3.1 RbacController.class.php
Remote SQL Injection Vulnerability in Afian FileRun (before 2018.02.13) via search parameter in /?module=users§ion=cpanel&page=list request
Remote SQL Injection Vulnerability in Afian FileRun (before 2018.02.13) via search parameter in /?module=metadata§ion=cpanel&page=list_filetypes request
XSS Vulnerability in Z-BlogPHP 1.5.1.1740 via ZC_BLOG_SUBNAME or ZC_UPLOAD_FILETYPE Parameter
Web Site Physical Path Leakage in Z-BlogPHP 1.5.1.1740
Privilege Escalation via Shell Command Injection in util-linux
Authentication Bypass Vulnerability in antsle antman before 0.9.1a
Denial of Service Vulnerability in Linux Kernel through 4.15.7 via Crafted Application
Reflected XSS Vulnerability in Eramba e1.0.6.033 Date Filter
Unauthenticated Account Creation in Western Bridge Cobub Razor 0.7.2
Unauthenticated Stored XSS in Western Bridge Cobub Razor 0.7.2
Cross-Site Scripting (XSS) Vulnerabilities in Caldera Forms Plugin for WordPress
Arbitrary Code Execution via Glide Scripting Injection in ServiceNow Release Jakarta Patch 8 and Earlier
Insecure Authentication Handling in AsyncSSH Server Implementation
Incomplete Authentication Check in Paramiko SSH Server Implementation
Denial of Service Vulnerability in FFmpeg's svg_probe Function
Buffer Overflow in gf_media_avc_read_sps function in GPAC through 0.7.1
Improper Sanitization of URI Values in Bleach 2.1.x
Information Disclosure Vulnerability in Linux Kernel's aoedisk_debugfs_show Function
Kernel Pointer Leak Vulnerability in Linux Floppy Driver
Unauthenticated Remote Code Execution in DEWESoft X3 SP1 (64-bit) Installer
Memory Leak in Linux Kernel's sas_smp_get_phy_events Function
Denial of Service Vulnerability in Schneider Electric's MiCOM Px4x Series
Buffer Overflow Vulnerability in Schneider Electric's Modicon PLCs
Authorization Bypass Vulnerability in Schneider Electric's Modicon PLCs
Arbitrary Code Execution Vulnerability in Schneider Electric's Modicon PLCs
Buffer Overflow Vulnerability in Schneider Electric's Modicon PLCs
Directory Traversal Vulnerability in Schneider Electric U.motion Builder Software
Directory Traversal Vulnerability in Schneider Electric U.motion Builder Software
SQL Injection Vulnerability in Schneider Electric U.motion Builder Software
SQL Injection Vulnerability in Schneider Electric U.motion Builder Software
SQL Injection Vulnerability in Schneider Electric U.motion Builder Software
SQL Injection Vulnerability in Schneider Electric U.motion Builder Software
SQL Injection Vulnerability in Schneider Electric U.motion Builder Software
Arbitrary File Send Vulnerability in Schneider Electric U.motion Builder Software
Directory Traversal Vulnerability in Schneider Electric U.motion Builder Software
SQL Injection Vulnerability in Schneider Electric U.motion Builder Software
SQL Injection Vulnerability in Schneider Electric U.motion Builder Software
SQL Injection Vulnerability in Schneider Electric U.motion Builder Software
Information Disclosure Vulnerability in Schneider Electric U.motion Builder Software
Insufficient Handling of update_file Parameter in Schneider Electric U.motion Builder Software
Unauthenticated Remote Privilege Escalation in Schneider Electric Evlink Charging Station Web Interface
Weak and Unprotected FTP Access in Schneider Electric Wiser for KNX, homeLYnk, and spaceLYnk
Buffer Overflow Vulnerability in Schneider Electric Pelco Sarix Professional 1st Generation Cameras
Clear Text Password Exposure and Privilege Escalation in Schneider Electric Pelco Sarix Professional 1st Generation Cameras
Clear Text Password Vulnerability in Schneider Electric Pelco Sarix Professional 1st Generation Cameras
Schneider Electric SoMachine Basic v1.6 SP1 XML External Entity (XXE) Vulnerability
Command Injection Vulnerability in Schneider Electric U.motion Builder Software
Remote Command Injection Vulnerability in Schneider Electric U.motion Builder Software
Cross-Site Scripting (XSS) Vulnerability in Schneider Electric U.motion Builder Software Versions Prior to v1.3.4
Improper Input Validation in Schneider Electric U.motion Builder Software
CWE-255 Credentials Management Vulnerability in Modicon Quantum Firmware Versions Prior to V2.40: Telnet Denial of Service
Remote Reboot Vulnerability in Schneider Electric's Modicon M221
Modicon M221 Information Management Error Vulnerability
Schneider Electric Modicon M221 Firmware Vulnerability: Unauthorized Password Overwrite and Program Extraction
Schneider Electric Modicon M221: Rainbow Table Password Decoding Vulnerability
Credential Management Vulnerability in FoxView HMI SCADA: Unauthorized Disclosure, Modification, and Service Disruption
Denial of Service Vulnerability in Modicon PLCs via Modbus TCP
Cross Protocol Injection Vulnerability in Schneider Electric's PowerLogic PM5560 (FW version < 2.5.4) Allows Cross-Site Scripting Attack
Buffer Overflow Vulnerability in PowerSuite 2
URL Redirection Vulnerability in Power Monitoring Expert, Energy Expert, and Power SCADA Operation
Remote Change of IPv4 Configuration Vulnerability in Modicon M221
Schneider Electric Software Update (SESU) DLL Hijacking Vulnerability
Hard-coded Credentials Vulnerability in EVLink Parking v3.2.0-12_v1 and Earlier
Remote Code Execution Vulnerability in EVLink Parking v3.2.0-12_v1 and Earlier
EVLink Parking v3.2.0-12_v1 and Earlier: Critical SQL Injection Vulnerability Allows Full Privilege Access
Title: CWE-754 Vulnerability in Triconex TriStation Emulator V1.2.0 Allows for Emulator Crash via Specially Crafted Packet
URL Redirection Vulnerability in Modicon M340, Premium, Quantum PLCs and BMXNOR0200
ZipSlip Vulnerability in Data Center Operation: Arbitrary File Upload via Zip File
ZipSlip Vulnerability in Data Center Expert: Arbitrary File Upload
Unverified Password Change Vulnerability in Modicon M340, Premium, Quantum PLCs, and BMXNOR0200
Cross-site Scripting (XSS) Vulnerability in Modicon M340, Premium, Quantum PLCs and BMXNOR0200
Unverified Password Change Vulnerability in Modicon M340, Premium, Quantum PLCs, and BMXNOR0200
Information Exposure through Discrepancy in Modicon M340, Premium, Quantum PLCs and BMXNOR0200 Web Servers
Remote Code Execution Vulnerability in Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0)
Remote Code Execution Vulnerability in Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0)
Remote Code Execution Vulnerability in Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0)
Arbitrary File Deletion Vulnerability in 1st Gen Pelco Sarix Enhanced Camera's Web GUI
Remote Code Execution Vulnerability in Zelio Soft 2 v5.1 and Prior Versions
APC UPS Network Management Card 2 AOS v6.5.6 - Remote Monitoring Credentials Exposure Vulnerability
Cycle Time Impact Vulnerability in SoMachine Basic and Modicon M221
Unauthorized Access to SoMachine Basic Resource Files
Remote Code Execution Vulnerability in SoMachine Basic and Modicon M221
Schneider Electric Modbus Serial Driver: Externally Controlled Resource Reference Vulnerability
Command Injection Vulnerability in PelcoSarix Enhanced Camera's Web GUI
Command Injection Vulnerability in Pelco Sarix Enhanced Camera's Web GUI
Cross-Site Scripting (XSS) Vulnerability in Pelco Sarix Enhanced and Spectra Enhanced Cameras
CSRF Vulnerability in Pelco Sarix and Spectra Enhanced Cameras
Command Injection Vulnerability in Pelco Sarix Enhanced and Spectra Enhanced Cameras
HTTP Response Splitting Vulnerability in Modicon M340, Premium, Quantum PLCs and BMXNOR0200
Cross-Site Scripting (XSS) Vulnerability in Modicon M340, Premium, Quantum PLCs and BMXNOR0200
Arbitrary Execution Vulnerability in Pro-Face GP-Pro EX v4.08 and Earlier Versions
Unauthenticated XML POST Request Denial of Service Vulnerability in Modicon M340, Premium, Quantum PLCs and BMXNOR0200
CWE-79 Cross-Site Scripting Vulnerability in TSXETG100
IIoT Monitor 3.1.38 Path Traversal Vulnerability
Unrestricted File Upload Vulnerability in IIoT Monitor 3.1.38 Software
XML External Entity (XXE) Vulnerability in IIoT Monitor 3.1.38 Software
Denial of Service Vulnerability in Modicon M580 CPU and BMENOC Ethernet Module
Information Disclosure Vulnerability in IIoT Monitor 3.1.38
Uncontrolled Search Path Element in VideoXpert OpsCenter: DLL Hijacking Vulnerability
U.motion Builder Software Version 1.3.4 SQL Injection (CWE-89) Vulnerability
Modicon Series: Brute Force Authentication Bypass Vulnerability
Uncaught Exception Vulnerability in Modicon Controllers: Denial of Service via Invalid Memory Block Read
Modicon PLCs: SNMP Information Exposure via Modbus Memory Reading
Modicon Controller Out-of-bounds Read Vulnerability
Brute Force Attack Vulnerability on Modicon Controllers
CWE-284: Improper Access Control Vulnerability in Modicon Controllers
SNMP Information Disclosure Vulnerability in Modicon Controllers
Uncaught Exception Vulnerability in Modicon Controllers: Potential Denial of Service
Invalid Information Display Vulnerability in Modicon PLCs
Denial of Service Vulnerability in Modicon PLCs
CWE-248: Uncaught Exception Vulnerability in Modicon PLCs
Uncaught Exception Vulnerability in Modicon Controllers: Denial of Service via Invalid Memory Blocks
Uncaught Exception Vulnerability in Modicon Controllers: Denial of Service via Invalid Debug Parameters
Uncaught Exception Vulnerability in Modicon Controllers: Denial of Service via Invalid Breakpoint Parameters
Uncaught Exception Vulnerability in Modicon Controllers: Potential Denial of Service via Invalid Memory Blocks
Uncaught Exception Vulnerability in Modicon Controllers: Potential Denial of Service via Out-of-Bounds Variable Writing
Denial of Service Vulnerability in QEMU's Cirrus CLGD 54xx VGA Emulator Support
Remote Code Execution Vulnerability in D-Link DGS-1510-Series Switches
NULL Pointer Dereference Vulnerability in libming 0.4.8
Heap-Based Buffer Overflow in libming 0.4.8's getString Function Leads to Denial of Service
Heap-Based Buffer Over-Read Vulnerability in libming 0.4.8's getName Function
Memory Leak Vulnerability in libming 0.4.8's dcinit Function
Invalid Memory Address Dereference in libming 0.4.8: Denial of Service Vulnerability
Heap-Based Buffer Over-Read Vulnerability in libming 0.4.8's getName Function
Invalid Memory Address Dereference in libming 0.4.8: Denial of Service Vulnerability
Heap-Based Buffer Overflow in libming 0.4.8's getString Function for INTEGER Data
Invalid Memory Address Dereference in strlenext in libming 0.4.8: Denial of Service Vulnerability
Heap-Based Buffer Over-Read Vulnerability in libming 0.4.8's getString Function
Memory Exhaustion Vulnerability in libming 0.4.8's parseSWF_ACTIONRECORD Function
Heap-Based Buffer Overflow in libming 0.4.8's getString Function for DOUBLE Data
DLL Hijacking Vulnerability in DisplayLink Core Software Cleaner Application
Buffer Overflow Vulnerability in CloudMe Sync Client Application
Arbitrary Code Execution via Pickle Deserialization in Calibre 3.18
Command Injection Vulnerability in Zoho ManageEngine Applications Manager
.NET Remoting Endpoints Vulnerability in Milestone XProtect Video Management Software
Stored XSS in CMS Made Simple (CMSMS) 2.2.6 via metadata parameter in admin/moduleinterface.php
Reflected XSS Vulnerability in Eramba e1.0.6.033 via advanced_filter Parameter
Double Free Vulnerability in Mali Driver of Huawei Berkeley-AL20 and Berkeley-BD Smart Phones
Information Leak Vulnerability in Huawei HG Products: Exploiting Device Information Disclosure
Remote Control Vulnerability in Huawei ALP-AL00B and BLA-AL00B Smart Phones
JSON Injection Vulnerability in Huawei 1288H V5 and 288H V5 with V100R005C00 Software
JSON Injection Vulnerability in Huawei 1288H V5 and 288H V5 with V100R005C00 Software
JSON Injection Vulnerability in Huawei 1288H V5 and 288H V5 with V100R005C00 Software
Denial of Service (DoS) Vulnerability in Huawei Smartphones: Black Screen Exploit
Sensitive Information Leak Vulnerability in Huawei Products
Authentication Bypass Vulnerability in Huawei Smartphones: Unauthorized Access and Control
Factory Reset Protection (FRP) Bypass Vulnerability in Huawei Smart Phones
Improper Resource Management Vulnerability in Huawei AR Series Devices
Information Leak Vulnerability in Huawei B315s-22 (Software Version 21.318.01.00.26) Allows Unauthorized Access to Device Information
Insufficient Input Validation Vulnerability in Huawei ALP-L09 Smart Phones
Insufficient Input Validation Vulnerability in Huawei ALP-L09 Smart Phones
Information Leak Vulnerability in Anne-AL00 Huawei Phones
Lock-Screen Bypass Vulnerability in Huawei Smartphones Emily-AL00A
Improper Authorization Vulnerability in Huawei Watch 2
Factory Reset Protection (FRP) Bypass Vulnerability in MyCloud APP on Huawei Smartphones
Lock-Screen Bypass Vulnerability in Huawei Mate RS Smartphones
Information Leak Vulnerability in Huawei Mate 9 NFC Module
Whitelist Mechanism Bypass Vulnerability in Huawei AppGallery
Arbitrary Javascript Execution Vulnerability in Huawei AppGallery
Path Traversal Vulnerability in Huawei Home Gateway Products: Arbitrary Code Execution and Privilege Escalation
Denial of Service (DoS) Vulnerability in Huawei Mobile Phones with Versions Before BLA-L29 8.0.0.145(C432)
Denial of Service Vulnerability in E5573Cs-322 (21.328.01.00.00)
Factory Reset Protection (FRP) Bypass Vulnerability in Mate 10 Pro Huawei Smartphones
Plug-in Signature Bypass Vulnerability in Huawei HiRouter-CD20-10 and WS5200-10
Information Leak Vulnerability in P10 Huawei Smartphones (Versions before Victoria-AL00AC00B217)
Factory Reset Protection (FRP) Bypass Vulnerability in Huawei Smart Phones
Authentication Bypass Vulnerability in Huawei Mate 10 and Mate 10 Pro Smartphones
Authentication Bypass Vulnerability in Huawei iBMC V200R002C60
Authentication Bypass Vulnerability in Huawei iBMC Servers
Huawei Server Authentication Bypass Vulnerability
Factory Reset Protection (FRP) Bypass Vulnerability in Huawei Smart Phones Emily-AL00A
Information Leak Vulnerability in Huawei Smartphones: Exploiting Improper Design for Data Leakage
Authentication Bypass Vulnerability in Huawei Mobile Phones
Privilege Escalation Vulnerability in Huawei iBMC Servers: Unauthorized Password Access and Modification
Huawei Server iBMC JSON Injection Vulnerability
Huawei Server iBMC JSON Injection Vulnerability
Bruteforce Vulnerability in Huawei VIP App Exposes User Information
Information Leakage Vulnerability in Huawei Smartphones: Unauthorized Location Access via Phone State Authorization
Anonymous TLS Cipher Suites Vulnerability in Huawei eSpace Product
Huawei eSpace Product: SRTP Man-in-the-Middle Vulnerability
Huawei eSpace Product SRTP Icon Display Vulnerability
Smart SMS Verification Code Vulnerability in Huawei Smart Phones
Stored Cross-Site Scripting (XSS) Vulnerability in Huawei eSpace Desktop V300R001C00 and V300R001C50
Title: Information Leakage Vulnerability in Huawei Products: Exploiting Insufficient Communication Protection
Out-of-Bounds Write Vulnerability on Huawei P20 Smartphones: Denial of Service Exploit
Factory Reset Protection (FRP) Bypass Vulnerability Allows Unauthorized Access to Smartphones
Improper Authentication Vulnerability in Huawei Mate 10 Pro Smartphones
FRP Bypass Vulnerability in Huawei Mate10 Pro Smartphones
Factory Reset Protection (FRP) Bypass Vulnerability in Huawei Mate10 Smartphones
Buffer Overflow Vulnerability in Huawei MediaPad M3, Mate 9 Pro, and P10 Plus
Use After Free Vulnerability in HUAWEI Mate 10 Smartphones
Memory Leak Vulnerability in Huawei Products
Race condition vulnerability in store_int_with_restart() function in Linux kernel through version 4.15.7 allows local users to cause denial of service (panic)
Stored XSS Vulnerability in Eramba e1.0.6.033 via /programScopes Description Parameter
Reflected XSS Vulnerability in Eramba e1.0.6.033 CSV File Inclusion Tab
NULL function pointer dereference vulnerability in libvips before 8.6.3
NULL Pointer Dereference Vulnerability in libgraphite2 1.3.11's Segment.cpp
Heap-based Buffer Overflow in PoDoFo::PdfTokenizer::GetNextToken() in PdfTokenizer.cpp
Heap-based Buffer Over-read Vulnerability in PoDoFo 0.9.5's UnescapeName() in PdfName.cpp
Infinite Loop Vulnerability in PoDoFo 0.9.5's PdfParserObject::ParseFileComplete() Allows for Denial-of-Service Attacks
Directory Traversal Vulnerability in Apache Ambari Allows Unauthorized File Access
HTTP Smuggling and Cache Poisoning Vulnerabilities in Apache Traffic Server
Apache Traffic Server (ATS) Multiple Range Request Vulnerability
Cross-Site Scripting Vulnerability in Apache ActiveMQ Administration Console
Privilege Escalation and Remote Code Execution in Apache CouchDB
Arbitrary File Write Vulnerability in Apache Storm
Zip Slip Vulnerability in Apache Hadoop 3.1.0 and Earlier Versions
Apache Solr XML External Entity Expansion (XXE) and XInclude Vulnerability
Null Pointer Dereference DoS Vulnerability in mod_md Challenge Handler
Unauthenticated Server Join Vulnerability in Apache ZooKeeper
Apache Batik 1.x Deserialization Remote Code Execution Vulnerability
Insecure Default CORS Filter Settings in Apache Tomcat
Endless Recursive Function Call Vulnerability in Apache ORC File Parser
Unauthenticated Remote Code Execution via JMX/RMI in Apache Cassandra
Infinite Loop Vulnerability in Apache Tika's IptcAnpaParser
Arbitrary Code Execution via Apache Ignite Serialization Vulnerability
Incorrect Handling of Invalid OCSP Responses in Apache Tomcat Native
Apache Tomcat Native OCSP Pre-Produced Responses Authentication Bypass Vulnerability
Remote Code Execution Vulnerability in Superset Versions Prior to 0.23
Invalid TLS Handshake Vulnerability in Apache Traffic Server (ATS) 6.2.2
Timing Attack Vulnerability in Apache Mesos JWT Implementation
Apache Spark UI Cross-Site Scripting (XSS) Vulnerability
Race-condition vulnerability in Apache HBase Thrift 1 API Server over HTTP (CVE-2018-8025)
Apache Solr XML External Entity Expansion (XXE) and XInclude Vulnerability
Apache Camel 2.20.0 to 2.20.3 and 2.21.0 Core XXE in XSD Validation Processor Vulnerability
Unauthenticated Access and Data Manipulation Vulnerability in Apache Sentry
Privilege Escalation Vulnerability in Apache Hadoop
Denial of Service Vulnerability in Apache Qpid Broker-J Versions 7.0.0-7.0.4
Apache TomEE Console (tomee-webapp) XSS Vulnerability
Cross-Site Scripting (XSS) Vulnerability in Apache Axis 1.x up to and including 1.4 Default Servlet/Services
External Entity (XXE) Injection in Apache OFBiz HTTP Engine
Missing Host Name Verification in TLS with WebSocket Client
Unfiltered User Input Execution in Apache UIMA DUCC (<= 2.2.2)
Apache PDFBox AFMParser Out of Memory Vulnerability
Race condition vulnerability in Apache Tomcat 9.0.0.M9 to 9.0.9 and 8.5.5 to 8.5.31
XML External Entity (XXE) Injection in Apache CXF Fediz
Improper Exception Handling in Apache CXF Allows Man-in-the-Middle Attacks
ESI Plugin Cookie Header Access Vulnerability
Apache Camel Mail Path Traversal Vulnerability
Exposure of Passwords in Apache Ambari Agent Log Messages
Unimac MDIO Probe Function Null Pointer Dereference Vulnerability
Vulnerability: Incorrect Access Control in K7Antivirus Premium 15.1.0.53
SQL Injection Vulnerability in Joomla! User Notes List View
Unsanitized getTip() Method of Action Columns in Sencha Ext JS 4 to 6 before 6.6.0 Allows XSS Attacks
Reflected Cross-Site Scripting (XSS) Vulnerability in vtiger CRM 7.0.1
Loofah Gem 2.2.0: HTML Attribute Whitelisting Bypass Vulnerability
Denial of Service Vulnerability in Unisys Stealth SVG
Denial of Service Vulnerability in af_get_page() Function in AFFLIB
Physical Path Leakage in Western Bridge Cobub Razor 0.8.0 via Invalid Channel Name Parameter
SQL Injection Vulnerability in Western Bridge Cobub Razor 0.8.0
XSS Vulnerability in CMS Made Simple (CMSMS) 2.2.6 via pagedata Parameter
Missing SSL Certificate Validation in NGINX Configuration Examples for SUSE Portus 2.3 with Docker Compose
Null Pointer Dereference Vulnerability in HWiNFO AMD64 Kernel Driver
Vulnerability: Unprivileged User Can Perform Direct Physical Memory Read/Write in HWiNFO AMD64 Kernel Driver
Cross-Site Scripting (XSS) Vulnerability in Comtrend AR-5387un Devices with A731-410JAZ-C04_R02.A2pD035g.d23i Firmware
User Mode Write Access Violation in Flexense SyncBreeze Enterprise 10.6.24 Web Server
XSS Vulnerability in QCMS Version 3.0 via webname Parameter
XSS Vulnerability in QCMS Version 3.0 via /guest/index.html URI
Stored XSS Vulnerability in Mautic Theme Config File
Stack-based Buffer Overflow in EDIMAX IP Cameras
Remote Code Execution in Yii 2.x via Redis Extension (CVE-2018-7269 variant)
Unintended Search Condition Injection in Yii 2.x before 2.0.15
Type Confusion Vulnerability in ZenMate 1.5.4 for macOS
Stored XSS Vulnerability in YzmCMS 3.7 via advertisement/adver/edit.html Title Parameter
Linux Kernel Memory Leak Vulnerability in hwsim_new_radio_nl Function
Remote Code Execution Vulnerability in org.slf4j.ext.EventData in SLF4J
Insecure Library Loading Vulnerability in Quick Heal Security Software
CSV Injection Vulnerability in Mautic before 2.13.0
Authentication Bypass Vulnerability in Datalust Seq before 4.2.605
Arbitrary Code Execution via Code Injection in Eve (pyeve) before 0.7.5
Integer Overflow in libgit2: Denial of Service via Crafted Repository Index File
Double Free Vulnerability in libgit2: Denial of Service via Crafted Repository Index File
Heap-based Buffer Overflow in JPXStream::readTilePart Function in xpdf 4.00
Denial of Service Vulnerability in xpdf 4.00 via JPXStream::inverseTransformLevel Function
Denial of Service Vulnerability in xpdf 4.00 via JBIG2Stream.cc
Denial of Service Vulnerability in xpdf 4.00 via JBIG2Stream::readGenericBitmap Function
Heap-based Buffer Over-read Vulnerability in xpdf 4.00's BufStream::lookChar Function
Denial of Service Vulnerability in xpdf 4.00 via JPXStream::fillReadBuf Function
Denial of Service Vulnerability in xpdf 4.00 via JPXStream::readTilePartData Function
Denial of Service Vulnerability in xpdf 4.00 via JPXStream::close Function
XSS Vulnerability in Bui's Select Component
Microsoft Edge Remote Code Execution Vulnerability
Microsoft Edge Remote Code Execution Vulnerability
Cross-Origin Security Bypass Vulnerability in Microsoft Edge
Internet Explorer 11 MOTW Bypass Vulnerability
Internet Explorer Scripting Engine Memory Corruption Vulnerability
Windows Host Compute Service Shim Remote Code Execution Vulnerability
Windows Denial of Service Vulnerability in Graphics Component
Keystroke Hijacking Vulnerability in Microsoft Wireless Keyboard 850
Internet Explorer Memory Corruption Vulnerability: Remote Code Execution
Azure IoT SDK AMQP Spoofing Vulnerability
Win32k Elevation of Privilege Vulnerability in Windows
Windows Kernel Object Initialization Information Disclosure Vulnerability
Internet Explorer Remote Code Execution Vulnerability
Microsoft Edge Information Disclosure Vulnerability
Win32k Elevation of Privilege Vulnerability in Multiple Windows Versions
Microsoft Edge Remote Code Execution via Memory Corruption Vulnerability
UMCI Policy Validation Failure in Internet Explorer 11
Windows Kernel Object Memory Handling Vulnerability
Scripting Engine Memory Corruption Vulnerability in Microsoft Edge
Windows Security Feature Bypass Vulnerability in Device Guard
Chakra Scripting Engine Remote Code Execution Vulnerability in Microsoft Edge
Windows Security Feature Bypass Vulnerability in Device Guard
Chakra Scripting Engine Remote Code Execution Vulnerability in Microsoft Edge
Windows Kernel API Elevation of Privilege Vulnerability
Windows Object Memory Handling Remote Code Execution Vulnerability
Scripting Engine Memory Corruption Vulnerability in Microsoft Edge
Scripting Engine Memory Corruption Vulnerability in Microsoft Edge
Cortana Elevation of Privilege Vulnerability in Windows 10 Servers and Windows 10
Windows Kernel Object Memory Handling Vulnerability
Kernel Driver Signature Validation Bypass Vulnerability in Windows
Chakra Scripting Engine Memory Disclosure Vulnerability
Memory Object Handling Vulnerability in Microsoft Excel Allows Remote Code Execution
Memory Object Handling Vulnerability in Microsoft Excel Allows Remote Code Execution
Microsoft SharePoint Elevation of Privilege Vulnerability
Outlook Attachment Block Filter Security Bypass Vulnerability
Microsoft Exchange Memory Corruption Vulnerability
Microsoft Exchange Server Elevation of Privilege Vulnerability in Outlook Web Access
Microsoft Exchange Server Outlook Web Access Spoofing Vulnerability
Microsoft Exchange Remote Code Execution Vulnerability
Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft Office Remote Code Execution Vulnerability
Microsoft Office Remote Code Execution Vulnerability
Microsoft Exchange OWA Elevation of Privilege Vulnerability
Outlook Message Opening Vulnerability: Information Disclosure Exploit
Microsoft Office Remote Code Execution Vulnerability
Memory Object Handling Vulnerability in Microsoft Excel Allows Remote Code Execution
Memory Disclosure Vulnerability in Microsoft Excel
Win32k Elevation of Privilege Vulnerability in Multiple Windows Versions
DirectX Graphics Kernel Elevation of Privilege Vulnerability
Win32k Elevation of Privilege Vulnerability in Multiple Windows Versions
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Microsoft SharePoint Elevation of Privilege Vulnerability
HIDParser Elevation of Privilege Vulnerability
Windows Kernel Image Elevation of Privilege Vulnerability
ASP.NET Security Feature Bypass: Unvalidated Incorrect Login Attempts
Unbuilt Project Source Markup Remote Code Execution in Visual Studio
Memory Object Handling Vulnerability in Microsoft InfoPath
VBScript Engine Remote Code Execution Vulnerability in Windows Operating Systems
Windows 10 WEBDAV Denial of Service Vulnerability
XML Content Validation Failure in Microsoft PowerPoint: Remote Code Execution Vulnerability
Chakra Scripting Engine Remote Code Execution Vulnerability
Microsoft Browser Memory Corruption Vulnerability: Remote Code Execution Exploit
Edge Memory Corruption Vulnerability: Remote Code Execution Exploit
Device Guard Code Integrity Policy Security Feature Bypass Vulnerability
Device Guard Code Integrity Policy Security Feature Bypass Vulnerability
.NET Framework Elevation of Privilege Vulnerability
Device Guard Code Integrity Policy Security Feature Bypass Vulnerability
Windows Memory Object Handling Vulnerability
Windows FTP Server Denial of Service Vulnerability
Windows Kernel Object Memory Handling Vulnerability
Windows Desktop Bridge Elevation of Privilege Vulnerability
Windows Wireless Network Profile Information Disclosure Vulnerability
Windows Remote Code Execution Vulnerability
Device Guard Code Integrity Policy Security Feature Bypass Vulnerability in Windows 10 Servers
Device Guard Code Integrity Policy Security Feature Bypass Vulnerability
Windows Remote Code Execution Vulnerability in Memory Handling
Windows Desktop Bridge Elevation of Privilege Vulnerability
Device Guard Code Integrity Policy Security Feature Bypass Vulnerability
Device Guard Code Integrity Policy Security Feature Bypass Vulnerability
Device Guard Code Integrity Policy Security Feature Bypass Vulnerability
Windows Hyper-V Denial of Service Vulnerability
Hypervisor Code Integrity Elevation of Privilege Vulnerability
Device Guard Code Integrity Policy Security Feature Bypass Vulnerability
Device Guard Code Integrity Policy Security Feature Bypass Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
Windows DNSAPI Remote Code Execution Vulnerability
HTTP.sys Denial of Service Vulnerability in HTTP 2.0 Protocol Stack
Chakra Scripting Engine Remote Code Execution Vulnerability in Microsoft Edge
Chakra Scripting Engine Remote Code Execution Vulnerability in Microsoft Edge
HTTP Protocol Stack Remote Code Execution Vulnerability
Microsoft Visual Studio Macro Assembler Tampering Vulnerability
Win32k Elevation of Privilege Vulnerability in Windows 10 and Windows 10 Servers
Microsoft Edge Information Disclosure Vulnerability
Cross-Origin Security Bypass Vulnerability in Microsoft Edge
Microsoft Edge Remote Code Execution Vulnerability
UNC Path Link Security Bypass Vulnerability in Skype for Business and Lync
Windows GDI Information Disclosure Vulnerability
Scripting Engine Memory Corruption Vulnerability in Internet Explorer
ChakraCore Remote Code Execution Vulnerability
Outlook Attachment Header Validation Elevation of Privilege Vulnerability
Lockdown Bypass Vulnerability in Microsoft Publisher Allows Remote Code Execution
Memory Disclosure Vulnerability in Microsoft Excel: Exposing Sensitive Information
Microsoft Office Web Apps Server and Office Online Server Elevation of Privilege Vulnerability
Excel Remote Code Execution Vulnerability
Internet Explorer 11 Remote Code Execution Vulnerability
Media Foundation Memory Corruption Vulnerability
Microsoft SharePoint Server Elevation of Privilege Vulnerability
Lockscreen Browsing Vulnerability in Microsoft Cortana
Microsoft SharePoint Elevation of Privilege Vulnerability
PowerShell Remote Code Execution Vulnerability
.NET Framework Remote Code Execution Vulnerability in Source Markup Validation
Microsoft Edge Remote Code Execution via Memory Corruption Vulnerability
Critical Remote Code Execution Vulnerability in Microsoft Exchange Server
Chakra Scripting Engine Memory Corruption Vulnerability in Microsoft Edge
Scripting Engine Memory Corruption Vulnerability in Internet Explorer
OData Denial of Service Vulnerability in Microsoft.Data.OData
Windows Bowser.sys Memory Object Handling Information Disclosure Vulnerability
SQL Server Buffer Overflow Vulnerability: Remote Code Execution Risk
Microsoft Edge Remote Code Execution via Memory Corruption Vulnerability
Microsoft Edge Remote Code Execution via Memory Corruption Vulnerability
Control Flow Guard Bypass Vulnerability in Microsoft Chakra Scripting Engine
Microsoft Edge HTML Content Spoofing Vulnerability
Microsoft Edge Remote Code Execution via Memory Corruption Vulnerability
Chakra Scripting Engine Remote Code Execution Vulnerability in Microsoft Edge
Memory Object Handling Vulnerability in Microsoft Office Software
Win32k Elevation of Privilege Vulnerability in Windows
ChakraCore Remote Code Execution Vulnerability
.NET Framework Remote Code Injection Vulnerability
Chakra Scripting Engine Remote Code Execution Vulnerability in Microsoft Edge
Scripting Engine Memory Corruption Vulnerability in Microsoft Browsers
Scripting Engine Memory Corruption Vulnerability in Microsoft Browsers
Microsoft Edge Information Disclosure Vulnerability
Chakra Scripting Engine Remote Code Execution Vulnerability in Microsoft Edge
Scripting Engine Memory Corruption Vulnerability in Microsoft Browsers
Redirect Information Disclosure Vulnerability in .NET Core
Chakra Scripting Engine Remote Code Execution Vulnerability in Microsoft Edge
Internet Explorer Scripting Engine Memory Corruption Vulnerability
Microsoft Edge Information Disclosure Vulnerability
ChakraCore Remote Code Execution Vulnerability
Microsoft SharePoint Server Elevation of Privilege Vulnerability
Unvalidated Source Markup in Microsoft SharePoint Allows Remote Code Execution
Microsoft Edge Remote Code Execution via Memory Corruption Vulnerability
Microsoft Exchange Remote Code Execution Vulnerability
Windows DNSAPI Denial of Service Vulnerability
Windows Mail Client Information Disclosure Vulnerability
Exploiting Command Injection in Microsoft Wireless Display Adapter V2 Software
WordPad Embedded OLE Objects Security Bypass Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
Windows Denial of Service Vulnerability: Memory Object Handling Issue
Microsoft Outlook Attachment Tampering Vulnerability
Skype for Business and Microsoft Lync Remote Code Execution Vulnerability
Memory Object Handling Vulnerability in Microsoft Access
Windows Kernel API Elevation of Privilege Vulnerability
Windows Elevation of Privilege Vulnerability: Sandbox Escape
Microsoft Scripting Engine Information Disclosure Vulnerability
Internet Explorer Remote Code Execution Vulnerability in Hyperlink Validation
Arithmetic Computation Vulnerability in MSR JavaScript Cryptography Library
DNS Global Blocklist Security Feature Bypass Vulnerability
Microsoft SharePoint Server Elevation of Privilege Vulnerability
Microsoft Edge Information Disclosure Vulnerability
Microsoft Edge Information Disclosure Vulnerability
Open Source Customization for AD FS XSS Vulnerability
PowerShell Editor Services Remote Code Execution Vulnerability
Linux On Windows Elevation Of Privilege Vulnerability
Windows Kernel Information Disclosure Vulnerability
Excel Remote Code Execution Vulnerability
Win32k Graphics Remote Code Execution Vulnerability
Microsoft Filter Manager Elevation Of Privilege Vulnerability
Windows SMB Denial of Service Vulnerability
Windows Kernel Information Disclosure Vulnerability
Case Sensitivity Security Bypass Vulnerability in Windows Subsystem for Linux
Windows Installer Insecure Library Loading Elevation of Privilege Vulnerability
AD FS Multi-Factor Authentication Bypass Vulnerability
Windows Kernel Object Memory Handling Vulnerability
Windows NDIS Buffer Overflow Vulnerability
Windows NDIS Buffer Overflow Vulnerability
Windows Font Library Remote Code Execution Vulnerability
LNK Remote Code Execution Vulnerability in Microsoft Windows
LNK Remote Code Execution Vulnerability in Microsoft Windows
Windows Kernel Elevation of Privilege Vulnerability in Symbolic Link Parsing
Windows Kernel Information Disclosure Vulnerability
Microsoft COM for Windows Remote Code Execution Vulnerability
Windows PDF Library Remote Code Execution Vulnerability
Cross-Frame Interaction Vulnerability in Microsoft Browsers
Scripting Engine Memory Corruption Vulnerability in Internet Explorer
Scripting Engine Memory Corruption Vulnerability in Microsoft Edge
Scripting Engine Memory Corruption Vulnerability in Microsoft Browsers
.NET Framework Security Feature Bypass Vulnerability
Sandbox Escape: Microsoft Browser Elevation of Privilege Vulnerability
Redirect Handling Security Bypass Vulnerability in Microsoft Edge
ChakraCore Remote Code Execution Vulnerability
.NET Framework Multi-Tenant Information Disclosure Vulnerability
Microsoft Edge Fetch API Information Disclosure Vulnerability
Chakra Scripting Engine Remote Code Execution Vulnerability in Microsoft Edge
WebAudio Library Audio Request Handling Vulnerability in Microsoft Edge
Scripting Engine Memory Corruption Vulnerability in Internet Explorer
Scripting Engine Memory Corruption Vulnerability in Microsoft Browsers
Scripting Engine Memory Corruption Vulnerability in Internet Explorer
Profile Data Tampering Vulnerability in Microsoft Exchange Server
Memory Object Handling Vulnerability in Microsoft Excel Software
PowerPoint Remote Code Execution Vulnerability
Microsoft Edge Remote Code Execution Vulnerability
Uninitialized Variable in Microsoft Office: Memory Disclosure Vulnerability
Memory Object Handling Vulnerability in Microsoft Excel
Chakra Scripting Engine Remote Code Execution Vulnerability in Microsoft Edge
Chakra Scripting Engine Remote Code Execution Vulnerability in Microsoft Edge
Memory Disclosure Vulnerability in Microsoft Excel: Exposing Sensitive Information
Microsoft Edge HTTP Content Parsing Spoofing Vulnerability
Chakra Scripting Engine Remote Code Execution Vulnerability
Scripting Engine Memory Corruption Vulnerability in Microsoft Browsers
Microsoft Edge Remote Code Execution Vulnerability
Microsoft Edge HTML Content Spoofing Vulnerability
Scripting Engine Memory Corruption Vulnerability in Internet Explorer
ChakraCore Remote Code Execution Vulnerability
ChakraCore Remote Code Execution Vulnerability
Microsoft JET Database Engine Remote Code Execution Vulnerability
Microsoft JET Database Engine Buffer Overflow Remote Code Execution Vulnerability
Windows GDI Memory Disclosure Vulnerability
Windows GDI Memory Disclosure Vulnerability
GDI+ Remote Code Execution Vulnerability in Windows Server 2008, Windows 7, and Windows Server 2008 R2
Windows GDI Memory Disclosure Vulnerability
Win32k Elevation of Privilege Vulnerability in Windows 10 Servers
DirectX Graphics Kernel Elevation of Privilege Vulnerability in Windows 10 Servers
DXGKRNL Elevation of Privilege Vulnerability in Windows
Memory Corruption Vulnerability in Microsoft Browsers: Remote Code Execution
Win32k Elevation of Privilege Vulnerability in Multiple Windows Versions
DirectX Graphics Kernel Elevation of Privilege Vulnerability
DXGKRNL Elevation of Privilege Vulnerability in Windows
MSRPC Information Disclosure Vulnerability in Windows Operating Systems
Windows Kernel Information Disclosure Vulnerability
System.IO.Pipelines Denial of Service Vulnerability in .NET Core 2.1 and ASP.NET Core 2.1
Windows Kernel API Registry Object Handling Elevation of Privilege Vulnerability
NTFS Access Control Vulnerability
Microsoft AutoUpdate (MAU) Office Elevation of Privilege Vulnerability
Windows Theme API Remote Code Execution Vulnerability
Windows Shell Path Validation Remote Code Execution Vulnerability
Unlogged Code Execution Vulnerability in Microsoft PowerShell
.NET Core Tampering Vulnerability in File Handling
Device Guard Bypass Vulnerability in Microsoft JScript
Windows Kernel Information Disclosure Vulnerability
MS XML Remote Code Execution Vulnerability
.NET Framework Remote Code Execution Vulnerability
Windows GDI Memory Disclosure Vulnerability
JET Database Engine Remote Code Execution Vulnerability
Windows GDI Information Disclosure Vulnerability
Microsoft Edge HTML Content Spoofing Vulnerability
Microsoft Office SharePoint XSS Vulnerability
Microsoft Graphics Components Information Disclosure Vulnerability
Microsoft SharePoint Server Elevation of Privilege Vulnerability
Memory Disclosure Vulnerability in Microsoft Excel: Exposing Sensitive Information
Word PDF Remote Code Execution Vulnerability
Microsoft SharePoint Elevation of Privilege Vulnerability
Microsoft Graphics Components Remote Code Execution Vulnerability
Windows Graphics Component Information Disclosure Vulnerability
Windows Hyper-V Information Disclosure Vulnerability
Windows Hyper-V BIOS Loader High-Entropy Source Security Bypass Vulnerability
Windows Hyper-V Denial of Service Vulnerability
Windows Hyper-V Denial of Service Vulnerability
Windows Hyper-V Network Switch Denial of Service Vulnerability
Windows Hyper-V Remote Code Execution Vulnerability
Windows ALPC Elevation of Privilege Vulnerability
Windows Subsystem for Linux Integer Overflow Elevation of Privilege Vulnerability
Windows Kernel Information Disclosure Vulnerability
Windows Kernel Object Memory Handling Vulnerability
Windows SMBv2 Information Disclosure Vulnerability
Windows Kernel Information Disclosure Vulnerability in Windows 10 and Windows 10 Servers
Windows Kernel Information Disclosure Vulnerability
Internet Explorer Memory Corruption Remote Code Execution Vulnerability
Microsoft Exchange Server Elevation of Privilege Vulnerability in Outlook Web Access
Device Guard Security Feature Bypass Vulnerability
Windows Search Remote Code Execution Vulnerability
Scripting Engine Information Disclosure Vulnerability in Microsoft Browsers
Win32k Elevation of Privilege Vulnerability in Multiple Windows Versions
Windows Audio Service Information Disclosure Vulnerability
Windows Kernel Object Memory Handling Elevation of Privilege Vulnerability
ChakraCore Scripting Engine Memory Corruption Vulnerability
Scripting Engine Memory Corruption Vulnerability in Microsoft Browsers
ChakraCore Scripting Engine Memory Corruption Vulnerability
Internet Explorer 11 Remote Code Execution Vulnerability
Internet Explorer Remote Code Execution Vulnerability
DirectX Graphics Kernel Elevation of Privilege Vulnerability
Escape from AppContainer Sandbox: Microsoft Edge Elevation of Privilege Vulnerability
Edge PDF Reader Remote Code Execution Vulnerability
Chakra Scripting Engine Remote Code Execution Vulnerability in Microsoft Edge
Chakra Scripting Engine Remote Code Execution Vulnerability in Microsoft Edge
Chakra Scripting Engine Remote Code Execution Vulnerability in Microsoft Edge
Sandbox Escape: Windows Elevation of Privilege Vulnerability
Escape from AppContainer Sandbox: Microsoft Edge Elevation of Privilege Vulnerability
Universal Cross-Site Scripting (UXSS) Vulnerability in Internet Explorer 11
Microsoft RemoteFX Virtual GPU Miniport Driver Elevation of Privilege Vulnerability
Windows GDI Information Disclosure Vulnerability
Microsoft Edge Remote Code Execution via Memory Corruption Vulnerability
Security Feature Bypass Vulnerability in Lync for Mac 2011
Windows Image File Remote Code Execution Vulnerability
Windows Deployment Services TFTP Server Remote Code Execution Vulnerability
Windows Kernel Information Disclosure Vulnerability
Azure IoT Device Provisioning C SDK Spoofing Vulnerability
Microsoft SharePoint Elevation of Privilege Vulnerability
Windows Media Player File Information Disclosure Vulnerability
Windows Media Player File Information Disclosure Vulnerability
DirectX Graphics Kernel Elevation of Privilege Vulnerability
DirectX Elevation of Privilege Vulnerability in Multiple Windows Versions
DirectX Information Disclosure Vulnerability
Microsoft SharePoint Elevation of Privilege Vulnerability
Windows Hyper-V Remote Code Execution Vulnerability
Windows Hyper-V Remote Code Execution Vulnerability
Internet Explorer Remote Code Execution Vulnerability
Device Guard Code Integrity Policy Security Feature Bypass Vulnerability
Fragmented IP Packet Information Disclosure Vulnerability in Windows TCP/IP Stack
MS XML Remote Code Execution Vulnerability
Windows Shell URI Handling Remote Code Execution Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
Microsoft SharePoint Elevation of Privilege Vulnerability
ChakraCore Scripting Engine Memory Corruption Vulnerability
Protected View Object Handling Remote Code Execution Vulnerability in Microsoft PowerPoint
Protected View Object Handling Remote Code Execution Vulnerability in Microsoft Excel
Chakra Scripting Engine Remote Code Execution Vulnerability in Microsoft Edge
Protected View Object Handling Remote Code Execution Vulnerability in Microsoft Word
Chakra Scripting Engine Remote Code Execution Vulnerability in Microsoft Edge
Windows Codecs Library Information Disclosure Vulnerability
Microsoft Edge Remote Code Execution Vulnerability
Chakra Scripting Engine Remote Code Execution Vulnerability in Microsoft Edge
Chakra Scripting Engine Remote Code Execution Vulnerability in Microsoft Edge
Microsoft Edge Content Security Policy Bypass Vulnerability
Chakra Scripting Engine Remote Code Execution Vulnerability in Microsoft Edge
Remote Procedure Call Runtime Information Disclosure Vulnerability
.NET Framework Denial of Service Vulnerability
Microsoft SharePoint Elevation of Privilege Vulnerability
Outlook Remote Code Execution Vulnerability
Outlook Remote Code Execution Vulnerability
SQL Server Management Studio XEL File Information Disclosure Vulnerability
Unsecured Communication in Team Foundation Server Allows Remote Code Execution
Cross-Origin Security Feature Bypass in Microsoft Edge
Memory Corruption Vulnerability in Azure IoT Hub Device Client SDK
XML External Entity (XXE) Vulnerability in Microsoft SQL Server Management Studio
XML External Entity (XXE) Vulnerability in Microsoft SQL Server Management Studio
Memory Object Handling Vulnerability in Microsoft Word Software
.NET Framework Remote Code Injection Vulnerability
Chakra Scripting Engine Remote Code Execution Vulnerability in Microsoft Edge
Chakra Scripting Engine Remote Code Execution Vulnerability in Microsoft Edge
Chakra Scripting Engine Remote Code Execution Vulnerability in Microsoft Edge
VBScript Engine Remote Code Execution Vulnerability in Windows Operating Systems
Cross-Origin Information Disclosure Vulnerability in Microsoft Edge
Skype for Business Denial of Service Vulnerability
Active Directory Federation Services XSS Vulnerability
Kernel Driver Signature Validation Bypass Vulnerability in Windows
Windows COM Aggregate Marshaler Elevation of Privilege Vulnerability
Chakra Scripting Engine Remote Code Execution Vulnerability in Microsoft Edge
Windows Scripting Engine Memory Disclosure Vulnerability
Critical Remote Code Execution Vulnerability in Microsoft Graphics Components
DirectX Elevation of Privilege Vulnerability in Windows 10 Servers, Windows 10, and Windows Server 2019
Chakra Scripting Engine Remote Code Execution Vulnerability in Microsoft Edge
Chakra Scripting Engine Remote Code Execution Vulnerability in Microsoft Edge
Chakra Scripting Engine Remote Code Execution Vulnerability in Microsoft Edge
Microsoft Outlook Information Disclosure Vulnerability
DirectX Elevation of Privilege Vulnerability in Multiple Windows Versions
Win32k Elevation of Privilege Vulnerability in Multiple Windows Versions
DirectX Information Disclosure Vulnerability in Multiple Windows Versions
Microsoft Edge HTML Content Spoofing Vulnerability
Win32k Kernel Information Disclosure Vulnerability
BitLocker Security Feature Bypass Vulnerability in Windows
Cross-Domain Information Injection Vulnerability in Microsoft Edge
Microsoft SharePoint Elevation of Privilege Vulnerability
Yammer Desktop App Arbitrary Content Loading Remote Code Execution Vulnerability
Internet Explorer 11 Remote Code Execution Vulnerability
Microsoft SharePoint Elevation of Privilege Vulnerability
Object Memory Handling Vulnerability in Microsoft Word
Excel Remote Code Execution Vulnerability
Memory Object Handling Vulnerability in Microsoft Project Software
Outlook Remote Code Execution Vulnerability
Microsoft Excel Remote Code Execution Vulnerability
Microsoft SharePoint Folder Structure Information Disclosure Vulnerability
Outlook File Attachment Information Disclosure Vulnerability
Cross-Site Search Attack Vulnerability in Microsoft SharePoint Server
Critical Elevation of Privilege Vulnerability in Microsoft Exchange Server
Outlook Rule Export File Remote Code Execution Vulnerability
Chakra Scripting Engine Remote Code Execution Vulnerability in Microsoft Edge
Windows ALPC Elevation of Privilege Vulnerability
Outlook Object Memory Handling Remote Code Execution Vulnerability
Chakra Scripting Engine Remote Code Execution Vulnerability in Microsoft Edge
Windows Win32k Elevation of Privilege Vulnerability
Windows 10 Elevation of Privilege Vulnerability via Physical Media Installation
Windows GDI Information Disclosure Vulnerability
Windows GDI Information Disclosure Vulnerability
Excel Remote Code Execution Vulnerability
Memory Disclosure Vulnerability in Microsoft Excel (CVE-2020-XXXX)
Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability
Unsanitized User Input in Azure App Services on Azure Stack: Cross-site Scripting (XSS) Vulnerability
Team Foundation Server Cross-site Scripting Vulnerability
Profile Data Tampering Vulnerability in Microsoft Exchange Server
Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability
Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability
Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability
Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability
Microsoft Dynamics 365 (on-premises) version 8 Remote Code Execution Vulnerability
Windows Kernel Elevation of Privilege Vulnerability
Connected User Experiences and Telemetry Service Denial of Service Vulnerability
Chakra Scripting Engine Remote Code Execution Vulnerability in Microsoft Edge
Chakra Scripting Engine Remote Code Execution Vulnerability in Microsoft Edge
VBScript Execution Policy Bypass in Internet Explorer
Windows Kernel Information Disclosure Vulnerability
Windows Kernel Information Disclosure Vulnerability
Chakra Scripting Engine Remote Code Execution Vulnerability in Microsoft Edge
VBScript Engine Remote Code Execution Vulnerability in Internet Explorer
Windows DNS Server Heap Overflow Vulnerability
Uninitialized Variable in Microsoft Excel Leads to Information Disclosure
PowerPoint Object Memory Handling Remote Code Execution Vulnerability
Chakra Scripting Engine Remote Code Execution Vulnerability in Microsoft Edge
Internet Explorer Memory Corruption Vulnerability
Microsoft Text-To-Speech Remote Code Execution Vulnerability
Microsoft SharePoint Server Elevation of Privilege Vulnerability
Excel Remote Code Execution Vulnerability
Win32k KASLR Bypass Vulnerability in Windows Kernel
DirectX Information Disclosure Vulnerability in Windows 10 and Windows Server 2019
Win32k Elevation of Privilege Vulnerability in Multiple Windows Versions
Win32k Elevation of Privilege Vulnerability in Windows
Scripting Engine Memory Corruption Vulnerability in Internet Explorer
Windows Denial of Service Vulnerability in Memory Handling
Microsoft Office SharePoint XSS Vulnerability
Microsoft Dynamics NAV Cross Site Scripting Vulnerability
Windows Azure Pack Rollup 13.1 Cross-site Scripting Vulnerability
Scripting Engine Memory Corruption Vulnerability in Internet Explorer
Microsoft Dynamics 365 Server Elevation of Privilege Vulnerability
Remote Code Execution Vulnerability in WooCommerce Products Filter Plugin
Local File Inclusion Vulnerability in WooCommerce Products Filter Plugin
Webmin Local File Include Vulnerability
Arbitrary File Transfer and Information Disclosure in Honeywell MatrikonOPC OPC Controller
Authentication Bypass Vulnerability in Embedthis HTTP Library and Appweb
XSS Vulnerability in WSO2 Identity Server Dashboard
CSRF Vulnerability in joyplus-cms 1.6.0 Allows Unauthorized Administrator Account Creation
CSRF Vulnerability in Mailer Plugin for Jenkins Allows Unauthorized Mail Sending
Unrestricted Access to WP Security Audit Log Files in WordPress Plugin
XSS Vulnerability in ServiceNow ITSM 2016-06-02: First Name/Last Name Field and Search Bar
Stored XSS Vulnerability in Zoho ManageEngine EventLog Analyzer 11.0 Build 11000 - index2.do?url=editAlertForm&tab=alert&alert=profile URI
Multiple XSS Vulnerabilities in Zoho ManageEngine Desktop Central 9.1.0 Build 91099
Vulnerability: Incorrect Access Control in K7AntiVirus Premium 15.1.0.53
Buffer Overflow Vulnerability in K7AntiVirus Premium 15.01.00.53: Execute Arbitrary Code (Local)
Buffer Overflow Vulnerability in K7Antivirus Premium 15.1.0.53: Execute Arbitrary Code (Local)
Path Traversal Vulnerability in Mirasys DVMS Workstation 5.12.6 and Earlier
Cross-Site Scripting (XSS) Vulnerability in Kontena Master Login Code Display
Unescaped Title Cross-Site Scripting (XSS) Vulnerability in Activity Log Plugin for WordPress
Arbitrary Web Script Injection Vulnerability in WampServer 3.1.1
Nagios XI Core Config Manager Authentication Bypass Vulnerability
Arbitrary SQL Command Execution in Nagios XI Core Config Manager
Nagios XI Remote Command Execution (RCE) Vulnerability
Root Privilege Escalation via RCE Vulnerability in Nagios XI 5.2.x - 5.4.x
Stored XSS Vulnerability in Bookme Control Panel 2.0 Application's Customers Book Me Function
Cross-Site Scripting (XSS) Vulnerability in Airties 5444 1.0.0.18 and 5444TT 1.0.0.18 Devices
Root Privilege Escalation Vulnerability in VPN Unlimited 4.2.0 for macOS
SQLite NULL Pointer Dereference Vulnerability
Directory Traversal Vulnerability in SquirrelMail 1.4.22 Allows Unauthorized File Exfiltration
Bleichenbacher Attack on IKEv1 Implementation in Clavister cOS Core
Out-of-Bounds Data Size Vulnerability in libevt_record_values_read_event() Function
Unauthenticated Configuration File Download Vulnerability in NuCom WR644GACV Devices
Arbitrary Code Execution via Eval Injection in YzmCMS v3.7.1
Price Modification Vulnerability in Yxcms Building System v1.4.7
XSS Vulnerability in LDAP Account Manager before 6.3
CSRF Token Placement Vulnerability in Roland Gruber Softwareentwicklung LDAP Account Manager
Denial of Service and Potential Impact Vulnerability in 2345 Security Guard 3.6
Remote Code Execution Vulnerability in joyplus-cms 1.6.0 via Arbitrary File Upload
XSS Vulnerability in joyplus-cms 1.6.0 via manager/admin_ajax.php?action=save&tab={pre}vod_type
Jupyter Notebook Vulnerability: Maliciously Forged Notebook Files Exploit JavaScript Execution
Buffer Over-read Vulnerability in elfutils 0.170's ebl_dynamic_tag_name Function
Physical Path Leakage Vulnerability in Western Bridge Cobub Razor 0.8.0
Cross-Site Scripting (XSS) Vulnerability in Coship RT3052 4.0.0.48 Wireless Setting - Basic Screen
WEBrick Server Denial of Service Vulnerability
Buffer under-read vulnerability in Ruby's String#unpack method allows for massive information disclosure
Null Character Vulnerability in UNIXServer.open and UNIXSocket.open Methods
Unintentional Directory Traversal Vulnerability in Ruby's Dir Methods
Integer-Overflow Vulnerability in udl_fb_mmap Function Allows Code Execution in Kernel Space
Heap-Based Buffer Overflow in FreeRDP's zgfx_decompress_segment() Function
Heap-Based Buffer Overflow in FreeRDP's zgfx_decompress() Function
Integer Truncation Vulnerability in FreeRDP prior to version 2.0.0-rc4
Integer Overflow leading to Heap-Based Buffer Overflow in FreeRDP's gdi_Bitmap_Decompress() Function
Out-of-Bounds Write Vulnerability in FreeRDP's nsc_rle_decode() Function
Out-Of-Bounds Reads in FreeRDP NTLM Authentication Module Leading to Denial of Service
Local Privilege Escalation in Check Point ZoneAlarm Version 15.3.064.17729 and Below
Out-Of-Bounds Read Vulnerability in rdesktop v1.8.3: Information Leak in rdpdr_process()
Out-Of-Bounds Read Vulnerability in rdesktop v1.8.3
Heap-Based Buffer Overflow in rdesktop v1.8.3: Potential Remote Code Execution
Integer Overflow in rdesktop v1.8.3: Out-Of-Bounds Write Vulnerability with Remote Code Execution Potential
Heap-Based Buffer Overflow in rdesktop v1.8.3: Integer Overflow Vulnerability
Out-Of-Bounds Read Vulnerability in rdesktop v1.8.3: Denial of Service (segfault)
Heap-Based Buffer Overflow in rdesktop v1.8.3: Remote Code Execution Vulnerability
Out-Of-Bounds Read Vulnerability in rdesktop v1.8.3: Information Leak in rdpsnd_process_ping()
Out-Of-Bounds Read Vulnerability in rdesktop v1.8.3: Denial of Service (segfault)
Heap-Based Buffer Overflow in rdesktop v1.8.3: Remote Code Execution Vulnerability
SSRF Vulnerability in GitLab Community and Enterprise Editions
SQL Injection Vulnerability in ePortal Manager's Management Interface
Double Free Vulnerability in ImageMagick 7.0.7-25 Q16
XSS Vulnerability in Yxcms Building System v1.4.7 via extend_guestbook.php
Use-after-free vulnerability in libming 0.4.8's decompileArithmeticOp function in decompile.c
Use-after-free vulnerability in libming 0.4.8's decompileCALLFUNCTION function in decompile.c
Heap-based Buffer Over-read in r_asm_disassemble function of radare2 2.4.0
Heap-based Buffer Over-read in radare2 2.4.0's dalvik_op Function
Heap-based Buffer Over-read in get_ivar_list_t function of mach0_classes.c in radare2 2.4.0
OpenCMS 10.5.3 Cross-Site Request Forgery (CSRF) Privilege Escalation Vulnerability
Open Redirect Vulnerability in WolfCMS 0.8.3.1 Login Functionality
CSRF Vulnerability in WolfCMS 0.8.3.1 Allows Remote Authentication Hijacking
Arbitrary Script Injection via SVG Image in Alkacon OpenCMS 10.5.3 Gallery Function
CSRF Vulnerability in Wampserver's add_vhost.php
XML External Entity (XXE) Vulnerability in Automated Logic Corporation (ALC) WebCTRL Versions 6.0, 6.1, and 6.5 Allows Disclosure of Server File Contents
Time Based SQL Injection Vulnerability in Square 9 GlobalForms 6.2.x
Denial of Service Vulnerability in Jungo DriverWizard WinDriver 12.6.0
Buffer Overflow in ncp_read_kernel Function in Linux Kernel
Arbitrary PHP Code Execution in Responsive Mega Menu Pro Module for PrestaShop
SQL Injection Vulnerability in Responsive Mega Menu (Horizontal+Vertical+Dropdown) Pro Module
Buffer Overflow Vulnerability in Google TensorFlow 1.7 and Below: Arbitrary Code Execution (Local)
Remote Code Execution Vulnerability in ASUS RT-Series Routers
Unsanitized User Input in Technicolor MediaAccess TG789vac v2 HP Log Viewer Interface Allows for XSS
Buffer Overflow Vulnerability in Kamailio
Persistent XSS Vulnerability in Kodi (formerly XBMC) 17.6 Allows Arbitrary Code Execution via Playlist
XSS Vulnerability in enhavo 0.4.0 via User-Group Name
Remote Code Execution via Heap-based Buffer Overflow in Advantech WebAccess HMI Designer 2.1.7.32 and Prior
Heap-based Buffer Overflow in Omron CX-One Project Files
Remote Code Execution Vulnerability in Advantech WebAccess HMI Designer 2.1.7.32 and Prior
Remote Denial-of-Service Vulnerability in Wago 750 Series PLCs
Remote Code Execution via Specially Crafted .pm3 Files in Advantech WebAccess HMI Designer 2.1.7.32 and Prior
Vulnerability in Message Management Function in Yokogawa CENTUM CS and CENTUM VP Systems
Multiple Stack-Based Buffer Overflow Vulnerabilities in Delta PMSoft Versions 2.10 and Prior
Remote Code Execution Vulnerability in InduSoft Web Studio and InTouch Machine Edition
Improper Privilege Management Vulnerability in Advantech WebAccess
Cleartext Transmission Vulnerability in Philips e-Alert Unit
Use After Free Vulnerability in Rockwell Automation Arena Simulation Software
Insufficient Request Verification in Philips e-Alert Unit (non-medical device) Web Application
Heap-Based Buffer Overflow Vulnerability in Advantech WebAccess
Cross-Site Scripting (XSS) Vulnerability in Philips e-Alert Unit (non-medical device)
Stack-based Buffer Overflow Vulnerability in Eaton 9000X DriveA Versions 2.0.29 and Prior
Incorrect Permissions Vulnerability in Philips e-Alert Unit (non-medical device), Version R2.1 and prior
Unencrypted Storage of PII and PHI in Medtronic N'Vision Clinician Programmer
Input Validation Vulnerability in Philips e-Alert Unit (non-medical device) Version R2.1 and Prior
Plaintext Password Storage Vulnerability in Echelon SmartServer and i.LON Devices
Session Hijacking Vulnerability in Philips e-Alert Unit (non-medical device) Version R2.1 and Prior
Elevated Privileges and Unauthorized Resource Access in Philips Brilliance CT Devices
Resource Consumption Vulnerability in Philips e-Alert Unit (non-medical device), Version R2.1 and prior
Unencrypted Web Connections and Unsecure FTP in Echelon SmartServer and i.LON Devices
Hard-coded Cryptographic Key Vulnerability in Philips e-Alert Unit (non-medical device)
Fixed Credentials Vulnerability in Philips Brilliance CT Software
Firmware Vulnerability: Credential Extraction in VGo Robot (Versions 3.0.3.52164 and 3.0.3.53662)
Authentication Bypass Vulnerability in Echelon SmartServer and i.LON Devices
Firmware Update Capture Vulnerability in Vecna VGo Robot Versions Prior to 3.0.3.52164
Break-out and Privilege Escalation Vulnerabilities in Philips Brilliance CT Kiosk Environment
Remote Triggering of False Alarms in ATI Systems Emergency Mass Notification Systems
Potential Information Disclosure Vulnerability in Philips EncoreAnywhere HTTP Header
Remote Triggering of False Alarms in ATI Systems Emergency Mass Notification Systems
Stack-based Buffer Overflow Vulnerability in Lantech IDS 2102 2.0 and Prior
Command Injection Vulnerability in Vecna VGo Robot Versions Prior to 3.0.3.52164
Remote Denial of Service Vulnerability in GE PACSystems Devices
Debug Code Allows Unauthorized Access to Implantable Cardiac Devices
Arbitrary Input Vulnerability in Lantech IDS 2102 2.0 and Prior
Hard-coded Operating System Password in Medtronic MyCareLink Patient Monitor
Heap-based Buffer Overflow Vulnerability in Delta Electronics Automation TPEditor Version 1.89 or Prior
Memory Address Verification Bypass Vulnerability in Schneider Electric Triconex Tricon MP Model 3008 Firmware Versions 10.0-10.4
Denial of Service and Potential Impact in 2345 Security Guard 3.6
Denial of Service and Potential Impact Vulnerability in 2345 Security Guard 3.6
Denial of Service and Potential Impact Vulnerability in 2345 Security Guard 3.6
Denial of Service and Potential Impact Vulnerability in 2345 Security Guard 3.6
Remote Information Disclosure in Asuswrt-Merlin and ASUS Firmware
Remote Information Disclosure in Asuswrt-Merlin and ASUS Firmware
Remote Code Execution Vulnerability in Asuswrt-Merlin Firmware for ASUS Devices
Lutron Quantum BACnet Integration 2.0 Firmware 3.2.243 - User Authentication Bypass and Internal Network Information Disclosure Vulnerability
Heap-Based Buffer Over-Read Vulnerability in NASM 2.13.02rc2
Stack-Based Buffer Under-Read Vulnerability in NASM 2.13.02rc2's ieee_shr Function
Buffer Over-read Vulnerability in NASM 2.13.02rc2's parse_line Function
Race condition vulnerability in screen-resolution-extra 0.17.2 allows local users to bypass access restrictions via mishandling of a setuid or pkexec process in the PolicyKit D-Bus API.
Stored Cross-Site Scripting (XSS) Vulnerability in BlackBerry UEM Management Console
Arbitrary File Retrieval Vulnerability in BlackBerry Enterprise Mobility Server (BEMS)
Session hijacking vulnerability in BlackBerry UEM Management Console
Stored Cross-Site Scripting (XSS) Vulnerabilities in BlackBerry UEM Management Console
CSRF Vulnerability in BlackBerry UEM Management Console
CSRF Vulnerability in Z-BlogPHP 1.5.1 Plugin Edit Allows Arbitrary PHP Code Execution
Denial of Service and Potential Impact Vulnerability in 2345 Security Guard 3.6
Denial of Service and Potential Impact Vulnerability in 2345 Security Guard 3.6
Denial of Service and Potential Impact Vulnerability in 2345 Security Guard 3.6
Vulnerability: Unexpected Behavior in #DB Exceptions Deferred by MOV SS or POP SS Instructions
Authentication Bypass Vulnerability in D-Link DSL-3782 Router Login Panel
XSS Vulnerability in IdentityServer IdentityServer4 1.x and 2.x
Cross-Site Scripting (XSS) Vulnerability in License Manager Service of HASP SRM, Sentinel HASP, and Sentinel LDK Products
LDAP Password Disclosure Vulnerability in Ivanti Avalanche
Shared Key Encryption Vulnerability in Ivanti Avalanche
Cross-Site Scripting (XSS) Vulnerability in Open-AudIT Professional 2.1 Credentials Screen
Denial of Service Vulnerability in Windows Master 7.99.13.604
Heap-based Buffer Overflow in LibTIFF 4.0.9 via Crafted TIFF File
XSS Vulnerability in dsmall v20180320 via Crafted Street Address
CSRF Vulnerability in Frog CMS 0.9.5 User Add Functionality
Arbitrary File Write Vulnerability in Wire Application for Android (CVE-XXXX-XXXX)
Cross-Site Scripting (XSS) Vulnerability in Synology Drive Attachment Preview
XSS Vulnerability in Synology Note Station Attachment Preview
Arbitrary Code Injection via SYNO.NoteStation.Note in Synology Note Station
Missing Custom Error Page Vulnerability in Synology Web Station
SQL Injection Vulnerability in Synology Media Server UPnP DMA
Arbitrary Code Injection via Title Parameter in Synology Calendar
Unverified Password Change Vulnerability in Synology DiskStation Manager (DSM)
Arbitrary Web Script Injection Vulnerability in Synology DiskStation Manager (DSM)
Arbitrary Web Script Injection in Synology Router Manager (SRM) info.cgi
Credential Theft Vulnerability in Synology DiskStation Manager (DSM) before 6.1.6-15266
Arbitrary Content Injection Vulnerability in Log Exporter in Synology DiskStation Manager (DSM)
Arbitrary Code Injection through File Name in Synology Drive's File Sharing Notify Toast
Improper Access Control Vulnerability in Synology Drive
XSS Vulnerability in Synology File Station Attachment Preview
Cross-site scripting (XSS) vulnerability in Synology Office Title Tooltip
CSRF Vulnerability in Synology Photo Station Allows Authentication Hijacking
Permissive Regular Expression Vulnerability in Synology Photo Station Allows Privilege Escalation via fullname Parameter
Arbitrary Event Creation Vulnerability in SYNO.Cal.Event
Arbitrary Script Injection in Synology CardDAV Server Address Book Editor
Man-in-the-Middle Vulnerability in Synology SSL VPN Client
MASTERKEY-1, MASTERKEY-2, and MASTERKEY-3: Insufficient Hardware Validated Boot Enforcement in AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile Processor Chips
RYZENFALL-1: Insufficient Access Control in AMD Ryzen Processor Chips
RYZENFALL: Insufficient Access Control Vulnerability in AMD Ryzen and Ryzen Pro Processor Chips
FALLOUT: Insufficient Access Control in AMD EPYC Server Processor Chips
CHIMERA-FW: The Hidden Backdoor in AMD Ryzen and Ryzen Pro Platforms
CHIMERA-HW: The Hidden Backdoor in AMD Ryzen and Ryzen Pro Platforms
Critical Privilege Escalation Vulnerability Found in AMD EPYC, Ryzen, and Ryzen Pro Processors
Open-AudIT Professional 2.1 Open Redirect Vulnerability
Code Injection Vulnerability in Ipswitch WhatsUp Gold
SSRF Vulnerability in Ipswitch WhatsUp Gold Allows Unauthorized Access and Remote Command Execution
XML External Entity (XXE) Vulnerability in Enghouse Cloud Contact Center Platform 7.2.5
Buffer Overflow Vulnerability in D-Link DSL-3782 Diagnostics Functionality
XSS Vulnerability in Xiuno BBS 4.0.0 Admin Page's Sitename Parameter
PHPSHE 1.6 Userbank Parameter SQL Injection Vulnerability
Arbitrary File Upload Vulnerability in PHPOK 4.8.338
Denial of Service Vulnerability in BFD Library's bfd_section_from_shdr Function
Base64 Encoding Vulnerability in rap2hpoutre Laravel Log Viewer
Multiple XSS Vulnerabilities in MISP before 2.4.89 via Malicious MISP Module
Critical API Integrity Bug in MISP Allows Unauthorized Attribute Deletion
SQL Injection Vulnerability in CA Workload Automation AE
Remote Code Execution Vulnerability in CA Workload Control Center
Arbitrary Code Execution via Filename Manipulation in BitDefender GravityZone Installer
Broadcast Client Clock Synchronization Vulnerability in ntpd 4.2.8p10-4.2.8p13
XSS Vulnerability in CoverCMS v1.1.6 via index.php and admina/mconfigs.inc.php
Heap-based Buffer Over-read in ReadTIFFImage function of ImageMagick 7.0.7-26 Q16
Use-after-free vulnerability in libming 0.4.8's decompilePUSHPARAM function in decompile.c
Use-after-free vulnerability in libming 0.4.8 allows remote attackers to cause denial of service via crafted swf file in decompileSingleArgBuiltInFunctionCall function of decompile.c.
Use-after-free vulnerability in libming 0.4.8's decompileGETVARIABLE function in decompile.c
Use-after-free vulnerability in libming 0.4.8's decompileDELETE function in decompile.c
Arbitrary File Deletion Vulnerability in zzcms 8.2
PHP Code Injection Vulnerability in zzcms 8.2 via siteurl Parameter
SQL Injection Vulnerability in zzcms 8.2 via adv2.php?action=modify
Directory Traversal Vulnerability in zzcms 8.2 Allows Arbitrary File Deletion
Directory Traversal Vulnerability in zzcms 8.2 Allows Arbitrary File Deletion
Silent Omission of Hostname Verification in LibreSSL 2.7.0
Incorrect Omniauth-Auth0 Configuration in GitLab Leading to Unauthorized User Sign-In
CSRF Vulnerability in Creditwest Bank CMS Project (CWCMS) Allows Remote Code Injection
XSS Vulnerability in OTCMS 3.20 via admin/keyWord_deal.php?mudi=add Endpoint
Code Injection Vulnerability in MicrobeTRACE 0.1.11 Allows Remote Code Execution
Heap-based Buffer Over-read in Netpbm's pm_mallocarray2 Function
Exiv2 0.26 Denial of Service Vulnerability in jpgimage.cpp
Denial of Service Vulnerability in Exiv2 0.26
XSS Vulnerability in Open-AudIT Professional 2.1 via Crafted IMG SRC Attribute
CSRF and XSS Vulnerabilities in Open-AudIT Professional 2.1
Denial of Service Vulnerability in Windows Master 7.99.13.604
Denial of Service Vulnerability in Windows Master 7.99.13.604
Denial of Service Vulnerability in Windows Master 7.99.13.604
Denial of Service Vulnerability in Windows Master 7.99.13.604
Denial of Service Vulnerability in Windows Master 7.99.13.604
Denial of Service Vulnerability in Windows Master 7.99.13.604
Denial of Service Vulnerability in Windows Master 7.99.13.604
Denial of Service Vulnerability in Windows Master 7.99.13.604
Denial of Service Vulnerability in Windows Master 7.99.13.604
Denial of Service Vulnerability in Windows Master 7.99.13.604
Denial of Service Vulnerability in Advanced SystemCare Ultimate 11.0.1.58
Denial of Service Vulnerability in Advanced SystemCare Ultimate 11.0.1.58
Denial of Service and Potential Impact Vulnerability in Advanced SystemCare Ultimate 11.0.1.58
Denial of Service Vulnerability in Advanced SystemCare Ultimate 11.0.1.58
Denial of Service Vulnerability in Advanced SystemCare Ultimate 11.0.1.58
Denial of Service Vulnerability in Advanced SystemCare Ultimate 11.0.1.58
Denial of Service Vulnerability in Advanced SystemCare Ultimate 11.0.1.58
Denial of Service Vulnerability in Advanced SystemCare Ultimate 11.0.1.58
Denial of Service Vulnerability in Advanced SystemCare Ultimate 11.0.1.58
Denial of Service Vulnerability in Advanced SystemCare Ultimate 11.0.1.58
Use-after-free vulnerability in libming 0.4.8's decompileJUMP function in decompile.c
Absolute Path Traversal Vulnerability in Intelbras TELEFONE IP TIP200/200 LITE 60.0.75.29
Physical Path Leakage in dsmall v20180320 via public/index.php/home/predeposit/index.html?pdr_sn= Request
XSS Vulnerability in dsmall v20180320 via pdr_sn Parameter
Cross-Site Scripting (XSS) Vulnerability in dsmall v20180320 via Public Home Page Search Box
XSS Vulnerability in dsmall v20180320: Member Search Box at public/index.php/home/membersnsfriend/findlist.html URI
Divide-by-Zero Vulnerability in GraphicsMagick 1.3.28's ReadMNGImage Function
SQL Injection Vulnerability in Dolibarr before Version 7.0.2: Remote Code Execution via sortfield Parameter
Cross-Site Scripting (XSS) Vulnerability in Events Manager Plugin for WordPress
CA Privileged Access Manager 2.8.2 and Earlier: Remote Command Execution Vulnerability
CA Privileged Access Manager 2.8.2 and Earlier: Remote Code Execution via Configuration File Poisoning
Arbitrary Command Execution Vulnerability in CA Privileged Access Manager 2.x
IP Address Spoofing Vulnerability in CA Privileged Access Manager 2.x
Remote Log Poisoning Vulnerability in CA Privileged Access Manager 2.x
Session Fixation Vulnerability in CA Privileged Access Manager 2.x
Reflected Cross-Site Scripting Vulnerability in CA Privileged Access Manager 2.x
Weak Cryptography for Passwords in CA Privileged Access Manager 2.x: A Breach Waiting to Happen
SQL Injection Vulnerability in CA Privileged Access Manager 2.x
Client-side Password Disclosure Vulnerability in TNLSoftSolutions Sentry Vision 3.x Login Interface
Authentication Bypass Vulnerability in D-Link DIR-850L Router Allows SharePort Web Access Portal Bypass
Arbitrary JavaScript Injection Vulnerability in Relevanssi Plugin for WordPress
CSV Injection Vulnerability in ExportToCsvUtf8.php of Contact Form 7 to Database Extension Plugin 2.10.32 for WordPress
Stored XSS Vulnerability in CheckSec Canopy 3.x before 3.0.7
Remote Code Execution in Monstra CMS 3.0.4 via Zip File Upload
Remote File Deletion Vulnerability in Monstra CMS 3.0.4
Variable Scoping Vulnerability in Octopus Deploy 2.0 and later
Denial of Service Vulnerability in Advanced SystemCare Ultimate 11.0.1.58
Denial of Service and Potential Impact Vulnerability in Advanced SystemCare Ultimate 11.0.1.58
Denial of Service and Potential Impact Vulnerability in Advanced SystemCare Ultimate 11.0.1.58
Denial of Service Vulnerability in Advanced SystemCare Ultimate 11.0.1.58
Denial of Service Vulnerability in Advanced SystemCare Ultimate 11.0.1.58
Denial of Service Vulnerability in Windows Master 7.99.13.604
Denial of Service Vulnerability in Windows Master 7.99.13.604
Denial of Service Vulnerability in Windows Master 7.99.13.604
Denial of Service Vulnerability in Windows Master 7.99.13.604
Denial of Service Vulnerability in Windows Master 7.99.13.604
Denial of Service Vulnerability in Windows Master 7.99.13.604
Denial of Service Vulnerability in Windows Master 7.99.13.604
Denial of Service Vulnerability in Windows Master 7.99.13.604
Denial of Service Vulnerability in Windows Master 7.99.13.604
Denial of Service Vulnerability in Windows Master 7.99.13.604
Denial of Service Vulnerability in JasPer 2.0.14 via Reachable Assertion in jpc_firstone Function
BranchScope: Unauthorized Information Disclosure via Speculative Execution Side-Channel Attack
Insecure PRNG Algorithm and Seeding in AWS IAM User Login Profile Provisioning
Infinite Loop Denial of Service Vulnerability in Long Range Zip (lrzip) 0.631
Remote Code Execution Vulnerability in Easy File Sharing (EFS) Web Server 7.2 via Malicious Login Request
Lenovo ThinkPad BIOS Vulnerability: Arbitrary Code Injection Exploit
Buffer Overflow Vulnerability in Lenovo System Update
Authentication Bypass Vulnerability in Lenovo xClarity Administrator
Credential Store Vulnerability in Lenovo xClarity Administrator
Command Injection Vulnerability in Lenovo xClarity Administrator
Insufficient Access Control in Lenovo Help Android App: Potential Exposure of Email Addresses and IMEI
Hard-coded SFTP Credentials Vulnerability in IMM2
Race Condition Vulnerability in Lenovo IdeaPad BIOS Flash Device Locking Mechanism
Factory Test Mode Vulnerability in Lenovo Smart Assistant Android App
Lenovo Chassis Management Module (CMM) Prior to Version 2.0.0 Information Disclosure Vulnerability
Insufficient Input Sanitization in LXCI for VMware Allows Unauthorized File Downloads
Hardcoded Encryption Key Vulnerability in Lenovo Chassis Management Module (CMM)
Path Traversal Vulnerability in Iomega, Lenovo, LenovoEMC NAS Devices
Command Injection Vulnerability in Iomega, Lenovo, LenovoEMC NAS Devices
Command Injection Vulnerability in Iomega, Lenovo, LenovoEMC NAS Devices
Command Injection Vulnerability in Iomega, Lenovo, LenovoEMC NAS Devices
Arbitrary JavaScript Execution via SVG Upload in Iomega/Lenovo NAS Devices
DOM Manipulation and Arbitrary JavaScript Execution in Iomega and Lenovo NAS Devices
Session Hijacking Vulnerability in Iomega, Lenovo, LenovoEMC NAS Devices
Cross-Site Scripting (XSS) Vulnerability in Iomega, Lenovo, LenovoEMC NAS Devices
Unauthenticated Password Change Vulnerability in Iomega, Lenovo, LenovoEMC NAS Devices
Weak Default Root Credentials in System Management Module (SMM) Versions Prior to 1.06
Bypassing Software Update Validation in System Management Module (SMM) Versions Prior to 1.06
Unset Write Protection Lock Bit Vulnerability in Lenovo and IBM System x Servers
Command Injection Vulnerability in Lenovo ThinkServer BMC Firmware Download Command
Default Credentials and XSS Vulnerability in CoreOS Tectonic
Critical Remote Code Execution Vulnerability in KEMP LoadMaster Operating System (LMOS) Allows System Compromise and Data Exposure
CSRF Vulnerability in MiniCMS 1.10 Allows Unauthorized Password Change
Mitel MiVoice Connect and ST Reflected XSS Vulnerability
SQL Injection Vulnerability in Mitel MiVoice Connect and ST 14.2
Mitel MiVoice Connect and ST Conferencing Component Reflected XSS Vulnerability
Mitel MiVoice Connect and ST Conferencing Component Reflected XSS Vulnerability
Privilege Escalation Vulnerability in NordVPN for macOS
CSV Injection in Acyba AcySMS Extension for Joomla!
CSV Injection in Acyba AcyMailing Extension for Joomla
CSRF Vulnerability in QuickAppsCMS 2.0.0-beta2 Allows Unauthorized Account Creation with Admin Privileges
Directory Traversal and File Deletion Vulnerability in Studio 42 elFinder
Directory Traversal and File Deletion Vulnerability in Studio 42 elFinder
Cross Site Scripting (XSS) Vulnerability in Foxconn FEMTO AP-FC4064-T AP_GT_B38_5.8.3lb15-W47 LTE Build 15
Vulnerability: Privilege Escalation via Weak Default Password and Cookie Manipulation
Code Injection Vulnerability in Centers for Disease Control and Prevention MicrobeTRACE 0.1.12
SitaWare 6.4 SP2 Vulnerability: Freezing of Situational Layer through Unvalidated Input
WireMock XXE Vulnerability: Remote File Access and DoS
Directory Traversal Vulnerability in WireMock before 2.16.0
Directory Traversal Vulnerability in 99 Robots WP Background Takeover Advertisements Plugin
Unauthenticated Bluetooth Access Vulnerability in BrilliantTS FUZE Card
Stored Cross-Site Scripting Vulnerability in Crea8social 2018.2 via Post
Stored Cross-Site Scripting Vulnerability in Crea8social 2018.2 via Post Comment
Reflected Cross-Site Scripting Vulnerability in Crea8social 2018.2 via /search URI
Stored Cross-Site Scripting Vulnerability in Crea8social 2018.2 User Profiles
Remote Code Execution Vulnerability in DNNArticle Module 11 for DNN
Improper Handling of Wildcard Certificates in Botan 2.2.0 - 2.4.0 (Fixed in 2.5.0)
Buffer Overflow Vulnerability in DVD X Player Standard 5.5.3.9 via Crafted .plf File
Bleichenbacher Vulnerability in ZyXEL ZyWALL/USG Series Devices' IKE Handshake Implementation
XSS Vulnerability in IBOS 4.4.3 via Company Full Name
NULL Pointer Dereference in libming 0.4.8 getInt Function in decompile.c File
Excessive Iteration Denial of Service Vulnerability in ImageMagick 7.0.7-26 Q16
Arbitrary File Rename Vulnerability in DedeCMS 5.7
Heap-Based Buffer Over-Read Vulnerability in ImageMagick 7.0.7-24 Q16
Denial of Service (BSOD) Vulnerability in Jungo DriverWizard WinDriver 12.6.0 via Crafted .exe File
CSV Injection Vulnerability in Open-AudIT before 2.2
Stack Exhaustion in C++ Demangling Functions in GNU libiberty
Buffer Overflow Vulnerability in Samsung Mobile Devices with N(7.x) Software
XSS and Arbitrary File Loading Vulnerability in Samsung Email Application (SVE-2017-10747)
Remote Code Execution Vulnerability in Samsung Gallery App (SVE-2017-11105)
Insecure Package Validation in Samsung Secure Folder on N(7.x) Software (SVE-2017-10932)
Heap Overflow Vulnerability in Samsung Mobile Devices with M(6.0) and N(7.x) Software
Out-of-Bounds Read Vulnerability in Exiv2 0.26's binaryToString Function
SIGABRT vulnerability in DataBuf constructor in Exiv2 0.26
Arbitrary Web Script Injection in Gespage Software (Version 7.5.7) via user_reg.jsp
Session Token Embedding in Filenames Vulnerability in Western Digital WD My Cloud v04.05.00-320 Devices
Vulnerability: Unauthorized Access and Backdoor in Zyxel Multy X (AC3000 Tri-Band WiFi System)
NULL Pointer Dereference Vulnerability in Kingsoft Internet Security 9+ Kernel Driver
Arbitrary PHP Code Execution in Z-BlogPHP 1.5.1 Plugin Upload Component
Remote Denial of Service Vulnerability in JasPer 2.0.14: Reachable Abort in jpc_dec_process_sot Function
Open-AudIT Professional 2.1.1 XSS Vulnerability in Component Names
Unauthenticated Remote Code Execution via Webshell Upload on AXIS P1354 IP Camera Firmware 5.90.1.1
Unauthenticated Remote Code Execution via Webshell Upload on AXIS M1033-W IP Camera Firmware 5.40.5.1
Denial of Service Vulnerability in AXIS M1033-W IP Camera Firmware 5.40.5.1
Path Traversal Vulnerability in Spark (Versions before 2.7.2)
ClearText Credential Exposure in SickRage HTTP Responses
Hardcoded Password Vulnerability in Prisma Industriale Checkweigher PrismaWEB 1.21
Unauthenticated Access Control Vulnerability in Contec Smart Home 4.15 Devices
Stored XSS Vulnerability in Zoho ManageEngine Recovery Manager Plus before 5.3 (Build 5350)
NULL Pointer Dereference Vulnerability in libming through 0.4.8
XSS Vulnerability in Z-BlogPHP 1.5.1 via zb_users/plugin/AppCentre/plugin_edit.php app_id Parameter
Iptanus WordPress File Upload Plugin Shortcode Attribute Mishandling Vulnerability
Arbitrary Script Injection in GetSimple CMS 3.3.13 via XSS Vulnerability in uploadify.swf
Arbitrary PHP Code Execution in DedeCMS 5.7 via sys_verifies.php
Arbitrary PHP Code Execution in DedeCMS 5.7 via egroup Parameter
XSS Vulnerability in Twonky Server 8.5.1: Folder Name on Shared Folders Screen
XSS Vulnerability in Twonky Server Language Parameter
XSS Vulnerability in Joom Sky JS Jobs Extension for Joomla!
Fortinet FortiOS 6.0.0 and below: Information Disclosure Vulnerability in Single Sign-On Feature
Fortinet FortiAuthenticator XSS Vulnerability: Unauthorized Script Execution via CSRF Validation Failure
Null Pointer Dereference Vulnerability in Fortinet FortiClientWindows 6.0.2 and Earlier: Denial of Service via NDIS Miniport Driver
Fortinet FortiClient for Windows 6.0.4 and earlier Local Privilege Escalation via Named Pipe
Vulnerability: Plaintext Recovery and Man-in-the-Middle Attack on RSA PKCS #1 v1.5 Encryption in Fortinet FortiOS
Fortinet FortiClient for Windows 6.0.4 and earlier: Local Privilege Escalation Vulnerability
Vulnerability: Plaintext Recovery and Man-in-the-Middle Attack on RSA PKCS #1 v1.5 Encryption in Fortinet FortiOS 5.4.6 to 5.4.9, 6.0.0, and 6.0.1 under VIP SSL Feature with CPx
Hardcoded Cryptographic Key Vulnerability in FortiGuard Services Communication Protocol
Unauthenticated File Path Manipulation Vulnerability in avatar_uploader v7.x-1.0-beta8
Critical Unauthenticated Arbitrary File Upload Vulnerability in Blueimp jQuery-File-Upload
Arbitrary File Upload Vulnerability in jQuery Upload File <= 4.0.2
Unauthenticated Arbitrary File Upload Vulnerability in jQuery Picture Cut <= v1.1Beta
Unauthenticated Arbitrary File Upload Vulnerability in FineUploader PHP-Traditional-Server v1.2.2
OpenResty URI Parameter Limit Bypass Vulnerability
Firmware Authentication Bypass Vulnerability in T&W WIFI Repeater BE126 Devices
Unsalted SHA-1 Hash Vulnerability in Sophos Endpoint Protection 10.7
Lack of Key Certification Enforcement in GnuPG 2.2.4 and 2.2.5
Reflected Cross-Site Scripting Vulnerability in iScripts SonicBB 1.0 via search.php
Stored Cross-Site Scripting Vulnerability in iScripts EasyCreate 3.2.1 Site Title Field
Stored Cross-Site Scripting Vulnerability in iScripts EasyCreate 3.2.1's Site Description Field
XSS Vulnerability in Yahei-PHP Proberv 0.4.7 via funName Parameter
NULL Pointer Dereference Vulnerability in ncmpc 0.29: Chat Message Crash and Denial of Service
File Deletion Vulnerability in PAN-OS Management Web Interface
XSS Vulnerability in GitLab Community and Enterprise Editions 8.4 - 10.4
Cross-Site Scripting (XSS) Vulnerability in GitLab Community and Enterprise Editions (9.2 - 10.4)
Critical SQL Injection Vulnerability in Ericsson-LG iPECS NMS A.1Ac Login Portal
Shell Code Injection in PGObject::Util::DBAdmin Module
Arbitrary SQL Execution and PHP Code Injection in Gxlcms QY v1.0.0713
Authentication Bypass Vulnerability in FiberHome VDSL2 Modem HG 150-UB Devices
Authentication Bypass Vulnerability in FiberHome VDSL2 Modem HG 150-UB Devices
Arbitrary SQL Command Execution in OpenEMR v5_0_1_1
Denial of Service Vulnerability in libxml2 2.9.8 with LZMA Decompression
Denial of Service Vulnerability in JasPer 2.0.14 via jpc_abstorelstepsize Function
LWAPP Dissector Crash Vulnerability in Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13
Infinite Loop Vulnerability in Wireshark CQL Dissector (Versions 2.4.0 to 2.4.5)
TCP Dissector Crash Vulnerability in Wireshark 2.4.0 to 2.4.5
MP4 Dissector Crash Vulnerability in Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13
IEEE 802.15.4 Dissector Crash Vulnerability
Heap-based Buffer Overflow in Wireshark NBAP Dissector
Vulnerability: VLAN Dissector Crash in Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13
Kerberos Dissector Crash Vulnerability in Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13
Heap-based Buffer Overflow in ADB Dissector in Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13
Memory Leak in Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13 in packet-tn3270.c
Memory Leak in Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13 in packet-isup.c
Memory Leak in Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13 in packet-lapd.c
Memory Leak in Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13 in packet-smb2.c
Memory Leak in Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13 in packet-giop.c
Memory Leak in Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13 in epan/oids.c
Memory Leak in Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13 in packet-multipart.c
Memory Leak in Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13 in packet-h223.c
Memory Leak in Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13 in packet-pcp.c
Memory Leak in Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13 in ui/failure_message.c
Information Disclosure and Denial of Service Vulnerability in Yubico PAM Module
OS Command Injection Vulnerability in PRTG Network Monitor
Clear-text Password Disclosure in Eaton UPS 9PX 8000 SP Devices
Eaton UPS 9PX 8000 SP SNMP Version 3 Password Disclosure Vulnerability
CSRF and XSS Vulnerabilities in Eaton UPS 9PX 8000 SP Administration Panel
Stored XSS Vulnerability in Subsonic Media Server 6.1.1 Podcast Subscription Form
Stored Cross-Site Scripting (XSS) Vulnerabilities in CremeCRM 1.6.12
Arbitrary Code Execution Vulnerability in D-Link DIR-868L with StarHub Firmware
OS Command Injection in Main_Analysis_Content.asp on ASUS Routers
SSRF (Server Side Request Forgery) in Cockpit 0.4.4 through 0.5.5 allows remote attackers to read arbitrary files or send TCP traffic to intranet hosts via the url parameter
Exiv2 0.26 BigTiffImage Assertion Failure Vulnerability
Denial of Service Vulnerability in Exiv2 0.26: Divide by Zero in BigTiffImage::printIFD
Exiv2 0.26 Out-of-Bounds Read Vulnerability in IptcData::printStructure
XSS Vulnerability in dsmall v20180320 via pdr_sn Parameter
SQL Injection Vulnerability in zzcms 8.2 via id Parameter in dl/dl_sendsms.php
Local Privilege Escalation Vulnerability in MagniComp SysInfo
Remote Attack Vulnerability in BMW Telematics Control Unit (TCU)
USB Device Local Attack Vulnerability in BMW Infotainment System
Bluetooth Remote Attack Vulnerability in BMW Infotainment System
Vulnerability: Physical Access Attack on BMW Infotainment System (HU_NBT)
Remote Attack Vulnerability in BMW Telematics Control Unit (TCU)
USB Device Local Attack Vulnerability in BMW Infotainment System
Vulnerability: Code-Signing Bypass and Root Shell Access in BMW Infotainment System
Unauthenticated Export of All Pads in Etherpad 1.5.x and 1.6.x
Arbitrary Code Execution Vulnerability in Etherpad 1.6.3
Arbitrary Code Execution Vulnerability in Etherpad 1.5.x and 1.6.x
XSS Vulnerability in PHP Scripts Mall Redbus Clone Script 3.0.6 via ter_from or tag parameter in results.php
Stored XSS Vulnerability in register.jsp in Coremail XT3.0
Remote File Deletion Vulnerability in zzcms 8.2
Vulnerability: Incorrect Access Control in K7AntiVirus Premium 15.01.00.53
Buffer Overflow Vulnerability in K7AntiVirus Premium 15.1.0.53: Execute Arbitrary Code (Local) in K7TSMngr.exe
GlobalProtect Password Hashes Disclosure Vulnerability
Arbitrary JavaScript and HTML Injection in PAN-OS Session Browser
Double-Free Memory Vulnerability in OpenVPN 2.4.x before 2.4.6
Arbitrary JavaScript and HTML Injection in PAN-OS Web Interface Administration Page
Infinite Loop DoS Vulnerability in SMF_ParseMetaEvent Function
Out-of-bounds stack write vulnerability in bta_dm_sdp_result of Android
Double Free Vulnerability in bnep_data_ind of bnep_main.c
Out-of-bounds Write Vulnerability in BNEP_Write of bnep_api.cc
Uninitialized Data Read Vulnerability in gatts_process_attribute_req of gatt_sc.cc
Out of Bounds Read Vulnerability in l2c_main.cc
Out of Bounds Read Vulnerability in l2c_main.cc
Out of Bounds Read Vulnerability in l2c_main.cc
Remote Denial of Service Vulnerability in InboundSmsHandler.java
Integer Overflow Vulnerability in hidp_process_report in Bluetooth
Out of Bounds Write Vulnerability in driver_override_store of bus.c
Double Free Vulnerability in driver_override_store and driver_override_show of bus.c
Use-after-free vulnerability in get_futex_key in futex.c allows for local privilege escalation without additional privileges needed
Bypass of User Interaction Requirements in Android-10: Local Privilege Escalation Vulnerability
Out-of-Bounds Write Vulnerability in CopyToOMX of OMXNodeInstance.cpp
Out-of-bounds Read Vulnerability in BNEP Data Indication Function
Out-of-bounds Read Vulnerability in getstring of ID3.cpp
WiFi VPN Connection Vulnerability: Local Denial of Service of Security Updates on Android Devices
Resource Exhaustion Vulnerability in ih264d_video_decode of ih264d_api.c
Path Traversal Vulnerability in readMetadata of Utils.cpp Allows Local Privilege Escalation
Out-of-bounds Write Vulnerability in smp_br_state_machine_event of Android
Out of Bounds Read Vulnerability in avct_bcb_msg_ind of avct_bcb_act.cc
Out-of-bounds Write Vulnerability in avrc_proc_vendor_command of avrc_api.cc
Out of Bounds Read Vulnerability in DynamicRefTable::load of ResourceTypes.cpp
Potential Denial of Service Vulnerability in Android's Layout.java
Out-of-bounds Read Vulnerability in avdt_msg_prs_cfg of avdt_msg.cc
Out-of-bounds Read Vulnerability in BNEP Data Indication Function
Out-of-bounds Read Vulnerability in sdpu_extract_attr_seq of sdp_utils.cc
Contact Information Disclosure Vulnerability in BluetoothPairingController
Interception of Keypresses in RootWindowContainer.java Allows Local Privilege Escalation
Path Traversal Vulnerability in Attachment.java and EmlAttachmentProvider.java Allows Remote Elevation of Privilege
Use-after-free vulnerability in task_get_unused_fd_flags in binder.c allows local users to escalate privileges via crafted use of the /dev/binder driver.
Integer Overflow Vulnerability in ihevcd_parse_sei_payload of ihevcd_parse_headers.c
Use-after-free vulnerability in avrc_pars_browsing_cmd of avrc_pars_tg.cc allows for remote escalation of privilege in Bluetooth service
SELinux Permissions Bypass Vulnerability in crash_dump.te
WiFi Network Information Disclosure Vulnerability
Type Confusion Vulnerability in CollectValuesOrEntriesImpl of elements.cc in Android
Integer Overflow Vulnerability in AMediaCodecCryptoInfo_new of NdkMediaCodec.cpp
Possible Permissions Bypass in checkGrantUriPermissionLocked of ActivityManagerService.java
SQL Injection Vulnerability in Android Download Manager's Content Provider
Out-of-bounds Write Vulnerability in ixheaacd_real_synth_fft_p3 of ixheaacd_esbr_fft.c
Out of Bounds Write Vulnerability in impeg2_fmt_conv_yuv420p_to_yuv420sp_uv_av8
Integer Overflow Vulnerability in SkSampler::Fill of SkSampler.cpp
Uninitialized Data Read Vulnerability in readVector of iCrypto.cpp
Factory Reset Protection Bypass Vulnerability in Android SetupWizard
Out-of-bounds read vulnerability in rfc_process_mx_message of rfc_ts_frames.cc leading to remote information disclosure in Android Bluetooth service
Out-of-bounds Read Vulnerability in rfc_process_mx_message of rfc_ts_frames.cc
Out-of-bounds Write Vulnerability in sdp_copy_raw_data of sdp_discovery.cc
Out of Bounds Read Vulnerability in mca_ccb_hdl_req of mca_cact.cc
Out-of-Bound Read Vulnerability in avrc_msg_cback of avrc_api.cc
Out-of-bounds Read Vulnerability in bta_av_proc_meta_cmd of bta_av_act.cc
Out of Bounds Read Vulnerability in smp_process_keypress_notification of smp_act.cc
Out of Bounds Read Vulnerability in smp_proc_master_id of Android Bluetooth Stack
Out of Bounds Read Vulnerability in smp_proc_enc_info of Android Bluetooth Stack
Uninitialized Data Vulnerability in ipSecSetEncapSocketOwner of XfrmController.cpp
Double Free Vulnerability in copy_process of fork.c in Android Kernel
Use After Free Vulnerability in sdcardfs_open of file.c
Memory Corruption Vulnerability in sdcardfs_create and sdcardfs_mkdir of inode.c
Out of Bounds Write Vulnerability in hid_debug_events_read of Android Kernel
Use-after-free vulnerability in pppol2tp_connect in the Android kernel allows for local privilege escalation
Out-of-bounds Write Vulnerability in NFC LLCP Build SDREQ TLV
Race condition vulnerability in easelcomm_hw_build_scatterlist in Android kernel allows local attackers to escalate privileges via an out-of-bounds write.
Out-of-bounds Write Vulnerability in parseMPEGCCData of NuPlayer2CCDecoder.cpp
Possible Out-of-Bounds Write Vulnerability in StatsLogEventWrapper.java in Android
Parcel Serialization/Deserialization Mismatch Vulnerability in Android
Insufficient Protection of Overlay Windows in Android System UI Allows Local Privilege Escalation
Possible Permissions Bypass in Android SliceBroadcastReceiver for com.android.settings.slice.action.WIFI_CHANGED
Improperly Configured Device Location Disclosure Vulnerability in Android
Out-of-bounds Write Vulnerability in vorbis_book_decodev_set of codebook.c
Out of Bounds Write Vulnerability in ixheaacd_over_lap_add1_armv8 of ixheaacd_overlap_add1.s
Out of Bounds Write Vulnerability in ixheaacd_individual_ch_stream of ixheaacd_channel.c
Out-of-Bounds Write Vulnerability in ixheaacd_tns_ar_filter_dec of ixheaacd_aac_tns.c
Out-of-Bounds Write Vulnerability in AudioSpecificConfig_Parse of tpdec_asc.cpp
Out of Bounds Write Vulnerability in ixheaacd_extract_frame_info_ld of ixheaacd_env_extr.c
Potential Out-of-Bounds Write Read Vulnerability in ixheaacd_dec_data_init of ixheaacd_create.c
Out-of-bounds Write Vulnerability in ixheaacd_mps_getstridemap of ixheaacd_mps_parse.c
Out-of-Bounds Write Vulnerability in ixheaacd_reset_acelp_data_fix of ixheaacd_lpc.c
Out of Bounds Write Vulnerability in libFDK: Remote Code Execution in Android
Out-of-Bounds Write Vulnerability in CAacDecoder_DecodeFrame of aacdecode.cpp
Out-of-bounds Read Vulnerability in V4L2SliceVideoDecodeAccelerator::Dequeue of v4l2_slice_video_decode_accelerator.cc
Race condition vulnerability in ClearKey CAS descrambler allows for local privilege escalation without additional execution privileges (Android)
Out-of-bounds Read Vulnerability in avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.c
Out-of-bounds read vulnerability in avrc_pars_vendor_rsp of avcr_pars_ct.cc in Android
Out-of-bounds Read Vulnerability in avrc_pars_vendor_rsp of avrc_pars_ct.cc
Data Partition Not Wiped During Factory Reset Vulnerability
Out-of-Bounds Read Vulnerability in Bluetooth Service of Android
Out-of-Bound Write Vulnerability in BTA_HdRegisterApp of Android
Improper Input Validation in unflatten of GraphicBuffer.cpp Allows for Local Privilege Escalation in Android
Missing URI Validation in ContentProvider.java Allows Permission Bypass and Local Information Disclosure
Out-of-bounds Write Vulnerability in lppTransposer of lpp_tran.cpp
Out of Bounds Write Vulnerability in CAacDecoder_Init of aacdecoder.cpp in Android
Out-of-Bound Write Vulnerability in CAacDecoder_Init of aacdecoder.cpp in Android
Out-of-bounds Write Vulnerability in ihevcd_sao_shift_ctb of ihevcd_sao.c
Double Free Vulnerability in MasteringMetadata::Parse of mkvparser.cc in Android
Media File Disclosure Vulnerability in Android's IMediaExtractor.cp
Out of Bounds Write Vulnerability in l2c_lcc_proc_pdu of l2c_fcr.cc
Integer Overflow Vulnerability in ParsePayloadHeader of payload_metadata.cc in Android
Uninitialized Data Vulnerability in really_install_package of install.cpp
Out-of-bounds Write Vulnerability in rw_t2t_handle_tlv_detect of rw_t2t_ndef.cc
Out-of-bounds Write Vulnerability in cryptfs.cpp
Out-of-Bounds Write Vulnerability in HID_DevAddRecord of hidd_api.cc
Out-of-Bound Read Vulnerability in llcp_util_parse_connect of Android
Out-of-Bound Read Vulnerability in bta_ag_do_disc of bta_ag_sdp.cc
Out-of-Bound Read Vulnerability in llcp_util_parse_cc of Android
Out-of-Bound Read Vulnerability in llcp_util_parse_link_params of llcp_util.cc
Integer Overflow Vulnerability in readBytes of xltdecwbxml.c in Android
Out-of-bounds Read Vulnerability in Bluetooth Service Search Response Handling
Pixel Devices Vulnerability: Verified Boot Certificate Fingerprint Reuse
Memory Corruption Vulnerability in sk_clone_lock of sock.c
Out-of-Bound Write Vulnerability in impd_init_drc_decode_post_config of impd_drc_gain_decoder.c in Android
Out-of-Bound Write Vulnerability in impd_parse_drc_ext_v1 of impd_drc_dynamic_payload.c in Android
Out-of-Bound Write Vulnerability in impd_parse_loud_eq_instructions of impd_drc_dynamic_payload.c
Out of Bounds Write Vulnerability in impd_drc_parse_coeff of impd_drc_static_payload.c in Android
Out of Bounds Write Vulnerability in impd_parse_filt_block of impd_drc_dynamic_payload.c in Android
Out of Bounds Write Vulnerability in impd_parse_split_drc_characteristic of impd_drc_static_payload.c in Android
Out-of-Bounds Write Vulnerability in impd_parse_dwnmix_instructions of impd_drc_static_payload.c in Android
Out-of-Bounds Write Vulnerability in impd_parse_parametric_drc_instructions of impd_drc_static_payload.c in Android
Out-of-Bounds Write Vulnerability in impd_parametric_drc_parse_gain_set_params of impd_drc_static_payload.c in Android
Out-of-bounds Write Vulnerability in ixheaacd_adts_crc_start_reg of ixheaacd_adts_crc_check.c
HTC Bootloader Elevation of Privilege Vulnerability in Android Kernel
WiFi RSSI and SSID Information Disclosure Vulnerability
Bypass of Unknown Source Warning in Android Package Installer
Out-of-bounds write vulnerability in bta_ag_parse_cmer of Android Bluetooth Server
Out of Bounds Write Vulnerability in NFC Configuration Status Setting
Out of Bounds Write Vulnerability in NFC Routing (Android)
Race condition vulnerability allows local privilege escalation in Android
Confused Deputy Vulnerability in ContactPhotoUtils.java Allows Unauthorized File Access
Out of Bounds Read Vulnerability in avdt_scb_hdl_report of Android Bluetooth Stack
Out-of-bounds Read Vulnerability in Android Wi-Fi Driver
Out-of-bounds Read Vulnerability in add_attr of sdp_discovery.c in Android
Out-of-bounds Read Vulnerability in Android Bluetooth HID Profile Handling
Out-of-bounds Read Vulnerability in mca_ccb_hdl_rsp of Android
Out of Bounds Read Vulnerability in llcp_dlc_proc_i_pdu of Android NFC
Out of Bounds Read Vulnerability in Android NFC (CVE-2019-9506)
Integer Overflow Vulnerability in OCaml's caml_ba_deserialize Function
Vulnerability: Unauthorized Access to Private Issue Details in MantisBT
Bypassing Screen Locker in Open Whisper Signal App for iOS
Out-of-array Access Vulnerability in FFmpeg's Export Function
Replay Attack Vulnerability in CyberArk Password Vault (CVE-2020-XXXX)
Arbitrary Code Execution via Serialized .NET Object in CyberArk Password Vault Web Access REST API
XSS Vulnerability in Iptanus WordPress File Upload Plugin
Critical Vulnerability in Etherpad Lite Allows Unauthorized Admin Access
MX (IMAP) Injection Vulnerability in Roundcube Archive Plugin
Arbitrary PHP Code Execution in Gxlcms QY v1.0.0713 TplAction.class.php
Arbitrary PHP Code Execution Vulnerability in Gxlcms QY v1.0.0713 Upload Function
XML Entity Expansion Denial of Service Vulnerability in Pulse Secure Pulse Connect Secure
Arbitrary File Deletion Vulnerability in Gxlcms QY v1.0.0713
Arbitrary File Read Vulnerability in Gxlcms QY v1.0.0713
SQL Injection Vulnerability in Gxlcms QY v1.0.0713
Privilege Escalation Vulnerability in freeSSHd Version 1.3.1
CSRF Vulnerability in Kotti Local Roles Implementation
XSS Vulnerability in PHP Scripts Mall Match Clone Script 1.0.4 via searchbyid.php
Unquoted Service Path Vulnerability in NAVER Whale
Off-by-one Error in Botan TLS-CBC Ciphertext Processing
Arbitrary web script injection through crafted IMG element in CKEditor Enhanced Image plugin (CVE-2018-1000811)
Numeric Username Vulnerability in runV 1.0.0 for Docker
Stored XSS Vulnerability in WP Live Chat Support Plugin
Arbitrary Code Execution Vulnerability in SonicWall GMS Virtual Appliance
SonicWall SonicOS Certificate Download Vulnerability
Denial of Service Vulnerability in QPDF through 8.0.2
Web-accessible backdoor in Tp-shop 2.0.5 through 2.0.8 allows SSRF and remote command execution
Server Side Request Forgery in K2 SmartForms 4.6.11 via Modified Hostname in Identity STS Forms Scripts URL
Directory Traversal Vulnerability in CMS Made Simple 2.2.7 Allows File Existence and Checksum Disclosure
Physical Path Leakage in idreamsoft iCMS through 7.0.7 via Invalid Nickname Field
CSRF Vulnerability in idreamsoft iCMS 7.0.7
SQL Injection in idreamsoft iCMS 7.0.7 via pid Array Parameter
Cross-Site Scripting (XSS) Vulnerability in idreamsoft iCMS 7.0.7 via nickname field in admincp.php
CSRF Vulnerability in WUZHI CMS 4.1.0 Allows Unauthorized Admin Account Addition
CSRF Vulnerability in WUZHI CMS 4.1.0 Allows Unauthorized User Account Addition
MetInfo 6.0 save.php Cross-Site Scripting (XSS) Vulnerability
Arbitrary Password Change Vulnerability in MetInfo 6.0
Arbitrary Code Execution Vulnerability in Foxit Reader 8.3.2.25013
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.0.29935 (ZDI-CAN-5370)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.0.29935
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.0.29935 (ZDI-CAN-5372)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.0.29935 (ZDI-CAN-5373)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.0.29935 (ZDI-CAN-5374)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.0.29935 (ZDI-CAN-5375)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.0.29935 (ZDI-CAN-5376)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.0.29935 (ZDI-CAN-5377)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.0.29935 (ZDI-CAN-5379)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.0.29935 (ZDI-CAN-5382)
Remote Code Execution Vulnerability in Foxit Reader 9.0.0.29935 via setTimeOut Method
Arbitrary Code Execution via BMP Image Parsing in Foxit Reader 9.0.0.29935
Remote Code Execution Vulnerability in Foxit Reader 9.0.0.29935
Arbitrary Code Execution via TIFF Parsing in Foxit Reader 9.0.0.29935
Remote Code Execution Vulnerability in Foxit Reader 9.0.0.29935
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.0.29935 (ZDI-CAN-5414)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-5527)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-5528)
Arbitrary Code Execution via XFA Button Handling in Foxit Reader 9.0.1.1049
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.1049
Arbitrary Code Execution via XFA Button Title Attribute in Foxit Reader 9.0.1.1049
Arbitrary Code Execution via XFA Button Element in Foxit Reader 9.0.1.1049
Arbitrary Code Execution via Text Annotations in Foxit Reader 9.0.1.1049
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-5432)
Arbitrary Code Execution via textColor Field Attribute Parsing in Foxit Reader 9.0.1.1049
Remote Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-5434)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.1049
Remote Code Execution Vulnerability in Foxit Reader 9.0.1.1049 via JPEG2000 Image Parsing
Remote Code Execution Vulnerability in Foxit Reader 9.0.1.1049 via OCG Object Name Parsing
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-5569)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-5570)
Arbitrary Code Execution via Format Actions in Foxit Reader 9.0.1.1049
Remote Code Execution Vulnerability in Foxit Reader 9.0.1.1049 via Keystroke Actions of TextBox Objects
Arbitrary Code Execution in Foxit Reader 9.0.1.1049 via XFA boundItem Method
Arbitrary Code Execution via XFA execEvent Method in Foxit Reader 9.0.1.1049
Remote Code Execution Vulnerability in Foxit Reader 9.0.1.104 (ZDI-CAN-5754)
Remote Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-5755)
Remote Code Execution Vulnerability in Foxit Reader 9.0.1.1049 via ePub File Parsing
Arbitrary Code Execution Vulnerability in Foxit Reader 9.0.1.1049 (ZDI-CAN-5895)
Arbitrary Code Execution via Shift Event Handling in Foxit Reader 9.0.1.1049
Remote Code Execution Vulnerability in Foxit Reader 9.0.0.29935 via U3D Texture Parsing
Remote Code Execution Vulnerability in Foxit Reader 9.0.0.29935 via U3D Modifier Chain Objects (ZDI-CAN-5427)
Remote Code Execution Vulnerability in Foxit Reader 9.0.0.29935 via U3D File Parsing (ZDI-CAN-5428)
Remote Code Execution Vulnerability in Foxit Reader 9.0.0.29935 via U3D Texture Continuation Objects (ZDI-CAN-5429)
Remote Code Execution Vulnerability in Foxit Reader 9.0.0.29935 via U3D File Parsing
Remote Code Execution Vulnerability in Foxit Reader 9.0.0.29935 via U3D File Parsing (ZDI-CAN-5431)
Arbitrary Code Execution via Texture Width Parsing in Foxit Reader 9.0.0.29935
Remote Code Execution Vulnerability in Foxit Reader 9.0.0.29935 via U3D File Parsing
Remote Code Execution Vulnerability in Foxit Reader 9.0.0.29935 via U3D Texture Image Channels Parsing
MetInfo 6.0 Front Page XSS Vulnerability via Feedback Message
XSS Vulnerability in Zulip Server Frontend Markdown Processor
XSS Vulnerability in Zulip Server Versions 1.5.x - 1.7.x
Buffer Over-read Vulnerability in ARM mbed TLS
Buffer Over-read Vulnerability in ARM mbed TLS
XSS Vulnerability in Zulip Server's Topic Typeahead with Stream Names
Cross-Site Scripting (XSS) Vulnerability in Frog CMS 0.9.5 via /admin/?/user/add Name or Username Parameter
XSS Vulnerability in Frog CMS 0.9.5 via File or Directory Name Field
XSS Vulnerability in YUNUCMS 1.0.7: Content Title on Admin News Center Page
Authentication Bypass Vulnerability in TBK DVR4104 and DVR4216 Devices and Re-branded Versions
Stack Exhaustion in C++ Demangling Functions in GNU libiberty
Arbitrary Script Injection in Open-Xchange OX App Suite Mail Compose
Sensitive Information Disclosure in Open-Xchange OX App Suite API
XSS Vulnerability in Zulip Server User Uploads