Vulnerability Index: Year 2019
Uncontrolled Recursion Loop Vulnerability in Juniper Networks Junos OS
Vulnerability: Ineffective Firewall Filter Configuration on EX2300 and EX3400 Series
BGP Flowspec Configuration Reachable Assertion Failure Vulnerability
Information Disclosure: API and Device Keys Logged in Readable File on Juniper ATP
Vulnerability: Inability to Perform IPv6 Extension Header Packet Matching on Juniper Networks Junos OS
Uninitialized Function Pointer Dereference Vulnerability in Juniper Networks Junos OS
Predictable IP ID Sequence Number Vulnerability in Juniper Networks vMX Series Software
Stack-based Buffer Overflow in Junos OS Packet Forwarding Engine Manager (FXPC) Process on QFX5000 Series, EX4300, EX4600 Devices
Vulnerability: High Disk I/O Operations Disrupt Communication on EX2300 and EX3400 Series
SRX Series Service Gateway UTM HTTP AV Inspection Memory Buffer Exhaustion Vulnerability
Junos OS Kernel Crash Vulnerability
Denial of Service (DoS) Vulnerability in BGP Auto Discovery for LDP VPLS in Juniper Networks Junos OS
Denial of Service (DoS) vulnerability in Juniper Networks Junos OS
J-Flow Sampling Malformed Packet Denial of Service Vulnerability
Vulnerability: Persistent Dynamic VPN Connections in SRX Series Service Gateway
Junos Space Unauthorized Device Deletion Vulnerability
Insufficient Validity Checking in Junos Space Application Allows Malicious Image Upload
Persistent XSS Vulnerability in Juniper ATP File Upload Menu
BGP Tracing DoS Vulnerability in Junos OS
Critical Vulnerability: Hard Coded Credentials in Juniper ATP Web Collector
Clear Text Logging of Secret Passphrases in Juniper ATP 5.0 Versions Prior to 5.0.4
Critical Vulnerability: Hard Coded Credentials in Juniper ATP Allows Full Control
Persistent XSS Vulnerability in Juniper ATP Golden VM Menu
Persistent XSS Vulnerability in Juniper ATP Email Collectors Menu
Persistent XSS Vulnerability in Juniper ATP RADIUS Configuration Menu
Persistent XSS Vulnerability in Juniper ATP Zone Configuration
Persistent XSS Vulnerability in Juniper ATP 5.0 Allows for Arbitrary Script Injection and Data Theft
Denial of Service (DoS) Vulnerability in Junos BGP Graceful Restart Mechanism
Juniper ATP Series Splunk Credentials Exposure Vulnerability
Vulnerability: Trivial De-hashing of Passwords in Juniper ATP 5.0 versions prior to 5.0.3
Memory resource consumption vulnerability in Junos OS jdhcpd daemon
Plaintext Storage of Organization Authentication Credentials in Log Files
Proxy ARP Service Firewall Bypass Vulnerability in Juniper Networks Junos OS
Administrative Bypass Vulnerability in Junos OS with Insecure Console Access
Silent Ignoring of internal-n Terms in Junos OS Firewall Filter Configuration
Denial of Service (DoS) Vulnerability in Juniper Networks Junos OS DHCPv6 Implementation
Denial of Service (DoS) Vulnerability in Juniper SRX340/SRX345 Services Gateways
Vulnerability: Brute Force Attacks on Junos OS REST API Login Credentials
Information Leak and Denial of Service Vulnerability in Junos OS rpcbind
Vulnerability: Control Plane Exposure via Loopback Interface on EX4300-MP Series Devices
Vulnerability in Juniper Identity Management Service (JIMS) for Windows Allows Firewall Bypass and DoS Attacks
Denial of Service Vulnerability in Juniper Networks Junos OS
Out-of-Band Management Interface Denial of Service Vulnerability
Juniper Networks Junos OS EX4300 Broadcast Storm DoS Vulnerability
Persistent Cross-Site Scripting (XSS) Vulnerability in Junos OS J-Web Interface
Vulnerability: Multicast Traffic Loopback Filter Bypass on Juniper EX4300 Series Switches
Denial of Service (DoS) Vulnerability in Junos OS BGP Graceful Restart
SRX1500 Denial of Service Vulnerability
SSL-Proxy Feature on Juniper SRX Devices Denial of Service Vulnerability
Vulnerability: SRX Series Gateways Crash Due to Misinterpreted Fragmented HTTP Packet
Stack-based buffer overflow vulnerability in Junos OS telnet client
Improper Certificate Validation in Juniper Networks Junos OS SRX Series Application Identification Signature Update Client
SIP ALG Denial of Service Vulnerability in Juniper Networks Junos OS
Insufficient Resource Pool Vulnerability in Juniper Networks Junos OS
Improper Authorization Vulnerability in Juniper Networks Junos OS
Veriexec Subsystem Privilege Escalation Vulnerability in Juniper Networks Junos OS
Memory Leak Vulnerability in Juniper Networks Junos OS: DoS via BGP Peered Host
Denial of Service (DoS) Vulnerability in Juniper SRX Series Gateways with IPSec Tunnels
Privilege Escalation Vulnerability in Junos OS Management Daemon (MGD)
Title: Session Fixation Vulnerability in J-Web on Junos OS Allows for Session Hijacking and Unauthorized Access
Denial of Service (DoS) vulnerability in Juniper Networks Junos OS
Denial of Service (DoS) vulnerability in SRX5000 Series devices with 'set security zones security-zone <zone> tcp-rst' configuration
Denial of Service Vulnerability in Juniper Networks Junos OS on MX Series
NG-mVPN Service Denial of Service Vulnerability in Juniper Networks Junos OS
IPv6 Packet Crash Vulnerability in Juniper Networks Junos OS
Denial of Service Vulnerability in Juniper Networks Junos OS on SRX Series
Clear text logging of console management port credentials on Juniper Networks Junos OS
Privilege Escalation Vulnerability in Juniper Networks Junos OS on NFX Series
Vulnerability: Veriexec Subsystem Failure Allows Unauthorized Execution
Unprotected Storage of Credentials Vulnerability in Juniper Networks SBR Carrier
Insecure File Permissions in PKI Key Export on Junos OS
Path Traversal Vulnerability in Juniper Networks Junos OS on NFX150, QFX10K, EX9200, MX, and PTX Series Devices with Next-Generation Routing Engine (NG-RE)
PIM-enabled SRX Series Devices Vulnerability: Denial of Service via srxpfe Process Crash
Dynamic Application Loader Software Vulnerability: Unauthorized Privilege Escalation via Local Access
Path Traversal Vulnerability in Intel(R) System Support Utility for Windows
Privilege Escalation Vulnerability in Intel(R) SPS Subsystem
Insufficient Access Control Vulnerability in Intel Subsystems: Potential Privilege Escalation via Physical Access
Code Injection Vulnerability in Intel(R) CSME and Intel(R) TXE Installer
Escalation of Privilege Vulnerability in Intel(R) AMT Subsystem
Insufficient Data Sanitization Vulnerability in Intel(R) CSME and SPS
Denial of Service Vulnerability in Intel(R) AMT Subsystem
Escalation of Privilege Vulnerability in Intel(R) AMT Subsystem
Denial of Service Vulnerability in Intel(R) AMT Subsystem
Escalation of Privilege Vulnerability in Intel(R) CSME and Intel(R) TXE Subsystems
Insufficient Access Control Vulnerability in Intel(R) SPS Subsystem
Title: Authentication Bypass Vulnerability in Intel Unite(R) Solution 3.2-3.3 Allows Privilege Escalation
Insufficient Session Authentication in Intel(R) Data Center Manager SDK: Potential Privilege Escalation via Network Access
Insufficient File Protection in Intel(R) Data Center Manager SDK Install Routine: Potential Information Disclosure Vulnerability
Unprotected Uninstall Routine in Intel(R) Data Center Manager SDK Prior to Version 5.0.2 Allows for Local Information Disclosure
Privilege Escalation Vulnerability in Intel(R) Data Center Manager SDK Install Routine
Privilege Escalation Vulnerability in Intel(R) Data Center Manager SDK Install Routine
Insufficient User Prompt in Intel(R) Data Center Manager SDK Install Routine: Potential Privilege Escalation Vulnerability
Improper File Permissions in Intel(R) Data Center Manager SDK: Local Access Information Disclosure Vulnerability
Privilege Escalation via Improper Folder Permissions in Intel(R) Data Center Manager SDK
Insufficient Key Management in Intel(R) Data Center Manager SDK: Local Access Information Disclosure Vulnerability
Improper File Permissions in Intel(R) Data Center Manager SDK: Potential Information Disclosure Vulnerability
Denial of Service Vulnerability in Intel(R) Data Center Manager SDK
Denial of Service Vulnerability in Intel Graphics Drivers
Race Condition Vulnerability in Intel Graphics Drivers
Denial of Service Vulnerability in Intel Graphics Driver
Out of Bound Read Vulnerability in Intel Graphics Driver
Intel SGX Vulnerability: Insufficient Access Control in Protected Memory Subsystem
Buffer Overflow Vulnerability in Intel System Firmware: Privilege Escalation and Denial of Service Risk
Insufficient Key Protection Vulnerability in Intel Processors: Potential Denial of Service via Local Access
Privilege Escalation Vulnerability in Intel(R) Matrix Storage Manager 8.9.0.1023 and Earlier
Double Free Vulnerability in Intel SGX SDK for Linux and Windows
Memory Protection Vulnerability in Intel(R) 6th Generation Core Processors and Above: Potential Privilege Escalation via Local Access
Memory Protection Vulnerability in Intel(R) 6th Generation Core Processors and Above: Potential Privilege Escalation via Local Access
Insufficient Access Control in Intel Xeon Processors' Silicon Reference Firmware: Potential Privilege Escalation and Denial of Service Vulnerability
Privilege Escalation and Information Disclosure Vulnerability in Intel(R) OpenVINO(TM) Installer for Linux
Privilege Escalation Vulnerability in Intel Chipset Device Software Installer
Escalation of Privilege Vulnerability in Intel(R) USB 3.0 Creator Utility
Reflected XSS Vulnerability in Intel(R) Accelerated Storage Manager Web Interface
Insufficient Input Validation in Intel(R) AMT Subsystem: Potential Denial of Service and Information Disclosure Vulnerability
Intel Unite(R) Client Data Corruption Vulnerability
Elevated Privilege Execution Vulnerability in Intel(R) Dynamic Platform and Thermal Framework
Privilege Escalation Vulnerability in Intel(R) Accelerated Storage Manager Installer
Insufficient Access Control in Intel(R) PROSet/Wireless WiFi Software Driver: Potential Denial of Service via Adjacent Access
Improper Directory Permissions in Intel(R) ACU Wizard 12.0.0.129 and Earlier: Local Privilege Escalation Vulnerability
Firmware Vulnerability in Intel(R) Ethernet 700 Series Controllers: Insufficient Access Control
Firmware Vulnerability: Buffer Overflow in Intel Ethernet 700 Series Controllers
Privilege Escalation Vulnerability in Intel(R) Ethernet 700 Series Controllers
Denial of Service Vulnerability in Intel(R) Ethernet 700 Series Controllers
Denial of Service Vulnerability in Intel(R) Ethernet 700 Series Controllers Firmware
Buffer Overflow Vulnerability in i40e Driver for Intel(R) Ethernet 700 Series Controllers
i40e Driver Resource Leak Vulnerability
Denial of Service Vulnerability in i40e Driver for Intel(R) Ethernet 700 Series Controllers
i40e Driver Resource Leak Vulnerability
Denial of Service Vulnerability in i40e Driver for Intel(R) Ethernet 700 Series Controllers
Firmware Vulnerability: Insufficient Access Control in Intel(R) Ethernet 700 Series Controllers
Intel(R) TXT Insufficient Memory Protection Vulnerability
Vulnerability: Insufficient Memory Protection in SMM and Intel TXT for Intel Xeon Processors
Buffer Overflow Vulnerability in Intel(R) CSME 12.0.0 through 12.0.34: Network-based Privilege Escalation
Insufficient Access Control in Intel Processor Graphics Subsystem: Potential Denial of Service Vulnerability
Insufficient Access Control Vulnerability in Intel Graphics Subsystem
Denial of Service Vulnerability in Intel(R) SGX Driver for Linux
Privilege Escalation Vulnerability in Intel(R) Graphics Performance Analyzer for Linux Version 18.4 and Earlier
Memory Protection Vulnerability in Linux Administrative Tools for Intel(R) Network Adapters
EDK II System Firmware Buffer Overflow Vulnerability
XHCI Stack Overflow Vulnerability in EDK II: Local Denial of Service Potential
Virtual Memory Mapping Vulnerability
Title: Insufficient Input Validation in Intel(R) Broadwell U i5 vPro Firmware (MYBDWi5v.86A) Allows Local Privilege Escalation and Information Disclosure
Privilege Escalation Vulnerability in Intel(R) Turbo Boost Max Technology 3.0 Driver Installer
Denial of Service Vulnerability in Intel(R) CSME Subsystem
Intel(R) AMT Subsystem Information Disclosure Vulnerability
Insufficient Input Validation in Intel(R) CSME and Intel(R) TXE Subsystems: Potential Information Disclosure via Local Access
Heap Overflow Vulnerability in Intel(R) CSME and Intel(R) TXE
Buffer Overflow Vulnerability in Intel(R) DAL Subsystem
Privilege Escalation Vulnerability in Intel(R) Quartus(R) Software Installer
Remote Privilege Escalation Vulnerability in Intel Unite(R) Client for Android
Authentication Bypass Vulnerability in Intel(R) Raid Web Console 2
Partial Physical Address Information Disclosure Vulnerability
Insufficient Password Protection in Open CIT Attestation Database: Potential Information Disclosure Vulnerability
Insufficient Password Protection in Open CIT Attestation Database: Potential Information Disclosure Vulnerability
Insufficient Password Protection in Open CIT Attestation Database: Potential Information Disclosure Vulnerability
Insufficient Password Protection in Open CIT Attestation Database: Potential Information Disclosure Vulnerability
Insufficient Password Protection in Open CIT Attestation Database: Potential Information Disclosure Vulnerability
Insufficient Password Protection in Open CIT Attestation Database: Potential Information Disclosure Vulnerability
Insufficient Password Protection in Open CIT Attestation Database: Potential Information Disclosure Vulnerability
Insufficient Password Protection in Open CIT Attestation Database: Potential Information Disclosure Vulnerability
Intel(R) TXT Vulnerability: Privileged User Information Disclosure via Local Access
Protected Memory Subsystem Vulnerability in Intel Processors: Potential Information Disclosure via Local Access
Cross-Site Scripting (XSS) Vulnerability in Apache Pluto Chat Room Demo Portlet 3.0.0 and 3.0.1
Unauthenticated Remote Code Execution (RCE) Vulnerability in JMeter Distributed Mode
XML External Entity Injection (XXE) Vulnerability in Apache Camel's camel-xmljson Component
Java Deserialization Remote Code Execution in Apache Ofbiz
Denial of Service Vulnerability in mod_ssl with Apache HTTP Server 2.4.37 and OpenSSL 1.1.1 or later
Apache Karaf Zip-slip Vulnerability
Remote Code Execution via Unsafe Deserialization in Apache Solr's Config API
Apache Solr DataImportHandler dataConfig Parameter Security Vulnerability
Directory Traversal Vulnerability in Apache Camel's File Component
Classpath Asset File URL Manipulation and Java Deserialization Attack via Tapestry Form Component
Apache HTTP Server 2.4.17 to 2.4.38 - Memory Access Vulnerability in HTTP/2 Request Handling
HTTP/2 Upgrade Request Misconfiguration Vulnerability
Excessive SETTINGS Frames and Thread Exhaustion DoS Vulnerability in Apache Tomcat
Apache Qpid Broker-J Denial of Service Vulnerability
Unauthenticated Disclosure of Digest Authentication Hash in Apache ZooKeeper
Apache Storm Logviewer Daemon File Disclosure Vulnerability
Apache Subversion Protocol Command Vulnerability
Root-level Code Execution Vulnerability in Apache Mesos
Endless Loop Vulnerability in Apache Thrift Versions up to 0.12.0
Path Traversal Vulnerability in Tapestry Asset Processing
Panic Vulnerability in Apache Thrift Go Server with TJSONProtocol or TSimpleJSONProtocol
Privilege Escalation Vulnerability in Apache HTTP Server 2.4
Improper Authorization Handling in Apache HBase REST Server with Kerberos and SPNEGO Authentication
Stored XSS Vulnerability in Apache Archiva
Arbitrary File Write Vulnerability in Apache Archiva 2.0.0 - 2.2.3
Bypassing Access Control Restrictions in Apache HTTP Server 2.4 with mod_ssl
Arbitrary JavaScript Execution via Airflow Metadata Database Manipulation
Race Condition in mod_auth_digest Allows Authentication Bypass
Reflected XSS Vulnerability in Pony Mail Interface: Exploiting Specially Crafted URLs
Cross-Site Scripting (XSS) Vulnerability in InAppBrowser WebView on Android
Multiple Consecutive Slashes Vulnerability in Apache HTTP Server
XSS Vulnerability in Apache Tomcat's SSI printenv Command
Apache ActiveMQ Unmarshalling Vulnerability
Apache Qpid Proton TLS Vulnerability
Cross-Site Scripting (XSS) Vulnerability in Apache JSPWiki 2.9.0 to 2.11.0.M2
Arbitrary File Access Vulnerability in Apache JSPWiki 2.9.0 to 2.11.0.M2
Apache Karaf Config Service Directory Traversal and File Overwrite Vulnerability
Apache Axis 1.4 Server Side Request Forgery (SSRF) Vulnerability
XML External Entity (XXE) Vulnerability in Apache PDFBox 2.0.14
Cross-Site Request Forgery Vulnerability in Airflow Webserver
Apache Struts 2 Forced Double OGNL Evaluation Remote Code Execution Vulnerability
Apache MINA SSL/TLS Connection Retention Vulnerability
Remote Code Execution Vulnerability in Apache Tomcat 9.0.0.M1 to 9.0.17, 8.5.0 to 8.5.39, and 7.0.0 to 7.0.93
Apache Struts 2.0.0 to 2.5.20 File Upload Denial of Service Vulnerability
Apache Roller Math Comment Authenticator Reflected Cross-site Scripting (XSS) Vulnerability
CSRF Vulnerability in Apache OFBiz 17.12.01
Cross-Site Scripting (XSS) Vulnerability in SAP Commerce (previously SAP Hybris Commerce)
Denial of Service Vulnerability in SAP Business Objects Mobile for Android (before 6.3.5)
Denial of Service Vulnerability in SAP Work and Inventory Manager (Agentry_SDK)
Privilege Escalation Vulnerability in SAP BW/4HANA
Cross-Site Scripting (XSS) Vulnerability in SAP CRM WebClient UI
Cross-Site Scripting (XSS) Vulnerability in SAP CRM WebClient UI
Unauthenticated Access to SAP Cloud Connector Functionalities
Code Injection Vulnerability in SAP Cloud Connector (CVE-2021-12345)
SAP Gateway Information Disclosure Vulnerability
SAP Landscape Management (VCM 3.0) Information Disclosure Vulnerability
Cross-Site Scripting (XSS) Vulnerability in SAP BusinessObjects Fiori Launchpad
Cross-Site Scripting (XSS) Vulnerability in SAP Disclosure Management (before version 10.1 Stack 1301)
SAP NetWeaver AS ABAP Platform Privilege Escalation Vulnerability
SAP Business One Mobile Android App Information Disclosure Vulnerability
Privilege Escalation in SAP NetWeaver AS ABAP Platform
Privilege Escalation Vulnerability in SAP Disclosure Management 10.01
Arbitrary File Upload Vulnerability in SAP BusinessObjects (Visual Difference)
Authentication Bypass Vulnerability in SAP HANA Extended Application Services, Advanced Model (XS Advanced)
SAP WebIntelligence BILaunchPad XSS Vulnerability
SLD Registration Denial of Service Vulnerability
SAP HANA XS Advanced Credential Leakage Vulnerability
Lack of Anti-XSRF Tokens in SAP Manufacturing Integration and Intelligence Servlet
XML External Entity (XXE) Injection Vulnerability in SAP BusinessObjects Business Intelligence Platform (CMC Module)
Cross-Site Scripting (XSS) Vulnerability in SAP BusinessObjects Business Intelligence Platform (BI Workspace) Versions 4.10 and 4.20
Privilege Escalation Vulnerability in SAP NetWeaver and ABAP Platform
XML External Entity (XEE) Vulnerability in ABAP Server and ABAP Platform
Denial of Service Vulnerability in SAP Mobile Platform SDK
Cross-Site Scripting (XSS) Vulnerability in SAML 1.1 SSO Demo Application in SAP NetWeaver Java Application Server (J2EE-APPS)
Inadequate Authorization Check in SAP Banking Services: Privilege Escalation Vulnerability
XML External Entity (XXE) Vulnerability in SAP HANA Extended Application Services
Information Disclosure in SAP NetWeaver Process Integration Monitoring Servlet
Privilege Escalation in SAP BASIS Function Modules
Privilege Escalation in SAP Treasury and Risk Management
Cross-Site Scripting (XSS) Vulnerability in SAPUI5 and OpenUI5
Unauthenticated Access to SAP NetWeaver Process Integration (Runtime Workbench) Exposes Internal Data
Digital Signature Spoofing Vulnerability in SAP NetWeaver Process Integration (Adapter Engine)
XML External Entity (XXE) Vulnerability in SAP HANA SLD Registration
Sensitive Database Information Disclosure in SAP Crystal Reports for Visual Studio
SAP BusinessObjects Business Intelligence Platform Information Disclosure Vulnerability
Unauthorized Information Access in SAP BusinessObjects Business Intelligence Platform
Unauthorized Information Access in Solution Manager 7.2
Privilege Escalation in RFC Destination Access
Cross-Site Scripting (XSS) Vulnerability in SAP E-Commerce Application
SAP Identity Management REST Interface Version 2 Privilege Escalation Vulnerability
Reflected Cross-Site Scripting (XSS) Vulnerability in SAP BusinessObjects Business Intelligence Platform
FTP Function Code Injection Vulnerability in SAP NetWeaver AS ABAP Platform
Clickjacking Vulnerability in SAP NetWeaver Process Integration JSPs
SAP HANA Extended Application Services (advanced model) User Enumeration Vulnerability
Unencrypted Storage of Credentials in Diagnostics Agent in Solution Manager 7.2
Code Injection Vulnerability in SAP E-Commerce Allows Price Manipulation and Unauthorized Checkout
Cross-Site Scripting (XSS) Vulnerability in Automotive Dealer Portal of SAP R/3 Enterprise Application
Unprotected SAP NetWeaver Process Integration Web Pages Vulnerability
Denial of Service Vulnerability in SAP Work Manager and SAP Inventory Manager
FTP Password Disclosure Vulnerability in SAP NetWeaver Process Integration
Reflected Cross Site Scripting Vulnerability in SAP NetWeaver Process Integration
Information Disclosure Vulnerability in SAP NetWeaver Application Server for Java (Startup Framework)
SAP Gateway Content Injection Vulnerability
Cross-Site Scripting (XSS) Vulnerability in ABAP Server and ABAP Platform (SAP Basis) Versions 7.31, 7.4, 7.5
Denial of Service Vulnerability in SAP Commerce Cloud
Unauthorized Access to Payroll Data in SAP ERP HCM (SAP_HRCES) Version 3
Cross-Site Scripting (XSS) Vulnerability in SAP BusinessObjects Business Intelligence Platform (BI Workspace)
File Upload Vulnerability in SAP NetWeaver for Java Application Server
Privilege Escalation in ABAP Tests Modules of SAP NetWeaver Process Integration
Cross-Site Scripting (XSS) Vulnerability in SAP Information Steward 4.2
Code Injection Vulnerability in SAP Diagnostic Agent (LM-Service) 7.2
Information Disclosure Vulnerability in SAP BusinessObjects Business Intelligence Platform (BI Workspace)
Cross-Site Scripting (XSS) Vulnerability in SAP BusinessObjects Business Intelligence Platform (Info View)
Information Disclosure Vulnerability in SAP BusinessObjects Business Intelligence Platform
Stored Cross Site Scripting and Privilege Escalation via Session Hijacking in SAP BusinessObjects Business Intelligence Platform
Stored Cross Site Scripting Vulnerability in SAP BusinessObjects Business Intelligence Platform (Central Management Console)
Reflected Cross-Site Scripting (XSS) Vulnerability in SAP NetWeaver Process Integration Java Proxy Runtime
Improper HTTP Header Configuration in SAP Gateway Allows Information Disclosure
Missing XML Validation Vulnerability in SAP Enable Now (pre-1902 version) Allows Local XXE File Read
Session Cookie Vulnerability in SAP Enable Now (Version 1902) Allows Unauthorized Access
Code Injection Vulnerability in SAP Commerce Cloud (Mediaconversion Extension)
Unsafe Deserialization Vulnerability in SAP Commerce Cloud (VirtualJDBC Extension) Allows Arbitrary Code Execution
Server-Side Request Forgery in SAP NetWeaver Application Server for Java (Administrator System Overview)
Unencrypted Communication Vulnerability in SAP Business Objects BI Platform 4.2 Leads to Information Disclosure
Unencrypted Connection Vulnerability in SAP BusinessObjects Business Intelligence Platform
Missing Authorization Check in SAP Kernel (ABAP Debugger)
SAP HANA Database Denial of Service Vulnerability
Remote Code Execution Vulnerability in SAP NetWeaver UDDI Server (Services Registry)
Caching Vulnerability in SAP Business Objects Business Intelligence Platform
SAP Business One Client Information Disclosure Vulnerability
Code Injection Vulnerability in SAP NetWeaver Application Server Java Web Container and SAP-JEECOR
SAP NetWeaver Process Integration Runtime Workbench Information Disclosure Vulnerability
SAP HANA Database Privilege Escalation Vulnerability
SAP Supplier Relationship Management (SRM) Master Data Management Catalog XSS Vulnerability
SAP HANA Extended Application Services (Advanced model) HTTP/REST Endpoint Misuse Vulnerability
SAP HANA Extended Application Services (Advanced model) Open Port Enumeration Vulnerability
Denial of Service (DoS) vulnerability in SAP Kernel and SAP GUI
Missing Authorization Check in SAP NetWeaver Process Integration (B2B Toolkit) Allows Unauthorized Import of B2B Table Content
Cross-Site Scripting Vulnerability in SAP Customer Relationship Management (Email Management)
Reflected Cross-Site Scripting Vulnerability in SAP Financial Consolidation
XPath Injection Vulnerability in SAP Financial Consolidation (Versions 10.0 and 10.1)
Reflected Cross-Site Scripting in SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface) Chart Title
Reflected Cross-Site Scripting in SAP BusinessObjects Business Intelligence Platform
Stored Cross-Site Scripting in SAP BusinessObjects Business Intelligence Platform
Stored Cross-Site Scripting in SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface)
Stored Cross-Site Scripting in SAP BusinessObjects Business Intelligence Platform (Web Intelligence HTML interface)
Missing Authentication Check in SAP Process Integration B2B Add-On with BouncyCastle Security Provider
Information Disclosure in SAP Landscape Management Enterprise Edition
Inadvertent File Access Vulnerability in SAP SQL Anywhere, SAP IQ, and SAP Dynamic Tier
Cross-Site Scripting Vulnerability in SAP BusinessObjects Business Intelligence Platform (Web Intelligence-Publication Pages)
Privilege Escalation Vulnerability in SAP Treasury and Risk Management
Insufficient Authorization Checks in SAP Treasury and Risk Management
Cross-Site Scripting (XSS) Vulnerability in SAP Enable Now (pre-1908 versions)
Privilege Escalation in SAP ERP Sales and S4HANA Sales
Insufficient URL Validation in SAP UI5 HTTP Handler
Privilege Escalation Vulnerability in SAP NetWeaver Application Server Java
SAP Data Hub Vulnerability: Unauthorized Access to Connection Manager Information
SAP NetWeaver AS Java Information Disclosure Vulnerability
SQL Injection Vulnerability in SAP Quality Management Allows Unauthorized Access to Historical Inspection Results
Stored Cross Site Scripting Vulnerability in SAP BusinessObjects Business Intelligence Platform (Fiori BI Launchpad)
XML Injection Vulnerability in SAP BusinessObjects Business Intelligence Platform
Insufficient CSRF Protection in SAP BusinessObjects Business Intelligence Platform (Monitoring Application) Allows Cross Site Request Forgery
Unintended Information Disclosure in SAP Portfolio and Project Management
SAP Adaptive Server Enterprise Information Disclosure Vulnerability
CSV Command Injection Vulnerability in SAP Enable Now (before version 1911)
SAP Enable Now Server Error Message Information Disclosure Vulnerability
SAP Enable Now User Enumeration and Information Disclosure Vulnerability
Windows Kernel Information Disclosure Vulnerability
Arbitrary File Content Disclosure in Microsoft Visual Studio via Malicious .vscontent File
Windows Jet Database Engine Remote Code Execution Vulnerability
Chakra Scripting Engine Remote Code Execution Vulnerability in Microsoft Edge
URL Validation Bypass Vulnerability in Microsoft Office
MSHTML Engine Remote Code Execution Vulnerability
Xterm.js Remote Code Execution Vulnerability
Windows Authentication Handling Elevation of Privilege Vulnerability
.NET Framework and .NET Core Information Disclosure Vulnerability: Bypassing CORS Configurations
Visual Studio C++ Compiler Remote Code Execution Vulnerability
Windows DHCP Client Remote Code Execution Vulnerability
ASP.NET Core Denial of Service Vulnerability
Windows Kernel Information Disclosure Vulnerability
Windows Hyper-V Remote Code Execution Vulnerability
Windows Hyper-V Remote Code Execution Vulnerability
Windows COM Desktop Broker Elevation of Privilege Vulnerability
Windows Subsystem for Linux Information Disclosure Vulnerability
Windows Kernel Information Disclosure Vulnerability
Escape from AppContainer Sandbox: Microsoft XmlDocument Elevation of Privilege Vulnerability
Microsoft Office SharePoint XSS Vulnerability
Microsoft Office SharePoint XSS Vulnerability
Microsoft Office SharePoint XSS Vulnerability
Microsoft Outlook Information Disclosure Vulnerability
Memory Disclosure Vulnerability in Microsoft Office: Exposing Sensitive Information
Improper Usage of Microsoft Word Macro Buttons Leads to Information Disclosure Vulnerability
Microsoft SharePoint Elevation of Privilege Vulnerability
ASP.NET Core Denial of Service Vulnerability in ASP.NET Core 2.1
Edge Memory Corruption Vulnerability: Remote Code Execution Exploit
Edge Browser Broker COM Object Elevation of Privilege Vulnerability
Chakra Scripting Engine Remote Code Execution Vulnerability in Microsoft Edge
Chakra Scripting Engine Remote Code Execution Vulnerability in Microsoft Edge
Windows Kernel Information Disclosure Vulnerability
Windows Runtime Elevation of Privilege Vulnerability
Windows Data Sharing Service Elevation of Privilege Vulnerability
Windows Data Sharing Service Elevation of Privilege Vulnerability
Windows Data Sharing Service Elevation of Privilege Vulnerability
Windows Data Sharing Service Elevation of Privilege Vulnerability
Windows Jet Database Engine Remote Code Execution Vulnerability
Windows Jet Database Engine Remote Code Execution Vulnerability
Windows Jet Database Engine Remote Code Execution Vulnerability
Windows Jet Database Engine Remote Code Execution Vulnerability
Windows Jet Database Engine Remote Code Execution Vulnerability
Windows Jet Database Engine Remote Code Execution Vulnerability
Windows Jet Database Engine Remote Code Execution Vulnerability
Windows Jet Database Engine Remote Code Execution Vulnerability
Windows Jet Database Engine Remote Code Execution Vulnerability
Windows Jet Database Engine Remote Code Execution Vulnerability
Memory Object Handling Vulnerability in Microsoft Word Software
Microsoft Exchange Remote Code Execution Vulnerability
Calendar Contributors Privilege Escalation in Microsoft Exchange Server
Microsoft Edge Scripting Engine Memory Corruption Vulnerability
Microsoft Edge Scripting Engine Memory Corruption Vulnerability
Chakra Scripting Engine Remote Code Execution Vulnerability
Microsoft Edge Scripting Engine Memory Corruption Vulnerability
Microsoft SharePoint Remote Code Execution Vulnerability (CVE-2020-XXXX)
Jet Database Engine Remote Code Execution Vulnerability
Jet Database Engine Remote Code Execution Vulnerability
Jet Database Engine Remote Code Execution Vulnerability
Jet Database Engine Remote Code Execution Vulnerability
Jet Database Engine Remote Code Execution Vulnerability
HID Information Disclosure Vulnerability
HID Information Disclosure Vulnerability
Windows GDI Memory Disclosure Vulnerability
Windows Deployment Services TFTP Server Remote Code Execution Vulnerability
Microsoft SharePoint Remote Code Execution Vulnerability
Scripting Engine Memory Corruption Vulnerability in Microsoft Edge
Internet Explorer Remote Code Execution Vulnerability
Microsoft Edge Scripting Engine Memory Corruption Vulnerability
Microsoft Browser HTTP Content Parsing Spoofing Vulnerability
Scripting Engine Memory Corruption Vulnerability in Microsoft Browsers
Microsoft Edge Scripting Engine Memory Corruption Vulnerability
Chakra Scripting Engine Remote Code Execution Vulnerability
Flash Object Click2Play Bypass Vulnerability in Microsoft Edge
.NET Framework and Visual Studio Remote Code Execution Vulnerability
Windows GDI Memory Disclosure Vulnerability
Windows GDI Memory Disclosure Vulnerability
Windows GDI Memory Disclosure Vulnerability
Jet Database Engine Remote Code Execution Vulnerability
GDI+ Remote Code Execution Vulnerability
Windows GDI Memory Disclosure Vulnerability
Windows Hyper-V Remote Code Execution Vulnerability
Windows Kernel Object Memory Handling Vulnerability
Skype for Android Elevation of Privilege Vulnerability
Win32k Memory Object Handling Elevation of Privilege Vulnerability
Skype for Business 2015 Spoofing Vulnerability
Jet Database Engine Remote Code Execution Vulnerability
Windows Server DHCP Service Memory Corruption Vulnerability
Windows Security Feature Bypass Vulnerability
Kernel Information Disclosure Vulnerability in Win32k Component
Windows SMBv2 Remote Code Execution Vulnerability
Windows Security Feature Bypass Vulnerability
Windows Security Feature Bypass Vulnerability
Windows SMBv2 Remote Code Execution Vulnerability
Microsoft Edge Remote Code Execution Vulnerability
Windows Hyper-V Information Disclosure Vulnerability
Windows File Information Disclosure Vulnerability
Cellular Network Profile Bypass Vulnerability
ChakraCore Scripting Engine Memory Corruption Vulnerability
Scripting Engine Memory Corruption Vulnerability in Microsoft Edge
Whitelist Bypass Vulnerability in Microsoft Edge
Scripting Engine Memory Corruption Vulnerability in Microsoft Edge
Cross-Origin Information Disclosure Vulnerability in Microsoft Edge
Scripting Engine Memory Corruption Vulnerability in Microsoft Edge
Microsoft Edge Remote Code Execution Vulnerability
Team Foundation Server Cross-site Scripting Vulnerability
Team Foundation Server Secret Variable Information Disclosure Vulnerability
Chakra Memory Disclosure Vulnerability
Microsoft Chakra JIT Server Vulnerability: Scripting Engine Elevation of Privilege
Microsoft Edge Remote Code Execution Vulnerability
Scripting Engine Memory Corruption Vulnerability in Microsoft Edge
Scripting Engine Memory Corruption Vulnerability in Microsoft Edge
Microsoft Browser Spoofing Vulnerability: Exploiting Improper Redirect Handling
Scripting Engine Memory Corruption Vulnerability in Microsoft Edge
Memory Object Handling Vulnerability in Windows Kernel
.NET Framework and Visual Studio URL Parsing Vulnerability
Scripting Engine Memory Object Handling Vulnerability
Windows Storage Service Elevation of Privilege Vulnerability
Windows GDI Memory Disclosure Vulnerability
Windows Kernel Object Memory Handling Vulnerability
GDI+ Remote Code Execution Vulnerability
Windows Kernel Information Disclosure Vulnerability
Windows GDI Memory Disclosure Vulnerability
Windows VBScript Engine Remote Code Execution Vulnerability
Windows VBScript Engine Remote Code Execution Vulnerability
Windows VBScript Engine Remote Code Execution Vulnerability
Microsoft SharePoint Elevation of Privilege Vulnerability
Memory Disclosure Vulnerability in Microsoft Excel
HTTP Content Parsing Spoofing Vulnerability in Microsoft SharePoint
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
Internet Explorer Memory Handling Vulnerability
Cross-Domain Policy Enforcement Bypass in Microsoft Edge
Internet Explorer Scripting Engine Memory Corruption Vulnerability
Windows Subsystem for Linux Integer Overflow Elevation of Privilege Vulnerability
Active Directory Forest Trust Elevation of Privilege Vulnerability
Win32k Memory Object Handling Elevation of Privilege Vulnerability
Microsoft Exchange Server Elevation of Privilege Vulnerability
Fragmented IP Packet Information Disclosure Vulnerability
Windows Subsystem for Linux Integer Overflow Elevation of Privilege Vulnerability
Windows Hyper-V Denial of Service Vulnerability
Windows Subsystem for Linux Integer Overflow Elevation of Privilege Vulnerability
Windows Subsystem for Linux Integer Overflow Elevation of Privilege Vulnerability
Windows Subsystem for Linux Integer Overflow Elevation of Privilege Vulnerability
Windows Hyper-V Privileged User Input Validation Vulnerability
Memory Object Handling Vulnerability in Windows Kernel
Windows DHCP Client Memory Corruption Vulnerability
Windows DHCP Client Memory Corruption Vulnerability
Windows Hyper-V Privileged User Input Validation Vulnerability
Windows Kernel Information Disclosure Vulnerability
Windows SMB Server Information Disclosure Vulnerability
Windows SMB Server Information Disclosure Vulnerability
Windows NDIS Elevation of Privilege Vulnerability
Remote Desktop Services Remote Code Execution Vulnerability
Windows Hyper-V Remote Code Execution Vulnerability
Windows Hyper-V Privileged User Input Validation Vulnerability
Windows Hyper-V Privileged User Input Validation Vulnerability
Windows Hyper-V Network Switch Privilege Escalation Vulnerability
Windows Hyper-V Privileged User Input Validation Vulnerability
Windows Hyper-V Network Switch Privilege Escalation Vulnerability
Windows Hyper-V Denial of Service Vulnerability
Memory Object Handling Vulnerability in Windows: A Denial of Service Risk
Windows Hyper-V Denial of Service Vulnerability
Windows Hyper-V Denial of Service Vulnerability
Hyper-V Network Switch Remote Code Execution Vulnerability
Hyper-V Remote Code Execution Vulnerability
Hyper-V Network Switch Remote Code Execution Vulnerability
Windows Hyper-V Remote Code Execution Vulnerability
Windows Hyper-V Network Switch Privilege Escalation Vulnerability
Microsoft Exchange Server Elevation of Privilege Vulnerability
Windows Server DHCP Service Memory Corruption Vulnerability
Windows DHCP Client Memory Corruption Vulnerability
File Deletion Elevation of Privilege Vulnerability in Diagnostic Hub and Visual Studio Standard Collectors
Project-based Remote Code Execution Vulnerability in Visual Studio Code
Azure IoT Java SDK Symmetric Key Generation Vulnerability
Windows LUAFV Driver Elevation of Privilege Vulnerability
Windows LUAFV Driver Elevation of Privilege Vulnerability
Windows Security Feature Bypass Vulnerability in LUAFV Driver
Windows Defender Application Control Security Feature Bypass Vulnerability
Kerberos Authentication Request Replacement Vulnerability
Windows CSRSS Elevation of Privilege Vulnerability
Windows DHCP Client Remote Code Execution Vulnerability
Scripting Engine Memory Corruption Vulnerability in Microsoft Edge
Azure IoT Java SDK Information Leakage Vulnerability
Team Foundation Server Cross-site Scripting Vulnerability
Team Foundation Server Cross-site Scripting Vulnerability
Memory Object Handling Vulnerability in Microsoft Edge
Access Connectivity Engine Remote Code Execution Vulnerability
Internet Explorer Scripting Engine Memory Corruption Vulnerability
Internet Explorer Scripting Engine Memory Corruption Vulnerability
Memory Object Handling Vulnerability in Windows: A Denial of Service Risk
Windows Kernel Information Disclosure Vulnerability
MSXML Remote Code Execution Vulnerability
NuGet Package Manager Tampering Vulnerability
Windows GDI Memory Disclosure Vulnerability
Windows Print Spooler Memory Object Handling Vulnerability
Internet Explorer Security Zone Validation Bypass Vulnerability
Cross-Origin Security Bypass Vulnerability in Microsoft Browsers
Internet Explorer Remote Code Execution Vulnerability
Unvalidated Input Tampering Vulnerability in Microsoft Browsers
Memory Object Handling Vulnerability in comctl32.dll: Remote Code Execution
Windows AppX Deployment Server Elevation of Privilege Vulnerability: Arbitrary File Creation
Windows Kernel Information Disclosure Vulnerability
Internet Explorer VBScript Execution Policy Bypass Vulnerability
Scripting Engine Memory Corruption Vulnerability in Microsoft Edge
Scripting Engine Memory Corruption Vulnerability in Microsoft Edge
Scripting Engine Memory Corruption Vulnerability in Microsoft Edge
Windows VBScript Engine Remote Code Execution Vulnerability
Scripting Engine Memory Corruption Vulnerability in Microsoft Edge
Windows GDI Memory Disclosure Vulnerability
Windows Kernel Information Disclosure Vulnerability
Kernel Information Disclosure Vulnerability in Win32k Component
Team Foundation Server Cross-site Scripting Vulnerability
Microsoft Office SharePoint XSS Vulnerability
Microsoft Edge Remote Code Execution Vulnerability
Memory Corruption Vulnerability in Microsoft Browsers: Remote Code Execution
Windows Kernel Memory Address Initialization Vulnerability
Internet Explorer Scripting Engine Memory Corruption Vulnerability
ADO Memory Handling Remote Code Execution Vulnerability
Windows Server DHCP Service Memory Corruption Vulnerability
SMB Server Elevation of Privilege Vulnerability
Windows Remote Desktop Client Remote Code Execution Vulnerability
Windows Remote Desktop Client Remote Code Execution Vulnerability
MS XML Remote Code Execution Vulnerability
MS XML Remote Code Execution Vulnerability
MS XML Remote Code Execution Vulnerability
MS XML Remote Code Execution Vulnerability
OLE Automation Remote Code Execution Vulnerability
MS XML Remote Code Execution Vulnerability
Windows LUAFV Driver Elevation of Privilege Vulnerability
Win32k Object Handling Elevation of Privilege Vulnerability
Skype for Business and Lync Spoofing Vulnerability
Office URL File Remote Code Execution Vulnerability
Windows GDI Memory Disclosure Vulnerability
Win32k Memory Object Handling Elevation of Privilege Vulnerability
Azure Linux Agent Swap File Information Disclosure Vulnerability
Windows LUAFV Driver Elevation of Privilege Vulnerability
Chakra Scripting Engine Remote Code Execution Vulnerability
Win32k Object Handling Elevation of Privilege Vulnerability
Visual Studio C++ Redistributable Installer DLL Loading Remote Code Execution Vulnerability
Chakra Scripting Engine Remote Code Execution Vulnerability
Windows DNS Server Denial of Service Vulnerability
Chakra Scripting Engine Remote Code Execution Vulnerability
Impersonation Vulnerability in Windows Admin Center
Win32k Kernel Information Disclosure Vulnerability
ASP.NET Core Denial of Service Vulnerability
Azure SSH Keypairs Security Feature Bypass Vulnerability
Microsoft Exchange Server Spoofing Vulnerability
Metadata Permissions Enforcement Vulnerability in Microsoft SQL Server Analysis Services
.NET Framework and .NET Core RegEx Denial of Service Vulnerability
Windows SMB Server Information Disclosure Vulnerability
Memory Object Handling Vulnerability in Microsoft Graphics Components
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
Memory Object Handling Vulnerability in Microsoft Excel Allows Remote Code Execution
Chakra Scripting Engine Remote Code Execution Vulnerability
Microsoft Office SharePoint XSS Vulnerability
Microsoft Office SharePoint XSS Vulnerability
Memory Object Handling Vulnerability in Microsoft Edge
Memory Object Handling Vulnerability in Microsoft Scripting Engine
Windows LUAFV Driver Elevation of Privilege Vulnerability
Memory Object Handling Vulnerability in DirectX
Windows Task Scheduler Credential Disclosure Vulnerability
Terminal Services Memory Disclosure Vulnerability
Windows Kernel Object Memory Handling Vulnerability
Windows AppX Deployment Service Hard Link Elevation of Privilege Vulnerability
VBScript Engine Remote Code Execution Vulnerability
Windows Kernel Object Memory Handling Vulnerability
ASP Webpage Content Remote Code Execution Vulnerability
Jet Database Engine Remote Code Execution Vulnerability
Jet Database Engine Remote Code Execution Vulnerability
Win32k Kernel Information Disclosure Vulnerability
Windows GDI Memory Disclosure Vulnerability
Jet Database Engine Remote Code Execution Vulnerability
GDI+ Remote Code Execution Vulnerability
Windows Memory Object Handling Remote Code Execution Vulnerability
Azure DevOps Server Spoofing Vulnerability
Microsoft Exchange Server Spoofing Vulnerability
Win32k Memory Object Handling Elevation of Privilege Vulnerability
Chakra Scripting Engine Remote Code Execution Vulnerability
Chakra Scripting Engine Remote Code Execution Vulnerability
Internet Explorer Scripting Engine Memory Corruption Vulnerability
Windows Error Reporting File Handling Elevation of Privilege Vulnerability
Heap Memory Object Handling Vulnerability in .NET Framework
SymCrypt Denial of Service Vulnerability
Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability
Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability
Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability
Azure DevOps Server HTML Injection Vulnerability
Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability
Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability
Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability
Azure DevOps Server Cross-site Scripting Vulnerability
Azure DevOps Server Elevation of Privilege Vulnerability
Memory Object Handling Vulnerability in Open Enclave SDK
Jet Database Engine Remote Code Execution Vulnerability
Jet Database Engine Remote Code Execution Vulnerability
Splwow64.exe Local Elevation of Privilege Vulnerability
Windows Kernel Key Enumeration Elevation of Privilege Vulnerability
Windows GDI Memory Disclosure Vulnerability
Scripting Engine Memory Corruption Vulnerability in Microsoft Browsers
Windows OLE Remote Code Execution Vulnerability
Windows Hyper-V Information Disclosure Vulnerability
Clipboard Redirection Remote Code Execution Vulnerability
ADO Remote Code Execution Vulnerability
Windows Jet Database Engine Remote Code Execution Vulnerability
Windows Jet Database Engine Remote Code Execution Vulnerability
Windows Jet Database Engine Remote Code Execution Vulnerability
Win32k Memory Object Handling Elevation of Privilege Vulnerability
Windows Jet Database Engine Remote Code Execution Vulnerability
Windows Jet Database Engine Remote Code Execution Vulnerability
Windows Jet Database Engine Remote Code Execution Vulnerability
Jet Database Engine Remote Code Execution Vulnerability
Windows Jet Database Engine Remote Code Execution Vulnerability
Jet Database Engine Remote Code Execution Vulnerability
Windows Jet Database Engine Remote Code Execution Vulnerability
Jet Database Engine Remote Code Execution Vulnerability
Windows Jet Database Engine Remote Code Execution Vulnerability
Jet Database Engine Remote Code Execution Vulnerability
GDI+ Remote Code Execution Vulnerability
Jet Database Engine Remote Code Execution Vulnerability
Jet Database Engine Remote Code Execution Vulnerability
Jet Database Engine Remote Code Execution Vulnerability
Jet Database Engine Remote Code Execution Vulnerability
Jet Database Engine Remote Code Execution Vulnerability
Jet Database Engine Remote Code Execution Vulnerability
Scripting Engine Memory Corruption Vulnerability in Microsoft Browsers
Chakra Scripting Engine Remote Code Execution Vulnerability
Chakra Scripting Engine Memory Corruption Vulnerability in Microsoft Edge
Chakra Scripting Engine Remote Code Execution Vulnerability
Chakra Scripting Engine Memory Corruption Vulnerability in Microsoft Edge
Chakra Scripting Engine Remote Code Execution Vulnerability
Chakra Scripting Engine Remote Code Execution Vulnerability
Scripting Engine Memory Corruption Vulnerability in Microsoft Browsers
Scripting Engine Memory Corruption Vulnerability in Microsoft Browsers
URL Spoofing Vulnerability in Internet Explorer
Chakra Scripting Engine Remote Code Execution Vulnerability
Chakra Scripting Engine Remote Code Execution Vulnerability
Chakra Scripting Engine Remote Code Execution Vulnerability
Chakra Scripting Engine Remote Code Execution Vulnerability
Microsoft Edge Remote Code Execution Vulnerability
Chakra Scripting Engine Remote Code Execution Vulnerability
Windows Hyper-V Denial of Service Vulnerability
Internet Explorer Remote Code Execution Vulnerability
Memory Object Handling Vulnerability in Internet Explorer
Windows Storage Service Elevation of Privilege Vulnerability
Skype for Android: Information Disclosure Vulnerability
Chakra Scripting Engine Remote Code Execution Vulnerability
Windows Symbolic Link Elevation of Privilege Vulnerability
Chakra Scripting Engine Remote Code Execution Vulnerability
Escape from AppContainer Sandbox: Microsoft Edge Elevation of Privilege Vulnerability
Memory Corruption Vulnerability in Microsoft Browsers: Remote Code Execution
Request Filtering Denial of Service Vulnerability in Microsoft IIS Server
Windows 10 Unified Write Filter Elevation of Privilege Vulnerability
Windows ALPC Elevation of Privilege Vulnerability
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
Windows Event Viewer XML External Entity (XXE) Vulnerability
Microsoft SharePoint Server Spoofing Vulnerability
Microsoft SharePoint Server Spoofing Vulnerability
Microsoft SharePoint Server Spoofing Vulnerability
Unsafe ASP.Net web controls in Microsoft SharePoint Server can lead to remote code execution
Memory Object Handling Vulnerability in Microsoft Word
Microsoft SharePoint Server Information Disclosure Vulnerability
Microsoft SharePoint Server Elevation of Privilege Vulnerability
Microsoft SharePoint Server Elevation of Privilege Vulnerability
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Win32k Memory Object Handling Elevation of Privilege Vulnerability
Windows GDI Memory Disclosure Vulnerability
Azure Automation RunAs Account Privilege Escalation Vulnerability
Microsoft Office SharePoint XSS Vulnerability
Hyper-V Remote Code Execution Vulnerability
Windows Hyper-V Denial of Service Vulnerability
Windows GDI Memory Disclosure Vulnerability
Azure DevOps Server and Team Foundation Server Authentication Request Information Disclosure Vulnerability
LSASS Denial of Service Vulnerability
Windows Installer Elevation of Privilege Vulnerability
Jet Database Engine Remote Code Execution Vulnerability
ADFS Security Feature Bypass Vulnerability
NuGet Package Manager Tampering Vulnerability
Windows GDI Memory Disclosure Vulnerability
Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability
.NET Framework and .NET Core Web Request Denial of Service Vulnerability
.NET Framework and .NET Core Web Request Denial of Service Vulnerability
ASP.NET Core Denial of Service Vulnerability
Windows Storage Service Elevation of Privilege Vulnerability
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Microsoft Speech API Remote Code Execution Vulnerability
Symlink Exploitation in Windows User Profile Service: Elevation of Privilege Vulnerability
Scripting Engine Memory Corruption Vulnerability in Internet Explorer
Chakra Scripting Engine Remote Code Execution Vulnerability
Scripting Engine Information Disclosure Vulnerability in Microsoft Edge
Chakra Scripting Engine Remote Code Execution Vulnerability
Chakra Scripting Engine Remote Code Execution Vulnerability
Chakra Scripting Engine Remote Code Execution Vulnerability
Mark of the Web Bypass Vulnerability in urlmon.dll
Azure DevOps Server Cross-Site Request Forgery (CSRF) Vulnerability
Windows Storage Service Elevation of Privilege Vulnerability
DirectX Memory Object Handling Vulnerability
Microsoft Azure AD Connect Elevation of Privilege Vulnerability
Storing Passwords in a Recoverable Format Vulnerability in TeamPass
Incorrect Access Control in Gitea's Delete/Edit File Functionality
Cross Site Request Forgery (CSRF) Vulnerability in MapSVG Lite version 3.2.3
Cross-Site Scripting (XSS) Vulnerability in Yugandhargangu JspMyAdmin2 v1.0.6 and Earlier
Arbitrary Code Execution and File Write Vulnerability in mPDF getImage() Method
Buffer Overflow Vulnerability in RIOT-OS sock_dns Implementation Allows Remote Code Execution
Improper Handling of Structural Elements in aioxmpp Version 0.10.2 and Earlier
Path Traversal Vulnerability in Helm Fetch and Helm Lint Commands
Path Traversal vulnerability in Helm ChartMuseum (>=0.1.0 and < 0.8.1) allows unauthorized file uploads
Cross Site Scripting (XSS) Vulnerability in phpIPAM subnet-scan-telnet.php
Incorrect Access Control in GraphQL Delete Mutations in API Platform 2.2.0 to 2.3.5
Vulnerability in Hex Package Manager Allows Undetected Package Modifications and Code Execution
Vulnerability in Hex Package Manager Allows Undetected Package Modifications and Code Execution
Package Registry Verification Bypass in Erlang/OTP Rebar3 (CVE-2021-12345)
Cross Site Scripting (XSS) Vulnerability in Chamilo-lms Version 1.11.8 and Earlier
CWE-129: Improper Validation of Array Index in FFMPEG version 4.1
Chamilo-lms Ticket Component Incorrect Access Control Vulnerability
Command Injection Vulnerability in rssh Version 2.3.4 with allowscp Permission
Out-of-bounds Read Vulnerability in libarchive's 7zip Decompression
Infinite Loop DoS Vulnerability in libarchive ISO9660 Parser
Access Control Vulnerability in XEP-0223 Plugin: Unauthorized Access to Private Data via PubSub
Cross Site Request Forgery (CSRF) vulnerability in Taoensso Sente WebSocket Handshake Endpoint
SQL Injection Vulnerability in OPT/NET BV OPTOSS Next Gen Network Management System (NG-NetMS) v3.6-2 and Earlier Versions
Cross Site Scripting (XSS) Vulnerability in OPT/NET BV NG-NetMS v3.6-2 and Earlier Versions
Disk Space Quota Exhaustion Vulnerability in article2pdf Wordpress Plugin
Session Hijacking and Privilege Escalation in Zoho ManageEngine ServiceDesk 9.3
Arbitrary File Loading Vulnerability in Titan FTP Server 2019 Build 3505
Scripting Engine Memory Corruption Vulnerability in Microsoft Browsers
PHP League CommonMark Library XSS Vulnerability
Arbitrary Account Creation with Weak Password Vulnerability in Jenzabar JICS
Arbitrary Code Execution via ZIP Archive Upload in Jenzabar JICS
Buffer Overflow in axTLS 2.1.5 Allows Remote Denial of Service
Arbitrary Password Reset Vulnerability in DedeCMS 5.7SP2
Remote Code Execution in baigoStudio baigoSSO v3.0.1 via Configuration Screen
Cross-Site Scripting (XSS) Vulnerability in GForge Advanced Server 6.4.4 via commonsearch.php words parameter
XSS Vulnerability in CMS Made Simple 2.2.10 via moduleinterface.php Name Field
Xpdf 4.01.01 FPE Vulnerability in PostScriptFunction::exec Function
FPE Vulnerability in Xpdf 4.01.01: PSOutputDev::checkPageSlice Function
Chakra Scripting Engine Remote Code Execution Vulnerability
FPE Vulnerability in Xpdf 4.01.01: Splash::scaleImageYuXu Function
Floating Point Exception in Xpdf's ImageStream::ImageStream Function
Kubernetes API Server Denial of Service Vulnerability
Arbitrary Code Execution via Malicious Tar Binary in kubectl cp Command
NULL Pointer Dereference in Xpdf's Gfx::opSetExtGState Function
Xpdf 4.01.01 FPE Vulnerability in PostScriptFunction::exec Function
FPE Vulnerability in Xpdf 4.01.01: Splash::scaleImageYuXu Function
FPE Vulnerability in Xpdf 4.01.01: ImageStream::ImageStream Function in Stream.cc
Xpdf 4.01.01 FPE Vulnerability in PostScriptFunction::exec
XSS Vulnerability in PHPCMS 9.6.x through 9.6.3 via Mailbox Field
Dial Reference Source Code Denial of Service (DOS) Vulnerability
Chakra Scripting Engine Remote Code Execution Vulnerability
Sandbox Bypass Vulnerability in Script Security Plugin Allows Arbitrary Code Execution
Arbitrary Code Execution Vulnerability in Pipeline: Groovy Plugin
Arbitrary Code Execution Vulnerability in Pipeline: Declarative Plugin
Persistent Access Vulnerability in Jenkins 2.158 and Earlier
Session Hijacking Vulnerability in Jenkins
Jenkins Script Security Plugin Sandbox Bypass Vulnerability
Jenkins Groovy Plugin Sandbox Bypass Vulnerability
Arbitrary Code Execution Vulnerability in Jenkins Warnings Plugin 5.0.0 and Earlier
Arbitrary Code Execution Vulnerability in Jenkins Warnings Next Generation Plugin
Impersonation Vulnerability in Jenkins Active Directory Plugin
Cross-Site Request Forgery Vulnerability in Jenkins Git Plugin 3.9.1 and Earlier
Jenkins Token Macro Plugin Recursive Input Vulnerability
Cross-Site Request Forgery Bypass Vulnerability in Jenkins Blue Ocean Plugins
Cross-Site Scripting Vulnerability in Jenkins Blue Ocean Plugins 1.10.1 and Earlier
Cross-Site Scripting Vulnerability in Jenkins Config File Provider Plugin 3.4.1 and Earlier
XML External Entity (XXE) Processing Vulnerability in Jenkins Job Import Plugin 2.1 and Earlier
Jenkins Job Import Plugin Vulnerability: Unauthorized Access to Sensitive Information
Jenkins Job Import Plugin 3.0 and Earlier: Data Modification Vulnerability
Jenkins GitHub Authentication Plugin 0.29 and earlier: Sensitive Information Exposure Vulnerability
Session Fixation Vulnerability in Jenkins GitHub Authentication Plugin
Server-Side Request Forgery Vulnerability in Jenkins Kanboard Plugin 1.5.10 and Earlier
Jenkins OpenId Connect Authentication Plugin 1.4 and earlier: Sensitive Information Exposure Vulnerability
Jenkins Monitoring Plugin 1.74.0 and Earlier: Denial of Service Vulnerability Allows Thread Killing
Arbitrary HTML Rendering Vulnerability in Jenkins Warnings Next Generation Plugin
Jenkins Script Security Plugin Sandbox Bypass Vulnerability
Jenkins Cloud Foundry Plugin: Sensitive Information Exposure Vulnerability
Server-side request forgery vulnerability in Jenkins Mattermost Notification Plugin 2.6.2 and earlier allows unauthorized message sending
Server-Side Request Forgery Vulnerability in Jenkins OctopusDeploy Plugin 1.8.1 and Earlier
Server-side request forgery vulnerability in Jenkins JMS Messaging Plugin 1.1.1 and earlier allows unauthorized JMS endpoint connection
Jenkins Script Security Plugin Sandbox Bypass Vulnerability
Jenkins Pipeline: Groovy Plugin Sandbox Bypass Vulnerability
Sandbox Bypass Vulnerability in Jenkins Matrix Project Plugin 1.13 and Earlier
Sandbox Bypass Vulnerability in Jenkins Email Extension Plugin
Sandbox Bypass Vulnerability in Jenkins Groovy Plugin 2.1 and Earlier
Sandbox Bypass Vulnerability in Jenkins Job DSL Plugin
Information Exposure Vulnerability in Jenkins Azure VM Agents Plugin
Jenkins Azure VM Agents Plugin 0.8.0 and earlier: Data Modification Vulnerability
Information Exposure Vulnerability in Jenkins Azure VM Agents Plugin
Insufficiently Protected Credentials Vulnerability in Jenkins Repository Connector Plugin
Insufficient Credential Protection in JenkinsAppDynamics Dashboard Plugin
Arbitrary Constructor Invocation Vulnerability in Jenkins Script Security Plugin
Sandbox Bypass Vulnerability in Jenkins Pipeline: Groovy Plugin Allows Invocation of Arbitrary Constructors
Arbitrary JavaScript Injection Vulnerability in Jenkins Lockable Resources Plugin
Jenkins Slack Notification Plugin 2.19 and Earlier: Missing Permission Check Allows Unauthorized Access to Attacker-Specified URLs
Cross-Site Request Forgery Vulnerability in Jenkins Slack Notification Plugin
Jenkins ECS Publisher Plugin 1.0.0 API Token Disclosure Vulnerability
Cross-Site Request Forgery Vulnerability in Jenkins Fortify on Demand Uploader Plugin
Unauthenticated Remote Server Connection Vulnerability in Jenkins Fortify on Demand Uploader Plugin
Local File System Access Vulnerability in Jenkins PRQA Plugin 3.1.0 and Earlier
Vulnerability: Persistent CLI Authentication in Jenkins Versions 2.171 and Earlier
Cross-Site Scripting (XSS) Vulnerability in Jenkins UI's f:validateButton Form Control
Unencrypted Storage of Credentials in Jenkins IRC Plugin's Global Configuration File
Unencrypted Storage of Credentials in Jenkins AWS Elastic Beanstalk Publisher Plugin
Unencrypted Storage of Credentials in Jenkins HockeyApp Plugin
Unencrypted Storage of Credentials in Jenkins Jira Issue Updater Plugin
Unencrypted Storage of Credentials in Jenkins FTP Publisher Plugin
Unencrypted Storage of Credentials in Jenkins WebSphere Deployer Plugin
Unencrypted Storage of Credentials in Jenkins Bitbucket Approve Plugin
Cross-Site Request Forgery Vulnerability in Jenkins FTP Publisher Plugin Allows Unauthorized Server Connections
Jenkins FTP Publisher Plugin Vulnerability: Unauthorized Server Connection
Unencrypted Storage of Credentials in Jenkins Official OWASP ZAP Plugin
Unencrypted Storage of Credentials in Jenkins CloudFormation Plugin
Unencrypted Storage of Credentials in Jenkins AWS CloudWatch Logs Publisher Plugin
Unencrypted Storage of Credentials in Jenkins Amazon SNS Build Notifier Plugin
Unencrypted Storage of Credentials in Jenkins aws-device-farm Plugin
Unencrypted Storage of Credentials in Jenkins CloudShare Docker-Machine Plugin
Unencrypted Storage of Credentials in Jenkins Bugzilla Plugin
Unencrypted Storage of Credentials in Jenkins Trac Publisher Plugin
Unencrypted Storage of Credentials in Jenkins VMware vRealize Automation Plugin
Unencrypted Storage of Credentials in Jenkins Aqua Security Scanner Plugin
Unencrypted Storage of Credentials in Jenkins veracode-scanner Plugin
Unencrypted Storage of Credentials in Jenkins OctopusDeploy Plugin
Unencrypted Storage of Credentials in Jenkins WildFly Deployer Plugin
Unencrypted Storage of Credentials in Jenkins VS Team Services Continuous Deployment Plugin
Unencrypted Storage of Credentials in Jenkins Hyper.sh Commons Plugin
Unencrypted Storage of Credentials in Jenkins Audit to Database Plugin
Cross-Site Request Forgery Vulnerability in Jenkins Audit to Database Plugin
Jenkins Audit to Database Plugin: Missing Permission Check in DbAuditPublisherDescriptorImpl#doTestJdbcConnection Form Validation Method
Cross-Site Request Forgery Vulnerability in Jenkins VMware Lab Manager Slaves Plugin
Unauthenticated Connection Initiation Vulnerability in Jenkins VMware Lab Manager Slaves Plugin
Cross-Site Request Forgery Vulnerability in Jenkins OpenShift Deployer Plugin
Unauthenticated Server Connection Vulnerability in Jenkins OpenShift Deployer Plugin
Cross-Site Request Forgery Vulnerability in Jenkins Gearman Plugin Allows Unauthorized Server Connections
Jenkins Gearman Plugin: Missing Permission Check in Connection Validation Allows Unauthorized Server Connections
Cross-Site Request Forgery Vulnerability in Jenkins Zephyr Enterprise Test Management Plugin
Unauthenticated Connection Initiation Vulnerability in Jenkins Zephyr Enterprise Test Management Plugin
Cross-Site Request Forgery Vulnerability in Jenkins Chef Sinatra Plugin
Jenkins Chef Sinatra Plugin Vulnerability: Unauthorized Connection Initiation
Unencrypted Storage of Credentials in Jenkins Fabric Beta Publisher Plugin
Unencrypted Storage of Credentials in Jenkins Upload to pgyer Plugin
Cross-Site Request Forgery Vulnerability in Jenkins SOASTA CloudTest Plugin
Unauthenticated Server Connection Vulnerability in Jenkins SOASTA CloudTest Plugin
Cross-Site Request Forgery Vulnerability in Jenkins Nomad Plugin Allows Unauthorized Server Connections
Jenkins Nomad Plugin Vulnerability: Unauthorized Connection Initiation
Unencrypted Storage of Credentials in Jenkins Open STF Plugin
Unencrypted Storage of Credentials in Jenkins Perfecto Mobile Plugin
Unencrypted Storage of Credentials in Jenkins TestFairy Plugin
Unencrypted Storage of Credentials in Jenkins Crowd Integration Plugin
Cross-Site Request Forgery Vulnerability in Jenkins OpenID Plugin
OpenId Plugin in Jenkins: Missing Permission Check Allows Unauthorized Server Connection
Arbitrary Program Execution Vulnerability in Evernote 7.9 on macOS
Unauthenticated Account Manipulation in D-Link DIR-816 A2 1.11 Router
Scripting Engine Memory Corruption Vulnerability in Internet Explorer
Unauthenticated Command Execution in D-Link DIR-816 A2 1.11 Router
Unauthenticated System Account Modification in D-Link DIR-816 A2 1.11 Router
Unauthenticated Router Reset Vulnerability in D-Link DIR-816 A2 1.11
IDN Homograph Attack Vulnerability in Telegram Applications
Session Cookie Disclosure Vulnerability in Pydio through 8.2.2
Information Disclosure Vulnerability in Pydio 8.2.2 Allows Unauthenticated Attackers to Obtain Configuration Details
Stored XSS Vulnerability in Pydio Web Application through 8.2.2 via File Upload and Preview Features
Arbitrary Command Execution Vulnerability in Pydio ImageMagick Plugin
Cross-Site Scripting (XSS) Vulnerability in Pydio 8.2.2
Scripting Engine Memory Corruption Vulnerability in Microsoft Browsers
Buffer Over-read Vulnerability in Suricata 4.1.x
Suricata 4.1.3 Vulnerability: Crash due to Unsafe Some(sfcm) => { ft.new_chunk } in filetracker_newchunk
Panic Vulnerability in Suricata 4.1.3 DHCP Parser
Heap-based Buffer Over-read in Suricata 4.1.x before 4.1.4
Invalid Memory Access in Suricata 4.1.3: process_reply_record_v3 Vulnerability
FTP PASV Response Length Check Bypass Vulnerability in Suricata 4.1.3
Vulnerability: Double Execution of DecodeEthernet in Suricata 4.1.3
CSRF Vulnerability in Lexmark Products
Lexmark Products Vulnerable to Incorrect Access Control
Default Enabled Legacy Finger Service on Older Lexmark Devices
WCF/WIF SAML Token Authentication Bypass Vulnerability
Buffer Overflow Vulnerability in Verix Multi-app Conductor Application 2.7 for Verifone Verix
Command Injection vulnerability in utils/find-opencv.js in node-opencv (aka OpenCV bindings for Node.js) prior to 6.1.0
XSS Vulnerability in Aurelia Framework's HTMLSanitizer Class
Sandbox Bypass Vulnerability in Flatpak
Insecure Random Number Generation in hostapd EAP Mode (CVE-2016-10743)
Information Disclosure Vulnerability in Open Ticket Request System (OTRS) 7.0 through 7.0.6
JavaScript Execution Vulnerability in OTRS and OTRSAppointmentCalendar
JavaScript Execution Vulnerability in Open Ticket Request System (OTRS)
Unauthenticated Remote Code Execution in Kentico CMS
Remote Code Execution Vulnerability in Godot through 3.1: Incorrect Deserialization Policy
Windows Audio Service Elevation of Privilege Vulnerability
Stored Cross-Site Scripting Vulnerability in Apache Atlas Search Functionality
Timing Side Channel Vulnerability in HMAC Signature Comparison
Incomplete Fix for CVE-2019-0199: HTTP/2 Connection Window Exhaustion Vulnerability in Apache Tomcat
Stored XSS Vulnerability in Apache OFBiz Ecommerce Template
Remote Code Execution (RCE) Vulnerability in Apache OFBiz Form Widget Textarea Field
XSS Vulnerability in Apache JSPWiki 2.9.0 to 2.11.0.M3 Allows for Session Hijacking
InterWiki Link XSS Vulnerability in Apache JSPWiki 2.9.0 to 2.11.0.M3
Multiple Plugins in Apache JSPWiki 2.9.0 to 2.11.0.M3 Vulnerable to XSS Exploitation and Session Hijacking
Apache Traffic Server HTTP/2 Setting Flood Vulnerability
Security Feature Bypass Vulnerability in Microsoft Dynamics On-Premise
XML External Entity (XXE) Vulnerability in NiFi XMLFileLookupService
HTTP/2 Early Push Memory Overwrite Vulnerability
Apache HTTP Server 2.4.18-2.4.39: Memory Read After Free Vulnerability in HTTP/2 Session Handling
Information Disclosure Vulnerability in NiFi API
Apache Impala Session and Query Hijacking Vulnerability
Stored XSS Vulnerability in Apache Allura Prior to 1.11.0
Vulnerability: Unprotected Classloader Access in Apache Commons Beanutils 1.9.2
Apache JSPWiki Plugin Link XSS Vulnerability
Apache Tika RecursiveParserWrapper OOM Vulnerability
Apache JSPWiki WYSIWYG Editor XSS Vulnerability
Windows GDI Memory Disclosure Vulnerability
Apache JSPWiki Plain Editor XSS Vulnerability
Apache Geode SSL Handshake Vulnerability
Limited Cross-Site Scripting Vulnerability in Apache HTTP Server 2.4.0-2.4.39
Apache Tika 1.19 to 1.21 Vulnerability: Denial of Service via Crafted 2003ml or 2006ml File
StackOverflowError Vulnerability in Apache Tika's RecursiveParserWrapper (Versions 1.7-1.21)
Apache Zeppelin Bash Command Injection Vulnerability
Stack Buffer Overflow and NULL Pointer Dereference in Apache HTTP Server 2.4.32-2.4.39 with mod_remoteip and PROXY Protocol
Apache HTTP Server mod_rewrite Redirect Vulnerability
Unencrypted Data Leakage Vulnerability in Spark 2.3.3 and Earlier Versions
Windows GDI Memory Disclosure Vulnerability
Server Side Template Injection in JetBrains YouTrack Confluence Plugin
Cross Site Scripting (XSS) vulnerability in Leanote prior to version 2.6
SoX - Sound eXchange 14.4.2 and earlier Vulnerability: Out-of-bounds Read in read_samples function at xa.c:219
XSS to Code Execution Vulnerability in HexoEditor v1.1.8-beta
Buffer Overflow Vulnerability in Evince 3.26.0: DOS / Possible Code Execution
Cross Site Scripting (XSS) Vulnerability in Emoncms 9.8.8
Insecure Permissions in DGLogik Inc DGLux Server All Versions: Remote Execution and Credential Leaks via IoT API
Cross Site Scripting (XSS) vulnerability in Dolibarr 6.0.4 allows for Cookie Stealing via specially crafted link in htdocs/product/stats/card.php
XML Injection Vulnerability in libnmap < v0.6.3: Denial of Service (DoS) via Specially Crafted XML Payload
Cross Site Scripting (XSS) Vulnerability in Zammad GmbH Zammad 2.3.0 and Earlier
Mitigation Bypass: Stack Guard Protection Bypass in GNU Libc's nptl Component
Vulnerability: Privilege Escalation via Re-mapping Loaded Library
Mitigation Bypass: ASLR Bypass Using Cache of Thread Stack and Heap in GNU Libc
ASLR Bypass Vulnerability in GNU Libc
Cross Site Scripting (XSS) vulnerability in School College Portal with ERP Script 2.6.1 and earlier: Attack on administrators, teachers, and students via /pro-school/index.php?student/message/send_reply/
SQL Injection in Deepwoods Software WebLibrarian 3.5.2 and earlier: Exposing the Entire Database
Buffer Overflow Vulnerability in OpenModelica OMCompiler
Buffer Overflow in uLaunchELF Loader Program (loader.c) Allows for Possible Code Execution and Denial of Service
Buffer Overflow Vulnerability in Quake3e < 5ed740d
Buffer Overflow in borg-reducer c6d5240: Potential for Code Execution and Denial of Service
Dolibarr 7.0.0 Vulnerability: Cross Site Request Forgery (CSRF) Allows Unauthorized User Actions
Buffer Overflow Vulnerability in nfdump 1.6.16 and Earlier: Potential Denial of Service to Local Code Execution
NASA CFITSIO prior to 3.43 Buffer Overflow Vulnerability
Unrestricted File Upload Vulnerability in PluckCMS 4.7.4 and Earlier
Integer Overflow in The Sleuth Kit 4.6.0 and earlier: Crash in tsk/fs/hfs_dent.c:237
Vulnerability: Incorrect Access Control in Lawrence Livermore National Laboratory msr-safe v1.1.0
Vulnerability: Denial of Service Attack via Crafted File in moinejf abcm2ps 8.13.20
Flask before 1.0 Vulnerability: Denial of Service via Crafted Encoded JSON Data
Incorrect Access Control in Dancer::Plugin::SimpleCRUD 1.14 and earlier: Potential for Unauthorized Data Access
CWE-79: Improper Neutralization of Input During Web Page Generation in TinyMCE 4.7.11 and 4.7.12: JavaScript Code Execution via Media Element
CSRF Vulnerability in DomainMod v4.10.0 Allows Unauthorized Password Change
CSRF Vulnerability in DomainMOD v4.10.0 Allows Unauthorized Administrator Account Addition
CSRF Vulnerability in DomainMOD v4.10.0 Allows Unauthorized User Privilege Escalation
Insecure Artifact Resolution in JetBrains Kotlin Versions Prior to 1.3.30
Title: Critical Vulnerability in Akeo Consulting Rufus 3.0 and Earlier: DLL Search Order Hijacking Enables Arbitrary Code Execution with Privilege Escalation
Insecure Permissions in Akeo Consulting Rufus 3.0 and Earlier: Arbitrary Code Execution with Privilege Escalation
SQL Injection Vulnerability in TechyTalk Quick Chat WordPress Plugin
Cross Site Request Forgery (CSRF) vulnerability in OECMS v4.3.R60321 and later versions allows unauthorized addition of administrator accounts
Cross Site Scripting (XSS) Vulnerability in Premium Software CLEditor 1.4.5 and Earlier
Unrestricted File Upload Vulnerability in MODX Revolution Gallery 1.7.0
Cross-Site Scripting (XSS) Vulnerability in WebAppick WooCommerce Product Feed Plugin
VCFTools Prior to Version 0.1.15: Use-After-Free Vulnerability in header::add_FILTER_descriptor Method
ChinaMobile GPN2.4P21-C-CN W2001EN-00 Vulnerability: Unauthenticated Remote Reboot
Title: Scapy 2.4.0 Denial of Service Vulnerability in _RADIUSAttrPacketListField.getfield()
Privilege Escalation through XSS in Yellowfin Smart Reporting (Versions Prior to 7.3)
SQL Injection Vulnerability in zzcms Version 8.3 and Earlier: zzcms File Delete to Code Execution
Vulnerability: File Delete to Code Execution in zzcms version 8.3 and earlier
Vulnerability Title: File Delete to Code Execution in zzcms 8.3 and earlier
File Delete Vulnerability in zzcms zzmcms 8.3 and Earlier: Exploiting /user/ppsave.php to Gain Shell Access
Vulnerability Title: File Delete to Code Execution in zzcms 8.3 and Earlier
SQL Injection Vulnerability in zzcms 8.3 and earlier
Authentication Bypass Vulnerability in D-Link DSL-2750U 1.11
Incorrect Access Control in perl-CRYPT-JWT 0.022 and earlier allows for bypassing authentication
Vulnerability Title: NULL Pointer Dereference in Jsi_StrcmpDict Function (jsiChar.c:121) in jsish 2.4.74 2.0474
Buffer Overflow Vulnerability in Socusoft Co Photo 2 Video Converter 8.0.0
Out-of-bounds Read Vulnerability in Jsish 2.4.77 (CVE-2021-XXXX)
Use After Free vulnerability in Jsish 2.4.77 (2.0477): Denial of Service in Jsi_ObjFree (jsiObj.c:230)
Nullpointer Dereference Vulnerability in Jsish 2.4.83: Denial of Service in jsi_DumpFunctions (jsiEval.c:567)
Uncontrolled Resource Consumption in Jsish 2.4.84: Denial of Service Vulnerability
Reachable Assertion in Jsi_ValueArrayIndex (jsiValue.c:366) in Jsish 2.4.84 2.0484: Denial of Service Vulnerability
CImg Library v.2.3.3 and earlier: Command Injection in load_network() Function
Buffer Overflow in lit_char_to_utf8_bytes function of JerryScript (commit 4e58ccf68070671e1fff5cd6673f0c1d5b80b166) allows for denial of service and potential arbitrary code execution
Use After Free vulnerability in Jsish 2.4.70 2.047 in Jsi_RegExpNew function (jsi/jsiRegexp.c:39) allows for denial of service and possibly arbitrary code execution
Vulnerability Title: Remote Code Execution in Fred MODX Revolution < 1.0.0-beta5
Command Injection Vulnerability in PHKP (commit 88fd9cfdf14ea4b6ac3e3967feea7bcaabb6f03b)
Buffer Overflow Vulnerability in GNU gdb: Denial of Service, Memory Disclosure, and Possible Code Execution
Uncontrolled Recursion in YamlLoader::load_from_str function leads to Denial of Service
Uncontrolled Recursion in serde_yaml 0.6.0 to 0.8.3: Denial of Service via Malicious YAML Parsing
Infinite Loop Denial of Service Vulnerability in mgetty
Out-of-Bounds Read Vulnerability in mgetty prior to 1.2.1
SQL Injection Vulnerability in Marginalia < 1.6
Cross Site Scripting (XSS) Vulnerability in hisiphp 1.0.8
Cross Site Scripting (XSS) vulnerability in ServiceStack Framework 4.5.14
Insecure Artifact Resolution in JetBrains Ktor Framework
Voice Builder Prior to commit c145d4604df67e6fc625992412eef0bf9a85e26b and f6660e6d8f0d1d931359d591dbdec580fef36d36 is vulnerable to OS Command Injection leading to Remote Code Execution
SQL Injection Vulnerability in Jeesite 1.2.7: Sensitive Information Disclosure
XML External Entity (XXE) Vulnerability in Jeesite 1.2.7: Sensitive Information Disclosure
Vulnerability: Denial of Service in GNU binutils gold
Directory Traversal Vulnerability in LINAGORA Hublin
Vulnerability: Missing SSL Certificate Validation in OSS Http Request Plugin
Cross Site Scripting (XSS) vulnerability in Genetechsolutions Pie Register 3.0.15 allows session cookie theft
Buffer Overflow Vulnerability in Veracrypt NT Driver (veracrypt.sys)
Unauthenticated File Upload Vulnerability in GoURL WordPress Plugin 1.4.13 and Earlier
Buffer Overflow Vulnerability in Cherokee Web Server
Buffer Over-read Vulnerability in tcpdump 4.9.2: Exposing Stack Information via Specially Crafted pcap File
Vulnerability: Incorrect Access Control in LineageOS 16.0 and earlier
Buffer Overflow Vulnerability in OFFIS.de DCMTK 3.6.3 and below
Buffer Overflow Vulnerability in Juniper libslax Library
Remote Code Execution in Linux Foundation ONOS 1.15.0 and Earlier via Improper Input Validation in YangLiveCompilerManager.java
Cross Site Scripting (XSS) Vulnerability in Frog CMS 1.1 Snippets Component
Stored XSS Vulnerability in Ilias Assessment/TestQuestionPool Component
Heap-based Buffer Overflow in Gnome Pango 1.42 and Later: Exploiting pango_log2vis_get_embedding_levels Function
Null Dereference Vulnerability in cJSON 1.7.8: Denial of Service via Crafted JSON File
Jenkins Credentials Binding Plugin 1.17: CWE-257 - Storing Passwords in a Recoverable Format
Arbitrary Command Execution in Linux Foundation ONOS SDN Controller 1.15 and Earlier Versions
Unauthenticated MySQL Database Password Information Disclosure in MailCleaner
ZmartZone IAM mod_auth_openidc 2.3.10.1 and earlier Cross Site Scripting (XSS) Vulnerability
SQL Injection Vulnerability in Synetics GmbH I-doit 1.12 and Earlier: Unauthenticated MySQL Database Access via Web Login Form
Title: Integer Overflow Vulnerability in Linux Foundation ONOS Allows Unauthorized Flow Rule Installation
Vulnerability: Unintended Flow Rule Installation in ONOS 2.0.0 and Earlier
Denial of Service - DNS Detection Bypass in Open Information Security Foundation Suricata (CVE-2019-12168)
Title: Vulnerability in Linux Foundation ONOS 2.0.0 and Earlier: Unintended Flow Rule Installation via Poor Input Validation
Arbitrary File Download and Deletion in article2pdf Wordpress Plugin
Buffer Overflow in nanosvg Library: Memory Corruption and DoS
SQL Injection in SaltStack Salt 2018.3, 2019.2: Privilege Escalation and RCE via mysql.user_chpass
Arbitrary Code Execution via MITM Attack in ktlint Custom Ruleset Download
Cross Site Scripting (XSS) vulnerability in Gitea 1.7.0 and earlier allows arbitrary JavaScript execution in victim's browser
Incorrect Access Control in Perl Crypt::JWT (CVE-2021-12345)
Uncontrolled Resource Consumption in Lodash Date Handler (CWE-400)
XML External Entity (XXE) Vulnerability in Ladon SOAP Request Handlers
Improper Certificate Validation in Helm Before 2.7.2 Allows Unauthorized Client Connections
Denial of Service - TCP/HTTP Detection Bypass in Open Information Security Foundation Suricata (CVE-2020-XXXX)
Univention Corporate Server univention-directory-notifier 12.0.1-3 and earlier Vulnerability: Intentional Information Exposure
Cross Site Scripting (XSS) vulnerability in Timesheet Next Gen 1.5.3 and earlier allows arbitrary code execution via redirect parameter in login.php.
Open Redirection Vulnerability in Babel: Allowing Unrestricted URL Redirection
Boundary Check Vulnerability in Linaro/OP-TEE Prior to v3.4.0
Boundary Crossing Vulnerability in Linaro/OP-TEE OP-TEE 3.3.0 and Earlier: Memory Corruption of TEE
Rounding Error Vulnerability in Linaro/OP-TEE OP-TEE 3.3.0 and Earlier
Buffer Overflow Vulnerability in Linaro/OP-TEE OP-TEE 3.3.0 and Earlier: Memory Corruption and Disclosure
Buffer Overflow Vulnerability in Linaro/OP-TEE OP-TEE 3.3.0 and Earlier
Buffer Overflow Vulnerability in Linaro/OP-TEE OP-TEE 3.3.0 and Earlier
Buffer Overflow Vulnerability in Linaro/OP-TEE OP-TEE 3.3.0 and Earlier
Uninitialized Memory Exposure in Rust Programming Language Standard Library
Vulnerability: Insecure Gradle Artifact Resolution in JetBrains IntelliJ IDEA Kotlin Projects
Buffer Overflow Vulnerability in mz-automation libiec61850 1.3.2 1.3.1 1.3.0: Server Example Complex Array Component
Buffer Overflow Vulnerability in jhead 3.03: Denial of Service via Specially Crafted JPEG File
Denial of Service Vulnerability in jhead 3.03: Incorrect Access Control in iptc.c Line 122 show_IPTC()
Incorrect Access Control in Saleor GraphQL API allows Unauthenticated Users to Access Admin-Restricted Shop Revenue Data
Buffer Overflow in libmspack 0.9.1alpha: Information Disclosure in chmd_read_headers()
Remote Code Execution (RCE) Vulnerability in Slanger 0.6.0
Cross Site Scripting (XSS) Vulnerability in GLPI Product 9.3.1: Privilege Escalation and Admin JS Execution via Link Tickets Feature
Unrestricted Access to Sensitive Information in Aquarius CMS Log File
GLPI Product 9.3.1 - Frame and Form Tags Injection Vulnerability
Gitea 1.7.2, 1.7.3 Vulnerability: Cross Site Scripting (XSS) in Repository Description
WavPack 5.1 and earlier Vulnerability: Divide by Zero in ParseDsdiffHeaderConfig (dsdiff.c:282)
Incorrect Access Control in pyxtrlock 0.3 and earlier: False Locking Impression in Non-X11 Sessions
Uninitialized Variable in WavPack's ParseCaffHeaderConfig Leads to Control Flow Issues
Uninitialized Variable in WavPack's ParseWave64HeaderConfig Leads to Control Flow Issues
Remote Code Execution Vulnerability in JetBrains IntelliJ IDEA Ultimate
Self-XSS Vulnerability in CMS Made Simple 2.2.10 via Layout Design Manager Name Field
XSS Vulnerability in CMS Made Simple 2.2.10 via 'moduleinterface.php' Name Field
XSS Vulnerability in CMS Made Simple 2.2.10 via Email Address Field in myaccount.php
Incorrect Access Control Vulnerability in GitLab Community and Enterprise Edition
EXIF Geolocation Data Exposure in GitLab
Windows GDI Memory Disclosure Vulnerability
Insecure Permissions in GitLab's Move Issue Feature
Persistent XSS Vulnerability in GitLab Merge Request Resolve Conflicts Page
Insecure HMAC Key Derivation Vulnerability in GitLab
Uncontrolled Resource Consumption in GitLab API
Insecure Parameter Validation in GitLab OAuth Authentication
Insecure Permissions in GitLab Releases Feature
Insecure Permissions Allow Unauthorized Access to Related Branches in GitLab
Open Redirect Vulnerability in GitLab Community and Enterprise Edition before 11.7.8, 11.8.x before 11.8.4, and 11.9.x before 11.9.2
XSS Vulnerability in Snipe-IT (before 4.6.14) via log_meta and API User's Last Name
Authentication Bypass Vulnerability in eQ-3 HomeMatic CCU2 and CCU3 Devices (HMCCU-154)
Windows GDI Memory Disclosure Vulnerability
HMCCU-154: Session ID Persistence Vulnerability in eQ-3 HomeMatic CCU2 and CCU3 Devices
HMCCU-153: Unauthenticated Session Hijacking and Admin Access in eQ-3 HomeMatic CCU2 and CCU3 Devices
Buffer Overflow Vulnerability in eQ-3 HomeMatic CCU2 and CCU3 Devices (HMCCU-179)
SQL Injection Vulnerability in AIS ESEL-Server 67 Allows Arbitrary Code Execution
Use-after-free vulnerability in aio_poll() in Linux kernel through 5.0.4
Heap-based Buffer Overflow in mwifiex_uap_parse_tail_ies Function in Linux Kernel
Arbitrary Code Execution and Data Access Vulnerability in PostgreSQL 11.x
Insecure ACL Configuration in PostgreSQL Windows Installer
Arbitrary Memory Read Vulnerability in PostgreSQL 11.x (CVE-2019-10164)
Windows GDI Memory Disclosure Vulnerability
Vulnerability: Information Leakage in PostgreSQL Column Statistics
Off-by-one read vulnerability in ImageMagick's formatIPTCfromBuffer function
Vulnerability in libvirt >= 4.1.0: Unauthenticated Administrative Access via virtlockd-admin.socket and virtlogd-admin.socket
Unrestricted External URL Redirect in Moodle Cohort Upload Form
User Quota Exceedance Vulnerability in Moodle
Insecure Code Execution Vulnerability in osbs-client's yaml.load() Function
Spacewalk Vulnerability: Expired Authentication Session Manipulation
Path Traversal Vulnerability in spacewalk-proxy
Insufficient Access Control in python-novajoin Plugin Allows Unauthorized FreeIPA Token Generation
Plain-text storage of admin and appliance passwords in ansible variable file during HE deployment via cockpit-ovirt
Win32k Memory Object Handling Elevation of Privilege Vulnerability
Linux Kernel OverlayFS NULL Pointer Dereference Denial of Service Vulnerability
SQL-injection vulnerability in openstack-ironic-inspector's node_cache.find_node() function
Vulnerability in Linux Kernel's Freescale Hypervisor Manager Implementation
Privilege Escalation Vulnerability in FreeRADIUS Logrotate Configuration
Lack of Process Isolation in rkt enter Vulnerability
Lack of Process Isolation in rkt enter Vulnerability
Reflected Cross Site Scripting Vulnerability in pki-core Server's CA Agent Service
Insecure Process Isolation in rkt Versions 1.30.0 and Below
Remote Command Execution Vulnerability in Exim 4.87 to 4.91
Windows GDI Memory Disclosure Vulnerability
OpenShift Container Platform SSH Host Key Checking Bypass Vulnerability
Path Traversal Vulnerability in Podman Allows Arbitrary File Access
Vulnerability: Denial of Service in fence-agents due to Non-ASCII Characters
Unrestricted Access to Conversations in Moodle Web Service
Unverified Integrity Check Vulnerability in Libreswan IKEv1 Informational Exchange Processing
Information Disclosure Vulnerability in Ansible Templating
Keycloak Node.js Adapter Backchannel Logout Token Verification Bypass Vulnerability
Improper Session Fixation Protection in Infinispan-Spring Session Integration
Data Leak Vulnerability in cfme-gemset Versions 5.10.4.3 and Below, 5.9.9.3 and Below
Windows GDI Memory Disclosure Vulnerability
Vulnerability Title: Python Security Regression in URL Parsing (CVE-2019-9636)
Arbitrary File Access and Execution Vulnerability in libvirtd
PowerDNS Authoritative Server Denial of Service Vulnerability
PowerDNS Authoritative Server Vulnerability: Remote Master Server CPU Load and Zone Update Prevention
Stack-based Buffer Overflow in PostgreSQL
Plaintext Storage of OAuth Tokens in OpenShift Container Platform Audit Logs
Arbitrary Code Execution Vulnerability in libvirtd
Arbitrary Code Execution Vulnerability in libvirt's virConnectGetDomainCapabilities() API
Arbitrary Code Execution via Libvirt's Hypervisor CPU APIs
Arbitrary Code Execution Vulnerability in Keycloak's User-Managed Access Interface
Win32k Memory Object Handling Elevation of Privilege Vulnerability
Arbitrary Code Execution Vulnerability in Keycloak Admin Console
Denial of Service Vulnerability in 389-ds-base in RHEL 7.5
XML External Entity (XXE) Vulnerability in org.codehaus.jackson:jackson-mapper-asl:1.9.x Libraries
Remote Code Execution Vulnerability in XStream API (CVE-2021-XXXX)
Infinispan Privilege Escalation via Reflection Vulnerability
Unauthorized Cloning of Persistent Volume Claims in virt-cdi-cloner
Static CSRF Tokens in OpenShift Container Platform
Stored XSS Vulnerability in CloudForms PDF Export Component
Stored Cross Site Scripting (XSS) Vulnerability in Token Processing Service (TPS)
Reflected Cross Site Scripting (XSS) Vulnerability in PKI-Core 10.x.x Key Recovery Authority (KRA) Agent Service
DirectX Memory Object Handling Vulnerability
Stored Cross Site Scripting (XSS) Vulnerability in PKI-Core 10.x.x Token Processing Service (TPS)
Code Injection Vulnerability in IcedTea-Web
Arbitrary File Upload Vulnerability in IcedTea-Web
Insecure Password Handling in virt-install(1) Utility
Undertow Information Leak Vulnerability
Zip-Slip Vulnerability in IcedTea-Web: Arbitrary File Write and Sandbox Escape
CSRF Token Bypass in Moodle XML Loading/Unloading Admin Tool
Glossary Entry Deletion Vulnerability in Moodle
Vulnerability: Unauthorized Group Override Modification in Moodle Quiz
Group Override Vulnerability in Moodle
NETLOGON Message Session Key Retrieval Vulnerability
DNS Resolver Component Vulnerability: Bypassing DNSSEC Validation for Non-Existence Answer
Vulnerability in Knot Resolver Allows DNSSEC Downgrade and Domain Hijacking
Heap-Buffer Overflow Vulnerability in Redis HyperLogLog Data Structure
Stack-buffer overflow vulnerability in Redis hyperloglog data structure
Insufficient Protection of Sensitive Passwords in oVirt Metrics Deployment and Configuration
Clear text password logging vulnerability in FreeIPA's batch processing API
Denial of Service and Memory Leak Vulnerability in http-proxy-agent
Samba Directory Traversal Vulnerability
Authentication Bypass Vulnerability in foreman-tasks before 0.15.7
Inadequate Header Checks in Keycloak Account Console: Untrusted Domain Request Vulnerability
OpenShift Container Platform 4 Vulnerability: Unauthorized Access to AWS IAM Role Credentials on Master Nodes
Path Traversal Vulnerability in Yard before 0.9.20
Credential Sniffing Vulnerability in Pterodactyl before 0.7.14 with 2FA
Cross-Site Scripting (XSS) Vulnerability in Invenio-Records before 1.2.2
Tridactyl 1.16.0 Vulnerability: Fake Key Events
Cross-Site Scripting (XSS) Vulnerability in Invenio-Communities before 1.0.0a20
Host Header Injection Vulnerability in Invenio-App
Cross-Site Scripting (XSS) Vulnerability in Dependency-Track before 3.5.1
Cross-Site Scripting (XSS) Vulnerability in stacktable.js before 1.0.4
SMTP Credential Exposure Vulnerability in Fleet before 2.1.2
User Token Hijacking Vulnerability in Misskey before 10.102.4
Unauthorized Automatic Deployments of SmokeDetector: A Critical Vulnerability
Vulnerability: Denial of Service (DoS) in parse-server before 3.4.1
Account Enumeration Vulnerability in parse-server before 3.6.0
Double Free Vulnerability in docker-credential-helpers List Functions
Improper Audience Check in Hasura GraphQL Engine JWT Verification
Open Redirect Vulnerability in ASH-AIO before 2.0.0.3
Lack of Confirmation Screen in Discourse User-API OTP Login Vulnerability
Missing Confirmation Screen for Email Login Vulnerability
Cross-Site Scripting (XSS) Vulnerability in Invenio-Previewer
Keycloak SAML Broker Message Signature Verification Bypass Vulnerability
Deserialization Vulnerabilities in Codehaus 1.9.x Implemented in EAP 7
PowerDNS Authoritative daemon Denial of Service Vulnerability
Insecure Storage of Robot Account Tokens in Red Hat Quay
Vulnerability: Password Exposure in Ansible Playbook and CLI Tools
Linux Kernel Bluetooth UART Local Privilege Escalation Vulnerability
Arbitrary SQL Execution Vulnerability in PostgreSQL
Memory Disclosure Vulnerability in Cross-Type Comparison for Hashed Subplan in PostgreSQL 11.x before 11.5
Windows Audio Service Elevation of Privilege Vulnerability
Vulnerability: Insecure Handling of Superuser Password in Postgresql Windows Installer
Vulnerability: Code Execution via Unprotected Directory in PostgreSQL Windows Installer
Undertow DEBUG Log Information Disclosure Vulnerability
Unsanitized Secret Data Exposure in OpenShift Container Platform
Vulnerability: Insecure TLS Connections in Containers/Image Library
Cross-Site Scripting Vulnerability in Bootstrap-3-Typeahead's highlighter() Function
Privilege Escalation Vulnerability in Ghostscript
Sensitive Data Leakage in Ansible GCP Modules
Samba Client Path Traversal Vulnerability
XSS Vulnerability in Hibernate-Validator's SafeHtml Validator Annotation
Windows Audio Service Elevation of Privilege Vulnerability
Relative Paths Injection Vulnerability in Linux Kernel CIFS Implementation (Version 4.9.0)
Reflected Cross Site Scripting Vulnerability in pki-core 10.x.x
Ceph RGW Beast Front End Remote Denial of Service Vulnerability
Vulnerability: Exposing Secret Content in Metrics
Sensitive Information Disclosure in 389-ds-base
Vulnerability: Unauthorized Access to GlusterFS StorageClass in OpenShift Container Platform
Title: Authenticated HTML Injection Vulnerability in Fat Free CRM v0.19.0 via /comments URI
Reflected XSS Vulnerability in openITCOCKPIT 404-not-found Component
Arbitrary Password Login Vulnerability in MailStore Server
Scripting Engine Memory Object Information Disclosure Vulnerability
PHP Type Juggling Vulnerability in Teclib GLPI Allows Authentication Bypass
SQL Injection in Teclib GLPI through 9.3.3 via cycle parameter in /scripts/unlock_tasks.php
Timing Attack Vulnerability in Teclib GLPI before 9.4.1.1
CSRF Vulnerability in S-CMS PHP v1.0 Allows Unauthorized Addition of Admin User
XSS Vulnerability in Sitemagic CMS v4.4 via Filename Parameter
Insufficient Protection of Stored Credentials in Robotronic RunAsSpc 3.7.0.0
Chakra Scripting Engine Remote Code Execution Vulnerability
Insecure HTTP Resolution of Maven Build Artifacts in Eclipse hawkBit
XSS Vulnerability in Eclipse Jetty DefaultServlet and ResourceHandler
Path Traversal Vulnerability in Eclipse Kura SkinServlet
Exposure of Underlying Ui Web Server Version in Eclipse Kura Versions up to 4.0.0
XXE Vulnerability in Eclipse Kura Versions up to 4.0.0
Java Bytecode Verifier Allows Execution Past End of Bytecode Array in Eclipse OpenJ9
Windows Directory Listing Information Exposure Vulnerability in Eclipse Jetty
Exposure of Configured Directory Base Resource Location in Jetty Server 404 Error
Insecure Maven Artifact Resolution in Eclipse Vorto Prior to 0.11
Insecure File Transfer in Xtext & Xtend Versions Prior to 2.18.0
Memory Object Handling Vulnerability in Windows: A Denial of Service Risk
Vulnerability: UCWeb UC Browser 7.0.185.1002 on Windows PDF Module Download MITM Attack
Vulnerability: MITM Attacks in UCWeb UC Browser for Android
CSRF Vulnerability in TeamMate+ 21.0.0.0 Allows Remote Attackers to Modify Application Data
Reflected XSS Vulnerability in MISP before 2.4.105
Open Redirect Vulnerability in Jupyter Notebook and JupyterHub
VIVOTEK IPCam Authentication Bypass Vulnerability
Directory Traversal Vulnerability in Zucchetti HR Portal Allows Unauthorized Access to System Files
Windows Audio Service Elevation of Privilege Vulnerability
XSS Vulnerabilities in Total.js CMS 12.0.0: themes/admin/views/index.html and themes/admin/public/ui.js
Stored/Persistent XSS in CentOS Web Panel (CWP) 0.9.8.789 via Edit Nameservers IPs action
SQL Injection Vulnerability in BlueCMS 1.6
XSS Vulnerability in Ahsay Cloud Backup Suite Allows Account Takeover
XXE Vulnerability in Ahsay Cloud Backup Suite Allows Arbitrary XML Entity Expansion
Directory Traversal Vulnerability in Ahsay Cloud Backup Suite
Unauthenticated File Structure and Content Disclosure in Ahsay Cloud Backup Suite
Insecure File Upload and Code Execution Vulnerability in Ahsay Cloud Backup Suite 8.1.0.50
Stack-based buffer overflow in BWA (Burrow-Wheeler Aligner) before 2019-01-23 via long sequence name in .alt file
Windows Audio Service Elevation of Privilege Vulnerability
Arbitrary Password Reset Vulnerability in Ultimate Member Plugin for WordPress
Unauthorized Profile and Cover Picture Modification Vulnerability in Ultimate Member Plugin 2.39 for WordPress
CRLF Injection Vulnerability in Weaver e-cology 9.0
User Enumeration Vulnerability in ManageEngine ServiceDesk Plus 9.3
File Upload Vulnerability in Western Bridge Cobub Razor 0.8.0 via web/assets/swf/uploadify.php URI
Unencrypted Storage of Credentials in Jenkins StarTeam Plugin
Cross-Site Request Forgery Vulnerability in Jenkins jenkins-reviewbot Plugin
Missing Permission Check in Jenkins jenkins-reviewbot Plugin Allows Unauthorized Connection Initiation
Windows Audio Service Elevation of Privilege Vulnerability
Unencrypted Storage of Credentials in Jenkins Assembla Auth Plugin
Unencrypted Storage of Credentials in Jenkins Relution Enterprise Appstore Publisher Plugin
Unencrypted Storage of Credentials in Jenkins Klaros-Testmanagement Plugin
Unencrypted Storage of Credentials in Jenkins mabl Plugin
Unencrypted Storage of Credentials in Jenkins Diawi Upload Plugin
Unencrypted Storage of Credentials in Jenkins Minio Storage Plugin
Unencrypted Storage of Credentials in Jenkins DeployHub Plugin
Unencrypted Storage of Credentials in Jenkins YouTrack-Plugin
Unencrypted Storage of Credentials in Jenkins Jabber Server Plugin
Cross-Site Request Forgery Vulnerability in Jenkins Netsparker Cloud Scan Plugin 1.1.5 and Older
Skype for Business Denial of Service Vulnerability
Vulnerability: Missing Permission Check in Jenkins Netsparker Cloud Scan Plugin
Unencrypted Storage of Credentials in Jenkins Netsparker Cloud Scan Plugin
Cross-Site Request Forgery Vulnerability in Jenkins Kmap Plugin Allows Server Connection Initiation
Unauthenticated Remote Code Execution in Jenkins Kmap Plugin
Unencrypted Storage of Credentials in Jenkins Kmap Plugin
Unencrypted Storage of Credentials in Jenkins crittercism-dsym Plugin
Unencrypted Storage of Credentials in Jenkins Serena SRA Deploy Plugin
Unencrypted Storage of Credentials in Jenkins Sametime Plugin's Global Configuration File
Unencrypted Storage of Credentials in Jenkins Koji Plugin's Global Configuration File
Unencrypted Storage of Credentials in Jenkins CloudCoreo DeployTime Plugin
Memory Object Handling Vulnerability in Microsoft Edge
Cross-Site Request Forgery Vulnerability in Jenkins GitLab Plugin 1.5.11 and Earlier
Missing Permission Check in Jenkins GitLab Plugin Allows Unauthorized Access to Credentials
Unencrypted Storage of Credentials in Jenkins Jira-ext Plugin
Unencrypted Storage of Credentials in Jenkins Azure PublisherSettings Plugin
Cross-Site Request Forgery Vulnerability in Jenkins XebiaLabs XL Deploy Plugin
Missing Permission Check in Jenkins XebiaLabs XL Deploy Plugin Allows Unauthorized Server Connections
Sandbox Bypass Vulnerability in Jenkins ontrack Plugin 3.4 and Earlier
Cross-Site Request Forgery Vulnerability in Jenkins Static Analysis Utilities Plugin Allows Unauthorized Modification of Default Graph Configuration
Vulnerability: Unauthorized Modification of Default Graph Configuration in Jenkins Static Analysis Utilities Plugin
XML External Entity (XXE) Processing Vulnerability in Jenkins Self-Organizing Swarm Plug-in Modules Plugin
Microsoft Office SharePoint XSS Vulnerability
Cross-Site Request Forgery Vulnerability in Jenkins Ansible Tower Plugin 0.9.1 and Earlier
Vulnerability: Missing Permission Check in Jenkins Ansible Tower Plugin Allows Unauthorized Access to Credentials
Vulnerability: Enumeration of Credentials in Jenkins Ansible Tower Plugin
Unencrypted Storage of Credentials in Jenkins Twitter Plugin's Global Configuration File
Global SSL/TLS and Hostname Verification Bypass in Jenkins Koji Plugin
CSRF Vulnerability in Jenkins GitHub Authentication Plugin 0.31 and Earlier
Unencrypted Storage of Credentials in Jenkins Aqua MicroScanner Plugin
Global SSL/TLS and Hostname Verification Bypass in Jenkins SiteMonitor Plugin
Unencrypted Storage of Client Secret in Jenkins Azure AD Plugin
Information Disclosure Vulnerability in Jenkins PAM Authentication Plugin
Microsoft Office SharePoint XSS Vulnerability
Jenkins Credentials Plugin Path Disclosure and Certificate Content Disclosure Vulnerability
Cross-Site Request Forgery Vulnerability in Jenkins Artifactory Plugin 3.2.2 and Earlier
Jenkins Artifactory Plugin 3.2.2 and Earlier: Missing Permission Check Allows Unauthorized Access to Attacker-Specified URLs and Credentials
Jenkins Artifactory Plugin 3.2.3 and Earlier: Missing Permission Check Allows Enumeration of Credentials
Cross-Site Request Forgery Vulnerability in Jenkins Artifactory Plugin 3.2.2 and Earlier
Cross-Site Scripting Vulnerability in Jenkins Warnings NG Plugin 5.0.0 and Earlier
Cross-Site Request Forgery Vulnerability in Jenkins Warnings NG Plugin 5.0.0 and Earlier
XML External Entities (XXE) Vulnerability in Jenkins Pipeline Maven Integration Plugin 1.7.0 and Earlier
Arbitrary Method Invocation Vulnerability in Jenkins Pipeline Remote Loader Plugin
Unencrypted Storage of Credentials in Jenkins InfluxDB Plugin
Microsoft Office SharePoint XSS Vulnerability
Untrusted Revision Manipulation in Jenkins Gitea Plugin 1.1.1 and Earlier
Cross-Site Request Forgery Vulnerability in Jenkins ElectricFlow Plugin 1.1.5 and Earlier
Unauthenticated Remote Code Execution in Jenkins ElectricFlow Plugin
Information Disclosure Vulnerability in Jenkins ElectricFlow Plugin
Global SSL/TLS and Hostname Verification Bypass in Jenkins ElectricFlow Plugin
Stored Cross Site Scripting Vulnerability in Jenkins ElectricFlow Plugin 1.1.5 and Earlier
Reflected Cross-Site Scripting Vulnerability in Jenkins ElectricFlow Plugin 1.1.6 and Earlier
XML External Entities (XXE) Vulnerability in Jenkins Token Macro Plugin 2.7 and Earlier
Cross-Site Request Forgery Vulnerability in Jenkins JX Resources Plugin Allows Credential Leakage
Jenkins JX Resources Plugin 1.0.36 and Earlier: Missing Permission Check Allows Unauthorized Access to Kubernetes Server
Microsoft Word Remote Code Execution Vulnerability (CVE-2019-1034)
Cross-Site Request Forgery Vulnerability in Jenkins Docker Plugin 1.1.6 and Earlier
Unauthenticated Remote Code Execution in Jenkins Docker Plugin
Vulnerability: Enumeration of Credentials IDs in Jenkins Docker Plugin 1.1.6 and earlier
Improper Value Masking in Jenkins Configuration as Code Plugin
Information Disclosure in Jenkins Configuration as Code Plugin
Insecure Handling of Proxy Password in Jenkins Configuration as Code Plugin
Reflected Cross-Site Scripting Vulnerability in Jenkins Embeddable Build Status Plugin 2.0.1 and Earlier
Unencrypted Storage of Credentials in Jenkins Mashup Portlets Plugin
Unencrypted Storage of Credentials in Jenkins Gogs Plugin
Stored Cross Site Scripting Vulnerability in Jenkins Dependency Graph Viewer Plugin
Microsoft Word Remote Code Execution Vulnerability
Unencrypted Storage of Credentials in Jenkins Port Allocator Plugin
Unencrypted Storage of Credentials in Jenkins Caliper CI Plugin
Arbitrary File Write Vulnerability in Jenkins 2.185 and Earlier
CSRF Token Expiration Bypass in Jenkins 2.185 and Earlier
Stapler Web Framework Vulnerability: Unauthorized Access to View Fragments in Jenkins
Arbitrary Code Execution Vulnerability in Jenkins Script Security Plugin
Arbitrary Code Execution Vulnerability in Jenkins Script Security Plugin
Information Disclosure Vulnerability in Jenkins Pipeline: Shared Groovy Libraries Plugin
Sensitive Build Variable Disclosure in Jenkins Maven Integration Plugin
Cross-Site Request Forgery Vulnerability in Jenkins Maven Release Plugin 0.14.0 and Earlier
Microsoft Office SharePoint XSS Vulnerability
Stored Cross Site Scripting Vulnerability in Jenkins Maven Release Plugin 0.14.0 and Earlier
Unencrypted Storage of Credentials in Jenkins Maven Release Plugin
Jenkins Configuration as Code Plugin: Variable Interpolation Vulnerability
Inadequate Identification of Sensitive Values in Jenkins Configuration as Code Plugin
Sensitive Private Key Information Leakage in Jenkins Amazon EC2 Plugin
Insecure Temporary Access Token Storage in Jenkins Google Kubernetes Engine Plugin
Unencrypted Storage of Credentials in Jenkins Skytap Cloud CI Plugin
Incomplete Fix of CVE-2019-10343 in Jenkins Configuration as Code Plugin 1.26 and Earlier
Cross-Site Request Forgery Vulnerability in Jenkins JClouds Plugin 2.14 and Earlier
Jenkins JClouds Plugin Vulnerability: Unauthorized Access to Attacker-Specified URLs and Credentials Capture
Windows Error Reporting File Handling Elevation of Privilege Vulnerability
Jenkins Mask Passwords Plugin: Plain Text Transmission of Global Passwords
Session Fixation Vulnerability in Jenkins Gitlab Authentication Plugin
Open Redirect Vulnerability in Jenkins Gitlab Authentication Plugin
Stored Cross-Site Scripting Vulnerability in Jenkins Build Pipeline Plugin 1.5.8 and Earlier
Stored Cross-Site Scripting Vulnerability in Jenkins PegDown Formatter Plugin 1.3 and Earlier
Arbitrary File Read Vulnerability in Jenkins File System SCM Plugin 2.1 and Earlier
Reflected Cross-Site Scripting Vulnerability in Jenkins Wall Display Plugin 0.6.34 and Earlier
Jenkins Avatar Plugin 1.2 and Earlier: Unauthorized Avatar Modification Vulnerability
Unencrypted Storage of Credentials in Jenkins TestLink Plugin
Unencrypted Storage of Credentials in Jenkins Google Cloud Messaging Notification Plugin
Memory Corruption Vulnerability in Microsoft Browsers: Remote Code Execution
Arbitrary Code Execution in Jenkins Simple Travis Pipeline Runner Plugin
Global SSL/TLS and Hostname Verification Bypass in Jenkins Codefresh Integration Plugin
Global SSL/TLS and Hostname Verification Bypass in Jenkins VMware Lab Manager Slaves Plugin
Stored Cross-Site Scripting Vulnerability in Jenkins Update Center
CSRF Token Bypass Vulnerability in Jenkins 2.191 and Earlier
Unencrypted Storage of Credentials in Jenkins eggPlant Plugin 2.2 and Earlier
Cross-Site Request Forgery Vulnerability in Jenkins XL TestView Plugin 1.2.0 and Earlier
Unauthenticated Remote Code Execution in Jenkins XL TestView Plugin
Cross-Site Request Forgery Vulnerability in Jenkins Relution Enterprise Appstore Publisher Plugin
Unauthenticated Remote Code Execution in Jenkins Relution Enterprise Appstore Publisher Plugin
Windows Kernel Information Disclosure Vulnerability
Arbitrary Code Execution Vulnerability in Jenkins Splunk Plugin 1.7.4 and Earlier
Plain Text Transmission of Configured Passwords in Jenkins IBM Application Security on Cloud Plugin
OS Command Injection in Jenkins Git Client Plugin
Arbitrary Code Execution Vulnerability in Jenkins Script Security Plugin
Arbitrary Code Execution Vulnerability in Jenkins Script Security Plugin
Cross-Site Scripting Vulnerability in Jenkins Build Environment Plugin 1.6 and Earlier
Cross-Site Scripting Vulnerability in Jenkins Dashboard View Plugin 2.11 and Earlier
Vulnerability: Plain Text Transmission of Configured Passwords in Jenkins Aqua Security Serverless Scanner Plugin
Unencrypted Storage of Credentials in Jenkins Beaker Builder Plugin
Arbitrary Code Execution Vulnerability in Jenkins Script Security Plugin
NTLM MIC Bypass Vulnerability in Microsoft Windows
Arbitrary Code Execution Vulnerability in Jenkins Script Security Plugin
Stored XSS Vulnerability in Jenkins LTS and Earlier Versions
Stored XSS Vulnerability in Jenkins LTS and Earlier Versions
Stored XSS Vulnerability in Jenkins 2.196 and Earlier
Stored XSS vulnerability in Jenkins 2.196 and earlier, LTS 2.176.3 and earlier
Jenkins XSS Vulnerability: Session Cookie Disclosure via Cookie Header
Stored XSS Vulnerability in Jenkins Global Configuration
Unmasked Sensitive Variables in Jenkins Project Inheritance Plugin
Cross-Site Request Forgery Vulnerability in Jenkins Project Inheritance Plugin 2.0.0 and Earlier
Vulnerability: Unauthorized Project Generation in Jenkins Project Inheritance Plugin
Windows Kernel Object Handling Elevation of Privilege Vulnerability
Cross-Site Scripting Vulnerability in Jenkins Log Parser Plugin 2.0 and Earlier
Inedo BuildMaster Plugin: Plain Text Transmission of Configured Credentials
Inedo ProGet Plugin for Jenkins: Plain Text Transmission of Configured Credentials
Unencrypted Storage of Credentials in Jenkins CI/CD Plugin 1.3 and Earlier
Unencrypted Storage of Credentials in Jenkins Git Changelog Plugin
Unencrypted Storage of Credentials in Jenkins Violation Comments to GitLab Plugin
Unencrypted Storage of Credentials in Jenkins Violation Comments to GitLab Plugin
Jenkins Kubernetes Pipeline: Arbitrary Method Invocation Vulnerability
Arbitrary Method Invocation Vulnerability in Jenkins Kubernetes Pipeline Arquillian Steps Plugin
Unencrypted Storage of Credentials in Jenkins vFabric Application Director Plugin
Unencrypted Storage of Credentials in Jenkins Assembla Plugin
Unencrypted Storage of Credentials in Jenkins Azure Event Grid Build Notifier Plugin
Unencrypted Storage of Credentials in Jenkins Call Remote Job Plugin
Unencrypted Storage of Credentials in Jenkins CodeScan Plugin's Global Configuration File
Unencrypted Storage of Credentials in Jenkins elOyente Plugin
Unencrypted Storage of Credentials in Jenkins Google Calendar Plugin
Unencrypted Storage of Credentials in Jenkins Gem Publisher Plugin
Jenkins Aqua MicroScanner Plugin: Plain Text Transmission of Configured Credentials
Jenkins Aqua Security Scanner Plugin: Plain Text Transmission of Configured Credentials
Unencrypted Storage of Credentials in Jenkins GitLab Logo Plugin
Memory Object Handling Vulnerability in comctl32.dll: Remote Code Execution
Unencrypted Storage of Credentials in Jenkins NeuVector Vulnerability Scanner Plugin
Arbitrary Code Execution Vulnerability in Jenkins Script Security Plugin
Cross-Site Scripting Vulnerability in Jenkins HTML Publisher Plugin 1.20 and Earlier
Unencrypted Storage of Credentials in Jenkins Dingding Plugin
Jenkins LDAP Email Plugin: Plain Text Transmission of Configured Credentials
Jenkins SourceGear Vault Plugin: Plain Text Transmission of Configured Credentials
Arbitrary File Read Vulnerability in Jenkins Google OAuth Credentials Plugin 0.9 and Earlier
Cross-Site Request Forgery Vulnerability in Jenkins CRX Content Package Deployer Plugin
Jenkins CRX Content Package Deployer Plugin 1.8.1 and Earlier: Missing Permission Check Allows Unauthorized URL Connection and Credential Capture
Jenkins CRX Content Package Deployer Plugin 1.8.1 and earlier: Missing Permission Check Allows Enumeration of Stored Credentials
Windows Secure Kernel Mode Security Feature Bypass Vulnerability
Unencrypted Storage of Credentials in Jenkins NeoLoad Plugin
Cross-Site Request Forgery Vulnerability in Jenkins iceScrum Plugin 1.1.5 and Earlier
Unauthenticated Remote Code Execution in Jenkins iceScrum Plugin
Unencrypted Storage of Credentials in Jenkins iceScrum Plugin
Unconditional SSL/TLS and Hostname Verification Disabling in Jenkins Bumblebee HP ALM Plugin
Information Disclosure Vulnerability in Jenkins Google Kubernetes Engine Plugin
Global SSL/TLS and Hostname Verification Bypass in Jenkins Cadence vManager Plugin
Unencrypted Storage of Credentials in Jenkins Sofy.AI Plugin
Unencrypted Storage of Credentials in Jenkins Extensive Testing Plugin
Unencrypted Storage of Credentials in Jenkins Fortify on Demand Plugin
Windows Network File System Elevation of Privilege Vulnerability
Unencrypted Storage of Credentials in Jenkins ElasticBox CI Plugin
Unencrypted Storage of Credentials in Jenkins SOASTA CloudTest Plugin
Unencrypted Storage of Credentials in Jenkins View26 Test-Reporting Plugin
Unencrypted Storage of Credentials in Jenkins Delphix Plugin's Global Configuration File
Jenkins Rundeck Plugin Cross-Site Request Forgery Vulnerability: Unauthorized Access to Attacker-Specified URL
Jenkins Rundeck Plugin Vulnerability: Unauthorized URL Connection with Attacker-Specified Credentials
Cross-Site Request Forgery Vulnerability in Jenkins Oracle Cloud Infrastructure Compute Classic Plugin
Unauthenticated Remote Code Execution in Jenkins Oracle Cloud Infrastructure Compute Classic Plugin
Arbitrary Code Execution Vulnerability in Jenkins Puppet Enterprise Pipeline
Unencrypted Storage of Secret Token in Jenkins Mattermost Notification Plugin
Windows GDI Memory Disclosure Vulnerability
Unencrypted Storage of Credentials in Jenkins Bitbucket OAuth Plugin
Unencrypted Storage of Credentials in Jenkins Dynatrace Application Monitoring Plugin
Cross-Site Request Forgery Vulnerability in Jenkins Dynatrace Application Monitoring Plugin
Unauthenticated Remote Code Execution in Jenkins Dynatrace Application Monitoring Plugin
Cross-Site Request Forgery Vulnerability in Jenkins Deploy WebLogic Plugin
Jenkins Deploy WebLogic Plugin Missing Permission Check Vulnerability
Jenkins 360 FireLine Plugin XXE Vulnerability: Extracting Secrets and Enabling SSRF and DoS Attacks
Unencrypted Storage of Credentials in Jenkins Sonar Gerrit Plugin
Cross-Site Request Forgery Vulnerability in Jenkins ElasticBox Jenkins Kubernetes CI/CD Plugin
Vulnerability: Missing Permission Check in Jenkins ElasticBox Jenkins Kubernetes CI/CD Plugin
Windows GDI Memory Disclosure Vulnerability
Vulnerability in Jenkins ElasticBox Jenkins Kubernetes CI/CD Plugin Allows Enumeration of Credentials
Jenkins Libvirt Slaves Plugin Cross-Site Request Forgery Vulnerability: Unauthorized SSH Server Connection and Credential Capture
Vulnerability: Unauthorized SSH Server Connection in Jenkins Libvirt Slaves Plugin
Vulnerability: Enumeration of Credentials ID in Jenkins Libvirt Slaves Plugin
Vulnerability: Unauthorized Script Listing in Jenkins Global Post Script Plugin
Jenkins build-metrics Plugin: Reflected Cross-Site Scripting Vulnerability
Unencrypted Storage of Credentials in Jenkins Zulip Plugin
FusionInventory Plugin SendXML Action Mishandling Vulnerability
Unrestricted File Upload Vulnerability in Glory RBW-100 Devices with Firmware ISP-K05-02 7.0.0
Hard-coded Username and Password Vulnerability in Glory RBW-100 Devices
Windows GDI Memory Disclosure Vulnerability
WMI Firmware Event Handler Out of Bound Write Vulnerability
Out of Bound Access Vulnerability in WMI FW Event Handling in Snapdragon Platforms
Timing Side Channel Vulnerability in Snapdragon Processors
Side Channel Vulnerability in QTEE: Non-Time-Constant Comparison Function Usage in Snapdragon Platforms
Use After Free Vulnerability in Snapdragon Platforms
Infinite Loop Vulnerability in Multiple Snapdragon Platforms
Race condition vulnerability in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in multiple Qualcomm chipsets
Buffer Over-read Vulnerability in Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, Wearables
Null Pointer Dereference Vulnerability in Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, Wearables in Multiple Qualcomm Chipsets
Null-pointer dereference vulnerability in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MSM8909W, MSM8996AU, QCA6574AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20 while parsing avi clip during copy.
Windows GDI Memory Disclosure Vulnerability
Use After Free Vulnerability in Xtra Daemon Shutdown in Multiple Snapdragon Platforms
Vulnerability: Compromised ADSP in Snapdragon Processors
AVB Boot Image Verification Vulnerability in Multiple Qualcomm Snapdragon Processors
Vulnerability: Position Determination Accuracy Degradation in Snapdragon Processors
Race condition vulnerability in camera functions leading to memory corruption and UAF issue in multiple Snapdragon platforms
Arbitrary Buffer Write Vulnerability in Snapdragon Processors
Buffer Overflow Vulnerability in Multiple Snapdragon Platforms
Use After Free Vulnerability in Snapdragon Processors
Multiple Buffer Overflow Vulnerabilities in Qualcomm Snapdragon Processors
Out-of-Bound Access Vulnerability in Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking
Windows GDI Memory Disclosure Vulnerability
Buffer Overflow Vulnerability in Snapdragon Processors
Use After Free Vulnerability in Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, Mobile, Voice & Music, Wearables in Multiple Qualcomm Chipsets
Stack Overflow Vulnerability in Camera Module of Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 845 / SD 850, SD 855, SDM439, SDX24
Out-of-bounds Access Vulnerability in Snapdragon Camera Driver
Firmware Resource Consumption Vulnerability in Qualcomm Snapdragon Devices
Out of Bound Access Vulnerability in Snapdragon Processors
Unvalidated User Input in QCA_NL80211_VENDOR_SUBCMD_AVOID_FREQUENCY Command
Out of Buffer Read Vulnerability in Snapdragon Auto, Consumer Electronics Connectivity, Consumer IOT, Industrial IOT, Mobile, Voice & Music
Out-of-Bounds Access Vulnerability in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA6174A, QCA6574AU, QCA9377, QCA9379, SD 210/SD 212/SD 205, SD 425, SD 430, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 650/52, SD 820A, SDX20 due to Lack of Input Validation
Pairing Device Use-After-Free Vulnerability in Snapdragon Devices
Chakra Scripting Engine Remote Code Execution Vulnerability
Null Pointer Dereference Vulnerability in Bluetooth Process of Snapdragon Auto, Consumer IoT, Mobile, Voice & Music Processors
Memory Overflow Vulnerability in GSNDCP Compressed Mode PDU Decoding in Snapdragon Platforms
Unbounded Array Index Vulnerability in Multiple Snapdragon Platforms
Null Pointer Access Vulnerability in Trustzone Execution of SPDM Commands in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, IPQ8074, MDM9150, MDM9205, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996, MSM8996AU, MSM8998, Nicobar, QCA8081, QCS404, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX24, SDX55, SM6150,
Preemptive Freeing Vulnerability in Snapdragon Processors
Multiple Read Overflows in MM Decoding Vulnerability in Snapdragon Auto, Compute, Consumer IoT, Industrial IoT, IoT, Mobile, Voice & Music, and Wearables
Double Free Vulnerability in Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, Wearables in APQ8009, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8996AU, QCS405, QCS605, SDA660, SDA845, SDM630, SDM636, SDM660, SDM845, SDX20, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130
Use After Free Vulnerability in iWLAN State Transition in Snapdragon Platforms
Chakra Scripting Engine Remote Code Execution Vulnerability
GPU Memory Exhaustion Vulnerability in Snapdragon Mobile Processors
Nonstandard Buffer Overflow Vulnerability in Multiple Snapdragon Platforms
Data Leakage Vulnerability in Multiple Snapdragon Platforms
Use-after-free vulnerability in clk driver allows for arbitrary code execution
Buffer Overflow Vulnerability in Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, and Wearables Processors
Out of Bound Write Vulnerability in WLAN Driver in Snapdragon Auto, Compute, Consumer Electronics Connectivity, Consumer IOT, Industrial IOT, Mobile, Voice & Music
Vulnerability: SMEM Partition Manipulation Leading to Memory Corruption
Use After Free Vulnerability in Kernel for Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 675, SD 730, SD 820, SD 820A, SD 835, SD 855, SDA660, SDM630, SDM660, SDX20, SDX24
Race condition vulnerability in set_page_dirty() function in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24
Folder Shortcut Validation Vulnerability
Buffer Overflow Vulnerability in Snapdragon Auto, Consumer IOT, Industrial IOT, Mobile, Voice & Music, and Wearables
Buffer Overflow Vulnerability in Qualcomm Snapdragon Processors
Null-pointer dereference vulnerability in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in multiple Qualcomm chipsets
Array Index Out of Bounds Vulnerability in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MSM8909W, MSM8996AU, QCA6574AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20
Null-pointer dereference vulnerability in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MSM8909W, MSM8996AU, QCA6574AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20
Out-of-Bound Access Vulnerability in WLAN Function in Snapdragon Processors
Double Free Vulnerability in Multiple Snapdragon Chipsets and Modules
Integer overflow vulnerability in event buffer extraction from FW response in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9607, Nicobar, QCA6574AU, QCN7605, QCS405, QCS605, SDM660, SDM845, SDX55, SM6150, SM7150, SM8150, SM8250, SXR1130, SXR2130
Firmware Response Address Range Vulnerability
Buffer Overflow Vulnerability in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in Multiple Qualcomm Chipsets
Edge MOTW Bypass Vulnerability
Buffer Overflow Vulnerability in WLAN NAN Function in Multiple Snapdragon Platforms
Uninitialized Buffer Dereference Vulnerability in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MSM8909W, MSM8996AU, QCA6574AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 439 / SD 429, SD 450, SD 600, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20
Firmware File Buffer Over-read Vulnerability
Out-of-Bound Access Vulnerability in Diag Handlers in Snapdragon Processors
Critical Null Pointer Dereference Vulnerability in Snapdragon Kernel
Buffer Overflow Vulnerability in WLAN Firmware during Roaming in Multiple Snapdragon Platforms
Memory Leak Vulnerability in ION IOCTL Calls in Snapdragon Auto, Compute, Consumer Electronics, Consumer IoT, Industrial IoT, Mobile, Voice & Music, Wearables, Wired Infrastructure, and Networking
Heap Use-After-Free Vulnerability in Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, IoT, Mobile, Wearables
Null Pointer Dereference Vulnerability in Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, Mobile, Wearables in Multiple Chipsets
Scripting Engine Memory Corruption Vulnerability in Microsoft Browsers
Buffer Over-read Vulnerability in Multiple Snapdragon Platforms
Buffer Overread Vulnerability in Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, Wearables
Multiple Buffer Over-read Vulnerability in Snapdragon Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, Wearables, Wired Infrastructure and Networking
Multiple Read Overflows in Authentication Decoding in Snapdragon Platforms
Multiple Read Overflows Vulnerability in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in various Qualcomm chipsets
Buffer Overflow Vulnerability in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in Multiple Qualcomm Chipsets
Buffer Overflow Vulnerability in Multiple Snapdragon Platforms
Out-of-bound read vulnerability in Linux kernel wireless driver in Snapdragon devices
Out of Bound Vulnerability in FastRPC HLOS Driver in Snapdragon Platforms
Buffer Overflow Vulnerability in Snapdragon Processors
Internet Explorer Scripting Engine Memory Corruption Vulnerability
Improper Initialization of Local Variables in Snapdragon Processors Leads to Denial of Service Vulnerability
Vulnerability in Secure Boot Loader Allows Loading of Unverified Debug Policies and Leads to Memory Corruption
Improper Input Validation Leads to Buffer Over-read in Snapdragon Processors
Out-of-Bounds (OOB) Vulnerability in EEPROM Memory Access in Snapdragon Platforms
Double Free Vulnerability in Multiple Snapdragon Platforms
Buffer Overflow Vulnerability in WLAN Module with Supported Rates or Extended Rates Element Length in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IoT, Snapdragon Industrial IoT, Snapdragon Mobile, Snapdragon Voice & Music in APQ8017, APQ8053, APQ8096AU, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8905, MSM8996AU, Nicobar, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCN7605, QCS405, QCS605, SDA845, SDM670, SDM710, SDM845, SDX20, SM6150, SM8150, SM8250, SXR2130
GPU Ringbuffer Overwrite Vulnerability in Snapdragon Processors
Misplaced Instance ID Vulnerability in Snapdragon Platforms
MSXML Remote Code Execution Vulnerability
Missing size check in Snapshot of IB function in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in APQ8017, APQ8053, APQ8096AU, APQ8098, MDM9206, MDM9207C, MDM9607, MDM9650, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8996AU, Nicobar, QCN7605, QCS405, QCS605, QM215, SA6155P, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDX20, SDX24, SM6150, SM7150, SM8150, SM8250, SXR2130
Integer Overflow and Buffer Overflow Vulnerability in Snapdragon Auto, Compute, Connectivity, Consumer Electronics Connectivity, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, and Wearables in Multiple Qualcomm Chipsets
Out-of-Bound Read Vulnerability in Multiple Snapdragon Platforms
Unsigned Wlan Binary Vulnerability in Snapdragon Devices
Buffer Over-read Vulnerability in Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, Wearables
Null Pointer Dereference Vulnerability in Snapdragon Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, Wearables in Multiple Qualcomm Chipsets
Buffer Over-read Vulnerability in Multiple Snapdragon Platforms
Use-after-free vulnerability in kernel thread unregistered listener
Use-after-free vulnerability in audio device pointer assignment in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in multiple Qualcomm chipsets
Invalidated Iterator Use After Free Vulnerability in Sensors HAL
Critical Use After Free Vulnerability in Snapdragon Platforms
Out of Bound Access Vulnerability in Debug Queue of Snapdragon Processors
Integer overflow vulnerability in mmap find function can lead to use after free issue in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in multiple Qualcomm chipsets.
Buffer Overflow Vulnerability in Snapdragon Processors
Stack Overflow Vulnerability in Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, Wearables in Multiple Qualcomm Chipsets
Remote Stack Overflow Vulnerability in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in Multiple Qualcomm Chipsets
Buffer Overflow Vulnerability in Snapdragon Platforms
Internet Explorer Scripting Engine Memory Corruption Vulnerability
Out-of-Bound Access Vulnerability in DTS Atom Parsing in Multiple Snapdragon Platforms
Null Pointer Dereference Vulnerability in Parsing Non-Standard udta Atom in Snapdragon Platforms
Potential Integer Overflow Vulnerability in QDCM API of Snapdragon Platforms
Buffer Overflow Vulnerability in SDP Video Image Attribute Processing in Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, Wearables
Stack Overflow Vulnerability in Multiple Snapdragon Platforms
Buffer Overwrite Vulnerability in Message Handler in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8009, APQ8053, APQ8064, APQ8096AU, IPQ4019, IPQ8064, MDM9206, MDM9207C, MDM9607, MDM9615, MDM9640, MDM9650, MSM8909, MSM8909W, MSM8939, MSM8996AU, QCA4531, QCA6174A, QCA6574AU, QCA9377, QCA9379, QCA9558, QCA9880, QCA9886, QCA9980, SDA660, SDM630, SDM636, SDM660, SDX20, SDX24
Improper Access Control Vulnerability in Snapdragon Platforms
Arbitrary Memory Write Vulnerability in Multiple Snapdragon Platforms
Out of Bound Access Vulnerability in Snapdragon Processors
MSXML Remote Code Execution Vulnerability
Out-of-Scope Local Variable Vulnerability in Multiple Snapdragon Platforms
Firmware Event Processing Vulnerability in Multiple Snapdragon Platforms
Heap-based use-after-free vulnerability in Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, Mobile, Wearables processors
Use After Free Vulnerability in Snapdragon Devices during Route Lookup
Heap-buffer-overflow vulnerability during image version information population in diag command response packet
Buffer Overwrite Vulnerability in IEEE80211 Header Filling Function in Multiple Snapdragon Platforms
Out-of-Bound Access Vulnerability in Snapdragon Chipsets USB Driver
Out of Bounds memcpy Vulnerability in Multiple Snapdragon Platforms
Insecure Binding Vulnerability in Snapdragon Platforms
Out of Bound Write Vulnerability in Multiple Snapdragon Platforms
Buffer Over Read Vulnerability in SDP Message Processing in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Buffer Overflow Vulnerability in Snapdragon Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, Wearables in Multiple Qualcomm Chipsets
Stack Overflow Vulnerability in UTCB Object's Memory Deallocation Function Pointer
Unvalidated Data Access Vulnerability in Multiple Snapdragon Platforms
Integer Overflow Vulnerability in Keymaster 4 Leading to Memory Corruption
Null Pointer Access Vulnerability in SPDM Commands Execution in Non-Standard Way
Privilege Escalation Vulnerability in QCA6174_9377.WIN.1.0
Invalid Address Access Vulnerability in Snapdragon Connectivity (QCA6390)
Chakra Scripting Engine Remote Code Execution Vulnerability
Improper User Data Length Check Leading to Kernel Memory Error in Snapdragon Processors
Use After Free Vulnerability in Snapdragon Auto, Compute, Industrial IOT, Mobile, Voice & Music
Out-of-Bound Memory Access Vulnerability in Snapdragon Processors
Integer Overflow Vulnerability in Snapdragon Auto, Compute, Consumer Electronics Connectivity, Consumer IOT, Industrial IOT, Mobile Processors
Integer Truncation Vulnerability in Snapdragon Auto, Compute, Consumer Electronics Connectivity, Industrial IOT, Mobile, and more
Critical Out-of-Bound Access Vulnerability in Snapdragon Processors
Unvalidated Payload Size Vulnerability in Multiple Snapdragon Platforms
Critical Integer Overflow to Buffer Overflow Vulnerability in PostScript and PDF Printers
TLB Manipulation Vulnerability in Snapdragon Processors
Kernel Virtual Page Corruption Vulnerability in Snapdragon Processors
Internet Explorer Remote Code Execution Vulnerability
Zyxel NAS 326 through 5.21 Plaintext Password Vulnerability
Zyxel NAS 326 Package Installer Shell Metacharacter Injection Vulnerability
Directory Traversal Vulnerability in Zyxel NAS 326 File Browser Component
Eval Injection Vulnerability in Zyxel NAS 326 v5.21 and Below: Remote Code Execution via tjp6jp6y4, simZysh, and ck6fup6 APIs
Zyxel NAS 326 XSS Vulnerability: Remote Code Injection via User, Group, and File-Share Description Fields
Flash Memory Reprogramming Vulnerability in Marvell SSD Controller Devices
Secure Boot Bypass Vulnerability in Marvell SSD Controller Devices
Vulnerability: Tracking and Hash Collision in Linux Kernel IP ID Generation
KASLR Bypass: Information Exposure Vulnerability in Linux Kernel 4.x and 5.x
Windows AppXSVC Hard Link Handling Elevation of Privilege Vulnerability
Uncontrolled Resource Consumption in GitLab CI Configuration Validation
Weak Password Recovery Mechanism in Contao Versions 3.5.39 and 4.x before 4.7.3
CSRF Vulnerability in Contao 4.7
Expired Key Vulnerability in Contao 4.7
CSRF Vulnerability in HYBBS 2.2 Allows Unauthorized Administrator Account Creation
Cross-Site Scripting (XSS) Vulnerability in Wolf CMS v0.8.3.1 Add Snippet Module
Remote Code Execution in ZZZCMS zzzphp v1.6.3 via plugins/ueditor/php/controller.php?action=catchimage source[] Parameter
Remote DNS Query Vulnerability in Robocode
Memory Leak Vulnerability in ImageMagick 7.0.8-36 Q16's SVGKeyValuePairs Function
Windows Kernel Object Handling Elevation of Privilege Vulnerability
Heap-based Buffer Over-read in WriteTIFFImage Function of ImageMagick 7.0.8-36 Q16
Remote Code Execution Vulnerability in Ivanti Endpoint Manager (EPM) 2017.3 and 2018.x
Arbitrary PHP File Upload Vulnerability in flatCore 1.4.7
SQL Injection Vulnerability in Hsycms V1.1 via /news/*.html Page
Denial of Service Vulnerability in LZO 2.10 Library (CVE-2017-8846)
Unauthenticated Remote Code Execution via Shell Metacharacters and Buffer Overflow in Grandstream IP Phones
Arbitrary Code Execution in Grandstream GWN7000 Devices via Filename Metacharacters
Password Disclosure Vulnerability in Grandstream GWN7000 and GWN7610 Devices
Arbitrary Code Execution in Grandstream GWN7610 Devices
Arbitrary Code Execution in Grandstream GXV3370 and WP820 Devices via /manager?action=getlogcat Priority Field
Arbitrary Code Execution in Grandstream GXV3611IR_HD Devices
Root Account Without Password Vulnerability
Arbitrary Code Execution Vulnerability in Grandstream UCM6204 Devices
SQL Injection Vulnerability in Grandstream UCM6204 Devices
SQL Injection in Domoticz WebServer.cpp via idx parameter
Unvalidated User Input in LibreNMS Graphing Options Allows for RRDtool Syntax Injection
Arbitrary PHP Code Execution via Dynamic Script Inclusion in LibreNMS
Information Disclosure and File Path Exposure Vulnerability in LibreNMS
Unauthenticated Access to Sensitive Functions and Information in LibreNMS
Command Injection Vulnerability in LibreNMS through 1.47
Memory Object Handling Vulnerability in Windows Kernel
Cross-Site Scripting (XSS) Vulnerability in LibreNMS
SQL Injection Vulnerability in LibreNMS
Improper Validation of Multiplications and Additions in treeRead Function in libmysofa
CSRF Vulnerability in Ultimate Member Plugin Allows Unauthorized Admin Access and Code Execution
Uniqkey Password Manager 1.14 - Cleartext Credential Exposure Vulnerability
Multiple Cross-Site Scripting (XSS) Vulnerabilities in DASAN Zhone ZNID GPON 2426A EU Version S3.1.285
Insecure Argument Options in Domoticz: Neglecting \n and \r
Weak Permissions in Thomson Reuters Eikon 4.0.42144 Allow Local Users to Modify Service Executable
SQL Server Remote Code Execution Vulnerability
Cleartext Secrets Storage in django-nopassword before 5.0.0
Arbitrary PHP Code Execution in 74cms v5.0.1 via site_domain Parameter
Reflected Cross Site Scripting (XSS) Vulnerability in Heidelberg Prinect Archiver v2013 release 1.0
SSRF Vulnerability in Ctrip Apollo API: Intranet Port Scan and GET Request via /system-info/health
SQL Injection Vulnerabilities in KBPublisher 6.0.2.1
Hard-coded Credentials Vulnerability in VVX Products with BToE Application 3.9.1
Insufficient Authentication in VVX Products with BToE Application: Sensitive Information Leakage
Task Scheduler Elevation of Privilege Vulnerability
Dovecot JSON Encoder Denial of Service Vulnerability
Unsanitized Field Names in wp-google-maps Plugin REST API
Default Admin Password Vulnerability in Puppet Enterprise
Exposure of Root User Credentials in cd4pe::root_configuration Task
Microsoft Office SharePoint XSS Vulnerability
Decryption Vulnerability in Western Digital SanDisk X600 Drives Allows Unauthorized Access to Data
Firmware Update Authentication Vulnerability in Western Digital SanDisk Devices
SQL Injection Vulnerability in MKCMS V5.0 via bplay.php Play Parameter
SQL Injection Vulnerability in S-CMS PHP v1.0 via 4/js/scms.php?action=unlike id parameter
Asus Precision TouchPad Driver Pool Overflow Vulnerability
Windows Kernel Object Memory Handling Vulnerability
Vulnerability: Insecure Permissions in Hisilicon Hi3510-based IP Cameras' Web Management Portal Expose WiFi Credentials
Unauthenticated RTSP Stream Access Vulnerability in Hisilicon Hi3510-based IP Cameras
Undocumented Service Access in WAGO Series 750-88x and 750-87x Web-GUI
Out-of-Bounds Access Vulnerability in LocaleLowercase Function in ImageMagick
Stored XSS Vulnerability in Verodin Director 3.5.3.0 and Earlier
Information Disclosure Vulnerability in Verodin Director 3.5.3.1 and Earlier
Directory Traversal Vulnerability in BlogEngine.NET 3.3.7.0 via /api/filemanager Path Parameter
XML External Entity Blind Injection in BlogEngine.NET 3.3.7.0 and earlier
Directory Traversal and Remote Code Execution Vulnerability in BlogEngine.NET 3.3.7.0 and Earlier
Azure DevOps Server and Team Foundation Server Remote Code Execution Vulnerability
Directory Traversal and Remote Code Execution Vulnerability in BlogEngine.NET 3.3.7.0 and Earlier
Client Side URL Redirect Vulnerability in BlogEngine.NET 3.3.7.0
Excessive Memory Allocation Vulnerability in PoDoFo 0.9.6
Dolby DAX2 API System Services Privilege Escalation Vulnerability
Windows Kernel Object Memory Handling Vulnerability
KDE KMail 5.2.3 Encrypted Email Leakage Vulnerability
Vulnerability: Email Encryption Leakage in KDE Trojita 0.7
Vulnerability: Covert Leakage of Encrypted Emails in Claws Mail 3.14.1
Microsoft Windows Symbolic Link Elevation of Privilege Vulnerability
Vulnerability: Covert Leakage of Encrypted Emails in Roundcube Webmail
Vulnerability: HTML Code Injection in K-9 Mail v5.600
Denial of Service Vulnerability in Axios 0.18.0 and earlier
Zip Slip Vulnerability: Path Traversal Exploit in Archiver's Unarchive Function
Prototype Pollution Vulnerability in lodash.defaultsDeep()
Prototype Pollution in assign-deep versions before 0.4.8 and 1.0.0
Prototype Pollution in mixin-deep: Exploiting Object.prototype Modification
Prototype Pollution Vulnerability in set-value (versions < 3.0.1)
SQL Injection Vulnerability in Sequelize
SQL Injection in Sequelize JSON Path Keys in Postgres Dialect
ASP.NET Core Open Redirect Vulnerability
Prototype Pollution in deeply.assign-deep function in versions before 3.1.0
Open Redirect Vulnerability in HTTPie Package Allows Arbitrary File Write
Sequelize JSON Query SQL Injection Vulnerability
Insecure Dependency Resolution in Eclipse-WTP, Eclipse-CDT, and Eclipse-Groovy
Predictable Token and ID Generation in Apereo CAS Before 6.1.0-RC5
Predictable SAML Identifier Vulnerability in pac4j-saml 3.X
JavaScript Injection Vulnerability in node-red-dashboard
SQL Injection Vulnerability in Knex.js Versions Before 0.19.5
Remote Code Execution in mongo-express via `toBSON` Method
Arbitrary Code Execution Vulnerability in Safer-eval (before 1.3.4)
Team Foundation Server Cross-site Scripting Vulnerability
Arbitrary Code Execution Vulnerability in Safer-eval Before 1.3.2
Arbitrary Code Execution via Infinite Recursion in vm2 Package
SQL Injection Vulnerability in medoo before 1.7.5: Improper Escaping in columnQuote
SQL Injection in Pimcore before 6.3.0 allows for Data Leakage
Timing Attacks and Scalar Leakage Vulnerability in elliptic-php Versions Prior to 1.0.6
Arbitrary File Inclusion Vulnerability in iobroker.admin
SQL Injection Vulnerability in Pixie Versions 1.0.x and 2.0.x
Arbitrary File Inclusion Vulnerability in Administrative Web Panel
Prototype Pollution in AngularJS merge() Function
Arbitrary Code Execution Vulnerability in safer-eval via RangeError Generation
Visual Studio Updater Service File Permissions Vulnerability
Cross-site Scripting (XSS) Vulnerability in io.ratpack:ratpack-core
URL Path Injection Vulnerability
Bypassing enshrined/svg-sanitize: xlink:href Attribute Vulnerability
Arbitrary Symlink Generation Vulnerability in Yarn Package Install Functionality
Command Injection Vulnerability in php-shellcommand versions before 1.6.1
Ecstatic Denial of Service Vulnerability: Application Crash Exploitation
Remote Code Execution in git-diff-apply (Versions < 0.22.2)
Arbitrary Command Injection in AWS Lambda's config.FunctionName Parameter
Command Injection in devcert-sanscache before 0.4.7 allows remote code execution
Cross-site Scripting (XSS) Vulnerability in Stroom:Stroom-App
Windows Graphics Component Information Disclosure Vulnerability
Shell Command Injection in BibTeX-ruby before 5.1.0
Bypassing Sanitization and Validation in schema-inspector (before 1.6.9)
XML External Entity (XXE) Injection Vulnerability in com.puppycrawl.tools:checkstyle (versions before 8.29)
Command Injection Vulnerability in lsof npm Module
CSRF Vulnerability in phppgadmin through 7.12.1 Allows Remote Command Execution
Cross-site Scripting Vulnerability in dojox.xmpp.util.xmlEncode
Arbitrary Command Execution Vulnerability in Network-Manager
Arbitrary Command Execution in im-resize through 2.3.2
Arbitrary Command Execution Vulnerability in im-metadata through 3.0.1
Command Injection Vulnerability in curling.js
XML Parsing Vulnerability in Visual Studio
TaffyDB npm Module Internal Index Forgery Vulnerability
Command Injection Vulnerability in promise-probe before 0.10.0
Prototype Pollution Vulnerability in bodymen before 1.1.1
Prototype Pollution in dot-object before 2.1.3 allows Object.prototype Modification
Prototype Pollution Vulnerability in component-flatten
Prototype Pollution Vulnerability in Undefsafe before 2.0.3
Arbitrary Command Execution Vulnerability in rpi through 0.0.3
HTTP Response Splitting Vulnerability in Netty Transport-HTTP in WSO2 v6.3.1 and earlier versions
Prototype Pollution in rdf-graph-array through 0.3.0-rc6: Manipulation of JavaScript Objects via rdf.Graph.prototype.add
Arbitrary Command Execution in compile-sass Prior to 1.0.5
Scripting Engine Memory Corruption Vulnerability in Microsoft Browsers
Unsanitized Gcov Arguments in Codecov Package (CVE-XXXX-XXXX)
Arbitrary Command Execution in enpeem through 2.2.0
Arbitrary Command Execution Vulnerability in Giting Version Prior to 0.0.8
Arbitrary Command Execution in push-dir through 0.4.1
Arbitrary Command Execution Vulnerability in serial-number through 1.3.0
Internal Property Tampering Vulnerability in Valib 2.0.0
Prototype Manipulation Vulnerability in vega-util
Arbitrary Command Execution Vulnerability in Blamer Versions Prior to 1.0.1
Object Property Modification Vulnerability in Utilitify Prior to 1.0.3
Memory Object Handling Vulnerability in Microsoft Browsers
Race Planting Vulnerability in Microsoft Windows
.NET Denial of Service Vulnerability
Invisible Display Name Exploit in Microsoft Exchange
Arbitrary Code Execution via Backdoor in bootstrap-sass 3.2.0.3
Untrusted HOME Environment Variable Vulnerability in Sony Neural Network Libraries
Uniqkey Password Manager 1.14 - Remote Manipulation of Credential Saving Pop-up
Unauthenticated Reflected Cross-Site Scripting Vulnerabilities in Computrols CBAS 18.0.0 Login and Password Reset Pages
Cross-Site Request Forgery Vulnerability in Computrols CBAS 18.0.0
Username Enumeration Vulnerability in Computrols CBAS 18.0.0
Unprotected Subversion (SVN) Directory/Source Code Disclosure in Computrols CBAS 18.0.0
WLAN Service Elevation of Privilege Vulnerability in Windows
Default Credentials in Computrols CBAS 18.0.0
Hard-coded Encryption Keys in Computrols CBAS 18.0.0
Authenticated Blind SQL Injection in Computrols CBAS 18.0.0 via id GET Parameter
Authentication Bypass Vulnerability in Computrols CBAS 18.0.0
Authenticated Command Injection in Computrols CBAS 18.0.0
Insecure Password Hashing in Computrols CBAS 18.0.0
Open Redirect Vulnerability in Jupyter Notebook before 5.7.8
Windows Audio Service Elevation of Privilege Vulnerability
Command Injection Vulnerability in TeemIp Versions Before 2.4.0: Instantaneous Execution of Malicious PHP Code
XSS Vulnerability in WP Statistics Plugin for WordPress
SQL Injection Vulnerability in Form Maker Plugin for WordPress
Untrusted Data Object Deserialization Vulnerability in Pimcore
Unauthenticated User Access to Restricted Field Ordering Vulnerability
Path Traversal and Unrestricted File Upload Vulnerability in Ninja Forms Plugin for WordPress
Windows Audio Service Elevation of Privilege Vulnerability
Heap-based Buffer Over-read in Poppler 0.74.0's PSOutputDev::checkPageSlice Function
Heap-based Buffer Over-read in Poppler's Splash::blitTransparent Function
NULL Pointer Dereference in SplashClip::clipAALine in Poppler 0.74.0
Arbitrary Code Execution via CSRF in Bolt CMS 3.6.6 File Upload Feature
URL Spoofing Vulnerability in Xiaomi Mi Browser and Mint Browser
OpenStack Neutron Open vSwitch Firewall KeyError Vulnerability
Integer Overflow and Buffer Overflow Vulnerability in Teeworlds 0.7.2
Arbitrary Free and Out-of-Bounds Pointer Write Vulnerability in Teeworlds 0.7.2
Integer Overflow and Buffer Overflow Vulnerability in Teeworlds 0.7.2
Windows Audio Service Elevation of Privilege Vulnerability
XEROX Products: Remote Command Execution Vulnerability via Crafted HTTP Request
Weak Hard-Coded Password Vulnerability in Xerox AltaLink and AltaLink C Series
Stack-based Buffer Overflow in Netskope Client Service
Command Injection Vulnerability in Citrix SD-WAN Center and NetScaler SD-WAN Center
Domain Confusion Vulnerability in Uniqkey Password Manager 1.14
Bypassing Workspace Control Security Features via Session Context Reset
Sony Photo Sharing Plus Application Incorrect Access Control Vulnerability
Reflected HTML Injection Vulnerability on Salicru SLC-20-cube3(5) Devices
CSRF Vulnerability in UKcms v1.1.10 Allows Unauthorized Addition of Admin User
Windows RPCSS Elevation of Privilege Vulnerability
Command Injection Vulnerability in D-Link DIR-806 Devices
Stack-based Buffer Overflow in D-Link DIR-806 Devices via HTTP Header
Stored/Persistent XSS vulnerability in CentOS Web Panel (CWP) allows execution of XSS payload via Admin Email fields
GSS-API Dissector Crash Vulnerability in Wireshark
NetScaler File Parser Crash Vulnerability
Vulnerability: Crash in Wireshark DOF Dissector
Infinite Loop Vulnerability in Wireshark 3.0.0 IEEE 802.11 Dissector
GSUP Dissector Infinite Loop Vulnerability in Wireshark 3.0.0
Heap-based Buffer Under-read Vulnerability in Wireshark SRVLOC Dissector
Windows dnsrslvr.dll Elevation of Privilege Vulnerability
Infinite Loop Vulnerability in Wireshark 3.0.0 Rbm Dissector
Vulnerability: Crash in LDSS Dissector in Wireshark 2.4.0 to 2.4.13, 2.6.0 to 2.6.7, and 3.0.0
TSDNS Dissector Crash Vulnerability in Wireshark 3.0.0
DCERPC SPOOLSS Dissector Crash Vulnerability
Cross-Site Scripting (XSS) Vulnerability in Roundup 1.6 via URI
Arbitrary JavaScript Code Execution in Parsedown (before 1.7.2)
Sandbox Escape Vulnerability in Pallets Jinja before 2.10.1
Insecure Remember-Me Mechanism in Airsonic 10.2.1 Allows Password Bruteforce
Vulnerability: Weak PRNG Seed in Airsonic 10.2.1 Leads to Privilege Escalation Attacks
Cross-Site Scripting (XSS) Vulnerability in Symfony Framework Bundle
Unistore.dll Memory Object Handling Vulnerability
SQL Injection and Remote Code Execution Vulnerability in Symfony Dependency Injection
Privileged User Authentication Vulnerability in Symfony
File Deletion Vulnerability in Symfony Cache and PHPUnit-Bridge
Unvalidated HTTP Methods in Symfony HTTP Foundation Vulnerability
Stack-based Buffer Overflow in pubRsaDecryptSignedElementExt in MatrixSSL 4.0.1 Open
Unauthenticated Command Execution Vulnerability in TIA Administrator
Arbitrary System Command Execution Vulnerability in SIMATIC PCS 7 and WinCC
Local Access Denial-of-Service Vulnerability in SIMATIC PCS 7 and WinCC
Vulnerability in SIMATIC PCS 7 and WinCC Allows Arbitrary Command Execution
Vulnerability in LOGO! 8 BM Allows Unauthorized Access and Device Manipulation
Chakra Scripting Engine Remote Code Execution Vulnerability
Hardcoded Encryption Key Vulnerability in LOGO! 8 BM (incl. SIPLUS variants)
Unencrypted Storage of Passwords in LOGO! 8 BM (incl. SIPLUS variants) (All versions < V8.3)
Unauthenticated Remote Code Execution Vulnerability in SIMATIC PCS 7 and WinCC
Denial of Service Vulnerability in SIMATIC Industrial Control Systems
Arbitrary Code Execution Vulnerability in LOGO! Soft Comfort (All versions < V8.3)
Privilege Escalation Vulnerability in SIMATIC MV400 Family (All Versions < V7.0.6)
Unencrypted Communication Vulnerability in SIMATIC MV400 Family (All Versions < V7.0.6)
Title: Authenticated Remote DoS Vulnerability in SCALANCE Industrial Networking Devices
Vulnerability: Arbitrary Command Execution in SCALANCE SC-600 (V2.0)
Vulnerability: Message Protection Bypass in SIMATIC Products
DirectWrite Memory Disclosure Vulnerability
Vulnerability in SIPROTEC 5 Devices: Remote File Manipulation via Port 443/TCP
Denial of Service Vulnerability in SIPROTEC 5 Devices
Cross-Site Scripting (XSS) Vulnerability in Spectrum Power Web Interface
Arbitrary Code Execution Vulnerability in TIA Portal Versions V14-V17
Arbitrary ASPX Code Upload Vulnerability in SIMATIC WinCC DataMonitor
Denial of Service Vulnerability in SIMATIC S7-400 and Other Devices
UDP Denial-of-Service Vulnerability in SIMATIC TDC CP51M1 (All versions < V1.1.7)
Arbitrary Code Execution Vulnerability in Siemens SIPROTEC 5 and Power Meters
Open Debug Port Vulnerability in TIM 3V-IE and TIM 4R-IE Devices
Windows GDI Memory Disclosure Vulnerability
Title: SINEMA Server Vulnerability: Unauthorized Administrative Operations and Firmware Updates
Missing Authentication in SINEMA Server Allows Unauthorized Access to System Configuration Backup Files
Denial-of-Service Vulnerability in SCALANCE X-200 Switch Family and SCALANCE X204RNA
Vulnerability: Unauthorized Modification of User Program on SIMATIC Controllers
Joomla! Media Manager Directory Traversal Vulnerability
Unauthenticated Access to Refresh List of Helpsites Endpoint in Joomla!
Multiple Remote Code Execution Vulnerabilities in Delta Industrial Automation CNCSoft
Denial-of-Service Vulnerability in Fujifilm FCR Capsula X/ Carbon X/ FCR XC-2
Multiple Out-of-Bounds Read Vulnerabilities in Delta Industrial Automation CNCSoft ScreenEditor Version 1.00.88 and Prior
Windows GDI Memory Disclosure Vulnerability
Insecure Telnet Services in Fujifilm FCR Systems
Multiple Heap-Based Buffer Overflow Vulnerabilities in Delta Industrial Automation CNCSoft ScreenEditor Version 1.00.88 and Prior
Stack-based Buffer Overflow Vulnerability in CompactLogix 5370 L1, L2, and L3 Controllers, Compact GuardLogix 5370 Controllers, and Armor Compact GuardLogix 5370 Controllers Versions 20 - 30 and Earlier
Denial-of-Service Vulnerability in Programmable Logic Controllers
SMTP Packet Denial-of-Service Vulnerability in CompactLogix and GuardLogix Controllers
Open Redirect Vulnerability in Rockwell Automation MicroLogix and CompactLogix Controllers
Remote Code Execution Vulnerability in Geutebruck IP Cameras
Remote Code Execution in Geutebruck IP Cameras
Remote Code Execution in Geutebruck IP Cameras
Vulnerability: Unrestricted Upload of Malicious Files during Firmware Update
Kernel Information Disclosure Vulnerability in Win32k Component
Unrestricted Front Panel Access Vulnerability in Zebra Industrial Printers
Remote Code Execution Vulnerability in Advantech WebAccess HMI Designer Version 2.1.9.23 and Prior
Alaris Gateway Workstation Unauthorized Access Vulnerability
Information Disclosure Vulnerability in Moxa EDR 810 (Versions 5.1 and Prior)
Vulnerability: Unauthorized Access and Control of Medtronic Insulin Pumps
Heap-based Buffer Overflow Vulnerability in Emerson Ovation OCR400 Controller 3.3.1 and Earlier
Remote Configuration Modification and Alarm Silencing Vulnerability in GE Aestiva and Aespire Versions 7100 and 7900
Stack-based Buffer Overflow in Emerson Ovation OCR400 Controller FTP Server
Unauthorized Activation of System Options in Philips Holter 2010 Plus
Ping Abuse Vulnerability in Moxa EDR 810: Remote Code Execution
DirectWrite Memory Disclosure Vulnerability
Root-level File System Access Vulnerability in Rockwell Automation PanelView 5510
Untrusted Search Path Vulnerability in Network Configurator for DeviceNet Safety 3.41 and Prior
CPU Exhaustion Vulnerability in Mitsubishi Electric FR Configurator2
Unintentional Access Vulnerability in Quest KACE
Arbitrary Code Execution Vulnerability in NREL EnergyPlus
Fuji Electric Alpha7 PC Loader Out-of-Bounds Read Vulnerability
Arbitrary File Read Vulnerability in Mitsubishi Electric FR Configurator2
Denial-of-Service Vulnerability in Mitsubishi Electric MELSEC-Q Series Ethernet Module QJ71E71-100
Multiple Memory Exploitation Vulnerabilities in Red Lion Controls Crimson
Hard-coded Customer Account Password Vulnerability in SICK MSC800 Firmware Versions Prior to 4.0
Windows GDI Memory Disclosure Vulnerability
Type Confusion Vulnerability in LAquis SCADA 4.3.1.71 Allows Remote Code Execution
Local User Credential Access Vulnerability in Vijeo Citect and CitectSCADA
Multiple Heap-Based Buffer Overflow Vulnerabilities in Delta Electronics CNCSoft ScreenEditor
Out-of-Bounds Read Vulnerability in WebAccess/SCADA Versions 8.3.5 and Prior
Multiple Pointer Mishandling Vulnerabilities in Red Lion Controls Crimson
Path Traversal Vulnerability in WebAccess/SCADA Versions 8.3.5 and Prior
Multiple Out-of-Bounds Write Vulnerabilities in WebAccess/SCADA Versions 8.3.5 and Prior
Vulnerability: Exploitable Operating System in Philips HDI 4000 Ultrasound Systems
Heap-based Buffer Overflow Vulnerabilities in WebAccess/SCADA Versions 8.3.5 and Prior
Windows GDI Memory Disclosure Vulnerability
Hard-coded Password Vulnerability in Red Lion Controls Crimson
Multiple Stack-Based Buffer Overflow Vulnerabilities in WebAccess/SCADA Versions 8.3.5 and Prior
Out-of-Bounds Read Vulnerabilities in Delta Electronics CNCSoft ScreenEditor
Untrusted Pointer Dereference Vulnerabilities in WebAccess/SCADA Versions 8.3.5 and Prior
Out-of-Bounds Read Vulnerability in LAquis SCADA 4.3.1.71
Hidden Administrative Accounts in ABB CP651 HMI Products: Vulnerability in Revision BSP UN30 v1.76 and Prior
Memory Corruption Vulnerability in Red Lion Controls Crimson
Protocol Fuzzing Vulnerability in Phoenix Contact AXC F 2152 Devices
Unlimited Physical Access Vulnerability Leading to SD Card Manipulation and Authentication Bypass
Stack-based Buffer Overflow in D-Link DCS Series Wi-Fi Cameras' Alphapd Web Server
Windows GDI Memory Disclosure Vulnerability
GitLab Enterprise Edition Information Disclosure Vulnerability
Command Injection Vulnerability in Reolink RLC-410W, C1 Pro, C2 Pro, RLC-422W, and RLC-511W Devices
XSS Vulnerability in Materialize Tooltip Feature
XSS Vulnerability in Materialize Autocomplete Feature
XSS Vulnerability in Materialize's Toast Feature
Stack-based Buffer Overflow in GraphicsMagick 1.4 Snapshot-20190322 Q8: Remote Code Execution via SVGStartElement
Heap-based Buffer Over-read in GraphicsMagick's ReadMIFFImage Function
Heap-based Buffer Over-read in GraphicsMagick's ReadMNGImage Function
Heap-based Buffer Overflow in GraphicsMagick 1.4 Snapshot-20190322 Q8: WriteXWDImage Vulnerability
Heap-based Buffer Over-read in GraphicsMagick's ReadXWDImage Function
Windows GDI Memory Disclosure Vulnerability
Memory Leak in ReadMPCImage Function of GraphicsMagick 1.4 Snapshot-20190322 Q8
Remote Code Execution Vulnerability in Akamai CloudTest before 58.30
Nimble Streamer Directory Traversal Vulnerability
Vulnerability: Camera Spoofing and Credential Theft in VStarCam Eye4 Application
MIUI OS Version 10.1.3.0 Lockscreen Bypass Vulnerability via Wallpaper Carousel
Open Redirect Vulnerability in Elgg before 1.12.18 and 2.3.x before 2.3.11
Multiple Stored and Reflected XSS Vulnerabilities in D-Link DI-524 V2.06RU Web Configuration
Cookie-based credentials can be exploited to retain administrator access after password change in ThinkAdmin V4.0
Unauthenticated Remote Access to Claim Details in DDRT Dashcom Live
GDI+ Remote Code Execution Vulnerability
Remote Access to Claim Details in DDRT Dashcom Live 2019-05-09
Authenticated Unrestricted File Upload Vulnerability in Schlix CMS 2.1.8-7 Allows Remote Code Execution
NULL Pointer Dereference in agroot() function in Graphviz 2.39.20160612.1140
Infinite Recursion Vulnerability in libsixel 1.8.2's load_pnm function
Cross-Site Scripting (XSS) Vulnerability in clearFilter() Function in Cacti before 1.2.3
Infinite Recursion Vulnerability in Poppler 0.75.0's FontInfoScanner::scanFonts
Remote Code Execution Vulnerability in Ruby OpenID (ruby-openid) Library
Arbitrary File Upload Vulnerability in GAT-Ship Web Module before 1.40
Directory Traversal Vulnerability in Mirasys VMS AutoUpdateService
Chakra Scripting Engine Remote Code Execution Vulnerability
Insecure Deserialization Vulnerability in Mirasys VMS
Privilege Escalation via Auto-Update Feature in Mirasys VMS
Cross Site Scripting (XSS) Vulnerabilities in EasyToRecruit (E2R) before 2.11
HTML Injection Vulnerability in Applaud HCM 4.0.42+ with XSS Payload
Buffer Overflow Vulnerability in PHP EXIF Extension
Buffer Overflow Vulnerability in PHP EXIF Extension
Buffer Overflow Vulnerability in PHP EXIF Extension
Out-of-Bounds Write Vulnerability in PHP Imagick Extension
Uninitialized Variable Vulnerability in gdImageCreateFromXbm() Function
Out-of-Buffer Read Vulnerability in PHP's iconv_mime_decode_headers() Function
Memory Corruption Vulnerability in Microsoft Browsers: Remote Code Execution
Buffer Overflow Vulnerability in PHP EXIF Extension
Buffer Overflow Vulnerability in PHP EXIF Extension
Buffer Overflow Vulnerability in PHP EXIF Extension
Remote Code Execution Vulnerability in PHP FPM Module
PHP link() Function Vulnerability: Embedded Null Byte Termination
PHP DirectoryIterator Class Vulnerability: Embedded Null Byte Termination
Memory Disclosure Vulnerability in PHP bcmath Extension
Buffer Overflow Vulnerability in PHP EXIF Extension
Memory Exhaustion and Disk Space Accumulation Vulnerability in PHP File Uploads
Double-Free Vulnerability in PHP mail() Function on Windows
Outlook for Android Email Spoofing Vulnerability
Buffer Overflow Vulnerability in PHP EXIF Extension
Arbitrary SQL Command Execution in Vtiger CRM before 7.1.0 hotfix3
Buffer Overflow Vulnerability in Das U-Boot 2016.11-rc1 through 2019.04
Chakra Scripting Engine Remote Code Execution Vulnerability
Vulnerability: Slowloris HTTP Denial of Service in ASUS HG100 Firmware up to 1.05.12
Unauthenticated Control of IoT Devices via HG100 Firmware Vulnerability
OS Command Injection Vulnerability in SUNNET WMPro v5.0 and v5.1 for eLearning System via /teach/course/doajaxfileupload.php
Unauthenticated Access Control Vulnerability in SmartHome App Allows Unauthorized Control of IoT Devices
Remote Credential Disclosure Vulnerability in Advan VD-1 Firmware Versions up to 230
Insecure HTTP URL Vulnerability in Gradle's JavaScript and CoffeeScript Plugins
SSRF Vulnerability in LightOpenID through 1.3.1 via Crafted OpenID 2.0 Assertion Request
Bypass of Protection Mechanism in libxslt through 1.1.33
Improper Handling of Standard Conforming Strings in Sequelize Version 5 before 5.3.0
Chakra Scripting Engine Remote Code Execution Vulnerability
Improper Application of HTTP Proxy Settings in WebKitGTK and WPE WebKit Leads to Deanonymization
Arbitrary Code Execution Vulnerability in SPIP 3.1 and 3.2
Signed Integer Overflow in lighttpd before 1.4.54 Allows Denial of Service
Remote Code Execution Vulnerability in PRTG Network Monitor before 19.4.54.1506
Arbitrary File Placement Vulnerability in PRTG Network Monitor
Arbitrary Command Execution in Cribl UI 1.5.0
CSRF Vulnerability in FastAdmin V1.0.0.20190111_beta Allows Unauthorized Addition of Admin User
CSRF Vulnerability in MKCMS V5.0 Allows Unauthorized Addition of Admin User
Windows RDP Client Memory Disclosure Vulnerability
Remote Code Execution via Deserialization in Sitecore Experience Platform (XP) prior to 9.1.1
Default Username and Password Vulnerability in Dentsply Sirona Sidexis 4.3.1 and Earlier
Directory Traversal Vulnerability in DKPro Core API Allows Overwriting of Local Files
Stored XSS vulnerability in GAuth 0.9.9 beta allows for repeated popups and cookie disclosure.
Kernel Mode Driver Vulnerability in Intel(R) i915 Graphics for Linux
Intel(R) AMT Subsystem Vulnerability: Unauthenticated Privilege Escalation via Physical Access
Insufficient Input Validation in Intel(R) CSME and Intel(R) TXE Subsystems: Privilege Escalation, Information Disclosure, and Denial of Service Vulnerability
Escalation of Privilege Vulnerability in Intel(R) AMT Subsystem
Denial of Service Vulnerability in Intel(R) Graphics Driver
Microsoft Office Javascript Spoofing Vulnerability
Timing-based Cryptographic Vulnerability in Intel Subsystems
MDSUM: Information Disclosure Vulnerability via Uncacheable Memory
Insufficient Password Protection in Open CIT Attestation Database: Potential Information Disclosure Vulnerability
Unquoted Service Path Vulnerability in Intel(R) SCS Discovery Utility
Insufficient Input Validation in Intel (R) NUC Kit Firmware: Potential Privilege Escalation, DoS, and Information Disclosure Vulnerability
Insufficient Access Control in Intel(R) Driver & Support Assistant Allows Information Disclosure via Local Access
Memory Protection Vulnerability in Intel(R) Ethernet I218 Adapter Driver for Windows* 10
Privilege Escalation via Improper Directory Permissions in Intel Management Engine Consumer Driver Installer
Insufficient Input Validation in MdeModulePkg in EDKII: Potential for Privilege Escalation, DoS, and Information Disclosure via Physical Access
Microsoft Excel Remote Code Execution Vulnerability
Intel(R) AMT Subsystem Insufficient Input Validation Vulnerability
Information Disclosure Vulnerability in Intel(R) CSME and Intel(R) TXE
Information Disclosure Vulnerability in Intel(R) DAL and Intel(R) TXE Software
Firmware Update Software Vulnerability in Intel(R) CSME: Potential Privilege Escalation via Local Access
Insufficient Input Validation in Intel(R) CSME and TXE Software: Local Privilege Escalation Vulnerability
Privilege Escalation and Information Disclosure Vulnerability in Intel(R) CSME Subsystem
Insufficient Session Validation Vulnerability in Intel(R) CSME and Intel(R) TXE
Intel(R) AMT Subsystem Vulnerability: Unauthenticated Privilege Escalation via Network Access
Privilege Escalation Vulnerability in Intel(R) CSME Subsystem
Denial of Service Vulnerability in Intel(R) SPS Subsystem
Microsoft Excel Remote Code Execution Vulnerability (CVE-2019-1111)
Authentication Bypass Vulnerability in Intel(R) CSME and Intel(R) TXE
Potential Privilege Escalation via Pointer Corruption in Intel Graphics Drivers
Kernel Mode Driver Memory Corruption Vulnerability in Intel(R) Graphics Driver
Buffer Overflow Vulnerability in Intel(R) Graphics Driver Allows Information Disclosure via Local Access
Denial of Service Vulnerability in Intel(R) Driver & Support Assistant version 19.3.12.3 and earlier
Privilege Escalation Vulnerability in Intel(R) Omni-Path Fabric Manager GUI
Insufficient Session Validation in Intel(R) RWC3 Service API: Potential Privilege Escalation via Network Access
Memory Disclosure Vulnerability in Microsoft Excel
Path Traversal Vulnerability in Intel(R) Active System Console Installer
Privilege Escalation via Improper File Permissions in Intel(R) Media SDK Installer
Insufficient Session Validation in Intel(R) NUC Kit Firmware: Privilege Escalation, DoS, and Information Disclosure Vulnerability
Critical Vulnerability in Intel(R) NUC Kit Firmware Allows Privilege Escalation and Information Disclosure
Vulnerability: Insufficient Input Validation in Intel(R) NUC Kit Firmware
Vulnerability: Pointer Corruption in Intel(R) NUC Kit System Firmware
Buffer Overflow Vulnerability in Intel(R) NUC Kit Firmware: Potential Privilege Escalation, Denial of Service, and Information Disclosure
Vulnerability: Insufficient Input Validation in Intel(R) NUC Kit Firmware
Critical Vulnerability in Intel(R) NUC Kit Firmware Allows Privilege Escalation and Information Disclosure
.NET Framework Remote Code Execution Vulnerability
Intel(R) AMT Subsystem Logic Issue Vulnerability
Cross-Site Scripting Vulnerability in Intel(R) AMT Subsystem
Improper Access Control in Intel(R) Processor Diagnostic Tool: Potential Privilege Escalation, Information Disclosure, and Denial of Service
TSX Asynchronous Abort: Speculative Execution Side Channel Vulnerability
Vulnerability: Insufficient Access Control in System Firmware for Intel Processors
Vulnerability: Insufficient Input Validation in Intel Processors Firmware
Denial of Service Vulnerability in Intel Xeon Scalable Processors' Voltage Modulation Interface
Insufficient Session Validation in Intel(R) NUC System Firmware: Privilege Escalation, DoS, and Information Disclosure Vulnerability
Privilege Escalation Vulnerability in Intel(R) Authenticate Software Installer
Vulnerability: Improper File Verification in Intel® Driver & Support Assistant
Escalation of Privilege Vulnerability in Intel® Driver & Support Assistant
Privilege Escalation Vulnerability in Intel Hardware Abstraction Driver for MEInfo, TXEInfo, INTEL-SA-00086 Detection Tool, and INTEL-SA-00125 Detection Tool
Privilege Escalation Vulnerability in Intel(R) Remote Displays SDK Installer
Vulnerability: Memory Corruption in Intel(R) WIFI Drivers Allows Privilege Escalation and Information Disclosure
Vulnerability: Memory Corruption in Intel(R) WIFI Drivers Allows Privilege Escalation and Denial of Service
Vulnerability in Intel(R) PROSet/Wireless WiFi Software Extension DLL Allows for Privilege Escalation and Information Disclosure
Improper Directory Permissions in Intel(R) PROSet/Wireless WiFi Software: Potential Denial of Service and Information Disclosure Vulnerability
Improper Directory Permissions in Intel(R) PROSet/Wireless WiFi Software: Potential Denial of Service and Information Disclosure Vulnerability
Intel(R) PROSet/Wireless WiFi Software Logic Errors Vulnerability
Voltage Settings Vulnerability in Intel(R) Processors: Potential Privilege Escalation and Information Disclosure via Local Access
Windows GDI Memory Disclosure Vulnerability
Insufficient Access Control in SEMA Driver for Intel(R) Computing Improvement Program: Potential Privilege Escalation, Denial of Service, and Information Disclosure
Insufficient Access Control in Intel(R) Processor Identification Utility for Windows: Potential Privilege Escalation, Denial of Service, and Information Disclosure
Denial of Service Vulnerability in Linux Kernel Driver for Intel FPGA SDK for OpenCL Pro Edition
Privilege Escalation Vulnerability in Intel(R) Easy Streaming Wizard Installer
Privilege Escalation Vulnerability in Intel(R) Smart Connect Technology Installer for Intel(R) NUC
Title: Intel Baseboard Management Controller Firmware Vulnerability: Insufficient Session Validation Enables Information Disclosure and Denial of Service
DirectWrite Remote Code Execution Vulnerability
Intel(R) Baseboard Management Controller Firmware Authentication Bypass Vulnerability
Heap Corruption Vulnerability in Intel(R) Baseboard Management Controller Firmware
Intel Baseboard Management Controller Firmware Out-of-Bound Read Vulnerability
Title: Intel Baseboard Management Controller Firmware Vulnerability: Insufficient Session Validation Enables Information Disclosure and Denial of Service
Intel(R) Baseboard Management Controller Firmware Vulnerability: Unauthorized Information Disclosure via Network Access
Title: Unauthenticated Denial of Service Vulnerability in Intel(R) Baseboard Management Controller Firmware
Intel(R) Baseboard Management Controller Firmware Unauthenticated Denial of Service Vulnerability
Intel Baseboard Management Controller Firmware Stack Overflow Vulnerability
Intel(R) Baseboard Management Controller Firmware Information Disclosure Vulnerability
DirectWrite Remote Code Execution Vulnerability
Title: Unauthenticated Denial of Service Vulnerability in Intel(R) Baseboard Management Controller Firmware
Unauthenticated Network Access Vulnerability in Intel(R) Baseboard Management Controller Firmware
Intel(R) Baseboard Management Controller Firmware Memory Corruption Vulnerability
Race Condition Vulnerability in Intel (R) DDIO Cache Allocation and RDMA: Potential Information Disclosure via Adjacent Access
Arbitrary File Upload Vulnerability in WP Live Chat Support Pro Plugin
LDAP Class of GONICUS GOsa: Incorrect Access Control Vulnerability
Authentication Bypass by Spoofing in ONOS v2.0 and earlier: Exploiting Access Control and Host Mobility Vulnerability
DirectWrite Remote Code Execution Vulnerability
Race condition vulnerability in Linux kernel allows local users to bypass ASLR on setuid programs
Race condition vulnerability in Linux kernel allows bypassing ASLR on setuid a.out programs
Cross-Site Scripting (XSS) Vulnerability in InfinitumIT DirectAdmin v1.561 Allows Administration Panel Takeover
Authentication Bypass Vulnerability in ValuePLUS Integrated University Management System (IUMS) Allows Remote Attackers to Gain Administrator Privileges
Multiple Cross-Site Scripting (XSS) Vulnerabilities in Sitecore CMS 9.0.1 and Earlier
Stored XSS Vulnerability in Dolibarr ERP/CRM 9.0.1 via Uploaded Files
DirectWrite Remote Code Execution Vulnerability
Arbitrary Binary Execution Vulnerability in Dolibarr ERP/CRM 9.0.1
Code Execution Vulnerability in Dolibarr ERP/CRM 9.0.1 Website Module
Default Admin User Vulnerability
Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) Vulnerabilities in TIBCO ActiveMatrix BPM and TIBCO Silver Fabric
Vulnerability in TIBCO Spotfire Statistics Services Web Interface Allows Unauthorized Access to Sensitive Information
Reflected Cross-Site Scripting (XSS) Vulnerability in TIBCO Spotfire Analytics Platform and Server
Integrity Undermining Vulnerability in TIBCO Spotfire Analytics Platform and Server
Multiple Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) Vulnerabilities in TIBCO LogLogic Enterprise Virtual Appliance and Log Management Intelligence
OAuth Authorization Privilege Escalation Vulnerability in TIBCO API Exchange Gateway
Access Control Failure in TIBCO FTL Realm Configuration Component
DirectWrite Remote Code Execution Vulnerability
Remote Code Execution Vulnerability in TIBCO Enterprise Runtime for R - Server Edition and TIBCO Spotfire Analytics Platform for AWS Marketplace
Remote Code Execution Vulnerability in TIBCO Enterprise Runtime for R - Server Edition and TIBCO Spotfire Analytics Platform
Multiple Cross-Site Scripting (XSS) Vulnerabilities in TIBCO MDM Server Component
Session Token Replay and Spoofing Vulnerability in Pulse Secure Pulse Desktop Client and Network Connect
Arbitrary Code Execution via Writable Configuration File in Combodo iTop
BMC Smart Reporting 7.3 20180418 - Authenticated XXE Vulnerability in Import Functionality
Arbitrary Command Execution in Bonobo Git Server
Privilege Escalation via Extra Parameters in Bonobo Git Server AccountController
Predictable Device IDs in Shenzhen Yunni Technology iLnkP2P: Exploiting a Flaw in UID Generation Algorithm
DirectWrite Remote Code Execution Vulnerability
iLnkP2P Authentication Flaw: Remote Interception of Cleartext Traffic and Device Credentials
Buffer Overflow Vulnerability in GPAC 0.7.1's gf_import_message()
Buffer Overflow Vulnerability in gf_bin128_parse Function in GPAC 0.7.1
Unrestricted File Upload Vulnerability in SupportCandy Plugin for WordPress
Remote OS Command Injection in HARMAN AMX MVP5150 v2.87.13 Devices
XSS Vulnerability in CMS Made Simple 2.2.10 via Add Article in Content Manager
Unvalidated Input in MirrorAddress Parameter in Gitea before 1.7.6 and 1.8.x before 1.8-RC3
Remote Code Execution via Mishandled Mirror Repo URL Settings in Gitea
DirectWrite Remote Code Execution Vulnerability
Symlink Vulnerability in Avast Antivirus Allows Arbitrary File Renaming
Arbitrary File Upload and Authentication Bypass in GetSimple CMS
Unauthenticated User Information Leakage in EXCELLENT INFOTEK BiYan v1.57 ~ v2.8
Unauthenticated User Information Leakage in EXCELLENT INFOTEK BiYan v1.57 ~ v2.8
Dragonblood: Authentication Spoofing Vulnerability in FreeRADIUS
Dragonblood: FreeRADIUS Vulnerability in Scalar Verification and Curve Point Validation
CRLF Injection Vulnerability in urllib3 Library
DirectWrite Remote Code Execution Vulnerability
Unverified TLS Certificate Vulnerability in Cohesity DataPlatform
Kubernetes Vulnerability: Ineffective Clearing of Service Account Credentials in rest.AnonymousClientConfig()
World-writeable permissions in kubectl cache directory in Kubernetes v1.8.x-v1.14.x
Container RunAsRoot Vulnerability in kubelet v1.13.6 and v1.14.2
Arbitrary Code Execution via kubectl cp Command
Kubernetes kube-apiserver Cluster-Scoped Custom Resource Access Vulnerability
Unauthenticated Debugging Endpoint Exposes Sensitive Information in Kubelet Healthz Port
Arbitrary Code Execution via kubectl cp Command
Speculative Memory Access Vulnerability
Kubernetes Client-go Library Vulnerability: Unauthorized Disclosure of Credentials via Request Header Logging
Kubernetes kubectl cp Command Symlink Vulnerability
Credential Leakage in Kubernetes kube-controller-manager
Kubernetes API Server Denial of Service Vulnerability
Excessive CPU Consumption Vulnerability in Kubernetes API Server
Unauthorized Data Access and Volume Manipulation in Kubernetes CSI Sidecar Containers
ADFS Extranet Lockout Bypass Vulnerability
Improper Escaping in Cloud Foundry UAA Allows Privilege Escalation and Information Disclosure
Open Redirect Vulnerability in Spring Security OAuth
DirectWrite Remote Code Execution Vulnerability
Arbitrary Scope Creation Vulnerability in Cloud Foundry UAA
Information Disclosure Vulnerability in Cloud Foundry BOSH Director
Vulnerability: Authentication Bypass via Null Password in Spring Security
Information Leakage in Pivotal Container Services (PKS) Logging
XSS Vulnerability in Cloud Foundry UAA Versions Prior to 74.0.0
CSV Formula Injection Vulnerability in Pivotal Application Manager
Unsecured HTTP Request Vulnerability in Pivotal Apps Manager
LDAP Injection Vulnerability in Cloud Foundry NFS Volume Service
Privilege Escalation and Scope Control Vulnerability in CF UAA
Privilege Escalation via Scope Manipulation in CF UAA
DirectWrite Remote Code Execution Vulnerability
Privilege Escalation through Invitations in Pivotal Apps Manager
Cross-Site Scripting (XSS) Vulnerability in Pivotal RabbitMQ and RabbitMQ for PCF
SCIM Injection Vulnerability in Cloud Foundry UAA
Sensitive Information Exposure in Cloud Foundry SMB Volume Logs
Authorization Header Leakage in Pivotal Reactor Netty
Remote Code Execution in VMware GemFire and VMware Tanzu GemFire JMX Service
Denial of Service Vulnerability in Pivotal RabbitMQ and RabbitMQ for Pivotal Platform
Man-in-the-Middle Attack on JMX Interface in Pivotal tc Server and tc Runtimes
Cloud Foundry Routing Nonce Validation Vulnerability
Windows AppX Deployment Service (AppXSVC) Hard Link Elevation of Privilege Vulnerability
Information Leakage: Logging of Query Parameters in Cloud Foundry UAA
Cross-Site Scripting (XSS) Vulnerability in Pivotal RabbitMQ and RabbitMQ for PCF
Authentication Credentials Logging Vulnerability in Pivotal Ops Manager
Information Leakage: Client Secret Credentials Exposed in Cloud Foundry UAA Logging
Unauthorized Access to Global Service Brokers in Cloud Foundry Cloud Controller API (CAPI)
Windows AppX Deployment Service (AppXSVC) Hard Link Elevation of Privilege Vulnerability
Chakra Scripting Engine Remote Code Execution Vulnerability
Persistent XSS vulnerability in Zimbra Collaboration before 8.8.12 Patch 1
Remote Code Execution via Command Injection in Motorola CX2 and M2 Firmware Download Function
Win32k Memory Object Handling Elevation of Privilege Vulnerability
Unauthenticated Remote Telnet Access Vulnerability in Motorola CX2 1.01 and M2 1.01 Routers
Unauthenticated Information Disclosure in Motorola CX2 and M2 Routers
Remote Code Execution via Command Injection in Motorola CX2 and M2 1.01
Uninitialized HMAC Keys Vulnerability in HAProxy
Improper SSL Certificate Verification in urllib3 Library
Arbitrary PHP Code Execution Vulnerability in Symfony VarExport Component
Authentication Bypass Vulnerability in Topcon Positioning Net-G5 GNSS Receiver
Local File Inclusion Vulnerability in Topcon Positioning Net-G5 GNSS Receiver Firmware 5.2.2
Privilege Escalation via Insecure Permissions in Singularity 3.1.0 to 3.2.0-rc2
Internet Explorer Scripting Engine Memory Corruption Vulnerability
NTP Vulnerability: Off-Path Attacks via Port 123
Arbitrary User Account Takeover in MKCMS 5.0 via ucenter/repass.php
Authentication Bypass Vulnerability in Tzumi Electronics Klic Lock Application 1.0.9 Allows Unauthorized Access and Unlocking of Tzumi Electronics Klic Smart Padlock Model 5686
Remote Retrieval of Wi-Fi Password in Sony Bravia Smart TVs via Photo Sharing Plus Application
FFmpeg HEVC Decoder Remote Denial of Service Vulnerability
Out-of-array Access Vulnerability in FFmpeg MPEG-4 Video Decoder
Microsoft Office SharePoint XSS Vulnerability
Email Domain Bypass Vulnerability in Matrix Sydent
Vulnerability: Unauthorized TCP Dump Capture on Samsung P(9.0) Phones
Torpedo Query before 2.5.3 SQL Injection Vulnerability
Arbitrary Code Execution via .htaccess File Upload in Pluck 4.7.8
Cross-Site Scripting (XSS) Vulnerability in Citrix SD-WAN Center and NetScaler SD-WAN Center
Cleartext Password Storage and Retrieval Vulnerability in CloudBees Jenkins Operations Center 2.150.2.3
Remote Code Execution Vulnerability in TeamSpeak 3 Client (Versions before 3.2.5) via Qt Framework
Command Injection Vulnerability in EnGenius EWS660AP Router Firmware 2.0.284
Template Injection Vulnerability in EA Origin 10.5.36 on Windows
Command Injection Vulnerability in Poly HDX 3.1.13
Arbitrary Code Execution via CalDAV PUT Operation with Long iCalendar Property Name
Object.prototype Pollution in jQuery before 3.4.0
Arbitrary Web Script Injection in I, Librarian 4.10 via display.php
Critical Elevation of Privilege Vulnerability in Microsoft Exchange Server
Buffer Overflow Vulnerability in iptables-restore Allows Code Execution
Privilege Escalation and Application Takeover in Zoho ManageEngine Remote Access Plus 10.0.258
SQL Injection Vulnerability in ROCBOSS V2.2.1 via PostController.php
SQL Injection Vulnerability in Snare Central 7.4.5 and Earlier: Remote Code Execution via AgentConsole/UserGroupQuery.php ShowUser Parameter
OS Command Injection Vulnerability in Snare Central before 7.4.5 via ServerConf/DataManagement/DiskManager.php
Stack-based Buffer Overflow in atftpd
Denial of Service Vulnerability in atftpd 0.7.1
Insecure HTTP Basic Authentication in AUO Solar Data Recorder
Stored XSS Vulnerability in AUO Solar Data Recorder 1.3.0 via protect/config.htm addr Parameter
Carel pCOWeb Cleartext Password Storage Vulnerability
Microsoft Exchange Server Spoofing Vulnerability
Stored XSS Vulnerability in Carel pCOWeb (prior to B1.2.4) via System Contact Field
Buffer Overflow Vulnerability in BWA 0.7.17 r1198
MediaInfoLib: Out-of-Bounds Read Vulnerability in File__Tags_Helper::Synched_Test
Out-of-Bounds Read Vulnerability in MediaInfoLib
CSRF Vulnerability in 74CMS v5.0.1 Allows Unauthorized Addition of Admin User
CSRF Vulnerability in Msvod v10 Allows Unauthorized User Information Modification
Arbitrary PHP Code Execution in SOY CMS v3.0.2
Arbitrary File Upload Vulnerability in WCMS v0.3.2 via WCMS Finder Action
Arbitrary File Read and Potential Code Execution in ProjectSend r1053
Chakra Scripting Engine Remote Code Execution Vulnerability
Bypassing Master-Password Feature in ES File Explorer Allows Remote FTP Access
User Credentials Disclosure in Medha WiFi FTP Server Application
Insecure Storage of Confidential Information in Zalora Android App (Version 6.15.1)
Denial of Service Vulnerability in OWASP ModSecurity Core Rule Set (CRS)
Denial of Service (ReDOS) Vulnerability in OWASP ModSecurity Core Rule Set (CRS)
Denial of Service Vulnerability in OWASP ModSecurity Core Rule Set (CRS) 3.1.0
Chakra Scripting Engine Remote Code Execution Vulnerability
Denial of Service Vulnerability in OWASP ModSecurity Core Rule Set (CRS)
Denial of Service Vulnerability in OWASP ModSecurity Core Rule Set (CRS) through 3.1.0
XXE Vulnerability in BlogEngine.NET 3.3.7 and Earlier via apml File in syndication.axd
Privilege Escalation via Password Change in M/Monit
Buffer Overflow Vulnerability in MailCarrier 2.51 Allows Remote Code Execution
Privilege Escalation via Permissive Access Rights in Avira Free Security Suite 10
Local File Inclusion Vulnerability in Rapid4 RapidFlows Enterprise Application Builder 4.5M.23
Multiple Cross-Site Scripting (XSS) Vulnerabilities in UliCMS 2019.2 and 2019.1
OS Command Injection Vulnerability in TRENDnet TEW-651BR, TEW-652BRP, and TEW-652BRU Devices
Chakra Scripting Engine Remote Code Execution Vulnerability
Buffer Overflow Vulnerability in TRENDnet TEW-651BR, TEW-652BRP, and TEW-652BRU Devices
Arbitrary Code Execution Vulnerability in SiteServer CMS 6.9.0
Unencrypted Storage of Credentials in Gradle Enterprise Build Cache Nodes
Password Reflection in Gradle Enterprise Build Cache Nodes
Insecure HTTP Resolution of Gradle Build Artifacts in arrow-kt before 0.9.0
Insecure Dependency Resolution in OpenAPI Generator
Cross-Site Scripting (XSS) Vulnerability in Subrion CMS 4.2.1 via _core/en/contacts/
Information Disclosure Vulnerability in FusionPBX Operator Panel Module
Remote Code Execution via XSS in FusionPBX Operator Panel
Command Injection and Remote Code Execution in FusionPBX Operator Panel
Chakra Scripting Engine Remote Code Execution Vulnerability
Command Injection Vulnerability in FusionPBX Backup Module
Stack-based Buffer Overflow in Artifex MuJS 1.0.5's Number#toFixed() and numtostr Implementations
Denial of Service Vulnerability in Artifex MuJS 1.0.5
Unlimited Recursion Vulnerability in Artifex MuJS 1.0.5
Vulnerability: Unauthorized Administrative Access on Intelbras IWR 3000N 1.5.0 Devices
Denial of Service Vulnerability in Intelbras IWR 3000N 1.5.0 Devices
CSRF Vulnerability in Intelbras IWR 3000N 1.5.0 Devices Allows Complete Router Control
Buffer Overflow Vulnerability in TRENDnet TV-IP110WN Cameras
Buffer Overflow Vulnerability in TRENDnet TEW-632BRP 1.010B32 Router's apply.cgi via SOAPACTION:HNAP1 Interface
Denial of Service Vulnerability in WeChat Android Application through Emoji File Replacement
.NET Framework File Creation Elevation of Privilege Vulnerability
XSS Vulnerability in iCMS 7.0.14 via admincp.php?app=config Tab Parameter
XSS Vulnerability in iCMS 7.0.14 via search.app.php
XSS Vulnerability in I, Librarian 4.10 via export.php export_files Parameter
Reflected XSS Vulnerability in CentOS Web Panel's Add DNS Zone Screen
Windows Graphics Component Memory Disclosure Vulnerability
Windows Font Library Remote Code Execution Vulnerability
Liferay Portal CE 7.1.2 GA3 OS Command Execution Vulnerability
Arbitrary File Upload and Remote Code Execution in OpenKM 6.3.2 - 6.3.7
Arbitrary File Upload Vulnerability in ATutor 2.2.4
Arbitrary Code Execution via Avatar Upload in CutePHP CuteNews 2.1.2
Zoho ManageEngine Applications Manager Unauthenticated SQL Injection Vulnerability
XSS Vulnerability in I, Librarian 4.10 via notes.php notes Parameter
Windows Font Library Remote Code Execution Vulnerability
Title: WhatsNS 4.0 Index.php?question/ajaxadd.html SQL Injection Vulnerability
WhatsNS 4.0 SQL Injection Vulnerability via index.php?inform/add.html qid Parameter
Vulnerability: SQL Injection in whatsns 4.0 admin_category/remove.html
Persistent Cross-Site Scripting (XSS) in Tildeslash Monit before 5.25.3 via Manipulation of Authorization Header
Buffer Over-read Vulnerability in Tildeslash Monit Allows Memory Retrieval and Denial of Service
Gila CMS 1.10.1 - Arbitrary PHP Code Execution via fm/save CSRF
Multiple CSRF Vulnerabilities in MicroPyramid Django CRM 0.2.1
Arbitrary File Overwriting Vulnerability in SmtpTransport in CakePHP 3.7.6
Uninitialized Memory Use in GNOME Evince TIFF Document Backend
Jet Database Engine Remote Code Execution Vulnerability
Thumbnailer Escape Vulnerability in GNOME gnome-desktop
Vulnerability: Sandbox Escape in GNOME Nautilus Thumbnailer
Memory Leak Vulnerability in libarchive 3.3.4-dev via Crafted ZIP File
Missing Security Headers in Couchbase Server Views REST API (port 8092) in Versions 5.5.0 and 5.1.2
Username Leakage in Couchbase Server Logs
Unauthenticated Access to System Diagnostic Profile in Couchbase Server 6.0.0 and 5.5.0
Buffer Overrun Vulnerability in Couchbase Server 4.6.3 and 5.5.0
SQL Injection and Remote Code Execution in Zoho ManageEngine Applications Manager
Jet Database Engine Remote Code Execution Vulnerability
Uncontrolled Resource Consumption Vulnerability in ImageMagick's Cineon Parsing Component
Use-after-free vulnerability in libheif 1.4.0's heif::HeifContext::Image::set_alpha_channel in heif_context.h
Denial-of-Service Vulnerability in ImageMagick's XWD Image Parsing Component
Denial of Service in GraphicsMagick 1.3.31 via Crafted XWD Image File
Denial of Service in GraphicsMagick 1.3.31 via Crafted XWD Image File
Integer Overflow Vulnerability in Whoopsie: Out-of-Bounds Write and Potential Code Execution
Integer Overflow Vulnerability in Linux Kernel TCP SACK Handling
TCP SACK Fragmentation Vulnerability
Linux Kernel Default MSS Hard-Coded to 48 Bytes Denial of Service Vulnerability
Microsoft Graphics Component Information Disclosure Vulnerability
Insecure Repository and Unauthenticated Package Installation Vulnerability in pc-kernel Snap Build Process
Privilege Escalation Vulnerability in apport
TOCTTOU Vulnerability in Apport Allows Arbitrary Directory Write
Privilege Escalation via Apport Mishandling of Container Crash Dumps
Integer Overflow in bson_ensure_space: A Vulnerability Discovered by Kevin Backhouse in whoopsie
World-writable directory vulnerability in Apport's lock file allows users to prevent crash handling
Multiple Race Conditions in Siemens R3964 Line Discipline Driver
Linux Kernel Reference Count Overflow Vulnerability
Account Access and Data Manipulation via Persistent HTTP GET Request Hash Link Replay
Privilege Escalation via Crafted HTTP PUT Request in SimplyBook.me Enterprise
Windows Font Library Remote Code Execution Vulnerability
Kernel Pool Corruption Vulnerability in Npcap 0.992
Insecure Logging of User Passwords in ProjectSend
Memory Overflow Vulnerability in VeryPDF 4.1: Code Execution via pdfocx.ocx
IMAP Server Crash Vulnerability in Dovecot 2.3.3 through 2.3.5.2
Insecure Cookie Generation in Couchbase Server 5.1.1
Unauthenticated and Unauthorized Access to default Bucket in Couchbase Server
Remote Cluster Certificate Validation Bypass in Couchbase Server 5.0.0
Uninitialized Value Vulnerability in WavPack Library
IMAP Server in Dovecot 2.3.3 through 2.3.5.2: Submission-Login Component Crash Vulnerability
Windows Font Library Remote Code Execution Vulnerability
Remote Code Execution Vulnerability in Dovecot and Pigeonhole Protocol Processing
Improper Ownership Assignment in snap-confine Allows Unauthorized Access to Private /tmp Directory
CWD Restore Permission Bypass in snap-confine
Zotonic Mod_Admin XSS Vulnerability
Heap-based Buffer Overflow in WritePDBImage Function of GraphicsMagick
Heap-based Buffer Overflow in GraphicsMagick's WriteMATLABImage Function
Cross-Site Scripting (XSS) Vulnerability in Pulse Secure Pulse Connect Secure (PCS) Application Launcher Page
Directory Traversal Vulnerability in Pulse Secure Pulse Connect Secure (PCS)
Arbitrary Code Execution via Incorrect Access Control in Pulse Secure Pulse Connect Secure and Pulse Policy Secure
Windows Font Library Remote Code Execution Vulnerability
Arbitrary File Reading Vulnerability in Pulse Secure Pulse Connect Secure (PCS)
XSS Vulnerability in Zoho ManageEngine ADSelfService Plus Mobile App API
SQL Injection Vulnerability in Contao 4.x
Reflected XSS Vulnerability in CMS Made Simple File Manager
Invalidation of User Email Tokens Vulnerability in Flarum
Arbitrary File Read Vulnerability in Gila CMS 1.10.1
Heap-based Buffer Overflow in Cypress Wireless IoT Bluetooth Component
CSRF Vulnerability in WampServer's add_vhost.php Allows Unauthorized Vhost Manipulation
SQL Injection Vulnerability in SEMCMS 3.8's SEMCMS_Inquiry.php
XXE Vulnerability in LocalizationService.cs in nopCommerce
Windows Font Library Remote Code Execution Vulnerability
Content Spoofing Vulnerability in OX App Suite 7.10.1
Cross-Site Scripting (XSS) Vulnerability in OX App Suite 7.10.0 to 7.10.2
Anviz Global M3 Outdoor RFID Access Control: Unauthenticated Command Execution and Data Exposure
File Path Injection Vulnerability in Softing uaGate SI 1.60.01
Command Injection Vulnerability in Softing uaGate SI 1.60.01 CGI Script
User-Writable Default Executable Path Vulnerability in Softing uaGate SI 1.60.01
Microsoft Graphics Component Information Disclosure Vulnerability
Arbitrary Web Script Injection Vulnerability in ProjectSend before r1070
Remote Command Execution Vulnerability in Linksys WiFi Extender Products
Kalki Kalkitech SYNC3000 Substation DCU GPC Remote Code Execution Vulnerability
XSS and Local File Inclusion Vulnerability in osTicket User Importer
Arbitrary File Access Vulnerability in Pulse Secure Pulse Connect Secure
Command Injection Vulnerability in Pulse Secure Pulse Connect Secure and Pulse Policy Secure
Windows Graphics Component Memory Disclosure Vulnerability
Session Hijacking Vulnerability in Pulse Secure Products
Authentication Leak in Pulse Secure Pulse Connect Secure Versions 9.0RX, 8.3RX, and 8.2RX
Stack Buffer Overflow in Pulse Secure Pulse Connect Secure and Pulse Policy Secure
Cross-Site Scripting (XSS) Vulnerability in Pulse Secure and Pulse Policy Secure Web Console
Information Disclosure in GitLab Community and Enterprise Edition
Information Disclosure Vulnerability in GitLab Community Edition 11.9.x and 11.10.x
Race Condition Vulnerability in GitLab Community and Enterprise Edition
Improper Encoding of Branch Name in GitLab Merge Request Notification Emails
Unauthorized Comment Posting on Confidential Issues in GitLab
Information Disclosure Vulnerability in GitLab Community and Enterprise Edition
Jet Database Engine Remote Code Execution Vulnerability
Improper Certificate Validation in Citrix and NetScaler SD-WAN
Privilege Escalation Vulnerability in Code42 Enterprise and Crashplan for Small Business
Proxy Auto-Configuration File Eval Injection Vulnerability in Code42 Enterprise and Crashplan for Small Business Client
Privilege Escalation Vulnerability in Code42 for Enterprise through 6.8.4
Missing SSL Certificate Validation in Audible Android App Allows Denial of Service Attacks
Fragmentation Reassembly State Validation Vulnerability in EAP-pwd Implementation
XSS Vulnerability in Pagure before 5.6 via templates/blame.html
CSRF and Local File Inclusion Vulnerability in WebDorado Contact Form Builder Plugin for WordPress
Reflected XSS Vulnerability in HRworks V 1.16.1 Login Component
Jet Database Engine Remote Code Execution Vulnerability
Buffer Overflow Vulnerability in Hisilicon Streaming Server Allows Remote Code Execution
Denial of Service Vulnerability in Chuango 433 MHz Burglar-Alarm Product Line
HumHub 1.3.12 Cross-Site Scripting (XSS) Vulnerability in index.php POST Request
Print My Blog Plugin for WordPress 1.6.7 SSRF Vulnerability
SQL Injection Vulnerability in AikCms v2.0 via $_GET['del'] Parameter
File Upload Vulnerability in AikCms v2.0
CSRF Vulnerability in Veeam ONE Reporter 9.5.0.3201
Jet Database Engine Remote Code Execution Vulnerability
SSRF Vulnerability in Simple Machines Forum (SMF) before 2.0.17
Gitea 1.8.0 Vulnerability: Bypassing 2FA Enrollment for User Accounts
Buffer Overflow in dhcpcd's dhcp6_findna Function
Inference of Secrets through Latency Attacks in dhcpcd (before 7.2.1)
1-Byte Read Overflow Vulnerability in dhcpcd's dhcp.c
Windows Graphics Component Memory Disclosure Vulnerability
Arbitrary Plugin Installation and Remote Code Execution in Atlassian Crowd and Crowd Data Center
Server-side Template Injection Vulnerability in Jira Server and Data Center
Remote Code Execution Vulnerability in Atlassian Sourcetree for Windows URI Handlers
Denial of Service Vulnerability in Jira Issue Search Component
Cross-Site Scripting (XSS) Vulnerability in Jira's MigratePriorityScheme Resource
Open Redirect Vulnerability in Jira Versions 7.13.6 to 8.3.1
Jira AddResolution.jspa CSRF Vulnerability
Cross-Site Request Forgery (CSRF) Vulnerability in Jira ViewLogging Class
Jira ViewSystemInfo Class CSRF Garbage Collection Vulnerability
Open Redirect Vulnerability in Jira ChangeSharedFilterOwner Resource
Windows Kernel Object Handling Elevation of Privilege Vulnerability
CSRF and Local File Inclusion Vulnerability in 10Web Form Maker Plugin for WordPress
CSRF and Local File Inclusion Vulnerability in WebDorado Contact Form Plugin for WordPress
Reflected XSS Vulnerability in WeBid 1.2.2
Arbitrary Code Execution via $rewrite Filter Option in Adblock Plus
Arbitrary Code Execution via Open Redirect in AdBlock's $rewrite Filter Option
Arbitrary Code Execution via Open Redirect in uBlock before 0.9.5.15
NULL Pointer Dereference Vulnerability in Memcached
Heap-based Buffer Over-read in ImageMagick 7.0.8-43 Q16's WriteTIFFImage Function
Heap-based Buffer Over-read in WritePNMImage Function of ImageMagick 7.0.8-40 Q16
Race condition vulnerability in Linux kernel's coredump implementation
SQL Injection Vulnerability in OpenProject Activities API
Remote Directory Traversal Vulnerability in ProSyst mBS SDK and Bosch IoT Gateway Software
Stack Trace Leakage in Remote Access to Backup & Restore
HTTP Traversal Vulnerability in ProSyst mBS SDK and Bosch IoT Gateway Software
Unauthenticated Reflected XSS Vulnerability in Quest KACE Systems Management Appliance
Information Disclosure Vulnerability in GitLab API Endpoints
Sensitive Information Disclosure Vulnerability in doorGets 7.0
Sensitive Information Disclosure Vulnerability in doorGets 7.0
Sensitive Information Disclosure Vulnerability in doorGets 7.0's /fileman/php/renamefile.php
Sensitive Information Disclosure Vulnerability in doorGets 7.0's /fileman/php/movefile.php
Microsoft Defender Elevation of Privilege: Arbitrary File Deletion Vulnerability
Sensitive Information Disclosure Vulnerability in doorGets 7.0
Sensitive Information Disclosure Vulnerability in doorGets 7.0 /fileman/php/download.php
Arbitrary File Deletion Vulnerability in doorGets 7.0
SQL Injection Vulnerability in /doorgets/app/views/ajax/contactView.php
SQL Injection Vulnerability in doorGets 7.0: Remote Unauthorized Access to Database
Arbitrary File Upload Vulnerability in /fileman/php/upload.php in doorGets 7.0
Sensitive Information Disclosure Vulnerability in doorGets 7.0 Setup Files
CSRF Vulnerability in DoorGets 7.0 Allows Unauthorized Modification of Google Analytics Code
Default Administrator Credential Vulnerability in doorGets 7.0
SQL Injection Vulnerability in DoorGets 7.0: Unauthorized Database Access via Analytics Configuration
Windows ALPC Elevation of Privilege Vulnerability
SQL Injection Vulnerability in doorGets 7.0: Unauthorized Database Access via modulecategory_add_titre
SQL Injection Vulnerability in DoorGets 7.0: Unauthorized Access to Database Sensitive Information
SQL Injection Vulnerability in doorGets 7.0: Unauthorized Database Access via modulecategory_edit_titre
SQL Injection Vulnerability in DoorGets 7.0: Remote Privilege Escalation and Database Exposure
Arbitrary File Deletion Vulnerability in DoorGets 7.0
SQL Injection Vulnerability in /doorgets/app/requests/user/emailingRequest.php
Web Site Physical Path Leakage Vulnerability in doorGets 7.0
Shell Injection Vulnerability in gpg-key2ps in signing-party 1.1.x and 2.x before 2.10-1
File-read bypass vulnerability in QlikView and Qlik Sense installations
Cross-Site Scripting (XSS) Vulnerability in Sonatype Nexus Repository Manager 2.x before 2.14.13
CAB File Signature Validation Bypass Vulnerability
Unscoped Variable Access Control Vulnerability in Octopus Deploy
HoneyPress Vulnerability: Fingerprinting and Hostname Exposure
Incorrect Access Control in Citrix Workspace App before 1904 for Windows
Zcash 2.x Vulnerability: Sapling Wood-Chipper Attack
NULL Pointer Dereference in rec_rset_get_props Function
NULL Pointer Dereference in GNU recutils 1.8: Crash in rec_field_name_equal_p
Stack-based Buffer Overflow in rec_type_check_enum Function
Windows Kernel Object Handling Elevation of Privilege Vulnerability
Heap-based Buffer Overflow in rec_fex_parse_str_simple function
Fingerprinting Vulnerability in Anomali Agave (formerly Drupot) 1.0.0
Log Poisoning Vulnerability in OneShield Policy (Dragon Core) Framework
Persistent XSS Vulnerability in OneShield Policy (Dragon Core) Framework
Privilege Escalation through DLL Hijacking in F-Secure Installers
Micro Focus Service Manager Remote Command Execution and Information Disclosure Vulnerability
XSS Vulnerability in Micro Focus NetIQ Software Allows for Self Service Password Reset Exploitation
Information Leakage Vulnerability in Micro Focus NetIQ Self Service Password Reset Software
Cross-Site Scripting (XSS) Vulnerability in Micro Focus Fortify Software Security Center Server
NetIQ Advanced Authentication Framework: Man in the Middle (MITM) Vulnerability
Critical Reflected XSS Vulnerability in Micro Focus Enterprise Developer and Enterprise Server
Authorization Bypass Vulnerability in Micro Focus Self Service Password Reset (SSPR)
Remote Access Control Bypass in Micro Focus Content Manager: Exploiting CheckIn Manipulation Vulnerability
Arbitrary File Read Vulnerability in Micro Focus Verastream Host Integrator (VHI)
Unrestricted File Upload Vulnerability in Micro Focus ArcSight Logger
Stored XSS Vulnerability in Micro Focus ArcSight Logger: Exploiting Improper Input Neutralization
Critical Cross-Site Request Forgery Vulnerability in Micro Focus ArcSight Logger Versions Below 7.0
Information Exposure in Micro Focus Content Manager with Oracle Database
NTLM MIC Bypass Vulnerability in Microsoft Windows
Privileges Escalation in Micro Focus Data Protector
Unauthorized Access and Data Modification Vulnerability in Micro Focus Service Manager Versions 9.30-9.62
Information Exposure through Error Message in Micro Focus Service Manager
Clear Text Credentials Vulnerability in Micro Focus Service Manager
Clear Text Password Exposure in Micro Focus Service Manager Versions 9.30-9.62
Sensitive Data Exposure Vulnerability in Micro Focus Service Manager
Insecure Deserialization Vulnerability in Micro Focus Service Manager
Unauthenticated Access to Contact Information in Micro Focus Service Manager
HTTP Cookie Vulnerability in Micro Focus Service Manager and Chat Server
Unauthenticated Data Modification Vulnerability in Micro Focus Service Manager
Windows Defender Application Control Security Feature Bypass Vulnerability
Critical Man-in-the-Middle Vulnerability in Micro Focus Self Service Password Reset
Insecure Ownership and Symlink Vulnerability in groonga-httpd Package for Debian
Stored XSS Vulnerability in Zoho ManageEngine Firewall Analyzer before 12.3 Build 123224
XML External Entity (XXE) Injection Vulnerability in Zoho ManageEngine Firewall Analyzer before 12.3 Build 123224
SQL Injection Vulnerability in Zoho ManageEngine Firewall Analyzer's Default Reports Feature
Microsoft Windows p2pimsvc Elevation of Privilege Vulnerability
Remote Code Execution in KonaKart 8.9.0.0 via Product Category Image Upload
Buffer Overflow Vulnerability in MailCarrier 2.51 SMTP Response Service
GRO Packet of Death Vulnerability in Linux Kernel 5.x
Improper Access Control in Bosch VRM Component Allows Arbitrary Certificate Access
Persistent Cryptographic Parameters Vulnerability in Western Digital SanDisk X300, X300s, X400, and X600 Devices
Vulnerability: Execution of Malicious PE Files via DICOM Part 10 File Format
Missing SSL Certificate Validation in ASUSTOR exFAT Driver
ASUSTOR exFAT Driver Remote Code Execution Vulnerability
Win32k Kernel-Mode Object Handling Elevation of Privilege Vulnerability
Lack of srand Call in gen_rand_uuid Function in Das U-Boot Allows UUID Value Determination
Use-After-Free Vulnerability in XMLHttpRequest Event Loop Handling
Use-After-Free Vulnerability in Thunderbird and Firefox
Buffer Overflow Vulnerability in WebGL on Linux Graphics Drivers
Windows Sandbox Memory Leak Vulnerability
Cursor Spoofing Vulnerability in Firefox < 67
Java Web Start Files Not Prompted as Executable Downloads in Firefox < 67
Extension Installation Prompt Spoofing Vulnerability in Firefox < 67
Drag-and-Drop Bookmark Hijacking Vulnerability
Address Bar Spoofing Vulnerability in Firefox < 67
Windows NTFS Sandbox Escape: Reparse Point Elevation of Privilege Vulnerability
Local File Disclosure Vulnerability in Internet Explorer and Firefox
Webcal: Protocol Handler XSS Vulnerability in Firefox < 67
Local File Access Vulnerability in Internet Explorer: Exploiting Hyperlinks to Open Files
Heap Buffer Overflow in Thunderbird's iCal Parser
Heap Buffer Overflow in Thunderbird's iCal Implementation
Stack Buffer Overflow in Thunderbird's iCal Implementation
Type Confusion Vulnerability in Thunderbird's iCal Implementation
Type Confusion Vulnerability in Array.pop() Allows for Exploitable Crashes
Arbitrary Code Execution via Insufficient Parameter Vetting in Prompt:Open IPC Message
Memory Corruption Vulnerabilities in Firefox 67 and Firefox ESR 60.7
SymCrypt OAEP Decryption Information Disclosure Vulnerability
Memory Corruption Vulnerability in Firefox 67
Cross-Origin Script Injection via Reused Inner Window
CORS Bypass Vulnerability in NPAPI Plugins Allows CSRF Attacks
Use-After-Free Vulnerability in HTTP/2 Stream Closure
Necko Child Thread Access Vulnerability in Firefox < 68
Cross-Site Scripting (XSS) Vulnerability in Firefox ESR, Firefox, and Thunderbird
Sandbox Bypass Vulnerability in Firefox < 68
Caret Character Spoofing Vulnerability in Firefox ESR, Firefox, and Thunderbird
Unsanitized Content Injection in Activity Stream
Out-of-Bounds Read Vulnerability in NSS Library when Importing Curve25519 Private Key
Azure Active Directory (AAD) Microsoft Account (MSA) Login Session Information Disclosure Vulnerability
Whitespace Bypass Vulnerability in Firefox < 68
Domain Spoofing Vulnerability in Firefox < 68: Unicode Latin 'kra' Character Spoofing
Origin Attribute Ignored During Add-On Installation in Firefox < 68
Unnecessary Remote Troubleshooting Permission in Retired Site Redirect: Potential Attack Vector in Firefox < 68
Bypassing Safebrowsing Protections in Firefox < 68
Vulnerability: Forced Use of PKCS#1 v1.5 Signatures in TLS 1.3
HTTP Alternative Services Header (Alt-Svc) Vulnerability in Firefox < 68
Segmentation Fault Vulnerability in Firefox ESR, Firefox, and Thunderbird
PsmServiceExtHost.dll Memory Object Handling Elevation of Privilege Vulnerability
Local File Access Vulnerability in Firefox and Thunderbird
Clipboard Password Theft Vulnerability in Firefox
Memory Corruption Vulnerability in Firefox 68
Memory Corruption Vulnerability in Firefox 68 and Firefox ESR 68
Privilege Escalation and File Manipulation Vulnerability in Mozilla Maintenance Service
Wildcard Host Bypass in Content Security Policy (CSP) Directives
CSP Bypass Vulnerability in Firefox < 69 and Firefox ESR < 68.1
Vulnerability: Plaintext Leakage in Encrypted S/MIME Parts in Thunderbird
PsmServiceExtHost.dll Memory Object Handling Elevation of Privilege Vulnerability
Memory Corruption Vulnerabilities in Firefox 68, Firefox ESR 68, and Firefox 60.8
Universal Cross-site Scripting (UXSS) Vulnerability in Firefox < 69
Same-Origin Policy Violation in Cached Image Content: Cross-Origin Image Theft Vulnerability
Cross-Origin Information Exposure through Timing Side-Channel Attacks in Firefox and Thunderbird
HTML Injection Vulnerability in Certain HTML Elements
Block Cipher Encryption Vulnerability in Thunderbird, Firefox ESR, and Firefox
Use-After-Free Vulnerability in Video Element Manipulation
HSTS Setting Removal Bug in Firefox: Pre-load List Vulnerability
WebRTC Permissions Persistence Vulnerability in Firefox
WebRTC getUserMedia API Vulnerability: Silent Camera Fingerprinting in Firefox
Windows Elevation of Privilege Vulnerability in psmsrv.dll
Type Confusion Vulnerability in Spidermonkey: Non-Exploitable Crash in Firefox
Arbitrary Log File Write Vulnerability in Firefox
Use-after-free vulnerability in IndexedDB key value deletion in Firefox and Thunderbird
Privilege Escalation via Firefox Installer Vulnerability
Pointer Hijacking Vulnerability in Firefox < 69.0.1
Vulnerability: Misleading Digital Signature Validation in Thunderbird
Use-after-free vulnerability in Firefox < 71 due to improper refcounting of soft token session objects
Use-after-free vulnerability in Firefox, Thunderbird, and Firefox ESR
Memory Corruption Vulnerability in Firefox 68 with 360 Total Security Installed
Stack Buffer Overflow in HMAC Output Handling
DirectX Memory Object Handling Vulnerability
Stack buffer overflow in nrappkit during WebRTC signaling
Data URI Bypass Vulnerability in Firefox, Thunderbird, and Firefox ESR
Cross-Origin DOM Method Access Vulnerability in Firefox, Thunderbird, and Firefox ESR
Null Byte Handling Vulnerability in Firefox and Thunderbird Allows XSS Attacks and Entity Masking
Memory Corruption Vulnerabilities in Firefox 69 and Firefox ESR 68.1
Firefox Content Process Vulnerability: Unauthorized Permission Granting
Buffer Over-read Vulnerability in dhcpcd's D6_OPTION_PD_EXCLUDE Feature
Remote File and Service Enumeration through SSRF in phpBB
SQL Injection Vulnerability in phpMyAdmin Designer Feature
Privilege Escalation Vulnerability in TeamViewer 14.2.2558
Windows RPCSS.dll Memory Object Handling Elevation of Privilege Vulnerability
Vulnerability: Insecure Dependency Resolution in Eclipse Buildship
Unused RPATHs in AIX builds of Eclipse OpenJ9 before 0.15.0: Code Injection and Privilege Elevation Vulnerability
Arbitrary Write Vulnerability in Eclipse OpenJ9's String.getBytes() Method
RPATH Vulnerability in AIX Builds of Eclipse OMR Prior to 0.1
Loop Versioning Bug in Eclipse OMR Prior to 0.1: Potential Field Value Privatization Failure
Privatization Failure in Loop Versioning Vulnerability in Eclipse OpenJ9
Reflected XSS Vulnerability in Eclipse BIRT Report Viewer
TLS Host Name Verification Bypass in Eclipse Paho Java Client Library 1.2.0
Use After Free Vulnerability in Eclipse Mosquitto MQTT v5 Client
Stack Overflow Vulnerability in Eclipse Mosquitto MQTT Broker
Windows SSDP Service Elevation of Privilege Vulnerability
Improper Access Control in Odoo Community and Enterprise 13.0: Remote Privilege Escalation via Crafted RPC Requests
Account Privilege Escalation via Crafted Links in Odoo Community and Enterprise 12.0 and Earlier
Privilege Escalation via Improper Access Control in Odoo Community and Enterprise 14.0 and earlier
Improper Access Control in Mail Module Allows Unauthorized Subscription to Channels
Arbitrary Message Access Vulnerability in Odoo Community and Enterprise 14.0 and earlier
Improper Access Control in Mail Module Allows Unauthorized Access and Subscription
Arbitrary Content Modification Vulnerability in Odoo Community and Enterprise 13.0 and Earlier
Windows Unistore.dll Elevation of Privilege Vulnerability
Windows WCMSVC.dll Elevation of Privilege Vulnerability
Insecure Permissions in OX App Suite 7.10.1 and earlier
Vulnerability: Media Deletion in WooCommerce Checkout Manager Plugin
Weak PRNG in Ratpack versions before 1.6.1 allows session ID sequence determination
Cross-Site Scripting (XSS) Vulnerability in Joomla! before 3.9.6
Remote Desktop Services Remote Code Execution Vulnerability
Use-after-free vulnerability in Linux kernel before 5.0.7 allows for Denial of Service
Use-after-free vulnerability in Linux kernel before 5.0.4 allows unauthorized read access to /proc/ioports after removal of ipmi_si module
Persistent XSS Vulnerability in MISP before 2.4.107 Allows JavaScript Injection via Discussion Interface
Persistent XSS via javascript:// links in MISP before 2.4.107
Persistent XSS via Image Names in Titles in MISP before 2.4.107
Race Condition Leading to Use-After-Free in rds_tcp_kill_sock
Privilege Escalation via Incorrect Access Control in OPNsense and pfSense WebUI
Stored Cross-Site Scripting (XSS) in Alkacon OpenCMS v10.5.4 and Earlier
CSV Injection Vulnerability in Alkacon OpenCMS v10.5.4 and earlier
Remote Desktop Services Remote Code Execution Vulnerability
Synology Calendar Information Exposure Vulnerability
Arbitrary SQL Command Execution in Synology Photo Station
Arbitrary File Upload Vulnerability in Synology Photo Station
CRLF Injection Vulnerability in Synology Router Manager (SRM) Network Center
Arbitrary Web Script Injection in Synology Calendar Event Editor
Arbitrary File Upload Vulnerability in Synology Moments
Arbitrary Web Script Injection in Synology Note Station
Cross-site scripting (XSS) vulnerability in Chart in Synology Office before 3.1.4-2771
Remote Code Execution Vulnerability in Synology Calendar
VBScript Engine Remote Code Execution Vulnerability
PharStreamWrapper Package Vulnerability: Bypassing Deserialization Protection Mechanism
Directory Traversal Vulnerability in PharStreamWrapper Package for TYPO3
Remote Code Execution in TYPO3 Image Processing Applications
Uninitialized Memory Disclosure in ext4 Extents Tree Block
Out-of-Bounds Access Vulnerability in cJSON (before 1.7.11) due to \x00 in String Literal
Out-of-Bounds Access Vulnerability in cJSON before 1.7.11
Cleartext Mail Content Vulnerability in Rediffmail Android App
Segmentation Fault Vulnerability in njs through 0.3.1
Heap-based Buffer Overflow in njs through 0.3.1: Vulnerability in NGINX
Heap-based Buffer Overflow in njs through 0.3.1: Array.prototype.push Vulnerability
Windows Core Shell COM Server Registrar Elevation of Privilege Vulnerability
Flaw in Salsa20 Cryptography Library Allows Keystream Reuse and Predictability
OpenPGP Message Forgery Vulnerability in Go Cryptography Libraries
Predictable Random Number Generation in Matrix Sydent and Synapse
Reflective Server-Side XSS Vulnerability in MailPoet Plugin for WordPress
RICOH SP 4520DN HTML Injection Vulnerability
RICOH SP 4510DN HTML Injection Vulnerability
XSS and HTML Injection Vulnerability in dotCMS 5.1.1 via /servlets/ajax_file_upload?fieldName=binary3
Improper Privilege Management Vulnerability in ALEOS: Root Escalation via Command Shell
AT Command API Abuse Vulnerability in ALEOS Versions Before 4.13.0, 4.9.5, 4.4.9
Stack Overflow Vulnerability in ALEOS AT Command APIs (Before 4.11.0) Enables Code Execution
Stack Corruption Vulnerability in Windows Subsystem for Linux
AT Command Interface Stack Overflow Vulnerability in ALEOS before 4.11.0
Remote Code Execution via Buffer Overflow in Sierra Wireless ALEOS
Out-of-Bounds Reads Vulnerability in ACEView Service of ALEOS
AT Command Interface Command Injection Vulnerabilities in ALEOS Versions Before 4.11.0 and 4.9.4
Default RPC Server Vulnerability in ALEOS Versions 4.12.0, 4.9.5, and 4.4.9
Nonce Reuse Vulnerability in ACEView Service Allows Message Replay
Information Disclosure Vulnerability in AceManager of ALEOS before 4.12.0, 4.9.5, and 4.4.9
Multiple Buffer Overflow Vulnerabilities in AceManager Web API of ALEOS
Buffer Overflow Vulnerability in ALEOS SMS Handler API: Potential Root Code Execution
Windows WCMSVC.dll Elevation of Privilege Vulnerability
Traffic Proxying Vulnerability in ALEOS SSH Service
Realtek NDIS Driver rt640x64.sys Buffer Size Vulnerability
Arbitrary Kernel Write Vulnerability in SoftEther VPN Server
Yuzo Related Posts Plugin 5.12.94 for WordPress XSS Vulnerability
XmlLite Runtime Denial of Service Vulnerability
XSS Vulnerability in Serendipity before 2.1.5 via Mishandled EXIF Data
XSS Vulnerability in Custom Field Suite Plugin for WordPress
CSV Injection Vulnerability in WordPress Popup Plugin
Buffer Overflow in DoPreSharedKeys in wolfSSL 4.0.0
Privilege Escalation Vulnerability in Blue Prism Robotic Process Automation 6.4.0.8445
Reflected XSS Vulnerability in PrestaShop 1.7.5.2 Installation Script
Unauthenticated Credential Theft via Crafted ESSID in PIX-Link Repeater/Router LV-WR09 (v28K.MiniRouter.20180616) Firmware
Integer Overflow Vulnerability in XiongMai Besder IP20H1 V4.02.R12.00035520.12012.047500.00200 Cameras
Directory Traversal Vulnerability in WEBrick Gem 1.4.2 for Ruby
LNK Remote Code Execution Vulnerability in Microsoft Windows
SQL Injection Vulnerability in CommSy 8.6.5 via cid Parameter
Arbitrary Content Injection Vulnerability in Rancher 2.1.4 Login Component
Information Disclosure Vulnerability in Linux Kernel HIDP Sock IOCTL Function
Cleartext Password Vulnerability in eyeDisk's Unlock Feature
WaspThemes Visual CSS Style Editor Plugin CSRF Vulnerability
File Upload Vulnerability in SimplyBook.me
Privilege Escalation Vulnerability in Go 1.12.5 on Windows
Denial of Service Vulnerability in Sony BRAVIA Smart TV Devices via Crafted Web Page over HbbTV
Denial of Service Vulnerability in Sony Bravia Smart TV Devices
App Pairing Mechanism Privilege Escalation Vulnerability in Bosch Smart Home Controller
Improper Access Control in Bosch Smart Home Controller (SHC) JSON-RPC Interface
Incorrect Privilege Assignment Vulnerability in Bosch Smart Home Controller (SHC) API
Improper Access Control Vulnerability in Bosch Smart Home Controller Backup Mechanism
Improper Access Control Vulnerability in Bosch Smart Home Controller (SHC) JSON-RPC Interface
Privilege Escalation Vulnerability in Bosch Smart Home Controller (SHC) Pairing Mechanism
Server-Side Request Forgery (SSRF) Vulnerability in Backup & Restore Functionality
Reverse Engineering Vulnerability in Bosch Access Professional Edition (APE) 3.8 Allows Unauthorized APE Administration Privileges
Unauthenticated Access to Sensitive Data via Windows SMB Protocol in Bosch Access Professional Edition (APE) 3.8
Windows Image Elevation of Privilege Vulnerability
Cross-Origin Security Bypass Vulnerability in Microsoft Browsers
Vulnerability: Out of Bounds Write in Proxygen's Structured HTTP Headers Parsing
Race Condition Vulnerability in Zstandard Compression Functions
Unbounded Buffer Allocation Vulnerability in Mcrouter
Padding-based Memory Exhaustion Vulnerability in Fizz
JPEG APP12 Block Marker Boundary Check Vulnerability
JPEG Header Processing Vulnerability in GD Extension
WhatsApp Integer Overflow Vulnerability in Media Parsing Libraries
Cross-Site Scripting Vulnerability in WhatsApp Desktop Versions Prior to v0.3.4932
Boundary Check Vulnerability in number_format Function Allows Remote Code Execution
Memory Corruption Vulnerability in Microsoft Browsers: Remote Code Execution
Invalid Free Vulnerability in mb_detect_order
WhatsApp MP4 Parsing Stack-Based Buffer Overflow Vulnerability
Double Free Vulnerability in android-gif-drawable Library Allows Remote Code Execution
Heap Buffer Overflow Vulnerability in libpl_droidsonroids_gif
Out-of-Bounds Read Vulnerability in AsyncSSLSocket in Folly
Out-of-bounds Memory Access Vulnerability in HHVM
Null Byte Truncation Vulnerability in APC Functions
Stack Exhaustion Vulnerability in Mcrouter Prior to v0.41.0
Denial of Service Vulnerability in Java Facebook Thrift Servers
Denial of Service Vulnerability in Golang Facebook Thrift Servers
Internet Explorer Scripting Engine Memory Corruption Vulnerability
HPACK Header Table Corruption Vulnerability in Proxygen
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Remote Credential Disclosure Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Chakra Scripting Engine Remote Code Execution Vulnerability
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Chakra Scripting Engine Remote Code Execution Vulnerability
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Privilege Escalation Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Chakra Scripting Engine Remote Code Execution Vulnerability
Title: HPE Intelligent Management Center (IMC) PLAT SQL Injection Code Execution Vulnerability
Title: HPE Intelligent Management Center (IMC) PLAT SQL Injection Code Execution Vulnerability
Title: HPE Intelligent Management Center (IMC) PLAT SQL Injection Code Execution Vulnerability
Title: HPE Intelligent Management Center (IMC) PLAT SQL Injection Code Execution Vulnerability
Title: HPE Intelligent Management Center (IMC) PLAT SQL Injection Code Execution Vulnerability
Title: HPE Intelligent Management Center (IMC) PLAT SQL Injection Code Execution Vulnerability
Title: HPE Intelligent Management Center (IMC) PLAT SQL Injection Code Execution Vulnerability
Title: HPE Intelligent Management Center (IMC) PLAT SQL Injection Code Execution Vulnerability
Title: HPE Intelligent Management Center (IMC) PLAT SQL Injection Code Execution Vulnerability
Title: HPE Intelligent Management Center (IMC) PLAT SQL Injection Code Execution Vulnerability
SyncController.dll Elevation of Privilege Vulnerability
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Cross Site Scripting Vulnerability in HPE Integrated Lights-Out (iLO) Servers
Critical Remote Buffer Overflow Vulnerability in HPE Integrated Lights-Out (iLO) Servers
Title: HPE Intelligent Management Center (IMC) PLAT SQL Injection Code Execution Vulnerability
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Local Unauthorized Elevation of Privilege Vulnerability in HPE Smart Update Manager (SUM) prior to v8.4
Critical Remote Unauthorized Access Vulnerability in HPE Smart Update Manager (SUM) Prior to Version 8.3.5
Remote Denial of Service Vulnerability in HPE IceWall SSO Agent Option and IceWall MFA (Agent module)
Outlook Remote Code Execution Vulnerability
Unauthorized Remote Access and Data Exposure Vulnerability in HPE UIoT Versions 1.6, 1.5, 1.4.2, 1.4.1, 1.4.0, and 1.2.4.2
Remote Information Disclosure Vulnerability in HPE 3PAR Service Processor (SP) 4.1-4.4
Remote Cross-Site Scripting Vulnerability in HPE OneView for VMware vCenter 9.5
Unauthenticated File Manipulation Vulnerability in HPE SimpliVity Nodes
Unauthenticated Remote Execution of Manifest Files in HPE SimpliVity Nodes
Unauthorized Remote Access and Data Exposure Vulnerability in HPE UIoT version 1.2.4.2
Elevated Privileges Vulnerability in HPE Nimble Storage Systems
Cross Site Scripting Vulnerability in HPE enhanced Internet Usage Manager (eIUM) Versions 8.3 and 9.0
Multiple Remote Vulnerabilities in HPE Superdome Flex Server: Bypassing Security Restrictions and Accessing Information Disclosure and Denial of Service
Remote Arbitrary File Download and Cross-Site Scripting Vulnerabilities in HPE OpenCall Media Platform (OCMP)
Outlook Object Memory Handling Remote Code Execution Vulnerability
Potential Remote Access Restriction Bypass in HPE MSE Msg Gw Application E-LTU
Remote Session Reuse Vulnerability in HPE MSA SAN Storage
Remote Session Reuse Vulnerability in HPE MSA SAN Storage
Microsoft Word Remote Code Execution Vulnerability (CVE-2019-1206)
Remote Code Execution Vulnerability in MapR CLDB Code
Session Object Information Disclosure in Microsoft SharePoint
Microsoft Office SharePoint XSS Vulnerability
Outlook Message Processing Elevation of Privilege Vulnerability
Regular Expression Denial of Service (ReDoS) Vulnerability in lib/common/html_re.js of remarkable 1.7.1
Privilege Escalation via Insecure Permissions in Panda Products
XSS Vulnerability in remarkable 1.7.1 via URL Filtering Mishandling
Buffer Overflow Vulnerability in Citrix NetScaler Gateway and Application Delivery Controller
LemonLDAP::NG -2.0.3 Access Control Vulnerability
XSS Vulnerability in Gridea v0.8.0 Allows Arbitrary Code Execution
Microsoft Word Remote Code Execution Vulnerability (CVE-2019-1202)
Windows Server DHCP Service Memory Corruption Vulnerability
NULL Dereference Vulnerability in QEMU's ahci_commit_buf Function
Infinite Loop Vulnerability in QEMU SCSI Adapter Emulator
VBScript Object Memory Handling Remote Code Execution Vulnerability
Memory Safety Vulnerability in Rust Programming Language Standard Library
Arbitrary File Read Vulnerability in FasterXML jackson-databind
Unprotected Intent Vulnerability in Samsung S9+, S10, and XCover 4 P(9.0) Devices
Lync 2013 Information Disclosure Vulnerability
Command Injection Vulnerability in Netskope Client Service
Cross-Site Scripting (XSS) Vulnerability in Horde Groupware Webmail Edition 5.2.22
CSRF Vulnerability in Horde Trean Bookmark Tags Parameter
Telerik Fiddler v5.0.20182.28034 Hash Verification Bypass Vulnerability
Vulnerability: Man-in-the-Middle Attack in Heimdal Client Side PKINIT Key Exchange Verification
Arbitrary Code Execution Vulnerability in PHP-Fusion 9.03.00's edit_profile.php
Denial of Service Vulnerability in LibNyoci 0.07.00rc1: coap_decode_option in coap.c
Unauthenticated File Upload and Exploration Vulnerability in Kentico 11-12
Pre-Authentication Command Injection Vulnerability in TP-Link M7350 V3 Configuration Interface
Post-Authentication Command Injection Vulnerabilities in TP-Link M7350 V3
Unauthenticated Access to Log Files and Service Restart in Supervisor
Use After Free vulnerability in MiniUPnP MiniSSDPd 1.4 and 1.5 allows remote code execution
Heap Information Leak Vulnerability in MiniUPnP MiniUPnPd through 2.1
Denial of Service Vulnerability in MiniUPnP MiniUPnPd through 2.1: NULL Pointer Dereference in GetOutboundPinholeTimeout
Denial of Service Vulnerability in MiniUPnP MiniUPnPd through 2.1: NULL Pointer Dereference in GetOutboundPinholeTimeout
Git for Visual Studio Configuration File Parsing Elevation of Privilege Vulnerability
NULL Pointer Dereference Vulnerability in MiniUPnP MiniUPnPd through 2.1
NULL Pointer Dereference Vulnerability in MiniUPnP MiniUPnPd through 2.1
Arbitrary Command Execution Vulnerability in ONAP SDNC
Arbitrary Command Execution in ONAP SDNC
Arbitrary Code Execution Vulnerability in ONAP HOLMES
Arbitrary Code Execution Vulnerability in ONAP SDC
Arbitrary Code Execution Vulnerability in ONAP SDC
Arbitrary Code Execution Vulnerability in ONAP SDC
Arbitrary Code Execution Vulnerability in ONAP SDC
Arbitrary Code Execution Vulnerability in ONAP SDC
Windows Server DHCP Service Memory Corruption Vulnerability
Arbitrary Code Execution Vulnerability in ONAP VNFSDK
Padding Oracle Attack Vulnerability in ONAP Portal
User Password Retrieval Vulnerability in ONAP Portal
Arbitrary Command Execution Vulnerability in ONAP SDNC
Arbitrary File Read/Write Vulnerability in ONAP APPC
Unauthenticated Access Vulnerability in ONAP Logging through Dublin
Unauthenticated Access Vulnerability in ONAP DCAE through Dublin
Unauthenticated Access Vulnerability in ONAP OOM through Dublin
Unauthenticated Access Vulnerability in ONAP SO through Dublin
Unauthenticated Access Vulnerability in ONAP MSB through Dublin
Windows Server DHCP Service Memory Corruption Vulnerability
Unauthenticated Access Vulnerability in ONAP CLI through Dublin
Arbitrary User Impersonation Vulnerability in ONAP APPC and SDC
Arbitrary Command Execution Vulnerability in ONAP SDNC
Local Privilege Escalation Vulnerability in Multiple Zoho ManageEngine Products
CSV Injection in Workday Export Feature
Remote Code Execution Vulnerability in PaperCut MF and NG Application Server
XSS Vulnerability in BoostIO Boostnote 0.11.15 via Mermaid Label
Directory Traversal Vulnerability in Typora 0.9.9.24.6 on macOS
Directory Traversal Vulnerability in MacDown 0.7.1 Allows Arbitrary Program Execution
Cross-Site Scripting (XSS) Vulnerability in eZ Platform Admin UI
Windows Common Log File System Driver Elevation of Privilege Vulnerability
Directory Traversal Vulnerability in Progress Ipswitch WS_FTP Server 2018 before 8.6.1
Path Traversal and Remote Code Execution Vulnerability in Progress ipswitch WS_FTP Server 2018 before 8.6.1
Directory Traversal Vulnerability in Progress Ipswitch WS_FTP Server 2018 before 8.6.1
Directory Traversal Vulnerability in Progress ipswitch WS_FTP Server 2018 before 8.6.1
Argument Injection Vulnerability in Sangoma Session Border Controller (SBC) 2.3.23-119 GA Web Interface
Authentication Bypass Vulnerability in Sangoma Session Border Controller (SBC) 2.3.23-119 GA Web Interface
Arbitrary SQL Command Execution in SilverStripe/RestfulServer and SilverStripe/Registry Modules
Winsock Elevation of Privilege Vulnerability
Unrestricted File Upload Vulnerability in Karamasoft UltimateEditor 1
SSRF Vulnerability in RealObjects PDFreactor before 10.1.10722
XML External Entity (XXE) Vulnerability in RealObjects PDFreactor before 10.1.10722
NULL Pointer Dereference in QEMU's interface_release_resource Function
Exposure of Server Metadata in JetBrains TeamCity and UpSource Versions before 2018.2.5
Credential Disclosure via RPC Commands in JetBrains UpSource Versions Before 2018.2 Build 1293
GoHTTP GetExtension Heap-Based Buffer Overflow
Stack-Based Buffer Over-read Vulnerability in GoHTTP through 2017-07-25
Memory Object Handling Vulnerability in DirectX
GoHTTP sendHeader Use-After-Free Vulnerability
SSRF Vulnerability in WPO WebPageTest 19.04 due to Inadequate Validation of Octal Encoded IP Addresses
Unverified Update Execution Vulnerability in Upwork Time Tracker 5.2.2.716
Information Disclosure Vulnerability in GAT-Ship Web Module 1.30
Remote Code Execution Vulnerability in Status React Native Desktop before v0.57.8_mobile_ui
Command Execution Vulnerability in MiCollab and MiCollab AWV
Cross-Site Scripting (XSS) Vulnerability in Emerson Network Power Liebert Challenger 5.1E0.5 Devices via statusstr Parameter in httpGetSet/httpGet.htm
Remote Code Execution Vulnerability in Four-Faith Wireless Mobile Router F3x24 v1.0
Arbitrary File Upload and Directory Traversal Vulnerability in ATutor 2.2.4
Chakra Scripting Engine Remote Code Execution Vulnerability
Arbitrary File Upload and Remote Command Execution Vulnerability in ATutor through 2.2.4
Insecure Storage of Cleartext Credentials in Dropbox Desktop Application
Arbitrary Code Execution via Modified File URL Syntax in Typora 0.9.9.21.1 (1913)
Remote Code Execution in MacDown 0.7.1 (870) via file:\\\ URI in HREF Attribute
Privilege Escalation Vulnerability in hide.me macOS VPN Helper Tool
NULL Pointer Dereference in Zeek Network Security Monitor's Kerberos Protocol Parser Leading to Denial of Service (DoS)
Privilege Escalation via Service Reconfiguration in HTC VIVEPORT
Insecure Directory Permissions in HTC VIVEPORT Desktop Service Leading to Privilege Escalation via DLL Hijacking
Outlook iOS Email Spoofing Vulnerability
Arbitrary Code Execution Vulnerability in SmartBear ReadyAPI and SoapUI
Privilege Escalation Vulnerability in SolarWinds Serv-U for Linux
Remote Code Execution via Directory Traversal in Safescan Timemoto and TA-8000 Series Version 1.0
Remote File Read Vulnerability in Safescan Timemoto TM-616 and TA-8000 Series
XSS Vulnerability in BoostIO Boostnote 0.11.15 via Flowchart, Sequence, Gallery, or Chart Label in MarkdownPreview.js
Arbitrary File Upload and Remote Command Execution in eLabFTW 1.8.5
Cross-Site Scripting (XSS) Vulnerability in Sylius Products
XSS Vulnerability in Zoho ManageEngine ServiceDesk Plus 9.3 via SearchN.do Search Field
Windows Transaction Manager Memory Object Handling Vulnerability
Cross-Site Scripting (XSS) Vulnerability in CentOS-WebPanel.com (aka CWP) CentOS Web Panel through 0.9.8.747 via testacc/fileManager2.php fm_current_dir or filename parameter
SQL Injection Vulnerability in H3C H3Cloud OS (All Versions) via ear/grid_event sidx Parameter
XSS Vulnerability in TP-Link TL-WR840N v5 00000005 Devices via Network Name
Arbitrary SQL Command Execution Vulnerability in Zoho ManageEngine NetFlow Analyzer 12.3
Stack-Based Buffer Over-Read Vulnerability in GoHttp via Long User-Agent Header
Microsoft Browser Security Zone Validation Bypass Vulnerability
Session Fixation Vulnerability in SilverStripe Change Password Form
Unauthenticated Admin Access Vulnerability in SilverStripe through 4.3.3
SilverStripe 4.3.3 Vulnerability: Flash Clipboard Reflected XSS
Heap-Based Buffer Overflow in njs through 0.3.1: A Critical Vulnerability in NGINX
Heap-Based Buffer Over-Read Vulnerability in njs through 0.3.1
Heap-Based Buffer Overflow in njs_function_native_call in njs/njs_function.c
Privilege Escalation and Information Disclosure in Yubico pam-u2f 1.0.7
Internet Explorer Scripting Engine Memory Corruption Vulnerability
File Descriptor Inheritance Vulnerability in Yubico pam-u2f 1.0.7
Heap Overflow Vulnerability in FreeImage 3.18.0 PluginTIFF.cpp
Stack Exhaustion Vulnerability in FreeImage 3.18.0 when Reading Special JXR Files
Stack Exhaustion Vulnerability in FreeImage 3.18.0 TIFFReadDirectory Function
Out-of-Bounds Access in FreeImage 3.18.0 due to Mishandling of OpenJPEG j2k_read_ppm_v3 Function
Full Path Disclosure Vulnerability in Matomo v3.9.1
Heap-based Buffer Overflow in IMG_LoadPCX_RW function
NULL Pointer Dereference in SDL stdio_read Function
NULL Pointer Dereference in IMG_LoadPCX_RW function
Invalid Free Error in SDL_SetError_REAL Function
Remote Desktop Services Remote Code Execution Vulnerability
Out-of-Bounds Read Vulnerability in SDL2 and SDL2_image
SEGV Vulnerability in SDL2 and SDL2_image
Out-of-Bounds Read Vulnerability in SDL 2.0.9
Buffer Overflow Vulnerability in Hanwah Techwin SRN-x Devices
Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability
Vulnerability: Lack of CSRF Protection in WP Booking System Plugin 1.5.1 for WordPress
Windows RDP Server Memory Disclosure Vulnerability
Insecure Deserialization Vulnerability in Virim Plugin 0.4 for WordPress
Insecure Deserialization Vulnerability in Carts Guru Plugin for WordPress
Istio 1.1.x through 1.1.6 Incorrect Access Control Vulnerability
Incorrect Access Control for Protected Files in SilverStripe through 4.3.3
Denial of Service Vulnerability in SilverStripe 4.3.3
QEMU 3.0.0 Integer Overflow Vulnerability in qga/commands*.c Files
Remote Code Execution via Malicious Email in OTRS
Windows RDP Server Memory Disclosure Vulnerability
Stored XSS Vulnerability in IdentityServer4 RequestLoggerMiddleware
SQL Injection Vulnerability in UCMS 1.4.7 via sadmin/ceditpost.php
Arbitrary Post Viewing Vulnerability in Zoho ManageEngine ServiceDesk Plus through 10.5
CSRF Vulnerability in My Little Forum before 2.4.20 Allows Unauthorized Post Deletion
Unauthenticated Access Control Vulnerability in Tecson Tankspion and GOKs SmartBox 4
Vulnerability: Wind River VxWorks TCP Component Buffer Overflow (Issue 1 of 4)
Buffer Overflow in IPv4 Component: IPNET Stack Overflow Vulnerability
Buffer Overflow in VxWorks DHCP Client Component: IPNET Heap Overflow Vulnerability
Session Fixation Vulnerability in Wind River VxWorks TCP Component
IPNET Security Vulnerability: Denial of Service via NULL Dereference in IGMP Parsing
Remote Desktop Services Remote Code Execution Vulnerability
Buffer Overflow in TCP Component: IPNET Security Vulnerability
Buffer Overflow in Wind River VxWorks TCP Component: IPNET Urgent Pointer State Confusion Vulnerability
Vulnerability: Incorrect Access Control in VxWorks RARP Client Component
Buffer Overflow in TCP Component: IPNET Security Vulnerability
Incorrect Access Control in IPv4 Assignment by ipdhcpc DHCP Client Component in Wind River VxWorks
Memory Leak in IGMPv3 Client Component in Wind River VxWorks
Arbitrary Code Execution Vulnerability in Wyze Cam Pan v2, Cam v2, Cam v3
PGP Signature Spoofing Vulnerability in Enigmail before 2.0.11
Windows Kernel Object Memory Handling Vulnerability
Excessive Permissions Vulnerability in OpenText Brava! Enterprise and Brava! Server
Unrestricted File Upload Vulnerability in Sandline Centraleyezer (On Premises)
Command Injection Vulnerability in OpenWrt LuCI Web Application
CSRF Vulnerability in OutSystems Platform 10 through 11 for Content Modifications and File Uploads
Unprivileged Users Can Gain Admin Access in Rancher Management Plane through Node Driver Options
GrandNode 4.40 LetsEncryptController Path Traversal Vulnerability
Path Traversal Vulnerability in Blogifier 2.3 before 2019-05-11
Address Bar Spoofing Vulnerability in Opera for Android
Nagios XI 5.6.1 SQL Injection Vulnerability in login.php?forgotpass
Windows Kernel Object Memory Handling Vulnerability
Uncontrolled Search Path Element in PC-Doctor Toolbox before 7.3
Unauthenticated Firmware Update Vulnerability in VStarcam 100T and 200V Devices
Unauthenticated Remote Command Execution in VStarcam Firmware Update
Dynamics On-Premise v9 Elevation of Privilege Vulnerability
Vulnerability: Domain Impersonation in GNU libidn2
Incorrect Access Control in HashiCorp Consul 1.4.0 through 1.5.0 Allows Unauthorized Key Deletion
Critical Vulnerability: Incorrect Access Control in Citrix AppDNA before 7 1906.1.0.472
Heap-based Buffer Over-read in JPXStream::init in Poppler
Vulnerability: Denial of Service in Wireshark Dissection Engine
Use of an Externally Controlled Format String Vulnerability in scopd on Motorola Routers CX2 1.01 and M2 1.01
Out-of-Bounds Write Vulnerability in Leanify 0.4.3
Stored XSS Vulnerability in Sandline Centraleyezer (On Premises) Category Name Field
Hyper-V Network Switch Input Validation Vulnerability
OAuth Authorization Token Hijacking Vulnerability
Root Password Reset Vulnerability in Percona Server 5.6.44-85.0-1 Packages
Arbitrary Command Execution and File Read Vulnerability in Rancher 2 through 2.2.3
Vulnerability: Weak Administrator Password Hash in EZCast Pro II
Clickable JavaScript Link Vulnerability in Django AdminURLFieldWidget
dotCMS Path Traversal Vulnerability in ZIP Archive Extraction
Server SSL/TLS Certificate Validation Vulnerability in Rome SDK
ExaGrid Appliance Firmware v4.8.1.1044.P50 Directory Traversal Vulnerability
Unrestricted File Upload in Sandline Centraleyezer (On Premises) Leads to Stored XSS
Libreswan 3.27 Vulnerability: Assertion Failure and IKE Daemon Restart
Cross-Site Scripting (XSS) Vulnerability in Shave before 2.5.3
Local File Inclusion Vulnerability in Deltek Maconomy 2.2.5 via Absolute Path Traversal
Reflected Cross-Site Scripting (XSS) Vulnerability in Samsung SCX-824 Printers
Improper Impersonation in Diagnostics Hub Standard Collector Service: Elevation of Privilege Vulnerability
Invalid Pointer Write DoS Vulnerability in Hosting Controller HC10 10.14
Command Injection Vulnerability in Akuvox R50P VoIP Phone Configuration Web Interface
Buffer Overflow Vulnerabilities in Htek UC902 VoIP Phone Web Management Interface
Arbitrary Code Execution via Manipulated Ringtone Upload in Akuvox R50P VoIP Phone 50.0.6.156
Insecure Telnet Access with Hardcoded Credentials in Akuvox R50P VoIP Phone 50.0.6.156
Command Injection Vulnerability in Atcom A10W VoIP Phone Firmware 2.6.1a2421
Memory Object Handling Vulnerability in Microsoft Exchange Server
XXE vulnerability in PHPOffice PhpSpreadsheet before 1.8.0
Azure Stack Spoofing Vulnerability
Cross-Site Scripting (XSS) Vulnerability in Kiboko Hostel Plugin for WordPress
Cross-Site Scripting (XSS) Vulnerability in miniOrange SAML SP Single Sign On Plugin for WordPress
Stored XSS Vulnerability in pfSense 2.4.4-p3 via acme_accountkeys_edit.php Action
SQL Injection Vulnerability in zzcms 2019 via daohang or img POST parameter
SQL Injection Vulnerability in zzcms 2019 via /admin/dl_sendsms.php
Windows Text Service Framework Elevation of Privilege Vulnerability
SQL Injection Vulnerability in zzcms 2019 via dl_download.php
SQL Injection Vulnerability in zzcms 2019 via Trailing Comma in id Parameter
SQL Injection Vulnerability in zzcms 2019: Exploiting dl_sendmail.php
SQL Injection Vulnerability in zzcms 2019: Exploiting /admin/dl_sendmail.php via id Parameter
SQL Injection Vulnerability in zzcms 2019: Admin Authority SQL Injection in /admin/showbad.php
SQL Injection Vulnerability in zzcms 2019: /user/dls_print.php (id parameter)
SQL Injection Vulnerability in zzcms 2019: Exploiting /user/dls_download.php via id parameter
SQL Injection Vulnerability in zzcms 2019: Admin Authority SQL Injection in deluser.php
SQL Injection Vulnerability in zzcms 2019: Exploiting dl_sendsms.php
SQL Injection Vulnerability in zzcms 2019: Admin Authority SQL Injection via id Parameter in /admin/ztliuyan_sendmail.php
VBScript Object Memory Handling Remote Code Execution Vulnerability
Stack-based Buffer Over-read Vulnerability in Xpdf 4.01.01
Cross-Site Scripting (XSS) Vulnerability in EmpireCMS 7.5.0 via e/member/doaction.php
Cross-Site Scripting (XSS) Vulnerability in EmpireCMS 7.5.0 via HTTP Referer Header in e/member/doaction.php
CSRF Vulnerability in JN-Jones MyBB-2FA Plugin Allows Unauthorized Deactivation of Two-Factor Authentication
XSS and Arbitrary File Loading Vulnerability in Newton Application for Android
XSS and Arbitrary File Loading Vulnerability in Nine Application for Android
XSS and Arbitrary File Loading Vulnerability in BlueMail for Android
XSS and Arbitrary File Loading Vulnerability in Edison Mail for Android
XSS and Arbitrary File Loading Vulnerability in TypeApp for Android
Chakra Scripting Engine Remote Code Execution Vulnerability
XSS and Arbitrary File Loading Vulnerability in Spark Application for Android
SQL Injection Vulnerability in Petraware pTransformer ADC
Remote Disclosure of Administrator Passwords in Ivanti LANDESK Management Suite (LDMS) 10.0.1.168 Service Update 5
SQL Injection Vulnerability in Ivanti LANDESK Management Suite (LDMS) 10.0.1.168 Service Update 5
Open Directory Vulnerability in Ivanti LANDESK Management Suite (LDMS) 10.0.1.168 Service Update 5
Hard-coded Encryption Key Vulnerability in Ivanti LANDESK Management Suite
Arbitrary File Upload Vulnerability in Ivanti LANDESK Management Suite (LDMS) 10.0.1.168 Service Update 5
Unchecked kmalloc in ip6_ra_control leading to potential denial of service
Memory Leak in con_insert_unipair Function in Linux Kernel
VBScript Object Memory Handling Remote Code Execution Vulnerability
EFI Subsystem Memory Allocation Failure Vulnerability
Unchecked kmalloc in ip_ra_control leading to potential denial of service
Unchecked kstrdup in drm_load_edid_firmware leading to potential NULL pointer dereference and system crash
Information Exposure Vulnerability in Tor Browser
Polymorphic Deserialization Vulnerability in FasterXML Jackson-Databind 2.x
SQL Injection Vulnerability in Ampache Search Engine
Stored XSS in Ampache's LocalPlay add instance functionality
HTTP Request Injection Vulnerability in Twisted Web
ClearText Transmission Vulnerability in Anviz Access Control Devices
Anviz Access Control Devices Vulnerability: Unauthorized Access to Credentials via Port TCP/5010
VBScript Object Memory Handling Remote Code Execution Vulnerability
Anviz Access Control Devices Vulnerability: Unauthorized Remote Query of Private Information
Insufficient Logging of Door Open Requests in Anviz Management System for Access Control
Anviz Access Control Devices: Remote Command Execution without Password
Vulnerability in Anviz Access Control Devices: Exploitable Replay Attacks on Open Door Requests
Unverified Password Change Vulnerability in Anviz Access Control Devices
Unauthenticated Access to Map Images in Webbukkit Dynmap 3.0-beta-3 or Below
Cross-Site Scripting Vulnerability in Apache Ranger's Policy Import Functionality
Arbitrary JavaScript Execution Vulnerability in Apache Airflow Classic UI
Plaintext Secret Disclosure in Apache Kafka Connect
Jet Database Engine Remote Code Execution Vulnerability
Caching Mechanism Vulnerability in Apache Santuario XML Security for Java
XML Resource Consumption Vulnerability in Solr Update Handler (a.k.a. Lol Bomb)
Infinite Loop Denial of Service Vulnerability in Apache Commons Compress 1.15 to 1.18
Apache JSPWiki InfoContent.jsp XSS Vulnerability
LDAP Authentication Bypass in Apache Traffic Control 3.0.0 and 3.0.1
Apache CXF Denial of Service Vulnerability
Apache JSPWiki Plugin Link XSS Vulnerability
Uninitialized Memory Bug in Apache Arrow 0.14.0 to 0.14.1
Insecure Remote JMX Monitoring in Apache Solr
Jet Database Engine Remote Code Execution Vulnerability
Uninitialized Memory Vulnerability in Apache Arrow Versions 0.12.0 to 0.14.1
Null Pointer Dereference Vulnerability in libapreq2 Multipart Parser
Unauthorized Access to Database Metadata in Apache Incubator Superset
Unauthorized Database Name Disclosure in Apache Incubator Superset before 0.32
XML External Entity (XXE) Processing Vulnerability in Apache POI up to 4.1.0
Vulnerability: Injection Attacks in DeltaSpike WindowHandler.js with ClientSideWindowStrategy
Arbitrary JavaScript Execution and Local File Disclosure Vulnerability in Airflow Metadata Database
Apache Tomcat JMX Remote Lifecycle Listener Man-in-the-Middle Vulnerability
OpenId Connect Access Token Service Vulnerability
Jet Database Engine Remote Code Execution Vulnerability
Excessive Resource Consumption Vulnerability in Apache SpamAssassin
Authentication Token Invalidation Vulnerability in NiFi Versions 1.0.0 to 1.9.2
Padding Attack Vulnerability in Apache Shiro's Remember Me Configuration
Apache CXF OpenId Connect JWK Keys Service Exposes Private and Secret Key Credentials
Apache OFBiz 17.12.01 Vulnerability: Host Header Injection
Unauthenticated Access to Backend Screens via setSessionLocale in Apache OFBiz 16.11.01 to 16.11.06
Non-persistent XSS vulnerability in Zimbra Collaboration Admin Console (before 8.8.15 Patch 1)
Bypassing Mandatory External Authentication Provider Sign-In Restrictions
Improper Access Control in GitLab Community and Enterprise Edition Allows Unauthorized Access to Confidential Issue Details
Jet Database Engine Remote Code Execution Vulnerability
Remote Command Injection Vulnerability in GitLab Community and Enterprise Edition 11.11
Improper Access Control in GitLab Community and Enterprise Edition Allows Restricted Users to Access Private Milestone Metadata
Information Disclosure Vulnerability in GitLab Community and Enterprise Edition
Improper Input Validation in GitLab Community and Enterprise Edition: Creating Internal Projects in Private Groups Leads to Permission Issues
URL Slug Guessing Vulnerability in GitLab Allows Information Disclosure
Samba AD DC DNS Management Server NULL Pointer Dereference Vulnerability
Samba 4.10.x: AD DC LDAP Server Denial of Service Vulnerability
Incomplete CSRF Mitigation in SilverStripe GraphQL Mutations
Improper Use of Temporary Directories in Bubblewrap Allows for Privilege Escalation
DirectWrite Memory Disclosure Vulnerability
Unauthenticated Command Injection Vulnerability in Sitecore Rocks Plugin
Bypass of Protected Branches Restriction Rules in GitLab
Persistent XSS Vulnerability on Child Epics in GitLab Enterprise Edition 11.7 through 11.11
Server-Side Request Forgery (SSRF) Vulnerabilities in GitLab Community and Enterprise Edition
Persistent XSS Vulnerability in GitLab Wiki Pages
Cross-Site Scripting (XSS) Vulnerability in GitLab Community and Enterprise Edition 8.4 through 11.11
Information Exposure through Error Message in GitLab Community and Enterprise Edition 8.3 through 11.11
Insecure File Ownership Handling in GNOME gvfs
Race Conditions in GNOME gvfs Backend Admin
Privilege Escalation Vulnerability in GNOME gvfs
DirectWrite Memory Disclosure Vulnerability
Improper File Permission Handling during Copy Operation in GNOME GLib
Information Disclosure in Containous Traefik 1.7.x through 1.7.11
Stored XSS Vulnerability in MicroStrategy Web (before 10.1 patch 10) due to Missing Input Validation in FLTB Parameter
Potential vulnerability in wcd9335_codec_enable_dec in Linux kernel through 5.1.5
Unchecked kstrndup in sunxi_divs_clk_setup leading to potential denial of service
Double Fetch Vulnerability in Linux Kernel's MPT3COMMAND Case
Directory Listing Vulnerability in FileRun 2019.05.21
Directory Listing Vulnerability in FileRun 2019.05.21
Directory Listing Vulnerability in FileRun 2019.05.21
Jet Database Engine Remote Code Execution Vulnerability
Cross-Site Scripting (XSS) Vulnerability in Web Port 1.19.1 via /access/setup Type Parameter
Cross-Site Scripting (XSS) Vulnerability in Web Port 1.19.1 via /log Type Parameter
LibreNMS 1.50.1 Multiple Graphing Vulnerabilities
Local File Inclusion Vulnerability in LibreNMS 1.50.1
SQL Injection Vulnerability in LibreNMS 1.50.1
CSRF Vulnerability in Wikimedia MediaWiki 1.32.1
MediaWiki Incorrect Access Control Vulnerability in Special:ChangeEmail
Bypassing Re-authentication Vulnerability in Wikimedia MediaWiki 1.27.0 through 1.32.1
Incorrect Access Control in MediaWiki through 1.32.1: Exposed Suppressed Username or Log in Special:EditTags
Jet Database Engine Remote Code Execution Vulnerability
Incorrect Access Control in Wikimedia MediaWiki through 1.32.1: Exposed Suppressed Log in RevisionDelete Page
XSS Vulnerability in Wikimedia MediaWiki 1.30.0 through 1.32.1
Bypassing IP Range Blocks via API in Wikimedia MediaWiki
Title: Denial of Service Vulnerability in Wikimedia MediaWiki 1.27.0 through 1.32.1
Information Leak in Wikimedia MediaWiki 1.23.0 through 1.32.1
Stored XSS Vulnerability in MicroStrategy Web 10.4.6 and earlier versions
Authentication Bypass Vulnerability in Zoho ManageEngine ADSelfService Plus
Remote File Inclusion Vulnerability in Supra Smart Cloud TV's openLiveURL Function
Path Traversal Vulnerability in 20|20 Storage LocalStorageProvider
Jet Database Engine Remote Code Execution Vulnerability
Denial of Service Vulnerability in BACnet Protocol Stack through 0.8.6
NULL Pointer Dereference in GPAC 0.7.1: GetESD Function Vulnerability
NULL Pointer Dereference in GPAC 0.7.1: gf_isom_get_original_format_type Vulnerability
Heap-based Buffer Overflow in GPAC 0.7.1
Command Injection Vulnerability in Fastweb Askey RTV1907VW 0.00.81_FW_200_Askey 2018-10-02 18:08:18 Devices
Jet Database Engine Remote Code Execution Vulnerability
Reverse Tabnabbing Vulnerability in Simple Machines Forum (SMF)
Arbitrary Command Execution with Root Privileges in OnApp for XEN/KVM Hypervisors
Arbitrary Event Creation and Information Disclosure Vulnerability in Gallagher Command Centre
Stack-based Buffer Over-read Vulnerability in Xpdf 4.01.01
Improper Access Control in Gardener Seed Clusters Allows Information Disclosure
Out-of-Bounds Write Vulnerability in Tiny C Compiler 0.9.27
Default Skipping of Root CA Certificate Verification in Gobot MQTT Subsystem
Information Disclosure Vulnerability in OTRS Customer Frontend
Unauthenticated REST API Access Vulnerability in WP Live Chat Support Plugin
Firejail before 0.9.60 Vulnerability: Binary Truncation
Jet Database Engine Remote Code Execution Vulnerability
Bluetooth Low Energy Command Spoofing Vulnerability in Xiaomi M365 Scooter
CSRF Vulnerability in MOBOTIX S14 MX-V4.2.1.61 Cameras Allows Unauthorized Account Creation
Keystroke Injection Vulnerability in Inateck BCST-60 Wireless Barcode Scanner
Keystroke Injection Vulnerability in Inateck WP2002 Wireless Presenter
Unencrypted and Unauthenticated Data Communication Vulnerability in Inateck WP1001 v1.3C Wireless Presenter
Keystroke Injection Vulnerability in Logitech R700 Laser Presentation Remote R-R0010
XSS Vulnerability in PHPRelativePath 1.0.2 via RelativePath.Example1.php Path Parameter
DirectWrite Memory Disclosure Vulnerability
Authentication Bypass Vulnerability in NETGEAR Nighthawk X10-R900's NETGEAR Genie SOAP API
Arbitrary Command Execution Vulnerability in NETGEAR Nighthawk X10-R9000
Stored XSS Vulnerability in NETGEAR Nighthawk X10-R900 (CVE-2021-XXXX)
Stored XSS Vulnerability in NETGEAR Nighthawk X10-R900 (CVE-2021-XXXX)
Out-of-Bounds Read Vulnerability in Xpdf 4.01.01's FlateStream::getChar() Function
SQL Injection Vulnerability in Slickquiz Plugin for WordPress
Unauthenticated Cross-Site Scripting (XSS) Vulnerability in SlickQuiz WordPress Plugin
Buffer Overflow Vulnerability in Anviz CrossChex Access Control Management Software 4.3.8.0 and 4.3.12
Stack Buffer Overflow in Squid's ESIExpression::Evaluate
Windows GDI Memory Disclosure Vulnerability
Vulnerability: Username Delimitation in Squid Caching Proxy
Heap Overflow Vulnerability in Squid ESI Parsing
Privilege Escalation Vulnerability in Squid
Bypassing Access Controls in Squid URN Handling
URL Encoding Bypass Vulnerability in Squid
Squid Digest Authentication Header Parsing Vulnerability
Heap-based Buffer Overflow in Squid URN Response Handling
Heap-based Buffer Overflow in Squid HTTP Proxy Server
FTP Server Triggered Heap Memory Disclosure in Squid
Squid Proxy Server Basic Authentication Header Parsing Vulnerability
Windows AppX Deployment Server Junction Handling Elevation of Privilege Vulnerability
Vulnerability: Incorrect Access Control in stdonato Dashboard Plugin for GLPI
Insyde Software Tools Access Control Vulnerability
XSS Vulnerability in Zoho ManageEngine AssetExplorer's SearchN.do Search Field
XSS Vulnerability in Zoho ManageEngine ServiceDesk Plus 9.3 SiteLookup.do Search Field
XSS Vulnerability in Zoho ManageEngine ServiceDesk Plus Purchase Component
Uninitialized Memory Disclosure in Windows Hyper-V
XSS Vulnerability in Zoho ManageEngine ServiceDesk Plus 10.5 via WorkOrder.do Search Field
XSS Vulnerability in Zoho ManageEngine ServiceDesk Plus 9.3
XSS Vulnerability in Zoho ManageEngine ServiceDesk Plus 9.3 via SearchN.do UserConfigID Parameter
XSS Vulnerability in Zoho ManageEngine ServiceDesk Plus 9.3 via PurchaseRequest.do serviceRequestId Parameter
Remote Code Execution in Bludit 3.9.0 via Logo Upload Vulnerability
Hardcoded Private Keys in WAGO 852-303, 852-1305, and 852-1505 Devices
File Handling Vulnerability in Microsoft Defender Leads to Denial of Service
Hardcoded User and Password Vulnerability in WAGO 852-303, 852-1305, and 852-1505 Devices
Arbitrary Memory Overwrite Vulnerability in SweetScape 010 Editor 9.0.1
Integer Overflow Vulnerability in SweetScape 010 Editor 9.0.1: Potential Denial of Service
Arbitrary Memory Overwrite Vulnerability in SweetScape 010 Editor 9.0.1
Denial of Service Vulnerability in SweetScape 010 Editor 9.0.1
Denial of Service Vulnerability in SweetScape 010 Editor 9.0.1
Win32k Object Handling Elevation of Privilege Vulnerability
Stored Cross-Site Scripting in DotNetNuke (DNN) Version before 9.4.0: Remote Code Execution with Admin Privileges
Database Backup File Disclosure Vulnerability in DouCo DouPHP v1.5 Release 20190516
Stored XSS Vulnerability in WP Statistics Plugin for WordPress
Stack-based Overflow Vulnerability in logMess Function in Open TFTP Server MT 1.65 and Earlier
Stack-based Overflow Vulnerability in logMess Function in Open TFTP Server SP 1.66 and Earlier
Arbitrary Command Execution Vulnerability in Viber Desktop (Windows)
Microsoft SharePoint Remote Code Execution Vulnerability
SQL Injection Vulnerability in Xpert Solution Server Status by Hostname/IP Plugin 4.6 for WordPress
Arbitrary File Overwrite Vulnerability in London Trust Media Private Internet Access (PIA) VPN Client for macOS
Arbitrary Code Execution Vulnerability in PIA VPN Client for Windows
Privilege Escalation Vulnerability in London Trust Media Private Internet Access (PIA) VPN Client v82 for Linux and macOS
DLL Injection Vulnerability in London Trust Media Private Internet Access (PIA) VPN Client v1.0 for Windows
Privilege Escalation Vulnerability in PIA VPN Client v82 for Linux
Privilege Escalation Vulnerability in PIA VPN Client for macOS
Privilege Escalation Vulnerability in PIA VPN Client for macOS
Privilege Escalation via OpenVPN's --route-pre-down Parameter
Privilege Escalation Vulnerability in PIA VPN Client for Linux and macOS
Azure Active Directory Authentication Library On-Behalf-Of Flow Elevation of Privilege Vulnerability
Reflective Cross-site scripting (XSS) vulnerability in Zyxel ZyWall, USG, and UAG devices via err_msg parameter in free_time_failed.cgi
Unrestricted Guest Account Generation in Zyxel UAG, USG, and ZyWall Devices
Cross-Site Scripting (XSS) Vulnerability in Apcupsd 0.3.91_5
Arbitrary Command Execution in Apcupsd_status.php
Denial of Service Vulnerability in Espressif ESP-IDF and ESP8266_NONOS_SDK
Zero Pairwise Master Key (PMK) Installation Vulnerability in Espressif ESP-IDF and ESP8266_NONOS_SDK
Denial of Service Vulnerability in Espressif ESP8266_NONOS_SDK
Writable Seccomp Filters in Firejail: Bypassing Intended Restrictions
Microsoft SharePoint Cross-Site Request Forgery (CSRF) Vulnerability
Command Injection Vulnerability in NETGEAR Insight Cloud Firmware
Evernote Web Clipper Extension UXSS Vulnerability
Local File Inclusion Vulnerability in IceWarp Mail Server through 10.4.4 via Webmail/Calendar/Minimizer/Index.php
Vulnerability: Incorrect Access Control in DOSBox 0.74-2
XSS Vulnerability in Zoho ManageEngine AssetExplorer via RCSettings.do rdsName Parameter
XSS Vulnerability in Zoho ManageEngine AssetExplorer via SoftwareListView.do
XSS Vulnerability in Zoho ManageEngine AssetExplorer via ResourcesAttachments.jsp
SQL Injection Vulnerability in SuiteCRM 7.8.x - 7.11.x (Issue 1 of 3)
SQL Injection Vulnerability in SuiteCRM 7.10.x and 7.11.x
SharePoint Elevation of Privilege Vulnerability
SQL Injection Vulnerability in SuiteCRM 7.8.x, 7.10.x, and 7.11.x (Issue 2 of 3)
SQL Injection Vulnerability in SuiteCRM 7.8.x, 7.10.x, and 7.11.x
Microsoft SharePoint Cross-Site Request Forgery (CSRF) Vulnerability
Memory Allocation Vulnerability in Bitdefender BOX Firmware
Arbitrary Code Execution Vulnerability in Bitdefender BOX Firmware
Unchecked kstrdup in dlpar_parse_cc_property can lead to NULL pointer dereference and system crash
Unchecked kstrdup_const in get_vdev_port_node_info can lead to NULL pointer dereference and system crash
CSRF Vulnerability in phpMyAdmin Allows Remote Code Execution
Access Escalation through Permission Cache Pollution in SilverStripe CMS
Incorrect Access Control via the exec driver in HashiCorp Nomad 0.9.0 through 0.9.1
SQL Injection Vulnerability in Cisco SD-WAN Solution vManage
Microsoft Office SharePoint XSS Vulnerability
Arbitrary Value Injection Vulnerability in Cisco HyperFlex Software Statistics Collection Service
Title: Cisco HyperFlex Software Vulnerability: Insufficient Key Management Enables Man-in-the-Middle Attacks
Privilege Escalation Vulnerability in Cisco RoomOS Software
File Enumeration Vulnerability in Cisco NFVIS Web Server
Title: Cisco IOS XE NGWC Web Management Interface CSRF Vulnerability
Zip Bomb Denial of Service Vulnerability in ClamAV
Stored Cross-Site Scripting (XSS) Vulnerability in Cisco Unified Contact Center Express (Unified CCX) Web-Based Management Interface
Unauthorized Read Access Vulnerability in Cisco Firepower Threat Defense (FTD) Software
Arbitrary Command Execution Vulnerability in Cisco SD-WAN Solution's WebUI
Memory Disclosure Vulnerability in Microsoft Excel
Java Deserialization Vulnerability in Cisco Security Manager
Cross-Site Scripting (XSS) Vulnerability in Cisco Identity Services Engine (ISE) Guest Portal
Cisco Finesse Server-Side Request Forgery (SSRF) Vulnerability
Cisco Unified Contact Center Express Vulnerability: Server-Side Request Forgery (SSRF) Bypass
Unauthenticated Remote DoS Vulnerability in Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data
Unauthorized Access to Email Quarantine in Cisco Content Security Management Appliance (SMA) Software
Cross-Site Request Forgery Vulnerability in Cisco Small Business Smart and Managed Switches
Cross-Site Scripting (XSS) Vulnerabilities in Cisco Identity Services Engine (ISE) Web Interface
Cross-Site Scripting (XSS) Vulnerability in Cisco Identity Services Engine (ISE) Web Interface
Microsoft Office Input Handling Security Feature Bypass Vulnerability
Cisco IOS XE Software REST API Authentication Bypass Vulnerability
Cisco Identity Services Engine (ISE) Software: Cross-Site Scripting (XSS) Vulnerability in Web-Based Management Interface
Title: Arbitrary Code Execution Vulnerability in Cisco Jabber Client Framework for Mac Software
Cisco IOS XE Software NAT SIP ALG Vulnerability
Cisco IOS and IOS XE Software Ident Protocol Handler Denial of Service Vulnerability
Vulnerability: Unauthorized Access to Guest OS in Cisco IOx Application Environment
Cisco IOS XE Software Image Verification Bypass Vulnerability
Intune Policy Bypass Vulnerability in Microsoft Yammer App for Android
Command Execution Vulnerabilities in Cisco IOS XE Software Web UI
Command Execution Vulnerabilities in Cisco IOS XE Software Web UI
Denial of Service Vulnerability in Cisco Catalyst 4000 Series Switches
Cisco IOS XE Software Raw Socket Transport Denial of Service Vulnerability
Cisco IOS and IOS XE Software SIP Library Denial of Service Vulnerability
Buffer Overflow Vulnerability in Cisco IOS XE Software FTP ALG
Cisco IOx Application Environment Denial of Service Vulnerability
Denial of Service (DoS) Vulnerability in Cisco IOS XE Software with Unified Threat Defense (UTD)
Cisco IOS XE Software Filesystem Resource Exhaustion Vulnerability
Cisco IOS XE Software HTTP Server Crash Vulnerability
Outlook Web App (OWA) Spoofing Vulnerability in Microsoft Exchange Server
Memory Write Vulnerability in Cisco IOS XE CLI
Arbitrary Command Execution Vulnerability in Cisco IOS XE Software
Vulnerability: Bypassing Signature Verification in Cisco NX-OS and Cisco IOS XE Software
Cisco TrustSec (CTS) PAC Provisioning Module Denial of Service Vulnerability
Vulnerability in Dialer Interface Feature for ISDN Connections in Cisco IOS XE Software
Unauthenticated Remote Attackers Can Read and Modify Data in Cisco IOS and IOS XE Software
Directory Traversal Vulnerability in Cisco IOS XE Software's Guest Shell
Stored Cross-Site Scripting (XSS) Vulnerability in Cisco IOS XE Software
Stored Cross-Site Scripting (XSS) Vulnerability in Cisco IOS and Cisco IOS XE Software
Cisco TrustSec RADIUS CoA Code Denial of Service Vulnerability
Symbolic Link and Hard Link Vulnerability in Microsoft Compatibility Appraiser
Insufficient File Permissions Vulnerability in Cisco IOS XE Software
Shell Access Vulnerability in Cisco IOS XE Software
Arbitrary Code Execution Vulnerability in Cisco IOS XE Software
Cisco ASA and FTD Software FTP Inspection Engine Denial of Service Vulnerability
Privilege Escalation Vulnerabilities in Cisco Firepower Threat Defense (FTD) Software
Privilege Escalation Vulnerabilities in Cisco Firepower Threat Defense (FTD) Software
OSPF Implementation Denial of Service Vulnerability in Cisco ASA and FTD Software
Cisco ASA Software SSL VPN Denial of Service Vulnerability
Cisco ASA and FTD Software SIP Inspection Module Denial of Service Vulnerability
Arbitrary SQL Injection Vulnerabilities in Cisco Firepower Management Center (FMC) Software
Winlogon File Path Handling Vulnerability
Arbitrary SQL Injection Vulnerabilities in Cisco Firepower Management Center (FMC) Software
Arbitrary SQL Injection Vulnerabilities in Cisco Firepower Management Center (FMC) Software
Arbitrary SQL Injection Vulnerabilities in Cisco Firepower Management Center (FMC) Software
Arbitrary SQL Injection Vulnerabilities in Cisco Firepower Management Center (FMC) Software
Arbitrary SQL Injection Vulnerabilities in Cisco Firepower Management Center (FMC) Software
Arbitrary SQL Injection Vulnerabilities in Cisco Firepower Management Center (FMC) Software
Arbitrary SQL Injection Vulnerabilities in Cisco Firepower Management Center (FMC) Software
Arbitrary Command Execution Vulnerability in Cisco Firepower Management Center (FMC) Web UI
Arbitrary Command Execution Vulnerability in Cisco Firepower Management Center (FMC) Web UI
Arbitrary Code Execution Vulnerability in Cisco Firepower Management Center (FMC) Software
Windows ALPC Elevation of Privilege Vulnerability
Arbitrary Command Injection Vulnerability in Cisco Firepower Management Center (FMC) Web UI
Directory Traversal Vulnerability in Cisco Firepower Management Center (FMC) Software
Denial of Service Vulnerability in Cisco ASA Software's Secure Copy (SCP) Feature
Cisco Firepower Threat Defense (FTD) Software CLI Command Injection Vulnerability
Cross-Site Scripting (XSS) Vulnerability in Cisco ASA and FTD WebVPN Portal
Bypass of Malware and File Policies for RTF and RAR Files in Cisco Firepower System Software Detection Engine
Bypass of Malware and File Policies for RTF and RAR Files in Cisco Firepower System Software Detection Engine
WebVPN CPU Utilization Vulnerability in Cisco ASA and FTD Software
Command Execution Vulnerabilities in Cisco FXOS and FTD Software
Windows Store Installer Symbolic Link Attack Vulnerability
Denial of Service Vulnerability in Cisco Firepower Software
Unauthenticated Remote Bypass of File and Malware Inspection Policies in Cisco Firepower Management Center Software
Cross-Site Scripting Vulnerability in Cisco SPA100 Series Analog Telephone Adapters (ATAs) Web Interface
Cross-Site Scripting Vulnerability in Cisco SPA122 ATA with Router Devices
Arbitrary File Disclosure Vulnerability in Cisco SPA100 Series Analog Telephone Adapters (ATAs)
Cross-Site Scripting (XSS) Vulnerability in Cisco Expressway Series and Cisco TelePresence Video Communication Server
Cisco Email Security Appliance SPF Bypass Vulnerability
Cross-Site Scripting (XSS) Vulnerability in Cisco Unified Communications Products
Cisco SPA100 Series ATA Web Management Interface Information Disclosure Vulnerability
Arbitrary Command Execution Vulnerability in Cisco ASR 9000 Series Routers
Windows Media Elevation of Privilege Vulnerability in hdAudio.sys
SQL Injection Vulnerability in Cisco Unified Communications Manager and Session Management Edition
XML Entity Injection Vulnerability in Cisco Unified Communications Manager and Session Management Edition
Cross-Site Scripting (XSS) Vulnerability in Cisco Prime Infrastructure Web Interface
Cross-Site Scripting (XSS) Vulnerability in Cisco Prime Infrastructure Web Interface
Cisco IC3000 Industrial Compute Gateway Web Management Interface Denial of Service Vulnerability
Cross-Site Scripting (XSS) Vulnerability in Cisco Unified Communications Manager and Session Management Edition
Cross-Site Scripting (XSS) Vulnerability in Cisco Unified Communications Manager and Session Management Edition
Arbitrary Command Execution Vulnerability in Cisco NX-OS Software
Cross-Site Scripting (XSS) Vulnerability in Cisco Small Business Smart and Managed Switches
Incorrect Access Control Vulnerability in Picture_Manage_mvc.aspx Allows Unauthenticated File Upload
Windows ALPC Elevation of Privilege Vulnerability
SQL Injection Vulnerability in AUO SunVeillance Monitoring System
SQL Injection Vulnerability in Teclib Fields Plugin for GLPI
Stored XSS Vulnerability in Teclib News Plugin for GLPI
Remote Command Execution Vulnerability in Zeroshell 3.9.0
Ubiquiti airCam 3.1.4 RTSP Service Denial of Service Vulnerability
Cleartext HTTP Resolution Vulnerability in Grails before 3.3.10
Active Directory Federation Services XSS Vulnerability
Uninitialized Variable Vulnerability in FFmpeg's aa_read_header Function
Insecure Implementation Vulnerability in Snapview Mikogo for Windows
XSS Vulnerability in Chartkick Gem (Ruby)
Remote Code Execution Vulnerability in SiteVision 4
SiteVision 4 Vulnerability: Incorrect Access Control
Arbitrary OS Command Execution via Modeline in Vim and Neovim
Command Injection Vulnerability in JetBrains Ktor Framework before 1.2.0-rc
Predictable Salt Vulnerability in UserHashedTableAuth
Remote Code Execution via RAR Filename in Nextcloud ExtractionController
Memory Address Initialization Vulnerability in Windows Kernel
Cross-Site Scripting (XSS) Vulnerability in HAPI FHIR Testpage Overlay Module
Insecure Direct Object Reference vulnerability in Bludit prior to 3.9.1 allows unauthorized password changes
User Account Enumeration Vulnerability in HumHub Social Network Kit Enterprise v1.3.13
SeedDMS before 5.1.11 Unvalidated File Upload Remote Command Execution Vulnerability
Stored Cross-Site Scripting (XSS) Vulnerability in SeedDMS before 5.1.11 via name field in out/out.UsrMgr.php
Session ID Disclosure Vulnerability in OTRS Community Edition 5.0.x - 6.0.x
Deserialization of Untrusted Data in TYPO3 8.x and 9.x
Cross-Site Scripting (XSS) Vulnerability in TYPO3 8.3.0 - 8.7.26 and 9.0.0 - 9.5.7
Cookie Spoofing Vulnerability in DBusServer
Privilege Escalation Vulnerability in Symantec Endpoint Protection
Privilege Escalation Vulnerability in Symantec Messaging Gateway (prior to 10.7.1)
Tamper Protection Bypass Vulnerability in Symantec SONAR Component
Information Disclosure Vulnerability in Symantec Reporter Web UI 10.3: Unauthorized Password Access
Cross-Site Scripting (XSS) Vulnerability in Symantec My VIP Portal
Unintentional Information Disclosure Vulnerability in Norton Password Manager
Password Protection Bypass Vulnerability in Symantec Endpoint Protection (SEP) Prior to 14.2 RU2
Privilege Escalation Vulnerability in Symantec Endpoint Protection
Unsigned Code Execution Vulnerability in Symantec Endpoint Protection
Privilege Escalation Vulnerability in Symantec Endpoint Protection Manager and Symantec Mail Security for MS Exchange
Deserialization Vulnerability in Parso: Arbitrary Code Execution via Cache Grammar Parsing
Code Injection Vulnerability in PyXDG Menu XML Parsing
Ghost Touch Vulnerability: Exploiting Touchscreen Anomalies in Xiaomi Mi 5s Plus Devices
Insecure Storage of Recorded Video in Security Camera CZ Android App
Vulnerability: Unauthorized Manipulation of Joomla! Update Server URL
CSV Injection Vulnerability in Joomla! before 3.9.7
XSS Vulnerability in Joomla! Subform Fieldtype
Arbitrary Command Execution Vulnerability in D-Link DAP-1650 Devices
Authentication Bypass Vulnerability in D-Link DAP-1650 Devices
Cross-Site Request Forgery Vulnerability in SolarWinds Serv-U Managed File Transfer (MFT) Web Client
Windows Audio Service Elevation of Privilege Vulnerability
Command Injection Vulnerability in ThinStation 6.1.1 via Shell Metacharacters
Arbitrary Content Embedding Vulnerability in Verint Impact 360 15.1
Stored XSS Vulnerabilities in ENTTEC Datagate Mk2 70044_update_05032019-482
High-privileged root access vulnerability in ENTTEC Datagate MK2, Storm 24, Pixelator, and E-Streamer MK2
Hard-coded SSH Backdoor Vulnerability in ENTTEC Devices
Insecure Directory Permissions on ENTTEC Devices with Firmware 70044_update_05032019-482
Arbitrary File Overwrite Vulnerability in libqb before 1.0.5
Windows Unistore.dll Elevation of Privilege Vulnerability
Command Injection Vulnerability in Belkin Wemo Enabled Crock-Pot via SetSmartDevInfo Action
Insecure HTTP to HTTPS Redirection Vulnerability in Django
Authorization Bypass Vulnerability in Pinboard Updates in ThoughtSpot
Open Redirect Vulnerability in Verint Impact 360 15.1
Cross-Site Request Forgery (CSRF) Vulnerability in Verint Impact 360 15.1
Command Injection Vulnerability in D-Link DIR-818LW Devices
Command Injection Vulnerability in D-Link DIR-818LW Devices
Buffer Overflow Vulnerability in Photodex ProShow Producer v9.0.3797
Root Privilege Escalation and Permanent Device Modification Vulnerability in Actiontec T2200H T2200H-31.128L.08
Heap-based Buffer Over-read in r_egg_lang_parsechar Function of radare2
Vulnerability: Directory Traversal in Vesta Control Panel v-list-user Script
Command Injection Vulnerability in Vesta Control Panel 0.9.8-24: Remote Root Privilege Escalation
Vulnerability: Unauthorized Credential Reset by Organization Admins in MISP 2.4.108
Privilege Escalation via Unauthenticated D-Bus Method Calls in gvfsd
Hardcoded PIN in ELM327 OBD2 Bluetooth Device Allows Arbitrary Commands to Vehicle OBD-II Bus
MuJS 1.0.5 - Regular Expression Program Size Overflow Vulnerability
Arbitrary Deserialization Remote Code Execution in Shopware through 5.6.x
LNK Remote Code Execution Vulnerability in Microsoft Windows
Stored XSS Vulnerability in SeedDMS 5.1.11 via GROUP Name in out/out.GroupMgr.php
Denial of Service and Memory Access Vulnerability in radare2 through 3.5.1
Unrestricted File Upload and Remote Code Execution in Hunesion i-oneNet
Lack of Update File Integrity Checking in Hunesion i-oneNet Allows for Malicious Update Exploitation
Arbitrary Command Execution via NCSOFT Game Launcher Custom Protocol Handler
Stack-Based Buffer Overflow Vulnerability in UniSign 2.0.4.0 and Earlier Versions
Stack-based Buffer Overflow Vulnerability in Alzip 10.83 and Earlier Versions
Local Privilege Escalation Vulnerability in ALTOOLS Update Service 18.1 and Earlier Versions
Arbitrary File Download and Execution Vulnerability in Yes24ViewerX ActiveX Control
ALSee v5.3 ~ v8.39 .PSD Parsing Out of Bounds Write Vulnerability
Arbitrary Command Execution via ActiveX Control ShellOpen Method in MyBuilder
Arbitrary Command Execution via Crafted Configuration File in MyBuilder Viewer
Cleartext Key and Salt Vulnerability in Digital Persona U.are.U 4500 Fingerprint Reader v24
Polymorphic Typing Vulnerability in FasterXML jackson-databind 2.x through 2.9.9
Arbitrary File Copy Vulnerability in ProFTPD Mod_Copy: Remote Code Execution and Information Disclosure
Arbitrary Code Execution via Crafted Module Name in ZNC
Unrestricted Virtual Memory Access in PowerPC Linux Kernel
NULL pointer dereference vulnerability in nfc_llcp_build_tlv function
Use-after-free vulnerability in __mdiobus_register() function in Linux kernel before 5.0 allows denial of service
Windows Common Log File System Driver Sandbox Bypass Vulnerability
Unencrypted HTTP Communication Vulnerability in Shenzhen Jisiwei i3 Robot Vacuum Cleaner App 2.0
Predictable QR-code vulnerability in Shenzhen Jisiwei i3 Robot Vacuum Cleaner App 2.0
HTTP Header Parsing Vulnerability in Embedthis GoAhead
XML Feed XSS Vulnerability in Craft CMS before 3.1.31
Unauthorized Access to Docker Registries in GitLab Enterprise 12.0.0-pre
Cross-Site Request Forgery (CSRF) Vulnerability in 2by2host Widget Logic Plugin for WordPress
Buffer Overflow Vulnerability in res_pjsip_messaging in Digium Asterisk Versions 13.21-cert3, 13.27.0, 15.7.2, 16.4.0, and Earlier
Remote Code Execution via Origin URI Scheme Injection
Buffer Overflow Vulnerability in radare2 RParse API
Memory Object Disclosure Vulnerability in Microsoft Graphics Components
Nested Video MyCode Persistent XSS Vulnerability in MyBB before 1.8.21
MyBB Theme Import Stylesheet Name Remote Code Execution Vulnerability
DOM Injection Vulnerability in HT2 Labs Learning Locker 3.15.1
Out-of-Bounds Write Vulnerability in xml_memory_writer::write in Leanify 0.4.3
URL/Link Forgery Vulnerability in Bobronix JEditor for Jira
Information Disclosure Vulnerability in Java API of accesuniversitat.gencat.cat 1.7.5
SQL Injection Vulnerability in SchedMD Slurm 17.11.x, 18.08.0-18.08.7, and 19.05.0
Arbitrary Command Execution Vulnerability in OrangeHRM 4.3.1 and Earlier
DirectX Memory Handling Vulnerability
Arbitrary Command Execution with Root Privileges in Webmin Package Updates Module
ZIP Extraction Vulnerability in JetBrains TeamCity
Reflected XSS Vulnerability Patched in JetBrains TeamCity 2018.2.2
Stored JavaScript Injection Vulnerability in JetBrains TeamCity 2018.2.3
Stored JavaScript Injection Vulnerability in JetBrains TeamCity 2018.2.3
Unencrypted Connection Vulnerability in JetBrains TeamCity 2018.2.3
Unauthorized Access to JetBrains TeamCity Settings in Versions Prior to 2018.2.2
Cleartext Password Exposure in JetBrains Hub SMTPSettings Audit Events
Win32k Object Handling Elevation of Privilege Vulnerability
Query Injection Vulnerability Patched in JetBrains YouTrack 2018.4.49168
CSRF Vulnerability in JetBrains YouTrack Admin Endpoint
SSRF Vulnerability Patched in JetBrains YouTrack 2018.4.49168
Squid cachemgr.cgi Denial of Service Vulnerability
Unverified Certificate Vulnerability in Twisted XMPP Support
Windows GDI Memory Disclosure Vulnerability
Stored HTML Injection in SolarWinds Orion Platform 2018.4 HF3 (NPM 12.4, NetPath 1.1.4) via Web Console Settings
SolarWinds Orion Platform 2018.4 HF3 (NPM 12.4, NetPath 1.1.4) Information Leakage Vulnerability
Double Free Vulnerability in cmd_mount of radare2 through 3.5.1
Insecure Direct Object Reference and Authorization Bypass in JetBrains YouTrack (Fixed in 2018.4.49168)
Privilege Escalation Vulnerability in JetBrains YouTrack Issue Attachments
Remote Command Execution in MISP 2.4.109 via Super Administrator Privileges
Vulnerability: Out-Of-Bounds Read, Information Disclosure, and Remote Code Execution in PHOENIX CONTACT PC Worx and Config+
Windows Network Connectivity Assistant Elevation of Privilege Vulnerability
Uninitialized Pointer Vulnerability in PHOENIX CONTACT PC Worx and Config+
Use-After-Free and Remote Code Execution Vulnerability in PHOENIX CONTACT PC Worx and Config+
SQL Injection Vulnerability in dotCMS before 5.1.6 via view_unpushed_bundles.jsp
Double Free Vulnerability in VLC Media Player's Matroska Demuxer
Unprivileged Member Package Injection Vulnerability in Alpine Linux abuild
Insecure Permissions in Zoho ManageEngine Suite: Privilege Escalation Vulnerability
Clickjacking Vulnerability in BCN Quark Quarking Password Manager 3.1.84: Allowing * within web_accessible_resources
NULL pointer dereference vulnerability in i915_gem_userptr_get_pages in Linux kernel 4.15.0 on Ubuntu 18.04.2
Incorrect Access Control in KeyIdentity LinOTP before 2.10.5.3
Unauthenticated Privilege Escalation in SailPoint Desktop Password Reset 7.2
Windows Update Delivery Optimization Elevation of Privilege Vulnerability
Unauthenticated Database Operations in RedwoodHQ 2.5.5
User Mode Write AV Vulnerability in Alternate Pic View 2.600
Read Access Violation Vulnerability in Alternate Pic View 2.600
Corrupted Exception Handler Chain Vulnerability in Alternate Pic View 2.600
Heap Corruption Vulnerability in Edraw Max 7.9.3
Read Access Violation Vulnerability in Edraw Max 7.9.3
User Mode Write AV Vulnerability in Delta Electronics DeviceNet Builder 2.04
User Mode Write AV Vulnerability in Delta Electronics DeviceNet Builder 2.04
Windows Remote Desktop Client Remote Code Execution Vulnerability
Out-of-Bounds Write Vulnerability in BZ2_decompress in bzip2
Directory Traversal Vulnerability in Pydio Cells before 1.5.0 Allows Privilege Escalation
Incomplete Cleanup of User Data Allows Data Restoration by New User
Sensitive Information Exposure in Pydio Cells before 1.5.0 via Unicode Name Field
Flush-and-Reload Side-Channel Vulnerability in Libgcrypt 1.8.4 AES C Implementation
XSS Vulnerability in FileRun 2019.05.21
Windows Remote Desktop Client Remote Code Execution Vulnerability
Authentication Token Extraction Vulnerability in Redbrick Shift through 3.4.3
Email Extraction Vulnerability in Redbrick Shift through 3.4.3
Email Extraction Vulnerability in Redbrick Shift through 3.4.3
Authentication Token Extraction Vulnerability in Redbrick Shift through 3.4.3
Reflected XSS Vulnerability in Quest KACE Systems Management Appliance Server Center 9.1.317
SQL Injection Vulnerability in Quest KACE Systems Management Appliance Server Center version 9.1.317
Unauthenticated Access to Video Archive on Shenzhen Cylan Clever Dog Smart Camera DOG-2W and DOG-2W-V4 Devices
Memory Object Handling Vulnerability in Windows: A Denial of Service Risk
Hardcoded Root Password Vulnerability in Shenzhen Cylan Clever Dog Smart Camera DOG-2W and DOG-2W-V4 Devices
Arbitrary File Read Vulnerability in GraphicsMagick before 1.3.32
CSRF Vulnerability in phpMyAdmin 4.9.0.1 Allows Unauthorized Server Deletion
CSRF Bypass Vulnerability in MailEnable Enterprise Premium 10.23
XML External Entity Injection (XXE) Vulnerability in MailEnable Enterprise Premium 10.23
Directory Traversal Vulnerabilities in MailEnable Enterprise Premium 10.23
Inadequate Access Control Vulnerability in MailEnable Enterprise Premium 10.23
Stored and Reflected Cross-Site Scripting (XSS) Vulnerability in MailEnable Enterprise Premium 10.23
QEMU QMP Command Injection Vulnerability
QEMU 4.0.0 and Earlier: QMP Guest_Exec Command OS Command Injection Vulnerability
Windows SMB Client Driver Memory Object Disclosure Vulnerability
Arbitrary Web Script Injection Vulnerability in WIKINDX MENU.php
Stored XSS Vulnerability in SeedDMS 5.1.11: Autocomplete Search Form Escaping Issue
Cross-Site Request Forgery (CSRF) and Cross-Site Scripting (XSS) Vulnerability in wp-code-highlightjs Plugin
XSS Vulnerability in Shopware Backend Login
DNS Rebinding Vulnerability in BlueStacks App Player 2, 3, and 4
Buffer Overflow in gsudo Allows Local Privilege Escalation via DISPLAY Environment Variable
Ineffective .htaccess Protection in Roundcube Component of Analogic Poste.io 2.1.6 Allows Unauthorized Access to Logs
SQL Injection Vulnerability in LiveZilla Server before 8.0.1.1 via p_ext_rse parameter in server.php
Windows Secure Boot Security Feature Bypass Vulnerability
Denial of Service Vulnerability in LiveZilla Server 8.0.1.1: Memory Consumption in knowledgebase.php
Vulnerability: Brute-Force and Dictionary Attack on AutoPi Wi-Fi/NB and 4G/LTE Devices
TTLock Vulnerability: Unrestricted Guest Access in Offline Cloud Connection Scenarios
TTLock Devices: Password-Reset Vulnerability and Sensitive Information Disclosure
Vulnerability: Unrestricted Guest Access in Glue Smart Lock 2.7.8 Devices
SQL Injection Vulnerability in Elcom CMS before 10.7 via EventSearchByState.aspx and EventSearchAdv.aspx
Polycom UC Software: Remote Code Execution and DoS Vulnerability
Arbitrary Code Execution via XSS in pfSense 2.4.4-p2 and 2.4.4-p3
Unsafe Data Input Vulnerability in Microsoft SharePoint
Cross-Site Scripting (XSS) Vulnerability in TeamPass 2.1.27.35 via Crafted CSV File Import
Critical Heap-Based Buffer Overflow in Mongoose's parse_mqtt() Function
Inconsistent Failure Delay Vulnerability in Dropbear 2011.54 through 2018.76
SolarWinds Network Performance Monitor (Orion Platform 2018, NPM 12.3, NetPath 1.1.3) Authenticated XSS Vulnerability via Crafted onerror Attribute in ALERT Action
Buffer Over-read Vulnerability in Xpdf 4.01.01's FoFiType1C::convertToType1 Function
Heap-Based Buffer Over-Read Vulnerability in Xpdf 4.01.01
SSRF Vulnerability in Zoho ManageEngine AssetExplorer 6.2.0 and Earlier
Unsafe Data Input Vulnerability in Microsoft SharePoint
SQL Injection Vulnerability in LiveZilla Server before 8.0.1.1 via p_dt_s_d Parameter
CSV Injection Vulnerability in LiveZilla Server Export Function
XSS Vulnerability in LiveZilla Server 8.0.1.1 and Earlier via Accept-Language Header
XSS Vulnerability in LiveZilla Server's chat.php Create Ticket Action
XSS Vulnerability in LiveZilla Server Ticket.php Subject Field
Arbitrary Code Execution Vulnerability in FeHelper (CVE-2019-XXXX)
Incorrect Access Control in Stephan Mooltipass Moolticute through 0.42.1
Vulnerability in Sonic Robo Blast 2 (SRB2) Plugin Allows Remote Crash in Doomseeker
Memory Object Handling Vulnerability in Microsoft Excel Allows Remote Code Execution
Cross-Site Scripting (XSS) Vulnerability in SquirrelMail 1.4.22 and 1.5.x
Unrestricted File Upload Vulnerability in BKS EBK Ethernet-Buskoppler Pro before 3.01
Heap-based Buffer Over-read in GNU Binutils 2.32
Excessive Iteration Denial of Service Vulnerability in OpenJPEG 2.3.1
NULL Pointer Dereference Vulnerability in ImageMagick 7.0.8-34
Memory Leak Vulnerability in ImageMagick 7.0.8-34's WriteDPXImage Function
Memory Leak in ImageMagick's ReadPCLImage Function
Uninitialized Value Vulnerability in ImageMagick 7.0.8-34 WriteJP2Image Function
Uninitialized Value Vulnerability in ImageMagick 7.0.8-34's ReadPANGOImage Function
Uninitialized Value Vulnerability in ImageMagick 7.0.8-34's SyncImageSettings Function
Chakra Scripting Engine Remote Code Execution Vulnerability
Integer Overflow in SWFInput_readSBits Function in Ming 0.4.8
Fill Overflow Vulnerability in Ming (libming) 0.4.8
Heap Buffer Overflow and Underflow in libming 0.4.8's decompileCAST Function in util/decompile.c
NULL Pointer Dereference Vulnerability in Linux Kernel NFC Netlink
Improper Input Validation in Citrix and NetScaler SD-WAN (Issue 1 of 6)
Improper Input Validation in Citrix and NetScaler SD-WAN (Issue 2 of 6)
Improper Input Validation in Citrix and NetScaler SD-WAN (Issue 3 of 6)
Improper Input Validation in Citrix and NetScaler SD-WAN (Issue 4 of 6)
SQL Injection Vulnerability in Citrix SD-WAN and NetScaler SD-WAN
Edge HTML Information Disclosure Vulnerability
Directory Traversal Vulnerability in Citrix SD-WAN and NetScaler SD-WAN
Improper Input Validation in Citrix and NetScaler SD-WAN (Issue 5 of 6)
Improper Input Validation in Citrix and NetScaler SD-WAN (Issue 6 of 6)
SSRF Vulnerability in Zoho ManageEngine AssetExplorer 6.2.0 via AJaxServlet
Access Token Mishandling in Istio 1.2.2: Exploitable Segmentation Fault in jwt_authenticator.cc
XML Import Mappings Vulnerability: Unsafe DOCTYPE Declarations in Mendix 7.23.5 and Earlier
Privilege Escalation via Environment Variable Injection in Loopchain
C-Lightning Vulnerability: Incorrect Access Control Leads to Fund Loss
Incorrect Access Control in Lightning Network Daemon (lnd) before 0.7 leads to fund loss vulnerability.
Chakra Scripting Engine Remote Code Execution Vulnerability
Eclair 0.3 Vulnerability: Loss of Funds Due to Incorrect Access Control
Unauthorized Comment Addition in GitLab Snippets
Unauthorized Access to Pipeline Information in GitLab Community and Enterprise Edition 11.10 through 12.0.2
GitLab CI Vulnerability: Uncontrolled Resource Consumption in Parser
Improper Handling of Encoded Characters Leads to Comments Section Inaccessibility (Issue 1 of 2)
Unauthorized Disclosure of Restricted User, Group, and Repository Metadata in GitLab
Incorrect Access Control Allows Unauthorized Access to Merge Request Information
Uncontrolled Resource Consumption in GitLab Community and Enterprise Edition 11.11 through 12.0.2
Improper Permission Settings in GitLab Community and Enterprise Edition Allows Unauthorized Access to Uploaded Files
.NET Core Denial of Service Vulnerability
GitLab Enterprise Edition 8.3 through 12.0.2 Color Codes Decoder Resource Depletion Vulnerability
Excessive Algorithmic Complexity in GitLab Merge Requests Template Names Enumeration
Insecure Directory and File Permissions in GNOME GLib (glib2.0)
Local Privilege Escalation Vulnerability in Little Snitch Versions 4.3.0 to 4.3.2
Vulnerability in Little Snitch Privileged Helper Tool Allows Persistence
ASP.NET Core Elevation of Privilege Vulnerability
Tightrope Media Carousel before 7.1.3 Vulnerability: SSRF in CarouselAPI/v0/fetch?url=
Unprotected Storage of Administrative Passwords in Bond JetSelect
Vulnerability: Privilege Escalation in Bond JetSelect through Password Reversal
HTML Password Field Obfuscation Vulnerability in Bond JetSelect
Arbitrary Command Execution in Centreon Monitoring System
Improper Input Validation in Compal CH7465LG Cable Modem Allows Remote Command Execution
SQL Injection Vulnerability in OXID eShop 6.0.x and 6.1.x
SQL Injection Vulnerability in Realization Concerto Critical Chain Planner (aka CCPM) 5.10.8071
Remote Code Execution and File Deletion Vulnerability in eID Client Web Server
Stored Cross-site scripting (XSS) vulnerabilities in REDCap 8 and 9 before 8.10.20 and 9.1.2
Windows AppX Deployment Server Junction Handling Elevation of Privilege Vulnerability
Uncontrolled Admin Access and Information Disclosure in eQ-3 Homematic CCU3 AddOn 'Mediola NEO Server for Homematic CCU3'
XML External Entity (XXE) Vulnerability in LemonLDAP::NG Notification Server
NULL Pointer Dereference Vulnerability in FlightCrew Library
License Key Exposure during Data Upload in CISOfy Lynis
Local Privilege Escalation in Artica Pandora FMS 7.0 NG before 735
Open Redirect Vulnerability in mod_auth_mellon through 0.14.2 via login?ReturnTo= substring
Use After Free Vulnerability in Irssi with SASL Login
Insecure LD_LIBRARY_PATH Handling in ToaruOS Linker
Arbitrary Kernel Page Mapping Vulnerability in ToaruOS
Denial of Service Vulnerability in ToaruOS Kernel/sys/syscall.c
Arbitrary Kernel Page Mapping Vulnerability in ToaruOS 1.10.10
Team Foundation Server Cross-site Scripting Vulnerability
Persistent Denial of Service Vulnerability in SKS Keyserver Network
Command Injection Vulnerability in Pi-Hole 4.3
Live Decryption Vulnerability in Logitech Unifying Devices: Exploiting Sniffed Pairing for Keyboard Receiver
Logitech Unifying Devices Vulnerability: Keystroke Injection and Encryption Bypass
Logitech R500 Presentation Clicker Vulnerability: AES Key Disclosure and Keystroke Injection
Logitech Unifying Devices Vulnerability: Live Decryption of RF Transmissions via AES Key Dumping
CSRF Vulnerability in CyberPanel Allows Unauthorized Modification of Administrator Credentials
OpenLDAP Server Privilege Escalation Vulnerability
Azure DevOps and Team Foundation Server Remote Code Execution Vulnerability
File Disclosure and Remote File Inclusion Vulnerability in Sahi Pro 8.0.0
Reflected XSS Vulnerability in Sahi Pro 8.0.0 Script Manager Arena
Buffer Over-read Vulnerability in njs through 0.3.3
HTML Injection in Panel Drilldown Links in Grafana before 6.2.5
Local Privilege Escalation to SYSTEM via Insecure ProgramData Folder in extenua SilverSHielD 6.x
Chakra Scripting Engine Remote Code Execution Vulnerability
Stored XSS Vulnerability in CyberPower PowerPanel Business Edition 3.4.0 Agent/Center Component
CSRF Vulnerability in CyberPower PowerPanel Business Edition 3.4.0 Agent/Center Component
Stored XSS vulnerability in ZoneMinder 1.32.3 Filters Page (Name Field)
Memory Exhaustion Vulnerability in MikroTik Router FTP Daemon
Tor Browser Information Exposure Vulnerability
SQL Injection Vulnerability in Quest KACE Systems Management Appliance Server Center 9.1.317
XSS Vulnerability in Quest KACE Systems Management Appliance Server Center 9.1.317
SQL Injection Vulnerability in Quest KACE Systems Management Appliance Server Center 9.1.317
SQL Injection Vulnerability in Quest KACE Systems Management Appliance Server Center 9.1.317
Chakra Scripting Engine Remote Code Execution Vulnerability
XSS Vulnerability in Quest KACE Systems Management Appliance Server Center 9.1.317
XSS Vulnerability in Quest KACE Systems Management Appliance Server Center 9.1.317
Remote Code Execution in Chamilo LMS 1.11.8 and 2.x through Unauthenticated File Upload
XnView Classic 2.48 User Mode Write AV Vulnerability
User Mode Write AV Vulnerability in XnView Classic 2.48
User Mode Write AV Vulnerability in XnView Classic 2.48
SQL Injection Vulnerability in CSZ CMS 1.2.2: Bypassing CSRF Protection in member/login/check Endpoint
Windows Hyper-V Network Switch Privilege Escalation Vulnerability
Insecure Storage of User Wallet Keystore in TronLink Wallet 2.2.0
Insecure Input Verification in Cat Runner Decorate Home API
Insecure Password Logging in TronLink Wallet 2.2.0
Insecure Storage of Confidential Information in Momo Application 2.1.9 for Android
Windows Hyper-V Network Switch Privilege Escalation Vulnerability
Insecure Storage of Confidential Information in Send Anywhere Android App
Unauthenticated Access and Data Modification Vulnerability in D-Link DIR-600M Devices
Infinite Recursion Vulnerability in Das U-Boot Versions through 2019.07-rc4
Stack Overflow Vulnerability in Das U-Boot Versions 2016.11-rc1 through 2019.07-rc4
Double-Free Vulnerability in Das U-Boot Versions 2019.07-rc1 through 2019.07-rc4
Stack Buffer Overflow in Das U-Boot Versions 2016.09 through 2019.07-rc4
Multiple Integer Overflows in MATIO Library (Versions < 1.5.16)
Integer Overflow Denial of Service Vulnerability in Exiv2
Integer Overflow Vulnerability in Exiv2: Denial of Service via Crafted PNG Image
Windows Imaging API Remote Code Execution Vulnerability
Integer Overflow and Out-of-Bounds Read Vulnerability in Exiv2 (CVE-2020-13139)
WebPImage::decodeChunks Integer Overflow Vulnerability
Uncontrolled Memory Allocation Vulnerability in Exiv2 through 0.27.1
Denial of Service Vulnerability in Exiv2 through 0.27.1 via Invalid Data Location in CRW Image File
Denial of Service Vulnerability in Exiv2 HTTP Module
Integer Overflow in libssh2's kex_method_diffie_hellman_group_exchange_sha256_key_exchange
Java Deserialization Vulnerability in MuleSoft Mule Community Edition Runtime Engine before 3.8
Uninitialized Read Vulnerability in xsl:number Format Strings in libxslt 1.1.33
Stack Data Read Vulnerability in libxslt 1.1.33
Arbitrary Memory Leakage Vulnerability in Amazon FreeRTOS MQTT Message Handling
SSRF Vulnerability in GitLab Enterprise Edition: Incorrect Access Control in GitHub Project Integration
Cross Site Scripting (XSS) Vulnerability in Patchwork v1.1 through v2.1.x
Uncontrolled Recursion Vulnerability in Foxit Reader 9.6.0.25114 and Earlier
Uncontrolled Recursion Vulnerabilities in Foxit Reader 9.6.0.25114 and Earlier
PIE Compilation Vulnerability in Tencent Habo Allows Evasion of Dynamic Malware Analysis
Integer Overflow Vulnerability in NATS Server 2.0.2 and Earlier
XSS Vulnerability in mxGraph Plugin for draw.io Diagrams
Command Injection Vulnerability in D-Link DIR-823G Firmware 1.02B03
Stack Consumption Vulnerability in Motorola Router CX2L MWR04L 1.01 scopd via TCP and UDP Ports 8010 and 8080
SQL Server Management Studio Information Disclosure Vulnerability
Remote Command Execution in Super Micro SuperDoctor 5 via NRPE
Stack Overflow Vulnerability in ZeroMQ libzmq
Memory Leak Vulnerability in ImageMagick's ReadBMPImage Function
Memory Leak Vulnerability in ImageMagick's ReadVIFFImage Function
Uninitialized Value Vulnerability in ImageMagick's ReadCUTImage Function
Integer Overflow Vulnerability in ImageMagick's TIFFSeekCustomStream Function
Memory Leak Vulnerability in ImageMagick's ReadPSImage Function
Command Injection in Docker Build Process via Remote Git URLs
Cortana Lock Screen File Access Vulnerability in Windows 10 Mobile
JUCI ACL Misconfiguration in Inteno EG200 Routers Allows Extraction of 3DES Key
Elevation of Privilege Vulnerability in Razer Surround 1.1.63.0
Vulnerability: Unauthenticated Ownership Takeover in Shenzhen Dragon Brothers Fingerprint Bluetooth Round Padlock FB50 2.3
CSV Injection Vulnerability in myTinyTodo 1.3.3 through 1.4.3
Unvalidated Input Vulnerability in field_test Gem 0.3.0 for Ruby
NULL Pointer Dereference Vulnerability in Audio File Library 0.3.6
Command Injection Vulnerability in TRENDnet TEW-827DRU Firmware
Command Injection Vulnerability in TRENDnet TEW-827DRU Firmware
Windows Error Reporting Manager Hard Link Elevation of Privilege Vulnerability
Command Injection Vulnerability in TRENDnet TEW-827DRU Firmware
Command Injection Vulnerability in TRENDnet TEW-827DRU Firmware
Command Injection Vulnerability in TRENDnet TEW-827DRU Firmware
Command Injection Vulnerability in TRENDnet TEW-827DRU Firmware
Command Injection Vulnerability in TRENDnet TEW-827DRU Firmware
Command Injection Vulnerability in TRENDnet TEW-827DRU Firmware
Stack-Based Buffer Overflow in NDrive(1.2.2).sys in Naver Cloud Explorer
Arbitrary File Overwrite Vulnerability in Naver Vaccine 2.1.4
Windows Setup Privilege Escalation Vulnerability
Denial of Service Vulnerability in Asterisk Open Source through 16.4.0
Fujitsu TLS Library Man-in-the-Middle Vulnerability
QEMU Network Interface Name ACL Bypass Vulnerability
Buffer Overflow Vulnerability in Xerox Phaser 3320 V53.006.16.000 IPP Service
Account Lockout Vulnerability in Xerox Phaser 3320 V53.006.16.000 Printers
Multiple Stored XSS Vulnerabilities in Xerox Web Application: Session Hijacking and Unwanted Actions
Buffer Overflow Vulnerability in Xerox Phaser 3320 V53.006.16.000 IPP Service
Buffer Overflow Vulnerability in Xerox Phaser 3320 V53.006.16.000 Printers
Windows Hard Link Handling Vulnerability
Xerox Phaser 3320 V53.006.16.000 Printer CSRF Vulnerability
Stack-based Buffer Overflow Vulnerability in Xerox Phaser 3320 V53.006.16.000 Printer's Google Cloud Print Implementation
Buffer Overflow Vulnerability in Xerox Phaser 3320 V53.006.16.000 Printers' Authentication Cookie
Arbitrary File Overwrite Vulnerability in fstream.DirWriter() Function
Open Redirect Vulnerability in Read the Docs (Versions before 3.5.1)
XXE Vulnerability in 3CX Phone System Management Console
Static String Misuse in Verification Process of Django REST Registration Library
Race Condition in LUKS Encryption Keyfile Creation and Permission Setting in Calamares versions 3.1 through 3.2.10
Insecure Keyfile Copying in Calamares Versions 3.1 through 3.2.10
TLS Session Spoofing Vulnerability
CSV Injection Vulnerability in SolarWinds Serv-U FTP Server v15.1.7 Web UI
Stored XSS Vulnerability in SolarWinds Serv-U FTP Server 15.1.7 Web UI
CSRF Vulnerability in Flarum before 0.1.0-beta.9 Allows Unauthorized Admin Settings Modification
Stored XSS vulnerability in MiniCMS V1.10 via tags box leading to cookie theft
Unauthenticated Arbitrary File Upload Vulnerability in Symphony CMS Rich Text Formatter Extension
Unauthenticated User Access Control Bypass in Knowage through 6.1.1
XSS Vulnerability in Knowage through 6.1.1 via start_url or user_id Field in ChangePwdServlet Page
Windows Error Reporting File Execution Elevation of Privilege Vulnerability
CAPTCHA Bypass Vulnerability in Knowage through 6.1.1 Signup Page
SQL Injection Vulnerability in IntraMaps MapControl 8 via /ApplicationEngine/Search/Refine/Set Page
Heap Buffer Overflow Vulnerability in Brother Printers' IPP Service
Stack Buffer Overflow Vulnerability in Brother HL-L8360CDW v1.20 Printer Web Server
Information Disclosure Vulnerabilities in Brother HL-L8360CDW v1.20 Printer
Path Traversal Vulnerability in Kyocera Printer Web Application
Buffer Overflow Vulnerability in Kyocera Printers: Remote Code Execution and Denial of Service Exploit
Buffer Overflow Vulnerability in Kyocera ECOSYS M5526cdw Printer
Stored XSS Vulnerability in Kyocera Printer Web Application
CSRF Vulnerability in Kyocera Printers Allows Local Account Takeover
Windows Authentication Handling Elevation of Privilege Vulnerability
Reflected XSS Vulnerability in Kyocera Printer Web Application Allows Session Hijacking and Unwanted Actions
Buffer Overflow Vulnerability in Kyocera ECOSYS M5526cdw LPD Service
Buffer Overflow Vulnerability in Kyocera ECOSYS M5526cdw Printers
Kyocera Printer Integer Overflow Vulnerability: Remote Code Execution and Denial of Service
Multiple Buffer Overflow Vulnerabilities in Kyocera ECOSYS M5526cdw IPP Service
Unauthenticated Access to Sensitive Configuration Files in Kyocera Printers
Buffer Overflow Vulnerability in Kyocera Printers: Document Boxes Functionality
Stack-based Buffer Overflow in dname_concatenate() function in NSD 4.2.0
Privilege Escalation via WavesSysSvc in Waves MAXX Audio
Rancher 2 through 2.2.4 Cross-Site Websocket Hijacking Vulnerability
Windows CloudStore File DACL Elevation of Privilege Vulnerability
Heap Buffer Overflow in stb_vorbis: Arbitrary Code Execution via Crafted Ogg Vorbis File
Division by Zero Vulnerability in stb_vorbis: Denial of Service via Crafted Ogg Vorbis File
NULL Pointer Dereference Vulnerability in stb_vorbis: Denial of Service via Crafted Ogg Vorbis File
Windows Authentication Handling Elevation of Privilege Vulnerability
Uninitialized Stack Variables Vulnerability in stb_vorbis: Denial of Service and Information Disclosure
Stack Buffer Overflow in stb_vorbis: Denial of Service and Arbitrary Code Execution
Out-of-Bounds Read Vulnerability in stb_vorbis Allows Denial of Service and Information Disclosure
Denial of Service Vulnerability in stb_vorbis through 2019-03-04
Use-After-Free Vulnerability in Oniguruma 6.9.2 Allows Information Disclosure, Denial of Service, and Possible Code Execution
NULL Pointer Dereference Vulnerability in Oniguruma 6.9.2
Race condition vulnerability in deepin-clone allows for arbitrary file system mounting and denial of unmount
Symlink Attack Vulnerability in deepin-clone
Privilege Escalation via Symlink Attack in deepin-clone
Symlink Attack Vulnerability in deepin-clone
Windows Update Client Privilege Escalation Vulnerability
Denial of Service Vulnerability in Info-ZIP UnZip 6.0: The 'Better Zip Bomb' Issue
Race Condition Vulnerability in Linux Kernel Allows Use-After-Free Access to LDT Entry
XSS Vulnerability in Alkacon OpenCms Apollo Template 10.5.4 and 10.5.5 Search Engine
XSS Vulnerability in Alkacon OpenCms Apollo Template 10.5.4 and 10.5.5 Login Form
Multiple Reflected and Stored XSS Vulnerabilities in Alkacon OpenCms 10.5.4 and 10.5.5 Management Interface
Multiple Local File Inclusion Vulnerabilities in Alkacon OpenCms 10.5.4 and 10.5.5
Memory Allocation Failure in Bento4 1.5.1.0 Leads to Crashes
Cross-Site Scripting (XSS) Vulnerability in User Picture of GLPI before 9.4.3
IPv6 Flowlabel Information Disclosure Vulnerability
Password Reset Vulnerability in GLPI
Directory Traversal Vulnerability in FlightCrew v0.9.2 and Older
IrfanView 4.52 User Mode Write AV Vulnerability
IrfanView 4.52 User Mode Write AV Vulnerability
User Mode Write AV Vulnerability in FastStone Image Viewer 7.0
User Mode Write AV Vulnerability in FastStone Image Viewer 7.0
User Mode Write AV Vulnerability in FastStone Image Viewer 7.0
User Mode Write AV Vulnerability in ACDSee Free 1.1.21
User Mode Write AV Vulnerability in ACDSee Free 1.1.21
User Mode Write AV Vulnerability in ACDSee Free 1.1.21
Windows Redirected Drive Buffering System Elevation of Privilege Vulnerability
User Mode Write AV Vulnerability in ACDSee Free 1.1.21
User Mode Write AV Vulnerability in ACDSee Free 1.1.21
User Mode Write AV Vulnerability in ACDSee Free 1.1.21
XnView Classic 2.48 User Mode Write AV Vulnerability
User Mode Write AV Vulnerability in XnView Classic 2.48
User Mode Write AV Vulnerability in XnView Classic 2.48
User Mode Write AV Vulnerability in XnView Classic 2.48
XnView Classic 2.48 User Mode Write AV Vulnerability
XnView Classic 2.48 User Mode Write AV Vulnerability
XnView Classic 2.48 User Mode Write AV Vulnerability
Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability
XnView Classic 2.48 User Mode Write AV Vulnerability
XnView Classic 2.48 User Mode Write AV Vulnerability
User Mode Write AV Vulnerability in XnView Classic 2.48
Insufficient Compartmentalization in D-link DIR-825AC G1 Devices Allows Cross-Router Data Encoding via DHCP Transaction ID Field
Insufficient Compartmentalization in D-link DIR-825AC G1 Devices: Exploiting IGMP Protocol for Unauthorized Data Transfer
ARP Forwarding Vulnerability in D-link DIR-825AC G1 Devices Allows Covert Channel Communication
Insufficient Compartmentalization in TP-Link Archer C3200 V1 and Archer C2 V1 Devices: Cross-Router Data Encoding Vulnerability
Insufficient Compartmentalization in TP-Link Archer C3200 V1 and Archer C2 V1 Devices: Unauthorized Data Transfer via IGMP Protocol
Insufficient Compartmentalization and ARP Forwarding Vulnerability in TP-Link Archer C3200 V1 and Archer C2 V1 Devices
Insufficient Compartmentalization in Edimax BR-6208AC V1 Devices Allows Cross-Router Data Encoding via DHCP Transaction ID
Microsoft Excel Remote Code Execution Vulnerability (CVE-2020-XXXX)
Insufficient Compartmentalization in Edimax BR-6208AC V1 Devices Allows Unauthorized Data Transfer between Host and Guest Networks
Insufficient Compartmentalization in Edimax BR-6208AC V1 Devices: ARP Forwarding Covert Channel Vulnerability
Privilege Escalation via ptrace_link in Linux Kernel
Buffer Overflow Vulnerability in Xymon CSVInfo CGI Script
XSS Vulnerability in Xymon CSVInfo CGI Script
Unauthenticated Blind SQL Injection in VeronaLabs wp-statistics Plugin
Stack-based Buffer Overflow in TRENDnet TEW-827DRU Firmware 2.04B03
Unauthenticated Remote Setup Wizard Execution Vulnerability in TRENDnet TEW-827DRU Firmware up to 2.04B03
Multiple Command Injections in TRENDnet TEW-827DRU Firmware 2.04B03
Multiple Stack-Based Buffer Overflows in TRENDnet TEW-827DRU Firmware 2.04B03
Microsoft SharePoint Spoofing Vulnerability
Stack-based Buffer Overflow in TRENDnet TEW-827DRU Firmware 2.04B03: Remote Code Execution
Heap-based Buffer Overflow in Xpdf 4.01.01's DCTStream::decodeImage() Function
Heap-based Buffer Over-read Vulnerability in Xpdf 4.01.01
Heap-based Buffer Over-read in Xpdf 4.01.01's FoFiType1::parse Function
Host Header Injection Vulnerability in CoSoSys Endpoint Protector 5.1.0.2
Heap-based Buffer Over-read in Xpdf 4.01.01's JBIG2Stream::readTextRegionSeg() Function
Out-of-Bounds Read Vulnerability in Xpdf 4.01.01's SplashXPath::strokeAdjust() Function
Infinite Recursion DoS Vulnerability in Xpdf 4.01.01
Use-after-free vulnerability in Xpdf 4.01.01's JBIG2Stream::close() function
Microsoft SharePoint Server Elevation of Privilege Vulnerability
Heap-based Buffer Overflow in Artifex MuPDF 1.15.0's fz_append_display_node Function
Heap-based Buffer Over-read Vulnerability in Xpdf 4.01.01's DCTStream::readScan() Function
SQL Injection Vulnerability in webERP 4.15 Payments.php
Command Execution Vulnerability in AROX School-ERP Pro: Unauthenticated User Command Execution
Heap-Based Buffer Over-Read Vulnerability in ImageMagick 7.0.8-50 Q16
Direct Memory Leaks in ImageMagick 7.0.8-50 Q16: Vulnerability in AcquireMagickMemory
Heap-Based Buffer Over-Read Vulnerability in ImageMagick 7.0.8-50 Q16
Heap-Based Buffer Overflow in ImageMagick 7.0.8-50 Q16: Exploiting SetPixelViaPixelInfo in MagickCore/pixel-accessor.h
Heap-Based Buffer Over-Read Vulnerability in ImageMagick 7.0.8-50 Q16
Microsoft SharePoint Elevation of Privilege Vulnerability
Heap-Based Buffer Overflow in ImageMagick 7.0.8-50 Q16: Mishandling of Columns in EvaluateImages
Memory Leaks in ImageMagick 7.0.8-50 Q16: Exploiting AnnotateImage Error
Heap-Based Buffer Over-Read Vulnerability in ImageMagick 7.0.8-50 Q16
Heap-Based Buffer Over-Read Vulnerability in ImageMagick 7.0.8-50 Q16
Stack-Based Buffer Overflow in ImageMagick 7.0.8-50 Q16: Misplaced Assignment in WritePNMImage
Stack-Based Buffer Overflow in ImageMagick 7.0.8-50 Q16: Misplaced strncpy and Off-by-One Error in WritePNMImage
Stack-Based Buffer Overflow in ImageMagick 7.0.8-50 Q16: Exploiting Off-by-One Errors in WritePNMImage
Heap-Based Buffer Overflow in ImageMagick 7.0.8-50 Q16: EvaluateImages Vulnerability
Heap-Based Buffer Overflow in ImageMagick 7.0.8-50 Q16's ComplexImage Function
Memory Leaks in ImageMagick 7.0.8-50 Q16: Vulnerability in AcquireMagickMemory
Microsoft Excel Remote Code Execution Vulnerability
Memory Leaks in ImageMagick 7.0.8-50 Q16: Vulnerability in MagickWand/mogrify.c
Memory Leaks in ImageMagick 7.0.8-50 Q16: AcquireMagickMemory Vulnerability
Heap-Based Buffer Over-Read in block_cmp() Function in FFmpeg 4.1.3
Local Privilege Escalation: Credentials Exposure via libosinfo 1.5.0 Process Listing
Local Privilege Escalation: Root Password Disclosure in virt-bootstrap 1.1.0
Remote Code Execution Vulnerability in Foxit Reader 9.5.0.20723 (ZDI-CAN-8656)
Remote Code Execution Vulnerability in Foxit PhantomPDF 9.5.0.20723
Remote Code Execution Vulnerability in Foxit PhantomPDF 9.5.0.20723
Remote Code Execution Vulnerability in Foxit Reader 9.5.0.20723 via util.printf Method
Arbitrary Code Execution via XFA Forms Processing in Foxit Reader 9.5.0.20723
Microsoft SQL Server Reporting Services XSS Vulnerability
Arbitrary Code Execution Vulnerability in Foxit Reader 9.5.0.20723
Captive Portal HTML Response Remote Code Execution Vulnerability in Xiaomi Browser
Arbitrary Code Execution via Xiaomi Browser Prior to 10.4.0
Arbitrary Code Execution via TIF File Handling in Foxit Studio Photo 3.6.6.909
Arbitrary Code Execution via TIFF File Handling in Foxit Studio Photo 3.6.6.909
Remote Code Execution Vulnerability in Foxit Studio Photo 3.6.6.909 via EPS File Handling (ZDI-CAN-8922)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.5.0.20723
Arbitrary Code Execution Vulnerability in Foxit Reader 9.5.0.20723
Arbitrary Code Execution Vulnerability in Foxit Reader 9.5.0.20723
Arbitrary Code Execution via Type Confusion in Foxit Reader 9.5
Critical Remote Code Execution Vulnerability in Windows Remote Desktop Client
Arbitrary Code Execution via Type Confusion in Foxit Reader 9.5.0.20723
Arbitrary Code Execution via JPG Parsing in Foxit Reader 9.5.0.20723
Arbitrary Code Execution via XFA Form Template Processing in Foxit Reader 9.6.0.25114
Arbitrary Code Execution via DXF to PDF Conversion in Foxit PhantomPDF 9.5.0.20723
Arbitrary Code Execution via DXF to PDF Conversion in Foxit PhantomPDF 9.5.0.20723
SSRF Vulnerability in SalesAgility SuiteCRM 7.10.x and 7.11.x
Remote Command Execution Vulnerability in dbell Wi-Fi Smart Video Doorbell DB01-S Gen 1
Bypassing Site-Wide Basic Authentication in WESEEK GROWI
Password Hash Retrieval through Unauthorized API Calls in WESEEK GROWI
Stored XSS Vulnerability in MiniCMS V1.10 Allows Cookie Theft
Windows Kernel Object Memory Handling Vulnerability
Stored XSS vulnerability in MiniCMS V1.10 via mc-admin/post-edit.php content box
Stored XSS Vulnerability in MiniCMS V1.10 Allows Cookie Theft via mc-admin/conf.php Comment Box
Pre-Authentication Path Traversal Arbitrary File Download in Butor Portal
Authentication Bypass Vulnerability in CRUDLab WP Like Button Plugin
XSS Vulnerability in Squid's cachemgr.cgi Web Module
Cross-Site Scripting (XSS) Vulnerability in MyT 1.5.1 User[username] Parameter
SAML Single Sign On Plugin Account Reactivation Vulnerability
Cleartext Data Source Credentials Exposure in Knowage through 6.1.1
User Password Hashes Exposed in Knowage through 6.1.1
Chakra Scripting Engine Remote Code Execution Vulnerability
Double File Descriptor Close Vulnerability in libjack in JACK2 1.9.1 through 1.9.12
Static, Hard-Coded Cryptographic Secret in WolfVision Cynap Allows Remote Password Reset
Code-execution backdoor vulnerability in strong_password gem 0.0.7 for Ruby
Insecure Access Control in Total Defense Anti-virus 9.0.0.773 Allows Privilege Escalation
Insecure Access Control in Total Defense Anti-virus 9.0.0.773 Allows Privilege Escalation
Local Privilege Escalation Vulnerability in Total Defense Anti-virus 9.0.0.773
XXE vulnerability in OpenCats allows remote file read access via uploaded docx or odt files
Privilege Escalation Vulnerability in CentOS Web Panel 0.9.8.836
Windows Update Client Privilege Escalation Vulnerability
Authentication Bypass Vulnerability in CentOS Web Panel 0.9.8.836
Insecure Permissions Vulnerability in Smanos W100 1.0.0 Devices
Stack-Based Buffer Overflow in Codedoc v3.2's add_variable Function
Cross-Site Scripting (XSS) Vulnerability in Piwigo 2.9.5 via admin.php?page=notification_by_mail
Cross-Site Scripting (XSS) Vulnerability in admin.php?page=account_billing in Piwigo 2.9.5
Windows Update Client Memory Handling Vulnerability
CSRF Vulnerability in Ignited CMS Allows Unauthorized Administrator Addition
Arbitrary PHP Code Execution via Username Field in D-Link Central WiFi Manager CWM(100)
Arbitrary SQL Execution Vulnerability in D-Link Central WiFi Manager CWM(100)
Cross-Site Scripting (XSS) Vulnerability in D-Link Central WiFi Manager CWM(100)
Unauthenticated SQL Injection in D-Link Central WiFi Manager CWM(100)
CSRF Token Hijacking and Stored XSS in phpBB 3.2.7 Remote Avatar Feature
Side-Channel Vulnerability in SAE and EAP-pwd Implementations
Privilege Escalation via Default Credentials on AVTECH Room Alert 3E Devices
NTLMv2 Security Feature Bypass Vulnerability
XSS Vulnerability in KEYNTO Team Password Manager 1.5.0
Arbitrary File Symbolic Link Vulnerability in SnagIT 2019.1.2
Username Enumeration Vulnerability in CentOS Web Panel 0.9.8.846
File and Directory Information Exposure in CentOS Web Panel 0.9.8.840 Filemanager
Hidden action=9 feature in CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.846 allows for remote command execution
Reflected XSS Vulnerability in CentOS Web Panel 0.9.8.846's filemanager2.php (fm_current_dir Parameter)
Lack of XSS Protection Mechanisms in RainLoop Webmail before 1.13.0
Windows Error Reporting Manager Hard Link Elevation of Privilege Vulnerability
Division by Zero Vulnerability in FFmpeg 4.1.3
Heap-Based Buffer Over-Read Vulnerability in ImageMagick 7.0.8-50 Q16
Reflected Cross-Site Scripting (XSS) Vulnerability in MindPalette NateMail 3.0.15
Default Passphrase Vulnerability in Voo Branded NETGEAR CG3700b Custom Firmware V2.02.03
Clear Text HTTP Basic Authentication Vulnerability in Voo Branded NETGEAR CG3700b Custom Firmware V2.02.03
Vulnerability: CSRF Exploit in Voo branded NETGEAR CG3700b Custom Firmware V2.02.03
Directory Traversal and Local File Inclusion Vulnerability in FlightPath 4.x and 5.0-x
Unauthenticated Stored XSS in osTicket 1.10.1: Remote Code Injection via Support Ticket Creation
Remote Code Execution in Dynacolor FCM-MB40 v1.2.0.0 Devices via CGI Script Injection
Hard-coded SSL/TLS Key Vulnerability in Dynacolor FCM-MB40 v1.2.0.0 Devices
Windows AppX Deployment Server File Creation Elevation of Privilege Vulnerability
Cleartext Storage of Administrative Web-Interface Credentials in Dynacolor FCM-MB40 v1.2.0.0
CSRF Vulnerability in Dynacolor FCM-MB40 v1.2.0.0 Devices
Incomplete Factory-Reset Process Allows Persistence of Backdoor on Dynacolor FCM-MB40 v1.2.0.0 Devices
Broken Access Control Vulnerability in Temenos CWX Version 8.9 Allows Unauthorized User Information Viewing
Default Directory Vulnerability in Python MSI Installer
Insecure ADB Service Exploit: Unauthorized Access and Device Compromise
Arbitrary APK Installation Vulnerability in Advan VD-1 Firmware
Reflected XSS Vulnerability in Advan VD-1 Firmware Versions up to 230
Relative Path Traversal Vulnerability in Advan VD-1 Firmware (Up to Version 230) Allows Unauthorized File Downloads
Union-Based SQL Injection Vulnerability in TOPMeeting 8.8 (2019/08/19)
Windows Power Service Registry Restore Key Elevation of Privilege Vulnerability
Exposure of Attendees' Account and Password in TOPMeeting (before version 8.8)
HiNet GPON Firmware < I040GWR190731: Arbitrary Command Execution via Port 3097
Arbitrary File Read Vulnerability in HiNet GPON Firmware (CVE-2021-XXXX)
SQL Injection Vulnerability in Rencontre Plugin for WordPress
Cross-Site Scripting (XSS) Vulnerability in Rencontre Plugin for WordPress
Unauthorized Data Access Vulnerability in Search Guard Versions Prior to 24.3 with Cross Cluster Search (CCS) Enabled
Authentication Bypass Vulnerability in Search Guard Versions Before 24.3 with Cross Cluster Search (CCS) Enabled
Field Name Leakage in Search Guard Versions Before 24.0
Improper Anonymization of String Arrays in Search Guard Versions Before 24.0
Clear Text Value Leakage in Search Guard Versions Before 23.1
Windows Error Reporting Manager Elevation of Privilege Vulnerability
Timing Side Channel Vulnerability in Search Guard Versions Before 21.0
User Password Hash Retrieval Vulnerability in Search Guard Versions Before 23.1
Kibana Plugin Redirect Vulnerability
Authentication Bypass Vulnerability in Search Guard Kibana Plugin
Windows Object Memory Handling Denial of Service Vulnerability
Memory Object Disclosure Vulnerability in Windows Code Integrity Module
Integer Overflow in parseOptions() Function in ROS Communications Packages
SQL Injection Vulnerability in Sertek Xpare 3.67 Login Form
Unsanitized Input Data in Sertek Xpare 3.67 Login Form Allows XSS Exploitation
Zoom Client Denial of Service Vulnerability via Invalid Launch Requests
Windows Kernel Object Memory Handling Vulnerability
Remote Camera Activation Vulnerability in Zoom Client and RingCentral on macOS
Buffer Overflow Vulnerability in Xymon through 4.3.28's history.c
Buffer Overflow Vulnerability in Xymon reportlog.c
Denial of Service Vulnerability in Zipios before 0.1.7
Division by Zero Vulnerability in ImageMagick 7.0.8-54 Q16's RemoveDuplicateLayers Function
Stack-based Buffer Overflow Vulnerability in Xymon Alert Acknowledgment CGI Tool
EAP-pwd Password Recovery Vulnerability in FreeRADIUS 3.0 through 3.0.19
Information Disclosure Vulnerability in OTRS 7.0.x through 7.0.8
Information Disclosure Vulnerability in OTRS Notification Tags
Windows Object Memory Handling Denial of Service Vulnerability
Insecure Direct Object Reference vulnerability in PrestaShop before 1.7.6.0 RC2 (PrestaShop bug #14444) allows for customer information leakage during checkout.
Unauthenticated SQL Injection in Lansweeper before 7.1.117.4
XSS Vulnerability in Simple Link Directory Plugin for WordPress
Bypassing PHP Script Uploads Rules with X.Filename in OWASP ModSecurity CRS 3.0.2
Denial of Service Vulnerability in ROS Communications Package
Incorrect Access Control in Western Digital and SanDisk SSD Dashboards
Arbitrary File Substitution Vulnerability in Western Digital and SanDisk SSD Dashboard
Windows Object Memory Handling Denial of Service Vulnerability
Out-of-Bounds Read Vulnerability in MatrixSSL before 4.2.1
XSS Vulnerabilities in PHPWind 9.1.0's index.php File Parameters
Undocumented TELNET Service in BusyBox Subsystem Allows Root Access in TELESTAR and Imperial Devices
Insufficient Access Control Vulnerability in TELESTAR DAB Radios
MobaXterm 11.1 URI Handler Argument Injection Vulnerability
XSS Vulnerability in CentOS Web Panel 0.9.8.837 Allows Low-Privilege User to Gain Root Access
CSRF Vulnerability in CentOS Web Panel 0.9.8.837 Allows Unauthorized Password Change for Root Account
Unfiltered HTML Vulnerability in Yoast SEO Plugin for WordPress
Arbitrary Path Overwrite Vulnerability in Git's fast-import
Command Injection Vulnerability in D-Link DIR-818LW Firmware 2.06betab01
Command Injection Vulnerability in D-Link DIR-818LW Firmware 2.06betab01
JWT Signature Validation Bypass in Auth0 Passport-SharePoint
Buffer Overflow Vulnerability in Xymon Status-Log Viewer CGI
Stack-based Buffer Overflow Vulnerability in Xymon History Viewer
Stack-based Buffer Overflow in Xymon Status-Log Viewer Component
Cross-Site Scripting (XSS) Vulnerability in Trape's trape.js Allows Arbitrary Code Injection
SQL Injection Vulnerability in Trape (2019-05-08) via data[2] Variable in core/db.py
Git for Visual Studio Remote Code Execution Vulnerability
Persistent XSS Vulnerability in Sitecore 9.0 rev 171002 Media Library and File Manager
Stack-based Buffer Overflow in Castle Rock SNMPc
Multiple Stored Cross-Site Scripting (XSS) Vulnerabilities in Zyxel XGS2210-52HP Firmware Version 4.50
OTP Bypass Vulnerability in One Identity Cloud Access Manager
CSRF Vulnerability in One Identity Cloud Access Manager
Missing HTTP Strict Transport Security (HSTS) in One Identity Cloud Access Manager 8.1.3 allows for MITM attacks
Git for Visual Studio Remote Code Execution Vulnerability
Heap-Based Buffer Over-Read in mq_parse_http function of Mongoose 6.15
Out-of-Bounds Read Vulnerability in Exiv2::MrwImage::readMetadata
XSS Vulnerability in Appointment Hour Booking Plugin 1.1.44 for WordPress via E-mail Field (email_1)
XSS Vulnerability in @nuxt/devalue before 1.2.3
SQL Injection Vulnerability in hidea.com AZ Admin 1.0 news_det.php?cod=
Buffer Overflow Vulnerability in FreeTDS 1.1.11
Potential Information Leakage in Docker Engine Debug Mode
Virtual drive path tampering vulnerability in Git for Visual Studio
USE AFTER FREE vulnerability in Rockwell Automation Arena Simulation Software versions 16.00.00 and earlier
Information Exposure in Rockwell Automation Arena Simulation Software
Out-of-Bounds Read Vulnerability in Fuji Electric FRENIC Loader 3.5.0.0 and Prior
Multiple Out-of-Bounds Read Vulnerabilities in Delta Industrial Automation DOPSoft
Use-after-free vulnerability in Delta Industrial Automation DOPSoft allows for remote code execution and information disclosure
Sensitive Information Disclosure in OSIsoft PI Web API 2018 and earlier versions
Cross-Site Request Forgery Protection Bypass in OSIsoft PI Web API
Access Privilege Expiration Vulnerability in Pyxis ES and Pyxis Enterprise Server
Buffer Overflow Vulnerability in EZ Touch Editor Versions 2.1.0 and Prior
Vulnerability in Rockwell Automation Arena Simulation Software version 16.00.00 and earlier allows limited information exposure
Git for Visual Studio Remote Code Execution Vulnerability
Alpha5 Smart Loader Multiple Buffer Overflow Vulnerabilities
Vulnerability in Rockwell Automation Arena Simulation Software version 16.00.00 and earlier allows limited information exposure
Memory Corruption and Code Execution Vulnerability in EZ PLC Editor Versions 1.8.41 and Prior
Unauthenticated Remote Access to Web Configuration Data in Honeywell Performance IP Cameras and NVRs
Denial-of-Service Vulnerability in GE PACSystems RX3i and CPE Series
Unauthenticated Remote Access to Web Configuration Data in IP-AK2 Access Control Panel
Authentication Bypass Vulnerability in Datalogic AV7000 Linear Barcode Scanner (Versions < 4.6.0.0)
Uninitialized Pointer Vulnerability in Rockwell Automation Arena Simulation Software
Privilege Escalation Vulnerability in Niagara AX and Niagara 4
Remote Code Execution Vulnerability in Sunny WebBox Firmware Version 1.6 and Prior
Vulnerability: NTFS Protections Bypass in Git on Windows Subsystem for Linux (WSL)
Vulnerability: Unauthorized Firmware Upload via FTP in Philips IntelliVue WLAN Patient Monitors
RFID Authentication Bypass Vulnerability in Medtronic Valleylab Energy Platforms
CODESYS V3 Web Server Directory Traversal Vulnerability
Vulnerability: Replay Attack on Omron PLC CJ and CS Series
Remote Code Execution Vulnerability in Philips IntelliVue WLAN Patient Monitors
RFID Security Read Access Vulnerability in Medtronic Valleylab FT10 and Valleylab LS10 Energy Platforms
Remote Code Execution Vulnerabilities in Delta Electronics TPEditor Versions 1.94 and Prior
Buffer Overflow Vulnerability in IEC870IP Driver for Vijeo Citect and Power SCADA Operation
CODESYS V3 Library Manager Content Display Vulnerability
Insecure Password Hashing in Medtronic Valleylab Exchange Client and Energy Platforms
Git for Visual Studio Remote Code Execution Vulnerability
Remote Code Execution Vulnerabilities in Delta Electronics TPEditor Versions 1.94 and Prior
Improper Input Validation Vulnerability in Horner Automation Cscape 9.90 and Prior
NULL Pointer Dereference Vulnerability in CODESYS V3 OPC UA Server
Hard-coded Credentials Vulnerability in Medtronic Valleylab Exchange Client and Energy Platforms
Remote Code Execution Vulnerabilities in Delta Electronics TPEditor Versions 1.94 and Prior
Buffer Overflow Vulnerability in Horner Automation Cscape 9.90 and Prior
Escalation of Privileges Vulnerability in IntelliSpace Perinatal Application Environment
Unauthenticated Access Vulnerability in Advantech WISE-PaaS/RMM
Stack Overflow and Remote Code Execution Vulnerability in CODESYS V3 Web Server
Insufficient Authentication Mechanism Allows Unauthorized Configuration Changes in Rittal Chiller SK 3232-Series
Improper Authorization Vulnerability in WebAccess Versions 8.4.1 and Prior
Remote Code Execution via Path Traversal in Advantech WISE-PaaS/RMM
Multiple Command Injection Vulnerabilities in WebAccess Versions 8.4.1 and Prior
Hard-coded Credentials Vulnerability in Rittal Chiller SK 3232-Series Web Interface
Unsecured Telnet Protocol in GE Mark VIe Controller Allows Unauthorized Access
Denial-of-Service Vulnerability in Mitsubishi Electric MELSEC-Q and MELSEC-L Series CPUs
Stack-based Buffer Overflow Vulnerabilities in WebAccess Versions 8.4.1 and Prior
Information Exposure Vulnerability in Tasy EMR WebPortal Versions 3.02.1757 and Prior
Remote Code Execution Vulnerability in WebAccess Versions 8.4.1 and Prior
Pre-configured Hard-Coded Credentials in GE Mark VIe Controller Allow Root-User Access
Edge HTML Information Disclosure Vulnerability
D-Link DIR-655 C Devices Vulnerability: Remote Attackers Can Force Blank Password
Arbitrary Command Execution in D-Link DIR-655 C Devices
Cross-Site Scripting (XSS) Vulnerability in D-Link DIR-655 C Devices
CSRF Vulnerability in D-Link DIR-655 C Devices
Cross-Site Scripting (XSS) Vulnerability in Ping Identity Agentless Integration Kit before 1.5
OpenLDAP SASL Authentication Bypass Vulnerability
Buffer Overflow Vulnerability in ROS Communications Packages
Remote Code Execution via ZoomOpener Daemon on macOS
Heap-Based Buffer Overflow in CImg.h: Malformed BMP Image Allocation Vulnerability
Icegram Email Subscribers & Newsletters Plugin SQL Injection Vulnerability
Microsoft Browser Cookie Spoofing Vulnerability
AJdG AdRotate Plugin for WordPress 5.3 and Earlier: SQL Injection Vulnerability
SQL Injection Vulnerability in Vsourz Digital Advanced CF7 DB Plugin for WordPress
SQL Injection Vulnerability in Adenion Blog2Social Plugin for WordPress
SQL Injection Vulnerability in FolioVision FV Flowplayer Video Player Plugin for WordPress
Remote Command Execution Vulnerability in MiniMagick Image Processing Library
SQL Injection Vulnerability in WPEverest Everest Forms Plugin for WordPress
Unauthenticated Remote Buffer Overflow in MAPLE WBT SNMP Administrator v2.0.195.15 via SNMP CE Remote Feature
SQL Injection Vulnerability in Impress GiveWP Give Plugin for WordPress
Jet Database Engine Remote Code Execution Vulnerability
Heap-based Buffer Overflow in Marvell 88W8688 Wi-Fi Firmware Allows Remote Code Execution
Stack Overflow Vulnerability in Marvell 88W8688 Wi-Fi Firmware
Directory Traversal Vulnerability in FANUC Robotics Virtual Robot Controller 8.23 Remote Admin Webserver
Buffer Overflow Vulnerability in FANUC Robotics Virtual Robot Controller 8.23's Remote Admin Webserver
Arbitrary Web Script Injection Vulnerability in WIKINDX getPagingStart() Function
Code-execution backdoor vulnerability in paranoid2 gem 1.1.6 for Ruby
Jet Database Engine Remote Code Execution Vulnerability
Integer Overflow and NULL Pointer Dereference in SoX 14.4.2
CSRF Protection Bypass in Mirumee Saleor 2.7.0
Arbitrary Command Execution via Sahi Pro 8.0.0 Player_setScriptFile Vulnerability
Remote Command Execution in Vera Edge Home Controller 1.7.4452 via LuaUPnP
Username Enumeration Vulnerability in CentOS Web Panel 0.9.8.848
Integer Underflow Vulnerability in VLC Media Player
Weak Encryption of Fingerprint Images in HID Global DigitalPersona U.are.U 4500 Fingerprint Reader
Brute-Force Vulnerability in HID Global DigitalPersona U.are.U 4500 Fingerprint Reader v24 Allows Key Recovery and Biometric Information Leak
Authentication Bypass Vulnerability in CentOS Web Panel 0.9.8.838 to 0.9.8.846
Opera Mini iOS UXSS Vulnerability via javascript: URL Navigation
XXE Vulnerability in Citrix StoreFront Server before 1903, 7.15 LTSR before CU4 (3.12.4000), and 7.6 LTSR before CU8 (3.0.8000)
Memory Object Disclosure Vulnerability in Microsoft Graphics Components
Cross-Site WebSocket Hijacking (CSWSH) Vulnerability in python-engineio
Vulnerability: Inconsistent SpamAssassin Checks for Large Email Messages in MDaemon Email Server
Stack-based Buffer Overflow in TP-Link Wireless Router Archer Router Version 1.0.0 Build 20180502 rel.45702 (EU) and Earlier
Stack-based Buffer Overflow in TP-Link Archer C1200 1.0.0 Build 20180502 rel.45702 and Earlier
Heap-based Buffer Over-read in libebml's FindNextElement
Heap-based Buffer Over-read Vulnerability in SDL (Simple DirectMedia Layer)
Heap-Based Buffer Over-Read Vulnerability in njs through 0.3.3
Heap-based Buffer Over-read in GPAC before 0.8.0
Buffer Overflow Vulnerability in Wireshark ASN.1 BER Dissector
Win32k Elevation of Privilege Vulnerability in Windows Kernel-Mode Driver
Path Traversal Vulnerability in NSA Ghidra Allows Arbitrary File Overwrite
Command Injection Vulnerability in ONOS 1.15.0 YangWebResource.java
XXE (XML External Entity) Vulnerability in NSA Ghidra 9.0.1 and earlier
Heap-Based Buffer Over-read in SDL 2.x through 2.0.9
ECDSA Timing Attack in libgcrypt20 Cryptographic Library
Timing Side Channel Vulnerability in wolfSSL and wolfCrypt 4.0.0 and Earlier
Timing Side Channel Vulnerability in MatrixSSL 4.2.1 and Earlier: Private Key Leakage in ECDSA Signature Generation
Windows GDI Object Memory Information Disclosure Vulnerability
Out-of-Bounds Write Vulnerability in Linux Kernel HID Report Generation
Blind/Persistent XSS Vulnerability in Blinger.io v.1.0.2519
Directory Traversal Vulnerability in WP Fastest Cache Plugin
Symlink Mishandling Vulnerability in GNU Patch
Arbitrary Command Execution via Unsafe Search Paths in LogMeIn join.me
OS Shell Command Injection in GNU Patch through 2.7.6 via Crafted Patch File
Win32k Elevation of Privilege Vulnerability in Windows Kernel-Mode Driver
Command Injection Vulnerability in qBittorrent before 4.1.7
Stored XSS vulnerability in EspoCRM before 5.6.4 allows remote code execution and injection
Stored XSS Vulnerability in Firefly III Budget Name
Stored XSS Vulnerability in Firefly III before 4.7.17.3 via Image File Names
Firefly III before 4.7.17.3 Reflected XSS Vulnerability in Search Query
Stored XSS Vulnerability in Firefly III before 4.7.17.3 via Unfiltered Image File Content
Denial of Service Vulnerability in Linux Kernel on PowerPC Platform
ExternalPort OS Command Injection in TP-Link M7350 Devices
Microsoft IIS Server Elevation of Privilege Vulnerability
InternalPort OS Command Injection Vulnerability in TP-Link M7350 Devices
TP-Link M7350 PortMappingProtocol OS Command Injection Vulnerability
TP-Link M7350 Devices OS Command Injection Vulnerability
TriggerPort OS Command Injection in TP-Link M7350 Devices (Issue 5 of 5)
Denial of Service Vulnerability in Imgix through 2019-06-19
Remote Code Execution Vulnerability in CA Common Services DIA of CA Technologies Client Automation 14 and Workload Automation AE 11.3.5, 11.3.6
Default Credential Vulnerability in CA Performance Management
Default Credential Vulnerability in CA Network Flow Analysis 9.x and 10.0.x
IDN Homograph Spoofing Vulnerability in Google Chrome
Chakra Scripting Engine Remote Code Execution Vulnerability
Chromium UI Spoofing Vulnerability: Remote Notification Spoofing in Google Chrome
Chromium UI Spoofing Vulnerability: Remote Notification Spoofing in Google Chrome
Bypassing Content Security Policy in Google Chrome prior to 77.0.3865.75
IDN Homograph Spoofing Vulnerability in Google Chrome
Bypassing Content Security Policy in Blink in Google Chrome (CVE-2019-13699)
Bypassing Multiple File Download Protection in Google Chrome (CVE-2019-13699)
Cross-Origin Information Leak in Google Chrome
Omnibox Spoofing Vulnerability in Google Chrome on iOS
Cross-Origin Data Leakage Vulnerability in Google Chrome Developer Tools
Omnibox Spoofing Vulnerability in Google Chrome (prior to 77.0.3865.75)
Internet Explorer Scripting Engine Memory Corruption Vulnerability
Heap Corruption Vulnerability in Google Chrome (prior to 77.0.3865.75) via Crafted HTML Page
Remote Security UI Spoofing Vulnerability in Google Chrome
Omnibox Spoofing Vulnerability in Google Chrome on iOS
Cross-Origin Data Leakage Vulnerability in Google Chrome Developer Tools
IDN Homograph Spoofing Vulnerability in Google Chrome
Remote Code Execution Vulnerability in Google Chrome Extensions
Domain Spoofing Vulnerability in Google Chrome
Bypassing Site Isolation in Google Chrome: Insufficient Policy Enforcement Vulnerability
Domain Spoofing Vulnerability in Google Chrome (prior to 77.0.3865.75) via Incorrect Data Validation in Downloads
Remote Code Execution via Crafted PDF File
Windows Secure Boot Security Feature Bypass Vulnerability
TLS Vulnerability: Remote IP Address Spoofing in Google Chrome (CVE-2019-5869)
Bypassing Download Restrictions in Google Chrome (CVE-2019-13699)
Bypassing Same Origin Policy via Insufficient Policy Enforcement in Google Chrome
Cross-Origin Data Leakage Vulnerability in Google Chrome Developer Tools
Cross-Origin Data Leakage Vulnerability in Google Chrome (prior to 72.0.3626.81)
Remote Code Execution Vulnerability in Google Chrome Prior to 77.0.3865.90
Use After Free Vulnerability in Google Chrome: Remote Heap Corruption Exploit via Crafted HTML Page
Remote Code Execution Vulnerability in Google Chrome Prior to 77.0.3865.90
Remote Code Execution Vulnerability in Google Chrome Prior to 77.0.3865.90
Arbitrary Read/Write Vulnerability in Google Chrome on ChromeOS
Memory Object Handling Vulnerability in Open Enclave SDK
OS-level privilege escalation vulnerability in Google Chrome on ChromeOS prior to 75.0.3770.80
Omnibox Spoofing Vulnerability in Google Chrome (prior to 77.0.3865.75)
Bypassing Site Isolation in Google Chrome Reader Mode
Use After Free Vulnerability in IndexedDB in Google Chrome
WebRTC Use After Free Vulnerability in Google Chrome
Remote Code Execution Vulnerability in Google Chrome for Android (CVE-2019-13699)
Use After Free Vulnerability in Google Chrome (prior to 77.0.3865.120) Allows Remote Code Execution via Crafted HTML Page
Cross-Origin Data Leakage in Google Chrome Performance APIs
Heap Corruption Vulnerability in Google Chrome (prior to 73.0.3683.103) via Crafted HTML Page
Remote Code Execution via Use After Free in Google Chrome Media (CVE-2019-13720)
Memory Object Handling Vulnerability in Open Enclave SDK
Gamepad API Out of Bounds Memory Access Vulnerability in Google Chrome
Omnibox Spoofing Vulnerability in Google Chrome
Privilege Escalation Vulnerability in Google Chrome Installer on Windows
Omnibox Spoofing Vulnerability in Google Chrome on Android
Bypassing Content Security Policy in Google Chrome prior to 78.0.3904.70
Cross-Origin Data Leakage via Malicious Chrome Extension
PDFium Heap Corruption Vulnerability
File Leakage Vulnerability in Google Chrome on Android (prior to 78.0.3904.70) via Insufficient Validation of Intents
Omnibox Spoofing Vulnerability in Google Chrome on iOS
Bypassing Download Restrictions in Google Chrome Prior to 78.0.3904.70
Internet Explorer Remote Code Execution Vulnerability
Bypassing Download Restrictions via Crafted HTML Page in Google Chrome (CVE-2019-13720)
Cross-Origin Data Leakage Vulnerability in Google Chrome
Cross-Origin Data Leakage Vulnerability in Google Chrome
CSS Injection Vulnerability in Color Enhancer Extension in Google Chrome
Domain Spoofing Vulnerability in Google Chrome (CVE-2019-13720)
Bypassing Navigation Restrictions in Google Chrome Service Workers
Full Screen Mode Security UI Vulnerability in Google Chrome
Domain Spoofing Vulnerability in Google Chrome (CVE-2019-13720)
Full Screen Mode Security UI Vulnerability in Google Chrome
Azure App Service Remote Code Execution Vulnerability
WebAudio Use After Free Vulnerability in Google Chrome
Heap Corruption Vulnerability in PDFium in Google Chrome
Heap Corruption Vulnerability in WebRTC in Google Chrome (CVE-2019-13720)
WebBluetooth Use After Free Vulnerability in Google Chrome (CVE-2019-13720)
Out of Bounds Memory Access Vulnerability in WebBluetooth in Google Chrome
Remote Code Execution Vulnerability in Bluetooth in Google Chrome
Buffer Overflow Vulnerability in Google Chrome Password Manager
Bypassing Same Origin Policy in WebSockets in Google Chrome (CVE-2019-13720)
Heap Corruption Vulnerability in Google Chrome (prior to 79.0.3945.79) via Crafted HTML Page
WebSockets Use-After-Free Vulnerability in Google Chrome
PowerShell Deserialization Remote Code Execution in Microsoft Exchange
Type Confusion Vulnerability in Google Chrome (prior to 79.0.3945.79) Allows Remote Heap Corruption
WebAudio Use-After-Free Vulnerability in Google Chrome
Remote Code Execution Vulnerability in SQLite in Google Chrome
Arbitrary Code Execution via Out of Bounds Write in Google Chrome (CVE-2019-13720)
PDFium Integer Overflow Vulnerability in Google Chrome
Information Disclosure Vulnerability in Google Chrome Autocomplete
Bypassing Site Isolation in Google Chrome: Insufficient Policy Enforcement in Navigation
Domain Spoofing Vulnerability in Google Chrome
Windows Error Reporting (WER) Object Memory Disclosure Vulnerability
Domain Spoofing Vulnerability in Google Chrome
Bypassing Same Origin Policy via Crafted Clipboard Content in Google Chrome
Omnibox Spoofing Vulnerability in Google Chrome on iOS
Remote Security UI Spoofing Vulnerability in Google Chrome
Cross-Origin Data Leakage via Insufficient Cookie Policy Enforcement in Google Chrome
Cross-Origin Data Leakage in Google Chrome Prior to 79.0.3945.79
Omnibox Spoofing Vulnerability in Google Chrome
Heap Corruption Vulnerability in Google Chrome on Android (Versions prior to 79.0.3945.79)
Local Information Disclosure Vulnerability in Google Chrome Developer Tools
Omnibox Spoofing Vulnerability in Google Chrome on iOS
Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability
Insufficient Data Validation in SQLite in Google Chrome: Bypassing Defense-in-Depth Measures via Crafted HTML Page
Uninitialized Data Vulnerability in SQLite in Google Chrome
Remote Information Disclosure Vulnerability in SQLite in Google Chrome
Remote Information Disclosure Vulnerability in SQLite in Google Chrome
Bypassing Navigation Restrictions in Google Chrome Extensions
Remote Code Execution via Extension Disabling in Google Chrome
Domain Spoofing Vulnerability in Google Chrome Prior to Version 79.0.3945.79
Domain Spoofing Vulnerability in Google Chrome Omnibox
Bypassing Navigation Restrictions in Google Chrome on Android (CVE-2019-13720)
Domain Spoofing Vulnerability in Google Chrome
SQL Server Management Studio Information Disclosure Vulnerability
Domain Spoofing Vulnerability in Google Chrome Omnibox
Local Code Spoofing Vulnerability in Google Chrome on Windows
Cross-Origin Data Leakage in Google Chrome Prior to 79.0.3945.79
Type Confusion Vulnerability in Google Chrome (prior to 79.0.3945.79) Allows Remote Heap Corruption
Remote Code Execution Vulnerability in Google Chrome Content Delivery Manager
Remote Code Execution via Use-After-Free Vulnerability in Google Chrome's Accessibility
Remote Code Execution via Use After Free in Google Chrome Media Picker
Sandbox Escape via Use After Free Vulnerability in Google Chrome FileAPI
Windows 10 Update Assistant Elevation of Privilege Vulnerability
Windows Data Sharing Service Elevation of Privilege Vulnerability
Splwow64.exe Local Elevation of Privilege Vulnerability
Windows Servicing Stack Information Disclosure Vulnerability
ActiveX Installer Service Elevation of Privilege Vulnerability
Windows Data Sharing Service Elevation of Privilege Vulnerability
NETLOGON Message Session Key Retrieval Vulnerability
Windows AppX Deployment Extensions Elevation of Privilege Vulnerability
Vulnerability in Git Recursive Clones Allows Remote Code Execution
Windows Certificate Dialog Elevation of Privilege Vulnerability
Windows Hyper-V Remote Code Execution Vulnerability
VBScript Engine Memory Object Handling Remote Code Execution Vulnerability
Windows Object Memory Handling Denial of Service Vulnerability
Arbitrary File Access Vulnerability in b3log Wide before 1.6.0
Heap Buffer Overflow in WICED Studio 6.2 CYW20735B1 and CYW20819A1
Remote Code Execution in Exim 4.85 through 4.92 (fixed in 4.92.1) via ${sort } Expansion
SINEMA Remote Connect Server (All versions < V2.0 SP1) Password Guessing Vulnerability
Privilege Escalation Vulnerability in SINEMA Remote Connect Server (All versions < V2.0 SP1)
Memory Object Handling Vulnerability in Windows Kernel
Vulnerability in SINEMA Remote Connect Server (All versions < V2.0 SP1) Allows CSRF Attacks
Denial-of-Service Vulnerability in SIMATIC WinAC RTX (F) 2010 (All versions < SP3 Update 1)
SINEMA Remote Connect Server Vulnerability: Password Hash Disclosure
Cross-Site Scripting (XSS) Vulnerability in IE/WSN-PA Link WirelessHART Gateway
Clickjacking Vulnerability in SCALANCE Network Switches and Routers
Denial-of-Service Vulnerability in SCALANCE S602, S612, S623, and S627-2M
Denial-of-Service Vulnerability in SCALANCE S602, S612, S623, and S627-2M
Denial of Service Vulnerability in Desigo PX Automation Controllers
Vulnerability in SIMATIC IT UADM Allows Password Recovery and Unauthorized Access
Win32k Memory Object Handling Elevation of Privilege Vulnerability
XHQ Web Interface Cross-Site Request Forgery (CSRF) Vulnerability
Vulnerability in XHQ Web Interface Allows Unexpected Behavior and Content Modification
Unauthenticated Script Injection Vulnerability in XHQ (All versions < V6.0.0.2)
Vulnerability in SCALANCE X-Series Network Devices Allows Unauthorized Access
Reflected Cross-Site Scripting (XSS) Vulnerability in Siemens AG Polarion Webclient
Reflected Cross-Site Scripting (XSS) Vulnerability in Siemens AG Polarion Webclient
Persistent Cross-Site Scripting Vulnerability in Siemens AG Polarion Webclient
IP Address Spoofing Vulnerability in APOGEE, Desigo, Nucleus, SIMOTICS, TALON, and VSTAR Devices
Win32k Memory Object Handling Elevation of Privilege Vulnerability
Denial of Service Vulnerability in SIMATIC Industrial Control Systems
Predictable Path Names Vulnerability in OZW672 and OZW772 Web Servers
Title: Buffer Overflow Vulnerability in EN100 Ethernet Modules Leads to Denial-of-Service Condition
Title: Cross-Site Scripting (XSS) Vulnerability in EN100 Ethernet Modules
Vulnerability in EN100 Ethernet Modules: Unauthorized Information Disclosure
UART Interface Physical Access Vulnerability
Profinet-IO (PNIO) Stack Denial of Service Vulnerability
Clear Text Password Transmission Vulnerability in Control Center Server (CCS)
Stored XSS vulnerability in SyGuestBook A5 Version 1.2
CSRF Vulnerability in SyGuestBook A5 Version 1.2
Win32k Memory Object Handling Elevation of Privilege Vulnerability
Stored XSS Vulnerability in SyGuestBook A5 Version 1.2 via Comment Reply
Stack-based Buffer Overflow in set_ipv4() Function in gdnsd 3.x
Stack-based Buffer Overflow in set_ipv6() Function in gdnsd
Bluetooth Low Energy (BLE) Authentication Bypass Vulnerability in YI M1 Mirrorless Camera V3.2-cn
Memory Exhaustion Vulnerability in Mikrotik RouterOS
Stack Exhaustion Vulnerability in Mikrotik RouterOS
Arbitrary PHP Code Execution in Discuz!ML 3.2 through 3.4 via Modified Language Cookie
SQL Injection Vulnerability in Umbraco 7.3.8 via nodeName Parameter in PageWApproveApi/GetInpectSearch Method
Memory Copy into NULL Pointer Vulnerability in Bento4 1.5.1-627
Win32k Memory Object Handling Elevation of Privilege Vulnerability
Denial of Service Vulnerability in libjpeg-turbo 2.0.2
CSRF Vulnerability in flatCore Allows Arbitrary .php File Upload
Heap-based Buffer Over-read in lavc_CopyPicture in VideoLAN VLC media player
Multiple Reflective and Stored XSS Vulnerabilities in iTop through 2.6.0
XSS Vulnerability in iTop Dashboard XML Fields
Denial of Service Vulnerability in iTop Community Version
SQL Injection Vulnerability in Metinfo 6.x via id Parameter in admin/index.php
Windows Hyper-V Remote Code Execution Vulnerability
Self-XSS in AntSword Database Configuration Allows Code Execution
XSS Vulnerability in OTCMS 3.81 via mode Parameter in apiRun.php?mudi=autoRun Request
XSS Vulnerability in LayerBB 1.1.3 via pm_title Variable in application/commands/new.php
Arbitrary File Upload Vulnerability in LayerBB 1.1.3
CSRF Vulnerability in LayerBB 1.1.3's conversations.php/cmd/new
eGain Chat 15.0.3 HTML Injection Vulnerability
Unrestricted File Upload Vulnerability in eGain Chat 15.0.3
Cross-Site Scripting (XSS) Vulnerabilities in Ovidentia 8.4.3
SQL Injection Vulnerability in Ovidentia 8.4.3 via id Parameter in index.php?tg=delegat&idx=mem Request
Remote Code Execution via Unblocked PHP File Upload in Directus 7 API
Windows Hyper-V Remote Code Execution Vulnerability
Remote Code Execution via PHP File Upload in Directus 7 API
Unauthenticated Remote File Read Vulnerability in Directus 7 API
Markdown Injection Vulnerability in Directus 7 Application before 7.7.0
Insufficient Anti-Automation in Directus 7 API (CVE-2021-12345)
Unauthenticated Access to Uploaded Files in Directus 7 API
Log File Disclosure Vulnerability in Sierra Wireless MGOS
Stack-based Buffer Overflow in wfloat() function in dpic 2019.06.20
Windows Hyper-V Privileged User Input Validation Vulnerability
XXE Vulnerability in Terracotta Quartz Scheduler's initDocumentParser Method
Laser-Induced LED Photosensitivity Vulnerability in Pre-Rev3 Arduino Embedded Systems
Out of Bound Memory Access Vulnerability in Snapdragon Platforms
Memory Corruption and Information Leakage Vulnerability in Snapdragon Platforms
Integer Overflow Vulnerability in Snapdragon Processors: Potential Memory Corruption and Information Leakage
Memory Corruption and Information Leakage Vulnerability in Snapdragon Platforms
Integer Overflow Vulnerability in Multiple Snapdragon Platforms
Microsoft Access Memory Object Handling Vulnerability
Memory Corruption and Information Leakage Vulnerability in Multiple Snapdragon Platforms
Insecure Public Key Usage in Multiple Snapdragon Platforms
Unauthorized Access to Call Status in Snapdragon Devices
Null Pointer Exception Vulnerability in Snapdragon Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, Wearables in Multiple Chipsets
Buffer Overflow Vulnerability in Snapdragon Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, Wearables in Multiple Chipsets
Buffer Overflow Vulnerability in Multiple Snapdragon Platforms
Title: Buffer Overflow Vulnerability in Multiple Snapdragon Platforms
Timing Side Channel Vulnerability in Snapdragon Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, Mobile, Voice & Music, Wired Infrastructure and Networking
Null Pointer Dereference Vulnerability in Location Assistance Data Processing in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9150, MDM9607, MDM9650, SDM660, SDM845, SM8150, SM8250, SXR2130
Improper Input Validation Leading to Out-of-Bounds Memory Access in Snapdragon Processors
Buffer Map Vulnerability in Snapdragon Devices
Multiple Read Overflows in Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, Wearables: Improper Length Check Vulnerability
Null Pointer Dereference Vulnerability in Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, Mobile, Wearables in Multiple Chipsets
Vulnerability: Invalid Super Index Table Parsing in Snapdragon Processors
Buffer Overflow Vulnerability in Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in Nicobar, SDM670, SDM710, SDM845, SM6150, SM8150, SM8250, SXR2130
Stack-based buffer overflow vulnerability in initialization of identification stage in multiple Snapdragon platforms
Integer overflow vulnerability in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in multiple chipsets
Heap Buffer Overflow Vulnerability in Snapdragon Platforms
Potential Out-of-Bound Array Access Vulnerability in Snapdragon Platforms
Multiple Read Overflows Vulnerability in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
Memory Object Handling Vulnerability in Microsoft Office
Multiple Read Overflows in Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, Mobile, and Wearables Processors
Buffer overrun vulnerability in Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, Mobile, Wearables in multiple Qualcomm chipsets
Vulnerability: Lack of Length Check in IPv6 Header Extraction in Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, Mobile, Wearables
Unvalidated User Input in String Copy Vulnerability in Multiple Snapdragon Platforms
Stack-Use-After-Scope Vulnerability in NFC Card Emulation on Snapdragon Platforms
Session Object Vulnerability in Multiple Snapdragon Platforms
Potential Buffer Overflow Vulnerability in WLAN WMI Handler in Multiple Snapdragon and QCA Chipsets
Unbounded Channel Length Vulnerability in Multiple Snapdragon Platforms
Buffer Overwrite Vulnerability in Multiple Snapdragon Platforms
Use-after-free vulnerability in graphics module in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in multiple Qualcomm chipsets
Buffer Overflow Vulnerability in Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, Mobile, Wired Infrastructure and Networking in Multiple Qualcomm Chipsets
Buffer Overflow Vulnerability in Snapdragon Auto, Compute, Connectivity, Consumer Electronics Connectivity, Consumer IoT, Industrial IoT, IoT, Mobile, Voice & Music, Wired Infrastructure and Networking in various Qualcomm chipsets
Memory Use After Free Vulnerability in Snapdragon Processors
Multiple Read Overflows in Snapdragon Processors: Vulnerability in Decoding Tau Reject/Accept Requests
Use After Free Vulnerability in Snapdragon Processors: EEPROM Query Mutex Unlocking Issue
Buffer Overflow Vulnerability in Snapdragon Processors
Use-After-Free Vulnerability in Snapdragon Auto, Compute, Connectivity, Consumer Electronics Connectivity, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, Wearables
Buffer Over-read Vulnerability in ADSP Parse Function in Snapdragon Processors
Out of Bound Read Vulnerability in Snapdragon Platforms
Memory Use After Free Vulnerability in Multiple Snapdragon Platforms
Buffer Overrun Vulnerability in Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, Wearables in Multiple Qualcomm Chipsets
Critical Out of Bound Read Vulnerability in Snapdragon Platforms
Out of Bound Read Vulnerability in Fingerprint Application in Multiple Snapdragon Platforms
Uninitialized Memory Access Vulnerability in Snapdragon Consumer IOT and Snapdragon Mobile Devices
Critical Buffer Overflow Vulnerability in Snapdragon Auto, Consumer IoT, and Mobile Processors
Improper Validation of Array Parameters Leading to Out-of-Bound Access in Snapdragon Platforms
Lack of Input Validation in IPA Driver Process Route Add Rule IOCTL
Out of Bound Memory Access Vulnerability in Snapdragon Platforms
Stage-2 Fault Vulnerability in Snapdragon Platforms
Windows UPnP Service Elevation of Privilege Vulnerability
Buffer Overflow Vulnerability in Multiple Snapdragon Platforms
Integer Overflow and Buffer Overflow Vulnerability in Snapdragon Industrial IOT (MDM9206, MDM9607)
Uninitialized Data Structure Vulnerability in Multiple Snapdragon Platforms
Stack Out-of-Bounds Read Vulnerability in XFRM Policy Creation in Multiple Snapdragon Platforms
Vulnerability: Unauthorized Code and Data Update and RAM Dump Diversion in Snapdragon Platforms
Dangling Pointer Vulnerability in Snapdragon Processors
Integer Overflow Vulnerability in Snapdragon Platforms
Buffer Over-read Vulnerability in Snapdragon Platforms
Jet Database Engine Remote Code Execution Vulnerability
Uninitialized Stack Data Vulnerability in Snapdragon and Other Qualcomm Products
Null-pointer dereference vulnerability in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in multiple Qualcomm chipsets
Buffer Overflow Vulnerability in Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, Wearables in Multiple Qualcomm Chipsets
Kernel Failure Vulnerability in Multiple Snapdragon Platforms
Pointer Double Free Vulnerability in Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, Mobile, Voice & Music, Wired Infrastructure and Networking
Integer Overflow Vulnerability in Feature ID Retrieval in Snapdragon Platforms
Timing side channel vulnerability in non-time-constant functions in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in multiple Qualcomm chipsets
Out of Bound Access Vulnerability in Multiple Snapdragon Platforms
Windows Graphics Component Elevation of Privilege Vulnerability
Race condition vulnerability in PCM volume controls in Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, Mobile, Voice & Music, Wearables, Wired Infrastructure and Networking in various Qualcomm chipsets
Vulnerability: Compromised Reset Handler Allows Bypass of Access Control in Multiple Snapdragon Platforms
Race condition vulnerability leading to unhandled paging request in Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, Wearables in various Qualcomm chipsets
RTCP Message Buffer Overflow Vulnerability
Heap Overflow Vulnerability in Diag Command Handler in Snapdragon Processors
Null pointer dereference vulnerability in radio interface layer of Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9607, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, MSM8998, Nicobar, QCS605, Rennell, Saipan, SDM450, SDM630, SDM636, SDM660, SDM670, SDM710, SM6150, SM7150, SM8150, SM8250, SXR2130
Buffer Overflow Vulnerability in Multiple Snapdragon Processors
Out of Bound Memory Access Vulnerability in Snapdragon Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, Mobile, Voice & Music, Wired Infrastructure and Networking in Multiple Qualcomm Chipsets
Unvalidated Response Buffer Length Vulnerability in Snapdragon Processors
Uninitialized Variable Vulnerability in Snapdragon Processors
Win32k Memory Object Handling Elevation of Privilege Vulnerability
Out of Bound Write Vulnerability in Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, Mobile, Wearables
Buffer Over-read Vulnerability in WLAN Module for SAR Limits Enforcement in Snapdragon Processors
Buffer Over-read Vulnerability in Snapdragon Compute, Consumer Electronics Connectivity, Consumer IOT, Industrial IOT, Mobile, Wired Infrastructure, and Networking in Multiple Qualcomm Chipsets
Integer Underflow Vulnerability in Snapdragon Auto, Compute, Connectivity, Consumer Electronics Connectivity, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, Wired Infrastructure and Networking in Multiple Qualcomm Chipsets
Potential Integer Underflow Vulnerability in Snapdragon Auto, Compute, Consumer Electronics Connectivity, Consumer IoT, Industrial IoT, Mobile, and Snapdragon in QCN7605, QCS605, SDA845, SDM670, SDM710, SDM845, SDM850, SM8150, SXR1130
Integer Overflow Vulnerability in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in APQ8098, MDM9607, MSM8998, QCA6584, QCN7605, QCS605, SDA660, SDM630, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SM6150, SM7150, SM8150, SXR1130
Buffer Overflow Vulnerability in Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Wearables in MSM8909W, QCS605
Critical Use After Free Vulnerability in Snapdragon Devices
Re-provisioning Vulnerability in Keymaster Attestation Key and Device IDs after Data Erase or Factory Reset
Windows Remote Procedure Call Memory Initialization Vulnerability
Double Free Vulnerability in Snapdragon Processors
Critical Vulnerability: Unauthorized Service Exports in Snapdragon Industrial IOT and Mobile Devices
Array Out of Bounds Access Vulnerability in Snapdragon Auto, Connectivity, Consumer IoT, Industrial IoT, IoT, Mobile, Voice & Music, and Wearables in various Qualcomm chipsets
Integer Overflow Vulnerability in Diag Command Handler
Buffer Overflow Vulnerability in Snapdragon Processors
Potential Buffer Overflow Vulnerability in WLAN Parser in Multiple Snapdragon Platforms
Potential Buffer Overflow Vulnerability in Snapdragon Auto, Compute, Connectivity, Consumer Electronics Connectivity, Consumer IoT, Industrial IoT, IoT, Mobile, Voice & Music, Wired Infrastructure and Networking in various Qualcomm chipsets
Buffer Overflow Vulnerability in Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, Mobile, Voice & Music, Wearables in Multiple Qualcomm Chipsets
Vulnerability: Disabled Register Write via Debugfs in Multiple Snapdragon Platforms
Out of Bounds Read Vulnerability in Diag Event Set Mask Command Handler in Snapdragon Processors
Invalid Context Pointer Vulnerability in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Mobile (APQ8053, SC8180X, SDX55, SM8150)
Memory Overflow Vulnerability in Snapdragon Industrial IOT, Snapdragon Mobile in SDA845, SDM845, SM8150
DirectWrite Memory Disclosure Vulnerability
Buffer Overflow Vulnerability in WLAN Firmware in Multiple Snapdragon Platforms
Buffer Overflow Vulnerability in Snapdragon Auto, Compute, Connectivity, Consumer Electronics Connectivity, Mobile, Voice & Music, Wired Infrastructure and Networking in IPQ6018, IPQ8074, Nicobar, QCA6390, QCA8081, QCN7605, QCS404, QCS405, Rennell, SC7180, SC8180X, SM6150, SM7150, SM8150, SXR2130
Buffer Overflow Vulnerability in Multiple Snapdragon Platforms
Buffer overflow vulnerability in WLAN firmware during CCMP cipher suite unwrapping in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wired Infrastructure and Networking in various Qualcomm chipsets.
Buffer Overflow Vulnerability in WLAN Firmware
Information Disclosure Vulnerability in Multiple Snapdragon Platforms
Vulnerability: Privilege Escalation via Altered Debug Policy Image in Snapdragon Platforms
Use After Free Vulnerability in Snapdragon Auto, Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in Bitra, MDM9607, QCS405, Saipan, SC8180X, SDX55, SM6150, SM7150, SM8150, SM8250, SXR2130
TOCTOU Race Condition and Memory Corruption Vulnerability in Snapdragon Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, Mobile, Voice & Music, Wired Infrastructure and Networking
Windows Adobe Type Manager Font Driver (ATMFD.dll) OpenType Font Driver Information Disclosure Vulnerability
Memory Padding Vulnerability in Snapdragon Auto and Snapdragon Mobile Devices
Critical Vulnerability: Missing Bounds Checks in Widevine HLOS Client Across Multiple Snapdragon Platforms
Memory Failure in Content Protection Module: A Critical Vulnerability in Snapdragon Auto, Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in Kamorta, QCS404, Rennell, SC7180, SDX55, SM6150, SM7150, SM8250, SXR2130
Buffer Overflow Vulnerability in Snapdragon Processors
Extension Request Handling Security Bypass in Microsoft Edge
Memory Corruption Vulnerability in Snapdragon Processors: Impact on Trusted Applications
Out of Bound Write Vulnerability in Radio Measurement Request in Snapdragon Platforms
Memory Corruption Vulnerability in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile in QCS605, SA6155P, SM8150
Out of Bound Access Vulnerability in WLAN Handler: Potential Security Risk in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking
Integer overflow to buffer overflow vulnerability in WLAN parsing nonstandard NAN IE messages in multiple Snapdragon platforms and products
Visual Studio Code Debug Listener Elevation of Privilege Vulnerability
Windows Installer Elevation of Privilege Vulnerability
Race Condition Vulnerability in Windows Subsystem for Linux
Windows Data Sharing Service Elevation of Privilege Vulnerability
Windows Modules Installer Service File Information Disclosure Vulnerability
OpenType Font Parsing Remote Code Execution Vulnerability
Unbounded memcpy Vulnerability in Das U-Boot
Unbounded memcpy Vulnerability in Das U-Boot (2019.07)
Unbounded memcpy Vulnerability in Das U-Boot through 2019.07
Unbounded memcpy Vulnerability in Das U-Boot through 2019.07
Unbounded memcpy Vulnerability in Das U-Boot through 2019.07
Out-of-Bounds Data Read Vulnerability in Das U-Boot
Unbounded memcpy Vulnerability in Das U-Boot through 2019.07
Unbounded memcpy Vulnerability in Das U-Boot
Windows Elevation of Privilege Vulnerability in dssvc.dll
Stack-based Buffer Overflow in nfs_handler: rpc_lookup_reply
Stack-based Buffer Overflow in nfs_lookup_reply Function in Das U-Boot
Stack-based Buffer Overflow in nfs_readlink_reply Function in Das U-Boot
Stack-based Buffer Overflow in nfs_mount_reply Function in Das U-Boot
Stack-based Buffer Overflow in nfs_umountall_reply Function
Local File Inclusion Vulnerability in Nevma Adaptive Images Plugin for WordPress
Arbitrary File Deletion Vulnerability in Nevma Adaptive Images Plugin for WordPress
Endless Loop Crash Vulnerability in Foxit PhantomPDF
NULL Pointer Dereference Vulnerability in Foxit PhantomPDF
Heap Corruption Vulnerability in Foxit PhantomPDF
Memory Corruption Vulnerability in Foxit PhantomPDF
JavaScript Object Validation Vulnerability in Foxit PhantomPDF
NULL Pointer Dereference in Foxit PhantomPDF
Crash Vulnerability in Foxit PhantomPDF 8.3.11
JavaScript Denial of Service Vulnerability in Foxit PhantomPDF
Crash Vulnerability in Foxit PhantomPDF 8.3.11
Arbitrary PHP File Upload Vulnerability in WP SVG Icons Plugin
Windows Elevation of Privilege Vulnerability in iphlpsvc.dll
Arbitrary File Read Vulnerability in BlueStacks
Cross-Site Scripting (XSS) Vulnerability in 1CRM On-Premise Software 8.5.7
Default Private Key Vulnerability in Alfresco Community Edition
Open Redirect Vulnerability in Alfresco Share Application
Remote Code Execution via Deserialization in Alfresco Community Edition 5.2 201707
SSRF Vulnerability in OX App Suite 7.10.1 and 7.10.2
Insecure Permissions in OX App Suite through 7.10.2
Cross-Site Scripting (XSS) Vulnerability in OX App Suite 7.10.1 and 7.10.2
Reflected POST-based XSS and CSRF Vulnerability in Xavier PHP Management Panel 3.0
Windows StartTileData.dll File Creation Elevation of Privilege Vulnerability
SQL Injection Vulnerability in Viral Quiz Maker - OnionBuzz Plugin for WordPress
SQL Injection Vulnerability in Viral Quiz Maker - OnionBuzz Plugin for WordPress
Catastrophic Backtracking Vulnerability in Django's Truncator
Slow Evaluation of Certain Inputs in Django's HTMLParser
SQL Injection in JSONField and HStoreField Key Lookups
Memory Exhaustion Vulnerability in Django's uri_to_iri Function
Defeating Proprietary Code Read Out Protection (PCROP) on STMicroelectronics STM32 devices through CPU register observation and code execution analysis
Defeating Flash Access Controls (FAC) on NXP Kinetis KV1x, KV3x, and K8x Devices through CPU Register Observation and Code Execution Analysis
Defeating Proprietary Code Read Out Protection (PCROP) on STMicroelectronics STM32F7 devices via the Instruction Tightly Coupled Memory (ITCM) bus using a debug probe
Defeating Flash Access Controls (FAC) on NXP Kinetis Devices: Leveraging Load Instructions to Expose Protected Code
NetLogon Secure Communications Channel Bypass Vulnerability
CSRF Vulnerability in WCMS v0.3.2 Allows Directory Traversal and Index.html Modification
Denial of Service Vulnerability in HAProxy 2.0.2 via htx_manage_client_side_cookies
Local Code Injection Vulnerability in Bitdefender Products for Windows
Denial of Service in mastercactapus proxyprotocol before 0.0.2
Insecure Object Reference Vulnerability in CentOS Web Panel 0.9.8.851 Allows Unauthorized Database Deletion
Insecure Object Reference in CentOS Web Panel 0.9.8.851 Allows Unauthorized Access to phpMyAdmin Passwords
Out-of-Bounds Write Vulnerability in mpg321 0.3.2
NULL Pointer Dereference Vulnerability in libnasm.a in NASM 2.14.xx
Denial of Service Vulnerability in libdwarf: Division by Zero in dwarf_elf_load_headers.c
Visual Studio Hardlink Validation Elevation of Privilege Vulnerability
Heap-based Buffer Overflow in GNU libiberty's simple_object_elf_match
Arbitrary File Access Vulnerability in T24 TEMENOS Channels R15.01
Arbitrary PHP Code Injection in Publisure 2.1.2 Secure Portal
Authentication Bypass Vulnerability in Publisure 2.1.2 ServletController
Multiple SQL Injections in Publisure 2.1.2 Secure Portal
Go-Camo SSRF Vulnerability in Versions up to 1.1.4 Allows Remote Attackers to Access Internal Endpoints
ZEN-31765: Local Privilege Escalation Vulnerability in Zenoss 2.5.3
XML-RPC Subsystem in Zenoss 2.5.3: Unauthenticated Information Disclosure via XXE Attacks on Port 9988
Command Injection Vulnerability in Polycom Obihai Obi1022 VoIP Phone Firmware 5.1.11
Scripting Engine Memory Corruption Vulnerability in Microsoft Edge
Command Injection Vulnerability in Alcatel-Lucent Enterprise (ALE) 8008 Cloud Edition Deskphone VoIP Phone
Insufficient Jamming Detection Allows Reactive Jamming Attack on ABUS Secvest FUAA50000 3.01.01 Devices
Stack Consumption Vulnerability in MetadataExtractor 2.1.0
SQL Injection in OpenSNS v6.1.0 via index.php?s=/ucenter/Config/ uid parameter
Buffer Overflow Vulnerability in PDFResurrect 0.15 via Crafted PDF File
Cleartext Password Exposure in Octopus Deploy Versions 3.0.19 to 2019.7.2
Scripting Engine Memory Corruption Vulnerability in Microsoft Edge
Sandbox Escape Vulnerability in Comodo Antivirus, Firewall, and Internet Security
Code Injection Vulnerability in Docker 19.03.x Linked Against GNU C Library
XSS Vulnerability in SilverStripe asset-admin 4.0: File Title Injection via CMS
Broken Access Control in SilverStripe Assets 4.0
Heap-Based Buffer Overflow in MCPP 2.7.2's do_msg() Function in support.c
Stack-Based Buffer Overflow in Xfig fig2dev 3.2.7a's calc_arrow Function in bound.c
XXE Vulnerability in WUSTL XNAT 1.7.5.3 via POST Request Body
Unauthenticated Blind XML Injection and XXE in Axway SecureTransport REST API
Unauthenticated User Enumeration Vulnerability in Knowage through 6.1.1
Scripting Engine Memory Corruption Vulnerability in Microsoft Edge
EXIF Data Exposure Vulnerability in Craft CMS 2.x and 3.x
Code-Execution Backdoor Found in Datagrid Gem 1.0.6
Code-execution backdoor vulnerability in simple_captcha2 gem 0.2.3
Integer Overflow and Out-of-Bounds Read in Linux Kernel Floppy Disk Driver
Denial of Service Vulnerability in Linux Kernel Floppy Driver
Stored XSS Vulnerability in MISP 2.4.111 Event-Graph View
Vulnerability: Bypassing Policy Blacklists and Session PAM Modules in Sudo before 1.8.28
Integer Overflow in Xpdf's JBIG2Bitmap::combine Function
Integer Overflow in Xpdf's JBIG2Bitmap::combine Function
Internet Explorer Scripting Engine Memory Corruption Vulnerability
Out of Bounds Read Vulnerability in Xpdf 4.01.01
Out of Bounds Read Vulnerability in Xpdf 4.01.01
Out of Bounds Read Vulnerability in Xpdf 4.01.01
Out of Bounds Read Vulnerability in Xpdf 4.01.01
Use-after-free vulnerability in Xpdf 4.01.01: Out-of-bounds read in JPXStream::fillReadBuf
Integer Overflow in getElfSections Function in UPX 3.95 Allows Remote Denial of Service
Denial of Service and Buffer Overflow Vulnerability in UPX 3.95
Cross-Site Scripting (XSS) Vulnerability in Veeam ONE Reporter 9.5.0.3201 via Add/Edit Widget
Cross-Site Scripting (XSS) Vulnerability in Veeam ONE Reporter 9.5.0.3201
Ricoh SP C250DN 1.05 Authentication Method Vulnerable to Brute Force Attacks
Windows Media Foundation QuickTime Media Parsing Remote Code Execution Vulnerability
Multiple Buffer Overflows in Ricoh Printers' HTTP Cookie Parsing
Incorrect Access Control in Ricoh SP C250DN 1.06 Devices
Debug Port Vulnerability on Ricoh SP C250DN 1.06 Devices
Denial of Service Vulnerability in Ricoh SP C250DN 1.05 Devices
CSRF Vulnerability in Ricoh SP C250DN 1.06 Devices
Multiple Buffer Overflows in Ricoh Printers' HTTP Parameter Settings
Incorrect Access Control Vulnerability in Ricoh SP C250DN 1.06 Devices
Multiple Buffer Overflows in Ricoh Printers' HTTP Parameter Settings Parsing
Buffer Overflow Vulnerabilities in Ricoh Printers' LPD Service
Hardcoded FTP Credentials in Ricoh SP C250DN 1.05 Devices
Denial of Service Vulnerability in Ricoh SP C250DN 1.05 Devices via Crafted IPP Packets
Local File Inclusion Vulnerability in Aptana Jaxer 1.0.3.4547's Wikilite Source Code Viewer
SQL Injection Vulnerability in 10Web Photo Gallery Plugin for WordPress
SQL Injection Vulnerability in Imagely NextGEN Gallery Plugin for WordPress
Arbitrary Web Script Injection in SunHater KCFinder 3.20-test1 and Earlier
DSA Nonce Bias Vulnerability in wolfSSL and wolfCrypt 4.1.0 and Earlier
Timing Side Channel Vulnerability in ECDSA Signature Generation
Unencrypted Transmission of Private Data in TikTok (formerly Musical.ly) Application
DirectWrite Memory Disclosure Vulnerability
Windows Pathname Drive Name Mishandling in Pallets Werkzeug before 0.15.5
Stack-Based Buffer Overflow in SSDP Responder 1.x through 1.5
Privilege Escalation Vulnerability in AndyOS Andy Versions up to 46.11.113
CSRF Vulnerability in Custom Simple Rss Plugin 2.0.6 for WordPress Allows Unauthorized Settings Modification
CSRF Vulnerability in Simple Membership Plugin's Bulk Operation Section
Stored XSS Vulnerability in EspoCRM Create Task
Windows Graphics Component Elevation of Privilege Vulnerability
Stored XSS Vulnerability in EspoCRM Create Case
Stored XSS Vulnerability in EspoCRM Create User
Weak SSH Ciphers Vulnerability on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 Devices
Pre-Authenticated Denial of Service Vulnerability in D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 Devices
Insecure SSL Certificate and RSA Private Key Extraction Vulnerability
Post-Authenticated Denial of Service Vulnerability in D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 Devices
Post-Authenticated Config File Dump Vulnerability in D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 Devices
Command Injection Vulnerability in D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 Devices
Post-Authentication XSS Vulnerability on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 Devices
Canon PRINT jp.co.canon.bsd.ad.pixmaprint 2.5.5 Android App ContentProvider Data Access Vulnerability
Win32k Elevation of Privilege Vulnerability
Stored XSS Vulnerability in TemaTres 3.0 via value parameter in vocab/admin.php?vocabulario_id=list URI
Reflected XSS vulnerability in TemaTres 3.0 via vocab/admin.php?doAdmin=bulkReplace URI
Remote Privilege Escalation in TemaTres 3.0: Unauthorized Creation of Administrator Account
CSRF Vulnerability in Schben Adive 2.0.7 Allows Unauthorized Password Change
Arbitrary Administrator Account Creation in Schben Adive 2.0.7
SQL Injection Vulnerability in BearDev JoomSport Plugin 3.3 for WordPress
Stored XSS Vulnerability in EspoCRM 5.6.4 via Unfiltered User-Supplied Data in api/v1/Document Functionality
Windows Graphics Component Elevation of Privilege Vulnerability
Stored XSS Vulnerability in EspoCRM 5.6.4 Knowledge Base
User Password Hash Enumeration Vulnerability in EspoCRM 5.6.4
CSV Injection Vulnerability in Joget Workflow 6.0.20
Side Channel Vulnerability in Trezor One Devices: Power Consumption Analysis of Row-Based OLED Display
Side Channel Vulnerability: Power Consumption Analysis of OLED Display on Ledger Nano S and Nano X Devices
Side Channel Vulnerability in ShapeShift KeepKey Devices: Exploiting Power Consumption of Row-Based OLED Display
Side Channel Vulnerability in Coldcard MK1 and MK2 Devices: Power Consumption Analysis of Row-Based OLED Display
Side Channel Vulnerability in Mooltipass Mini Devices Allows PIN Recovery via Power Consumption Measurements
Side Channel Vulnerability in Archos Safe-T Devices: Exploiting Row-Based OLED Display Power Consumption
Side Channel Vulnerability in BC Vault Devices: Exploiting Power Consumption of Row-Based SSD1309 OLED Display
Win32k Kernel Information Disclosure Vulnerability
Side Channel Vulnerability in Hyundai Pay Kasse HK-1000 Devices Allows Secret Data Recovery via USB Power Consumption Measurements
Directory Traversal Vulnerability in Openbravo ERP before 3.0PR19Q1.3
Remote Code Execution Vulnerability in NETGEAR WNDR3400v3 Routers
XSS Vulnerability in Email Subscribers & Newsletters Plugin 4.1.6 for WordPress
WordPress Intercom Plugin Exposes Slack Access Token, Enabling Unauthorized Access
Slack Access Token Leakage in WP SlackSync Plugin for WordPress
Slack-Chat through 1.5.5 Vulnerability: Access Token Leak Exposes Sensitive Slack Information
Heap-Based Buffer Over-Read Vulnerability in Exiv2 0.27.99.0
Exiv2 0.27.99.0 Denial of Service Vulnerability in PngImage::readMetadata()
Windows Graphics Component Elevation of Privilege Vulnerability
Out-of-Bounds Read Vulnerability in Exiv2::MrwImage::readMetadata() in mrwimage.cpp
Infinite Loop Vulnerability in Libav 12.3's mov_probe Function
Infinite Loop Vulnerability in Libav 12.3's wv_read_block_header() Function
Heap-based Buffer Over-read in libpng via Crafted FLIF File
Heap-Based Buffer Overflow in libslirp 4.0.0: Mishandling of First Fragment in ip_reass
Remote Code Execution Vulnerability in FasterXML jackson-databind before 2.9.9.2 with ehcache
Windows Graphics Component Elevation of Privilege Vulnerability
Out-of-Bounds Read Vulnerability in libopenmpt Allows Crash During Playback
NULL Pointer Dereference Vulnerability in libopenmpt before 0.4.3
Assertion Failure in libopenmpt: Debug STLs File Parsing Vulnerability
Assertion Failure Vulnerability in libopenmpt before 0.4.2 with Debug STLs
Stored XSS Vulnerability in cPanel WHM Tomcat Manager Interface (SEC-504)
Self XSS vulnerability in cPanel and webmail master templates (SEC-506)
Unauthenticated File Creation Vulnerability in cPanel (SEC-507)
Local Privilege Escalation Vulnerability in cPanel (SEC-510)
Windows GDI Memory Disclosure Vulnerability
Stored XSS Vulnerability in cPanel WHM Modify Account Interface (SEC-512)
Inadequate Reseller Package Creation ACL Enforcement in cPanel (SEC-514)
Remote Code Execution Vulnerability in cPanel (SEC-501)
Insecure cpphp Execution in cPanel Allows Local Code Execution (SEC-486)
Root Account Privilege Escalation via fetch_ssl_certificates_for_fqdns API in cPanel (SEC-489)
World-readable permissions for Queueprocd log in cPanel before 80.0.5 (SEC-494)
Spoofed Log Data Insertion Vulnerability in cPanel API Analytics (SEC-495)
Arbitrary File Modification Vulnerability in cPanel (SEC-496)
Arbitrary Code Execution Vulnerability in cPanel (SEC-498)
Insecure File Operations in cPanel SSL Certificate-Storage Feature (SEC-477)
Win32k Kernel Information Disclosure Vulnerability
Local Privilege Escalation in cPanel (SEC-479)
Remote Code Execution Vulnerability in cPanel API1 addforward (SEC-480)
Insecure Terminal Capability Determination in cPanel (SEC-481)
Open Mail Relay Vulnerability in cPanel (SEC-483)
Root Account File-Read Vulnerability in cPanel (SEC-484)
cPanel Demo Account Code Execution Vulnerability (SEC-487)
Stored XSS in cPanel BoxTrapper Queue Listing (SEC-493)
cPanel Vulnerability: Information Disclosure to OpenID Providers (SEC-415)
OpenID Provider Linking Vulnerability in cPanel (SEC-460)
Arbitrary File-Read Vulnerability in cPanel (SEC-466)
Win32k Graphics Remote Code Execution Vulnerability
Format-String Injection Vulnerability in cPanel Email store_filter UAPI (SEC-472)
Insecure File Writing Vulnerability in cPanel (SEC-473)
Format-String Injection Vulnerability in cPanel's DCV Check_Domains_Via_DNS UAPI (SEC-474)
Vulnerability: File-Write Operations as Shared Users during Connection Resets in cPanel (SEC-476)
Userdata Cache Conflict Vulnerability in cPanel (SEC-478)
Persistent Cross-Site Scripting (XSS) Vulnerability in Veritas Resiliency Platform (VRP) Allows Injection of Malicious Script
Arbitrary Command Execution Vulnerability in Veritas Resiliency Platform (VRP)
Arbitrary Command Execution Vulnerability in Veritas Resiliency Platform (VRP)
Directory Traversal Vulnerability in Veritas Resiliency Platform (VRP) Allows Unauthorized File Overwrite
URL Validation Bypass Vulnerability in Microsoft Office
TortoiseSVN 1.12.1 Excel Workbook Remote Code Execution Vulnerability
Remote Code Execution (RCE) Vulnerability in CUx-Daemon Addon for eQ-3 Homematic CCU-Firmware
Local File Inclusion (LFI) Vulnerability in CUx-Daemon 1.11a of eQ-3 Homematic CCU-Firmware 2.35.16 - 2.45.6
Cross-Site Scripting (XSS) Vulnerability in WEB STUDIO Ultimate Loan Manager 2.0
Microsoft SharePoint SMB Hash Disclosure Vulnerability
SQL Injection Vulnerability in YouPHPTube Plugin AuditTable.php
Heap-based Buffer Overflow in MatrixSSL DTLS Server
WebSocket Authentication Bypass Vulnerability in Loom Desktop for Mac up to 0.16.0
Information Leakage in OpenStack Nova API Response
Heap-based Buffer Over-read in VLC Media Player 3.0.7.1 via Crafted .ogg File
Heap-Based Buffer Over-Read Vulnerability in VLC Media Player 3.0.7.1
Polymorphic Typing Issue in FasterXML jackson-databind 2.x
Remote Denial of Service Vulnerability in Libav 12.3
Denial of Service Vulnerability in Libav 12.3: avio_seek Infinite Loop
Division by Zero Vulnerability in Libav 12.3
Integer Overflow in apply_relocations in readelf.c in GNU Binutils 2.32
Cross Site Scripting (XSS) Vulnerability in Cloudera Manager
Office Online Cross-Origin Communication Spoofing Vulnerability
Directory Traversal Vulnerability in Repetier-Server 0.8 through 0.91 Allows Remote Code Execution
Remote Code Execution via XML Data Structure Validation Bypass in Repetier-Server 0.8 through 0.91
Directory Traversal Vulnerability in Sigil before 0.9.16
Privilege Escalation via Modified Domus and Logged Fields in Comelit App lejos de casa (web) 2.8.0
Vertical Privilege Escalation in SuiteCRM 7.11.x and 7.10.x
Stored XSS Vulnerability in Opengear Console Server Firmware Releases Prior to 4.5.0
Stack-based Buffer Overflow in VIVOTEK IP Camera Devices with Firmware Before 0x20x via Crafted HTTP Header
Denial of Service Vulnerability in VIVOTEK IP Camera Devices
Integer Overflow Vulnerability in nfdump 1.6.17 and Earlier: Remote Denial of Service
Memory Disclosure Vulnerability in Microsoft Excel
Out-of-Bounds Read Vulnerability in libmodbus (VD-1302)
Out-of-Bounds Read Vulnerability in libmodbus (VD-1301)
Heap-Based Buffer Overflow in XMFile::read in MilkyTracker 1.02.00
Heap-Based Buffer Overflow in fmt_mtm_load_song() Function in Schism Tracker 20190722
Vulnerability: PHP Object Injection in GOsa_Filter_Settings Cookie
Remote Code Execution Vulnerability in Social Photo Gallery Plugin for WordPress
Buffer Overflow Vulnerability in GnuCOBOL 2.2 via Crafted COBOL Source Code
Stored Cross-Site Scripting (XSS) Vulnerability in Nexus Repository Manager before 3.18.0
Office Online Cross-Origin Communication Spoofing Vulnerability
XSS Vulnerability in UserPro Plugin for WordPress via Instagram PHP API
XSS Vulnerability in TestLink 1.9.19 via error.php message parameter
XSS Vulnerability in Zurmo 3.2.7-2 via app/index.php/zurmo/default PATH_INFO
Authentication Bypass and Privilege Escalation Vulnerability in eQ-3 Homematic CCU2 and CCU3
Denial of Service Vulnerability in eQ-3 Homematic CCU3 3.47.15 and Prior
Authentication Bypass and Unauthorized Access in eQ-3 Homematic CCU2 and CCU3
Server-Side Request Forgery (SSRF) Vulnerability in AdRem NetCrunch 10.6.0.4587: Unauthorized SMB Requests
Improper Credential Storage in AdRem NetCrunch 10.6.0.4587
Stored Cross-Site Scripting (XSS) Vulnerability in AdRem NetCrunch 10.6.0.4587 Web Client
Remote Code Execution Vulnerability in AdRem NetCrunch 10.6.0.4587
Memory Object Handling Vulnerability in Microsoft Excel Allows Remote Code Execution
Improper Session Handling in AdRem NetCrunch 10.6.0.4587 Web Client: Authentication Bypass and Privilege Escalation Vulnerability
Cross-Site Request Forgery (CSRF) Vulnerability in AdRem NetCrunch 10.6.0.4587 Web Client Allows Account Takeover
Hardcoded SSL Private Key Vulnerability in AdRem NetCrunch 10.6.0.4587
Credentials Disclosure in AdRem NetCrunch 10.6.0.4587
Buffer Overflow Vulnerability in GnuCOBOL 2.2 via Crafted COBOL Source Code
Microsoft Office ClickToRun Security Feature Bypass Vulnerability
Out of Bounds Read Vulnerability in OpenCV's cv::predictOrdered<cv::HaarEvaluator> Function
Out of Bounds Read/Write Vulnerability in OpenCV's HaarEvaluator::OptFeature::calc Function
NULL pointer dereference in cv::XMLParser::parse function
Divide-by-Zero Error in SplashOutputDev::tilingPatternFill
Out-of-Bounds Write Vulnerability in 3proxy WebAdmin Interface
Stack-Based Buffer Overflow in LoaderXM::load in MilkyTracker 1.02.00
Heap-Based Buffer Overflow in ModuleEditor::convertInstrument in MilkyTracker 1.02.00
Divide-by-Zero Vulnerability in VLC Media Player 3.0.7.1
Vulnerability: Privilege Escalation via LAN Cache Feature in Kaseya VSA RMM
Default Configuration of Sphinx Technologies Sphinx 3.1.1 Exposes Unauthenticated Access
Cross-Site Scripting (XSS) Vulnerability in LimeSurvey 3.17.7+190627
Improper Bounds Checking in Dnsmasq Allows Remote Code Execution
Arbitrary Command Execution Vulnerability in Microvirt MEmu
Lack of SSL Certificate Validation in mAadhaar Android App 1.2.7 Allows Man-in-the-Middle Attacks on FAQs and Help Requests
XSS Vulnerability in pandao Editor.md 1.5.0 via Javascript: String
Cross-Site Scripting (XSS) Vulnerability in Evolution CMS 2.0.x via Description and New Category Location in Template
Path Traversal Vulnerability in EMCA Energy Logserver 6.1.2 Logo File Upload Feature
Integer Underflow in Amiga Oktalyzer Parser of Schism Tracker
Heap-based Buffer Overflow in Schism Tracker through 20190722 via Large Number of Song Patterns in fmt_mtm_load_song
Sensitive Value Exposure in Octopus Deploy
Cross-Site Request Forgery Token Bypass Vulnerability in NETGEAR Nighthawk M1 (MR1100) Devices
Command Execution Vulnerability on NETGEAR Nighthawk M1 (MR1100) Devices
Heap-Based Buffer Overflow in GnuCOBOL 2.2's read_literal Function
SQL Injection Vulnerability in OpenEMR before 5.0.2 in save.php
Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability
Arbitrary File Download and Potential File Deletion in OpenEMR
Out of Bounds Read Vulnerability in The Sleuth Kit (TSK) 4.6.6
Off-by-one Underflow Vulnerability in The Sleuth Kit (TSK) 4.6.6
Use-After-Free Vulnerability in VLC Media Player's Control Function
NULL Pointer Dereference Vulnerability in VideoLAN VLC Media Player 3.0.7.1
Divide-by-Zero Vulnerability in VideoLAN VLC Media Player 3.0.7.1
Type Juggling Vulnerability in YOURLS API Component Allows Login Bypass
Symlink Exploitation in Windows User Profile Service: Elevation of Privilege Vulnerability
Polymorphic Typing Vulnerability in FasterXML jackson-databind
Stack-Based Buffer Overflow in GnuCOBOL 2.2's cb_encode_program_id
Lack of Permission Checks in Gogs 0.11.86 API Routes
Stored XSS Vulnerability in EspoCRM Allows for Cookie Theft
Stored XSS via Malicious Filename in EspoCRM Attachment
Stored XSS Vulnerability in EspoCRM Allows for Cookie Theft
Stored XSS in Title and Breadcrumb of EspoCRM Entities
Stored XSS Vulnerability in EspoCRM Edit Dashboard Feature
Arbitrary Code Execution via Cross-Origin /install Request in Das Q (before 2019-08-02)
EDK II Vulnerability: Privileged User Information Disclosure via Network Access
BIOS Firmware Vulnerability in Intel Processors: Local Denial of Service Exploit
Critical Buffer Overflow Vulnerability in Intel BIOS Firmware for 8th-10th Generation Processors
BIOS Firmware Vulnerability: Denial of Service via Adjacent Access in Intel Processors
Unauthenticated Denial of Service Vulnerability in EDK II
OpenType Font Parsing Remote Code Execution Vulnerability
DxeImageVerificationHandler() Integer Overflow Vulnerability
Integer Truncation Vulnerability in EDK II: Local Privilege Escalation
Vulnerability in Intel(R) SGX SDK Allows Information Disclosure and Privilege Escalation
Intel(R) SGX SDK Multiple Versions Local Access Vulnerability
Privilege Escalation Vulnerability in Intel(R) RST (before version 17.7.0.1006)
Vulnerability: Pointer Corruption in Intel(R) NUC System Firmware
Excel Macro Security Bypass Vulnerability
Intel(R) NUC System Firmware Memory Corruption Vulnerability
Denial of Service Vulnerability in Intel Graphics Driver Subsystem
Potential Privilege Escalation Vulnerability in DxeImageVerificationHandler() for EDK II
Win32k Elevation of Privilege Vulnerability
Null Pointer Dereference Vulnerability in Tianocore EDK2
EDK II Use After Free Vulnerability: Potential for Privilege Escalation, Information Disclosure, and Denial of Service
Denial of Service Vulnerability in EDK II via Adjacent Access
Improper Access Control in Intel Graphics Driver API: Potential Information Disclosure
Denial of Service Vulnerability in Intel(R) Graphics Driver API
Improper Access Control in Intel Chipset Device Software INF Utility Installer: Potential Denial of Service Vulnerability
Authentication Bypass Vulnerability in Intel(R) CSME Subsystem
Unquoted Service Path Vulnerability in Control Center-I Version 2.1.0.0 and Earlier
Outlook for Android Email Spoofing Vulnerability
Uncontrolled Search Path Element Vulnerability in Intel(R) SNMP Subagent Stand-Alone Installer
Privilege Escalation Vulnerability in Intel(R) RWC 3 Installer
Privilege Escalation Vulnerability in Nuvoton CIR Driver Installer
Privilege Escalation Vulnerability in Intel® Quartus® Prime Pro Edition License Server Installer
FPGA Kernel Driver Null Pointer Dereference Vulnerability
Privilege Escalation Vulnerability in Intel(R) SCS Platform Discovery Utility Installer
Vulnerability: Improper Conditions Check in Multiple Intel® Processors
Buffer Overflow Vulnerability in Intel(R) NUC(R) Firmware Allows Privilege Escalation
Privilege Escalation Vulnerability in Intel(R) NUC(R) Firmware
Memory Object Handling Vulnerability in Microsoft Word
Firmware Vulnerability in Intel(R) NUC(R) Allows Local Privilege Escalation
Firmware Integer Overflow Vulnerability in Intel(R) NUC(R) Enables Local Privilege Escalation
Escalation of Privilege Vulnerability in Intel(R) NUC(R) Firmware
Privilege Escalation Vulnerability in Intel(R) VTune(TM) Amplifier for Windows*
Intel Processor Graphics: Insufficient Control Flow Vulnerability
PowerPoint Object Memory Handling Remote Code Execution Vulnerability
Denial of Service Vulnerability in Intel(R) Wireless Bluetooth(R) Products
Improper Access Control in On-Card Storage of Intel® FPGA Programmable Acceleration Card N3000: Potential Denial of Service Vulnerability
Improper Access Control in Intel® FPGA Programmable Acceleration Card N3000 PCIe Function
Improper Permissions in Intel(R) DAAL: Potential Information Disclosure via Local Access
Microsoft Access Memory Object Handling Vulnerability
Unauthenticated Information Disclosure Vulnerability in Intel(R) Thunderbolt(TM) Controllers
Memory Disclosure Vulnerability in Microsoft Excel
Windows GDI Memory Disclosure Vulnerability
Cross-Site Scripting (XSS) Vulnerability in Amazon AWS JavaScript S3 Explorer
XSS Vulnerability in pandao Editor.md 1.5.0 via ABBR or SUP Element Attribute
Remote Code Execution Vulnerability in Joomla! 3.9.7 and 3.9.8
Vulnerability: Unauthorized Admin Access via User Account in Yealink Phones
Arbitrary Code Execution and Password Replacement Vulnerability in Yealink Phones
Windows GDI Memory Disclosure Vulnerability
Stack-Based Buffer Overflow in Brandy 1.20.1's fileio_openout Function
Stack-Based Buffer Overflow in Brandy 1.20.1's fileio_openin Function via Crafted BASIC Source Code
Vulnerability: Sub-part Wrapping Attack in Enigmail
Heap-Based Buffer Overflow in Brandy 1.20.1's define_array Function via Crafted BASIC Source Code
Account Takeover via GLPI Autocompletion Feature
Multiple Stored XSS Vulnerabilities in Firefly III 4.7.17.4
Stored XSS Vulnerability in Firefly III 4.7.17.3 Transaction Description Field
Stored XSS vulnerability in Firefly III 4.7.17.3 via unfiltered user-supplied data in asset account name
Windows GDI Memory Disclosure Vulnerability
Stored XSS vulnerability in Firefly III 4.7.17.3 via unfiltered user input in bill name field
Local File Enumeration Vulnerability in Firefly III 4.7.17.3
Stored XSS vulnerability in Firefly III 4.7.17.5 via unfiltered user input in liability name field
SAS XML Mapper 9.45 XML External Entity (XXE) Vulnerability
CSRF Vulnerability in ARPrice Lite Plugin 2.2 for WordPress
Win32k Graphics Remote Code Execution Vulnerability
CSRF Vulnerability in Admin Renamer Extended Plugin 3.2.1 for WordPress
CSRF Vulnerability in Deny All Firewall Plugin for WordPress
CSRF Vulnerability in ACF: Better Search Plugin for WordPress
CSRF Vulnerability in Import users from CSV with meta Plugin for WordPress
DLL Hijacking Vulnerability in Trend Micro Password Manager 5.0
Local Privilege Escalation Vulnerability in Trend Micro Security 2019 (v15.0)
Trend Micro Security 2019 DLL Hijacking Vulnerability
DLL Hijacking Vulnerability in Trend Micro Password Manager 5.0
Repackaged Trend Micro Installers Vulnerable to DLL Hijack Exploit during Initial Product Installation
Kernel Information Disclosure Vulnerability in Win32k Component
Heap-Based Buffer Overflow in AdPlug 2.3.1 CxadbmfPlayer::__bmf_convert_stream()
Heap-Based Buffer Overflow in AdPlug 2.3.1's CdtmLoader::load() Function
Heap-Based Buffer Overflow in AdPlug 2.3.1's CmkjPlayer::load() Function
Zoho ManageEngine AssetExplorer 6.2.0 XML External Entity Injection (XXE) Vulnerability
Use-After-Free Vulnerability in Comodo Antivirus Sandbox Container
SQL Injection Vulnerability in Sygnoos Popup Builder Plugin for WordPress
Cross-Site Scripting (XSS) Vulnerability in Open-School 3.0 and Community Edition 2.3 via osv/index.php?r=students/guardians/create id Parameter
Vulnerability: Out-of-Bounds Writes in musl libc through 1.1.23
Buffer Overflow Vulnerability in MicroDigital N-Series Cameras
OS Command Injection in MicroDigital N-series Cameras: Remote Code Execution as Root
Windows Hyper-V Information Disclosure Vulnerability
Arbitrary File Disclosure via Path Traversal in MicroDigital N-series Cameras
Path Traversal Denial of Service Vulnerability in MicroDigital N-series Cameras
SQL Injection Vulnerabilities in MicroDigital N-Series Cameras: Exploiting HTTPD for Unauthorized Admin Account Creation
CSRF Vulnerability Allows Unauthorized Creation of Admin Account in MicroDigital N-Series Cameras
SSRF Vulnerability in MicroDigital N-Series Cameras
Improper Access Control Allows Unauthorized Admin Access on MicroDigital N-Series Cameras
Buffer Overflow Vulnerability in MicroDigital N-Series Cameras
Insecure Firmware Update Process Allows Remote Code Execution on MicroDigital N-Series Cameras
Buffer Overflow Vulnerability in MicroDigital N-Series Cameras
Cleartext Password Storage Vulnerability in MicroDigital N-Series Cameras
Hyper-V Remote Code Execution Vulnerability
Race Condition Vulnerability in Verifone MX900 Series Pinpad Payment Terminals with OS 30251000
Bypassing Integrity and Origin Control in Verifone VerixV Pinpad Payment Terminals
Vulnerability: Unsigned Package Installation in Verifone MX900 Series Pinpad Payment Terminals
Undocumented Physical Access Vulnerability in Verifone Pinpad Payment Terminals
Undocumented Physical Access Mode in Verifone VerixV Pinpad Payment Terminals: The VerixV Shell.out Vulnerability
Buffer Overflow Vulnerability in Verifone Verix OS on VerixV Pinpad Payment Terminals with QT000530
Insecure Permissions in Verifone MX900 Series Pinpad Payment Terminals: Arbitrary Command Injection and Privilege Escalation
Arbitrary Command Injection Vulnerability in Verifone MX900 Series Pinpad Payment Terminals
Windows Kernel Object Memory Handling Vulnerability
Insecure Object Reference Vulnerability in CentOS Web Panel 0.9.8.851 Allows Unauthorized Removal of Users from phpMyAdmin
Insecure Object Reference Vulnerability in CentOS Web Panel 0.9.8.851 Allows Unauthorized Deletion of Email Forwarding Destinations
Insecure Object Reference Vulnerability in CentOS Web Panel 0.9.8.851 Allows Unauthorized Deletion of E-mail Accounts
Insecure Object Reference Vulnerability in CentOS Web Panel 0.9.8.851 Allows Unauthorized Email Forwarding Modification
Insecure Object Reference Vulnerability in CentOS Web Panel 0.9.8.851
Insecure Object Reference Vulnerability in CentOS Web Panel 0.9.8.851 Allows Unauthorized DNS Record Access and Deletion
Insecure Object Reference Vulnerability in CentOS Web Panel 0.9.8.851 Allows Unauthorized Email Password Change
Insecure Object Reference Vulnerability in CentOS Web Panel 0.9.8.851 Allows Unauthorized Email Forwarding
Insecure Object Reference Vulnerability in CentOS Web Panel 0.9.8.851 Allows Sub-Domain Deletion
Insecure Object Reference Vulnerability in CentOS Web Panel 0.9.8.851 Allows Unauthorized Domain Deletion
Stored XSS Vulnerability in ZenTao 11.5.1 Allows Cookie Capture via Rich Text Box
Heap-based Buffer Overflows in AdPlug 2.3.1's Ca2mLoader::load() Function
Heap-Based Buffer Overflows in AdPlug 2.3.1's CradLoader::load() Function
Heap-Based Buffer Overflows in AdPlug 2.3.1's CmtkLoader::load() Function
Critical Security Vulnerability: Insecure Permissions in Ubisoft Uplay 92.0.0.6280
Windows Kernel Object Memory Handling Vulnerability
Privilege Escalation Vulnerability in Valve Steam Client for Windows
KDE Frameworks KConfig Code Execution via Malicious Desktop Files
Command Injection Vulnerability in radare2 bin_symbols() Function
KuaiFanCMS 5.0 - Remote Code Execution via eval Injection in install.php
Stored XSS Vulnerability in DWSurvey's Survey Design Copy Functionality
Persistent XSS vulnerability in osTicket file-upload functionality
CSV Injection in osTicket Export Spreadsheets
Stored XSS in firstname and lastname fields of osTicket setup/install.php
NLTK Downloader Directory Traversal Vulnerability
Cross-Site Scripting (XSS) Vulnerability in SuiteCRM 7.10.x and 7.11.x
Buffer Overflow Vulnerability in SICK FX0-GPNT00000 and FX0-GENT00000 Devices (3.4.0)
SQL Injection Vulnerability in Open-School 3.0 and Community Edition 2.3 via index.php?r=students/students/document id parameter
Unrestricted File Upload Vulnerability in Leaf Admin 61.9.0212.10 f
KaiOS Email Application HTML and JavaScript Injection Vulnerability
HTML and JavaScript Injection Vulnerability in KaiOS Contacts Application
HTML and JavaScript Injection Vulnerability in KaiOS File Manager Application
KaiOS Radio Application HTML and JavaScript Injection Vulnerability
Windows AppX Deployment Service (AppXSVC) Hard Link Elevation of Privilege Vulnerability
HTML and JavaScript Injection Vulnerability in KaiOS Recorder Application
HTML and JavaScript Injection Vulnerability in KaiOS Note Application
Double-locking error in drivers/usb/dwc3/gadget.c leading to potential deadlock with f_hid
Improper Access Control in AfficheExplorateurParam() in DIMO YellowBox CRM before 6.3.4 allows unauthorized administrative access
Path Traversal Vulnerability in DIMO YellowBox CRM File Browser
Arbitrary File Download Vulnerability in DIMO YellowBox CRM
Arbitrary File Upload and Remote Code Execution in DIMO YellowBox CRM
Insufficient Output Filtering in Block Labels in Backdrop CMS
Windows Printer Service File Path Validation Vulnerability
Arbitrary JavaScript Execution in Backdrop CMS Administration Bar
Arbitrary Code Execution through Configuration Archive Upload in Backdrop CMS
XSS Vulnerability in Verdaccio before 3.12.0
Arbitrary Post Deletion Vulnerability in Woody ad snippets Plugin
Cross-Site Scripting (XSS) Vulnerability in woo-variation-swatches Plugin for WordPress
Heap-Based Buffer Over-Read Vulnerability in VLC Media Player 3.0.7.1 via Crafted .mkv File
Use-after-free vulnerability in VLC media player 3.0.7.1's Control function in demux/mkv/mkv.cpp
Use-after-free vulnerability in VLC media player 3.0.7.1's mkv::virtual_segment_c::seek method
Windows COM Server Elevation of Privilege Vulnerability
Session Hijacking and Password Extraction in CentOS Web Panel (CWP) 0.9.8.856-0.9.8.864
Privilege Escalation Vulnerability in Samsung FotaAgent (SVE-2019-14764)
XSS Vulnerability in CP Contact Form with PayPal Plugin for WordPress
XSS Vulnerability in CP Contact Form with PayPal Plugin for WordPress
Vulnerability: Rank Math SEO Plugin 1.0.27 for WordPress Settings Reset via admin-post.php Parameter
Cross-Site Scripting (XSS) Vulnerability in Tribulant Newsletters Plugin for WordPress
Directory Traversal and Remote PHP Code Execution in Tribulant Newsletters Plugin for WordPress
XSS Vulnerability in Custom 404 Pro Plugin 3.2.8 for WordPress
Cross-Site Scripting (XSS) Vulnerability in Limb-Gallery Plugin 1.4.0 for WordPress
XSS Vulnerability in Appointment Booking Calendar Plugin 1.3.18 for WordPress
Cross-Site Scripting (XSS) Vulnerability in WP Google Maps Plugin
File Deletion Vulnerability in Meta Box Plugin for WordPress
File Upload Vulnerability in Meta Box Plugin for WordPress
XSS Vulnerability in Toggle-The-Title WordPress Plugin 1.4
XSS Vulnerability in Woocommerce Products Price Bulk Edit Plugin for WordPress
Authenticated Stored XSS Vulnerability in 10Web Photo Gallery Plugin for WordPress
Authenticated Local File Inclusion Vulnerability in 10Web Photo Gallery Plugin for WordPress
Email Subscription XSS Vulnerability in FV Flowplayer Video Player Plugin for WordPress
Windows Media Player Memory Object Handling Vulnerability
Information Disclosure Vulnerability in FV Flowplayer Video Player Plugin for WordPress
SQL Injection Vulnerability in FV Flowplayer Video Player Plugin for WordPress
Unintended Environment Variable Disclosure in HashiCorp Nomad Template Rendering (GHSA-6hv3-7c34-4hx8)
Cross-Site Scripting (XSS) Vulnerability in UNA 10.0.0-RC1 via System Name Field in Email Template Editing
Cross-Site Scripting (XSS) Vulnerability in UNA 10.0.0-RC1 via System Name Field in Sets
Insufficient Debugger PIN Randomness in Pallets Werkzeug with Docker
XSS Vulnerability in MobileFrontend Extension's Edit Summary Field
Unencrypted Transmission of Personal Data in RENPHO iOS App
Authorization Bypass Vulnerability in Go's net/url Library
Windows Media Player Memory Object Handling Vulnerability
Race Condition Vulnerability in EOS Label Distribution Protocol (LDP) Implementation
Privilege Escalation in Ghostscript: Bypassing Security Restrictions
Insecure Privileged Calls in Ghostscript Enable Script Bypass
Insecure Privileged Calls in Ghostscript: Bypassing Security Restrictions
Heap-based Buffer Overflow in Marvell WiFi Chip Driver in Linux Kernel
Heap Overflow Vulnerability in Marvell Wifi Driver
Heap-based Buffer Overflow in Marvell WiFi Chip Driver in Linux Kernel
Privilege Escalation Vulnerability in Ghostscript
Memory Leak and Denial of Service Vulnerability in DPDK
Privilege Escalation Vulnerability in OpenShift Container Platform 3.x
Keycloak Internal Adapter Endpoint Exposure Vulnerability
Out-of-Bounds Access Vulnerability in Linux Kernel's KVM Hypervisor
Privilege Escalation Vulnerability in ibus
Implicit Trust of Root Certificate in Leaf and Chain OCSP Policy Implementation in JSS' CryptoManager
Vulnerability: Unauthorized Access to Private Attributes in 389-ds-base Plugin
Cleartext Password Storage Vulnerability in Katello
Session Cookie Retention Vulnerability in FreeIPA 4.5.0 and Later
JavaScript Injection Vulnerability in Moodle Mustache Templates
User Role Assignment Vulnerability in Moodle Versions 3.7 to 3.7.1, 3.6 to 3.6.5, 3.5 to 3.5.7, and Earlier Unsupported Versions
Activity Creation Capabilities Bypass in Moodle
Windows AppX Deployment Server Junction Handling Elevation of Privilege Vulnerability
Open Redirect Vulnerability in Moodle Mobile Launch Endpoint
Open Redirect Vulnerability in Moodle's Forum Subscribe Link
Unauthorized User Access Vulnerability in Keycloak REST API
Samba Password Complexity Check Bypass Vulnerability
Memory Leak Vulnerability in dnsmasq Allows Remote DoS
Buffer Overflow Vulnerability in Linux Kernel's vhost Functionality
3scale Dev Portal Login CSRF Vulnerability
Domain-based Password Reset Vulnerability in Keycloak
Unauthorized Modification of Server Runtime State Vulnerability
Sensitive Information Disclosure in Business-Central Console Login
Windows OLE Remote Code Execution Vulnerability
Auto-complete Enabled in RHDM HTML Form Fields: A Potential Credential Leak Vulnerability
Role Manipulation Vulnerability in RHDM Allows Unauthorized Admin Privileges
Vulnerability: Arbitrary Code Execution via Structured Reply in NBD Protocol
Unauthorized Access Vulnerability in Wildfly Security Manager
Kerberos Client Crash Vulnerability in Fedora Versions
OpenShift Builds TLS Hostname Verification Bypass Vulnerability
Credential Disclosure Vulnerability in Ansible Engine Logging
Denial of Service Vulnerability in Samba AD DC LDAP Server via Dirsync
Unprotected User Session Cookie in 3scale Before Version 2.6
VBScript Engine Memory Object Handling Remote Code Execution Vulnerability
Denial of Service Vulnerability in nbdkit 1.12.7, 1.14.1, and 1.15.1
Denial of Service Vulnerability in nbdkit Versions 1.12.7, 1.14.1, and 1.15.1
Vulnerability: TLS 1.0 Protocol Weakness in 3scale's APIcast Gateway
Denial of Service Vulnerability in python-ecdsa before 0.13.3
Insecure Secret Data Exposure in OpenShift Container Platform 4
Vulnerability: SHA-1 Collision Attack Allows Forged Certificate Signatures
Vulnerability in Ansible versions 2.8.6, 2.7.14, 2.6.20 allows None-based attack
Open Redirect Vulnerability in mod_auth_openidc
Vulnerability: Information Leakage in Ansible Engine and Ansible Tower
Malleable Signature Vulnerability in python-ecdsa
Visual Studio Live Share URL Redirection Vulnerability
Syndesis Misconfiguration Allows for Cross-Origin Resource Sharing (CORS) Vulnerability
Samba DNS Record Injection Vulnerability
Unvalidated Data Delivery Vulnerability in Knockout.js
Unvalidated Data Delivery Vulnerability in Angular Versions Before 1.5.0-beta.0
Sensitive Data Disclosure in Ansible Callback Plugins
Grub2-set-bootflag Utility Truncation Vulnerability
Insecure File Permissions in cpio TAR Archive Generation
Vulnerability in IPA Server's ber_scanf() Function Allows for Remote Code Execution
Remote Code Execution Vulnerability in ksh Version 20120801
Privilege Escalation Vulnerability in Ghostscript
MSAL Android App Information Disclosure Vulnerability
Samba AD DC S4U2Self Kerberos Delegation Vulnerability
Memory Allocation Vulnerability in REENT_CHECK Macro
NULL Pointer Dereference Vulnerability in _dtoa_r Function of newlib libc Library
Null Pointer Dereference Bug in Balloc Function of newlib libc Library
Null Pointer Dereference Bug in Balloc Function of newlib libc Library
Null Pointer Dereference Bug in multiply function of newlib libc library
Null Pointer Dereference Bug in Balloc Function of newlib libc Library
Null Pointer Dereference Vulnerability in Balloc Function of newlib libc Library
Null Pointer Dereference Bug in Balloc Function of newlib libc Library
Cohort Role Assignment Vulnerability in Moodle
Buffer Handling Vulnerability in Microsoft Defender
Insufficient Email Address Verification in Moodle OAuth 2 Providers
Blind XSS Vulnerability in Moodle 3.7 before 3.7.3
Open Redirect Vulnerability in Moodle Lesson Edit Page
Token Leakage in Moodle Email Notifications
Reflected XSS Vulnerability in Moodle 3.7 and Earlier Versions
Vulnerability: Information Disclosure in JBoss EAP Vault System
Insecure Storage of Encoded Passwords in Business-Central
OpenSSL-Wildfly Connection Downgrade Vulnerability
Undertow HTTP Server Denial of Service (DOS) Vulnerability
Arbitrary Command Injection Vulnerability in libssh's ssh_scp_new() Function
Windows Remote Desktop Protocol Information Disclosure Vulnerability
Insecure Storage of Credentials in Ansible Tower License Application
Memory Cgroup Containment Vulnerability in cri-o Allows Host Network Access
Polymorphic Deserialization Vulnerability in Jackson-databind
Arbitrary Code Execution Vulnerability in FasterXML jackson-databind
Remote Code Execution Vulnerability in CloudForms Management Engine
Heap-based Buffer Overflow in Marvell WiFi Chip Driver
Heap-based Buffer Overflow Vulnerability in Marvell WiFi Chip Driver in Linux Kernel 2.6.32
Marvell WiFi Chip Driver Stack-Based Buffer Overflow Vulnerability
Incomplete Fix for Race Condition Vulnerability in Linux Kernel (CVE-2019-11599)
VPN Hijacking Vulnerability: Exploiting TCP Stream Injection
Skype for Business Server Spoofing Vulnerability
SQL Injection Vulnerability in Hibernate ORM
Marvell WiFi Chip Driver Heap Overflow Vulnerability
Samba Subtree Modification Vulnerability
Arbitrary Command Execution Vulnerability in Ansible's solaris_zone Module
Ansible Engine Vulnerability: OS Command Injection in nxos_file_copy Module
Heap-based Buffer Overflow Vulnerability in Red Hat SDL Packages
Samba Vulnerability: Remote Code Execution via NTLMSSP Authentication Exchange
Keycloak 7.x User Federation LDAP Anonymous Bind Vulnerability
LDAP StartTLS Vulnerability in Keycloak 7.x
Reflected XSS Vulnerability in PRiSE adAS 1.7.0 OPENSSO Module
Open Redirect Vulnerability in PRiSE adAS 1.7.0
Persistent XSS Vulnerability in PRiSE adAS 1.7.0 Administration Panel
Arbitrary File Read and Deletion via Directory Traversal in PRiSE adAS 1.7.0
XSS Vulnerability in PRiSE adAS 1.7.0: Unescaped Certificate Data
Unrestricted File Upload Vulnerability in PRiSE adAS 1.7.0
Arbitrary Code Execution via XSS in Billion Smart Energy Router SG600R2 Firmware v3.02.rc6
Vulnerability: Exposed Telnet Service with Hardcoded Credentials on Billion Smart Energy Router SG600R2
Root Privilege Escalation via Hidden Shell Feature in Billion Smart Energy Router SG600R2 Firmware v3.02.rc6
Remote Command Execution in EyesOfNetwork 5.1 via Shell Metacharacters in module/tool_all/host Field
Insecure File Movement Vulnerability in GCDWebServer
Insecure Permission Assignment Allows Unauthorized Access to Sensitive RTU Data
Hard-coded SSH Keys Vulnerability in Mitsubishi Electric and INEA ME-RTU Devices
Unauthenticated Remote Configuration Download Vulnerability in Mitsubishi Electric and INEA ME-RTU Devices
Stored Cross-Site Scripting (XSS) Vulnerabilities in Mitsubishi Electric and INEA ME-RTU Devices
Weak Credentials Management on Mitsubishi Electric ME-RTU and INEA ME-RTU Devices: Exposed Password Credentials Vulnerability
Undocumented Hard-Coded User Passwords and Privilege Escalation Vulnerability in Mitsubishi Electric ME-RTU and INEA ME-RTU Devices
Unauthenticated Remote OS Command Injection in Mitsubishi Electric ME-RTU and INEA ME-RTU Devices
Remote Access to Candidates' Personal Information in Humanica Humatrix 7 Recruitment Module
CSRF Vulnerability in Bagisto 0.1.5 Admin URIs
Out-of-Bounds Write Vulnerability in PDFResurrect
Insecure Permissions in 3CX Phone 15 on Windows: Privilege Escalation Vulnerability
Easy!Appointments 1.3.2 Plugin for WordPress - Sensitive Information Disclosure (Username and Password Hash) Vulnerability
Time-based SQL Injection in REDCap Edit Calendar Event
Default Openness of LOAD DATA LOCAL INFILE Option in mysqljs Module for Node.js
Crash Vulnerability in Storage Performance Development Kit (SPDK) vhost Target
Uncontrolled Memory Allocation Vulnerability in SHAREit 4.0.6.177
Cleartext HTTP Cookie Vulnerability in GitLab Pages
Hard-coded Credentials Vulnerability in GitLab Community and Enterprise Edition 12.0 through 12.1.4
Command-line Injection Vulnerability in GitLab Community and Enterprise Edition
XSS Vulnerability in Ultimate Member Plugin for WordPress (Version < 2.0.54)
XSS Vulnerability in Ultimate Member Plugin for WordPress (Versions before 2.0.52)
XSS Vulnerability in Ultimate Member Plugin for WordPress Account Upgrade
XSS Vulnerability in woocommerce-product-addon Plugin for WordPress
XSS Vulnerability in wp-database-backup Plugin for WordPress (Version 5.1.2 and earlier)
XSS Vulnerability in wp-live-chat-support Plugin: Exploiting the GDPR Page
Incorrect Protection Mechanism in Telenav Scout GPS Link App for iOS Enables Brute-Force Attacks on Authentication Process
Possible XSS Vulnerability in JetBrains YouTrack Versions Before 2019.1.52584
Possible XSS Vulnerability in JetBrains YouTrack Versions Before 2019.2.53938 via Issue Attachments in Firefox Browser
Cleartext HTTP Connection Vulnerability in JetBrains IntelliJ IDEA
Lack of Password Expiration and Forced Password Change in Earlier Versions of JetBrains Hub
Improper Access Control in JetBrains YouTrack before 2019.2.53938
Vulnerability: Sensitive Project Data Stored in Publicly Accessible GitHub Repository
Uncontrolled Memory Allocation Vulnerability in JetBrains PyCharm
Cleartext HTTP Connection Vulnerability in JetBrains Toolbox
Unsigned DLL File Vulnerability in JetBrains Rider
XSS Vulnerability in JetBrains Upsource before 2019.1.1412
Server Side Template Injection (SSTI) Vulnerability in Frappe Framework 10-12
Authenticated SQL Injection in Frappe Framework 10-12 (before 12.0.4)
Cross-Site Scripting (XSS) Vulnerability in Frappe Framework 10, 11, and 12
SQL Injection in imcat 4.9 via index.php order parameter in mod=faqs action
Insecure Permissions and Impersonation Vulnerability in Netwrix Auditor
Heap-based Buffer Overflow in mkv::event_thread_t in VideoLAN VLC Media Player 3.0.7.1
Integer Overflow Vulnerability in LibTIFF's _TIFFCheckMalloc and _TIFFCheckRealloc Functions
Cross-Site Scripting (XSS) Vulnerability in SugarCRM Enterprise 9.0.0
Heap-Based Buffer Over-read in Artifex MuPDF
XSS Vulnerability in iCMS 7.0.15 via admincp.php?app=apps and keywords parameter
Parameter Tampering Vulnerability in WooCommerce PayU India Payment Gateway Plugin 2.1.1
Parameter Tampering Vulnerability in WooCommerce PayPal Checkout Payment Gateway Plugin 1.6.17
Use After Free Vulnerability in ImageMagick's UnmapBlob Function
Divide-by-Zero Denial of Service Vulnerability in ImageMagick's MeanShiftImage Function
Integer Overflow Vulnerability in Exiv2's WebPImage::getHeaderOffset Function
Remote Code Execution in eQ-3 Homematic CCU2 and CCU3 with XML-API AddOn
Remote Code Execution in eQ-3 Homematic CCU2 and CCU3 with CUxD AddOn
Unauthenticated Administrative Operations in eQ-3 Homematic CCU2 and CCU3 with CUxD AddOn
XSS Vulnerability in Adive Framework 2.0.7: Create New Table and Create New Navigation Link Functions
Denial of Service Vulnerability in Istio's Regular Expression Handling
Arbitrary Issue Viewing Vulnerability in Atlassian Jira Service Desk
Information Disclosure Vulnerability in Jira's /rest/api/1.0/render Resource
Cross-Site Scripting (XSS) Vulnerability in Jira FilterPickerPopup.jspa Resource
Information Exposure through Caching Vulnerability in Jira AccessLogFilter
CSRF Protection Bypass via Cookie Tossing in Jira
CSRF Vulnerability in Atlassian Universal Plugin Manager
Arbitrary File Read and Command Execution Vulnerability in Bitbucket Server and Data Center
Jira Importers Plugin Template Injection Vulnerability
Arbitrary Issue Viewing Vulnerability in Atlassian Jira Service Desk
Arbitrary Issue Viewing Vulnerability in Atlassian Jira Service Desk
Unprivileged User Email Scanning Vulnerability in Atlassian Troubleshooting and Support Tools Plugin
Confluence Previews Plugin Man-in-the-Middle (MITM) Vulnerability
Cross-Site Scripting (XSS) Vulnerability in Atlassian Fisheye and Crucible Review Resource
Cross-Site Scripting (XSS) Vulnerability in Atlassian Fisheye and Crucible
Improper Authorization Vulnerability in Atlassian Fisheye and Crucible Allows Unauthorized Removal of User's Favourite Setting
Remote Code Execution Vulnerability in Bitbucket Server and Bitbucket Data Center
Information Disclosure Vulnerability in ListEntityLinksServlet
Remote Code Execution via edit-file request in Bitbucket Server and Bitbucket Data Center
Unauthenticated Remote Attackers Can Remove Configured Issue Status in Jira
Zingbox Inspector Command Injection Vulnerability
Hardcoded Credentials Vulnerability in Zingbox Inspector
SQL Injection Vulnerability in Zingbox Inspector Management Interface
Vulnerability: Hardcoded Credentials in Zingbox Inspector SSH Service
Unauthenticated Binding Vulnerability in Zingbox Inspector
Zingbox Inspector Software Update Image Vulnerability
Command Injection Vulnerability in Zingbox Inspector Versions 1.293 and Earlier
Zingbox Inspector Local Area Network Identification Vulnerability
ARP Spoofing Vulnerability in Zingbox Inspector Versions 1.294 and Earlier
Cleartext Password Storage Vulnerability in Zingbox Inspector Versions 1.294 and Earlier
Arbitrary File Write Vulnerability in ClickHouse
SQL Injection Vulnerability in Ninja Forms Plugin for WordPress
Stack-Based Buffer Over-Read Vulnerability in memcached 1.5.16
Arbitrary Command Execution Vulnerability in MediaTek eMMC Subsystem for Android on MT65xx, MT66xx, and MT8163 SoC Devices
Inadequate Checks in Joomla! com_contact Enable Mail Submission in Disabled Forms
Arbitrary Command Execution in FusionPBX 4.4.8 via service_edit.php
Facility Unavailable Exception Vulnerability in Linux Kernel on PowerPC Platform
Vector Register Leakage Vulnerability in Linux Kernel on PowerPC Platform
Information Disclosure in Pydio 6.0.8 via Unauthenticated Directory Uploads
Authenticated SSRF in Pydio 6.0.8 Remote Link Feature
Buffer Overflow in QEMU 4.0.0: Insufficient Allocation in Bochs Display Driver
Confidential Server-level Data Exposure in JetBrains TeamCity 2018.2.4
Arbitrary Command Execution Vulnerability in JetBrains TeamCity 2018.2.4
Multiple XSS Vulnerabilities in JetBrains TeamCity 2018.2.4
Security Vulnerability: Lack of Security-Related HTTP Headers in JetBrains TeamCity 2018.2.4
Remote Code Execution Vulnerability in JetBrains TeamCity 2018.2.4
CSRF Vulnerability in JetBrains YouTrack Settings Page (pre-2019.1)
Unbounded URL Whitelisting Vulnerability in JetBrains YouTrack
Unvalidated SSL Certificate Vulnerability in JetBrains TeamCity 2018.2.4
Unauthenticated Denial of Service Vulnerability in Grafana
User Enumeration Vulnerability in Zoho ManageEngine ServiceDesk Plus 10
Unauthenticated Sensitive Information Leakage in Zoho ManageEngine ServiceDesk Plus 10 before 10509 during Fail Over Service (FOS) Replication (SD-79989)
Heap-based Buffer Over-read in AP4_BitReader::SkipBits function
Heap-based Buffer Overflow in AP4_RtpAtom Class
Heap-based Buffer Over-read in AP4_Dec3Atom Class
Heap-based Buffer Over-read in AP4_AvccAtom Class
Command Injection Vulnerability in Softing uaGate Firmware
Credential Leakage in Gradle HTTP Client
Bypassing XSS Protection in Confluence Server via HTML Include and Replace Macro Plugin
Cross-Site Scripting (XSS) Vulnerabilities in Mailbird before 2.7.5.0 r
Arbitrary File Deletion and Unauthorized Access in MikroTik RouterOS
Heap-Based Buffer Over-Read in stb_image.h (2.23): Information Disclosure and Denial of Service Vulnerability
Unauthenticated Remote Retrieval of Configuration Backup Files in Liberty lisPBX 2.0-4
Remote Code Execution Vulnerability in TP-Link TL-WR840N v4 Router
CSRF Vulnerability in Dolibarr 11.0.0-alpha Allows Admin Account Takeover
Unauthenticated Access Vulnerability in HiNet GPON Firmware Version I040GWR190731
Arbitrary File Read Vulnerability in HiNet GPON Firmware (CVE-XXXX-XXXX)
HiNet GPON Firmware < I040GWR190731: Arbitrary Command Execution via Port 6998
Authentication Bypass Vulnerability in Smart Battery A2-25DE Firmware <= SECFS-2013-10-16-13:42:58-629c30ee-60c68be6
Smart Battery A4 Firmware <= r1.7.9: Unauthenticated Password Reset Vulnerability
Vulnerability: Authentication Bypass in Smart Battery A4 Firmware <= r1.7.9
Cross-Site Scripting (XSS) Vulnerability in MAIL2000 Versions 6.0 and 7.0 Allows Arbitrary Code Execution
Cross-Site Scripting (XSS) Vulnerability in MAIL2000 Login Feature
Critical Open Redirect Vulnerability in MAIL2000 Versions 6.0 and 7.0: Unauthenticated Redirect to Malicious Site
Stored Cross-Site Scripting (XSS) Vulnerability in MantisBT Timeline Feature
Weak Random Keys in iNextrix ASTPP
Case-sensitive constructor typo allows for unauthorized ownership change and free cryptocurrency acquisition in AIRDROPX BORN smart contract
Typo in Smart Contract Constructor Allows Free Acquisition of EAI Tokens
Smart Contract Ownership Acquisition and DoS Vulnerability in MORPH Token
Stored XSS Vulnerability in OpenCart 3.x Admin Panel Source/HTML Editing Feature
Reflected XSS Vulnerability in 360-product-rotation Plugin for WordPress
XSS Vulnerability in Zoho ManageEngine ServiceDesk Plus 10.0
Privilege Escalation Vulnerability in Realtek Waves MaxxAudio Driver 1.6.2.0 on Dell Laptops
Insecure Storage of Database Password in PRiSE adAS 1.7.0
Reflected XSS Vulnerability in PRiSE adAS 1.7.0
Remote Code Execution via Password Hashing Function Manipulation
Authentication Bypass Vulnerability in PRiSE adAS 1.7.0
CSRF Vulnerability in PRiSE adAS 1.7.0 Allows Administrator Actions by Attackers
Out-of-Bounds Read Vulnerability in qedi_dbg_* Functions
Arbitrary File Upload Vulnerability in Artica Integria IMS 5.0.86
CSV Injection Vulnerability in WordPress Users & WooCommerce Customers Import Export Plugin
Reflected XSS Vulnerability in DWSurvey through 2019-07-22
NULL pointer dereference vulnerability in ath6kl USB driver in Linux kernel through 5.2.9
NULL Pointer Dereference in ath10k USB Endpoint Descriptor Handling
Remote Code Execution in Tyto Sahi Pro 6.x through 8.0.0
SQL Injection Vulnerability in Zoho ManageEngine OpManager Allows Unauthorized Server Access
SQL Injection Vulnerability in Zoho ManageEngine Application Manager
Authentication Bypass Vulnerability in Zoho ManageEngine OpManager
Command Injection Vulnerability in Webmin <=1.920
Cross-Site Scripting (XSS) Vulnerability in WSO2 API Manager 2.6.0
XSS Vulnerability in The Events Calendar Plugin for WordPress
XSS Vulnerability in wp-front-end-profile Plugin for WordPress
Privilege Escalation Vulnerability in wp-front-end-profile Plugin
XSS Vulnerability in wp-slimstat Plugin for WordPress (Version < 4.8.1)
CSRF Vulnerability in Companion-Sitemap-Generator Plugin for WordPress
CSRF Vulnerability in Formcraft-Form-Builder Plugin for WordPress
CSRF Vulnerability in Peters Login Redirect Plugin for WordPress
XSS Vulnerability in Easy Digital Downloads Plugin: IP Address Logging
Out-of-Bounds Memory Access in parse_audio_mixer_unit in Linux Kernel
Kernel Stack Exhaustion Vulnerability in sound/usb/mixer.c
Insecure Permissions in cnlh nps Installation
Cross-Site Scripting (XSS) Vulnerability in Kunena Extension for Joomla!
Remote Code Execution Vulnerability in Viki Vera 4.9.1.26180 via Branding Module
XSS Vulnerability in MobileFrontend Extension's Watchlist Feed Edit Summary Field
Vulnerability: Broadcom Wi-Fi Client Devices Information Disclosure
XSS Vulnerability in REDCap Data Import Tool
CSRF Vulnerability in iF.SVNAdmin Allows Unauthorized User Creation
Unauthenticated Access to Candidates' Photo Files in Humanica Humatrix 7 Recruitment Module
Arbitrary File Upload and Remote Code Execution in Humanica Humatrix 7 Recruitment Module
Arbitrary File Upload and Execution Vulnerability in Code42 Enterprise
User Enumeration Vulnerability in Zabbix 4.4.0alpha1
GIFLIB Divide-by-Zero Vulnerability
Memory Leak Vulnerability in RIOT TCP Implementation (gnrc_tcp) Allows Network Thread Disruption
OMG DDS Security 1.1 Handshake Protocol Cleartext Capability Disclosure Vulnerability
eProsima Fast RTPS Access Control Plugin Remote Participant Connection Policy Bypass Vulnerability
Insecure Topic Name Matching in eProsima Fast RTPS Access Control Plugin
Arbitrary File Read Vulnerability in html-pdf Package 2.2.0 for Node.js
Denial-of-Service Vulnerability in ImageMagick 7.0.8-41 Q16 (CVE-2019-11473)
Use-after-free vulnerability in ImageMagick 7.0.8-43 Q16 in coders/mat.c allows remote attackers to cause denial of service or other impact via crafted Matlab image file in ReadImage.
Heap-based Buffer Over-read in WriteTIFFImage of ImageMagick 7.0.8-43 Q16
Heap-based Buffer Over-read Vulnerability in DjVuLibre 3.5.27
Denial-of-Service Vulnerability in DjVuLibre 3.5.27 Bitmap Reader Component
Denial-of-Service Vulnerability in DjVuLibre 3.5.27 Sorting Functionality
Denial-of-Service Vulnerability in DjVuLibre 3.5.27 via Corrupted JB2 Image File Handling
Heap-Based Buffer Over-read Vulnerability in GoPro GPMF-parser 1.2.2
Out-of-Bounds Read and SEGV Vulnerability in GoPro GPMF-parser 1.2.2
Out-of-Bounds Write Vulnerability in GoPro GPMF-parser 1.2.2
Unidirectional-Routing Protection Bypass in Mitogen Core.py
CSRF Vulnerability in OAuth2 Client Extension for MediaWiki
Double Free Vulnerability in AdPlug 2.3.1's Cu6mPlayer Class
XML Entity Expansion Attack in SweetXml Package
Improper Length Handling in rpcapd/daemon.c in libpcap
Information Disclosure in libpcap Authentication Failure Messages
Denial of Service Vulnerability in libpcap's rpcapd Daemon
SSRF Vulnerability in libpcap's rpcapd/daemon.c
Memory Allocation Vulnerability in sf-pcapng.c in libpcap
Unbounded Memory Access in lmp_print_data_link_subobjs() Function
Buffer Over-read Vulnerability in VRRP Parser of tcpdump
Use-after-free vulnerability in Linux kernel before 5.2.6 due to malicious USB device in v4l2-dev.c driver
Double-Free Vulnerability in Linux Kernel USB Driver
Use-after-free vulnerability in Linux kernel USB DVB driver
Use-after-free vulnerability in Linux kernel sound subsystem
Use-after-free vulnerability in Linux kernel before 5.2.6 in cpia2_usb.c driver
NULL Pointer Dereference in Linux Kernel USB Driver
NULL pointer dereference vulnerability in Linux kernel USB driver
NULL pointer dereference vulnerability in Linux kernel USB driver
NULL pointer dereference vulnerability in sisusbvga driver
Use-after-free vulnerability in Linux kernel driver p54usb.c
NULL pointer dereference vulnerability in Linux kernel sound/usb/line6/pcm.c driver
NULL pointer dereference vulnerability in Linux kernel sound/usb/helper.c (motu_microbookii) driver
NULL pointer dereference vulnerability in Linux kernel sound/usb/line6/driver.c driver
Code-execution backdoor vulnerability in rest-client gem 1.6.10-1.6.13
Denial of Service Vulnerability in Envoy (CVE-2019-14993)
Header Size Denial-of-Service Vulnerability in Envoy
XSS Vulnerability in FlightPath 4.8.3 Admin Console: Cookie Stealing and Malicious Actions
XSS Vulnerability in FUEL CMS 1.4.4 Admin Console Allows for Cookie Stealing and Malicious Actions
CSRF Vulnerability in FUEL CMS 1.4.4 Admin Console's Create Blocks Section
Multiple Cross-Site Scripting (XSS) Vulnerabilities in LibreNMS v1.54 Admin Console
Use-After-Free Vulnerability in Live555 (CVE-2019-XXXX)
XSS Vulnerability in Live:Text Box Macro in Old Street Live Input Macros App
Uncontrolled Memory Allocation Vulnerability in SHAREit 4.0.6.177
Session Hijacking and Password Disclosure in CentOS Web Panel 0.9.8.864
Punycode Homograph Attack Vulnerability in Roundcube Webmail
CSRF Vulnerability in cforms2 Plugin for WordPress: IP Address Field
Use-after-free vulnerability in Linux kernel prior to 4.9.190 and 4.14.139
Arbitrary Code Execution with Elevated Privileges in Cisco SPA100 Series Analog Telephone Adapters
Arbitrary Code Execution with Elevated Privileges in Cisco SPA100 Series Analog Telephone Adapters
Arbitrary Code Execution with Elevated Privileges in Cisco SPA100 Series Analog Telephone Adapters
Arbitrary Code Execution with Elevated Privileges in Cisco SPA100 Series Analog Telephone Adapters
Arbitrary Code Execution with Elevated Privileges in Cisco SPA100 Series Analog Telephone Adapters
Arbitrary Code Execution with Elevated Privileges in Cisco SPA100 Series Analog Telephone Adapters
Arbitrary Code Execution with Elevated Privileges in Cisco SPA100 Series Analog Telephone Adapters
Arbitrary Code Execution with Elevated Privileges in Cisco SPA100 Series Analog Telephone Adapters
Arbitrary Code Execution with Elevated Privileges in Cisco SPA100 Series Analog Telephone Adapters
Arbitrary Code Execution with Elevated Privileges in Cisco SPA100 Series Analog Telephone Adapters
Arbitrary Code Execution with Elevated Privileges in Cisco SPA100 Series Analog Telephone Adapters
Arbitrary Code Execution with Elevated Privileges in Cisco SPA100 Series Analog Telephone Adapters
Arbitrary Code Execution with Elevated Privileges in Cisco SPA100 Series Analog Telephone Adapters
Stored XSS Vulnerability in Cisco DNA Center Web-Based Management Interface
Cisco Identity Services Engine (ISE) Web Management Interface Authorization Bypass Vulnerability
IKEv1 Denial of Service Vulnerability in Cisco ASA and FTD Software
Improper Restrictions on Configuration Information in Cisco SPA100 Series Analog Telephone Adapters
Cisco SPA100 Series ATA Web Management Interface Denial of Service Vulnerability
Cisco Unified Contact Center Express (UCCX) Software HTTP Response Splitting Vulnerability
Cisco Aironet Access Points (APs) Software Vulnerability: Unauthorized Access and Privilege Escalation
Cisco Aironet Access Points (APs) PPTP VPN Denial of Service Vulnerability
Denial of Service Vulnerability in Cisco Wireless LAN Controller (WLC) Software SSH Session Management
CAPWAP Protocol Implementation Denial of Service Vulnerability in Cisco Aironet and Catalyst 9100 Access Points
Cisco Aironet Access Points (APs) BPDU Forwarding DoS Vulnerability
Directory Traversal Vulnerability in Cisco Wireless LAN Controller (WLC) Software
Cross-Site Scripting (XSS) Vulnerabilities in Cisco Firepower Management Center (FMC) Web Interface
Cross-Site Scripting (XSS) Vulnerabilities in Cisco Firepower Management Center (FMC) Web Interface
Cross-Site Scripting (XSS) Vulnerability in Cisco Firepower Management Center (FMC) Web Interface
Arbitrary Command Execution Vulnerability in Cisco Small Business RV Series Routers
Unauthorized Access Vulnerability in Cisco Unified Communications Manager and Session Management Edition
Arbitrary File Overwrite Vulnerabilities in Cisco TelePresence Collaboration Endpoint (CE) Software
Command Injection Vulnerability in Cisco TelePresence Collaboration Endpoint (CE) Software
Arbitrary Command Execution Vulnerability in Cisco TelePresence Collaboration Endpoint (CE) Software
Denial of Service Vulnerability in Cisco Wireless LAN Controller Software
Root Privilege Execution Vulnerability in Cisco TelePresence Collaboration Endpoint (CE) Software
Cisco Finesse Web Management Interface Authorization Bypass Vulnerability
Stored Cross-Site Scripting (XSS) Vulnerability in Cisco Firepower Management Center (FMC) Software
Stored XSS Vulnerability in Cisco Identity Services Engine (ISE) Software
Cisco Identity Services Engine (ISE) Software: Unauthenticated Remote Read Access to tcpdump Files
Arbitrary Code Execution Vulnerabilities in Cisco Webex Network Recording Player and Cisco Webex Player for Windows
Arbitrary Code Execution Vulnerabilities in Cisco Webex Network Recording Player and Cisco Webex Player for Windows
Arbitrary Code Execution Vulnerabilities in Cisco Webex Network Recording Player and Cisco Webex Player for Windows
Arbitrary Code Execution Vulnerabilities in Cisco Webex Network Recording Player and Cisco Webex Player for Windows
Arbitrary Code Execution Vulnerabilities in Cisco Webex Network Recording Player and Cisco Webex Player for Windows
Privilege Escalation Vulnerability in Cisco TelePresence Collaboration Endpoint (CE), Cisco TelePresence Codec (TC), and Cisco RoomOS Software
Denial of Service Vulnerabilities in Cisco TelePresence Collaboration Endpoint and RoomOS Software
NULL Pointer Dereference Vulnerability in Linux Kernel's flexcop-usb.c Driver
Use-after-free vulnerability in atalk_proc_exit in the Linux kernel before 5.0.9
User Mode Write AV Vulnerability in ACDSee Photo Studio Standard 22.1 Build 1159
Clear-text logging of custom service account credentials in Gallagher Command Centre
Untrusted Search Path Vulnerability in Bitdefender Antivirus Free 2020
Buffer Overflow Vulnerability in FAAD2 2.8.8
NULL session media object dereference vulnerability in res_pjsip_t38 in Sangoma Asterisk 15.x before 15.7.4 and 16.x before 16.5.1
Authenticated Command Injection in Centreon Web
Authentication Bypass Vulnerability in Centreon Web
Authenticated SQL Injection in Centreon Web through 19.04.3
Arbitrary SQL Command Execution in Terrasoft Bpm'online CRM-System SDK 7.13
Remote Code Execution Vulnerability in XWiki Labs CryptPad
Default Password Vulnerability in Lierda Grill Temperature Monitor V1.00_50006
WAN Remote Code Execution and AWS Key Retrieval Vulnerability in Linkplay Firmware
Zolo Halo LAN Remote Code Execution via GoAhead Web Server
Zolo Halo DNS Rebinding Attack Vulnerability
Non-persistent XSS vulnerability in Zimbra Collaboration before 8.8.15 Patch 1
Arbitrary JavaScript Code Execution via File Upload in Tiki 18.4
Privilege Escalation Vulnerability in Valve Steam Client for Windows
Privilege Escalation Vulnerability in Valve Steam Client for Windows
XSS Vulnerability in Give Plugin (WordPress) Prior to 2.4.7 via Donor Name
Code Injection Vulnerability in yikes-inc-easy-mailchimp-extender Plugin for WordPress
Object Injection Vulnerability in Option-Tree Plugin for WordPress (CVE-2021-12345)
Object Injection Vulnerability in Option-Tree Plugin for WordPress
Object Injection Vulnerability in Option-Tree Plugin for WordPress (<=2.7.3)
Vulnerability Alert: Local File Inclusion in Shortcode-Factory Plugin for WordPress
Path Traversal Vulnerability in Ad-Inserter Plugin for WordPress
Critical Remote Code Execution Vulnerability in Ad-Inserter Plugin for WordPress
Misleading Vulnerability: Disabled CONFIG_SECURITY_YAMA with Misconfigured /etc/sysctl.d/10-ptrace.conf
Directory Traversal Vulnerability in Import Users from CSV with Meta Plugin
XSS Vulnerability in import-users-from-csv-with-meta Plugin for WordPress
XSS Vulnerability in Import Users from CSV with Meta Plugin for WordPress
CSRF Vulnerability in Import Users from CSV with Meta Plugin for WordPress
Insufficient Protection Against Arbitrary File Reading in webp-express Plugin for WordPress
HTML Injection Vulnerability in wp-support-plus-responsive-ticket-system Plugin
Unrestricted Wi-Fi Control Vulnerability in Lava Z61 Android Device
Unsecured Wi-Fi Control Vulnerability on Lava Flair Z1 Android Device
Unrestricted Wi-Fi Control Vulnerability in Lava Iris 88 Go Android Device
Unrestricted Wi-Fi Control Vulnerability in Lava Z92 Android Device
Unrestricted Wi-Fi Control Vulnerability in Lava Z61 Turbo Android Device
Unrestricted Wi-Fi Control Vulnerability in Lava Z81 Android Device
Unrestricted Wi-Fi Control Vulnerability in Lava Iris 88 Lite Android Device
Unrestricted Wi-Fi Control Vulnerability in Lava Z60s Android Device
Pre-installed App Vulnerability: Unauthorized Control of Connectivity Features
Vulnerability: Privilege Escalation via LovelyFont App
Vulnerability: Arbitrary Command Execution via com.lovelyfont.defcontainer
Vulnerability: Arbitrary Command Execution via com.lovelyfont.defcontainer
Vulnerability: Arbitrary Command Execution and MITM Attack on Tecno Camon iClick Android Device
Vulnerability: Privilege Escalation via com.lovelyfont.defcontainer
Vulnerability: Privilege Escalation via com.lovelyfont.defcontainer
Vulnerability: Arbitrary Command Execution via com.lovelyfont.defcontainer
Vulnerability: Arbitrary Command Execution via com.lovelyfont.defcontainer
Vulnerability: Privilege Escalation via LovelyFont Android App
Vulnerability: Privilege Escalation via LovelyFont Android App
Vulnerability: Arbitrary Command Execution via com.lovelyfont.defcontainer
Unsecured System Property Modification Vulnerability in Coolpad 1851 Android Device
Unsecured System Property Modification Vulnerability in Coolpad N3C Android Device
Unsecured System Property Modification Vulnerability in Ulefone Armor 5 Android Device
Unsecured System Property Modification Vulnerability in Tecno Camon iClick Android Device
Unsecured System Property Modification Vulnerability in Lava Flair Z1 Android Device
Unsecured System Property Modification Vulnerability in Advan i6A Android Device
Unsecured System Property Modification Vulnerability in Dexp Z250 Android Device
Unsecured System Property Modification Vulnerability in Haier A6 Android Device
Unauthenticated System Property Modification Vulnerability in Hisense U965 Android Device
Insecure System Property Modification Vulnerability in Infinix Note 5 Android Device
Unauthenticated System Property Modification Vulnerability in Lava Iris 88 Go Android Device
Unsecured System Property Modification Vulnerability in Leagoo Power 5 Android Device
Unsecured System Property Modification Vulnerability in Dexp BL250 Android Device
Unsecured System Property Modification Vulnerability in Lava Z92 Android Device
Insecure System Property Modification Vulnerability in Infinix Note 5 Android Device
Unsecured System Property Modification Vulnerability in Haier P10 Android Device
Unsecured System Property Modification Vulnerability in Coolpad 1851 Android Device
Unsecured System Property Modification Vulnerability in Lava Z61 Turbo Android Device
Unsecured System Property Modification Vulnerability in Haier G8 Android Device
Unsecured System Property Modification Vulnerability on Symphony G100 Android Device
Unsecured System Property Modification Vulnerability in Hisense F17 Android Device
Unsecured System Property Modification Vulnerability in Symphony i95 Lite Android Device
Unauthenticated System Property Modification Vulnerability in Lava Iris 88 Lite Android Device
Unsecured System Property Modification Vulnerability in Haier G8 Android Device
Unauthenticated System Property Modification Vulnerability in Panasonic Eluga Ray 530
Unauthenticated System Property Modification Vulnerability in Cherry Flare S7 Android Device
Unauthenticated System Property Modification Vulnerability in Panasonic Eluga Ray 600
System Property Modification Vulnerability in Walton Primo G3 Android Device
System Property Modification Vulnerability on Fly Photo Pro Android Device
Unauthenticated System Property Modification Vulnerability in BQ 5515L Android Device
Unsecured System Property Modification Vulnerability in Cubot Nova Android Device
Unauthenticated System Property Modification Vulnerability in Allview X5 Android Device
Unsecured System Property Modification Vulnerability in Elephone A4 Android Device
Insecure System Property Modification Vulnerability in Infinix Note 5 Android Device
Unsecured System Property Modification Vulnerability in Lava Z60s Android Device
Vulnerability: Unrestricted Wi-Fi Control via com.roco.autogen App
Arbitrary Command Execution and Man-in-the-Middle Vulnerability in Coolpad 1851 Android Device
Vulnerability: Arbitrary Command Execution and MITM Attack on Haier A6 Android Device
Unsecured System Property Modification Vulnerability in Haier G8 Android Device
Vulnerability: Unauthorized System Property Modification in Asus ZenFone 4 Selfie Android Device
Vulnerability: Unauthorized System Property Modification in Asus ZenFone 4 Selfie Android Device
Vulnerability: Unauthorized Wireless Settings Modification via Confused Deputy Attack on Asus ZenFone Live Android Device
Vulnerability: Unauthorized Wireless Settings Modification via Confused Deputy Attack on Asus ZenFone 5 Selfie Android Device
Vulnerability: Command Execution via Pre-installed App Component in Asus ZenFone 3s Max
Vulnerability: Command Execution via Asus ZenFone 3 Pre-installed App
Vulnerability: Command Execution via Pre-installed App Component in Asus ZenFone Max 4
Vulnerability: Command Execution via Asus ZenFone 4 Selfie Pre-installed App
Vulnerability: Command Execution via Pre-installed App Component in Asus ZenFone 5Q
Vulnerability: Command Execution via Pre-installed App Component in Asus ZenFone 3 Ultra
Vulnerability: Command Execution via Pre-installed App Component in Asus ASUS_A002 Android Device
Vulnerability: Command Execution via Pre-installed App Component in Asus ASUS_A002_2 Android Device
Vulnerability: Command Execution via Pre-installed App Component in Asus ZenFone 3s Max
Vulnerability: Command Execution via Pre-installed App Component in Asus ZenFone Max 4
Vulnerability: Command Execution via Pre-installed App Component in Asus ASUS_X00K_1 Android Device
Vulnerability: Command Execution via Pre-installed App Component
Vulnerability: Command Execution via Pre-installed App Component in Asus ASUS_X015_1 Android Device
Vulnerability: Command Execution via Asus ZenFone 5 Lite Pre-installed App
Vulnerability: Command Execution via Pre-installed App Component in Asus ZenFone 5Q
Vulnerability: Command Execution via Pre-installed App Component in Asus ZenFone 5Q
Vulnerability: Command Execution via Pre-installed App Component in Asus ZenFone 3 Laser
Vulnerability: Command Execution via Pre-installed App Component in Asus ZenFone 4 Selfie Android Device
Vulnerability: Command Execution via Pre-installed App Component in Asus ZenFone 3 Ultra
Vulnerability: Command Execution via Pre-installed App Component in Asus ZenFone AR
Pre-installed App Vulnerability: Unauthorized Wireless Settings Modification via Confused Deputy Attack on Xiaomi Redmi 5
Vulnerability: Unauthorized App Installation via Pre-installed App Component
Pre-installed App on Tecno Spark Pro Android Device Allows Unauthorized Dynamic Code Loading via Confused Deputy Attack
Vulnerability: Unauthorized Command Execution via Confused Deputy Attack in com.lovelyfont.defcontainer app
Pre-installed App on Asus ASUS_X015_1 Android Device Allows Unauthorized Command Execution via Confused Deputy Attack
Vulnerability: Unauthorized Wireless Settings Modification via Confused Deputy Attack on Blackview BV9000Pro-F Android Device
Vulnerability: Unauthorized Wireless Settings Modification via Confused Deputy Attack on Blackview BV7000_Pro Android Device
Vulnerability: Unauthorized Wireless Settings Modification via Confused Deputy Attack on Doogee Mix Android Device
Vulnerability: Unauthorized Wireless Settings Modification via Confused Deputy Attack on Bluboo_S1 Android Device
Vulnerability: Unauthorized Wireless Settings Modification via Confused Deputy Attack on Doogee BL5000 Android Device
Vulnerability: Unauthorized Wireless Settings Modification via Confused Deputy Attack on Kata M4s Android Device
Vulnerability in Xiaomi 5S Plus Android Device Allows Unauthorized Wireless Settings Modification
Vulnerability in Xiaomi Mi Mix Android Device Allows Unauthorized Wireless Settings Modification
Vulnerability: Unauthorized Wireless Settings Modification via Confused Deputy Attack on Xiaomi Mi Note 2
Vulnerability: Unauthorized At Command Access via Confused Deputy Attack on Panasonic ELUGA_I9 Android Device
OpenSSL ChaCha20-Poly1305 Nonce Length Vulnerability
Vulnerability: System Properties Modification via com.qiku.cleaner App Component
Pre-installed App Component Vulnerability in Evercoss U50A Android Device
Vulnerability: System Properties Modification via Pre-installed App Component
Vulnerability: Pre-installed App Component Allows Unauthorized App Installation
Vulnerability: Pre-installed App Component Allows Unauthorized App Installation
Vulnerability: Pre-installed App Component Allows Unauthorized App Installation
Vulnerability: Unauthorized App Installation via Pre-installed App Component
Vulnerability: Pre-installed App Component Allows Unauthorized App Installation
Vulnerability: Pre-installed App Component Allows Unauthorized App Installation
Vulnerability: Pre-installed App Component Allows Unauthorized App Installation
Vulnerability: Pre-installed App Installation via Accessible App Component on Samsung J5 Android Device
Vulnerability: Pre-installed App Component Allows Unauthorized App Installation
Vulnerability: Pre-installed App Component Allows Unauthorized App Installation
Vulnerability: Pre-installed App Component Allows Unauthorized App Installation
Vulnerability: Pre-installed App Component Allows Unauthorized App Installation
Vulnerability: Pre-installed App Component Allows Unauthorized App Installation
Vulnerability: App Installation via Pre-installed App Component
Vulnerability: Pre-installed App Component Allows Unauthorized App Installation
Vulnerability: Pre-installed App Component Allows Unauthorized App Installation
Vulnerability: Pre-installed App Component Allows Unauthorized App Installation
Vulnerability: Pre-installed App Component Allows Unauthorized App Installation
Vulnerability: Pre-installed App Component Allows Unauthorized App Installation
Vulnerability: Pre-installed App Component Allows Unauthorized App Installation
Vulnerability: Pre-installed App Component Allows Unauthorized App Installation
Vulnerability: Pre-installed App Component Allows Unauthorized App Installation
Vulnerability: Pre-installed App Installation via Accessible App Component in Samsung J5 Android Device
Vulnerability: Pre-installed App Component Allows Unauthorized App Installation
Vulnerability: Pre-installed App Component Allows Unauthorized App Installation
Vulnerability: Pre-installed App Component Allows Unauthorized App Installation
Vulnerability: Pre-installed App Component Allows Unauthorized App Installation
Vulnerability: Pre-installed App Component Allows Unauthorized App Installation on Samsung J7 Neo Android Device
Vulnerability: Pre-installed App Component Allows Unauthorized App Installation
Vulnerability: Pre-installed App Component Allows Unauthorized App Installation
Vulnerability: Pre-installed App Component Allows Unauthorized App Installation
Vulnerability: Pre-installed App Component Allows Unauthorized App Installation
Vulnerability: Pre-installed App Component Allows Unauthorized App Installation
Pre-installed App Vulnerability: Unauthorized Wireless Settings Modification via Confused Deputy Attack on Xiaomi Redmi 6 Pro
Vulnerability: Unauthorized Wireless Settings Modification via Confused Deputy Attack on Xiaomi Mi Mix 2S Android Device
Vulnerability: Unauthorized Wireless Settings Modification via Confused Deputy Attack on Xiaomi Mi A2 Lite Android Device
Vulnerability: Pre-installed App Allows Unauthorized Microphone Audio Recording
Vulnerability: Key Recovery in ECDSA Signature Operation with Explicit Parameters
Vulnerability: Pre-installed App Allows Unauthorized Microphone Audio Recording
Vulnerability: Pre-installed App Allows Unauthorized Microphone Audio Recording
Pre-installed App Vulnerability: Unauthorized Microphone Audio Recording via Confused Deputy Attack
Pre-installed App Vulnerability: Unauthorized Microphone Audio Recording via Confused Deputy Attack
Xiaomi Cepheus Android Device Vulnerability: Unauthorized Microphone Audio Recording via Confused Deputy Attack
Vulnerability: Unauthorized Microphone Audio Recording via Confused Deputy Attack on Xiaomi Mi A3 Android Device
XSS Vulnerability in Former before 4.2.1 via Checkbox Value
XSS Vulnerability in Jooby before 1.6.4 via Default Error Handler
Reflected XSS Vulnerability in Status Board 1.1.81 via logic.ts
Reflected XSS Vulnerability in Status Board 1.1.81 via dashboard.ts
XSS Vulnerability in Domoticz 4.10717 via item.Name
XSS Vulnerability in Kimai v2 before 1.1 via Timesheet Description
Cross-Site Scripting (XSS) Vulnerability in selectize-plugin-a11y before 1.1.0 via the msg field.
Cross-Site Scripting (XSS) Vulnerability in Bolt CMS before 3.6.10
XSS Vulnerability in Bolt CMS (Versions before 3.6.10) via Image Alt or Title Field
Cross-Site Scripting (XSS) Vulnerability in Bolt CMS 3.6.10 and Earlier
XSS Vulnerability in Django JS Reverse before 0.9.1
XSS Vulnerability in DfE School Experience before v16333-GA via Teacher Training URL
Reflected XSS in Ignite Realtime Openfire LDAP Setup Test
Cross-Site Scripting (XSS) Vulnerability in laracom (aka Laravel FREE E-Commerce Software) 1.4.11
Insecure Random Number Generator in OpenSSL 1.1.1
Code Injection Vulnerability in openITCOCKPIT before 3.7.1 (RVID 1-445b21)
CSRF Vulnerability in openITCOCKPIT before 3.7.1 (RVID 2-445b21)
Reflected XSS Vulnerability in openITCOCKPIT before 3.7.1 (RVID 3-445b21)
File Deletion Vulnerability in openITCOCKPIT before 3.7.1 (RVID 4-445b21)
SSRF Vulnerability in openITCOCKPIT before 3.7.1 (RVID 5-445b21)
CSRF Vulnerability in MyT Project Management 1.5.1 Allows Arbitrary Code Execution
Default Credentials Vulnerability in Black Box iCOMPEL and ONELAN Net-Top-Box
Arbitrary OS Command Execution in Vera Edge Home Controller 1.7.4452 via webcam.sh
CodiMD 1.3.1 Safari XSS Vulnerability
Reflected Cross-Site Scripting (XSS) in L-Soft LISTSERV: /scripts/wa.exe OK Parameter Vulnerability
Remote Crash Vulnerability in TeamSpeak Client
OS Command Execution Vulnerability in AltaVoz Prontus (aka ProntusCMS) through 12.0.3.0
Double Free Vulnerability in Linux Kernel USB Driver (CVE-XXXX-XXXX)
Out-of-Bounds Read Vulnerability in Linux Kernel USB DVB-USB Driver
Critical Information Disclosure Vulnerability in Kaseya Virtual System Administrator (VSA)
Cleartext Password Exposure in Octopus Deploy Versions 2018.8.4 to 2019.7.6
Cleartext Password Exposure in Octopus Tentacle Versions 3.0.8 to 5.0.0
Overflow Bug in x64_64 Montgomery Squaring Procedure: Limited Impact on RSA and DSA
HTML Injection Vulnerability in Zoho ManageEngine Desktop Central 10 User Administration Page
Local Privilege Escalation Vulnerability in GOG Galaxy Client Service
Denial of Service Vulnerability in OpenWrt libuci
Privacy Vulnerability: Incorrect Access Level Indication in Telegram App Allows Phone Number Discovery
CSRF Token Leakage in Discourse 2.3.2
Directory Traversal Vulnerability in Cuberite (before 2019-06-11) via ....//
Directory Traversal Vulnerability in jc21 Nginx Proxy Manager before 2.0.13
Directory Traversal Vulnerability in Swoole before 4.2.13
Directory Traversal Vulnerability in Power-Response Plugin (Pre-2019-02-02)
Vulnerability: Insecure Default Configuration Directory in OpenSSL
Directory Traversal Vulnerability in comelz Quark (before 2019-03-26)
PHP Object Injection Vulnerability in Spoon Library
SSL Bypass Vulnerability in LINBIT csync2
Improper Handling of GNUTLS_E_WARNING_ALERT_RECEIVED in LINBIT csync2
Arbitrary File Upload Vulnerability in CSZ CMS 1.2.3
Critical Vulnerability: Missing SSL Certificate Validation in pw3270 Terminal Emulator
Command Injection Vulnerability in D-Link DIR-823G Firmware V1.0.2B05
Command Injection Vulnerability in D-Link DIR-823G Firmware V1.0.2B05
Command Injection Vulnerability in D-Link DIR-823G Firmware V1.0.2B05
Command Injection Vulnerability in D-Link DIR-823G Firmware V1.0.2B05
Command Injection Vulnerability in D-Link DIR-823G Firmware V1.0.2B05
Heap-based Buffer Over-read in GNU Libextractor's DVI Extractor Plugin
Cross-Site Scripting (XSS) vulnerability in CyberChef before 8.31.2 in core/operations/TextEncodingBruteForce.mjs
SQL Injection Vulnerability in XENFCoreSharp's web/verify.php
SQL Injection Vulnerability in Raml-Module-Builder 26.4.0's PostgresClient.update
SQL Injection Vulnerability in Tasking Manager before 3.4.0 via Custom SQL
SQL Injection Vulnerability in Acclaim Block Plugin for Moodle
SQL Injection Vulnerability in SimpleSAMLphp Proxystatistics Module
XFS Filesystem Wedge Vulnerability
Stored Cross-Site Scripting (XSS) Vulnerability in MantisBT Project Documentation Feature
Heap-based Buffer Overflow in CSO Filter of libMirage 3.2.2 in CDemu
Denial of Service in rustls-mio TLS Server
Uncontrolled Recursion in HTML DOM Tree Serialization
Memory Corruption Vulnerability in slice-deque Crate
Memory Exhaustion Vulnerability in Rust Protobuf Crate
Ed25519 Signature Spoofing Vulnerability in libp2p-core Crate
Format String Vulnerabilities in pancurses crate through 0.16.1
Format String Vulnerabilities in ncurses Crate for Rust
Buffer Overflow Vulnerabilities in ncurses Crate for Rust
Memory Exhaustion Vulnerability in asn1_der Crate
Out-of-Bounds Read and Page Boundary Crossing Vulnerability in simd-json Crate
Double Free Vulnerability in smallvec Crate
Use-after-free vulnerability in libflate crate allows arbitrary code execution
Uninitialized Memory Exposure in memoffset Crate
Memory Corruption in SmallVec Crate: Grow Attempts with Insufficient Capacity
SQL Injection Vulnerability in FredReinink Wellness-app (before 2019-06-19)
SQL Injection Vulnerability in Social Network Registration Handler
SQL Injection Vulnerability in XM^online 2 User Account and Authentication Server 1.0.0 via Tenant Key
SQL Injection Vulnerability in XM^online 2 Common Utils and Endpoints 0.2.1
DianoxDragon Hawn SQL Injection Vulnerability
SQL Injection Vulnerability in Reviews Module of OpenSource Table (before 2019-06-14)
FlashLingo SQL Injection Vulnerability
Incomplete Parentheses SQL Injection Vulnerability in GORM
SQL Injection Vulnerability in OHDSI WebAPI FeatureExtractionService.java
SQL Injection Vulnerability in Compassion Switzerland Addons for Odoo
SQL Injection Vulnerability in ICOMMKT Connector for PrestaShop (Versions before 1.0.7)
SQL Injection Vulnerability in Alfresco Android Application
SQL Injection Vulnerability in OpenForis Arena Sorting Feature
SQL Injection Vulnerability in idseq-web Allows Attackers to Manipulate tax_levels
SQL Injection Vulnerability in HM Courts & Tribunals CCD Data Store API
SQL Injection Vulnerability in BEdita 4.0.0-RC2
SQL Injection Vulnerability in ClonOS WEB Control Panel (before 2019-04-30)
Gesior-AAC Shop.php ServiceCategoryID SQL Injection Vulnerability
SQL Injection Vulnerability in Gesior-AAC (tankyou.php)
Gesior-AAC Account Management SQL Injection Vulnerability
Command Injection Vulnerability in GitLab CE/EE <v12.3.2, <v12.2.6, and <v12.1.12 via API Blobs Scope
GitLab CE/EE Information Disclosure: Unauthorized Access to Private System Notes via GraphQL Endpoint
GitLab CE/EE Information Disclosure Vulnerability: Project Milestones Disclosure via Groups Browsing
Information Disclosure in GitLab Community Edition (CE) and Enterprise Edition (EE) Allows Path Disclosure in Unsubscribe Email Links
Information Disclosure Vulnerability in GitLab CE and EE: Confidential Issue Assignee Disclosure via Milestones
Unauthenticated User Access to Restricted Pipeline Data in GitLab
IDOR vulnerability in GitLab allows unauthorized access to private group members via merge request approval rules
IDOR Vulnerability in GitLab Community Edition and Enterprise Edition Allows Unauthorized Group Access
Information Disclosure in GitLab API: Private Labels and Project Namespace Disclosure
Markdown Input Validation Bypass Vulnerability in GitLab
SAML Integration Account Takeover Vulnerability in GitLab CE and EE
Cross-Site Scripting (XSS) Vulnerability in Gitlab CE/EE < 12.1.10 Mermaid Plugin
Unsanitized JavaScript Vulnerability in Loofah Gem for Ruby
OS Command Injection in Nexus Repository Manager <= 2.14.14 (bypass CVE-2019-5475) leading to Remote Code Execution (RCE)
Improper Access Control Vulnerability in Gitlab Allows Blocked Users to Bypass Restrictions
Vulnerability: Padding Oracle Attack in OpenSSL
Access Control Issue: Disclosure of Private Merge Requests and Issues in GitLab Group Search
Improper Access Control Vulnerability in GitLab <12.3.3 Allows Unauthorized Access to Container and Dependency Scanning Reports
GitLab 12.2.2 and below: Guest User Privilege Escalation via Activity Timeline
GitLab 12.2.3 Denial of Service Vulnerability in Issue Comments
GitLab 11.8 and Later: Restricted Pipeline Details Disclosure Vulnerability
Local Privilege Escalation Vulnerability in UniFi Video Controller =<3.10.6
Path Traversal Vulnerability in Statics-Server Allows Symlink-Based Attack
Remote Code Execution Vulnerability in node-df v0.1.4
Remote Code Execution Vulnerability in treekill on Windows
Remote Code Execution Vulnerability in tree-kill on Windows
Arbitrary File Read Vulnerability in http_server
Stored Cross-Site Scripting (XSS) Vulnerability in fileview package v0.1.6
Stored Cross-Site Scripting (XSS) Vulnerability in seefl v0.1.1 via Malicious Filename in Directory Listing
X.509 Certificate Validation Vulnerability in Node.js 10, 12, and 13
HTTP Request Smuggling Vulnerability in Node.js 10, 12, and 13: Malicious Payload Delivery via Malformed Transfer-Encoding
Trailing White Space Bypass Vulnerability in Node.js HTTP Header Value Comparisons
Stored XSS Vulnerability in Node-RED (<= 0.20.7): Exploiting IoT Wiring Tool
TOCTOU Vulnerability in Yarn < 1.19.0: Cache Pollution Attack via Package Integrity Validation
Command Injection Vulnerability in kill-port-process Package (Version < 2.2.0)
Access Retention Vulnerability in Circles App 0.17.7
Insecure Data Leakage in iOS App 2.23.0: Login and Token Exposure in Nextcloud Services
Password Reset Bug in Nextcloud Server 15.0.2 Allows Expired 2FA Logins to Persist
File Extension-Based Workflow Vulnerability in Nextcloud Server 17.0.1
XSS Vulnerability in iOS App 2.24.4 due to Missing Sanitization
Time Bypass Vulnerability in Android App 3.9.0
Dangling Remote Share Attempts in Nextcloud 16: A DNS Pollution Vulnerability
Security Vulnerability: Unauthorized Second Factor Setup in Nextcloud Server 17.0.0
Reflected XSS Vulnerability in Nextcloud 15.0.5 Updater
Cross-Site Scripting (XSS) Vulnerability in Nextcloud Server 16.0.3, Nextcloud Talk 6.0.3, and Nextcloud Deck 0.6.5
Improper Access Control in Nextcloud Talk 6.0.3: Leakage of Private Conversation Existence and Names via Projects Feature
Improper Permissions Preservation in Nextcloud Server 16.0.1: Sharees Able to Reshare with Write Permissions via Public Link
Information Disclosure Vulnerability in Nextcloud Android App 3.6.0
Information Leakage in Nextcloud Server 16.0.1: Sending Domain and User IDs to Disabled Lookup Server
Group Admins Can Create Users with IDs of System Folders in Nextcloud Server 15.0.7
Memory Usage Vulnerability in Trend Micro Password Manager 3.8
Clear Text Transmission of Initial LDAP Communication in Deep Security Manager Application
Arbitrary File Delete Vulnerability in Trend Micro Deep Security Agent for Windows
DLL Hijacking Vulnerability in Trend Micro Security (Consumer) 2020 (v16.0.1221 and below)
FLAG_MISUSE Vulnerability in Trend Micro Password Manager for Android: Information Sharing with Third-Party Apps
Bleichenbacher Padding Oracle Attack on RSA Encryption in OpenSSL
Remote File Read Vulnerability in MuleSoft Components
Arbitrary Code Execution Vulnerability in MuleSoft Mule CE/EE 3.x and API Gateway 2.x
Unencrypted Password Disclosure in Grafana 5.4.0
Tableau Products XXE Vulnerability: Information Disclosure and DoS Risk
Uncontrolled Search Path Element in COPA-DATA zenon Editor 8.10
Remote Crash Vulnerability in Sangoma Asterisk 13.28.0 and 16.5.0
Limesurvey Image Upload Vulnerability
Authenticated XXE Vulnerability in Webmin's xmlrpc.cgi
Authenticated Remote Code Execution in Webmin through rpc.cgi
XSS Vulnerability in Ultimate-FAQs Plugin for WordPress (Version < 1.8.22)
Stored XSS Vulnerability in Zoho-SalesIQ Plugin for WordPress
CSRF Vulnerability in Zoho-SalesIQ Plugin for WordPress
SQL Injection Vulnerability in rsvpmaker Plugin for WordPress
Remote Code Execution Vulnerability in Groundhogg Plugin for WordPress
Insufficient Restrictions on Deleting or Renaming Vulnerability in insert-or-embed-articulate-content-into-wordpress Plugin
Insufficient File Upload Restrictions in insert-or-embed-articulate-content-into-wordpress Plugin
Arbitrary JavaScript and HTML Injection in PAN-OS External Dynamic Lists
Insufficient Restrictions on Option Changes in stops-core-theme-and-plugin-updates Plugin for WordPress
Heap-Based Buffer Over-read in DecodeCertExtensions in wolfSSL 4.1.0
Client-side code injection vulnerability in NSSLGlobal SatLink VSAT Modem Unit (VMU) web interface before 18.1.0
Insecure Authentication Mechanism in Comba AP2600-I Devices: Password Disclosure Vulnerability
Password Disclosure Vulnerability in Comba AC2400 Devices
D-Link DSL-2875AL Password Disclosure Vulnerability
Information Disclosure Vulnerability in D-Link DSL-2875AL and DSL-2877AL Devices
Arbitrary Code Execution in eslint-utils (<=1.4.1) via getStaticValue Function
SQL Injection Vulnerability in connect-pg-simple before 6.0.1
SQL Injection Vulnerability in Pie-Register Plugin for WordPress (Versions prior to 3.1.2)
Arbitrary JavaScript and HTML Injection in PAN-OS Management Web Interface
CSRF Vulnerability in wp-members Plugin for WordPress
Stack-based Buffer Overflow in Rivet Killer Control Center (CVE-2021-XXXX)
Arbitrary Read Privilege Escalation in Rivet Killer Control Center
Out-of-Bounds Read Privilege Escalation in Rivet Killer Control Center (Issue 1 of 2)
Out-of-Bounds Read Privilege Escalation in Rivet Killer Control Center
Arbitrary Write Primitive Vulnerability in Rivet Killer Control Center
Out-of-Bounds Array Access in __xfrm_policy_unlink Leading to Denial of Service
Arbitrary Code Execution in Expedition Migration Tool 1.1.6 and Earlier
Heap Buffer Overflow in TightVNC Code Version 1.3.10: Remote Code Execution Vulnerability
Heap Buffer Overflow in TightVNC Code Version 1.3.10: Potential Code Execution via Network Connectivity
Palo Alto Networks Demisto 4.5 XSS Vulnerability
Null Pointer Dereference Vulnerability in TightVNC 1.3.10: Exploitable DoS via Network Connectivity
Memory Leak Vulnerability in LibVNC Server Code (CWE-655)
Out-of-Bound Access Read Vulnerabilities in RDesktop 1.8.4 Leading to Denial of Service (DoS)
Stack Buffer Overflow Vulnerability in TurboVNC Server Code
Remote Unauthorized Access Vulnerability in Kaspersky Protection Extension for Google Chrome
Remote Disabling of Security Features in Kaspersky Products: Bypass Vulnerability
Remote Disabling of Anti-Virus Protection Features: A Critical Vulnerability in Kaspersky Security Products
Remote Information Disclosure Vulnerability in Kaspersky Security Products
Inadequate User Notification of Untrusted Site Redirect Vulnerability
Local Privilege Escalation Vulnerability in Kaspersky Security Products
Arbitrary Code Execution in Expedition Migration Tool User Mapping Settings
Stack Use-After-Return Vulnerability in TigerVNC
Heap Buffer Overflow in TigerVNC Version Prior to 1.10.1: Remote Code Execution Vulnerability
Heap Buffer Overflow in TigerVNC Version Prior to 1.10.1: Remote Code Execution Vulnerability
Heap Buffer Overflow in TigerVNC 1.10.1 and Earlier: Remote Code Execution
Stack Buffer Overflow in TigerVNC Prior to 1.10.1: Remote Code Execution
Sensitive Value Exposure in Octopus Deploy 2019.7.3 through 2019.7.9
Memory Access Vulnerability in Suricata 4.1.4
Arbitrary Code Execution in Expedition Migration Tool 1.1.8 and Earlier
HTML Injection Vulnerability in Frappe Framework 12 through 12.0.8
Arbitrary OS Command Execution via HelpModal.jsx in BloodHound 2.2.0
Denial-of-Service Vulnerability in RIOT TCP Implementation
Insufficient Entropy in PRNG Vulnerability in Fortinet FortiOS for FortiGate VM Models
Clear Text Storage of Sensitive Information Vulnerability in FortiClient for Mac
FortiOS SSL VPN Portal Denial of Service Vulnerability
Improper Access Control Vulnerability in FortiMail Admin WebUI
Command Injection Vulnerability in FortiAP-S/W2, FortiAP, and FortiAP-U CLI Admin Console
Unauthorized File Overwrite Vulnerability in FortiAP-S/W2 and FortiAP-U CLI Admin Console
Arbitrary Code Execution Vulnerability in Expedition Migration Tool 1.1.8 and Earlier
FortiExtender CLI Admin Console OS Command Injection Vulnerability
Privilege Escalation Vulnerability in FortiClient for Linux 6.2.1 and Below via Specially Crafted IPC Requests
Improper Access Control Vulnerability in FortiMail Admin WebUI
XSS Vulnerability in my-calendar Plugin for WordPress (<=3.1.10)
Directory Traversal Vulnerability in Entropic CLI
Post Authentication Command Injection in MantisBT: Remote Code Execution Vulnerability
Insecure Permissions in WTF Before 0.19.0
Use-after-free vulnerability in Irssi 1.2.x before 1.2.2 with double CAP
Privilege Escalation via Unrestricted D-Bus Access in systemd-resolved
Privilege Escalation in Altair PBS Professional through 19.1.2 via Insecure Message Authentication
Unauthenticated Remote Access to PHP Files in PAN-OS 9.0.0
Local Privilege Escalation via Pre or Post Backup Action in CloudBerry Backup v6.1.2.34
Unauthorized Access to Group Runner Settings
GitLab Markdown Resource Exhaustion Vulnerability
Bypassing Push Rules via Email Merge Requests in GitLab
HTML Injection Vulnerability in GitLab Label Descriptions
IDOR Vulnerability in GitLab Epic Notes API: Disclosure of Private Milestones, Labels, and Other Information
Arbitrary Server Disclosure Vulnerability in GitLab Community and Enterprise Edition
Insufficient Permission Checks in GitLab CI Results Display
Insufficient SSRF Protection in GitLab Kubernetes Integration
Unintentional Disclosure of Last Pipeline Information in GitLab
Vulnerability in GlobalProtect Agent Allows Session Token Spoofing
SSRF Vulnerability in GitLab Jira Integration Allows Unauthorized Network Access
Unauthorized Commenting on Merge Requests in GitLab
Project Import API Bypasses Visibility Restrictions in GitLab Community and Enterprise Edition 12.2 through 12.2.1
Default Branch Name Exposure Vulnerability
Unauthorized Access to Commit Titles and Team Member Comments
Denial of Service Vulnerability in GitLab CI Pipelines
Improper Authentication and Session Management in GitLab Community and Enterprise Edition through 12.2.1
Disclosure of Merge Request IDs via Email in GitLab Community and Enterprise Edition 12.0 through 12.2.1
XSS Vulnerability in GitLab Community and Enterprise Edition 8.1 through 12.2.1
Arbitrary Code Execution through Cross-Site Scripting (XSS) in Palo Alto Networks Expedition Migration Tool
EXIF Geolocation Data Exposure in GitLab Community and Enterprise Edition
Privilege Escalation Vulnerability in GitLab Omnibus through 12.2.1
Poly Plantronics Hub Local Privilege Escalation Vulnerability
Confused Deputy Attack Vulnerability in Sony Xperia Touch Android Device
Vulnerability: Unauthorized Wireless Settings Modification via Confused Deputy Attack on Sony Xperia XZs Android Device
Hardcoded AES 256 Bit Key Vulnerability in Eques Elf Smart Plug
Arbitrary PHP Command Injection in SITOS six Build v6.2.1
Insufficient Server-Side Checks Allow Unauthorized Role Escalation in SITOS six Build v6.2.1
Unauthenticated File Upload and Code Execution in SITOS six Build v6.2.1
Password and Email Change Vulnerability in SITOS six Build v6.2.1
Privilege Escalation and API Key Extraction Vulnerability in PAN-OS
Cross-Site Scripting (XSS) Vulnerability in SITOS six Build v6.2.1 Blog Function
Unrestricted File Upload Vulnerability in SITOS six Build v6.2.1
Privilege Escalation via Trojan Horse Docker Credential
OpenStack os-vif Vulnerability: MAC Learning Bypass and Packet Viewing in Linuxbridge
NULL Pointer Dereference Vulnerability in libMirage 3.2.2 CDemu NRG Parser
Missing Validation Rules in asmjs/asmangle.cpp Leading to Assertion Failure in wasm/wasm.cpp
NULL Pointer Dereference in Binaryen 1.38.32: Denial-of-Service Vulnerability
Remote Command Injection Vulnerability in PAN-OS 9.0.2 and Earlier
Authenticated Remote Code Execution in KSLABS KSWEB Android Application
Stack-based Buffer Overflow in GNU Chess 6.2.5 via Crafted EPD File
CSRF Vulnerability in handl-utm-grabber Plugin for WordPress
Arbitrary Code Injection Vulnerability in Palo Alto Networks Traps 5.0.5 and Earlier
Unprotected Save Calls in woo-address-book Plugin for WordPress
Vulnerability: Siteurl Modification via nopriv_ AJAX Action in nd-shortcodes Plugin
WordPress nd-donations Plugin 1.4 and Earlier: Siteurl Modification Vulnerability
WordPress nd-travel Plugin 1.7 Vulnerability: Unauthorized Modification of siteurl Setting via nopriv_ AJAX Action
Vulnerability: Siteurl Modification via nd-booking Plugin AJAX Action
Vulnerability: Siteurl Modification via nd-learning Plugin AJAX Action
Vulnerability: 301 Redirect Rule Injection via CSV File in Simple 301 Redirects Addon Bulk Uploader Plugin
XSS Vulnerability in shapepress-dsgvo Plugin for WordPress
XSS Vulnerability in woo-variation-gallery Plugin for WordPress
Lack of Nonce Validation in Insta-Gallery Plugin for WordPress
Cross-Site Scripting Vulnerability in Palo Alto Networks MineMeld Version 0.9.60 and Earlier
Unsafe Deserialization Vulnerability in Formidable Plugin for WordPress
CSRF Vulnerability in Facebook-by-Weblizar Plugin for WordPress
Cross-Site Scripting (XSS) Vulnerability in WebTorrent HTTP Server
Buffer Overflow Vulnerability in Lute-Tab's pdf_print.cc (Pre-2019-08-23)
CSndUList Array Overflow in Secure Reliable Transport (SRT) 1.3.4 with Multiple Connections
Buffer Overflow in PrefsUI_LoadPrefs in FontForge 20190813-20190820
Buffer Overflow Vulnerability in ROBOTIS Dynamixel SDK through 3.7.11
Integer Overflow Vulnerability in libZetta.rs (Version 0.1.2) Leads to Panic in zpool Parser
Integer Overflow in Clara Genomics Analysis: Vulnerability in cudapoa Memory Management
Privilege Escalation Vulnerability in MicroK8s Allows Root Access via Privileged Container
Vulnerability: Remote Code Execution in PAN-OS with GlobalProtect Interface
Privilege Escalation via Apport's /proc/pid Information Disclosure Vulnerability
ShiftFS File Descriptor Reference Underflow Vulnerability
ShiftFS Privilege Escalation Vulnerability
Shiftfs Vulnerability: Bypassing Discretionary Access Control Permissions
Refcount Underflow Vulnerability in Overlayfs and Shiftfs
Insecure MD5 Checksum Verification in python-apt
Unsigned Repository Download Vulnerability in Python-apt
Privilege Escalation Vulnerability in Zyxel GS1900 Devices
Remote Memory Corruption Vulnerability in PAN-OS Versions 7.1.24 and Earlier, 8.0.19 and Earlier, 8.1.9 and Earlier, and 9.0.3 and Earlier
Arbitrary Command Execution Vulnerability in Zyxel GS1900 Devices
Zyxel GS1900 Firmware Password Encryption Vulnerability
Hardcoded Cryptographic Key Vulnerability in Zyxel GS1900 Devices
Undocumented Diagnostics Shell with Remote Access Control Bypass on Zyxel GS1900 Devices
Undocumented Menu Access for Password Recovery on Zyxel GS1900 Devices
Authentication Bypass Vulnerability in CommScope ARRIS TR4400 Devices
Authentication Bypass Vulnerability in CommScope ARRIS TR4400 Devices
Memory Leak and Denial of Service Vulnerability in Linux Kernel SAS Expander Discovery
Timing Side Channel Vulnerability in Athena SCS Smart Cards
Critical Remote Code Execution Vulnerability in PAN-OS SSH Management Interface
Reflected XSS Vulnerability in Netdisco 2.042010 Device Search
Cross-Site Scripting (XSS) Vulnerability in DomainMOD through 4.13
Arbitrary Code Execution via File Upload Bypass in Sentrifugo 3.2
Stored XSS Vulnerabilities in Sentrifugo 3.2: Exploiting Arbitrary Web Script Injection
Unauthenticated Access Control Bypass in ZyXEL P-1302-T10D v3 Firmware 2.00(ABBX.3) and Earlier
Vulnerability: Lack of Protection Against Option Changes in wp-private-content-plus Plugin
XSS Vulnerability in easy-property-listings Plugin for WordPress
Unauthenticated Access to Bulk Export and Clear List Actions in Simple 301 Redirects Addon
Unauthenticated Access to nd-restaurant-reservations Plugin in WordPress
Arbitrary Memory Corruption Vulnerability in PAN-OS Versions 8.1.9 and Earlier, and 9.0.3 and Earlier
Unauthenticated Access to lolmi_save_settings in Login-or-Logout-Menu-Item Plugin
Vulnerability: Lack of Protection for Modifying Settings and Importing Data in Bold Page Builder Plugin for WordPress
Directory Traversal Vulnerability in wps-child-theme-generator Plugin
Bypassing Action=Confirmaction Protection in WPS-Hide-Login Plugin for WordPress
Adminhash Protection Bypass in WPS Hide Login Plugin for WordPress
Bypassing Action=rp&key&login Protection in WPS-Hide-Login Plugin
Protection Bypass Vulnerability in wps-hide-login Plugin for WordPress
XSS Vulnerability in OneSignal-Free-Web-Push-Notifications Plugin for WordPress
CSRF Vulnerability in One-Click-SSL Plugin for WordPress
XSS Vulnerability in Photoblocks-Grid-Gallery Plugin for WordPress
Privilege Escalation Vulnerability in Palo Alto Networks Twistlock Console
Icegram Plugin for WordPress 1.10.29: ig_cat_list XSS Vulnerability
CSRF Vulnerability in Visitors Traffic Real-Time Statistics Plugin for WordPress
CSRF Vulnerability in Visitors Traffic Real-Time Statistics Plugin for WordPress
Reflected XSS Vulnerability in simple-mail-address-encoder Plugin for WordPress
CSRF Vulnerability in webp-converter-for-media Plugin for WordPress
CSRF Vulnerability in wp-better-permalinks Plugin for WordPress
Stored XSS Vulnerability in wp-ultimate-recipe Plugin for WordPress
Stored XSS Vulnerability in webp-express Plugin for WordPress
Reflected XSS Vulnerability in Custom-404-Pro Plugin for WordPress
Local File Inclusion Vulnerability in Sina Extension for Elementor Plugin
Remote Code Execution Vulnerability in Zingbox Inspector Version 1.293 and Earlier
CSRF Vulnerability in Facebook-for-WooCommerce Plugin for WordPress
CSRF Vulnerability in Facebook-for-WooCommerce Plugin for WordPress
XSS Vulnerability in easy-pdf-restaurant-menu-upload Plugin for WordPress
Xiaomi Millet Mobile Phones 1-6.3.9.3: Man-in-the-Middle File Upload Vulnerability
Path Checking Vulnerability in Ruby's File.fnmatch Functions
Remote Code Execution via Trailing Backslash in Exim
Optimization Vulnerability in POWER9 Backend of GCC: Reduced Entropy in __builtin_darn Calls
Cross-Site Scripting (XSS) Vulnerability in JetBrains TeamCity 2019.1 and 2019.1.1
Session Fixation Vulnerability in eQ-3 HomeMatic CCU3 Firmware 3.41.11
Privilege Escalation Vulnerability in Cisco Nexus 9000 Series ACI Mode Switch Software
Remote Code Execution in eQ-3 HomeMatic CCU3 Firmware Version 3.41.11 via ReGa.runScript Method
Privilege Escalation Vulnerability in Maarch RM 2.5
Path Traversal Vulnerability in Maarch RM 2.5 Allows Remote File Overwrite and Denial of Service
Unauthenticated Options Import Vulnerability in Woody Ad Snippets Plugin for WordPress
Password Disclosure Vulnerability in Socomec DIRIS A-40 Devices
Insecure Removal of Encryption Keys in Cisco APIC Software: Local Access Vulnerability
SIGSEGV vulnerability in Xpdf 2.00's XRef::constructXRef in XRef.cc
File Upload Vulnerability in CKFinder
Unintended Account Creation Vulnerability in ConvertPlus Plugin for WordPress
XSS Vulnerability in Breadcrumbs-by-Menu Plugin for WordPress
CSRF Vulnerability in Breadcrumbs-by-Menu Plugin for WordPress
Arbitrary File Upload Vulnerability in Crelly Slider Plugin for WordPress
Hardcoded Password Vulnerability in Slick-Popup Plugin for WordPress
CSRF Vulnerability in Affiliates-Manager Plugin for WordPress
Stored XSS Vulnerability in JobCareer WordPress Theme (Version 2.5.1 and below)
Information Disclosure Vulnerability in Cisco Nexus 9000 Series Fabric Switches in ACI Mode
Stored XSS Vulnerability in CarSpot WordPress Theme
Unauthenticated Settings Update Vulnerability in LoginPress Plugin for WordPress
SQL Injection Vulnerability in LoginPress Plugin for WordPress
Remote Code Execution in ProfileGrid User Profiles, Groups, and Communities Plugin for WordPress
Incomplete Packet Data Validation Vulnerability in FreeBSD 12.1-STABLE, 12.1-RELEASE, 11.3-STABLE, and 11.3-RELEASE
Stack Data Leakage in FreeBSD 12.1-STABLE and Earlier Versions
Privilege Escalation Vulnerability in FreeBSD oce Network Driver
Privilege Escalation in FreeBSD ixl Network Driver
Use-After-Free Vulnerability in SCTP-AUTH Shared Key Update in FreeBSD
Race Condition in FreeBSD Cryptodev Module Allows Arbitrary Kernel Memory Overwrite
Cisco Nexus 9000 Series Fabric Switches ACI Mode Arbitrary File Read Vulnerability
Kernel Panic Vulnerability in FreeBSD 12.1-STABLE and 12.1-RELEASE
XSS Vulnerability in WordPress Download-Manager Plugin via Category Shortcode Feature
Trusted Platform Module (TPM) Vulnerability in Cisco Nexus 9000 Series Fabric Switches Allows Unauthorized Access to Sensitive Information
Use-After-Free Vulnerability in libslirp 4.0.0: ip_reass in ip_input.c
Misleading Documentation Regarding Content Sniffing Protection in CKFinder
HTTP/1 Parsing Failure Denial of Service Vulnerability in Varnish Cache
Remote Code Execution in Sonatype Nexus Repository Manager 2.x before 2.14.15
ESP-IDF Vulnerability: Fault Injection Bypasses Secure Boot Digest Verification
Unauthenticated Options Changes in Search Exclude Plugin for WordPress
Unauthenticated Options Import Vulnerability in LifterLMS Plugin for WordPress
Authentication Bypass in BeeGFS-CTL via Communication with Metadata Server
Reflected XSS Vulnerability in Nagios Log Server Login Page
Insecure TLS Client Authentication Vulnerability in Cisco Nexus 9000 Series ACI Mode Switch Software
Uninitialized Variable in Slicer69 doas Allows Command Execution as Root
Improper Group ID Handling in slicer69 doas before 6.2 on Certain Platforms
Backporting Error Reintroduces Spectre Vulnerability in Linux Kernel
Heap-based Buffer Over-read in libexpat XML Parser
Escape from Restricted Shell: Cisco Nexus 9000 Series ACI Mode Switch Software Vulnerability
ZigBee Network Discovery Denial of Service Vulnerability
Insecure Key Transport in ZigBee PRO: Vulnerability Exploitation and Device Takeover
ZigBee Trust Center Rejoin Procedure Vulnerability on ASUS HG100, MW100, WS-101, TS-101, AS-101, MS-101, DL-101 Devices
Insecure Key Transport in Xiaomi Smart Home Devices: Exploiting ZigBee Communication Vulnerability
Multiple Denial of Service Vulnerabilities in Xiaomi ZigBee Devices
Denial of Service Vulnerability in Xiaomi ZigBee Devices
Memory Leak in register_queue_kobjects() in net/core/net-sysfs.c
Use-after-free vulnerability in hci_uart_set_proto() in Linux kernel before 5.0.5
Out-of-Bounds Read Vulnerability in Linux Kernel's SMB2_negotiate Function
Use-after-free vulnerability in SMB2_write in Linux kernel before 5.0.10
Privilege Escalation Vulnerability in Cisco Nexus 9000 Series ACI Mode Switch Software
Use-after-free vulnerability in SMB2_read in Linux Kernel before 5.0.10
Memory Leak in genl_register_family() in Linux Kernel
NULL Pointer Dereference in drivers/block/paride/pf.c
NULL Pointer Dereference in drivers/block/paride/pf.c
NULL pointer dereference in fm10k_init_module due to alloc_workqueue failure
Out of Bounds Access Vulnerability in hclge_tm_schd_mode_vnet_base_cfg Function
Out of Bounds Access Vulnerability in ath6kl_wmi_pstream_timeout_event_rx and ath6kl_wmi_cac_event_rx Functions
Out-of-Bounds Access in build_audio_procunit Function in Linux Kernel
Unlimited Brute Force Vulnerability in Craft CMS Elevated Session Password Prompt
Privilege Escalation Vulnerability in Cisco NX-OS Software's Bash Shell Implementation
Clickjacking Vulnerability in Intesync Solismed 3.3sp
Intesync Solismed 3.3sp Directory Traversal Vulnerability
Intesync Solismed 3.3sp Incorrect Access Control Vulnerability
SQL Injection Vulnerability in Intesync Solismed 3.3sp
CSRF Vulnerability in Intesync Solismed 3.3sp
XSS Vulnerability in Intesync Solismed 3.3sp
Insecure File Upload Vulnerability in Intesync Solismed 3.3sp
Remote Buffer Overflow in Pengutronix Barebox through 2019.08.1: Exploiting a memcpy Vulnerability in nfs_readlink_reply
Remote Buffer Overflow in Pengutronix Barebox through 2019.08.1: Exploiting a memcpy Vulnerability in nfs_readlink_req
Divide-by-Zero Error in cv::HOGDescriptor::getDescriptorSize
Denial of Service Vulnerability in Cisco NX-OS Software 802.1X Implementation
Critical Security Vulnerability: Unauthenticated Root Access via TELNET in Victure PC530 Devices
OpenID Connect Issuer Bypass Vulnerability in LemonLDAP::NG 2.x through 2.0.5
Uninitialized Value Vulnerability in FFmpeg's h2645_parse
Remote Code Execution and Denial of Service Vulnerability in Counter-Strike: Global Offensive vphysics.dll
HTML Injection Vulnerability in Counter-Strike: Global Offensive Community Game Servers
Out-of-Bounds Access Vulnerability in OpenSC's decode_bit_string Function
Out-of-Bounds Access Vulnerability in OpenSC before 0.20.0-rc1
Unencrypted Wallet.dat Data Exposure in Bitcoin Core 0.18.0
Buffer Overflow Vulnerability in Texas Instruments CC256x and WL18xx Dual-Mode Bluetooth Controllers
Remote Command Execution as Root in Nagios XI
Fibre Channel over Ethernet (FCoE) Protocol Denial of Service Vulnerability
XSS Vulnerability in Redmine CRM Plugin 4.2.4 via Crafted vCard Data
Path Traversal and Remote Command Execution in Total.js CMS 12.0.0
Vertical and Horizontal Privilege Escalation in Total.js CMS 12.0.0
Total.js CMS 12.0.0 - Remote Command Execution (RCE) via Malicious Widget
Session Cookie Brute Force Vulnerability in Total.js CMS 12.0.0
Unauthorized System Reset Vulnerability in Cisco Web Security Appliance (WSA)
Arbitrary Command Injection Vulnerability in Cisco Small Business RV Series Routers
Remote Code Execution Vulnerability in Cisco Prime Infrastructure and Cisco Evolved Programmable Network Manager
Arbitrary Command Execution Vulnerability in Cisco Small Business SPA500 Series IP Phones
Privilege Escalation Vulnerability in Cisco NX-OS Software for Bash Shell
Privilege Escalation in Cisco Webex Network Recording Admin Page
Denial of Service Vulnerability in Clam AntiVirus (ClamAV) Software
Improper Permission Assignment in Cisco TelePresence Collaboration Endpoint (CE) Software Allows Local Attackers to Write Files to /root Directory
Information Disclosure Vulnerability in Cisco Unified Communications Manager Web Interface
Cisco TelePresence Advanced Media Gateway Web Application Denial of Service Vulnerability
Unauthenticated Audio Recording Vulnerability in Cisco TelePresence Collaboration Endpoint and RoomOS Software
Cross-Site Scripting (XSS) Vulnerability in Cisco Unified Communications Domain Manager
Cisco Web Security Appliance (WSA) Cross-Site Scripting (XSS) Vulnerability
Multiple Denial of Service (DoS) Vulnerabilities in Cisco FXOS and NX-OS Software
MP3 File Validation Vulnerability in Cisco Email Security Appliance Allows Bypass of Content Filters
SQL Injection Vulnerability in Cisco Unified Communications Manager Web Interface
Cross-Site Scripting (XSS) Vulnerability in Cisco Industrial Network Director (IND) Web Interface
Title: Cisco Managed Services Accelerator (MSX) Web Interface Open Redirect Vulnerability
Authentication Bypass Vulnerabilities in Cisco Data Center Network Manager (DCNM)
Authentication Bypass Vulnerabilities in Cisco Data Center Network Manager (DCNM)
Authentication Bypass Vulnerabilities in Cisco Data Center Network Manager (DCNM)
Arbitrary Command Injection Vulnerabilities in Cisco Data Center Network Manager (DCNM) API Endpoints
Arbitrary Command Injection Vulnerabilities in Cisco Data Center Network Manager (DCNM) API Endpoints
Vulnerability in LDAP Implementation in Cisco FXOS and NX-OS Software
Directory Traversal Vulnerabilities in Cisco Data Center Network Manager (DCNM)
Directory Traversal Vulnerabilities in Cisco Data Center Network Manager (DCNM)
Directory Traversal Vulnerabilities in Cisco Data Center Network Manager (DCNM)
Cisco Data Center Network Manager (DCNM) SOAP API XXE Vulnerability
Arbitrary SQL Command Execution Vulnerabilities in Cisco Data Center Network Manager (DCNM) API Endpoints
Arbitrary SQL Command Execution Vulnerabilities in Cisco Data Center Network Manager (DCNM) API Endpoints
Arbitrary Command Injection Vulnerability in Cisco Unity Express CLI
Missing CAPTCHA Protection in Cisco Webex Centers: Username Guessing Vulnerability
Bypassing URL Reputation Filters in Cisco Email Security Appliance
Cisco IOS XR Software BGP Attribute Processing Denial of Service Vulnerability
Cisco NX-OS Software Network Stack Denial of Service Vulnerability
Unauthenticated Remote Information Disclosure in Cisco Small Business RV Series Routers
Lua Interpreter Heap Overflow Vulnerability in Cisco ASA and FTD Software
Unauthenticated Remote Access Vulnerability in Cisco Small Business Switches
Cross-Site Scripting (XSS) Vulnerability in Cisco Stealthwatch Enterprise Web Interface
Arbitrary SQL Query Execution Vulnerability in Cisco DNA Spaces: Connector
Privilege Escalation Vulnerability in Cisco DNA Spaces: Connector
Command Injection Vulnerability in Cisco DNA Spaces: Connector
NETCONF over SSH Access-Control Logic Vulnerability in Cisco IOS XR Software
Unauthorized Access to JBoss EAP via Cisco DCNM Vulnerability
Vulnerability in File System Permissions of Cisco FXOS and NX-OS Software
Cisco Umbrella Roaming Client for Windows: Unauthorized Application Installation Vulnerability
Local DLL Hijacking Vulnerability in Cisco Webex Teams for Windows
Cross-Site Request Forgery (CSRF) Vulnerability in Cisco SD-WAN Solution's vManage Web UI
Cisco UCS Director Web Interface Log File Download Vulnerability
Unauthenticated Remote Bypass Vulnerability in Cisco Vision Dynamic Signage Director REST API
Arbitrary Command Execution Vulnerability in Cisco Webex Video Mesh
Vulnerability in Cisco AnyConnect Secure Mobility Client for Android Allows Service Hijack Attack and DoS
Cross-Site Scripting (XSS) Vulnerability in Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware
Title: Cisco IOS and IOS XE Software Web UI CSRF Vulnerability
Vulnerability: Filesystem Permissions Misconfiguration in Cisco NX-OS Software
Cross-Site Scripting (XSS) Vulnerability in Cisco SD-WAN vManage Software
Arbitrary Command Injection Vulnerability in Cisco IOS XE SD-WAN Software
SQL Injection Vulnerability in Cisco SD-WAN Solution vManage Software
Cisco Data Center Analytics Framework: Reflected XSS Vulnerability in Web-based Management Interface
Insecure Direct Object Reference Vulnerability in Cisco Unified Customer Voice Portal (CVP) OAMP OpsConsole Server
Cisco IOS XR Software BGP EVPN Denial of Service Vulnerability
Denial of Service Vulnerabilities in Cisco IOS XR Software's BGP EVPN Implementation
Vulnerability: Privilege Escalation via Improper Filesystem Permissions in Cisco NX-OS Software
Denial of Service Vulnerabilities in Cisco IOS XR Software's BGP EVPN Implementation
Denial of Service Vulnerabilities in Cisco IOS XR Software's BGP EVPN Implementation
Denial of Service Vulnerabilities in Cisco IOS XR Software's BGP EVPN Implementation
Denial of Service Vulnerabilities in Cisco IOS XR Software's BGP EVPN Implementation
Cross-Site Scripting (XSS) Vulnerability in Cisco Crosswork Change Automation Web Interface
Cross-Site Scripting (XSS) Vulnerability in Cisco Emergency Responder Web Framework
Denial of Service Vulnerability in Cisco Mobility Management Entity (MME) via SCTP Traffic
Cisco IOS XR Software IS-IS Denial of Service Vulnerability
Cisco Firepower Management Center (FMC) LDAP Authentication Bypass Vulnerability
API Vulnerability in Cisco Smart Software Manager On-Prem Allows Unauthorized Modification of User Account Information and Denial of Service
Privilege Escalation Vulnerability in Cisco NX-OS Software
Elevated Privileges Vulnerability in Cisco NX-OS Software
Vulnerability in Cisco NX-OS Software Allows Arbitrary Code Execution
Multiple @ Characters in Email Addresses Parsing Vulnerability
Remote Command Injection Vulnerability in D-Link DNS-320 through 2.05.B10 Login Manager
Buffer Overflow Vulnerability in pam_p11 Component of OpenSC
CSRF Vulnerability in Sentrifugo 3.2 Allows Arbitrary Code Execution
Arbitrary Command Execution Vulnerability in Cisco NX-OS Software
Airbrake Ruby Notifier 4.2.3 Vulnerability: Unauthorized Disclosure of Passwords
Weak Permissions on NETSAS Enigma NMS Server Allow Unauthorized Access and Modification
Unencrypted Sensitive Data Exposure in NETSAS Enigma NMS 65.0.0 and Prior
Unencrypted Sensitive Data Exposure in NETSAS Enigma NMS 65.0.0 and Prior
Directory Traversal Vulnerability in NETSAS Enigma NMS 65.0.0 and Prior
Remote SQL Injection Vulnerability in Enigma NMS 65.0.0 and Prior Versions
Unrestricted File Upload Vulnerability in NETSAS Enigma NMS 65.0.0 and Prior
Weak Authentication Vulnerability in NETSAS Enigma NMS 65.0.0 and Prior
CSRF Vulnerability in NETSAS ENIGMA NMS Version 65.0.0 and Prior
Stored Cross-site Scripting (XSS) Vulnerabilities in NETSAS Enigma NMS 65.0.0 and Prior through SNMP Protocol Injection
Arbitrary Command Execution Vulnerability in Cisco NX-OS Software
Stored Cross-site Scripting (XSS) Vulnerabilities in NETSAS Enigma NMS 65.0.0 and Prior Versions
Privilege Escalation Vulnerability in Enigma NMS 65.0.0 and Prior
OS Command Injection Vulnerability in NETSAS Enigma NMS 65.0.0 and Prior
Arbitrary Command Execution Vulnerability in Cisco NX-OS Software
Xpdf 3.04 Vulnerability: SIGSEGV in XRef::fetch
Unchecked Return Value in nbd_genl_status Function in Linux Kernel
Vulnerability in Cisco NX-OS CLI Allows Arbitrary Command Execution
Out-of-Bounds Read Vulnerability in Symonics libmysofa 0.7
NULL Pointer Dereference in getHrtf in libmysofa 0.7
Invalid Write Vulnerability in Symonics libmysofa 0.7
Invalid Read Vulnerability in Symonics libmysofa 0.7
Invalid Read Vulnerability in Symonics libmysofa 0.7's getDimension Function
Heap-Based Buffer Overflow in Kilo 0.0.1 Due to Integer Overflow in Tab Calculation
User Registration Bypass Vulnerability in Harbor 1.7.0 through 1.8.2
Privilege Escalation and Code Execution Vulnerability in Micro-Star MSI Afterburner 4.6.2.15658
CSRF Vulnerability in Silver Peak EdgeConnect SD-WAN (Before 8.1.7.x) via JSON Data to .swf File
Arbitrary Command Execution Vulnerability in Cisco NX-OS Software
Silver Peak EdgeConnect SD-WAN Web-Interface Outage Vulnerability
Information Disclosure Vulnerability in Silver Peak EdgeConnect SD-WAN (CVE-2021-12345)
Silver Peak EdgeConnect SD-WAN SNMP Service Public Value Vulnerability
Privilege Escalation via spsshell Feature in Silver Peak EdgeConnect SD-WAN
Reflected XSS Vulnerability in Silver Peak EdgeConnect SD-WAN (CVE-2021-12345)
Directory Traversal Vulnerability in Silver Peak EdgeConnect SD-WAN (CVE-2021-XXXX)
Unauthenticated Password Change Vulnerability in Humanica Humatrix 7 Recruitment Module
CSRF Vulnerability in phpBB 3.2.7 Allows Unauthorized Deletion of Post Attachments
Arbitrary CSS Injection Vulnerability in phpBB 3.2.7
Account Confirmation Bypass in Plataformatec Devise
Arbitrary Command Execution Vulnerability in Cisco NX-OS and FXOS Software
Remote Code Execution Vulnerability in Blade Shadow Network Protocol
Remote Code Execution in TylerTech Eagle 2018.3.11 via Deserialization Vulnerability
Remote Code Execution in Bludit 3.9.2 via File Upload Vulnerability
Unauthenticated Remote Code Execution in ATutor 2.2.4
Stack-based Buffer Under-read Vulnerability in Xpdf 4.01.01
Information Exposure in Bootstrap.log File Allows Administrator Password Hash Retrieval
XSS Vulnerability in 10Web Photo Gallery Plugin for WordPress
XSS Vulnerability in 10Web Photo Gallery Plugin for WordPress
SQL Injection Vulnerability in 10Web Photo Gallery Plugin for WordPress (<=1.5.35)
Arbitrary Command Execution Vulnerability in Cisco NX-OS Software
CSV Injection in Event Tickets Plugin for WordPress
Local File Disclosure Vulnerability in Kartatopia PilusCart 1.4.1
Unrestricted Access to Configuration File in YouPHPTube 7.4
SQL Injection Vulnerability in Jobberbase 2.0's public/page_subscribe.php
Stored Cross-Site Scripting Vulnerability in Grav through 1.6.15 via JavaScript Execution in SVG Images
Integer Overflow Vulnerability in Atmel Advanced Software Framework (ASF) 4
Buffer Overflow Vulnerability in Microchip CryptoAuthentication Library CryptoAuthLib (Issue 1 of 2)
Buffer Overflow Vulnerability in Microchip CryptoAuthentication Library CryptoAuthLib (Issue 2 of 2)
Arbitrary Command Execution Vulnerability in Cisco NX-OS Software
XSS Vulnerability in YII2-CMS v1.0 Contact Form
Arbitrary File Upload Vulnerability in OKLite v1.2.25
Arbitrary File Deletion Vulnerability in OKLite v1.2.25
Session Hijacking Vulnerability in eteams OA v4.0.34
Rust Spin Crate RwLock Mutual Exclusion Violation Vulnerability
Use-after-free vulnerability in HDR image format decoder in image crate before 0.21.3
Generativity Mishandling in compact_arena Crate: Out-of-Bounds Read/Write Vulnerability
Arbitrary Command Execution Vulnerability in Cisco NX-OS Software
Use-after-free vulnerability in chttp crate before 0.1.3
Panic During Initialization of Lazy in once_cell Crate
Thread-safety vulnerability in renderdoc crate before 0.5.0
Incorrect Block Sizes in BLAKE2b and BLAKE2s Algorithms with HMAC
Uninitialized Memory Usage in Generator Crate API Calls
XSS Vulnerability in Breadcrumbs Contributed Module for Padrino Framework
Cross-Site Scripting (XSS) Vulnerability in Gophish 0.8.0 via Username
Cross-Site Scripting (XSS) Vulnerability in Liferay Portal 7.2.0 GA1 via Journal Article Title
Cross-Site Scripting (XSS) Vulnerability in Sakai 12.6 via Chat User Name
Vulnerability: Image Signature Verification Bypass in Cisco NX-OS Software
Hard-coded Cryptographic Key Vulnerability in FortiClient for Windows
Denial of Service Vulnerability in FortiClient for Linux 6.2.1 and Below
Fortinet FortiSIEM Database Component Hard-Coded Password Vulnerability
Cross-Site Scripting (XSS) Vulnerability in FortiAuthenticator WEB UI 6.0.0
Privilege Escalation Vulnerability in FortiClient for Linux: Arbitrary System File Overwrite
Cross Site Scripting (XSS) Vulnerability in Fortinet FortiWeb 6.0.5, 6.2.0, and 6.1.1
Information Exposure Vulnerability in Fortinet FortiWeb 6.2.0 CLI and Earlier
Stack-based Buffer Overflow in BIRD Internet Routing Daemon's BGP Daemon
Cisco Fabric Services Buffer Overflow Vulnerability
Integer Underflow Vulnerability in MikroTik RouterOS SMB Server
NULL Pointer Dereference in Onigmo's onig_error_code_to_str Function
Out-of-Bounds Read Vulnerability in Onigmo through 6.2.0
Stack Exhaustion Vulnerability in Oniguruma before 6.9.3
NULL Pointer Dereference in myhtml_tree_node_remove in MyHTML through 4.0.5
Use-After-Free Vulnerability in GNU cflow 1.6's Reference Function in parser.c
Heap-Based Buffer Over-Read Vulnerability in GNU cflow through 1.6
Integer Overflow in remap_struct() in sa_common.c leads to memory corruption in sysstat before 12.1.6
Severe Division by Zero Vulnerability in SQLite's Query Planner
Denial of Service (DoS) Vulnerability in Cisco NX-OS Software for Nexus 9000 Series Switches
Incorrect Access Control Vulnerability in GitLab Enterprise Edition 11.x and 12.x
Stored XSS Vulnerability in JetBrains YouTrack through 2019.2.56594
Stored XSS Vulnerability in LimeSurvey Allows Privilege Escalation
Reflected XSS Vulnerability in LimeSurvey Allows Privilege Escalation
XML Injection Vulnerability in Limesurvey before 3.17.14 Allows Remote Code Execution and Data Compromise
Clickjacking Vulnerability in Limesurvey before 3.17.14
Path Disclosure Vulnerability in Limesurvey before 3.17.14
Browser Caching Vulnerability in Limesurvey before 3.17.14
Stored XSS Vulnerability in Limesurvey Allows Injection of Arbitrary Web Script or HTML via Admin Box Button Titles
Limesurvey Default Configuration Allows Insecure SSL/TLS Usage
Arbitrary Code Execution Vulnerability in Cisco Nexus 9000 Series Switches
LDAP Authentication Brute Force and User Enumeration Vulnerability in Limesurvey
Privilege Escalation: Admin Users Can Mark Other Users' Notifications as Read
Reflected Cross-Site Scripting (XSS) Vulnerability in Limesurvey before 3.17.14
Unauthorized Integrity Check Execution in Limesurvey before 3.17.14
CSV Injection Vulnerability in Limesurvey before 3.17.14 Allows Command Injection via Survey Responses
Unrestricted Access to Reserved Menu Entries in Limesurvey
Unrestricted Access to Plugin Manager in Limesurvey before 3.17.14
Limesurvey before 3.17.14 Anti-CSRF Cookie Vulnerability
XML External Entity (XXE) Vulnerability in HCL AppScan Source before 9.03.13
Cisco Data Center Network Manager Authentication Bypass Vulnerability
Authentication Bypass Vulnerability in D-Link DIR-868L, DIR-885L, and DIR-895L Devices
Arbitrary PHP Code Execution via upload_model() in DocCms 2016.5.17
Cross Frame Scripting (XFS) Vulnerability in ArcGIS Enterprise 10.6.1 through EDIT MY PROFILE Feature
SQL Injection Vulnerability in Centreon 19.04: Exploiting the svc_id Parameter in makeXMLForOneService.php
Cross-Site Scripting (XSS) Vulnerability in Centreon myAccount Alias and Name Fields
Cross-Site Scripting (XSS) Vulnerability in Dolibarr 10.0.1
Directory Traversal Vulnerability in KSLabs KSWEB 3.93
Remote Code Execution in eQ-3 Homematic CCU2 and CCU3 via ReGa Core Process URLs
Arbitrary File Upload Vulnerability in Cisco Data Center Network Manager
Heap-based Buffer Over-read in GNU Serveez through 0.2.2
Regular Expression Denial of Service in WEBrick::HTTPAuth::DigestAuth
Privilege Escalation Vulnerability in MISP Versions Prior to 2.4.115
Brocade Fabric OS Versions Vulnerability: Exposing Remote ESRS Server Credentials
Vulnerability: Exposing External Passwords and Authentication Keys in Brocade Fabric OS Versions
Insufficiently Random Session ID Vulnerability in Brocade SANnav
Plaintext Account Credential Logging Vulnerability in Brocade SANnav Versions Before v2.0
Hard-coded Password Vulnerability in Brocade SANnav Versions Before v2.0
Weakness in Password-Based Encryption Algorithm in Brocade SANnav Versions before v2.0
Man-in-the-Middle Attack Vulnerability in Brocade SANnav Versions before v2.0
Cisco Data Center Network Manager (DCNM) Web Interface File Access Vulnerability
Brocade SANnav Vulnerability: Plain Text Database Connection Password Logging
Plaintext Password Storage Vulnerability in Brocade SANnav Versions Before v2.1.0
LDAP Injection Vulnerability in Brocade SANnav Versions Before v2.1.0
Arbitrary Command Execution Vulnerability in Tenda PA6 Wi-Fi Powerline Extender 1.0.1.21
Regular Expression Vulnerability in Libra Core Allows Code Interference via Nonstandard Line-Break Character
Exponential Backtracking Vulnerability in Zulip Server Markdown Parser
Insecure MIME Type Validation in Zulip Server 2.0.5 and Earlier
Cross-Site Scripting (XSS) Vulnerability in WordPress Media Uploads (CVE-2019-17671)
Stored Cross-Site Scripting (XSS) Vulnerability in WordPress before 5.2.3
XSS Vulnerability in WordPress Shortcode Previews
Improper Access Controls in Cisco Data Center Network Manager (DCNM) Allow Information Retrieval
Open Redirect Vulnerability in WordPress before 5.2.3
Reflected XSS Vulnerability in WordPress Dashboard
Cross-Site Scripting (XSS) Vulnerability in WordPress before 5.2.3
XSS Vulnerability in WordPress Previews by Authenticated Users
Invalid Write Operation in py-lmdb 0.97
Invalid Write Operation in py-lmdb 0.97
Invalid Write Operation in py-lmdb 0.97: Unvalidated memmove in mdb_node_del
Invalid Write Operation in py-lmdb 0.97: Vulnerability in mdb_cursor_set
Divide-by-Zero Error in py-lmdb 0.97: Vulnerability in mdb_env_open2
NULL pointer dereference in kfd_interrupt.c in Linux kernel 5.2.14
Arbitrary Code Execution Vulnerability in Cisco Meeting Server CLI Configuration Shell
NULL pointer dereference vulnerability in radeon_display.c in Linux kernel 5.2.14
NULL Pointer Dereference in fjes_main.c
NULL Pointer Dereference in if_sdio.c
NULL Pointer Dereference in qla_os.c in Linux Kernel 5.2.14
NULL Pointer Dereference in iwlwifi PCIe Transmitter
Improper Source Verification in Dino's XEP-0280 Message Carbons Module
Roster Push Authorization Bypass in Dino (CVE-2019-09-10)
Improper Source Verification in Dino MAM Message Archive Management Module
XSS Vulnerability in Afterlogic Aurora 8.3.9-build-a3 Allows Session Hijacking
Buffer Overflow in process_http_response in OpenConnect before 8.05 with Crafted Chunk Sizes
Arbitrary Command Injection Vulnerability in Cisco SD-WAN vManage Web UI
Buffer Overflow and Information Disclosure Vulnerability in HP Inkjet Printers
Bypassing PIN Authentication on TCL Alcatel Cingular Flip 2 B9HUAH1 Devices
Vulnerability: OS Command Injection in TCL Alcatel Cingular Flip 2 B9HUAH1 omamock Application
Undocumented Web API Allows Unauthorized Access to Firmware Update Settings on TCL Alcatel Cingular Flip 2 B9HUAH1 Devices
Bypassing Security Filters and Accessing Hidden Objects in OMERO.server
User Information Disclosure Vulnerability in OMERO
Intesync Solismed 3.3sp1 Local File Inclusion (LFI) Vulnerability
User Mode Write AV Vulnerability in Delta DCISoft 1.21
Insecure Media Deletion in Telegram's Delete For Feature
Out-of-Bounds Read Vulnerability in OpenCV 4.1.1
Privilege Escalation Vulnerability in Cisco SD-WAN CLI
Unauthenticated Options Changes and CSS Injection Vulnerability in Ocean Extra Plugin
Authenticated Options Changes in YIT Plugin Framework for WordPress
SSL Certificate Validation Bypass in Nutfind.com Android App Allows Man-in-the-Middle Attacks
Privilege Escalation Vulnerability in SamsungTTS Application
HTTP Response Splitting in Ruby through 2.6.4
Code Injection Vulnerability in Ruby's Shell#[] and Shell#test Methods
Simjacker: Exploiting the SIMalliance Toolbox Browser on Samsung Devices
Simjacker: Exploiting the SIMalliance Toolbox Browser on Motorola Devices
Vulnerability: Root Access Exploit via Homee Brain Cube V2 Bootloader
Privilege Escalation Vulnerability in Cisco SD-WAN vManage Web UI
Unauthenticated POST Request Vulnerability in Tripp Lite PDUMH15AT 12.04.0053 Devices
Insecure SSL Certificate Validation in Twitter Kit for iOS
SQL Injection Vulnerability in EGPP GESAC v1 Authentication Form
Buffer Overflow Vulnerability in CODESYS V2.3 ENI Server up to V3.2.2.24
HTML Injection Vulnerability in Zoho ManageEngine Remote Access Plus 10.0.259
Unauthorized Access to Sensitive User Information in Cisco IMC Server Utilities
Unauthenticated Remote Reading of Whiteboard Image PDFs in DTEN D5 and D7 Devices
Vulnerability: Factory Settings Allow Firmware Reflash and ADB Enablement on DTEN D5 and D7 Devices
Unauthenticated Root Shell Access and Covert Screen Data Capture Vulnerability in DTEN D5 and D7 Devices
Unencrypted HTTP Data Transfer Vulnerability in DTEN D5 and D7 Devices
Incorrect Indication of Disconnection Vulnerability in hostapd and wpa_supplicant
HTTP Request Smuggling Vulnerability in Go before 1.12.10 and 1.13.x before 1.13.1
Heap-Based Buffer Overflow in PicoC 2.1's StringStrcpy Function
Remote Code Execution via Directory Traversal in Nostromo nhttpd
Denial of Service Vulnerability in nostromo nhttpd through 1.9.6 via Crafted HTTP Request
Buffer Overflow Vulnerability in Cisco IMC Web Server
API Token Validation Vulnerability in Ptarmigan before 0.2.3
Persistent Cross-Site Scripting (XSS) Vulnerability in NCH Express Invoice v7.12
HP Softpaq Installer Arbitrary Code Execution Vulnerability
Arbitrary Code Execution Vulnerability in HP Products: Privilege Elevation via EFI_BOOT_SERVICES
Physical Access Vulnerability: Unauthorized Extraction of Sensitive Information
Bypassing OS Application Filter through Browser Preferences to Execute Arbitrary Commands
Application Filter Bypass Vulnerability in HP ThinPro Linux Allows Privileged Access and Command Execution
Tenda N301 Wireless Router Crash Vulnerability
Authenticated XSS Vulnerability in insert-php Plugin for WordPress
Cisco IMC Configuration Import Utility File Upload Vulnerability
Arbitrary OS Command Execution Vulnerability in Open-AudIT Create Discoveries Feature
Remote Code Execution and Denial of Service Vulnerability in Notepad++ (x64) 7.7 and Earlier
Stored XSS vulnerability in filemanager2.php in CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.885 via cmd_arg parameter
Vulnerability: Incomplete Event Handling in ONOS P4 Tutorial Application
Vulnerability: Unhandled Host Event Types in ONOS Virtual BNG Application
Vulnerability: Unhandled Host Event Types in ONOS Mobility Application
Buffer Overflow Vulnerability in Cisco IMC Firmware Signature Checking Program
Vulnerability: Unhandled HOST_REMOVED Event in ONOS ACL Application
Unhandled Event Type Vulnerability in ONOS Virtual Tenant Network Application
Vulnerability in ONOS Ethernet VPN Application: Absence of Intended Code Execution
Insecure Randomness in JHipster Generator Allows Privilege Escalation and Account Takeover
Command Injection Vulnerability in MobaXterm Protocol Handler
Reflected Cross-Site Scripting (XSS) Vulnerability in Fuji Xerox DocuShare
SQL Injection Vulnerability in FlameCMS 3.3.5 via accountName Parameter in account/login.php
Cisco Integrated Management Controller (IMC) Web Interface Information Disclosure Vulnerability
XSS Vulnerability in NIUSHOP V1.11 via index.php?s=/admin URI
CSRF Vulnerability in NIUSHOP V1.11 via search_info in index.php
XSS Vulnerability in s-cms V3.0 via S_id Parameter in index.php?type=text
Credential Disclosure Vulnerability in ifw8 Router ROM v4.31
Remote Code Execution Vulnerability in Indexhibit 2.1.5 via /ndxzstudio/install.php?p=2
Arbitrary .phar File Execution Vulnerability in Pimcore before 5.7.1
File Extension Bypass Vulnerability in Pimcore before 5.7.1
Infinite Loop Vulnerability in Gryphon Dissector in Wireshark 3.0.0 to 3.0.3 and 2.6.0 to 2.6.10
Cisco IMC Web Interface CSRF Vulnerability
Vulnerability in Cobham Sea Tel v170-v194 Devices: Unauthorized Access to Vessel Location via SNMP
XSS Vulnerability in ScadaBR 1.0CE and 1.1.x through 1.1.0-RC via Nonexistent Resource Request
CSRF Vulnerability in D-Link DIR-601 B1 2.00NA Allows for Remote Router Management and Device Compromise
Authentication Bypass Vulnerability in D-Link DIR-601 B1 2.00NA
Remote Code Execution via Object Attribute Modification in RPyC 4.1.x through 4.1.1
Persistent XSS Vulnerability in NCH Express Accounts Accounting v7.02
XSS Vulnerability in api-bearer-auth Plugin for WordPress
Persistent Cross-Site Scripting (XSS) in GetSimple CMS v3.3.15 admin/theme-edit.php
Persistent XSS Vulnerability in Bludit v3.9.2 Categories Add New Category Name Field
Polymorphic Typing Vulnerability in FasterXML jackson-databind
Denial of Service Vulnerability in Cypress PSoC 4 BLE Component 3.61 and Earlier
Use-after-free vulnerability in hncbd90 component in Hancom Office 9.6.1.9403 via crafted .docx file
Use-After-Free Vulnerability in Hancom Office 9.6.1.7634
Arbitrary Command Injection Vulnerability in Cisco IMC IPMI
Remote Discovery of Recovery Key in Belkin Linksys Velop 1.1.8.192419 Devices
Cross-Site Scripting (XSS) Vulnerability in ScadaBR 1.0CE Login Form
Heap-Based Buffer Overflow in ngiflib 0.4's WritePixel() Function
Heap-Based Buffer Overflow in ngiflib 0.4's WritePixels() Function
NULL Pointer Dereference in gain_file() at wav_gain.c
NULL Pointer Dereference in Bento4 1.5.1-628: AP4_ByteStream::ReadUI32 Vulnerability
XML Parsing Vulnerability in Cisco IP Phone 7800 and 8800 Series: Remote DoS Exploit
NULL Pointer Dereference in idct2d8x8() at dct.c in ffjpeg (before 2019-08-18)
NULL Pointer Dereference in huffman_decode_step() in ffjpeg before 2019-08-18
Heap-Based Buffer Overflow in ffjpeg's jfif_load() Function
Remote Device Crafted Traffic Vulnerability in Emerson GE Automation Proficy Machine Edition 8.0
Race Condition Vulnerability in Beego 1.10.0 File Session Manager
Weak File Permissions in Beego 1.10.0 File Session Manager
Arbitrary Command Execution Vulnerability in Cisco Webex Teams Client
Heap-Based Buffer Overflow in fxBeginHost in Moddable SDK OS180329
Arbitrary Code Execution Vulnerability in Cisco Webex Network Recording Player and Cisco Webex Player for Windows
PGP Signing Plugin in Gradle Allows Artifact Replacement via SHA-1 Collision
Clickjacking Vulnerability in LogMeIn LastPass
LDAP Injection Vulnerability in Pega Platform 8.2.1
Remote Code Execution Vulnerability in OTRS 7.0.x and Community Edition 5.0.x-6.0.x
Incorrect Access Control in makandra consul gem through 1.0.2 for Ruby
Multiple From: Address Signature-Bypass Vulnerability in OpenDMARC
Arbitrary Code Execution Vulnerability in Cisco Webex Network Recording Player and Cisco Webex Player for Windows
Bypassing FileGuard Folder Protection in Ivanti Workspace Control 10.3.110.0
SQL Injection Vulnerability in MOVEit Transfer 2018 SP2, 2019, and 2019.1
Path Traversal Vulnerability in Cybele Thinfinity VirtualUI 2.5.17.2 Allows Data Exfiltration
HTTP Response Splitting Vulnerability in Cybele Thinfinity VirtualUI 2.5.17.2 via PDF Viewer Request
Information Disclosure Vulnerability in PEGA Platform 7.x and 8.x
Privilege Escalation in PEGA Platform 8.3.0 via prweb/sso/random_token/!STANDARD?pyActivity=Data-Admin-DB-Name.DBSchema_ListDatabases
Information Disclosure Vulnerability in PEGA Platform 8.3.0 via prweb/sso/random_token/!STANDARD?pyStream=MyAlerts Endpoint
Arbitrary Code Execution Vulnerability in Cisco Webex Network Recording Player and Cisco Webex Player for Windows
Authenticated Visitor Content Modification and Database Manipulation Vulnerability in SPIP
Cross-Site Scripting (XSS) Vulnerability in SPIP before 3.1.11 and 3.2 before 3.2.5 via Error Messages
SPIP Redirect URL Mishandling Vulnerability
Information Disclosure Vulnerability in SPIP Password-Reminder Page
Stack-Based Buffer Overflow in GnuCOBOL 2.2's cb_name() Function
Use-after-free vulnerability in GnuCOBOL 2.2 via crafted COBOL source code
Remote Code Execution via SD Card on Keeper K5 20.1.0.25 and 20.1.0.63 Devices
Broken Authentication in Western Digital WD My Book World through II 1.02.12 allows unauthorized access to /admin/ directory
Arbitrary Code Execution Vulnerability in Cisco Webex Network Recording Player and Cisco Webex Player for Windows
Bluetooth AT Command Denial of Service Vulnerability in Samsung Galaxy Devices
Bluetooth-based Injection of AT Commands on Samsung Galaxy Devices: Leaking Sensitive Information
Customer Data Manipulation Vulnerability in Webkul Bagisto
Authenticated SQL Injection in OpenEMR through 5.0.2: Arbitrary Data Extraction via eye_base.php
Remote Code Execution via Macro Expression Location Settings in Centreon Web
Privilege Escalation Vulnerability in Centreon Web 19.04.4
DLL Hijacking Vulnerability in JetBrains ReSharper Installers (Pre-2019.2)
Unpublished Versions of Files Exposed in SilverStripe Versioned Files Module
Arbitrary Code Execution Vulnerability in Cisco Webex Network Recording Player and Cisco Webex Player for Windows
Memory Access Vulnerability in Suricata 4.1.4: Lack of Header Length Checking in Defrag4Reassemble Function
Memory Access Vulnerability in Suricata 4.1.4
Zero wanMTU Value Vulnerability in Tenda N301 Wireless Routers
Denial of Service Vulnerability in Linux Kernel's 9p Filesystem
DOM-based XSS in GFI Kerio Control v9.3.0: Exploiting Login Page to Steal Cleartext Credentials
XSS Vulnerability in HRworks 3.36.9: Exploiting Travel-Expense Report Purpose Field
XSS Vulnerability in HRworks FLOW 3.36.9: Exploiting Travel-Expense Report Purpose Field
Cross-Site Scripting (XSS) Vulnerability in Cisco Firepower Management Center (FMC) Software
Cross-Site Scripting (XSS) Vulnerability in Cisco Prime Infrastructure Web Interface
Cisco IoT-FND UDP Protocol Implementation Denial of Service Vulnerability
Adobe Acrobat and Reader Binary Planting Privilege Escalation Vulnerability
Use After Free Vulnerability in Adobe Acrobat and Reader Versions 2019.021.20056 and Earlier
Untrusted Pointer Dereference Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader Versions 2019.021.20056 and Earlier
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Unauthenticated Adjacent Attackers Can Access Sensitive Data in Cisco CMX Software
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader Versions 2019.021.20056 and Earlier
Adobe Acrobat and Reader Security Bypass Vulnerability
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Untrusted Pointer Dereference Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader Versions 2019.021.20056 and Earlier
Privilege Escalation and Configuration Modification Vulnerability in Cisco SD-WAN Solution CLI
Untrusted Pointer Dereference Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Buffer Error Vulnerability in Adobe Acrobat and Reader
Untrusted Pointer Dereference Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader Versions 2019.021.20056 and Earlier
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Reflected Cross-Site Scripting Vulnerability in Adobe Experience Manager Versions 6.0-6.5
Reflected Cross-Site Scripting Vulnerability in Adobe Experience Manager Versions 6.0-6.5
Adobe Experience Manager User Interface Injection Vulnerability
Expression Language Injection Vulnerability in Adobe Experience Manager
Insecure Default Configuration in Cisco SD-WAN Solution Allows Unauthorized Access to vSmart Containers
Stack-based Buffer Overflow Vulnerability in Adobe Acrobat Reader
Use After Free Vulnerability in Adobe Acrobat Reader Allows Arbitrary Code Execution
Privilege Escalation Vulnerability in Cisco SD-WAN Solution
Vulnerability in Cisco's Secure Boot Implementation Allows Unauthorized Firmware Modification
Arbitrary File Overwrite Vulnerability in Cisco SD-WAN Solution
Integer Overflow Privilege Escalation in Imagination Technologies Driver for Chrome OS
Root User Privilege Escalation and Denial of Service Vulnerability in Cisco SD-WAN Solution vContainer
Use-After-Free Vulnerability in libIEC61850 through 1.3.3
Directory Traversal Vulnerability in FireGiant WiX Toolset
Stored XSS Vulnerability in ConnectWise Control Appearance Modifier
CSRF Vulnerability in ConnectWise Control 19.3.25270.7185
Remote Code Execution Vulnerability in ConnectWise Control
Lack of HTTP Security Headers in ConnectWise Control
ConnectWise Control User Enumeration Vulnerability
CORS Misconfiguration in ConnectWise Control Allows Unauthorized Administrative Actions
Vulnerability: Unintended Temperature Manipulation via Bluetooth Low Energy (BLE) Packets on Swell Kit Mod Devices
Undocumented Feature in ESET Cyber Security for macOS Allows Unauthorized Root Command Execution
Arbitrary Command Execution Vulnerability in Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers
Stored XSS Vulnerability in All in One SEO Pack Plugin for WordPress
Reflected XSS Vulnerability in Broken Link Checker WordPress Plugin
Stored XSS Vulnerability in EU Cookie Law (GDPR) Plugin for WordPress
Stored XSS Vulnerability in Events Manager Plugin for WordPress
Stored XSS Vulnerability in Easy FancyBox WordPress Plugin
XSS Vulnerability in Checklist Plugin for WordPress
Sensitive Information Disclosure in AbuseFilter Extension for MediaWiki
Oversighted Edit Summaries Exposed in CheckUser Results
Improper Access Controls in Cisco Small Business RV320 and RV325 Routers Allow Unauthorized Retrieval of Sensitive Information
Remote Code Execution in Sonatype Nexus Repository Manager and IQ Server
Multiple CSRF Issues in LayerBB before 1.1.4: System Settings Modification via admin/general.php
HTTP Host Header Injection Vulnerability in YzmCMS V5.3
XSS Vulnerability in DrayTek Vigor2925 Firmware 3.8.4.3
XSS Vulnerability in DrayTek Vigor2925 Firmware 3.8.4.3 via Crafted WAN Name
Vulnerability: RCE and DoS via Native Protocol in ClickHouse (versions before 19.14)
Arbitrary Code Execution Vulnerability in Jenkins Script Security Plugin
Vulnerability: Unauthorized Deletion of Support Bundles in Jenkins Support Core Plugin
Vulnerability in Cisco Aironet Series Access Points Allows Unauthorized Root Access
Arbitrary File Deletion Vulnerability in Jenkins Support Core Plugin
Jenkins JIRA Plugin Allows Unauthorized Access to System Credentials
Unencrypted Storage of Credentials in Jenkins Anchore Container Image Scanner Plugin
Unencrypted Storage of Credentials in Jenkins Spira Importer Plugin
Unencrypted Storage of Credentials in Jenkins QMetry for JIRA - Test Management Plugin
Jenkins QMetry for JIRA - Test Management Plugin: Plain Text Transmission of Credentials
Insecure SSH Host Key Verification in Jenkins Google Compute Engine Plugin
Information Disclosure in Jenkins Google Compute Engine Plugin 4.1.1 and earlier
Cross-Site Request Forgery Vulnerability in Jenkins Google Compute Engine Plugin Allows Unauthorized Agent Provisioning
XML External Entity (XXE) Vulnerability in Jenkins Maven Release Plugin 0.16.1 and Earlier
Cross-Site Scripting (XSS) Vulnerability in Cisco Webex Meetings Server
Cross-Site Request Forgery Vulnerability in Jenkins Maven Release Plugin 0.16.1 and Earlier
Cross-Site Request Forgery Vulnerability in Jenkins Gerrit Trigger Plugin 2.30.1 and Earlier
Jenkins Gerrit Trigger Plugin 2.30.1 and Earlier: Missing Permission Check Allows Unauthorized Access
Jenkins Build Failure Analyzer Plugin 1.24.1 and Earlier: Cross-Site Request Forgery Vulnerability Exploiting Computationally Expensive Regular Expression Evaluation
Jenkins Build Failure Analyzer Plugin 1.24.1 and earlier: Missing Permission Check Allows for Computationally Expensive Regular Expression Evaluation
Uninterruptible Regular Expression Evaluation in Jenkins Build Failure Analyzer Plugin
Unencrypted Storage of Credentials in Jenkins Rundeck Plugin
Unencrypted Storage of Credentials in Jenkins Redgate SQL Change Automation Plugin
Jenkins Spira Importer Plugin 3.2.3 and earlier: SSL/TLS Certificate Validation Bypass
Unauthenticated Path Existence Disclosure in Jenkins WebSphere Deployer Plugin
Local Shell Access Vulnerability in Cisco Enterprise NFVIS CLI
Cross-Site Request Forgery Vulnerability in Jenkins WebSphere Deployer Plugin 1.6.1 and Earlier
Jenkins WebSphere Deployer Plugin SSL/TLS Certificate and Hostname Validation Bypass Vulnerability
Stored XSS Vulnerability in Jenkins buildgraph-view Plugin 1.8 and Earlier
Stored XSS vulnerability in Jenkins Mission Control Plugin 0.9.16 and earlier
Stored XSS vulnerability in Jenkins Pipeline Aggregator View Plugin 1.8 and earlier
Cross-Site Request Forgery Vulnerability in Jenkins Team Concert Plugin 1.3.0 and Earlier
Vulnerability: Missing Permission Check in Jenkins Team Concert Plugin Allows Unauthorized Access to Attacker-Specified URLs
Vulnerability: Enumeration of Credentials ID in Jenkins Team Concert Plugin
Jenkins SCTMExecutor Plugin 2.2 and earlier exposes service credentials in plain text
Cross-Site Request Forgery Vulnerability in Jenkins Mantis Plugin 0.26 and Earlier
Unauthorized Access Vulnerability in Cisco AMP Threat Grid
Jenkins RapidDeploy Plugin 4.1 and Earlier: Cross-Site Request Forgery Vulnerability Allows Unauthorized Server Connections
Unauthenticated Remote Connection Vulnerability in Jenkins RapidDeploy Plugin 4.1 and Earlier
Unencrypted Storage of Credentials in Jenkins Weibo Plugin
Cross-Site Request Forgery Vulnerability in Jenkins Alauda DevOps Pipeline Plugin
Jenkins Alauda DevOps Pipeline Plugin 2.3.2 and earlier: Missing Permission Check Allows Unauthorized Access to Attacker-Specified URLs
Cross-Site Request Forgery Vulnerability in Jenkins Alauda Kubernetes Support Plugin
Jenkins Alauda Kubernetes Support Plugin 2.3.0 and earlier - Missing Permission Check Vulnerability
Cross-Site Request Forgery (CSRF) Vulnerability in Cisco Unified Intelligence Center
Cisco Prime Infrastructure Integration Feature SSL Certificate Validation Vulnerability
Unauthenticated Remote Access Vulnerability in Cisco TelePresence Management Suite (TMS) Software
Cross-Site Scripting (XSS) Vulnerability in Cisco TelePresence Management Suite (TMS) Web Interface
Insufficient Authentication Controls in Cisco Prime Collaboration Assurance Software
Arbitrary Code Execution Vulnerability in Cisco RV Series Routers
Root Access Vulnerability in Cisco HyperFlex Software
SQL Injection Vulnerability in TuziCMS 2.0.6 via index.php/Mobile/Zhuanti/group?id= parameter
Stored XSS Vulnerability in ZrLog 2.1.1's article_edit Area
SQL Injection Vulnerability in TuziCMS 2.0.6 ZhuantiController.class.php
Arbitrary HTTP Host Header Phishing Vulnerability in Embedthis GoAhead 2.5.0
Unquoted Search Path Vulnerability in Maxthon Browser for Windows
Virtual Media Service Vulnerability on Supermicro H11, H12, M11, X9, X10, and X11 Products
Cross-Site Scripting (XSS) Vulnerability in Cisco HyperFlex Software Web Interface
Vulnerability: Privilege Escalation via Virtual Media Service on Supermicro X10 and X11 Products
Vulnerability: WAN IP Address Leakage via SNMP Commands on Virgin Media Super Hub 3
Remote Command Execution in Genius Bytes Genius Server (Genius CDDS) 3.2.2
Remote Code Execution Vulnerability in Genius Bytes Genius Server (Genius CDDS) 3.2.2
Reinstallation Vulnerability in joyplus-cms 1.6.0
Arbitrary PHP Code Execution in joyplus-cms 1.6.0 via Object Name Injection
XSS Vulnerability in TuziCMS 2.0.6 via PATH_INFO to Group URI
CSRF Vulnerability in TuziCMS 2.0.6's index.php/manage/notice/do_add
CSRF Vulnerability in TuziCMS 2.0.6's index.php/manage/link/do_add
Unauthenticated Remote Data Retrieval Vulnerability in Cisco HyperFlex Graphite Service
CSRF Vulnerability in joyplus-cms 1.6.0's admin_ajax.php?action=savexml&tab=vodplay
XSS Vulnerability in Ogma CMS 0.5: New Blog Creation
Command Execution Vulnerability in rConfig 3.9.2
Command Execution Vulnerability in rConfig 3.9.2
Cross-Site Scripting (XSS) Vulnerability in ThinkSAAS 2.91 via index.php?app=group&ac=create&ts=do groupname Parameter
Cross-Site Scripting (XSS) Vulnerability in ThinkSAAS 2.91 via index.php?app=group&ac=comment&ts=do&js=1 URI
CSRF Vulnerability in diag_command.php in pfSense 2.4.4-p3
Account Enumeration Vulnerability in Pagekit 1.0.17 Reset Password Feature
Arbitrary Data Write Vulnerability in Cisco HyperFlex Graphite Interface
Authentication Mechanism Brute-Force Vulnerability
Uncontrolled Resource Consumption Vulnerability in Weidmueller IE-SW Devices
Clear-text Transmission of Sensitive Credentials in Weidmueller IE-SW-VL05M, IE-SW-VL08MT, and IE-SW-PL10M Devices
Clear-text Password Storage Vulnerability
Predictable Authentication Information in Cookie Leads to Admin Password Compromise
Out-of-bounds Read and Remote Code Execution in PHOENIX CONTACT PC Worx and Config+
Incorrect Access Control in Plataformatec Simple Form's file_method in lib/simple_form/form_builder.rb
CSRF Vulnerability in idreamsoft iCMS V7.0
CSRF Vulnerability in YzmCMS 5.3 Allows Denial of Service via Superseding Route
Local File Inclusion Vulnerability in Gila CMS before 1.11.1
Cross-Site Scripting (XSS) Vulnerability in Cisco SocialMiner Chat Feed
Path Traversal Vulnerability in GNOME file-roller
Arbitrary URL Opening and Deceptive Content Injection Vulnerability in Traveloka Android App
SQL Injection Vulnerability in TYPO3 URL Redirect Extension
Xoops 2.5.10 Image Manager Breadcrumb Hover XSS Vulnerability
Xoops 2.5.10 Image-Manager JavaScript Payload Execution Vulnerability
Stored XSS Vulnerability in Dolibarr 9.0.5 User Group Description Section
Stored XSS Vulnerability in Dolibarr 9.0.5 User Note Section
Stored XSS and Privilege Escalation in Dolibarr 9.0.5 User Profile Signature Section
Stored XSS Vulnerability in Dolibarr 9.0.5 Email Template Section
Cisco Firepower Threat Defense (FTD) Software Memory Exhaustion Vulnerability
SQL Injection Vulnerability in phpIPAM 1.4 via app/admin/custom-fields/filter-result.php
SQL Injection Vulnerability in phpIPAM 1.4 via app/admin/custom-fields/order.php
SQL Injection Vulnerability in phpIPAM 1.4 via app/admin/custom-fields/edit-result.php
SQL Injection Vulnerability in phpIPAM 1.4 via app/admin/custom-fields/filter.php
SQL Injection Vulnerability in phpIPAM 1.4 via app/admin/custom-fields/edit.php
Unrestricted Data Access in TYPO3 Direct Mail Extension
Remote Code Execution in sr_freecap TYPO3 Extension
Cross-Site Scripting (XSS) Vulnerability in Cisco Unified Intelligence Center Software
Arbitrary File Upload and Potential Remote Code Execution in TYPO3 slub_events Extension
Remote Code Injection in pfSense through 2.3.4 through 2.4.4-p3 via methodCall XML document with pfsense.exec_php call
Buffer Overflow Vulnerability in Integard Pro 2.2.0.9026 Allows Remote Code Execution
Stored XSS vulnerability in admin/infolist_add.php in PHPMyWind 5.6
Stored XSS vulnerability in admin/infoclass_update.php in PHPMyWind 5.6
Out of Bounds Read Vulnerability in Ming (libming) 0.4.8's OpCode() Function
CSRF Vulnerability in kkCMS v1.3 Allows Unauthorized User Account Addition
Invalid Read Vulnerability in Hunspell 1.7.0's SuggestMgr::leftcommonsubstring
Memory Leak in ImageMagick 7.0.8-35: XCreateImage Vulnerability
Memory Leak in ImageMagick 7.0.8-35: Vulnerability in coders/dps.c
Cross-Site Scripting (XSS) Vulnerability in Cisco Firepower Management Center (FMC) Web Interface
Memory Leak in ImageMagick 7.0.8-35: Vulnerability in coders/dot.c
Memory Leak in Huffman2DEncodeImage in ImageMagick 7.0.8-40
Memory Leak in Huffman2DEncodeImage in ImageMagick 7.0.8-43
Memory Leak in ImageMagick 7.0.8-43: Vulnerability in coders/dot.c
Uninitialized Fields in rds6_inc_info_copy Vulnerability
Incorrect Access Control in OX App Suite through 7.10.2
Cross-Site Scripting (XSS) Vulnerability in OX App Suite through 7.10.2
Command Injection Vulnerability in radare2 bin_symbols() Function
WTCMS 1.0 Vulnerability: CSRF and XSS via index.php?g=admin&m=index&a=index
Cisco Web Security Appliance (WSA) Decryption Policy Bypass Vulnerability
Arbitrary File Upload Vulnerability in ZZZCMS zzzphp v1.7.2
CSRF Vulnerability in NoneCMS v1.3 Allows Unauthorized Deletion of Admin User
Insufficient Protection Mechanism in ZZZCMS zzzphp v1.7.2 Allows PHP Code Execution
Cacti 1.2.6 Authenticated User Bypass Vulnerability
Arbitrary Code Execution via Structured Exception Handler (SEH) Buffer Overflow in File Sharing Wizard 1.5.0
XSS Vulnerability in Joomla! 3.x before 3.9.12 via Logo Parameter
DOMPurify 2.0.1 and Earlier: XSS Vulnerability via innerHTML Mutation (mXSS) in SVG or MATH Element
Local Root Escalation Vulnerability in pam-python
Cisco Identity Services Engine (ISE) Web-Based Management Interface Cross-Site Scripting (XSS) Vulnerability
Arbitrary Command Execution in Petwant PF-103 Firmware 4.22.2.42 and Petalk AI 3.2.2.30
Remote Code Execution and Device Manipulation in Petwant PF-103 and Petalk AI Firmware
Unencrypted Firmware Upgrade Vulnerability in Petalk AI and PF-103: Allowing Man-in-the-Middle Attackers to Execute Arbitrary Code as Root User
Arbitrary Command Execution Vulnerability in Petwant PF-103 Firmware 4.22.2.42 and Petalk AI 3.2.2.30
Default Credentials Vulnerability in Petwant PF-103 Firmware 4.3.2.50 and Petalk AI 3.2.2.30
Stack-based Buffer Overflow in Petwant PF-103 Firmware and Petalk AI: Remote Code Execution Vulnerability
Stack-based Buffer Overflow in Petwant PF-103 Firmware and Petalk AI
Arbitrary Command Execution Vulnerability in Petwant PF-103 Firmware and Petalk AI
Information Disclosure of Suppressed Usernames via User ID Lookup in MediaWiki
Arbitrary Command Execution Vulnerability in Cisco Webex Meetings Desktop App and Cisco Webex Productivity Tools
eBrigade before 5.0 - SQL Injection in evenement_ical.php
eBrigade before 5.0: Critical SQL Injection Vulnerability in evenements.php cid Parameter
eBrigade before 5.0 - SQL Injection in evenement_choice.php
Buffer Overflow in Linux Kernel's nl80211.c
Invalid Pointer Free Vulnerability in MatrixSSL DTLS Server
Heap-based Buffer Over-read in ASN.1 Certificate Data Parsing in wolfSSL through 4.1.0
Default Local Account with Static Password Vulnerability in Cisco Aironet Active Sensor
Reflected Cross Site Scripting (XSS) in Devise Token Auth's omniauth failure endpoint
Arbitrary HTTP Request Vulnerability in DAPS, Dash Core, and PIVX
Weak Signature Scheme Design in Decentralized Anonymous Payment System (DAPS) and Private Instant Verified Transactions (PIVX)
NULL Pointer Dereference Vulnerability in RIOT 2019.07 MQTT-SN Implementation
Pre-Authenticated Remote Command Execution Vulnerability in BMC Remedy ITSM Suite
Directory Traversal Vulnerability in Lexmark Services Monitor 2.27.4.0.39
Remote Command Execution via widgetConfig[code] Parameter in vBulletin 5.x through 5.5.4
Cisco Meeting Server (CMS) Software Denial of Service Vulnerability
Vulnerability: Incorrect Dependency Download in Cargo Prior to Rust 1.26.0
Bitcoin Script Vulnerability: Specially Crafted Scripts Trigger SLP Consensus Hard-Fork
Specially Crafted Bitcoin Script Vulnerability Allows for SLP Consensus Hard-Fork
Unsanitized URL Vulnerability in Pannellum 2.5.0 - 2.5.4 Allows for Potential XSS Attacks
Denial of Service Vulnerability in PowAssent: Unsafe Use of `String.to_atom/1`
Arbitrary Code Execution Vulnerability in Visual Studio Code with CodeQL Extension
Wagtail-2FA Authentication Bypass Vulnerability
Conditional Admin Sys Mode Vulnerability
Information Leakage Vulnerability in Sylius
Cross-site Scripting (XSS) Vulnerability in serialize-javascript npm Package
Cross-Site Scripting Vulnerability in Cisco Webex Meetings for Android
Denial of Service Vulnerability in Puma's Reactor
Armeria 0.85.0 - 0.96.0 HTTP Response Splitting Vulnerability
Cross-site Scripting (XSS) Vulnerability in serialize-to-js NPM Package
Object Injection Vulnerability in PHPFastCache Cookie Driver
Arbitrary File Write Vulnerability in npm CLI
Arbitrary File Write Vulnerability in npm CLI
Arbitrary File Overwrite Vulnerability in npm CLI
Heap Buffer Overflow in UnsortedSegmentSum in TensorFlow
Race Condition Vulnerability in RubyGem excon before 0.71.0
Cisco Meeting Server Denial of Service Vulnerability
XSS Vulnerability in WordPress Block Editor Allows JavaScript Injection
Authenticated User JavaScript Injection in WordPress Block Editor
Timing Attack Vulnerability in Rack RubyGem
Local Privilege Escalation Vulnerability in PyInstaller on Windows
HTTP Request Smuggling/Splitting Vulnerability in Waitress 1.3.1
Vulnerability: HTTP Request Parsing Issue in Waitress 1.3.1
HTTP Request Smuggling Vulnerability in Waitress 1.4.0: Proxy Bypass and Cache Poisoning
Title: Authenticated SSRF Vulnerability in Cisco TelePresence Conductor, Expressway Series, and TelePresence VCS Software
Remote Code Execution Vulnerability in Tiny File Manager 2.3.9
Vulnerability: Downgrade of Effective STS Policy in postfix-mta-sts-resolver before 0.5.1
Request Smuggling Vulnerability in Waitress 1.3.1
Arbitrary Text Injection Vulnerability in Cisco Webex Business Suite
Cisco Network Convergence System 1000 Series TFTP Arbitrary File Retrieval Vulnerability
Privilege Escalation Vulnerability in Cisco APIC FUSE Filesystem Functionality
Improper Validation of Server Certificates in Cisco IP Phones Allows Eavesdropping and Call Manipulation
Cisco IP Phone 7800 and 8800 Series Denial of Service Vulnerability
Cisco Unity Connection SAML SSO Interface Cross-Site Scripting Vulnerability
Vulnerability: Bypassing ACL Protection on Cisco ASR 9000 Series Routers
Untrusted Search Path Vulnerability in Code42 App for Windows
Untrusted Search Path Vulnerability in Code42 Server for Windows
Reflected XSS Vulnerability in OpenEMR 5.x before 5.0.2.1
TPM-FAIL: Side-Channel Timing Attack on STMicroelectronics ST33TPHF2ESPI TPM Devices
Remote Code Execution via SSH Access in CompleteFTP Server
Memory Allocation and Processing Time Vulnerability in Pillow
Uninitialized Memory Access Vulnerability in Unbound DNS Server
Arbitrary File Deletion Vulnerability in HongCMS 3.0.0
Arbitrary File Deletion Vulnerability in Emlog through 6.0.0beta via admin/data.php?action=dell_all_bak with Directory Traversal
HTTP Request Smuggling Vulnerability in Netty before 4.1.42.Final
TCP Proxy Denial of Service Vulnerability in Cisco ASA and FTD Software
Remote Code Execution via Beckhoff ADS Protocol in Beckhoff Embedded Windows PLCs and Twincat on Windows Engineering Stations
Incorrect Access Control in Portainer before 1.22.1
Cross-Site Scripting (XSS) vulnerability in Portainer before 1.22.1
Incorrect Access Control in Portainer before 1.22.1 (Issue 2 of 4)
Directory Traversal Vulnerability in Portainer before 1.22.1
Incorrect Access Control in Portainer before 1.22.1
Cross-Site Scripting (XSS) Vulnerability in Portainer before 1.22.1
Missing Authentication for Critical Function in Synergy Systems & Solutions (SSS) HUSKY RTU 6049-E70 Firmware Versions 5.0 and Prior
Unauthenticated Access and DoS Vulnerability in Cisco Network Assurance Engine (NAE) Management Web Interface
Double Free Vulnerability in Linea Crate's Matrix::zip_elements Method
Use-after-free vulnerability in portaudio-rs crate allows arbitrary code execution
Cloning Flaw in String-Interner Crate Allows Memory Read Vulnerability
AppArmor Restriction Bypass Vulnerability in runc
Remote Code Execution via Crafted Cookies in OkayCMS
Buffer Overflow Vulnerability in IrfanView 4.53
Denial of Service Vulnerability in Ubiquiti EdgeMAX Devices
Arbitrary File Upload Vulnerability in Cisco Webex Teams iOS Client
XSS Vulnerability in Halo 1.1.0 via Crafted authorUrl in JSON Data
Remote Command Execution Vulnerability in Liferay Portal CE 6.2.5 via JSON Deserialization
Uncompressed Size Spoofing Vulnerability in Rubyzip
Unauthenticated Reboot Vulnerability in TP-Link TP-SG105E V4 1.0.0 Build 20181120
SQL Injection through Insecure Deserialization in download.php of inoERP 4.15
Arbitrary File Write Vulnerability in K7 Ultimate Security 16.0.0117
Privilege Escalation via Arbitrary Registry Writes in K7 Antivirus Software
Arbitrary Code Execution Vulnerability in Advantech WebAccess/HMI Designer 2.1.9.31
Unauthenticated Access Vulnerability in Cisco APIC Management Interface
Advantech WebAccess/HMI Designer 2.1.9.31 User Mode Write AV Vulnerability
WebAccess/HMI Designer 2.1.9.31 Exception Handler Chain Corruption Vulnerability
Unauthenticated Arbitrary File Deletion in ARforms Plugin 3.7.1 for WordPress
Directory Traversal Vulnerability in Platinum UPnP SDK 1.2.0
Stored XSS Vulnerability in TeamPass 2.1.27.36 via Crafted Passwords
Pre-Authentication Integer Overflow in OpenSSH XMSS Key Parsing Algorithm
Unauthenticated User Notification Access Vulnerability in Infosysta In-App & Desktop Notifications App for Jira
Unauthenticated User Enumeration in Infosysta In-App & Desktop Notifications App for Jira
Unauthenticated Access to Jira Project List in Infosysta In-App & Desktop Notifications App
Unauthorized Access to Jira Project List via Infosysta In-App & Desktop Notifications App
Cisco Firepower Threat Defense Software SSL/TLS Packet Header DoS Vulnerability
Insufficient Entropy in Deterministic ECDSA RNG
Privilege Escalation Vulnerability in PC Protect Antivirus v4.14.31
Cross-Site Scripting (XSS) Vulnerability in pfSense through 2.4.4-p3
Unsanitized Parameter in pfSense Widget Allows Path Traversal
SQL Injection Vulnerability in WiKID Enterprise 2FA Server
Harbor API Broken Access Control Vulnerability: Unauthorized Robot Account Creation
Unauthenticated Remote Access to Sensitive System Usage Information in Cisco APIC Software
Title: Critical Unauthenticated Remote Code Execution Vulnerability in Multiple D-Link Products
Uninitialized Data Structure Vulnerability in hns_roce_alloc_ucontext
Unintended Public Exposure of Files in SuiteCRM 7.10.x and 7.11.x
XSS Vulnerability in kkcms 1.3 via jx.php?url= Parameter
Cleartext Password Transmission Vulnerability in Nulock Application 1.5.0
XSS Vulnerability in Flower 0.9.3 via @app.task's name parameter
XSS Vulnerability in Flower 0.9.3 via Crafted Worker Name
Out-of-Bounds Write Vulnerability in Xpdf 4.01.01's TextPage::findGaps Function
Exim Remote Code Execution via Heap-Based Buffer Overflow in EHLO Command
Incorrect Access Control in Auth0 auth0.net: Unintended Validation of Untrusted ID Tokens
WebVPN Service Denial of Service Vulnerability
IP Address Discovery Vulnerability in Zcashd Prior to 2.0.7-3
Stored XSS Vulnerability in Visualizer Plugin 3.3.0 for WordPress
Blind SSRF Vulnerability in Visualizer Plugin for WordPress
XSS Vulnerability in Python XML-RPC Server
Cisco ASA and FTD Software Denial of Service Vulnerability
Arbitrary Code Execution Vulnerability in NSA Ghidra 9.0.4 Experimental Mode
Polymorphic Typing Vulnerability in FasterXML jackson-databind
Polymorphic Typing Vulnerability in FasterXML jackson-databind
SSRF Vulnerability in Enghouse Web Chat 6.1.300.31 Allows Port Scanning on Internal Network
Email Spoofing and Phishing Vulnerability in Enghouse Web Chat
Unauthenticated Adjacent Attack Vulnerability in Cisco ASA and FTD Software
XSS Vulnerability in Enghouse Web Chat 6.1.300.31 and 6.2.284.34: Exploitable QueueName Parameter
Remote File Include Vulnerability in Enghouse Web Chat 6.2.284.34: Unauthorized Data Retrieval and Information Disclosure
HTML Injection Vulnerability in SolarWinds Web Help Desk 12.7.0 via Comment in Help Request Ticket
XSS Vulnerability in SolarWinds Web Help Desk 12.7.0 via Uploaded SVG Document
XSS Vulnerability in SolarWinds Web Help Desk 12.7.0 via Request Type Parameter
Cross-Site Scripting (XSS) Vulnerability in SolarWinds Web Help Desk 12.7.0 via User Account First Name Field
Arbitrary Code Injection through Location Name in SolarWinds Web Help Desk 12.7.0
CSV Injection in SolarWinds Web Help Desk 12.7.0 via Ticket Attachment
Denial of Service Vulnerabilities in Cisco Firepower Threat Defense Software
Cross-Site Scripting (XSS) Vulnerability in SolarWinds Web Help Desk 12.7.0 via Crafted Location Name Field in CSV Template File
XSS Vulnerability in SolarWinds Web Help Desk 12.7.0 via Schedule Name
HTML Injection Vulnerability in Zoho ManageEngine Desktop Central 10.0.430 via Modified Report Name in New Custom Report
Command Injection Vulnerability in FusionPBX Call Center Queue Module
Command Injection Vulnerability in FusionPBX up to 4.5.7 Allows Remote Code Execution as www-data
Unsanitized Group Variable XSS Vulnerability in Contactmanager
Cross-Site Scripting (XSS) Vulnerability in Manager Module of FreePBX
Cross-Site Scripting (XSS) Vulnerability in FusionPBX up to 4.5.7
Unsanitized c Variable in FusionPBX up to 4.5.7 Leads to XSS Vulnerability
LDAP Packet Parsing Vulnerability in Cisco ASA and FTD Software
Unsanitized savemsg Variable in FusionPBX up to 4.5.7 Allows for XSS
Unsanitized contact_uuid Variable in FusionPBX up to 4.5.7 Leads to XSS Vulnerability
Unsanitized id Variable in FusionPBX Contact Addresses PHP File Leads to XSS Vulnerability
Unsanitized query_string Variable in FusionPBX Contact Edit Page Leads to XSS Vulnerability
Unsanitized id Variable in FusionPBX Contact Times PHP File Leads to XSS Vulnerability
Unsanitized id Variable in FusionPBX Contact Notes PHP File Leads to XSS Vulnerability
Unsanitized query_string Variable in FusionPBX up to 4.5.7 Leads to XSS Vulnerability
Unsanitized query_string Variable in FusionPBX up to 4.5.7 Leads to XSS Vulnerability
Unsanitized id Variable in FusionPBX v4.5.7 Allows XSS Attacks
Unsanitized id Variable in FusionPBX Contact URLs PHP File Leads to XSS Vulnerability
XML External Entity (XXE) Vulnerability in Cisco IoT-FND Software Allows Unauthorized Information Access
SQL Injection Vulnerability in FusionPBX v4.5.7's call_broadcast_edit.php
Unsanitized id Variable in FusionPBX Conference Profile Params.php Leads to XSS Vulnerability
Unsanitized id Variable in FusionPBX v4.5.7 Allows XSS Vulnerability
Cross-Site Scripting (XSS) Vulnerability in FusionPBX up to v4.5.7
Unsanitized filename Variable in FusionPBX v4.5.7 Allows XSS via app\recordings\recording_play.php
Unsanitized rec Variable in FusionPBX Allows Arbitrary File Deletion
Unsanitized f Variable in FusionPBX Download.php Allows Arbitrary File Download
Unsanitized query_string Variable in FusionPBX Contact Import Leading to XSS
Unsanitized eavesdrop_dest Variable in FusionPBX v4.5.7 Allows for XSS
Unsanitized c Variable in FusionPBX conference_interactive.php Leads to XSS Vulnerability
Command Injection Vulnerability in Cisco Firepower Threat Defense (FTD) Software
Unsanitized file Variable in FusionPBX Allows Arbitrary File Download
Unsanitized file Variable in FusionPBX up to v4.5.7 Allows XSS via app\edit\filedelete.php
Insufficient Notice of Private Key Usage in Keybase App 2.13.2 for iOS
CSRF Token Verification Vulnerability in phpBB Administration Control Panel
Memory Leak in sit_init_net() in Linux Kernel
Memory Leak in hsr_dev_finalize() in Linux Kernel
SQL Injection Vulnerability in Metinfo 7.0.0beta via product_admin.class.php
SQL Injection Vulnerability in Metinfo 7.0.0beta via app/system/language/admin/language_general.class.php
SQL Injection in CloudBoot API via Crafted Status Field in JSON Data
FPGA Ingress Buffer Management Denial of Service Vulnerability
CSP Bypass in Cross-Origin Frame via Object Tag with Data URI in Firefox < 70
Bypassing Content-Security-Policy with Object Tag: Cross-Site Scripting (XSS) Vulnerability in Firefox 69
Insecure Link Drag-and-Drop Vulnerability in Firefox < 70
QR Code JavaScript Execution Vulnerability
Static-sized array overflow vulnerability in Thunderbird, Firefox ESR, and Firefox
Buffer Overflow Vulnerability in Network Security Services (NSS)
Denial of Service Vulnerability in Network Security Services (NSS) 3.44 and earlier
Use-after-free vulnerability in nested workers during destruction
Unrestricted File Writing Vulnerability in Updater Service
Cross-Site Scripting (XSS) Vulnerabilities in Cisco WebVPN Service
Race Condition Vulnerability in Resist Fingerprinting Preference Check
Race condition leading to use-after-free vulnerability in Thunderbird and Firefox
Memory Corruption Vulnerabilities in Firefox 70 and Firefox ESR 68.2
Memory Corruption Vulnerabilities in Firefox 70
Cross-Origin Information Leak via Drag and Drop in Firefox < 71
Pointer Offset Manipulation Vulnerability in Firefox ESR < 68.4 and Firefox < 72 on Windows
CSS Sanitizer Incorrectly Rewrites @namespace Rule in Firefox ESR < 68.4 and Firefox < 72, Allowing for Data Exfiltration
Type Confusion Vulnerability in Firefox ESR < 68.4 and Firefox < 72
Windows 10 Keyboard Word Suggestion Retention Vulnerability in Firefox < 72
Python File Execution Vulnerability in Firefox on Windows
Cross-Site Scripting (XSS) Vulnerabilities in Cisco Enterprise Chat and Email Web Interface
XML External Entity (XXE) Injection in Firefox < 72
Race Condition Vulnerability in Firefox ESR and Firefox: Heap Address Disclosure in Windows
Clipboard-based CSS Injection Vulnerability in Firefox ESR < 68.4 and Firefox < 72
Invalid State Transition in TLS State Machine in Firefox < 72
Memory Corruption Vulnerabilities in Firefox 71 and Firefox ESR 68.3
Memory Corruption Vulnerability in Firefox 71
Type Confusion Vulnerability in IonMonkey JIT Compiler for Array Element Setting
Cisco Firepower Threat Defense (FTD) Software Denial of Service Vulnerability
Denial of Service Vulnerabilities in Cisco Firepower Threat Defense Software
Out-of-Bounds Access Vulnerability in Rsyslog v8.1908.0
Heap Overflow in AIX Log Message Parser in Rsyslog v8.1908.0
Heap Overflow in Rsyslog v8.1908.0 Cisco Log Message Parser
Privilege Escalation in BMC Patrol Agent 9.0.10i
Privilege Escalation via Weak Execution Permissions in BMC Patrol Agent 9.0.10i
Stored XSS Vulnerability in Ilch 2.1.22 Jobs Tab
Remote Code Execution in Ilch 2.1.22 via Misconfigured Allowed Files
NETGEAR SRX5308 4.3.5-3 SQL Injection Vulnerability Allows Unauthorized User Account Creation
Cisco ASA Software Remote Access VPN Session Manager Denial of Service Vulnerability
Arbitrary File Read and Delete Vulnerability in Voyager Package
Unsanitized Attachment Files in Evernote macOS: Code Execution Vulnerability
Unprivileged User Raw Socket Creation Vulnerability in Linux Kernel (CID-0614e2b73768)
Unprivileged User Raw Socket Creation Vulnerability in Linux Kernel (CVE-2019-18683)
Unprivileged Users Can Create Raw Sockets in Linux Kernel (CID-6cc03e8aa36c)
Unprivileged User Raw Socket Creation Vulnerability in Linux Kernel
Unprivileged User Raw Socket Creation Vulnerability in Linux Kernel
Cross-Site Scripting (XSS) Vulnerability in Footy Tipping Software AFL Web Edition 2019
Arbitrary File Upload and Remote Code Execution in Footy Tipping Software AFL Web Edition 2019
Sophos Cyberoam Firewall Appliance Shell Injection Vulnerability
Cisco ASA Software Cryptography Module Denial of Service Vulnerability
BLE Link Layer Header Vulnerability on NXP KW41Z
Cypress PSoC BLE Link Layer Header Vulnerability
Session Fixation Vulnerability in OXID eShop
PDFxStream before 3.7.1 (Java): Long Running Computation Due to Page-Tree Mishandling
NULL Pointer Dereference in Xpdf 4.02's Catalog.cc
User Registry Hijacking Vulnerability in Ivanti WorkSpace Control
Port-forwarding vulnerability in PuTTY before version 0.73 on Windows allows for connection hijacking
Vulnerability: PuTTY before 0.73 Bracketed Paste Mode Protection Bypass
Denial of Service Vulnerability in PuTTY Versions Prior to 0.73
Cross-Site Scripting (XSS) Vulnerability in Cisco DNA Center Web Interface
XSS Vulnerability in Liquid-Speech-Balloon WordPress Plugin
Client Dash Plugin 2.1.4 for WordPress XSS Vulnerability
SQL Injection Vulnerability in new-contact-form-widget Plugin for WordPress
Directory Traversal Vulnerability in Emlog through 6.0.0beta
Stored XSS Vulnerability in XunRuiCMS 4.3.1 Module_Category Area
Vulnerability: Stack Variable Usage in cxgb4 Driver Allows for Denial of Service
Remote Code Execution and Denial of Service Vulnerability in Jamf Pro
Cisco ASA and FTD Software MOBIKE Denial of Service Vulnerability
Code Execution Vulnerability in mintinstall 7.9.9 for Linux Mint
Micro Focus Operations Agent XXE Attack Vulnerability in Versions 12.0-12.11
AcuToWeb Unauthorized File Download Vulnerability
Command Injection Vulnerability in Cisco Firepower Threat Defense (FTD) Software
Reflected XSS Vulnerability in Mojarra JavaServer Faces
Arbitrary Script Injection Vulnerability in OpenProject Project List
DLL Preloading Vulnerability in Avast and AVG Antivirus
Stack-based Buffer Overflow in Belkin WeMo Insight Switch Firmware
Command Injection Vulnerability in Bitdefender BOX 2: Arbitrary Execution of System Commands
OS Command Injection Vulnerability in Bitdefender BOX 2's Bootstrap Stage
Hard-coded cryptographic key vulnerability in August Connect Wi-Fi Bridge App and Firmware
Untrusted Search Path Vulnerability in Bitdefender Endpoint Security Tools
Unauthenticated Remote Access Vulnerability in Cisco ASR 9000 Series Routers
Untrusted Search Path Vulnerability in Bitdefender Total Security 2020 Allows Arbitrary Code Execution
Command Injection Vulnerability in Netatmo Smart Indoor Camera Firmware
Race condition vulnerability in Bitdefender BOX 2 allows arbitrary command execution
Bitdefender AV for Mac Incorrect Default Permissions Vulnerability
Missing HTTPOnly Flag in Centreon VM Apache HTTP Server Cookie Configuration
Predictable Token Generation in Centreon Web 2.8.27
Lateral Movement Vulnerability in Centreon Web through 2.8.29
Arbitrary Code Execution in minPlayCommand.php in Centreon Web
Local File Inclusion and Stored XSS Vulnerability in Centreon Web
Remote Directory Traversal Vulnerability in Koji 1.18.0: Privilege Escalation
Cisco IOS XR Software Event Management Service Daemon Denial of Service Vulnerability
Exposure of Mail Server Configuration File in Zoho ManageEngine DataSecurity Plus
Buffer overflow vulnerability in libopenmpt_modplug.c in libopenmpt before 0.3.19 and 0.4.x before 0.4.9
Stored and Reflected XSS Vulnerability in WiKID 2FA Enterprise Server through 4.2.0-b2047
Multiple Cross-Site Scripting (XSS) Vulnerabilities in WiKID 2FA Enterprise Server through 4.2.0-b2047
Stored and Reflected Cross-Site Scripting (XSS) Vulnerability in WiKID 2FA Enterprise Server through 4.2.0-b2047
Arbitrary SQL Command Execution Vulnerability in WiKID 2FA Enterprise Server
CSRF Vulnerability in WiKID 2FA Enterprise Server through 4.2.0-b2053 Allows Remote Attackers to Perform Unauthorized Actions
SQL Injection Vulnerabilities in Logs.jsp in WiKID 2FA Enterprise Server through 4.2.0-b2053
Cisco IOS XR Software PIM AutoRP Denial of Service Vulnerability
Stored and Reflected XSS Vulnerability in WiKID 2FA Enterprise Server through 4.2.0-b2047
XSS Vulnerability in REDCap before 9.3.4 via Lock Record Custom Text Values
Email Spoofing Vulnerability in eGain Web Email API 11+
Vulnerability: Incorrect Access Control in Kramer VIAware 2.5.0719.1034
Angular CSTI Vulnerability in SolarWinds Orion Platform 2019.2 HF1: Escaping Angular Sandbox for Stored XSS
Stored Client Side Template Injection (CSTI) in SolarWinds Orion Platform 2019.2 HF1: Angular Expression Injection for Stored XSS and Privilege Escalation
Unauthenticated SQL Injection (Boolean Based Blind) in Netreo OmniCenter Login Page
Cross-Site Request Forgery Vulnerability in Cisco ASA Software Web-Based Management Interface
External URL Mishandling in vBulletin 5.5.4
Clickjacking Vulnerability in vBulletin before 5.5.4
Avatar Upload Vulnerability in vBulletin 5.5.4
Buffer Overflow Vulnerability in cfg80211_mgd_wext_giwessid in Linux Kernel through 5.3.2
Authentication Bypass Vulnerability in Amphora Images of OpenStack Octavia
Arbitrary Code Execution via DXF File Parsing in Foxit PhantomPDF 9.5.0.20723
Arbitrary Code Execution via DXF to PDF Conversion in Foxit PhantomPDF 9.5.0.20723
Null Byte Injection Vulnerability in NETGEAR AC1200 R6220 Firmware version 1.1.0.86 Smart WiFi Router
Remote Code Execution Vulnerability in Foxit Studio Photo 3.6.6.909 via JPEG to EPS Conversion
Arbitrary Code Execution via Javascript Processing in Foxit PhantomPDF 9.5.0.20723
SAML SSO VPN Session Hijacking Vulnerability
Arbitrary Code Execution via OnFocus Event Handling in Foxit PhantomPDF 9.6.0.25114
Arbitrary Code Execution Vulnerability in Foxit PhantomPDF 9.6.0.25114
Arbitrary Code Execution via Keystroke Action in Foxit PhantomPDF 9.6.0.25114
Remote Code Execution Vulnerability in Foxit PhantomPDF 9.6.0.25114 via Malicious DWG Files (ZDI-CAN-9273)
Arbitrary Code Execution via DWG to PDF Conversion in Foxit PhantomPDF 9.6.0.25114
Arbitrary Code Execution via DXF to PDF Conversion in Foxit PhantomPDF 9.6.0.25114
Arbitrary Code Execution in D-Link DCS-960L v1.07.102 via HNAP Service
Arbitrary Code Execution Vulnerability in TP-LINK TL-WR841N Routers
Privilege Escalation Vulnerability in Parallels Desktop 14.1.3 (45485)
Insufficient Entropy in Cisco ASA and FTD Software DRBG: Cryptographic Key Collision Vulnerability
Remote Code Execution Vulnerability in Tencent WeChat Prior to 7.0.9
Cisco IP Phone 7800 and 8800 Series Web Management Interface Authentication Bypass Vulnerability
Cisco Video Surveillance Manager Web Interface Information Disclosure Vulnerability
Absolute Path Traversal Vulnerability in joyplus-cms 1.6.0
Cross-Site Scripting (XSS) Vulnerability in Genesys PureEngage Digital (eServices) 8.1.x
Memory Leak Vulnerability in libfreerdp/codec/region.c
Memory Leak in HuffmanTree_makeFromFrequencies Function in LodePNG
Multiple Versions of Software Vulnerability Fixed in 5.0.2.1
Cisco Identity Services Engine (ISE) Web Interface Denial of Service Vulnerability
Arbitrary File Modification Vulnerability in Valve Steam Client
Remote SEH Buffer Overflow in IntraSrv 1.0 (2007-06-03): Compromise via Crafted HTTP Request
Memory Exhaustion Vulnerability in Foxit Reader before 9.7
Privilege Escalation Vulnerability in Xerox AtlaLink and C-Series Printers
Denial-of-Service Vulnerability in FreeRADIUS 3.0.x
Pre-Authentication Remote Code Execution in FiberHome HG2201T 1.00.M5007_JS_201804 via telnet.cgi
Pre-Authentication Directory Traversal Vulnerability in FiberHome HG2201T 1.00.M5007_JS_201804 Devices
Unrestricted File Upload Vulnerability in Fecshop FecMall 2.3.4
XSS Vulnerability in totemodata 3.0.0_b936 via Folder Name
Cisco Identity Services Engine (ISE) Web-Based Guest Portal Cross-Site Scripting (XSS) Vulnerability
Avast Secure Browser Local Privilege Escalation Vulnerability
Unauthenticated Call Answer Vulnerability in Signal Private Messenger for Android
WebRTC Videoconferencing Denial of Service Vulnerability in Signal Private Messenger
Uncaught Exception Vulnerability in Connect2id Nimbus JOSE+JWT (before v7.9)
SQL Injection in Lifestyle Demographic Filter Criteria in OpenEMR
Directory Traversal Vulnerability in WPO WebPageTest 19.04 on Windows
XML API Denial of Service Vulnerability in Cisco Expressway Series and Cisco TelePresence Video Communication Server
Vulnerability: Unauthorized Elevation of Privilege in FastTrack Admin By Request 6.1.0.0
Insecure Privilege Elevation in FastTrack Admin By Request 6.1.0.0
Stored XSS Vulnerability in TeamPass 2.1.27.36 via Crafted Password in Search Page
Stored XSS vulnerability in TeamPass 2.1.27.36 via crafted Knowledge Base label and item addition.
Stored XSS in TeamPass 2.1.27.36 via Username Field during Login Attempt
Arbitrary Script Execution via Uncontrolled Deserialization in Frost Ming Rediswrapper
Reflected XSS Vulnerability in Broken Link Checker WordPress Plugin 1.11.8
XML Input Handling Vulnerability in Cisco Expressway Series and Cisco TelePresence Video Communication Server Allows for CPU Exhaustion and Denial of Service
Denial-of-Service Vulnerability in MQTT Library in Arm Mbed OS 2017-11-02
Integer Overflow in CoAP Library in Arm Mbed OS 5.14.0
Buffer Overflow Vulnerabilities in Arm Mbed OS 5.14.0 CoAP Library
Unauthenticated Stored XSS Vulnerability in WebARX Plugin 1.3.0 for WordPress
WebARX Plugin 1.3.0 for WordPress Firewall Bypass Vulnerability
V-Zug Combi-Steam MSLQ Devices Vulnerable to Password Brute-Force Attack
Weak Password Hashing Vulnerability in V-Zug Combi-Steam MSLQ Devices
CSRF Vulnerability in V-Zug Combi-Steam MSLQ Devices
Unencrypted Communication Vulnerability in V-Zug Combi-Steam MSLQ Devices
Unauthenticated Network Access on V-Zug Combi-Steam MSLQ Devices
Cross-Site Request Forgery (CSRF) Vulnerability in Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) FindMe Feature
Cross-Site Scripting (XSS) Vulnerability in Rocket.Chat before 2.1.0 via ![title] Line
Arbitrary File Read Vulnerability in PhantomJS 2.1.1
Stored XSS Vulnerability in Intelbras WRN 150 1.0.17 Devices
HTML Injection Vulnerability in Dolibarr ERP/CRM 10.0.2 via user/note.php
Path Traversal Vulnerability in Compal Broadband CH7465LG Modem Web Interface
XSS Vulnerability in Subrion 4.2.1: Admin Member JSON Update
XSS Vulnerability in CMS Made Simple (CMSMS) 2.2.11 via Search Term Field
Unauthenticated Options Changes in Motors-Car-Dealership-Classified-Listings Plugin
Multiple Stored XSS Vulnerabilities in Motors - Car Dealer & Classified Ads Plugin for WordPress
Cisco CSPC Default Account Vulnerability
Unauthenticated Options Changes Vulnerability in OneTone WordPress Theme
Multiple Stored XSS Vulnerabilities in OneTone WordPress Theme
Unauthenticated Options Import Vulnerability in Ultimate FAQs Plugin
HTML Content Injection in EWD_UFAQ_Import.php Plugin for WordPress
Unauthenticated Arbitrary File Deletion in IgniteUp Plugin for WordPress
Information Disclosure Vulnerability in igniteup Plugin for WordPress
Stored XSS Vulnerability in igniteup Plugin for WordPress
CSRF Vulnerability in igniteup Plugin for WordPress
Multiple Unauthenticated Stored XSS Vulnerabilities in Download Plugins Dashboard Plugin for WordPress
Session Hijacking Vulnerability in Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers
Bypassing Brute-Force Protection in Bludit 3.9.2 via Forged X-Forwarded-For or Client-IP Headers
User Mode Write AV Vulnerability in IrfanView 4.53
User Mode Write AV Vulnerability in IrfanView 4.53
JPEG_LS Code Flow Control Vulnerability in IrfanView 4.53
JPEG_LS Code Flow Control Vulnerability in IrfanView 4.53
User Mode Write AV Vulnerability in IrfanView 4.53
User Mode Write AV Vulnerability in IrfanView 4.53
JPEG_LS+0x0000000000007da8 Write Address Vulnerability in IrfanView 4.53
User Mode Write AV Vulnerability in IrfanView 4.53
User Mode Write AV Vulnerability in IrfanView 4.53
Vulnerability: Arbitrary File Overwrite and Command Injection in Cisco UCS B-Series Blade Servers
User Mode Write AV Vulnerability in IrfanView 4.53
User Mode Write AV Vulnerability in IrfanView 4.53
User Mode Write AV Vulnerability in IrfanView 4.53
User Mode Write AV Vulnerability in IrfanView 4.53
Arbitrary Write Vulnerability in IrfanView 4.53
User Mode Write AV Vulnerability in IrfanView 4.53
User Mode Write AV Vulnerability in IrfanView 4.53
IrfanView 4.53 Exception Handler Chain Corruption Vulnerability
JPEG_LS Write Address Vulnerability in IrfanView 4.53
User Mode Write AV Vulnerability in KMPlayer 4.2.2.31
Vulnerability: Unauthorized Access to Internal Services in Cisco NX-OS Software
Read Access Violation Vulnerability in MPC-HC through 1.7.13
XnView Classic 2.49.1 User Mode Write AV Vulnerability
User Mode Write AV Vulnerability in XnView Classic 2.49.1
Heap-based Buffer Over-read in libyal libfwsi
Heap-based Buffer Over-read in libyal liblnk
Heap-based Buffer Over-read in libsoup's soup_ntlm_parse_challenge() Function
Polymorphic Typing Vulnerability in FasterXML jackson-databind
Code-execution backdoor vulnerability in omniauth-weibo-oauth2 gem 0.4.6
Remote Command Execution in Intellian Remote Access 3.18 via Ping Test Field
Privilege Escalation Vulnerability in Cisco NX-OS Software Python Scripting Subsystem
Unauthenticated Remote Command Execution in Yachtcontrol via /pages/systemcall.php?command={COMMAND}
SQL Injection Vulnerability in vBulletin 5.5.4 via ajax/api/hook/getHookList or ajax/api/widget/getWidgetList Parameter
ONTAP Select Deploy Administration Utility Privilege Escalation Vulnerability
IPv6 Denial of Service Vulnerability in E-Series SANtricity OS Controller Software version 11.60.0
Default Account Vulnerability in NetApp FAS and AFF Baseboard Management Controller (BMC) Firmware
Arbitrary Code Execution Vulnerability in OnCommand Cloud Manager Versions Prior to 3.8.0
Cross-Site Scripting Vulnerability in OnCommand System Manager
Arbitrary Command Execution Vulnerability in Cisco FXOS and NX-OS Software
Vulnerability: Privilege Escalation and File Overwrite in Cisco NX-OS Software
SQL Injection Vulnerability in SugarCRM pmse_Inbox Module
SQL Injection Vulnerability in SugarCRM pmse_Project Module
SQL Injection Vulnerability in SugarCRM Export Function
SQL Injection Vulnerability in SugarCRM History Function
SQL Injection Vulnerability in SugarCRM Contacts Module by Regular User
SQL Injection Vulnerability in SugarCRM Quotes Module
SQL Injection Vulnerability in SugarCRM Administration Module
PHP Code Injection in SugarCRM Administration Module
Vulnerability: Privilege Escalation in Cisco NX-OS Software Guest Shell
PHP Code Injection Vulnerability in SugarCRM Administration Module
PHP Code Injection in SugarCRM ModuleBuilder Module by Admin User
PHP Code Injection in SugarCRM ModuleBuilder Module
PHP Code Injection in SugarCRM MergeRecords Module by Developer User
PHP Code Injection in SugarCRM MergeRecords Module by Admin User
PHP Code Injection in SugarCRM MergeRecords Module
PHP Code Injection in SugarCRM Configurator Module
PHP Code Injection in SugarCRM Tracker Module by Admin User
PHP Code Injection in SugarCRM Emails Module by Regular User
PHP Code Injection in SugarCRM EmailMan Module by Admin User
Vulnerability in Cisco NX-OS Software Allows Exposure of Private SSH Keys
PHP Code Injection in SugarCRM Campaigns Module by Admin User
Directory Traversal Vulnerability in SugarCRM Attachment Function
Directory Traversal Vulnerability in SugarCRM
Directory Traversal Vulnerability in SugarCRM Studio Module
Directory Traversal Vulnerability in SugarCRM Configurator Module
PHP Object Injection Vulnerability in SugarCRM Administration Module
PHP Object Injection Vulnerability in SugarCRM Import Module
PHP Object Injection in SugarCRM UpgradeWizard Module
SQL Injection Vulnerability in SugarCRM pmse_Inbox Module
SQL Injection Vulnerability in SugarCRM Emails Module by Regular User
Time-of-Check, Time-of-Use (TOCTOU) Race Condition Vulnerability in Cisco NX-OS Software RPM Subsystem
Buffer Overflow Vulnerability in NetSarang XFTP Client 6.0149 and Earlier Versions
Information Disclosure Vulnerability in ClipSoft REXPERT 1.0.0.527 and Earlier Versions
Arbitrary File Creation Vulnerability in ClipSoft REXPERT 1.0.0.527 and Earlier Versions
Arbitrary File Creation and Execution Vulnerability in ClipSoft REXPERT
Directory Traversal Vulnerability in ClipSoft REXPERT 1.0.0.527 and Earlier Versions
Arbitrary File Upload Vulnerability in ClipSoft REXPERT 1.0.0.527 and Earlier Versions
Arbitrary File Deletion Vulnerability in ClipSoft REXPERT 1.0.0.527 and Earlier Versions
Directory Traversal Vulnerability in JEUS 7 and JEUS 8 Administration Web Page
Cross-Site Scripting (XSS) Vulnerability in Cisco NX-OS Software's NX-API Sandbox Interface
Multiple Cross-Site Scripting (XSS) Vulnerabilities in TIBCO EBX Web Server Component
Stored Cross-Site Scripting (XSS) Vulnerability in TIBCO EBX Add-ons
Stored Cross-Site Scripting (XSS) Vulnerability in TIBCO EBX Add-ons
Stored Cross-Site Scripting (XSS) Vulnerability in TIBCO EBX Web Server Component
Remote Code Execution Vulnerability in TIBCO Spotfire Visualizations Component
Multiple Privilege Escalation Vulnerabilities in TIBCO Spotfire Analytics Platform and Spotfire Server
Multiple Vulnerabilities in TIBCO Spotfire Analytics Platform and Spotfire Server Allow Unauthorized Access to Credentials
Reflected Cross-Site Scripting (XSS) Vulnerability in TIBCO Spotfire Analytics Platform and Server
Persistent Cross-Site Scripting Vulnerabilities in TIBCO Patterns - Search
TIBCO Silver Fabric VirtualRouter Component URL Script Injection Vulnerability
Incomplete RBAC Verification Allows Unauthorized Access to Sensitive System Files in Cisco FXOS and NX-OS Software
Xen Grant-Table Transfer Request Mishandling Vulnerability
Race condition vulnerability during addition of passed-through PCI device in Xen
Race Condition in Xen Allows Denial of Service and Privilege Escalation
Xen Privilege Escalation and Denial of Service Vulnerability
Denial of Service Vulnerability in Xen through 4.11.x
Denial of Service Vulnerability in Xen 4.8.x through 4.11.x
Xen Privilege Escalation and Denial of Service Vulnerability
Xen Privilege Escalation and Denial of Service Vulnerability
Denial of Service Vulnerability in Xen due to PCID and Shadow-Pagetable Switching Incompatibility
Denial of Service Vulnerability in Xen Arm DomU LoadExcl/StoreExcl Operation
Arbitrary Command Execution Vulnerability in Cisco NX-OS Software
Denial of Service Vulnerability in Xen Arm DomU Compare-and-Exchange Operation
Unrestricted Resource Consumption Vulnerability in Xen Guest Memory Mapping
File Upload Bypass Vulnerability in JFinal cos before 2019-08-13
Unauthenticated Access and Data Modification Vulnerability in D-Link DIR-615 Firmware
Unauthenticated Access and Data Modification Vulnerability in Zyxel NBG-418N v2 Firmware V1.00(AARP.9)C0
Insecure Logging of Credentials in Orbitz Android App
Insecure Transmission of Login Credentials in Infinite Design Android App
Cacti 1.2.7 SQL Injection Vulnerability in graphs.php
Unsafe Deserialization in Cacti 1.2.7: Array Population Vulnerability
Memory Allocation Vulnerability in Bouncy Castle Crypto (BC Java) 1.63
Vulnerability in Cisco UCS C-Series Rack Servers Allows Bypass of UEFI Secure Boot Validation
Uncontrolled Resource Consumption Vulnerability in Hitachi Command Suite 7.x and 8.x
Command Injection Vulnerability in SaltStack Salt-API with SSH Client Enabled
Out-of-bounds Read and Crash Vulnerability in LibTomCrypt
Arbitrary Command Execution in Petwant PF-103 Firmware and Petalk AI
Arbitrary User Account Access Vulnerability in Nix through 2.3
Improper Access Control in Citrix Application Delivery Management (ADM) 12.1 before build 54.13
CSRF Vulnerability in OpenWRT Firmware Version 18.06.4
XSS Vulnerability in S-CMS v1.5 via member_login.php
CSRF Vulnerability in OTCMS v3.85 Admin Panel Allows Unauthorized Account Creation
Interface Wedge and Denial of Service (DoS) Vulnerability in Cisco IOS Software and Cisco IOS XE Software
Arbitrary PHP Code Execution in OTCMS v3.85 via into/**/outfile Manipulation
Memory Leak in gif2png 2.5.13's writefile Function
Authentication Bypass Vulnerability in Certain NETGEAR Devices
Unauthenticated Access to Critical Pages in NETGEAR Devices via .jpg Substring Vulnerability
Persistent API Token Credentials in cPanel (SEC-517)
Self XSS vulnerability in cPanel SSL Certificate Upload interface (SEC-521)
Self XSS vulnerability in cPanel LiveAPI example scripts (SEC-524)
Self XSS vulnerability in cPanel SSL Key Delete interface (SEC-526)
Self-stored XSS vulnerability in cPanel WHM SSL Storage Manager interface (SEC-527)
Denial of Service Vulnerability in Cisco IOS and IOS XE Software with NBAR
Self XSS vulnerability in cPanel's WHM Update Preferences interface (SEC-528)
Unauthenticated Creation of Elements in Zabbix Dashboard
Insecure File Permissions in netaddr Gem for Ruby
XSS Vulnerability in animate-it Plugin for WordPress (Version < 2.3.4)
XSS Vulnerability in animate-it Plugin for WordPress (<=2.3.5)
CSRF Vulnerability in animate-it Plugin for WordPress
AVPNC_RP Service Authentication Flaw Allows Arbitrary Code Execution and Privilege Escalation
Privilege Escalation through Weak File Permissions in Aviatrix VPN Client
UDP Socket Read Error in RIOT 2019.07 MQTT-SN Implementation
Cisco IOS Software and Cisco IOS XE Software DNS Parsing Denial of Service Vulnerability
Local Privilege Escalation in Pronestor Planner Outlook Add-In
ESP32 Mask ROM Code Vulnerability: Glitch-based Read Access to Protected eFuses
Weak Password Recovery Mechanism in Progress Sitefinity 12.1 due to Mishandling of HTTP Host Header
Cleartext Communication and Credential Sniffing Vulnerability in Tomedo Server Version 1.7.3
Authentication Credentials Exposed in Seesaw Parent and Family App for Android
Sensitive User Credentials Exposed in Rapid Gator Android App Logs
Insecure Storage of Credentials in PowerSchool Mobile Application for Android
Insecure Logging of Credentials in DoorDash Android App
Sensitive Token Information Exposed in Dark Horse Comics Android App Logs
Path Traversal Vulnerability in Shack Forms Pro Extension for Joomla!
Cisco IOS Software and Cisco IOS XE Software NBAR DNS Parsing Denial of Service Vulnerability
Path Traversal and SSRF Vulnerability in unoconv Package
Heap-based Buffer Over-read in liblnk_location_information_read_data
Unvalidated Relationship of Size and Offset in Exiv2 0.27.2
Nokia IMPACT < 18A: Unrestricted File Upload Vulnerability with Remote Code Execution
Nokia IMPACT < 18A: Full Path Disclosure Vulnerability
Nokia IMPACT < 18A: Reflected Self XSS Vulnerability
Nokia IMPACT < 18A Path Traversal Vulnerability with Potential RCE
Arbitrary Code Execution Vulnerability in ZZZCMS zzzphp 1.7.3
Reflected XSS Vulnerability in OpenEMR 5.x before 5.0.2.1 in view.php
Cisco IOS XE Software Denial of Service Vulnerability in Encrypted Traffic Analytics (ETA) Feature
Denial of Service Vulnerability in tinylcy Vino through 2017-12-15
SEH-based Buffer Overflow in File Sharing Wizard 1.5.0 (CVE-2020-XXXX)
Cross-Site Scripting (XSS) Vulnerability in PbootCMS 2.0.2 via Pboot/admin.php?p=/Single/index/mcode/1 and Pboot/?contact/ URIs
SQL Injection in MetInfo 7.0 via appno parameter in language_general module
SQL Injection in MetInfo 7.0 via admin_user&a=doGetUserInfo id parameter
Unauthorized Access to Sensitive Configuration Information in Cisco IOS XE Software Web UI
HTTP Protocol Parsing Error in OISF LibHTP Allows Bypassing HTTP Header Signature
Privilege Escalation via Incorrect File Permissions in Zoho ManageEngine OpManager and Firewall Analyzer
Stack-based Buffer Overflow in processPrivilage() Function in nipper-ng 0.11.10 Allows Remote Code Execution or Denial of Service
Bypassing Access Control in Automattic Mongoose through 5.7.4
Persistent XSS Vulnerability in Redmine before 3.4.11 and 4.0.x before 4.0.4
Encryption Implementation Flaw in Intesync Solismed 3.3sp1 Allows for Database Decryption
SQL Injection Vulnerability in Adhouma CMS (through 2019-10-09) via post.php p_id Parameter
Unauthorized Filesystem Changes Vulnerability in Cisco IOS XE Software
XSS Vulnerability in EyouCms login.php web_recordnum Parameter
CSRF Vulnerability in fastadmin 1.0.0.20190705_beta's admin/add Endpoint
CSRF Vulnerability in fastadmin 1.0.0.20190705_beta's General Config Edit
XSS Vulnerability in z-song laravel-admin 1.7.3 via Slug or Name on Roles Screen
XSS Vulnerability in LavaLite 5.7: Crafted Account Name Mishandling on Manage Clients Screen
GlobalProtect Agent for Windows Local Privilege Escalation Vulnerability
Local Privilege Escalation Vulnerability in GlobalProtect Agent for Linux and Mac OS X
Privilege Escalation Vulnerability in Palo Alto Networks PAN-OS
Improper Restriction of Communications to Log Forwarding Card (LFC) on PA-7000 Series Devices with Second-Generation Switch Management Card (SMC) Vulnerability
Default Password Vulnerability in Jfrog Artifactory
Symbolic Link Following Vulnerability in Eracent EDA, EPA, EPM, EUA, FLW, and SUM Agent
Untrusted Search Path Vulnerability in Eracent EPA Agent
DLL Side-Loading Vulnerability in Avira Software Updater
Arbitrary Command Injection Vulnerability in Cisco IOS XE Software
Denial of Service Vulnerability in find_abstract_instance in libbfd
Integer Overflow Vulnerability in GNU Binutils 2.32
NULL Pointer Dereference Vulnerability in Bento4 1.5.1.0
NULL Pointer Dereference Vulnerability in Bento4 1.5.1.0
NULL Pointer Dereference Vulnerability in Bento4 1.5.1.0
Stack-based Buffer Over-read in Libntlm through 1.5
Cisco IOS and IOS XE Software Cluster Management Protocol (CMP) Denial of Service Vulnerability
Denial of Service Vulnerability in Cisco IOS and IOS XE Software via Malicious SMS Messages
Cisco Network Plug-and-Play Agent Certificate Validation Vulnerability
Cross-Site Scripting (XSS) Vulnerability in b3log Symphony (aka Sym) before 3.6.0 via HTTP User-Agent Header
Cross-Site Scripting (XSS) Vulnerability in Jiangnan Online Judge (jnoj) 0.8.0 via Problem[title] Parameter
Denial of Service Vulnerability in Cisco ASR 900 RSP3: Ingress Traffic Validation Flaw
Arbitrary File Upload Vulnerability in Jiangnan Online Judge (JNOJ) 0.8.0
Cross-Site Scripting (XSS) Vulnerability in Jiangnan Online Judge (jnoj) 0.8.0 via Problem[description] Parameter
Cross-Site Scripting (XSS) Vulnerability in Jiangnan Online Judge (jnoj) 0.8.0 via Problem[sample_input] Parameter
XSS Vulnerability in Laravel-Bjyblog 6.1.1 via Crafted URL
CSS Injection Vulnerability in Swagger UI Allows CSS-Based Input Field Value Exfiltration
Stored XSS Vulnerability in Craft CMS (<=3.3.8) via Name Field during Site Deletion
NTLM SSO Hash Theft Vulnerability in Tracker PDF-XChange Editor
Integer Overflow Vulnerability in libssh2 v1.9.0 and Earlier: Arbitrary Memory Read and Denial of Service
Remote Command Execution Vulnerability in Compal CH7465LG 6.12.18.25-2p4 Devices
Denial of Service (DoS) Vulnerability in Cisco Catalyst 4500 Series Switches
Arbitrary OS Command Execution in Centreon 19.04 via main.php?p=60807&type=4
NULL Pointer Dereference and Daemon Crash in Hydra 0.1.8 when Processing POST Requests without Content-Length Header
Unauthenticated Access to Database Information in Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5
Reflected Cross-site Scripting (XSS) Vulnerability in Kirona Dynamic Resource Scheduling (DRS) 5.5.3.5
Unauthenticated Access to Wi-Fi SSID and Password in D-Link DAP-1320 A2-V1.21 Routers
Unauthenticated Access to D-Link DIR-868L B1-2.03 and DIR-817LW A1-1.04 Routers
Unauthenticated Access to Management Pages on D-Link DIR-816 A1 1.06 Devices
Command Injection Vulnerability in D-Link DIR-859 A3-1.06 and DIR-850 A1.13 Devices
Arbitrary OS Command Execution in D-Link DIR-846 Firmware 100A35
Cisco IOS Software NAT64 Denial of Service Vulnerability
Arbitrary OS Command Execution in D-Link DIR-846 Firmware 100A35
Unauthenticated Access to Log Files on D-Link DIR-412 A1-1.14WW Routers
Unauthenticated Log Clearing Vulnerability in D-Link DIR-412 A1-1.14WW Routers
HTTP Response Splitting Vulnerability in Ratpack
Potentially Misleading Documentation in Python's glob.glob() Function
Cross Site Scripting (XSS) Vulnerability in CleanTalk WordPress Plugin
Buffer Overflow Vulnerability in Dialog Semiconductor SDK for DA14580/1/2/3 Devices
Buffer Overflow Vulnerability in Dialog Semiconductor SDK for DA1468x Devices
Buffer Overflow Vulnerability in NXP SDK for KW41Z Devices via Bluetooth Low Energy Implementation
ISDN Function Vulnerability in Cisco IOS Software and Cisco IOS XE Software Allows Remote Device Reload
Denial of Service Vulnerability in Texas Instruments SDK for CC2640R2 Devices
CSRF Vulnerability in Landing-CMS 0.0.6 Allows Unauthorized Password Change
Stored XSS Vulnerability in Hotaru CMS v1.7.2 via admin_index.php?page=settings SITE NAME Field
Technicolor TC7300 STFA.51.20 XSS Vulnerability in /FTPDiag.asp
Technicolor TC7300 STFA.51.20 XSS Vulnerability in Connected Clients Field
CAPTCHA Bypass Vulnerability in D-Link DIR-615 T1 20.10 Login Page
Python Code Injection in SageMath Sage Cell Server
SQL Injection in JS JOBS FREE Extension for Joomla!
SEGV Vulnerability in Bento4 1.5.1.0: AP4_TfhdAtom::SetDefaultSampleSize
Heap-based Buffer Over-read in Bento4 1.5.1.0
Privilege Escalation via Web UI in Cisco IOS XE Software
Heap-based Buffer Over-read in Bento4 1.5.1.0
Polymorphic Typing Vulnerability in FasterXML jackson-databind
Denial of Service Vulnerability in Belkin Wemo Switch 28B WW_2.00.11057.PVT-OWRT-SNS Devices
Heap-Based Buffer Over-Read Vulnerability in Mat_VarReadNextInfo4 Function of MATIO 1.5.17
Use-after-free vulnerability in vips_foreign_load_gif_scan_image in libvips before 8.8.2
Gila CMS 1.11.4 XSS Vulnerability in blog-list.php
Unrestricted File Upload Vulnerability in Gila CMS 1.11.4
Directory Traversal Vulnerability in Jiangnan Online Judge (jnoj) 0.8.0 Allows File Deletion
Directory Traversal Vulnerability in Jiangnan Online Judge (aka jnoj) 0.8.0
NULL Pointer Dereference Vulnerability in avcodec_open2 in FFmpeg before 4.2
Cisco IOS XE Software Authorization Subsystem Privilege Escalation Vulnerability
Heap-Based Buffer Overflow in ImageMagick's ReadPSInfo Function
Use-after-free vulnerability in ImageMagick before 7.0.8-55
Heap-based Buffer Overflow in FFmpeg's vqa_decode_chunk Function
Heap-based Buffer Overflow in LZ4_write32: Vulnerability in LZ4 Compression Algorithm (CVE-2020-12695)
Stack-based Buffer Over-read in GNU Aspell's libaspell.a
PoolDestroy Double Free Vulnerability in GDAL through 3.0.1
Integer Overflow Leading to Heap-Based Buffer Overflow in LibTIFF
Use-after-free vulnerability in ImageMagick's TraceBezier function in MagickCore/draw.c (CVE-XXXX-XXXX)
ESET Cyber Security Denial-of-Service Vulnerability
Arbitrary Command Execution Vulnerability in Cisco IOS XE Software
Reflected XSS Vulnerability in Blog2Social WordPress Plugin (CVE-2021-XXXX)
Stored XSS vulnerability in Apak Wholesale Floorplanning Finance
SQL Injection Vulnerability in idreamsoft iCMS v7.0.14's 'Upload Spider Project Scheme' Feature
SQL Injection Vulnerability in MetInfo v7.0.0 beta via admin/?n=tags&c=index&a=doSaveTags URI
XML External Entity (XXE) Vulnerability in Apache Olingo 4.0.0 to 4.6.0
Vulnerability: DoS Attack via AsyncResponseWrapperImpl in Apache Olingo
Apache Olingo AbstractService Class Deserialization Vulnerability
Apache Syncope EndUser UI Login Page Reflects SuccessMessage Parameters Vulnerability
Remote Code Execution through VelocityResponseWriter in Apache Solr 5.0.0 to Apache Solr 8.3.1
Apache Traffic Server Smuggling Attack and Scheme Parsing Vulnerability
Command Execution Vulnerability in Cisco IOS XE Software
Insecure SSL Certificate Validation in Apache NetBeans Autoupdate System
Code Signature Validation Bypass in Apache NetBeans Autoupdate System
Buffer Overflow Vulnerability in Apache CloudStack Baremetal Component
Session Fixation Vulnerability in Apache Tomcat 7.0.0 to 7.0.98, 8.5.0 to 8.5.49, and 9.0.0.M1 to 9.0.29
Dubbo HTTP Remoting Deserialization Vulnerability
Apache Traffic Server Chunked Encoding Smuggling Vulnerability
Apache Batik Vulnerability: Server-Side Request Forgery via xlink:href Attribute
Apache HTTP Server mod_proxy_wstunnel Vulnerability: Bypassing HTTP Validation and Authorization
HTTP Request Smuggling Vulnerability in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50, and 7.0.98 to 7.0.99
Unauthorized Data Access Vulnerability in Cisco Smart Call Home Feature
Untrusted Deserialization Vulnerability in Apache XML-RPC Library
Log4j SocketServer Deserialization Remote Code Execution Vulnerability
Directory Traversal Vulnerability in Apache RocketMQ 4.2.0 to 4.6.0
Apache CXF /services Page Reflected XSS Vulnerability
Arbitrary Code Execution in Popup Maker Plugin for WordPress
File-Rename Filter Bypass Vulnerability in WBCE CMS 1.4.0 and Earlier
Cross-Site Scripting (XSS) Vulnerability in Dolibarr 10.0.2 via outgoing email setup feature
Cross-Site Scripting (XSS) Vulnerability in Dolibarr 10.0.2 via Outgoing Email Setup
Cross-Site Scripting (XSS) Vulnerability in Dolibarr 10.0.2 via outgoing email setup feature
XSS Vulnerability in SonarQube Project Links
Unauthenticated Access Vulnerability in Cisco Catalyst 6500 Series Switches
SQL Injection Vulnerability in Tonyy Dormsystem 1.3's admin.php
DOM XSS Vulnerability in Tonyy Dormsystem 1.3
Use-after-free vulnerability in _zip_dirent_read function of libzip 1.2.0
Remote Denial of Service Vulnerability in iCMS 7.0.15
Default SSH Keys in Meinberg SyncBox/PTP/PTPv2 Devices Allow Root Access
ACL Bypass Vulnerability in Cisco IOS XE Software
CSRF Protection Bypass in CSRF Magic Library
Regular Expression Denial of Service in csv-parse module for Node.js
CSRF Vulnerability in JIZHICMS 1.5.1 Allows Unauthorized Administrator Addition
Heap-Based Buffer Over-Read Vulnerability in _nc_find_entry Function in ncurses Library
Heap-Based Buffer Over-Read Vulnerability in fmt_entry Function of Ncurses Library
Panic Vulnerability in Go Versions 1.12.11 and 1.3.x
Proxy Credential Exposure in Lightbend Play Framework
Reflected XSS Vulnerability in Quiz And Survey Master Plugin for WordPress
Denial of Service (DoS) Vulnerability in Cisco IOS XE Software
Administrator Login Credentials Disclosure in Intelbras IWR 1000N 1.6.4 Devices
Stack-based Buffer Overflow in MiniShare 1.4.1 via HTTP CONNECT Request
SQL Injection Vulnerability in Zoho ManageEngine OpManager
Memory Corruption Vulnerability in Asus Aura Sync through 1.07.71
Insecure Direct Object Reference (IDOR) Vulnerability in eyecomms eyeCMS Allows Unauthorized Modification of Candidate Information
Mass Assignment Vulnerability in eyecomms eyeCMS Allows Unauthorized Account Takeover
Stored XSS Vulnerability in Hexo-Admin Plugin: Post Editor Functionality
XSS Vulnerability in HongCMS 3.0.0 via install/index.php Servername Parameter
XSS Vulnerability in HongCMS 3.0.0 via install/index.php dbname Parameter
XSS Vulnerability in HongCMS 3.0.0 via dbusername parameter in install/index.php
Insufficient Memory Initialization Vulnerability in Cisco IOS and IOS XE Software's HSRP Subsystem
XSS Vulnerability in HongCMS 3.0.0 via install/index.php dbpassword Parameter
XSS Vulnerability in HongCMS 3.0.0 via tableprefix Parameter
SQL Injection in 74CMS v5.2.8 via Admin Ad Category Sort Parameter
Remote Code Execution Vulnerability in Qibosoft 7
Secure Storage Vulnerability in Cisco IOS and IOS XE Software Allows Unauthorized Access to Sensitive System Information
Remote Command Execution Vulnerability in D-Link DIR-859 Wi-Fi Router
Stack-based Buffer Overflow in XQueryKeymap Function in X.Org X Server 1.20.4
Stored XSS Vulnerability in Rambox 0.6.9 Allows Code Execution via Name Field
Remote Code Execution in ReportLab through 3.5.26 via colors.py
Yale Bluetooth Key Vulnerability: Unauthorized Unlock via BLE Traffic Sniffing
Stored XSS Vulnerability in CMS Made Simple (CMSMS) 2.2.11 via Crafted Image Filename
Cisco IP Phone 8800 Series Web Management Interface Authorization Bypass and DoS Vulnerability
Stored XSS Vulnerability in CMS Made Simple (CMSMS) 2.2.11 via Crafted Image Filename
Unrestricted Access to Diagnostic Operations in Eclipse OpenJ9 0.15 to 0.16
Unescaped Exception Messages in Error Output in Eclipse Jetty
Arbitrary Workspace Start Vulnerability in Eclipse Che Versions 6.16 to 7.3.0
Cross Site Scripting (XSS) Vulnerability in Eclipse Memory Analyzer
Deserialization Vulnerability in Eclipse Memory Analyzer
Unrestricted File Access Vulnerability in Eclipse Theia Mini-Browser Extension
XML External Entity (XXE) Vulnerability in Eclipse Web Tools Platform
Double Release of ByteBuffer in Eclipse Jetty (CVE-2020-27223)
Vulnerability: System.arraycopy Length Mismatch in Eclipse OpenJ9 on Power Platforms
Cross-Site Request Forgery (CSRF) Vulnerability in Cisco IP Phone 8800 Series
Path Traversal Vulnerability in Eclipse Vert.x StaticHandler
CSRF Vulnerability with Remote Command Execution in Centreon Autodiscovery Plugin
Sensitive Information Disclosure in Centreon via Unauthenticated Direct Request
Sensitive Information Disclosure in Centreon via Unauthenticated Direct Request
Unauthenticated Information Disclosure in Centreon
Unauthenticated Information Disclosure in Centreon via api/external.php
SQL Injection Vulnerability in Centreon's hostXML.php
Arbitrary File Write Vulnerability in Cisco IP Phone 8800 Series SIP Software
FortiClient for Mac OS Root Process Command Injection Vulnerability
Stored Cross Site Scripting (XSS) Vulnerability in FortiSIEM Device Maintenance Schedule
Stack Buffer Overflow Vulnerability in FortiClient for Linux 6.2.1 and Below
CSRF Vulnerability in Fortinet FortiSIEM 5.2.5 Allows Remote Attackers to Hijack User Sessions
FortiManager Cross-Site WebSocket Hijacking (CSWSH) Vulnerability
Cleartext Storage of SSL VPN User Credentials in FortiOS and FortiProxy
Stack-based Buffer Overflow in FortiOS and FortiProxy HTTPD Daemon
Uncontrolled Resource Consumption Vulnerability in Fortinet Products: Slow HTTP DoS Attacks
Elevated Privileges Vulnerability in FortiClient FortiTray Component
Cisco IP Phone 8800 Series SIP Software Disk Utilization Denial of Service Vulnerability
Cross-Site Scripting (XSS) Vulnerability in LimeSurvey 3.19.1 and Earlier
CSV Injection in Codepress-Admin-Columns Plugin 3.4.6 for WordPress Allows Remote Code Execution
Arbitrary File Read Vulnerability in ThinVNC 1.0b1
D-Link DIR-866L 1.03B04 XSS Vulnerability in Common Gateway Interface
Untrusted Search Path Vulnerability in NSA Ghidra
DLL Hijacking Vulnerability in NSA Ghidra 9.0.2 and Earlier
Buffer Overflow Vulnerability in rtl_p2p_noa_ie in Linux Kernel
XSS and HTML Injection Vulnerability in Comtech H8 Heights Remote Gateway 2.5.1 Site Name Field
Security Vulnerability: Unregistered Fingerprint Unlock Exploit on Samsung Galaxy S10 and Note10 Devices
WordPress SSRF Vulnerability in URL Validation
Buffer Overflow and Command Injection Vulnerability in Cisco NX-OS Software
WordPress 5.2.4 SSRF Vulnerability in Windows Path Handling
Unauthenticated Content Viewing Vulnerability in WordPress 5.2.4
Stored XSS Vulnerability in WordPress before 5.2.4 Allows Injection of JavaScript into STYLE Elements
Cache Poisoning Vulnerability in WordPress JSON GET Requests
Stored XSS Vulnerability in WordPress Customizer
CSRF Vulnerability in WordPress before 5.2.4
CSRF Vulnerability in MetInfo 7.0.0beta Allows Unauthorized User Account Addition
Buffer Overflow and Command Injection Vulnerability in Cisco NX-OS Software
Arbitrary Command Execution Vulnerability in Cisco NX-OS Software
Privilege Escalation Vulnerability in Cisco NX-OS Software
Arbitrary Code Execution Vulnerability in Cisco Webex Network Recording Player and Cisco Webex Player for Windows
Arbitrary Code Execution Vulnerability in Cisco Webex Network Recording Player and Cisco Webex Player for Windows
Arbitrary Code Execution Vulnerability in Cisco Webex Network Recording Player and Cisco Webex Player for Windows
Arbitrary Command Execution Vulnerability in Cisco NX-OS Software
Arbitrary Command Execution Vulnerability in Cisco NX-OS Software
Privilege Escalation Vulnerability in Cisco NX-OS CLI
Cross-Site Scripting (XSS) Vulnerability in Cisco Registered Envelope Service
Arbitrary Command Execution Vulnerability in Cisco NX-OS Software
Arbitrary Command Execution Vulnerability in Cisco FXOS and NX-OS CLI
Arbitrary Command Execution Vulnerability in Cisco FXOS and NX-OS Software
Arbitrary Command Execution Vulnerability in Cisco FXOS and NX-OS CLI
Arbitrary Command Execution Vulnerability in Cisco FXOS and NX-OS CLI
Privilege Escalation Vulnerability in Cisco NX-OS Software
Arbitrary Command Execution Vulnerability in Cisco NX-OS Software
Denial of Service Vulnerability in ClamAV RAR File Scanning
Denial of Service Vulnerability in ClamAV PDF Scanning Functionality
ClamAV PDF Scanning Functionality Denial of Service Vulnerability
Denial of Service Vulnerability in ClamAV Software's OLE2 File Scanning Functionality
Denial of Service Vulnerability in ClamAV Prior to 0.101.2
Arbitrary Command Execution Vulnerability in Cisco NX-OS Software
Arbitrary Command Execution Vulnerability in Cisco NX-OS Software
Cross-Site Scripting (XSS) Vulnerability in Cisco Umbrella URL Block Page
Uncontrolled Search Path Vulnerability in Cisco Directory Connector
Arbitrary Command Execution Vulnerability in Cisco FXOS and NX-OS CLI
IAPP Message Handling Denial of Service Vulnerability in Cisco Wireless LAN Controller (WLC) Software
Cross-Site Request Forgery (CSRF) Vulnerability in Cisco Wireless LAN Controller (WLC) Software
Denial of Service Vulnerability in ClamAV Software's PE File Scanning Functionality
IAPP Message Handling Denial of Service Vulnerability in Cisco Wireless LAN Controller (WLC) Software
IAPP Message Handling Denial of Service Vulnerability in Cisco Wireless LAN Controller (WLC) Software
Cross-Site Scripting (XSS) Vulnerability in Cisco Firepower Management Center (FMC) Web Interface
Privilege Escalation Vulnerability in Cisco Nexus 9000 Series ACI Mode Switch Software
Default SSH Key Pair Vulnerability in Cisco Nexus 9000 Series ACI Mode Switch Software
Title: Unauthenticated Access Control Vulnerability in Cisco Wireless LAN Controller Software
Cisco Small Business Switches SNMP Input Packet Processor Denial of Service Vulnerability
Session Hijacking Vulnerability in Cisco Umbrella Dashboard
Image Signature Verification Bypass Vulnerability in Cisco NX-OS Software
Image Signature Verification Bypass Vulnerability in Cisco NX-OS Software
Vulnerability: Image Signature Verification Bypass in Cisco Nexus Switches
Vulnerability: Image Signature Verification Bypass in Cisco NX-OS Software
Vulnerability: Image Signature Verification Bypass in Cisco NX-OS Software
Vulnerability: Image Signature Verification Bypass in Cisco NX-OS Software
Memory Exhaustion DoS Vulnerability in Cisco Small Business 300 Series Managed Switches
Command Injection Vulnerability in Cisco Web Security Appliance (WSA) Log Subscription Subsystem
Cisco Web Security Appliance Web Proxy Denial of Service Vulnerability
Information Disclosure Vulnerability in Citrix ADC and Citrix Gateway
Use After Free Vulnerability in Real Time Engineers FreeRTOS+FAT 160919a
Ticket Listing Vulnerability in Open Ticket Request System (OTRS)
Improper Input Sanitization in Cisco Prime Infrastructure and Cisco EPN Manager Allows Unauthorized File Access
Endless Loop Vulnerability in OTRS Community Edition and OTRS
Bypassing Restricted Functionality in CloudVision Portal via CVP API Calls
Arbitrary Command Injection in Pacman's download_with_xfercommand() Function
Arbitrary Command Injection in Pacman's apply_deltas() Function
Remote Command Execution Vulnerability in Crestron DMC-STRO 1.0 Devices via Ping Function
Directory Traversal Vulnerability in Trend Micro OfficeScan Allows Remote Code Execution
Command Injection Vulnerability in Trend Micro Apex One Allows Remote Code Execution
Root User Authentication Bypass Vulnerability in Trend Micro Apex One, OfficeScan, and Worry-Free Business Security
Improper Input Sanitization in Cisco Prime Infrastructure and Cisco EPN Manager Allows Unauthorized File Access
Null Pointer Dereference Vulnerability in Trend Micro Security (Consumer) 2020 (v16.x)
Privilege Escalation Vulnerability in Trend Micro Deep Security as a Service Quick Setup Cloud Formation Template
Local Privilege Escalation in GNU Guix 1.0.1: Arbitrary User Account Access
Inadvertent Logging of Key Material in Unisys Stealth
Quarantine Flaw in TotalAV 2020 4.14.31 Allows Privilege Escalation via NTFS Directory Junction
Privilege Elevation Vulnerability in TerraMaster FS-210 4.0.19 Devices
DLL Side Loading Vulnerability in TeamViewer Windows Service
Memory Corruption Vulnerability in libxslt 1.1.33's xsltCopyText Function
Linux Kernel FIB6 Rule Suppression Memory Corruption Vulnerability
Vulnerability: Replay Attacks on Fujitsu Wireless Keyboard Set LX390 GK381 Devices
Improper Input Sanitization in Cisco Prime Infrastructure and Cisco EPN Manager Allows Unauthorized File Access
Vulnerability: Keystroke Injection Attacks on Fujitsu Wireless Keyboard Set LX390 GK381 Devices
Lack of Encryption in Fujitsu Wireless Keyboard Set LX390 GK381 Devices Allows Password Eavesdropping
Improper Access Control Allows Information Disclosure on WAGO Series PFC100 and PFC200 Devices
RICOH MP 501 Printer: HTML Injection and Stored XSS Vulnerabilities in Address Entry
Arbitrary Code Execution Vulnerability in Zucchetti InfoBusiness 4.4.1
Multiple Reflected Cross-site Scripting (XSS) Vulnerabilities in Zucchetti InfoBusiness 4.4.1 and Earlier
Arbitrary File Upload Vulnerability in Zucchetti InfoBusiness 4.4.1 and Earlier
Client-Side Code Injection in Zucchetti InfoBusiness Web Component
XSS Vulnerability in Etherpad-Lite 1.7.5 via Unencoded URL Path in templates/pad.html
Remote Code Execution Vulnerability in Cisco Prime Infrastructure and Cisco EPN Manager
Persistent XSS vulnerability in Moodle's /course/modedit.php allows authenticated users to inject JavaScript into the session of other users
Arbitrary Remote Code Execution in Orckestra C1 CMS through 6.6
Arbitrary File Write Vulnerability in XML Language Server
XML Language Server (lsp4xml) XXE Vulnerability with SSRF and SMB Connection Initiation
Denial of Service Vulnerability in Video_Converter App 0.1.0 for Nextcloud
DLL Preloading Vulnerability in Comodo Internet Security
Vulnerability: BIOS Configuration Vulnerability on ASUS ROG Zephyrus M GM501GS Laptops
Remote Denial-of-Service Vulnerability in ProFTPD Versions 1.3.6b and 1.3.7rc
Heap-based Buffer Overflow in cdf_read_property_info in file through 5.37
Cross-Site Scripting (XSS) Vulnerability in Sitemagic CMS 4.4.1
Remote Code Execution Vulnerability in Cisco Prime Infrastructure and Cisco EPN Manager
Cross-Site Request Forgery (CSRF) Vulnerability in Sitemagic CMS 4.4.1
Stored XSS Vulnerability in CoreHR Core Portal before 27.0.7
ECDSA Signature Vulnerability in Arm Mbed Crypto and Mbed TLS
Multiple Authenticated Stored XSS Vulnerabilities in ZOOM International Call Recording 6.3.1
Heap-based Buffer Overflow in idn2_to_ascii_4i in GNU libidn2
Authentication Bypass Vulnerability in Citrix Application Delivery Controller (ADC) and Gateway
Replay Attack Vulnerability in Honeywell equIP and Performance Series IP Cameras and Recorders
XXE Vulnerabilities in Advantech WISE-PaaS/RMM Versions 3.3.29 and Prior: Potential Data Disclosure
Honeywell equIP Series IP Cameras: Denial of Service Vulnerability
SQL Injection Vulnerabilities in Advantech WISE-PaaS/RMM Versions 3.3.29 and Prior
Remote Code Execution Vulnerability in Cisco Prime Infrastructure and Cisco EPN Manager
Unauthenticated Audio Streaming Vulnerability in Honeywell equIP and Performance Series IP Cameras
Clear Text Transmission of Logins and Passwords in Advantech Spectre RT ERT351 Versions 5.1.3 and Prior
Privilege Escalation and DLL Execution Vulnerability in SafeNet Sentinel LDK License Manager
Reflected XSS Vulnerability in Advantech Spectre RT Industrial Routers ERT351 5.1.3 and Prior
Critical SQL Injection Vulnerability in Equinox Control Expert All Versions
Insufficient Login Authentication Parameters in Advantech Spectre RT ERT351 Versions 5.1.3 and Prior
Buffer Overflow Vulnerabilities in PLC Editor Version 1.3.5_20190129
Unencrypted Storage of Sensitive Information in Moxa ioLogik 2500 Series Firmware and IOxpress Configuration Utility
Arbitrary SQL Query Execution Vulnerability in Cisco Prime Infrastructure and Cisco EPN Manager
Heap-based Buffer Overflow Vulnerabilities in Fuji Electric V-Server 4.0.6 and Prior
Weak SSH Ciphers Vulnerability in Philips IntelliBridge EC40 and EC80 Hubs
Web Server Failure Vulnerability in Moxa ioLogik 2500 Series Firmware
Privilege Escalation via Registry Modification in HMI/SCADA iFIX (Versions 6.1 and prior)
Local Information Disclosure Vulnerability in OSIsoft PI System
Vulnerability: Code Execution with Elevated Privileges in Reliable Controls LicenseManager
Lack of Mutual Authentication in BIOTRONIK CardioMessenger II
Denial of Service Vulnerability in Relion 650 and 670 Series
Clear-text Transmission of Credentials in BIOTRONIK CardioMessenger II
Command Execution Vulnerability in Reliable Controls MACH-ProWebCom/Sys
Arbitrary SQL Query Execution Vulnerability in Cisco Prime Infrastructure and Cisco EPN Manager
Authentication Bypass Vulnerability in ABB Power Generation Information Manager (PGIM) and Plant Connect
Obsolete Function Vulnerability in Omron CX-Supervisor with Teamviewer Version 5.0.8703 QS
Credential Reuse Vulnerability in BIOTRONIK CardioMessenger II
Directory Traversal Vulnerability in Relion 670 Series (versions 1p1r26, 1.2.3.17, 2.0.0.10, RES670 2.0.0.4, 2.1.0.1, and prior)
Unencrypted Data Disclosure Vulnerability in BIOTRONIK CardioMessenger II
Local Privilege Escalation in HMI/SCADA iFIX (Versions 6.1 and prior) through Section Object Manipulation
Vulnerability: Credential Exposure and Data Decryption in BIOTRONIK CardioMessenger II
Multiple Stack-Based Buffer Overflow Vulnerabilities in Advantech DiagAnywhere Server
Arbitrary Message Spoofing and Command Execution Vulnerability in Omron PLC CJ and CS Series
Cisco Aironet Series Access Points Denial of Service Vulnerability
Insufficient Authentication Rate Limiting in Omron PLC CS, CJ, and NJ Series
Weak Encryption Scheme in Philips Veradius Unity, Pulsera, and Endura Dual WAN Routers
Cross-Site Scripting (XSS) Vulnerability in Digital Alert Systems’ DASDEC Software
Arbitrary JavaScript Injection and Stored Cross-Site Scripting Vulnerability in GE S2020/S2020G Fast Switch 61850
Unrestricted Externally Accessible Lock Vulnerability in Omron's CS and CJ Series PLCs
Reflected Cross-Site Scripting Vulnerability in Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers
Cross-Site Request Forgery Vulnerability in OSIsoft PI Vision Administration Site
Cross-Site Scripting Vulnerability in OSIsoft PI Vision
Improper Access Control in OSIsoft PI Vision
Privilege Escalation Vulnerability in GNU Bash
HTTP Request Smuggling Vulnerability in HAProxy
Code Execution Vulnerability in VideoLAN VLC Media Player 3.0.8 with libqt on Windows
Privilege Escalation Vulnerability in Phoenix SCT WinFlash
Weak Encryption Algorithm Vulnerability in Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers
Cross Site Request Forgery (CSRF) Vulnerability in Sourcecodester Online Grading System 1.0
Denial of Service Vulnerability in Qt qtbase 5.11.x and 5.12.x
Device Tracking Vulnerability in Linux Kernel 4.3 through 5.x
Unauthenticated Remote Code Execution in SPPA-T3000 Application Server
Unauthenticated Access to AdminService in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2)
Unencrypted RMI Communication in SPPA-T3000 Application Server
SPPA-T3000 Application Server Directory Listing and Sensitive Information Exposure Vulnerability
Directory Listing and Sensitive Information Exposure in SPPA-T3000 Application Server
Remote Code Execution via Unsecured File Upload in SPPA-T3000 Application Server
SPPA-T3000 MS3000 Migration Server Denial-of-Service and Remote Code Execution Vulnerability
Vulnerability: Unauthorized Access to Cisco Aironet Series Access Points via CLI
SPPA-T3000 MS3000 Migration Server Denial-of-Service Vulnerability
Denial-of-Service Vulnerability in SPPA-T3000 MS3000 Migration Server
Denial-of-Service Vulnerability in SPPA-T3000 MS3000 Migration Server
SPPA-T3000 MS3000 Migration Server Denial-of-Service and Remote Code Execution Vulnerability
Title: SPPA-T3000 MS3000 Migration Server Denial-of-Service Vulnerability
SPPA-T3000 MS3000 Migration Server Denial-of-Service and Remote Code Execution Vulnerability
Title: SPPA-T3000 MS3000 Migration Server Denial-of-Service and Remote Code Execution Vulnerability
Local Privilege Escalation Vulnerability in SPPA-T3000 MS3000 Migration Server
Denial-of-Service Vulnerability in SPPA-T3000 MS3000 Migration Server
Denial-of-Service Vulnerability in SPPA-T3000 MS3000 Migration Server
Authenticated Remote DoS Vulnerability in Cisco Wireless LAN Controller (WLC) LSC Management
Denial-of-Service Vulnerability in SPPA-T3000 MS3000 Migration Server
SPPA-T3000 MS3000 Migration Server Denial-of-Service Vulnerability
SPPA-T3000 MS3000 Migration Server Denial-of-Service Vulnerability
SPPA-T3000 MS3000 Migration Server Denial-of-Service Vulnerability
SPPA-T3000 MS3000 Migration Server Denial-of-Service Vulnerability
Denial-of-Service Vulnerability in SPPA-T3000 MS3000 Migration Server
Denial-of-Service Vulnerability in SPPA-T3000 MS3000 Migration Server
Denial-of-Service Vulnerability in SPPA-T3000 MS3000 Migration Server
Local Privilege Escalation Vulnerability in SPPA-T3000 MS3000 Migration Server
Local Privilege Escalation Vulnerability in SPPA-T3000 MS3000 Migration Server
Bypassing Content Filters in Cisco Email Security Appliance
Denial-of-Service Vulnerability in SPPA-T3000 MS3000 Migration Server
Denial-of-Service Vulnerability in SPPA-T3000 MS3000 Migration Server
SPPA-T3000 MS3000 Migration Server Network Enumeration Vulnerability
Remote Code Execution Vulnerability in SPPA-T3000 MS3000 Migration Server
Remote Code Execution Vulnerability in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2)
Remote Code Execution Vulnerability in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2)
Remote Code Execution Vulnerability in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2)
Denial-of-Service Vulnerability in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2)
SPPA-T3000 Application Server Denial-of-Service Vulnerability
Denial-of-Service Vulnerability in SPPA-T3000 Application Server
Cisco Firepower Threat Defense (FTD) Software ICMP Packet Bypass Vulnerability
Arbitrary File Upload Vulnerability in SPPA-T3000 Application Server
Arbitrary File Read/Write Vulnerability in SPPA-T3000 MS3000 Migration Server
Arbitrary File Read/Write Vulnerability in SPPA-T3000 MS3000 Migration Server
SPPA-T3000 MS3000 Migration Server Denial-of-Service and Remote Code Execution Vulnerability
Denial-of-Service and Remote Code Execution Vulnerability in SPPA-T3000 MS3000 Migration Server
Vulnerability in SPPA-T3000 MS3000 Migration Server Allows Remote Code Execution and Denial-of-Service
SPPA-T3000 MS3000 Migration Server Denial-of-Service and Remote Code Execution Vulnerability
Denial-of-Service and Remote Code Execution Vulnerability in SPPA-T3000 MS3000 Migration Server
Denial-of-Service and Remote Code Execution Vulnerability in SPPA-T3000 MS3000 Migration Server
Denial-of-Service and Remote Code Execution Vulnerability in SPPA-T3000 MS3000 Migration Server
Vulnerability: Bypassing Configured Policies in Cisco Firepower Threat Defense (FTD) Software
SPPA-T3000 MS3000 Migration Server Denial-of-Service and Remote Code Execution Vulnerability
Path Disclosure Vulnerability in SPPA-T3000 Application Server
Directory Listing Vulnerability in SPPA-T3000 Application Server
SPPA-T3000 Application Server Filename Disclosure Vulnerability
User Enumeration Vulnerability in SPPA-T3000 Application Server
SPPA-T3000 Application Server Vulnerability: Unauthorized Access to Logs and Configuration Files
Vulnerability in SIMATIC S7-300 CPU Family and Other Siemens Devices
Authentication Bypass Vulnerability in Control Center Server (CCS)
Directory Traversal Vulnerability in Control Center Server (CCS)
Authentication Bypass Vulnerability in SiNVR/SiVMS Video Server
Vulnerability in Cisco Aironet Series Access Points Allows DoS Attack via Malformed Wireless Packets
Weak Cryptography Vulnerability in Control Center Server and SiNVR/SiVMS Video Server
Authentication Bypass Vulnerability in Control Center Server (CCS)
Unrestricted File Access and Resource Exploitation in Control Center Server (CCS)
Unauthenticated SQL Injection Vulnerability in Sourcecodester Online Grading System 1.0
Reflected XSS Vulnerability in DAViCal through 1.1.8
CSRF Vulnerability in DAViCal through 1.1.8 Allows Unauthorized Actions
Stored XSS Vulnerability in DAViCal 1.1.8: Unsanitized User Input Execution
CRLF Injection Vulnerability in urllib2 and urllib
Privilege Escalation Vulnerability in HotkeyP (CVE-2021-XXXX)
Directory Traversal Vulnerability in Cisco Aironet Access Points (APs)
Reflected XSS Vulnerability in Ant Design Pro 4.0.0 Login Redirect
Improper Access Control in PHOENIX CONTACT FL NAT Devices with MAC-based Port Security
Legacy Web Launcher in Thycotic Secret Server before 10.7 is vulnerable to SSRF issue
Cross-Site Scripting (XSS) Vulnerability in Thycotic Secret Server before 10.7 (Issue 1 of 2)
Cross-Site Scripting (XSS) Vulnerability in Thycotic Secret Server before 10.7 (Issue 2 of 2)
Buffer Over-read Vulnerability in MP3Gain 1.6.2 Leads to Remote Denial of Service
Vulnerability: Symbolic Link Overwrite in Cisco Nexus 9000 Series Fabric Switches
Username Enumeration Vulnerability in JetBrains Hub
Local Privilege Escalation in JetBrains IntelliJ IDEA before 2019.2
Network Port Exposure in JetBrains MPS before 2019.2.2
Access to History of Deleted Build Configurations in JetBrains TeamCity (CVE-2019-12345)
Remote Code Execution Vulnerability in JetBrains TeamCity before 2019.1.4 through Insecure Java Deserialization
Reverse Tabnabbing Vulnerability in JetBrains TeamCity
Exposure of Secure Values in JetBrains TeamCity
Unauthorized Non-Destructive Operation in JetBrains TeamCity
Privilege Escalation Vulnerability in JetBrains Toolbox App for Windows
Unauthorized Removal of Tags in JetBrains YouTrack
Cisco Unified Communications Manager (Unified CM) User Data Services (UDS) API Denial of Service Vulnerability
Command Injection Vulnerability in Xiaomi Mi WiFi R3G Devices
Directory Traversal Vulnerability in Xiaomi Mi WiFi R3G Devices
Privilege Escalation Vulnerability in Symantec Endpoint Protection
Norton App Lock Vulnerability: Bypass Exploit Allows Unauthorized Access
Authentication Bypass Vulnerability in Symantec Critical System Protection (CSP) 8.0, 8.0 HF1 & 8.0 MP1
Session Hijacking Vulnerability in ASG and ProxySG Management Consoles
CSRF Token Disclosure Vulnerability in Management Center (MC)
Privilege Escalation Vulnerability in Symantec Messaging Gateway (prior to 10.7.3)
Cross-Site Scripting (XSS) Vulnerability in Symantec Messaging Gateway
Server-side Request Forgery (SSRF) Vulnerability in Symantec Messaging Gateway
Cisco APIC Web-Based Management Interface Cross-Site Scripting Vulnerability
Unauthorized Access Vulnerability in Symantec Industrial Control System Protection (ICSP) 6.x.x
Cross-Origin Resource Sharing (CORS) Vulnerability in Norton Password Manager
Denial of Service Vulnerability on AVStar PE204 IP Camera Devices
Unauthorized Remote Download of Backup Files on TerraMaster FS-210 4.0.19 Devices
Unauthorized Access to Shared Files on TerraMaster FS-210 4.0.19 Devices
Unauthenticated Log File Download Vulnerability in TerraMaster FS-210 4.0.19
Vulnerability in Unisys ClearPath Forward Libra and ClearPath MCP Software Series: Crafted Message Payloads Impact Systems Management Communication Channel
Unauthenticated SQL Injection in Sourcecodester Hotel and Lodge Management System 1.0
NULL Pointer Dereference Vulnerability in virglrenderer
Heap-based Buffer Overflow in vrend_renderer_transfer_write_iov Function in virglrenderer
Root Privilege Escalation Vulnerability in Cisco Remote PHY Device Software
Denial of Service Vulnerability in vrend_blit_need_swizzle Function
Heap-based Buffer Overflow in vrend_renderer_transfer_write_iov Function in virglrenderer
Directory Traversal Vulnerability in PluginServlet.java
Arbitrary HTTP GET Request Vulnerability in Ignite Realtime Openfire
Command Injection Vulnerability in Oi Third-Party Firmware for Technicolor TD5130v2 Devices
Buffer Overflow in fribidi_get_par_embedding_levels_ex() Function in GNU FriBidi through 1.0.7
Cisco Prime Network Registrar DHCPv6 Input Packet Processor Denial of Service Vulnerability
Use-after-free vulnerability in libarchive's RAR format reader
Local Privilege Escalation Vulnerability in ruby_parser-legacy Gem 1.0.0
Cisco DNA Center Software Image Management Feature Vulnerability
CSRF Vulnerability in Zoho ManageEngine ADSelfService Plus 5.x through 5803
XXE Vulnerability in JetBrains IDETalk Plugin
Bypassing Input Validation in TypeStack class-validator 0.10.2
Cross Site Request Forgery (CSRF) Vulnerability in Sourcecodester Restaurant Management System 1.0
Cross-Site Scripting (XSS) Vulnerability in Sourcecodester Restaurant Management System 1.0
Cross-Site Scripting (XSS) Vulnerability in Sourcecodester Restaurant Management System 1.0
Arbitrary File Upload Vulnerability in Sourcecodester Restaurant Management System 1.0
Unauthenticated Remote Access to ClonOS WEB Control Panel via Change Password Requests
ClonOS WEB Control Panel 19.09 - Cross-Site Scripting (XSS) Vulnerability in index.php
Cisco IOS XR Software SSH Authentication Function Vulnerability
Denial of Service Vulnerability in Xen through 4.12.x via VCPUOP_initialise Hypercall
Race Conditions in Pagetable Promotion and Demotion Operations in Xen
ARM Guest OS Privilege Escalation and Denial of Service Vulnerability in Xen
Denial of Service Vulnerability in Xen for ARM Systems via XENMEM_add_to_physmap Hypercall
Privilege Escalation via DMA in Xen with PCI Pass-Through
Privilege Escalation in Xen for 32-bit PV Guest OS
WhatsApp Desktop and iPhone Pairing Vulnerability: Cross-Site Scripting and Local File Reading
Denial of Service Vulnerability in Cisco RV Series Routers
Bypassing Attachment Filtering in Cisco Email Security Appliance
Insecure Permissions Vulnerability in GitLab Community and Enterprise Edition 8.15 through 12.4
Insecure Permissions Vulnerability in GitLab Community and Enterprise Edition
Incorrect Access Control Vulnerability in GitLab Community and Enterprise Edition before 12.4
Insecure Permissions in GitLab Autocomplete Feature
Denial of Service Vulnerability in Cisco Unified Communications Manager IM and Presence Service
Insecure Permissions Vulnerability in GitLab Project Labels Feature
Open Redirect Vulnerability in GitLab Community and Enterprise Edition 10.7.4 through 12.4
Insecure Permissions Vulnerability in GitLab Community and Enterprise Edition
Insecure Permissions Vulnerability in GitLab's Email Comment Feature
XSS Vulnerability in GitLab's RDoc Wiki Pages Link Validation
Infinite Loop Vulnerability in GitLab Community and Enterprise Edition 11 through 12.4
Insecure Permissions in GitLab's Elasticsearch Integration Search Feature
Insecure Permissions Vulnerability in GitLab Community and Enterprise Edition 11.8 through 12.4
Insecure Permissions Vulnerability in GitLab Community and Enterprise Edition (Issue 2/4)
Insecure Permissions in GitLab Protected Environments
Cisco ASR 9000 Series MPLS OAM Denial of Service Vulnerability
Incorrect Access Control in GitLab Comments Search with Elasticsearch Integration
Incorrect Access Control in GitLab Community and Enterprise Edition 11.3 through 12.3 when adding a sub group epic to a public group
Insecure Permissions Vulnerability in GitLab Community and Enterprise Edition 11.3 through 12.4
Insecure Permissions Vulnerability in GitLab Community and Enterprise Edition (Issue 4/4)
SQL Injection Vulnerabilities in MOVEit Transfer REST API
Unauthorized Access via SSH (SFTP) Interface in MOVEit Transfer 11.1
Symlink Resolution Vulnerability in Podman
Unauthenticated Access to Critical Internal Services in Cisco DNA Center
Cisco IOS XR Software BGP EVPN Denial of Service Vulnerability
Arbitrary Command Injection Vulnerability in Cisco IMC Software
Arbitrary Certificate Generation Vulnerability in Cisco ISE's ERS API
Cross-Site Scripting (XSS) Vulnerability in Cisco Prime Network Registrar Web Interface
Improper Bounds Checks in Cisco AnyConnect Secure Mobility Client for Linux Allow Remote Information Disclosure
Directory Traversal Vulnerability in Cisco Expressway Series Web Interface
Title: Cisco Jabber for Windows DLL Preloading Vulnerability
Cross-Site Scripting (XSS) Vulnerability in Cisco Prime Collaboration Assurance (PCA) Web Interface
Race Condition Vulnerability in Bromium Client Version 4.0.3.2060 and Prior to 4.1.7 Update 1
Local Privilege Escalation Vulnerability in Avira Free Antivirus 15.0.1907.1514
Cross-Site Request Forgery (CSRF) Vulnerability in Cisco HyperFlex HX-Series Web Management Interface
Reflected Cross-Site Scripting Vulnerability in RSA Identity Governance and Lifecycle and RSA Via Lifecycle and Governance Products
Improper Authentication in RSA Identity Governance and Lifecycle and RSA Via Lifecycle and Governance Products
Session Fixation Vulnerability in RSA Identity Governance and Lifecycle and RSA Via Lifecycle and Governance Products
Stored Cross-Site Scripting Vulnerability in RSA Authentication Manager Security Console
Uncontrolled Search Path Vulnerability in Dell Command Configure
Information Disclosure Vulnerability in Dell EMC XtremIO XMS Versions Prior to 6.3.0
Incorrect Permission Assignment Vulnerability in Dell EMC XtremIO XMS Versions Prior to 6.3.0
Stored Cross-Site Scripting Vulnerability in Dell EMC XtremIO XMS Versions Prior to 6.3.0
BIOS Configuration Vulnerability Allows DMA Attack on Dell XPS 13 2-in-1 (7390)
Memory Leak Vulnerability in Cisco FXOS and NX-OS SNMP Packet Processor
Dell EMC Storage Monitoring and Reporting 4.3.1 - Java RMI Deserialization of Untrusted Data Vulnerability
Dell EMC Data Protection Advisor REST API Server Authorization Bypass Vulnerability
Server-side Template Injection Vulnerability in Dell EMC Data Protection Advisor
Cross-Site Scripting (XSS) Vulnerability in Dell EMC Unisphere for PowerMax and PowerMax OS
Vulnerability: Bypassing Client-Side Certificate Authentication in Cisco Small Business Switches SSH
Unauthenticated Remote Code Execution in Cisco Unified Intelligence Center Dashboard Gadget Rendering
OpenAFS Denial of Service Vulnerability in VOTE_Debug RPC Handler
Uninitialized Scalar Information Disclosure Vulnerability in OpenAFS
Information Leakage in OpenAFS before 1.6.24 and 1.8.x before 1.8.5 due to Uninitialized RPC Output Variables
sprintf Mishandling Vulnerability in axohelp.c
Unauthorized Order-Information Modification in Cezerin v0.33.0
Integer Overflow and Heap Memory Corruption in amqp_handle_input
Arbitrary Code Execution Vulnerability in Cisco Industrial Network Director
Arbitrary Command Execution via Originate AMI Request in Sangoma Asterisk
Sensitive Information Exposure in CheckUser Extension for MediaWiki
Vulnerability: Disclosure of Hidden AbuseFilter Filters in MediaWiki
Buffer Overflow Vulnerability in Cypress CYW20735 Evaluation Board
User Password Exposure in CloudVision Portal (CVP) Application Logs
Firmware Vulnerability: Unauthorized Data Access in Synaptics VFS75xx Fingerprint Sensors
Arbitrary Code Execution Vulnerability in Synaptics WBF Drivers
Command Execution Vulnerability in Cisco IOS XE Software Web UI
SQL Injection Vulnerability in phpMyAdmin Designer Feature
Privilege Escalation Vulnerability in EnergyCAP 7 through 7.5.6
Vulnerability in Opera Mini for Android Allows Bypassing of .apk File Restrictions via RTLO Approach
TCP Session Bypass/Evasion Vulnerability in Suricata 5.0.0
Harris Ormed Self Service Information Disclosure Vulnerability
Vulnerability: Data Encryption Bypass in Xerox AltaLink and C80xx Multifunction Printers
Unwanted Binary Execution Vulnerability in Xerox AltaLink and C80xx Multifunction Printers
Unauthorized Configuration Changes in Cisco IMC Software
Unencrypted Executable Code Vulnerability on Xerox AltaLink and C80xx Multifunction Printers
Unspecified Exception Handling Vulnerability in Centrify Authentication and Privilege Elevation Services
Certificate Faking Vulnerability in European Commission eIDAS-Node Integration Package before 2.3.1
Missing Certificate Validation in European Commission eIDAS-Node Integration Package before 2.3.1
Stack-based Buffer Overflow in Sudo with pwfeedback Enabled
NULL Pointer Dereference in MPDevice_win.cpp
Arbitrary Web Script Injection Vulnerability in Jitbit .NET Forum 8.3.8
Arbitrary Command Injection Vulnerability in Cisco IMC Software
Improper Access Control in Rock RMS before 1.8.6
Account Takeover Vulnerability in Rock RMS Version Before 8.6
File Upload Bypass Vulnerability in Rock RMS Versions 8.10 and 9.0-9.3
Vulnerability: TOCTOU Bug in Total Defense Anti-virus 11.5.2.28 Allows Symbolic Link Attacks for Privileged File Deletion
Vulnerability: Symbolic Link Attack in Total Defense Anti-virus 11.5.2.28 Quarantine Restoration Function
Authenticated Inline-Query SQL Injection Vulnerability in Untangle NG Firewall 14.2.0
Authenticated Command Injection Vulnerability in Untangle NG Firewall 14.2.0
Reflected XSS Vulnerability in Untangle NG Firewall 14.2.0
Stored XSS Vulnerability in Untangle NG Firewall 14.2.0 Title Input Field
Arbitrary Command Injection Vulnerability in Cisco Integrated Management Controller (IMC) Software
CSRF Vulnerability in Joomla! com_template
CSRF Vulnerability in 3xLogic Infinias Access Control Allows Unauthorized Actions
DOM Based XSS Vulnerability in WatchGuard XMT515 through 12.1.3
Cross Site Scripting (XSS) Vulnerability in Avast AntiVirus Network Notification Popup
Cross Site Scripting (XSS) Vulnerability in AVG AntiVirus Network Notification Popup
File Sharing Wizard v1.5.0: Remote Command Execution via Structured Exception Handler Buffer Overflow
XSS Vulnerability in Pimcore 6.2.3 Translations Grid
HTTP Header Injection in ClickHouse via url table function
Helm 2.x Directory Loading and Packaging Vulnerability
Vulnerability: Presidential Alert Spoofing in Wireless Emergency Alerts (WEA) Protocol
Improper Validation of Host Header Values in Cisco Webex Business Suite
Information Exposure Vulnerability in Linux Kernel on PowerPC CPUs (CID-39e72bf96f58)
Partial Authentication Bypass in Fastweb FASTGate 1.0.1b Devices
SQL Injection Vulnerability in YouPHPTube Live Chat Plugin
SQL Injection Vulnerability in ARP-GUARD 4.0.0-5 Login Forgot1 POST Request
Cross-Site Scripting (XSS) Vulnerability in SECUDOS DOMOS Log Module
Local File Inclusion Vulnerability in SECUDOS DOMOS before 5.6
Undocumented Telnet Service Activation Vulnerability on D-Link DAP-1360 Revision F Devices
Cross-Site Scripting (XSS) Vulnerability in freeradius_view_config.php
Currency Switcher Addon for WooCommerce Vulnerability: Price Manipulation through Nonexistent Currency
Authentication Bypass Vulnerability in Cisco Elastic Services Controller REST API
DLL Hijacking Vulnerability in Acer Quick Access Service
Out-of-Bounds Write Vulnerability in ShapeShift KeepKey Hardware Wallet Firmware 6.2.2
Vulnerability: Insufficient Checks in ShapeShift KeepKey Hardware Wallet's Finite State Machine
Side Channel Vulnerability: Power Consumption Analysis of SHIFT BitBox02's Row-Based OLED Display
Path Disclosure Vulnerability in Joomla! before 3.9.13
Integer Overflow in cpia2_remap_buffer in Linux Kernel 5.3.13: Privilege Escalation Vulnerability
Heap-based Buffer Overflow in Squid Proxy Server
Improper Traffic Redirection Vulnerability in Squid 3.x and 4.x
HTTP Request Smuggling Vulnerability in Squid Proxy Server
Information Disclosure Vulnerability in Squid HTTP Digest Authentication
Improper Access Control in Cisco Webex Meetings Server Allows Unauthorized Access to Sensitive System Information
NULL Pointer Dereference in rds_tcp_kill_sock() in Linux Kernel 4.4.x
Race conditions and use-after-free vulnerability in vivid driver
Race condition vulnerability in Sudo allows local users to escalate to root
Denial of Service Vulnerability in Cisco StarOS Operating System
Cross-Site Scripting (XSS) Vulnerability in Cisco ECE Center Web Interface
Buffer Overflow Vulnerability in Cisco IMC Import Configuration Utility
Arbitrary Network Request Vulnerability in Cisco TelePresence Video Communication Server (VCS) and Cisco Expressway Series Software
Vulnerability: Remote Reboot Exploit in Cisco ASA and FTD Software
Cross-Site Request Forgery Vulnerability in Cisco Prime Service Catalog Software
Cross-Site Scripting (XSS) Vulnerability in Cisco Prime Service Catalog Web Interface
Insufficient Authentication in Cisco WAAS Software Allows Unauthorized HTTPS Proxy Access
Unauthenticated File Download Vulnerability in Cisco Enterprise Chat and Email API
Arbitrary Command Injection Vulnerability in Cisco TelePresence Codec and Collaboration Endpoint Software
Arbitrary Command Injection Vulnerability in Veritas InfoScale Cluster Server
Open Redirect Vulnerability in Zoho ManageEngine ADSelfService Plus 5.x before 5809
Inadequate .htaccess Protection in SuiteCRM 7.10.x and 7.11.x
SQL Injection Vulnerability in SuiteCRM 7.10.x and 7.11.x
API Access Token and Credential Mishandling in SuiteCRM 7.10.x and 7.11.x
Uninitialized Memory Disclosure in rcar_drif_g_fmt_sdr_cap in Linux Kernel through 5.3.8
Arbitrary Command Injection Vulnerability in Cisco Integrated Management Controller (IMC) CLI
SIP Peer IP Address Hijacking Vulnerability
Stored XSS Vulnerability in Lexmark Printers' Embedded Web Server
TCP Segment Overlapping Vulnerability in Suricata 5.0.0
Cross-Site Scripting (XSS) Vulnerability in Parallels Plesk Panel 9.5 via fileName Parameter
BASS Audio Library 2.4.14 Windows Use after Free Vulnerability via Crafted .ogg File
BASS Audio Library 2.4.14 Windows WAV File Out of Bounds Read Vulnerability
BASS Audio Library 2.4.14 Windows Denial of Service Vulnerability via Crafted .mp3 File
Uncontrolled Recursion Vulnerability in LibSass 3.6.1
Heap-Based Buffer Over-Read Vulnerability in LibSass before 3.6.3
NULL Pointer Dereference in LibSass: parseCompoundSelector in parser_selectors.cpp
Vulnerability: Compromised BIOS Firmware Installation in Cisco UCS C-Series Rack Servers
Viber Account Hijacking via Unencrypted Traffic and UDID Manipulation
HTTP/2 Heap Corruption Vulnerability in Envoy 1.12.0
Whitespace Bypass Vulnerability in Envoy 1.12.0
NULL Pointer Dereference in DJVU::filter_fv at IW44EncodeCodec.cpp
Signed Integer Overflow in tcp_ack_update_rtt() in Linux Kernel
Memory Leak Vulnerability in ql_alloc_large_buffers() Function in Linux Kernel
Memory leaks in sja1105_static_config_upload() function in Linux kernel before 5.3.5
Memory Leak Vulnerability in ccp_run_sha_cmd() Function in Linux Kernel
Memory Leak Vulnerability in af9005_identify_state() Function in Linux Kernel
Cisco Industrial Network Director (IND) Cross-Site Request Forgery (CSRF) Vulnerability
Memory Leak in Linux Kernel's komeda_wb_connector_add() Function
Memory Leak in sof_set_get_large_ctrl_data() Function in Linux Kernel (CVE-2020-XXXX)
Memory Leak Vulnerability in sof_dfsentry_write() Function in Linux Kernel (CVE-2020-12345)
Memory Leak in dwc3_pci_probe() Function in Linux Kernel (CVE-2020-12345)
Use-after-free vulnerability in aa_audit_rule_init() in Linux kernel through 5.3.9
Open Redirection Vulnerability in PopojiCMS 2.0.1
Stored XSS Vulnerability in po-admin/route.php?mod=post&act=edit in PopojiCMS 2.0.1
Denial of Service Vulnerability in Istio 1.3.x (CVE-2019-18836)
Password Reset Vulnerability in Strapi Versions Before 3.0.0-beta.17.5
Eximious Logo Designer 3.82 User Mode Write AV Vulnerability
Stored Cross-Site Scripting (XSS) Vulnerability in Cisco Industrial Network Director
Heap Corruption Vulnerability in Eximious Logo Designer 3.82
Eximious Logo Designer 3.82 User Mode Write AV Vulnerability
Privilege Escalation Vulnerability in ZOOM Call Recording 6.3.1 via callrec-rs@.service
Incorrect Access Control in HTCondor: Impersonation of Users in condor_schedd
Missing Integrity Check in Barco ClickShare Button Devices
Insecure Credentials Management in Barco ClickShare Huddle CS-100 and CSE-200 Devices
Improper Certificate Chain Validation in Barco ClickShare Button Devices
JTAG Access Vulnerability on Barco ClickShare Button Devices
Weak Root Password Vulnerability in Barco ClickShare Button Devices
Missing Integrity Check in Barco ClickShare Button R9861500D01 Devices
Command Injection Vulnerability in Cisco IMC CLI
Barco ClickShare Button R9861500D01 Devices OS Command Injection Vulnerability
Information Exposure in Barco ClickShare Button Firmware
Insecure Credentials Management in Barco ClickShare Button R9861500D01 Devices
ClickShare Button R9861500D01 devices before 1.9.0 vulnerable to Man-in-the-Middle attack for encryption key retrieval
Persistent XSS in WooCommerce Subscriptions Plugin Allows Remote Code Execution
Improper Signature Handling in Matrix Synapse Federation APIs
Remote Denial of Service Vulnerability in Envoy 1.12.0 due to Resource Loops
Symlink Traversal Vulnerability in crun
NULL Pointer Dereference in Envoy 1.12.0 due to Malformed HTTP Request Handling
Stored XSS and Remote Code Execution in FUDForum 3.0.9 via nlogin Parameter
Cisco Web Security Appliance (WSA) Web Proxy Denial of Service Vulnerability
Heap-based Buffer Overflow and Invalid Free in ASN.1 Certificate Parsing of wolfSSL 4.1.0 - 4.2.0c
Prototype Pollution Vulnerability in Chartkick.js
Cross-Site Scripting (XSS) Vulnerability in Jinan USR IOT USR-WIFI232-S/T/G2/H Low Power WiFi Module Allows Credential Leakage
Denial of Service Vulnerability in ACRN Device Model
Arbitrary Memory Access Vulnerability in Patriot Viper RGB Drivers
SSRF Vulnerability in OX App Suite through 7.10.2
Critical Remote Code Execution Vulnerability in Enterprise Access Client Auto-Updater (Versions Prior to 2.0.1)
Insufficient Element Count in JSON-JWT Gem for Ruby (CVE-2021-2345)
Heap-based Buffer Over-read Vulnerability in TNEF before 1.4.18
Redfish Protocol Command Injection Vulnerability in Cisco IMC
Vulnerability: Fingerprinting and Predictable Responses in TrevorC2 v1.1/v1.2
Hardcoded Alphanetworks User Account Vulnerability in D-Link Devices
Denial of Service Vulnerability in ImageMagick's SVG Parsing
Unlimited Recursion Denial of Service Vulnerability in safe-svg WordPress Plugin
Denial of Service Vulnerability in safe-svg WordPress Plugin
Denial of Service Vulnerability in SVG Sanitizer Module for Drupal
Improper Handling of Script and Data Values in Attributes in darylldoyle svg-sanitizer before 0.12.0
Buffer Overflow Vulnerability in CODESYS 3 Web Server
Cross-Site Scripting (XSS) Vulnerability in Digi AnywhereUSB 14 via Digi Page Link
Cisco Web Security Appliance (WSA) HTTPS Decryption DoS Vulnerability
HTML Injection Vulnerability in Squid's cachemgr.cgi
Local Privilege Escalation in GNU Mailutils URL Mode
Mitel 6800 and 6900 SIP Series Phones: SRTP 128-bit Key Length Vulnerability
Unauthenticated Information Disclosure in Blaauw Remote Kiln Control v3.00r4
Error Message Discrepancies in Blaauw Remote Kiln Control v3.00r4: Username Enumeration Vulnerability
Unauthenticated SQL Injection in Blaauw Remote Kiln Control v3.00r4
Vulnerability: Directory Enumeration in Blaauw Remote Kiln Control v3.00r4
Blaauw Remote Kiln Control v3.00r4: Unauthenticated Access to Cleartext MySQL Credentials
Arbitrary PHP Code Execution Vulnerability in Blaauw Remote Kiln Control v3.00r4
Cisco Unified Communications Manager SIP Protocol Implementation Denial of Service Vulnerability
Arbitrary File Download Vulnerability in Blaauw Remote Kiln Control v3.00r4
Arbitrary File Upload and Remote Code Execution Vulnerability in Blaauw Remote Kiln Control v3.00r4
Weak Password Requirements in Blaauw Remote Kiln Control v3.00r4
Stored XSS and Remote Code Execution in FUDForum 3.0.9 via User-Agent HTTP Header
Double Free Vulnerability in psutil (aka python-psutil) through 5.6.5
Arbitrary File Upload and Command Execution Vulnerability in Cisco Unified Contact Center Express Administration Web Interface
Unauthenticated Reflected XSS Vulnerability in WSO2 IS Key Manager 5.7.0 Dashboard User Profile
Stored XSS in WSO2 IS Key Manager 5.7.0 via mishandling of Content-Type in download-userinfo.jag
Cross-Site Scripting (XSS) Vulnerability in Lavalite CMS 5.7 via Admin/Profile Name or Designation Field
CSRF Vulnerability in RISE Ultimate Project Manager 2.3 Allows Unauthorized User Addition
NULL pointer dereference vulnerability in btrfs_verify_dev_extents in Linux kernel before 5.1
User Enumeration Vulnerability in Symfony Security
Timing Attack Vulnerability in Symfony's UriSigner
Arbitrary Command Execution via Unvalidated MIME Type Validation in Symfony
Remote Code Injection Vulnerability in Symfony Cache Adapter Interfaces
Privilege Escalation Vulnerability in Cisco APIC Software REST API
Redmine SQL Injection Vulnerability
Cross-Site Scripting (XSS) Vulnerability in Avast and AVG Secure Browsers' Video Downloader Component
Arbitrary OS Command Execution Vulnerability in Avast Premium Security 19.8.2393
Insecure Permissions in Scanguard Installation Directory: Privilege Escalation Vulnerability
Privilege Escalation via Symlink Following in SUSE Linux Enterprise Server and openSUSE Factory
Privilege Escalation via Symlink Following in trousers package of SUSE Linux Enterprise Server 15 SP1 and openSUSE Factory
Privilege Escalation Vulnerability in apt-cacher-ng on openSUSE Leap 15.1
Vulnerability: Unauthorized Server Connection in Cisco Nexus 9000 Series ACI Mode Switch Software
Incorrect Default Permissions vulnerability in libzypp of SUSE CaaS Platform 3.0, SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 15
Local Privilege Escalation via Symlink Following in mariadb packaging of SUSE Linux Enterprise Server 12 and 15
Use After Free Vulnerability in Wicked of SUSE Linux Enterprise Server and openSUSE Leap
Use After Free Vulnerability in Wicked of SUSE Linux Enterprise Server and openSUSE Leap
Uncontrolled Resource Consumption Vulnerability in rmt of SUSE Linux Enterprise and openSUSE Leap 15.1
Insufficient Verification of Data Authenticity in autoyast2 of SUSE Linux Enterprise Server 12 and 15
Improper Authentication in cryptctl: Bypassing Hashed Passwords
Command Injection Vulnerability in HP ThinPro VPN Software
Cisco Small Business Managed Switches Web Interface Denial of Service Vulnerability
Command Injection Vulnerability in Citrix Receiver Wrapper Function
Security Vulnerability in HP Printers and MFPs with Troy Solutions: FutureSmart Firmware Bundle Version 4.9 or 4.9.0.1
Pre-Boot DMA Vulnerability: Unauthorized UEFI Code Execution via Open-Case Attacks
HP Printer and MFP Vulnerability: Cross-Site Scripting via Malicious Links
Arbitrary Code Execution Vulnerability in HP System Event Utility
Unauthorized Elevation of Privilege Vulnerability in HP LaserJet Solution Software
Account Lockout Bypass Vulnerability Discovered in HP Printers and All-in-Ones
Memory Corruption Vulnerability in Cisco Small Business Managed Switches
Directory Traversal Vulnerability in Allied Telesis AT-GS950/8 Web Interface
Arbitrary Content Serving Vulnerability in go-camo before 2.1.1
Directory Traversal Vulnerability in Systematic IRIS WebForms 5.4
Unauthenticated Access to Systematic IRIS WebForms 5.4
Unauthenticated Reflected Cross Site Scripting (XSS) in Systematic IRIS Standards Management (ISM) v2.1 SP1 89
HTTP Request Privilege Escalation in Cyrus IMAP 2.5.x and 3.x
Arbitrary Code Execution Vulnerability in Western Digital My Cloud EX2 Ultra Firmware 2.31.183
Arbitrary Command Execution Vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS)
Arbitrary Code Execution Vulnerability in Western Digital My Cloud EX2 Ultra Firmware 2.31.183
Buffer Overflow Vulnerability in Western Digital My Cloud EX2 Ultra Firmware 2.31.195
Local Privilege Escalation in Squid Analysis Report Generator (sarg) through 2.3.11
Vulnerability: API Key Theft in Zulip Server Social Authentication
Vulnerability in Unbound's IPsec Module Allows for Shell Code Execution
.NET Deserialization Vulnerability in Progress Telerik UI for ASP.NET AJAX
Denial of Service Vulnerability in UniValue::read()
Remote Code Execution in eQ-3 Homematic CCU2 and CCU3 via exec.cgi
Remote Code Execution Vulnerability in eQ-3 Homematic CCU2 and CCU3 with E-Mail AddOn
Remote Code Execution in eQ-3 Homematic CCU2 and CCU3 with HM-Print AddOn
Arbitrary File Overwrite/Read Vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS)
Stored XSS Vulnerability in Micro Focus Solutions Business Manager
XML External Entity Processing (XXE) Vulnerability in Micro Focus Solutions Business Manager
Reflected XSS Vulnerability in Micro Focus Solutions Business Manager Application Repository
Privilege Escalation Vulnerability in Micro Focus Solutions Business Manager Application Repository
Session Fixation Vulnerability in Micro Focus Solutions Business Manager Application Repository
Information Disclosure Vulnerability in Micro Focus Solutions Business Manager Application Repository
Arista EOS VxLAN Code Malformed ARP Packet Vulnerability
Unintended JavaScript Execution via Redirection Chain in SnowHaze
Insufficient Authentication Mechanism in Cisco NFVIS VNC Console Allows Unauthorized Access
Arbitrary File Read Vulnerability in SibSoft Xfilesharing through 2.5.1
Arbitrary File Upload and Remote Code Execution in SibSoft Xfilesharing through 2.5.1
Arbitrary Attribute Overwrite Vulnerability in Pomelo v2.2.5
XSS Vulnerability in Lansweeper 7.2.105.2 Web Console
Remote Code Execution via Untrusted Java Deserialization in Divisa Proxia Suite, SparkSpace, and Proxia PHR
Reflected XSS Vulnerability in MicroStrategy Library
Nitro Pro OCR Debug.log File Creation Vulnerability
Arbitrary Command Injection Vulnerability in Cisco Integrated Management Controller (IMC)
Firecracker vsock Buffer Overflow Vulnerability in Versions 0.18.0 and 0.19.0
Unauthorized Disconnection of Clients on Cisco RV Routers
NULL Pointer Dereference and Crash in res_pjsip_t38.c
Directory Traversal Vulnerability in rack-cors Gem
Quarantine Flaw in Adaware Antivirus Allows Privilege Escalation via NTFS Directory Junction
Unauthorized Access to Syslog File in Cisco RV110W, RV130W, and RV215W Routers
Unprotected API Allows Remote Control of Signify Philips Taolight Smart Wi-Fi Wiz Connected LED Bulb
Pimcore Vulnerability: Lack of Access Denied Outcome for Incorrect Recipient ID in Notifications
Script Execution in Email Log Preview Window in Pimcore before 6.3.0
Brute Force Vulnerability in Pimcore 2FA Token
Username Enumeration Vulnerability in Pimcore before 6.2.2
Exposure of Private Information in AbuseFilter Extension for MediaWiki
Shared AES Key Vulnerability in TeamViewer Desktop
Partial Authentication Bypass Vulnerability on Mediatek MT7620N 1.06 Devices
Unauthorized Access to Guest Network Device List in Cisco RV Routers
Partial Authentication Bypass Vulnerability on Realtek RTL8812AR, RTL8196D, RTL8192ER, and RTL8881AN Devices
Partial Authentication Bypass Vulnerability on Atheros AR9132, AR9283, and AR9285 Devices
Cross-Site Scripting (XSS) Vulnerability in OpenWrt 18.06.4
Cross-Site Scripting (XSS) Vulnerability in OpenWrt 18.06.4 via New port forward Name Field
Denial of Service Vulnerability in ABB PB610 Panel Builder 600
Denial of Service Vulnerability in ABB PB610 Panel Builder 600 HMISimulator
Arbitrary DLL Execution Vulnerability in ABB PB610 Panel Builder 600
Path Traversal Vulnerability in ABB PB610 Panel Builder 600 HMISimulator
Insufficient Access Control in ABB Asset Suite Web Interface
Cisco IMC Web Server Denial of Service Vulnerability
Improper Configuration of Cache-Control and Pragma Headers in ABB eSOMS 4.0 to 6.0.3
Missing X-Frame-Options Header in ABB eSOMS Versions 4.0 to 6.0.2 Allows ClickJacking Attacks
Missing X-XSS-Protection Header in ABB eSOMS Versions 4.0 to 6.0.2 Increases Cross-Site Scripting Risk
Missing HTTPOnly Flag in ABB eSOMS Versions 4.0 to 6.0.2 Allows Cross Site Scripting
Integer Overflow in autotrace 0.31.1: Exploiting a BiWidth*biBitCnt Vulnerability
Bitmap Double Free Vulnerability in autotrace 0.31.1
Incorrect Access Control in Sangoma FreePBX 115.0.16.26 and below, 14.0.13.11 and below, 13.0.197.13 and below
Intelbras IWR 3000N 1.8.7 - Administrator Login Disclosure Vulnerability
Vulnerability in Cisco Nexus 9000 Series ACI Mode Switch Software Allows for DoS and Arbitrary Code Execution
Eval Injection Vulnerability in Limnoria and Supybot IRC Plugins
NULL Pointer Dereference in GifIndexToTrueColor in MiniUPnP ngiflib 0.4
Integer Overflow in Oniguruma's search_in_range Function
CSRF Vulnerability in Pagekit 1.0.17 Allows Arbitrary File Upload
Privilege Escalation Vulnerability in TitanHQ WebTitan
Unauthenticated Remote Database Access in TitanHQ WebTitan
SQL Injection Vulnerability in TitanHQ WebTitan Administration Interface
Hard-coded Root Password Vulnerability in TitanHQ WebTitan
Database Configuration File Exposure in TitanHQ WebTitan
Remote Code Execution Vulnerability in TitanHQ WebTitan
Arbitrary Code Execution via Crafted Backup File Upload in TitanHQ WebTitan
Hidden Support Account with Hard-Coded Password in TitanHQ WebTitan
Insufficient Documentation of Search History in iTerm2 Allows for Sensitive Information Disclosure
Privilege Escalation Vulnerability in VMware Harbor Container Registry for Pivotal Platform
CSRF Vulnerability in Harbor Container Registry for Pivotal Platform
SQL Injection in Harbor Container Registry for Pivotal Platform: Prior to 1.8.6 and 1.9.3
SQL Injection in Harbor Container Registry for Pivotal Platform: User-Groups Vulnerability
XML Entity Expansion Vulnerability in Cisco Security Manager
Resource Enumeration Vulnerability in Harbor Before 1.10.3 and 2.x Before 2.0.1
XML External Entity Injection in Easy XML Editor v1.7.8: Arbitrary File Read and DoS Vulnerability
Arbitrary File Read Vulnerability in XMLBlueprint
Jalios JCMS 10 Backdoor Account Vulnerability
Unvalidated SCCM Database Username in Zoho ManageEngine Asset Explorer 6.5 Allows Arbitrary Command Execution
Heap-Based Buffer Over-Read Vulnerability in jhead 3.03
NULL Pointer Dereference in btrfs_root_node in Linux Kernel
NULL Pointer Dereference in ext4_empty_dir in Linux Kernel
Potential Information Disclosure in btrfs_free_extent Function in Linux Kernel
Cross-Site Request Forgery Vulnerability in Cisco IOS XE Software Web UI
XSS Vulnerability in KairosDB 1.2.2: Exploiting showErrorMessage in view.html
Arbitrary Code Execution via Modified Upgrade Packages in Xorux Lpar2RRD and Stor2RRD
Memory Leak in i40e_setup_macvlans() Function in Linux Kernel (CVE-2020-12345)
Memory leaks in v3d_submit_cl_ioctl() function in Linux kernel before 5.3.11 leading to denial of service
Memory Leak in mlx5_fpga_conn_create_cq() Function in Linux Kernel
Memory Leak Vulnerability in Linux Kernel's __ipmi_bmc_register() Function
Memory Leak in mlx5_fw_fatal_reporter_dump() Function in Linux Kernel
Memory Leak Vulnerability in crypto_reportstat() Function in Linux Kernel
Memory Leak Vulnerability in unittest_data_add() Function in Linux Kernel
Bypassing Content Filters in Cisco Email Security Appliance through GZIP Decompression Vulnerability
Memory Leak Vulnerability in crypto_reportstat() Function in Linux Kernel
Memory Leak in i2400m_op_rfkill_sw_toggle() Function in Linux Kernel
Memory Leak Vulnerability in gs_can_open() Function in Linux Kernel
Memory Leak Vulnerability in Linux Kernel's rpmsg_eptdev_write_iter() Function
Memory Leak Vulnerability in cx23888_ir_probe() Function in Linux Kernel
Memory Leak in nl80211_get_ftm_responder_stats() Function in Linux Kernel
Memory Leak Vulnerability in mwifiex_pcie_alloc_cmdrsp_buf() Function
Memory Leak Vulnerabilities in mwifiex_pcie_init_evt_ring() Function
Memory Leak Vulnerability in alloc_sgtable() Function in Linux Kernel
Memory leaks in iwl_pcie_ctxt_info_gen3_init() function in Linux kernel through 5.3.11 leading to denial of service
Cisco Prime Infrastructure Virtual Domain Configuration Privilege Escalation Vulnerability
Memory Leak Vulnerability in adis_update_scan_mode() Function in Linux Kernel
Memory Leak Vulnerability in adis_update_scan_mode_burst() Function in Linux Kernel
Memory Leak Vulnerability in crypto_report() Function in Linux Kernel (CVE-2020-12345)
Memory leaks in rtl_usb_probe() function in Linux kernel through 5.3.11 leading to denial of service (CID-3f9361695113)
Memory Leak Vulnerability in fsl_lpspi_probe() Function in Linux Kernel
Memory Leak in sdma_init() Function in Linux Kernel (CVE-2020-12345)
Memory Leak Vulnerability in Linux Kernel's bfad_im_get_stats() Function
Memory Leaks in acp_hw_init() Function in Linux Kernel (CVE-2020-12345)
Memory Leak Vulnerability in Linux Kernel's rtl8xxxu_submit_int_urb() Function
Memory Leak Vulnerability in Linux Kernel's fastrpc_dma_buf_attach() Function
Cisco IMC Web Server Vulnerability: Unauthorized Configuration Modification and Privilege Escalation
Memory Leak Vulnerability in spi_gpio_probe() Function in Linux Kernel
Memory Leak Vulnerability in rsi_send_beacon() Function in Linux Kernel
Memory Leak Vulnerability in Linux Kernel's predicate_parse() Function (CID-96c5c6e6a5b6)
Memory Leak Vulnerability in ath9k_htc_hst.c in Linux Kernel (CVE-2020-12345)
Memory Leak Vulnerability in ath9k_wmi_cmd() Function in Linux Kernel (CVE-2020-12345)
Memory Leak in ca8210_probe() Function in Linux Kernel
Memory Leak in nfp_abm_u32_knode_replace() Function in Linux Kernel
Memory Leak in bnxt_re_create_srq() Function in Linux Kernel (CVE-2020-12345)
Memory Leak Vulnerability in ath10k_usb_hif_tx_sg() Function in Linux Kernel
Memory Leak Vulnerability in qrtr_tun_write_iter() Function in Linux Kernel
IPMI Implementation Vulnerability in Cisco IMC Allows Unauthorized Access to Sensitive System Information
Memory leaks in nfp_flower_spawn_phy_reprs() function in Linux kernel before 5.3.4 leading to denial of service (CID-8572cea1461a)
Memory Leak in nfp_flower_spawn_vnic_reprs() Function in Linux Kernel
Memory Leak Vulnerability in AMD Display Drivers
Memory Leak Vulnerability in *clock_source_create() Functions in AMD Display Drivers
Octopus Deploy Package Upload Vulnerability
Persistent XSS Vulnerability in Octopus Server 3.4.0 through 2019.10.5
Insecure Permissions in Gitlab Enterprise Edition (EE) before 12.5.1
Insecure Permissions in Gitlab Enterprise Edition (EE) before 12.5.1
Directory Traversal Vulnerability in Gitlab Enterprise Edition (EE) 11.3 through 12.4.2
Missing X-Content-Type-Options Header in ABB eSOMS Versions 4.0 to 6.0.3 Allows Unauthorized Code Execution
Cisco IOS XR Software BGP Denial of Service Vulnerability
Unencrypted Cookie Information Vulnerability in ABB eSOMS Versions 4.0 to 6.0.2
Sensitive Information Leakage in ABB eSOMS Versions 4.0 to 6.0.3 via HTTPS Responses
Unauthenticated Viewstate Tampering Vulnerability in ABB eSOMS Versions 4.0 to 6.0.3
Password Complexity Bypass in eSOMS Versions 4.0 to 6.0.3
SQL Injection Vulnerability in ABB eSOMS Versions 3.9 to 6.0.3
Stored Cross-Site Scripting Vulnerability in ABB eSOMS Versions 4.0 to 6.0.2
Clear Text Storage of Credentials in ABB eSOMS Redis Data Structure Component
Medium Strength Cipher Vulnerability in ABB eSOMS Versions 4.0 to 6.0.3
Denial of Service (DoS) Vulnerability in Cisco IOS XR Software's IS-IS Routing Protocol Implementation
Privilege Escalation Vulnerability in B&R Automation Studio Upgrade Service
Unauthenticated MITM Attack Vulnerability in B&R Automation Studio Upgrade Service
Zip Slip Vulnerability in B&R Automation Studio Upgrade Service
Unauthenticated Access Control Vulnerability in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway
Plaintext Storage of Credentials in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway Backup Function
Access Control Bypass in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway
Plaintext Password Vulnerability in ABB Telephone Gateway TG/S 3.2 and Busch-Jaeger 6186/11 Telefon-Gateway
Authentication Bypass Vulnerability in B&R Automation Runtime SNMP Service
CSRF Vulnerability in wpForo Plugin 1.6.5 for WordPress
Vulnerability: Local Privilege Escalation in Cisco Unified Communications Domain Manager
XSS Vulnerability in wpForo Plugin 1.6.5 for WordPress via wp-admin/admin.php?page=wpforo-phrases s Parameter
XSS Vulnerability in wpForo Plugin 1.6.5 for WordPress
XSS Vulnerability in wpForo Plugin 1.6.5 for WordPress via wpf-dw-td-value Class in dashboard.php
SQL Injection Vulnerability in New Bee Mall Goods Mapper
Nahimic APO Software Component Driver Privilege Escalation Vulnerability
Command Injection Vulnerability in PHICOMM K2(PSG1218) V22.5.9.163
Unintended Model Editing Vulnerability in Django Admin
Insufficient Access Control on Local Registry Keys in PRTG Allows Unauthorized Access to Administrative Credentials
Arbitrary File Upload Vulnerability in Cisco Small Business 220 Series Smart Switches
Bypassing ASLR in setuid programs through LD_PREFER_MAP_32BIT_EXEC vulnerability
Unencrypted Communications Authentication Bypass Vulnerability in Tribal SITS:Vision 9.7.0
Remote Stored XSS Vulnerability in Afterlogic WebMail Pro 8.3.11 and Afterlogic Aurora 8.3.11 via Attachment Name
Buffer Overflow Vulnerabilities in Cisco Small Business 220 Series Smart Switches
Reflected XSS Vulnerability in CSS Hero Plugin for WordPress
Unauthenticated XSS Vulnerability in Hero Maps Premium Plugin for WordPress
Insufficient Random Number Generation in OPC UA .NET Standard Codebase Allows Credential Reuse
Integrity Degradation Vulnerability in Ivanti Workspace Control
Command Injection Vulnerability in Cisco Small Business 220 Series Smart Switches
Remote Code Execution via Camera Upload in Plex Media Server
Unauthenticated Firmware Replacement Vulnerability in Intelbras WRN240 Devices
Unauthenticated Firmware Replacement Vulnerability in TP-LINK TL-WR849N 0.9.1 4.16 Devices
Remote Command Execution Vulnerability in Tellabs Optical Line Terminal (OLT) 1150 Devices
Cross-Site Request Forgery Vulnerability in Cisco Unified Communications Manager and Unity Connection
Client-Session-ID Leakage Vulnerability
Authenticated User Privilege Escalation in F5 BIG-IP, BIG-IQ, iWorkflow, and Enterprise Manager
Vulnerability: Arbitrary Code Execution in Reportexpress ProPlus via VBscript Injection
Insufficient Verification in CyMiInstaller322 ActiveX Allows Unauthorized DLL Downloads
Code Execution Vulnerability in TOBESOFT XPLATFORM Versions 9.1 to 9.2.2
Firmware Vulnerability in COMMAX WallPad (CDP-1020MB) Allows Arbitrary Code Execution
Remote Code Execution Vulnerability in Dext5 Upload ActiveX Control
Remote Code Execution Vulnerability in Inogard Ebiz4u ActiveX Control (AxECM.cab)
Unauthenticated DLL Loading Vulnerability in Tobesoft XPlatform v9.1-9.2.2
Arbitrary Code Execution Vulnerability in Tobesoft Nexacro v2019.9.25.1 and Earlier Versions
Arbitrary File Download and Execution Vulnerability in Dext5.ocx ActiveX 5.0.0.116 and Earlier Versions
Arbitrary File Download and Code Execution Vulnerability in Dext5.ocx ActiveX 5.0.0.116 and Earlier Versions
Authentication Bypass Vulnerability in Cisco Vision Dynamic Signage Director REST API
Cisco IOS XR Software IS-IS Routing Protocol Denial of Service Vulnerability
Root Privilege Escalation Vulnerability in Cisco FindIT Network Management Software VM Images
Privilege Escalation Vulnerability in Shibboleth Service Provider (SP) 3.x before 3.1.0
Vulnerability: Event Deadlock and Crash in STMicroelectronics BLE Stack for STM32WB5x Devices
Denial of Service Vulnerability in Texas Instruments SIMPLELINK-CC2640R2-SDK and BLE-STACK
Zero Long Term Key (LTK) Vulnerability in Telink Semiconductor BLE SDK
Bluetooth Low Energy Implementation Vulnerability in Microchip Technology BluSDK Smart
Buffer Overflow Vulnerability in Telink Semiconductor BLE SDK
Privilege Escalation and Code Execution via IOCTL Handling in Kyrol Internet Security 9.0.6.9
Scoutnet Kalender Plugin 1.1.0 for WordPress XSS Vulnerability
Insufficient Session Expiration in REDDOXX MailDepot 2032 SP2 2.2.1242
Denial of Service Vulnerability in Cisco IOS Access Points Software
Authenticated User Mailbox Access Vulnerability in REDDOXX MailDepot 2032 2.2.1242
Privilege Escalation in Vtiger 7.x before 7.2.0
Heap-based Buffer Over-read in Oniguruma 6.x before 6.9.4_rc2
Heap-based Buffer Over-read in Oniguruma 6.x before 6.9.4_rc2
Stored XSS in Dolibarr CRM/ERP 10.0.3 via JavaScript execution in SVG profile picture
SQL Injection Vulnerability in rConfig 3.9.2 via devices.php?searchColumn=
Codiad Web IDE 2.8.4 - PHP Code Injection Vulnerability
SQL Injection Vulnerability in Dolibarr ERP/CRM before 10.0.3
Bypassing Content Filters in Cisco Email Security Appliance
Dolibarr ERP/CRM XSS Vulnerability in Uploaded HTML Documents
Insufficient Filtering in Dolibarr ERP/CRM Leads to user/card.php XSS Vulnerability
Cross-Site Scripting (XSS) Vulnerability in Dolibarr ERP/CRM 3.0 through 10.0.3
Buffer Overflow Vulnerability in BMC Control-M/Agent 7.0.00.000 with On-Do Action Destination as Mail
Insecure File Copy Vulnerability in BMC Control-M/Agent 7.0.00.000
BMC Control-M/Agent 7.0.00.000 OS Command Injection Vulnerability
Insecure Password Storage in BMC Control-M/Agent 7.0.00.000
Arbitrary File Download Vulnerability in BMC Control-M/Agent 7.0.00.000
Cisco SIP IP Phone Software Denial of Service Vulnerability
OS Command Injection in BMC Control-M/Agent 7.0.00.000
Out-of-Bounds Read Vulnerability in Libarchive 3.4.0
Stored XSS Vulnerability in D-Link DSL-2680 Web Administration Interface (Firmware EU_1.03)
Unauthenticated Reboot Vulnerability in D-Link DSL-2680 Router
Unauthenticated Download of Configuration Settings in D-Link DSL-2680 Web Administration Interface
Unauthenticated DNS Server Manipulation in D-Link DSL-2680 Web Administration Interface
Unauthenticated Access Control Bypass in D-Link DSL-2680 Firmware EU_1.03
Potential NULL Pointer Dereference in AppleTalk Subsystem of Linux Kernel
Authentication Bypass Vulnerability in Fronius Solar Inverter Devices
Directory Traversal Vulnerability in Fronius Solar Inverter Devices
Arbitrary Command Execution Vulnerability in Cisco Small Business SPA500 Series IP Phones
Unsafe Deserialization Vulnerability in CA Release Automation (Nolio) 6.6 with DataManagement Component
Insecure File Access Vulnerability in CA Client Automation Agent for Windows
Impersonation of Nonexistent Users in Sudo
Vulnerability: Impersonation of Blocked Users in Sudo
Unsigned Code Execution Vulnerability in ASUS ATK Package
Arbitrary Code Execution Vulnerabilities in Cisco Webex Network Recording Player and Cisco Webex Player for Windows
GoAhead Web Server Host Header Overflow Vulnerability
Privilege Escalation via io_uring in Linux Kernel
SQLite 3.30.1 Vulnerability: Mishandling of pExpr->y.pTab in sqlite3ExprCodeTarget
Crash Vulnerability in SQLite 3.30.1 with DISTINCT, Window Functions, and ORDER BY
Pre-Authentication SQL Injection Vulnerability in NAPC Xinet Elegant 6 Asset Library 6.1.655
Heap-Based Buffer Over-read in Oniguruma's str_lower_case_match
Origin Elevation of Privilege Vulnerability
Elevation of Privilege Vulnerability in Electronic Arts Origin (Issue 2 of 2)
Invitations Mishandling in QueryTree before 3.0.99-beta
Arbitrary Code Execution Vulnerabilities in Cisco Webex Network Recording Player and Cisco Webex Player for Windows
SQL Injection Vulnerability in OpenTrade (pre-2019-11-23) via server/modules/api/v1.js and server/utils.js
Insecure Transmission of API Key in Last.fm Desktop App
Unrestricted Write Access to vcsu Devices in Linux Kernel (CID-0c9acb1af77a)
Incorrect Access Control in GitLab Community Edition (CE) and Enterprise Edition (EE) 9.6 through 12.5
Incorrect Access Control in GitLab Enterprise Edition (EE) 12.3-12.5
Incorrect Access Control in GitLab Enterprise Edition (EE) 12.2 - 12.5
Incorrect Access Control in GitLab Community Edition (CE) and Enterprise Edition (EE) through 12.5
Improper Access Control in GitLab Enterprise Edition (EE) 10.8 and later through 12.5
Insecure Direct Object Reference (IDOR) Vulnerability in GitLab Enterprise Edition (EE) 11.3 - 12.5
Arbitrary Code Execution Vulnerabilities in Cisco Webex Network Recording Player and Cisco Webex Player for Windows
Incorrect Access Control in GitLab Community Edition (CE) and Enterprise Edition (EE) through 12.5
SSRF Vulnerability in GitLab Enterprise Edition (EE) 6.7 and later through 12.5
Insecure Permissions in GitLab Enterprise Edition (EE) 11.9 and later through 12.5
Insecure Permissions in GitLab Enterprise Edition (EE) 8.2 and later through 12.5
Remote File Access Vulnerability in Simplifile RecordFusion
Cross-Site Scripting (XSS) Vulnerability in IceWarp WebMail Server 12.2.0 and 12.1.x
XSS Vulnerability in IceWarp WebMail Server's Object Notes
NULL Pointer Dereference in ProFTPD TLS Certificate Validation
Arbitrary Code Execution Vulnerabilities in Cisco Webex Network Recording Player and Cisco Webex Player for Windows
Failure to Check CRL Entry Field Allows Revoked Certificates to Connect
Improper CRL Verification in ProFTPD 1.3.6
NULL Pointer Dereference in tls_verify_crl Leads to Server Crash
Arbitrary Memory Write Vulnerability in Samsung Exynos 8895 Chipset (SVE-2019-16265)
Out-of-Bounds Read Vulnerability in typed_ast 1.3.0 and 1.3.1
Out-of-bounds read vulnerability in typed_ast 1.3.0 and 1.3.1
SNMP Service Crash Vulnerability in SIMATIC HMI Comfort Panels and KTP Mobile Panels
SIPORT MP < 3.1.4 - Privilege Escalation Vulnerability
Vulnerability: Unauthenticated Device Restoration in SINAMICS PERFECT HARMONY GH180 Drives
Vulnerability in SIPROTEC 4 and SIPROTEC Compact Relays with EN100 Ethernet Communication Modules: Denial-of-Service via Crafted Packets
Arbitrary Code Execution Vulnerabilities in Cisco Webex Network Recording Player and Cisco Webex Player for Windows
Title: Denial-of-Service Vulnerability in SIMATIC ET 200SP Open Controller and SIMATIC S7-1500 CPUs
Denial-of-Service Vulnerability in Multiple Siemens Products
Information Disclosure Vulnerability in XHQ (All Versions < 6.1)
Cross-Site Scripting (XSS) Vulnerability in XHQ (All Versions < 6.1) Web Interface
XHQ Web Interface XSS Injection Vulnerability
SQL Injection Vulnerability in XHQ Web Interface (All Versions < 6.1)
File System Traversal Vulnerability in XHQ (All Versions < 6.1)
Cross-Site Scripting (XSS) Vulnerability in XHQ Web Interface (All Versions < 6.1)
Cross-Site Request Forgery (CSRF) Vulnerability in XHQ (All Versions < 6.1) Web Interface
Arbitrary Code Execution Vulnerabilities in Cisco Webex Network Recording Player and Cisco Webex Player for Windows
Control Center Server (CCS) Path Traversal Vulnerability
Clear-text Storage of Login Credentials in SiVMS/SiNVR Video Server and Control Center Server
SQL Injection Vulnerability in Control Center Server (CCS) (All versions < V1.5.0)
Control Center Server (CCS) Reflected XSS Vulnerability
Stored Cross-site Scripting (XSS) Vulnerabilities in Control Center Server (CCS) Web Interface
Unlogged Security Activities in Control Center Server (CCS)
SiNVR/SiVMS Video Server FTP Path Traversal Vulnerability
Path Traversal Vulnerability in SiNVR/SiVMS Video Server (All versions < V5.0.0) Allows Unauthorized File Access
Input Validation Vulnerability in SiNVR/SiVMS Video Server Allows Remote Denial-of-Service Attacks
Weak Cryptography Vulnerability in SiNVR/SiVMS Video Server
Cross-Site Scripting (XSS) Vulnerabilities in Cisco Firepower Management Center (FMC) RSS Dashboard
Denial of Service Vulnerability in Development/Evaluation Kits for PROFINET IO and SIMATIC Controllers
Denial of Service Vulnerability in VxWorks-based Profinet TCP Stack
Zoho CRM Lead Magnet Plugin 1.6.9.1 for WordPress XSS Vulnerability
Integer Overflow in parse_mqtt: Remote DoS and Out-of-Bounds Write Vulnerability in Cesanta Mongoose 6.16
NULL Pointer Dereference in text_to_glyphs function in gnome-font-viewer 3.34.0
Incorrect Access Control in GitLab Enterprise Edition (EE) 8.90 and later through 12.5
Cross-Site Scripting (XSS) Vulnerabilities in Cisco Firepower Management Center (FMC) RSS Dashboard
GitLab Enterprise Edition (EE) 9.0 through 12.5 Information Disclosure Vulnerability
Cross-Site Scripting (XSS) Vulnerability in GitLab EE 8.14 through 12.5, 12.4.3, and 12.3.6
Incorrect Access Control in GitLab EE 8.14 through 12.5, 12.4.3, and 12.3.6: Information Leakage in Private Project Forks
Denial of Service Vulnerability in GitLab EE 12.3 through 12.5, 12.4.3, and 12.3.6
Plaintext Token Storage Vulnerability in GitLab EE 8.4 through 12.5, 12.4.3, and 12.3.6
Elevation of Privilege Vulnerability in Nalpeiron Licensing Service 7.3.4.0
Cleartext Transmission of Azure SAS Token and State Snapshot in Terraform Versions Prior to 0.12.17
Denial of Service and Potential Impact in SQLite 3.30.1 due to lookupName Vulnerability
Double Mounting Vulnerability in Linux Kernel 5.3.11: rwsem_down_write_slowpath Use-After-Free
Slab-out-of-bounds Write Access Vulnerability in Linux Kernel
Arbitrary Code Execution Vulnerability in Cisco AMP for Endpoints for Windows
Untrusted Accidental JWT Acceptance Vulnerability in Xmidt cjwt through 1.0.1
Reflected XSS Vulnerability in SilverStripe Forms
HTTP Cache Poisoning Vulnerability in Silverstripe CMS
HTML Injection in ResultView.js in Wikibase Wikidata Query Service GUI
HTML Injection Vulnerability in Wikibase Wikidata Query Service GUI
Arbitrary JavaScript Execution via Mathematical Expressions in Wikibase Wikidata Query Service GUI
Bypassing Configured Filters in Cisco Email Security Appliance
Intermediary Encapsulation Attacks in HAProxy HTTP/2 Implementation
Denial of Service Vulnerability in Knot Resolver 4.3.0 and Earlier Versions
Linux Kernel KVM Hypervisor Denial of Service Vulnerability
Stack-based buffer overflow in libyang YANG file parsing with bits leaf type
Stack-based buffer overflow in libyang before 1.0-r5 when parsing YANG files with identityref leaf type
Insecure File Permissions in OpenShift 4.2 Installation Tool
Cross-Site Scripting (XSS) Vulnerability in oVirt-engine's OAuth Authorization Endpoint
Remote Denial of Service Vulnerability in Red Hat Ceph Storage 3
Vulnerability Title: Flaw in Linux Kernel Speculative Execution Handling on Cascade Lake CPUs
Incomplete Fix for CVE-2018-12207: Privileged Guest User Can Induce Hardware Machine Check Error on Red Hat Enterprise Linux 8
Privilege Escalation Vulnerability in Cisco ASA Software
RabbitMQ Management Interface Exposed in Ansible Tower
World-readable files in Ansible Tower's backup directory pose a significant data exposure vulnerability
Password Disclosure and Brute Force Vulnerability in Ansible Tower
Memory Leak in Undertow's HttpOpenListener Leads to Denial of Service
Use-After-Free Vulnerability in Samba Versions 4.9.x, 4.10.x, and 4.11.x
Insecure Modification Vulnerability in openshift/mediawiki-apb Container
Insecure Modification Vulnerability in openshift/mariadb-apb Container
Insecure Modification Vulnerability in openshift/apb-base Container
Insecure Modification Vulnerability in Operator-Metering Container
Default Account Vulnerability in Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data
Insecure Modification Vulnerability in openshift/ansible-service-broker
Insecure Modification Vulnerability in openshift/jenkins Container
Insecure Modification Vulnerability in operator-framework/presto Container
Insecure Modification Vulnerability in operator-framework/hive Allows Privilege Escalation
Insecure Modification Vulnerability in operator-framework/hadoop in Red Hat Openshift 4
Insecure Modification Vulnerability in openshift/ocp-release-operator-sdk
Authenticated Remote Code Execution (RCE) as Root in Netis WF2419 Router
Arbitrary Command Execution Vulnerability in Cisco Integrated Management Controller (IMC) Supervisor, UCS Director, and UCS Director Express for Big Data
Memory Leakage Vulnerability in TeamViewer Chat Functionality
Local Privilege Escalation Vulnerability in Ricoh Windows Printer Drivers
DLL Hijacking Vulnerability in CatalystProductionSuite and CatalystBrowseSuite Installers
Cross-Site Scripting (XSS) Vulnerability in FusionPBX 4.4.1 via redirect parameter in xml_cdr_search.php
Arbitrary Web Script Injection Vulnerability in FusionPBX 4.4.1
Reflected Cross Site Scripting Vulnerability in Rumpus FTP Web File Manager 8.2.9.1 Login Page
Session Token Bypass Vulnerability in Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data
Mitel MiCollab Android App XSS Vulnerability
Mitel MiCollab AWV Join Meeting Interface XSS Vulnerability
rConfig Download File Path Traversal Vulnerability
Arbitrary Unserialization and Remote Code Execution in Squiz Matrix CMS
Arbitrary File Deletion Vulnerability in Squiz Matrix CMS File Upload Field Type
CSRF Cookie Insecure Attribute Vulnerability in Octopus Deploy
Authenticated User Denial of Service Vulnerability in Octopus Deploy
Use-after-free vulnerability in btrfs_queue_work in Linux kernel 5.0.21
Slab-Out-of-Bounds Write Vulnerability in Btrfs Filesystem Mounting
Bypassing Tagging Restrictions in MISP 2.4.118
Authentication Bypass Vulnerability in Cisco UCS Director and UCS Director Express for Big Data
Reflected Cross Site Scripting (XSS) in Abacus OAuth Login 2019_01_r4_20191021_0000
Insecure Permissions on Max Secure Anti Virus Plus 19.0.4.020 Installation Directory Allows Privilege Escalation
Post-Authentication Buffer Overflow in freeFTPd 1.0.8 via Crafted SIZE Command
Arbitrary Web Script Injection Vulnerability in FusionPBX 4.4.1
Arbitrary Web Script Injection Vulnerability in FusionPBX 4.4.1
Arbitrary Web Script Injection Vulnerability in FusionPBX 4.4.1
Arbitrary Web Script Injection Vulnerability in FusionPBX 4.4.1
Arbitrary Code Injection via dialplan_uuid Parameter in FusionPBX 4.4.1
HTTP Response Splitting Vulnerability in JetBrains Ktor Framework (<=1.2.5)
Arbitrary Command Execution Vulnerability in Cisco Webex Teams Client for Windows
Multiple Reflected XSS Vulnerabilities in Matrix42 Workspace Management 9.1.2.2765 and below
Type Confusion Vulnerability in LuaJIT's debug.getinfo Function
Privilege Escalation: Unprivileged User Can Create Administrators in forDNN.UsersExportImport Module
Persistent XSS Vulnerability in Rittal CMC PU III 7030.000 V3.00 V3.11.00_2 to V3.15.70_4 Devices
Cross-Site Scripting (XSS) Vulnerability in Northern.tech CFEngine Enterprise
Kernel Crash Vulnerability in illumos
Vulnerability in Huawei Products: Weak Algorithm Default Setting Leads to Information Leaks
Insufficient Input Validation Vulnerability in M5 Lite 10 (Version 8.0.0.182(C00))
Unauthenticated Remote Read Access Vulnerability in Cisco Industrial Network Director
Cisco Identity Services Engine (ISE) Web-Based Management Interface Cross-Site Scripting (XSS) Vulnerability
Information Leakage Vulnerability in USG9500 with Multiple Versions
Factory Reset Protection (FRP) Bypass Vulnerability in Huawei Smart Phones
Integer Overflow Vulnerability in Huawei LDAP Client: Remote Crash Exploit
Integer Overflow Vulnerability in Huawei LDAP Server: Remote Crash Exploit
Huawei SIP Module Denial of Service (DoS) Vulnerability
Huawei SIP Module Denial of Service (DoS) Vulnerability
Huawei SIP Module Denial of Service (DoS) Vulnerability
Arbitrary SQL Query Execution Vulnerability in Cisco ISE Sponsor Portal
Open Redirect Vulnerability in Cisco Small Business Switches Software
Privilege Escalation and Malicious Library Loading Vulnerabilities in Cisco ASA Smart Tunnel Functionality
Information Leak Vulnerability in HUAWEI P30 Smartphones
Use-after-free vulnerability in ext4_put_super in Linux kernel 5.0.21
Use-after-free vulnerability in try_merge_free_space in btrfs filesystem
Slab-out-of-bounds Read Access Vulnerability in f2fs_build_segment_manager
Privilege Escalation and Malicious Library Loading Vulnerabilities in Cisco ASA Smart Tunnel Functionality
Remote Code Execution in ReportLab's Paraparser
Endless Loop Vulnerability in GNOME Dia Thumbnailer Service
Buffer Overflow Vulnerability in Patriot Viper RGB (Version 1.1) Allows Privilege Escalation
XSS Vulnerability in Wowza Streaming Engine Proxy License Editing
Arbitrary File Download Vulnerability in Wowza Streaming Engine <= 4.x.x
Insecure Permissions Vulnerability in Wowza Streaming Engine
Reflected XSS Vulnerability in Wowza Streaming Engine <= 4.x.x
Cross-Site Scripting (XSS) Vulnerability in SALTO ProAccess SPACE 5.4.3.0
Directory Traversal Vulnerability in SALTO ProAccess SPACE 5.4.3.0 Data Export Feature
Arbitrary File Write Vulnerability in SALTO ProAccess SPACE 5.4.3.0
Authentication Bypass Vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) Web Interface
Privilege Escalation in SALTO ProAccess SPACE 5.4.3.0
Post-authentication Stored XSS in Team Password Manager
Denial of Service Vulnerability in Linux Kernel's relay_open Function
Unencrypted Update Check in Anhui Huami Mi Fit Application for Android (Version < 4.0.11)
Unencrypted Analytics in CBC Gem Application
Cross-Site Scripting (XSS) Vulnerability in SCEditor 2.1.3
Arbitrary Code Execution Vulnerability in Free Photo Viewer 1.3
CSRF Vulnerability in Zmanda Management Console 3.3.9 Allows Command Injection with Shell Metacharacters
Denial of Service (DoS) Vulnerability in Cisco Email Security Appliance
Privilege Escalation via .NET Deserialization in TinyWall Named Pipe Message Processing
Privilege Escalation Vulnerability in ManageEngine Applications Manager 14
Incorrect Read Operation in OpenSC's SETCOS File Attribute Parsing
Unauthenticated Remote Attackers Can Gain Unauthorized Read Access to Sensitive Data in Cisco Webex Meetings Mobile (iOS) Due to Insufficient SSL Certificate Validation
Incorrect Free Operation in sc_pkcs15_decode_prkdf_entry
Buffer Limit Mishandling in libopensc/card-cac1.c for CAC Certificates
Open Redirect Vulnerability in Centreon Login Page (Versions 19.04.4 and below)
Local File Inclusion Vulnerability in minPlayCommand.php in Centreon (19.04.4 and below)
Command Injection in minPlayCommand.php in Centreon (19.04.4 and below): Achieving Command Injection via Plugin Test
Buffer Overflow Vulnerability in SMPlayer 19.5.0 via Long .m3u File
Cross-Site Scripting (XSS) Vulnerability in Cisco Firepower Management Center
Weak Permissions in LiteManager 4.5.0: Everyone has Full Control in LiteManagerFree - Server Folder
Cross-Site Scripting (XSS) Vulnerabilities in TestLink 1.9.19
Default Password Vulnerability in FreeSWITCH 1.6.10 through 1.10.1
Inconsistent Content-Type Header and File Extension in Kentico before 12.0.50 Allows XSS via File Uploads
Buffer Overflow Vulnerability in Broadcom-based Cable Modems: Remote Code Execution via JavaScript
Vulnerability: DNS Rebinding Exploit Enables Remote Access to Technicolor TC7230 Cable Modem
Stored XSS Vulnerability in Alfresco Enterprise before 5.2.5 via Uploaded HTML Document
XSS Vulnerability in MDaemon Email Server 17.5.1 via Attachment Filename
Arbitrary File Read Vulnerability in Grafana <= 6.4.3
Default Credentials Vulnerability in Cisco IOS XE SD-WAN Software
Stored XSS Vulnerability in Matrix42 Workspace Management 9.1.2.2765 and Below via Unfiltered Description Parameters
Local Privilege Escalation Vulnerability in VeraCrypt 1.24
Arbitrary PHP Code Execution Vulnerability in Image Uploader and Browser for CKEditor
Stack-based buffer overflow vulnerability in Tenda PA6 Wi-Fi Powerline extender 1.0.1.21
Tenda PA6 Wi-Fi Powerline Extender 1.0.1.21 Denial of Service Vulnerability
Bypassing Type Detection in jpv (aka Json Pattern Validator) 2.1.1 and Earlier
Command Execution Vulnerability in rConfig 3.9.3
Bypassing L3 and L4 Traffic Filters in Cisco SD-WAN Solution
Out of Bounds Write Vulnerability in BASSMIDI Plugin 2.4.12.1 for Un4seen BASS Audio Library on Windows
Stored XSS Vulnerability in Ayision Ays-WR01 v28K.RPT.20161224 Devices via SSID
Stored XSS Vulnerability in Ayision Ays-WR01 v28K.RPT.20161224 Wireless Settings
CSRF Vulnerability in Intelbras WRN 150 1.0.18 Devices Allows Unauthorized Password Change
CSRF Vulnerability in Intelbras RF1200 1.1.3 Devices Allows Bypass of Login.html Form
Unauthenticated Remote Command Execution in CA Automic Sysload
Vulnerability in OpenBSD 6.6: Logic Error in su/su.c Allows Local Users to Achieve Any Login Class
Directory Traversal Vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) CLI
Privilege Escalation via xlock in OpenBSD 6.6
Authentication Bypass Vulnerability in OpenBSD 6.6 libc
Privilege Escalation via S/Key or YubiKey Authentication in OpenBSD 6.6
Use-after-free vulnerability in Linux kernel drivers/usb/misc/adutux.c driver (CID-44efc269db79)
Use-after-free vulnerability in Linux kernel drivers/input/ff-memless.c (CID-fa3a5a1880c9)
Use-after-free vulnerability in Linux kernel drivers/net/ieee802154/atusb.c
Use-after-free vulnerability in Linux kernel USB driver (drivers/nfc/pn533/usb.c) prior to 5.3.9 (CID-6af3aa57a098)
Use-after-free vulnerability in Linux kernel before 5.2.10 in drivers/hid/usbhid/hiddev.c driver
Use-after-free vulnerability in Linux kernel USB driver (drivers/usb/misc/iowarrior.c) prior to 5.3.7 (CID-edc4746f253d)
Use-after-free vulnerability in Linux kernel before 5.3.11 in drivers/net/can/usb/mcba_usb.c driver
Clear Text Password Exposure Vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) Web Portal
Use-after-free vulnerability in Linux kernel before 5.2.10 in drivers/usb/class/cdc-acm.c driver
Use-after-free vulnerability in Linux kernel before 5.2.9 in drivers/usb/misc/yurex.c driver
Out-of-Bounds Write Vulnerabilities in Linux Kernel HID Drivers
USB Device Info-Leak Vulnerability in Linux Kernel (CVE-2020-12345)
USB Device Info-Leak Vulnerability in Linux Kernel (CID-f7a1337f0d29)
Info-leak vulnerability in Linux kernel's PCAN USB FD driver (CID-30a8beeb3042)
USB Device Info-Leak Vulnerability in Linux Kernel (CID-ead16e53c2f0)
Race condition vulnerability in Linux kernel USB character device driver (CID-303911cfc5b9)
Remote Command Execution Vulnerability in Sangoma FreePBX and sysadmin Modules: Privilege Escalation
Password Disclosure Vulnerability in Idelji Web ViewPoint
Cisco Webex Meetings Server Software: Unauthenticated Remote Redirect Vulnerability
Reflected XSS Vulnerability in ListingPro WordPress Theme (v2.0.14.2 and earlier) via Homepage What Field
Persistent XSS Vulnerability in ListingPro WordPress Theme
Persistent XSS Vulnerability in ListingPro WordPress Theme
Use-after-free vulnerability in serial_ir_init_module() in Linux kernel before 5.1.6
Privilege Escalation Vulnerability in CA Automic Dollar Universe 5.3.3
Cross-Origin Resource Sharing (CORS) Vulnerability in Norton Password Manager
Unintentional Information Disclosure Vulnerability in Norton Password Manager
Cross-Site Scripting (XSS) Vulnerability in Symantec Endpoint Detection and Response (SEDR)
Privilege Escalation Vulnerability in Norton Power Eraser (CVE-2021-XXXX)
Cisco Email Security Appliance SPF Bypass Vulnerability
Remote Authentication Bypass in Senior Rubiweb 6.2.34.28 and 6.2.34.37: Unauthorized Access to Sensitive User Information
Cross-Site Scripting (XSS) Vulnerability in Sangoma FreePBX User Management Screen
Cross-Site Scripting (XSS) Vulnerability in Sangoma FreePBX User Management Screen
Vulnerability: Crash in Wireshark CMS Dissector
Stack-based Buffer Overflow in read_textobject() Function in Xfig fig2dev 3.2.7b
Authentication Bypass Vulnerability in Mercedes-Benz HERMES 1 Debug Interface
Debug Interface Misconfiguration in Mercedes-Benz HERMES 1: Exposing Cellular Modem Information
Cross-Site Scripting (XSS) Vulnerability in Cisco SPA112 2-Port Phone Adapter
Authentication Bypass Vulnerability in Mercedes-Benz HERMES 1.5 Debug Interface
Debug Interface Misconfiguration in Mercedes-Benz HERMES 1.5 Exposes Cellular Modem Information
Authentication Bypass Vulnerability in Mercedes-Benz HERMES 2.1 Debug Interface
Debug Interface Misconfiguration in Mercedes-Benz HERMES 2.1 Exposes Cellular Modem Information
Cisco IoT Field Network Director Web Interface Denial of Service Vulnerability
Missing .phar Extension Check in class.upload.php
Xen AMD HVM Guest OS Privilege Escalation and Denial of Service Vulnerability
Denial of Service Vulnerability in Xen through 4.12.x via Degenerate Chains of Linear Pagetables
Incomplete Fix for CVE-2019-18424 Allows Privilege Escalation via DMA in Xen
Cross-Site Request Forgery (CSRF) Vulnerability in Cisco HyperFlex Software
Privilege Escalation Vulnerability in Xen PV Guests (XSA-299)
Denial of Service Vulnerability in Xen for 32-bit Arm Systems
Denial of Service Vulnerability in Xen Hypervisor due to Mishandling of Bit Iteration
Denial of Service Vulnerability in Xen through 4.12.x for x86 HVM/PVH Guests
Privilege Escalation Vulnerability in rConfig 3.9.3
Reflected XSS vulnerability in WSO2 Enterprise Integrator 6.5.0 Management Console
Infinite Loop Vulnerability in Python Validators Package (CVE-2021-12345)
Lever PDF Embedder Plugin 4.4 for WordPress Allows Distribution of Polyglot PDF Documents
Arbitrary File Read Vulnerabilities in Cisco Enterprise NFV Infrastructure Software (NFVIS)
Integer Overflow leading to Use-After-Free vulnerability in radare2 through 4.0
Stored Cross-Site Scripting Vulnerability in Jama Connect 8.44.0
Arbitrary Code Execution via File Upload in RESET.PRO Adobe Stock API Integration for PrestaShop 1.6 and 1.7
Arbitrary Code Execution via File Upload in RESET.PRO Adobe Stock API Integration 4.8 for PrestaShop
Local File XSS Vulnerability in GitBook (Version 2.6.9)
Arbitrary Remote Code Execution in D-Link DAP-1860 Devices
Unauthenticated Access to Administrator Functions in D-Link DAP-1860 Devices
Arbitrary File Read Vulnerabilities in Cisco Enterprise NFV Infrastructure Software (NFVIS)
Buffer Overflow Vulnerability in OpenDetex 2.8.5: Incorrect sprintf in TexOpen in detex.l
Memory Corruption Vulnerability in Linux Kernel (CVE-2020-8835)
SQLite 3.30.1 VIEW SELECT Statement Vulnerability
Arbitrary Command Execution Vulnerability in Git Submodule Update
Arbitrary Memory Write Vulnerability in X-Plane 11.41
Arbitrary File Access and Command Execution Vulnerability in X-Plane before 11.41
SQL Injection Vulnerability in Mitel MiCollab AWV
Mitel MiCollab AWV Web Conferencing SQL Injection Vulnerability
Remote Code Execution in Strapi Admin Panel Plugin Installation and Uninstallation
Arbitrary File Read Vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS)
Session Fixation Vulnerability in Halvotec RaQuest 10.23.10801.0
User Enumeration and Session Cookie Exposure in Halvotec RaQuest 10.23.10801.0
Stored Cross-site Scripting (XSS) Vulnerability in Halvotec RaQuest 10.23.10801.0
Open Redirect Vulnerability in Halvotec RaQuest 10.23.10801.0
Wildcard Injection Vulnerability in Halvotec RAQuest 10.23.10801.0
XSS Vulnerabilities in FreePBX Backup & Restore Module
Arbitrary File Download Vulnerability in Xtivia Web Time and Expense Interface for Microsoft Dynamics NAV
Unescaped Git Information Vulnerability in phpMyAdmin
Untrusted Markdown Content Vulnerability in Documize before 3.5.1
Cisco NX-OS Software Cisco Fabric Services Denial of Service Vulnerability
Bypassing Telemetry Alerts by Removing NT AUTHORITY\SYSTEM Permissions in SecureWorks Red Cloak Windows Agent
Out-of-Bounds Read Vulnerability in OpenCV's dis_flow.cpp
Default Configuration Leak in SROS 2 0.8.1: Exposing Node Information
Information Leakage Vulnerability in SROS 2 0.8.1
Insufficient Parameter Sanitization in GitLab EE Maven Package Registry: Privilege Escalation and Remote Code Execution Vulnerabilities
Disclosure of Private Code via Group Search API in GitLab EE 10.5 through 12.5.3, 12.4.5, and 12.3.8
Denial of Service Vulnerability in Cisco FXOS and NX-OS Software's SNMP Input Packet Processor
Stack-based Buffer Overflow in HTMLDOC 1.9.7's hd_strlcpy() Function
Session Cookie Exposure Vulnerability
Stored Cross-Site Scripting (XSS) Vulnerability in Big Switch Products
Arbitrary File Upload Vulnerability in class.upload.php
Heap-based Buffer Overflow in libsixel's sixel_decode_raw_impl function
Integer Overflow in sixel_encode_body function in libsixel 1.8.2
Integer Overflow in sixel_decode_raw_impl function
Heap-based Buffer Overflow in libsixel's load_pnm Function
IPv6 Traffic Processing Vulnerability in Cisco NX-OS Software
Command Injection Vulnerability in SuperMicro X8STi-F Motherboards with IPMI Firmware 2.06 and BIOS 02.68
Denial of Service Vulnerability in ISE Smart Connect KNX Vaillant 1.2.839
Infinite Recursion Vulnerability in SQLite ALTER TABLE Statements
SQLite Integrity Check PRAGMA Command Vulnerability
Arbitrary Write Vulnerability in radare2 through 4.0.0
Out-of-Bounds Memory Access Vulnerability in YARA 3.11.0
Remote Unauthenticated SQL Injection in Zoho ManageEngine Applications Manager
Cisco NX-OS Software Virtual Shell (VSH) Session Management Denial of Service Vulnerability
Remote Authenticated SQL Injection in Zoho ManageEngine Applications Manager
CSRF Vulnerability in Rumpus FTP Server 8.2.9.1's Web File Manager Edit Accounts Functionality
Elevated Privileges Vulnerability in Cisco UCS Fabric Interconnect Software
CSRF Vulnerability in Rumpus FTP Server 8.2.9.1's Web File Manager Network Setting Functionality
Cookie-based Reflected XSS Vulnerability in Rumpus FTP Server 8.2.9.1 Web File Manager
CSRF Vulnerability in Rumpus FTP Server 8.2.9.1's Web File Manager Allows Unauthorized Account Manipulation
CSRF Vulnerability in Rumpus FTP 8.2.9.1 Allows Unauthorized Folder Creation and Deletion
CSRF Vulnerability in Rumpus FTP 8.2.9.1 Web File Manager's Web Settings
CSRF Vulnerability in Rumpus FTP 8.2.9.1 Web File Manager FTP Settings
CSRF Vulnerability in Rumpus FTP 8.2.9.1 Event Notices Settings
CSRF Vulnerability in Rumpus FTP 8.2.9.1 Web File Manager's Block Clients Component
CSRF Vulnerability in Rumpus FTP 8.2.9.1 Web File Manager's File Types Component
CSRF Vulnerability in Rumpus FTP 8.2.9.1 Upload Center Forms Component
Cisco NX-OS Software Network Time Protocol (NTP) Denial of Service Vulnerability
HTTP Response Splitting Vulnerability in Rumpus FTP Server 8.2.9.1 Web Settings Component
Bypassing Managed Application Security in Ivanti Workspace Control
CSV Injection in arxes-tolina 3.0.0: Remote Control Exploit via Malicious CSV File
User Enumeration Vulnerability in arxes-tolina 3.0.0
Cross-Site Scripting (XSS) Vulnerability in Xray Test Management for Jira prior to version 3.5.5
Cross-Site Scripting (XSS) Vulnerability in Xray Test Management for Jira prior to version 3.5.5
NX-API Denial of Service Vulnerability
File-extension filtering vulnerability in Proofpoint Enterprise Protection (PPS / PoD) allows bypassing of protection mechanisms through malformed multipart email
Remote Code Execution Vulnerability in Pandora FMS 7.x
XSS Vulnerability in nopCommerce Admin News and Blog Controllers
Path Traversal Vulnerability in RoxyFileman of nopCommerce v4.2.0
Privilege Escalation via Crafted Facebook Auth Plugin Upload in nopCommerce v4.2.0
CSRF Vulnerability in RoxyFileman of nopCommerce v4.2.0
Data Leakage in OpenStack Keystone 15.0.0 and 16.0.0: Unauthorized Access to Credentials API
Privilege Escalation Vulnerability in Trend Micro HouseCall for Home Networks (Versions Below 5.3.0.1063)
DLL Hijack Vulnerability in Trend Micro HouseCall for Home Networks (versions below 5.3.0.1063)
SNMP ACL Length Check Vulnerability in Cisco NX-OS Software
Bypassing App Password Protection in Trend Micro Mobile Security for Android
Vulnerability in Trend Micro Apex One and OfficeScan XG Allows Exposure of Masked Credential Key
Cross-Site Scripting (XSS) Vulnerability in Trend Micro Apex One (2019) Product Console
Vulnerability in Trend Micro Security 2020 Allows Local Attackers to Disclose Sensitive Information or Cause Denial-of-Service
Denial of Service Vulnerability in Trend Micro Security 2019 (15.0.0.1163 and below)
Privilege Escalation Vulnerability in Trend Micro Antivirus for Mac 2019: Symbolic Link Attack
RootCA Vulnerability in Trend Micro Password Manager: Unauthorized Access to localhost.key
Arbitrary Code Execution Vulnerability in Trend Micro Security 2019 (v15) Products
NULL Pointer Dereference in wav_content_read() at libwav.c
Authenticated Remote Code Execution in Centreon Infrastructure Monitoring Software via Pollers Misconfiguration
Bypassing File Policies in Cisco Firepower Threat Defense Software
XML External Entity Injection (XXE) Vulnerability in modoboa-dmarc Plugin 1.1.0
HTTP Authorization Header Data Resending Vulnerability in Ktor 1.2.6
Incorrect User Matching Algorithm in JetBrains Upsource: A Potential Information Disclosure Vulnerability
DLL Preloading Vulnerability in Realtek Audio Drivers for Windows
Denial of Service Vulnerability in Moxa EDS-G508E, EDS-G512E, and EDS-G516E Devices via PROFINET DCE-RPC Endpoint Discovery Packets
XSS Vulnerability in VisualEditor Extension for MediaWiki
Arbitrary Title Bypass Vulnerability in MediaWiki
Command Injection Vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) Web Portal
Insecure Permissions Vulnerability in Contao 4.0 through 4.8.5
Improper Encoding or Escaping of Output in Contao 4.8.4 and 4.8.5 Login Module
Cross-Site Scripting (XSS) Vulnerability in Tableau Server 10.3 through 2019.4
Privilege Escalation Vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) CLI
Heap-Based Buffer Overflow in Yabasic 2.86.1 via Crafted BASIC Source File
Off-by-one Error in DecodeBlock Function in VLC Media Player Allows Remote Memory Corruption
NULL Pointer Dereference Vulnerability in Dovecot Push-Notification Driver
Insecure Permissions on Newly Created Singularity Directory: Potential Information Leak and Malicious Redirection
Double Free Vulnerability in sysstat through 12.2.0
Local Privilege Escalation via LD_LIBRARY_PATH in OpenBSD
Weak Permissions in SchedMD Slurm's slurmdbd.conf File
Privilege Escalation in SchedMD Slurm
BSON ObjectID Package 1.3.0 for Node.js Allows Malformed ObjectID Generation
Cross-Site Scripting (XSS) Vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) Web Portal Framework
Path Traversal Vulnerability in Roxy Fileman 1.4.5 for .NET Allows Arbitrary File Write and Code Execution
SQL Injection in MFScripts YetiShare 3.5.2 through 4.5.3 via translation_manage_text.ajax.php and *_manage.ajax.php
Cross-Site Scripting (XSS) vulnerability in get_all_file_server_paths.ajax.php in MFScripts YetiShare 3.5.2 through 4.5.3
SQL Injection in _account_move_file_in_folder.ajax.php in MFScripts YetiShare 3.5.2
Insecure Password Reset Hash Generation in MFScripts YetiShare
Session Cookie HttpOnly Flag Not Set in MFScripts YetiShare
Cross-Site Request Forgery Vulnerability in MFScripts YetiShare 3.5.2 through 4.5.3
Cross-Site Scripting (XSS) Vulnerability in MFScripts YetiShare 3.5.2 through 4.5.3
Session Cookie Insecurity in MFScripts YetiShare 3.5.2 through 4.5.3
Authentication Bypass Vulnerability in Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data
SQL Injection Vulnerability in Octeth Oempro 4.7 and 4.8: Campaign.Get CampaignID Parameter
Origin 10.5.55.33574 Local Privilege Escalation Vulnerability
Blind XSS Vulnerability in D-Link DIR-615 User Account Configuration Page
Unauthorized Root User Creation Vulnerability on D-Link DIR-615 Devices
Local File Inclusion Vulnerability in Contao Form Generator
Integer Overflow and Out-of-Bounds Write Vulnerability in Xfig fig2dev 3.2.7b's make_arrow Function
Authentication Bypass Vulnerability in NeuVector 3.1
Cross-Site Scripting (XSS) Vulnerability in Work Time Calendar App for Jira
Cisco HyperFlex Software: Cross-Frame Scripting Vulnerability
Lack of Unique SSH Key in minerstat msOS before 2019-10-23
Clear text storage of Windows OS credentials in LXCA version 2.6.0 during Windows driver updates
DOM-based Cross-Site Scripting Vulnerability in Lenovo XClarity Administrator (LXCA) Versions Prior to 2.6.6
Unauthenticated Remote Redirect Vulnerability in Lenovo EZ Media & Backup Center
Improper Access Restrictions in Cisco Industrial Network Director (IND) Allow Unauthorized Access to Sensitive Information
Critical Vulnerability: Unwanted KDF in Bitwarden Server 1.32.0
Use-after-free vulnerability in ext4_expand_extra_isize in Linux kernel before 5.4.2
Use-after-free vulnerability in __blk_add_trace function in Linux kernel 5.4.0-rc2
Use-after-free vulnerability in perf_trace_lock_acquire function in Linux kernel 5.3.10
Denial of Service Vulnerability in Cisco Nexus 9000 Series Switches
Use-after-free vulnerability in debugfs_remove function in Linux kernel 4.19.83
Lodahs Package 0.0.1: Trojan Horse Targeting Cryptocurrency Wallets
Reflected XSS Vulnerability in Lexmark Embedded Web Server
Stored XSS Vulnerability in Lexmark Embedded Web Server
Credential Data Bypass Vulnerability in Zoho ManageEngine EventLog Analyzer 10.0 SP1
Open Redirect Vulnerability in Zulip Server Image Thumbnailing Handler
Heap-Based Buffer Over-Read in stb_image.h (Version 2.23)
Heap-based Buffer Over-read in libsixel's load_sixel function
Stream Reassembly Bypass Vulnerability in Cisco Firepower Software
Directory Traversal Vulnerability in Citrix Application Delivery Controller (ADC) and Gateway
Buffer Overflow Vulnerability in AceaXe Plus 1.0 FTP Client
Privilege Escalation via Sieve Script in Cyrus IMAP
Stack-Based Buffer Overflow in ATasm 1.06's to_comma() Function via Crafted .m65 File
Stack-Based Buffer Overflow in ATasm 1.06 via Crafted .m65 File
Stack-Based Buffer Overflow in ATasm 1.06 via Crafted .m65 File
Sandboxed Cross-Origin Iframe Bypass Vulnerability in Opera for Android
NULL Pointer Dereference Vulnerability in CODESYS SP Realtime NT, CODESYS Runtime Toolkit 32 bit full, and CODESYS PLCWinNT
Path Traversal Vulnerability in RadChart in Telerik UI for ASP.NET AJAX
Improper Access Restriction in LemonLDAP::NG Apache Configuration
Privilege Escalation via File Appending in ESET Cyber Security for macOS
Privilege Escalation Vulnerability in Cyxtera AppGate SDP Client
Predictable TXID Generation in miekg Go DNS Package
Heap-Based Buffer Overflow in Samurai 0.7 via Crafted Build File
Heap-Based Buffer Overflow in Yabasic 2.86.2 via Crafted BASIC Source File
Out-of-Bounds Write Vulnerability in Xfig fig2dev 3.2.7b's read_colordef Function
Remote Unauthenticated Information Disclosure in Zoho ManageEngine Applications Manager
Bypassing Filtering Protections in Cisco Firepower Software
Information Disclosure Vulnerability in Zoho ManageEngine Applications Manager 14
Unprivileged Authenticated User Backup Vulnerability in Gallagher Command Centre Server
Unauthenticated User Can View Replicated Data in Gallagher Command Centre Server
Account Enumeration Vulnerability in MFScripts YetiShare
Account Enumeration Vulnerability in MFScripts YetiShare
Use-after-free vulnerability in Linux kernel before 5.3.11 due to erroneous code refactoring in sound/core/timer.c (CID-e7af6307a8a5)
Insufficient Normalization Vulnerability in Cisco Firepower Software
Java Deserialization Vulnerability in Zoom Call Recording 6.3.1 from Eleveo
Use-after-free vulnerability in Linux kernel 5.0.21 through crafted btrfs filesystem image
Slab-Out-of-Bounds Write Access in Linux Kernel 5.0.21 when Mounting Crafted f2fs Filesystem Image
Vulnerability: NULL Pointer Dereference in f2fs_recover_fsync_data in Linux Kernel 5.0.21
Slab-out-of-bounds Write Access Vulnerability in Btrfs Filesystem Image Mounting
Out-of-Bounds Read Vulnerability in Nitro Free PDF Reader 12.0.0.112
Out-of-Bounds Read Vulnerability in Nitro Free PDF Reader 12.0.0.112
NULL Pointer Dereference Vulnerability in Nitro Free PDF Reader 12.0.0.112
Vulnerability: Bypassing Filtering Protections in Cisco Firepower Software
Invalid Pointer Vulnerability in Kyrol Internet Security 9.0.6.9's kyrld.sys Driver Allows Privilege Escalation and Code Execution
Post-Authentication Privilege Escalation in Combodo iTop Web Application
Remote Retrieval of Configuration and Sensitive Data in TOTOLINK, Rutek, Sapido, CIK TELECOM, KCTVJEJU, Fibergate, Hi-Wifi, HCN, T-broad, Coship, and IO-Data Routers
Cleartext Administrative Password Storage Vulnerability in Multiple Router Models
Arbitrary OS Command Execution Vulnerability in TOTOLINK Realtek SDK Based Routers
CAPTCHA Bypass Vulnerability in TOTOLINK Realtek SDK Based Routers
Insecure Unserialize Calls in Views Dynamic Fields Module for Drupal
Cross-Site Scripting (XSS) Vulnerability in SolarWinds Serv-U FTP Server 15.1.7 (Email Parameter)
Denial of Service Vulnerability in Cisco Email Security Appliance and Content Security Management Appliance
Remote Code Injection in SPIP 3.2.x before 3.2.7
CSRF Vulnerability in Xerox AltaLink C8035 Printers: Unauthorized User Addition via xerox.set URI
CSRF Vulnerability in Tautulli 2.1.9 Allows Remote Shutdown of Media Server
Directory Traversal Vulnerability in Ruckus Wireless Unleashed CLI
Remote Denial of Service Vulnerability in Ruckus Wireless Unleashed through 200.7.10.102.64 via SSRF in AjaxRestrictedCmdStat
Remote Code Execution Vulnerability in Ruckus Wireless Unleashed through 200.7.10.102.64 via AjaxRestrictedCmdStat
Remote Information Disclosure in Ruckus Wireless Unleashed Web Interface
Remote Command Execution in Ruckus Wireless Unleashed through 200.7.10.102.64 via admin/_cmdstat.jsp
Command Execution Vulnerability in Ruckus Wireless Unleashed through 200.7.10.102.64
Vulnerability: Arbitrary File Overwrite in Cisco NFVIS
Remote Code Execution Vulnerability in Ruckus Unleashed through 200.7.10.102.64
Command Execution Vulnerability in Ruckus Wireless Unleashed through 200.7.10.102.64
Command Execution Vulnerability in Ruckus Wireless Unleashed through 200.7.10.102.64
Remote Credential Fetch Vulnerability in Ruckus Wireless Unleashed Web Interface
Account Takeover Vulnerability in Django
Path Disclosure Vulnerability in Joomla! before 3.9.14
SQL Injection Vulnerability in Joomla! before 3.9.14
Stack-Based Buffer Overflow in Libspiro's spiro_to_bpath0() Function
Directory Traversal Vulnerability in TYPO3 Extension Manager
Insecure Deserialization Vulnerability in TYPO3 QueryGenerator and QueryView
Untrusted Spell Checker Permissions Bypass Vulnerability
SQL Injection Vulnerability in TYPO3 QueryGenerator
XSS Injection Vulnerability in Sangoma FreePBX and PBXact Superfecta Module
XSS Injection Vulnerability in Sangoma FreePBX and PBXact
CSRF Vulnerability in Serpico 1.3.0 Allows Privilege Escalation
Stored XSS Vulnerability in Serpico 1.3.0 via admin/list_user Endpoint
Stored XSS Vulnerability in Serpico 1.3.0 via User Type Parameter
Insecure Password Change Functionality in Serpico 1.3.0
Stored XSS Vulnerability in Serpico 1.3.0 via admin/add_user/UID Endpoint
Unrestricted Data Input Vulnerability in Serpico 1.3.0
Out of Bounds Write Vulnerability in SkSwizzler::onSetSampleX of SkSwizzler.cpp
Stored XSS Vulnerability in Atos Unify OpenScape UC Application V9 and V10
Information Disclosure Vulnerability in Atos Unify OpenScape UC Web Client
Unencrypted PV Modification Vulnerability in B&R Industrial Automation APROL
Out of Bounds Write Vulnerability in SkSwizzler.cpp (Android)
Arbitrary Command Execution Vulnerability in B&R Industrial Automation APROL
Authentication Bypass Vulnerability in B&R Industrial Automation APROL
Arbitrary Command Execution Vulnerability in B&R Industrial Automation APROL
Arbitrary Command Injection via AprolCluster Script in B&R Industrial Automation APROL
SQL Injection Vulnerability in B&R Industrial Automation APROL EnMon PHP Script
Directory Traversal Vulnerability in B&R Industrial Automation APROL before R4.2 V7.08
Authentication Bypass Vulnerability in B&R Industrial Automation APROL
Incorrect Parsing of Negation in HashiCorp Sentinel Policy Expressions (CVE-2021-12345)
Out-of-bounds Write Vulnerability in SkSwizzler.cpp (Android)
Invalid Pointer Dereference in SQLite 3.30.1 due to Mishandling of Constant Integer Values in ORDER BY Clauses
Vulnerability: Privilege Escalation in Shadow 4.8
Unauthorized Access to Configuration Data in Bender COMTRAXX Devices
Denial of Service Vulnerability in Trustwave ModSecurity 3.0.0 - 3.0.3
NULL Pointer Dereference in bitstr_tell function in ffjpeg
Divide-by-Zero Error in jfif_decode Function of ffjpeg
Credential Exposure in Humax Wireless Voice Gateway HGB10R-2 Backup File
Out-of-bounds Write Vulnerability in ih264d_fmt_conv_420sp_to_420p of ih264d_format_conv.c
Clear-text Transmission of Admin Credentials in Humax Wireless Voice Gateway HGB10R-2
Mitel SIP-DECT Wireless Devices Encryption Key Vulnerability: Enabling Man-in-the-Middle Attacks
Directory Traversal Vulnerability in IXP EasyInstall 6.2.13723 Allows Unauthenticated Remote Filesystem Access
IXP EasyInstall 6.2.13723 Vulnerability: Unauthorized UAC Disabling via Agent Service
Lateral Movement Vulnerability in IXP EasyInstall 6.2.13723
Remote Code Execution via Weak Permissions on IXP EasyInstall 6.2.13723 Engine Service Share
Remote Code Execution via Agent Service in IXP EasyInstall 6.2.13723
Cleartext Credentials Vulnerability in IXP EasyInstall 6.2.13723
Vulnerability: Bypassing Protection Mechanism in Pebble Templates 3.1.2
Out-of-bounds Write Vulnerability in ihevcd_fmt_conv_420sp_to_420p of ihevcd_fmt_conv.c
Cross-Site Scripting (XSS) Vulnerability in Backdrop CMS
Cross-Site Scripting (XSS) Vulnerability in Backdrop CMS
Arbitrary Code Execution via Configuration Archive Upload in Backdrop CMS
Cross-Site Scripting (XSS) Vulnerability in Backdrop CMS 1.14.x
Buffer Overflow Vulnerability in NetHack 3.6.x Allows Arbitrary Code Execution
Out-of-Bounds Write Vulnerability in Cyrus SASL 2.1.27 Leading to Remote Denial-of-Service in OpenLDAP
Out-of-Bounds Access Vulnerability in HrAddFBBlock Function in Kopano Groupware Core
Reflected XSS Vulnerability in phpMyChat-Plus 1.98 via Password Reset URL
Code Injection Vulnerability in PKP pkp-lib
Buffer overflow vulnerability in btif_dm_data_copy of btif_core.cc allows for remote code execution on Android devices
XSS and IP Address Disclosure Vulnerability in MinervaNeue Skin in MediaWiki
Pillow DoS Vulnerability: Integer Overflow in FpxImagePlugin.py
Cross-Site Scripting (XSS) Vulnerability in Intland codeBeamer ALM 9.5 and Earlier: Upload Flash File Feature
Stored XSS Vulnerability in Intland codeBeamer ALM 9.5 and Earlier via Trackers Title Parameter
Vulnerability: Unauthenticated Remote Code Execution and Cross-Site Scripting (XSS) in 301 Redirects - Easy Redirect Manager Plugin
CSP Bypass Vulnerability in Midori Browser 0.5.11
Buffer Overflow Vulnerability in Lout 3.40's StringQuotedWord() Function
Heap-Based Buffer Overflow in Lout 3.40's srcnext() Function in z02.c
Handlebars Prototype Pollution leading to Remote Code Execution
Race condition vulnerability in bta_hl_sdp_query_results of bta_hl_main.cc allows for use-after-free and potential remote code execution in Android
Arbitrary Code Execution in sa-exim 4.2.1 via .cf File or Rule
Incorrect Access Control in runc 1.0.0-rc9 Allows Privilege Escalation via libcontainer/rootfs_linux.go
Denial of Service Vulnerability in Linux Kernel's CPU Scheduling Algorithm
NULL Pointer Dereference in SQLite 3.30.1 SELECT DISTINCT with LEFT JOIN and View
SQLite 3.30.1 Parser-Tree Rewriting Vulnerability
NULL Pathname Mishandling in zipfileUpdate Function in SQLite 3.30.1
Incomplete Fix for MultiSelect Parsing Errors in SQLite 3.30.1
Slab-out-of-bounds Read Access Vulnerability in Linux Kernel 5.0.0-rc7
Untrusted Search Path Vulnerability in Malwarebytes AdwCleaner before 8.0.1 Allows Arbitrary Code Execution
Integer Overflow Vulnerability in register_app of btif_hd.cc
Integer Signedness Error in MmsValue_newOctetString Function in libIEC61850 1.4.0
Heap-Based Buffer Overflow in libIEC61850 1.4.0's MmsValue_decodeMmsData Function
Cross-Site Scripting (XSS) Vulnerability in Froala Editor before 3.2.3
Unrestricted System and Repository Imports in JFrog Artifactory
Insecure Default Value in DevelopmentTiles.java Allows Unauthorized Access to Development Settings
Command Injection Vulnerability in Swisscom Centro Grande (before 6.16.12)
Remote Code Execution via DNS Injection in Swisscom Centro Grande Router
DNS Spoofing Vulnerability in Swisscom Centro Grande and Centro Business
Remote Unauthenticated Heap Memory Corruption in Pablo Quick 'n Easy Web Server 3.3.8
Out-of-Bounds Read Vulnerability in libIEC61850 1.4.0's BerDecoder_decodeUint32 Function
Integer Signedness Error in uhttpd: Out-of-Bounds Heap Buffer Access and Crash
Unauthorized Access to Project Content in Dradis Pro 3.4.1 API
Uninitialized Memory Information Leak in Linux Kernel USB Driver (CID-da2311a6385c)
Heap-Based Buffer Overflow in WriteSGIImage Function of ImageMagick 7.0.8-43 Q16
Heap-based Buffer Over-read Vulnerability in ImageMagick 7.0.8-43 Q16's WritePNGImage Function
Silent File Attachment Vulnerability in ComposeActivityEmail
Use-after-free vulnerability in GraphicsMagick 1.4 snapshot-20190403 Q8
Heap-Based Buffer Overflow in ImportRLEPixels of GraphicsMagick 1.4 snapshot-20190423 Q8
Use-after-free vulnerability in ImageMagick 7.0.9-7 Q16: MngInfoDiscardObject function in coders/png.c
Heap-Based Buffer Over-Read Vulnerability in GraphicsMagick 1.4 snapshot-20191208 Q8
Privilege Escalation Vulnerability in Signal Desktop on Windows
Memory Leak in xmlParseBalancedChunkMemoryRecover in libxml2 parser.c
Out-of-Bounds Read Vulnerability in libIEC61850 1.4.0's getNumberOfElements Function
Integer Signedness Issue in StringUtils_createStringFromBuffer in libIEC61850 1.4.0
Memory Management Error in SQLite 3.30.1 with Embedded Null Characters in Filenames
Out-of-bounds Read Vulnerability in avrc_pars_browse_rsp of avrc_pars_ct.cc
Side-channel vulnerability in wc_ecc_mulmod_ex in wolfSSL before 4.3.0
Fault Injection Vulnerability in RSA Cryptography in wolfSSL before 4.3.0
Side-Channel Attack Vulnerability in DSA Signing Algorithm of wolfSSL
Authentication Bypass Vulnerability in NETGEAR GS728TPS Devices
NULL Pointer Dereference Vulnerability in Linux Kernel SCSI Driver
Use-after-free vulnerability in cpia2_exit() in Linux kernel before 5.1.6
Cleartext Password Vulnerability in Connect Box EuroDOCSIS 3.0 Voice Gateway CH7465LG-NCIP-6.12.18.25-2p6-NOSH Devices
Multiple XSS Vulnerabilities in PandoraFMS 742
Insecure Default Value in random_get_bytes of random.c
Stack-based Buffer Over-read in libESMTP through 1.0.6
WP Maintenance Plugin 5.0.6 CSRF and XSS Vulnerability
Resource Exhaustion Vulnerability in Android Keymaster App
Privilege Bypass Vulnerability in Email Subscribers & Newsletters WordPress Plugin
CSRF Vulnerability in Email Subscribers & Newsletters WordPress Plugin
Unauthenticated Option Creation Vulnerability in Email Subscribers & Newsletters WordPress Plugin
Path Disclosure Vulnerability in Fast Velocity Minify WordPress Plugin
Vulnerability: Privilege Escalation in Email Subscribers & Newsletters WordPress Plugin
Unauthenticated File Download and User Information Disclosure Vulnerability in Email Subscribers & Newsletters WordPress Plugin
SQL Injection in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29
Cross-Site Request Forgery (CSRF) Vulnerability in Selesta Visual Access Manager (VAM) 4.15.0 - 4.29
Arbitrary File Creation and Write Vulnerability in Selesta Visual Access Manager (VAM)
Unauthenticated Access to Files in Selesta Visual Access Manager (VAM)
Double Free Vulnerability in binder_alloc_free_page of Android Kernel (CVE-2021-12345)
Multiple Stored Cross-site Scripting (XSS) Vulnerabilities in Selesta Visual Access Manager (VAM) 4.15.0 - 4.29
Multiple Reflected Cross-site Scripting (XSS) Vulnerabilities in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29
XML File Disclosure Vulnerability in Selesta Visual Access Manager (VAM)
Full Path Disclosure Vulnerability in Selesta Visual Access Manager (VAM) 4.15.0 - 4.29
Blind Command Injection in Selesta Visual Access Manager (VAM) 4.15.0 through 4.29
CSRF Vulnerability in Intelbras IWR 3000N 1.8.7 Devices Allows Complete Router Control
Denial of Service Vulnerability in Intelbras IWR 3000N 1.8.7 Devices
XXE Vulnerability in Xiuno BBS 4.0 via plugin/xn_wechat_public/route/token.php
Server Side Template Injection (SSTI) vulnerability in Halo before 1.2.0-beta.1 due to insecure FreeMarker configuration
Use-after-free vulnerability in binder.c allows for local privilege escalation in Android kernel
TOCTOU Vulnerability in BullGuard Premium Protection 20.0.371.8 Allows Privileged File Deletion via Symbolic Link Attack
Local Privilege Escalation Vulnerability in RICOH Streamline NX Client Tool and RICOH Streamline NX PC Client
SolarWinds WebHelpDesk 12.7.1 Formula Injection Vulnerability in TicketActions/view?tab=group TSV Export
Stored XSS Vulnerability in Feldtech easescreen Crystal 9.0 Web-Services 9.0.1.16265 via Debug-Log and Display-Log Components
Vulnerability: Unauthorized Administrative Access on Intelbras IWR 3000N 1.8.7 Devices
Heap-based Buffer Over-read in ezXML's ezxml_decode Function
Segmentation Fault Vulnerability in ezXML
NULL Pointer Dereference and Crash in ezXML
Stored XSS Vulnerability in Archery 1.3 and Earlier Versions
Excessive Memory Allocation Vulnerability in GNU LibreDWG
World-readable permissions on /proc/iomem in Android kernel - Local Information Disclosure Vulnerability
Use-after-free vulnerability in GNU LibreDWG 0.92: resolve_objectref_vector in decode.c
Heap-Based Buffer Over-read in GNU LibreDWG 0.92's decode_R13_R2000 Function
Excessive Memory Allocation Vulnerability in GNU LibreDWG 0.92
Excessive Memory Allocation Vulnerability in GNU LibreDWG
Double-Free Vulnerability in GNU LibreDWG
Excessive Memory Allocation Vulnerability in GNU LibreDWG 0.92
Stack Consumption Vulnerability in libmysofa
Stack-Based Buffer Over-read in Mat_VarReadNextInfo5 in Matio 1.5.17
Stack-Based Buffer Over-read in ReadNextCell in Matio 1.5.17
Memory Allocation Vulnerability in Mat_VarRead5
Stack-Based Buffer Over-Read Vulnerability in matio 1.5.17
Heap-Based Buffer Over-Read Vulnerability in UPX 3.95 via Crafted Mach-O File
Invalid Memory Address Dereference in libsixel's load_pnm Function
Memory Leak in image_buffer_resize in libsixel 1.8.4
Heap-Based Buffer Overflow in libsixel's image_buffer_resize() Function
Static Credential Vulnerability in NEC SV9100 Software
Unauthenticated Remote Password Reset Vulnerability in NEC SV9100 Software
Blank Username and Password Vulnerability in Aspire-derived NEC PBXes
Unauthenticated Read-Only Access Vulnerability in NEC PBXes with InMail Software
Privilege Escalation Vulnerability in Aspire-derived NEC PBXes
Potential Phishing Vector Exploiting addLinks in Linkify.java
Vulnerability: Unauthorized Access to NEC UM8000 Voicemail System via Modem Access Number
Vulnerability: Brute Force Attack on NEC UM8000 and UM4730 Voicemail Systems
Vulnerability: Unauthorized Access to Administration Modem in Aspire-derived NEC PBXes
Static Login Credentials Vulnerability in NEC PBXes
Uninitialized Data Vulnerability in InputTransport.cpp Allows Local Information Disclosure
Bypassing Input Sanitization in WordPress wp_kses_bad_protocol Vulnerability
Stored Cross-Site Scripting (XSS) Vulnerability in WordPress 3.7 to 5.3.0
Authenticated Users Can Bypass Post Publishing Restrictions via REST API in WordPress 3.7 to 5.3.0
Privilege Escalation in Zsh via MODULE_PATH and zmodload
Vulnerability in HUSKY RTU 6049-E70 Firmware Versions 5.0 and Prior: Disconnection and Reboot Exploit
Authentication Bypass Vulnerability in HUSKY RTU 6049-E70 Firmware Versions 5.0 and Prior
Vulnerability: Unauthorized Access to Administrative LDAP Credentials in Alcatel-Lucent OmniVista 4760 and 8770 Devices
Remote Code Execution Vulnerability in Alcatel-Lucent OmniVista 8770 Devices
Remote Code Execution Vulnerability in Alcatel-Lucent OmniVista 4760 Devices
Possible Local Escalation of Privilege Vulnerability in GrantPermissionsActivity.java
Remote Code Execution Vulnerability in Pandora FMS ≤ 7.42 via Tricky Folder Name and Disabled php-fileinfo Extension
Floating-Point Exception Vulnerability in UPX 3.95
Memory Leak in Mat_VarCalloc in Matio 1.5.17 Due to SafeMulDims Rank==0 Case Vulnerability
Invalid Memory Address Dereference in canUnpack Function in UPX 3.95 via Crafted Mach-O File
NULL pointer dereference vulnerability in drop_sysctl_table() in fs/proc/proc_sysctl.c
SSRF Vulnerability in LuquidPixels LiquiFire OS 4.8.0 via call%3Durl Substring
Assertion Failure in stbi__shiftsigned in stb_image.h (Version 2.23)
Privileged Helper Tool in Proxyman for macOS 1.11.0 and earlier: System Proxy Manipulation and MITM Vulnerability
XSS Vulnerability in Bolt 3.7.0 with Symfony Web Profiler
SQL Injection in MFScripts YetiShare 3.5.2 through 4.5.4 via sSortDir_0 parameter in *_manage.ajax.php
Use-after-free vulnerability in HalDeathHandlerHidl.cpp allows for local privilege escalation in Android audio server
Sensitive Information Leakage in MFScripts YetiShare v3.5.2 - v4.5.4 via Referer Header
Cleartext Password Leakage in MFScripts YetiShare User-Introduction Email
Password Reset Vulnerability in MFScripts YetiShare v3.5.2 through v4.5.4
Uninitialized Memory Use in libmysofa before 0.8
Integer Overflow Vulnerability in FifoControllerBase.cpp Could Lead to Local Privilege Escalation
Cross-Site Scripting (XSS) Vulnerability in Netis DL4323 Devices via urlFQDN Parameter
CSRF Vulnerability: Log Deletion on Netis DL4323 Devices
XSS Vulnerability in Netis DL4323 Devices via form2Ddns.cgi Hostname Parameter
Cross-Site Scripting (XSS) Vulnerability in Netis DL4323 Devices via form2userconfig.cgi
Sensitive Information Exposure on Netis DL4323 Devices via form2saveConf.cgi
XSS Vulnerability in Netis DL4323 Ping6 Diagnostic
Cross-Site Scripting (XSS) Vulnerability in Netis DL4323 Devices via form2Ddns.cgi Username Parameter
CSRF Vulnerability in Typesetter CMS 5.1 Logout Functionality
Autocmd Feature in Vim Allows Access to Freed Memory
Race condition vulnerability in createEffect of AudioFlinger.cpp allows for local privilege escalation (Android ID: A-122309228)
Buffer Overflow Vulnerability in ASUS RT-N53 3.0.0.4.376.3754 Devices via Advanced_LAN_Content.asp
TVT NVMS-1000 Directory Traversal Vulnerability
Heap-Based Buffer Over-Read Vulnerability in GoPro GPMF-parser 1.2.3
Heap-Based Buffer Over-read Vulnerability in GoPro GPMF-parser 1.2.3
Heap-Based Buffer Over-Read Vulnerability in GoPro GPMF-parser 1.2.3
Heap-Based Buffer Over-read in GoPro GPMF-parser 1.2.3
Out of Bounds Write Vulnerability in l2c_lcc_proc_pdu of l2c_fcr.cc
Use-after-free vulnerability in Bento4 1.5.1.0: AP4_Sample::GetOffset in Core/Ap4Sample.h
NULL Pointer Dereference in Bento4 1.5.1.0: AP4_Descriptor::GetTag Vulnerability
NULL Pointer Dereference in Bento4 1.5.1.0: AP4_Descriptor::GetTag Vulnerability
NULL Pointer Dereference Vulnerability in PoDoFo PDF Library
Heap-based Buffer Overflow in libsixel's gif_init_frame Function
Memory Leak and Denial of Service Vulnerability in mwifiex_tm_cmd in Linux Kernel
Memory Leak in __feat_register_sp() in Linux Kernel (CVE-2020-XXXX)
Remote Code Execution Vulnerability in Bitbucket Server and Bitbucket Data Center via post-receive hook
Cross-Site Request Forgery (CSRF) Vulnerability in Atlassian Jira Server and Data Center before 8.7.0
CSRF Vulnerability in VerifyPopServerConnection!add.jspa Component in Atlassian Jira Server and Data Center
Out-of-Bound Write Vulnerability in phNxpNciHal_process_ext_rsp of phNxpNciHal_ext.cc
Vulnerability: Cross-Site Request Forgery (CSRF) in Atlassian Application Links Plugin
Broken Access Control vulnerability in Atlassian Jira Server and Data Center allows unauthorized access to whitelist rules
Stored Cross-Site Scripting (SXSS) Vulnerability in Atlassian Confluence Server
XML Entity Expansion Vulnerability in Atlassian Crowd
Improper Access Control Vulnerability in Atlassian Application Links Plugin
Broken Access Control Vulnerability in Atlassian Jira Server and Data Center
Multiple SQL Injection Vulnerabilities in TestLink
Out-of-bounds Write Vulnerability in readNullableNativeHandleNoDup of Parcel.cpp
Out-of-Bound Write Vulnerability in rw_t3t_act_handle_fmt_rsp of Android
Out-of-Bound Write Vulnerability in rw_t3t_act_handle_sro_rsp of rw_t3t.cc
Weak Password Hashing Vulnerability in Nim's HTTP Authentication Library
Cross-Site Scripting (XSS) Vulnerability in Nagios XI 5.6.9 Allows Attack on Admin User
Out-of-Bound Write Vulnerability in rw_t3t_handle_get_sc_poll_rsp of rw_t3t.cc
Heap-based Buffer Overflow in libsixel's gif_out_code Function
XSS Vulnerability in Laborator Neon Theme 2.0 for WordPress
GitLab Community Edition and Enterprise Edition Denial of Service Vulnerability
Incorrect Access Control Vulnerability in GitLab Community Edition (CE) and Enterprise Edition (EE) 12.6
Incorrect Access Control Vulnerability in GitLab Community Edition (CE) and Enterprise Edition (EE) 10.8 through 12.6.1
Incorrect Access Control Vulnerability in GitLab Community Edition (CE) and Enterprise Edition (EE) 11.4 through 12.6.1
Uncontrolled Resource Consumption Vulnerability in GitLab Community Edition (CE) and Enterprise Edition (EE) 11.0 through 12.6
Incorrect Access Control Vulnerability in GitLab Community Edition (CE) and Enterprise Edition (EE) 9.1 through 12.6.1
Incorrect Access Control Vulnerability in GitLab Community Edition (CE) and Enterprise Edition (EE) 8.13 through 12.6.1
Prototype Pollution Vulnerability in kind-of v6.0.2
Out-of-Bound Write Vulnerability in rw_t3t_act_handle_check_rsp of Android
Exposed SSH/SFTP Credentials Vulnerability in TreasuryXpress 19191105
Cross-Site Scripting (XSS) Vulnerability in TreasuryXpress 19191105
XSS Vulnerability in TreasuryXpress 19191105: Execution of Malicious JavaScript via Custom Workflow Component
XML External Entity (XXE) Vulnerability in Determine Contract Lifecycle Management (CLM) v5.4 Allows Unauthorized File Reading
Cross-Site Scripting (XSS) Vulnerability in Determine Contract Lifecycle Management (CLM) v5.4
Arbitrary Code Execution Vulnerability in Determine Contract Lifecycle Management (CLM) v5.4
Memory Leak in dinf_New() in GPAC
Out-of-Bound Write Vulnerability in NFA_SendRawFrame of nfa_dm_api.cc
Stack-based Buffer Overflow in av1_parse_tile_group() Function
Heap-based Buffer Overflow in ReadGF_IPMPX_WatermarkingInit() Function
Heap-based Buffer Overflow in gf_isom_box_parse_ex() Function
NULL Pointer Dereference in gf_odf_avc_cfg_write_bs() Function
NULL Pointer Dereference in gf_isom_box_del() Function
NULL Pointer Dereference in ilst_item_Read() Function
NULL Pointer Dereference in gf_isom_dump() Function
NULL Pointer Dereference in senc_Parse() Function
Use-after-free vulnerability in GPAC's gf_isom_box_dump_ex() function in isomedia/box_funcs.c
Use-after-free vulnerability in GPAC's trak_Read() function in isomedia/box_code_base.c
Out-of-Bound Write Vulnerability in rw_t2t_handle_tlv_detect_rsp of rw_t2t_ndef.cc
Invalid Pointer Dereference in GF_IPMPX_AUTH_Delete() Function
Memory leaks in metx_New and abst_Read functions in GPAC version 0.8.0 and 0.9.0-development-20191109
Kernel Stack Return Address Overwrite Vulnerability
Cross-Site Scripting (XSS) Vulnerability in Auth0 wp-auth0 Plugin for WordPress
XSS Vulnerability in Auth0 Lock before 11.21.0 with untrusted placeholder in additionalSignUpFields
QEMU SCSI_IOCTL_SEND_COMMAND Crash Vulnerability
Stack Exhaustion Vulnerability in Pure-FTPd 1.0.49's listdir Function
CSRF Vulnerability in Advisto PEEL Shopping 9.2.1 Allows Unauthorized User Deletion
SQL Injection Vulnerability in SOPlanning 1.45 via user_list.php by Parameter
Bypass of Password Reset Protection in DevicePolicyManagerService
TablePress Plugin 1.9.2 for WordPress: Editor CSV Injection Vulnerability
XSS Vulnerability in awesome-support Plugin 5.8.0 for WordPress via post_title Parameter
XSS Vulnerability in FooGallery Plugin 1.8.12 for WordPress via post_title Parameter
Arbitrary PHP Code Execution Vulnerability in Employee Records System 1.0
CSV Injection Vulnerability in KeePass 2.4.1 Title Field
Out-of-Bound Read Vulnerability in ce_t4t_data_cback of ce_t4t.cc
Critical XXE Vulnerability in Oxygen XML Editor 21.1.1 Allows Unauthorized File Access
Arbitrary OS Command Execution Vulnerability in Nagios XI 5.6.9
Stack Consumption Vulnerability in ezXML
NULL Pointer Dereference in ezXML's ezxml_decode Function
Out-of-Bound Read Vulnerability in llcp_dlc_proc_rr_rnr_pdu of Android
Heap-based Buffer Over-read in ezXML's normalize line endings feature
Infinite Loop Vulnerability in ezXML XML Parsing Functions
Invalid Free and Segmentation Fault in ezXML 0.8.3-0.8.6
Postie Plugin 1.9.40 for WordPress - Remote Post Publication Vulnerability
Cross-Site Scripting (XSS) Vulnerability in Postie Plugin 1.9.40 for WordPress
Integer Overflow in sixel_frame_resize in libsixel 1.8.4
Stack-Based Buffer Overflow in dimC_Read in GPAC 0.8.0
Insecure Direct Object Reference (IDOR) Vulnerability in CTHthemes CityBook, TownHub, and EasyBook WordPress Themes
Out-of-Bound Read Vulnerability in rw_t3t_act_handle_ndef_detect_rsp of Android
Reflected XSS Vulnerability in CTHthemes CityBook, TownHub, and EasyBook WordPress Themes
Persistent XSS Vulnerability in CTHthemes CityBook, TownHub, and EasyBook WordPress Themes
Persistent XSS Vulnerability in CTHthemes CityBook, TownHub, and EasyBook WordPress Themes
Unauthenticated Information Disclosure in D-Link DIR-859 Routers via AUTHORIZED_GROUP Parameter
Arbitrary OS Command Execution in D-Link DIR-859 1.05 and 1.06B01 Beta01 Devices
Arbitrary OS Command Execution in D-Link DIR-859 1.05 and 1.06B01 Beta01 Devices
Arbitrary OS Command Execution in D-Link DIR-859 Devices
SQLite 3.30.1 SELECT Statement Parsing Error Handling Vulnerability
Heap-Based Buffer Over-Read Vulnerability in ngiflib 0.4's GifIndexToTrueColor Function
Out-of-Bound Read Vulnerability in rw_t3t_act_handle_fmt_rsp and rw_t3t_act_handle_sro_rsp of rw_t3t.cc
XSS Vulnerability in SiT! 3.67 search_incidents_advanced.php
XSS Vulnerability in Support Incident Tracker (SiT!) 3.67
XSS Vulnerability in SiT! 3.67 Config.php Page
XSS Vulnerability in Support Incident Tracker (SiT!) 3.67
Arbitrary OS Command Execution in Pandora FMS 7.0NG via netflow_get_stats Vulnerability
Open Redirect Vulnerability in MyBB Login
Insecure Permissions Check in ServiceManager::add Function Allows Privilege Escalation
Possible Use After Free Vulnerability in em28xx_unregister_dvb of em28xx-dvb.c
Use-after-free vulnerability in binder_thread_read in binder.c allows local attackers to escalate privileges in the Android kernel.
Missing Permission Check in updateAssistMenuItems of Editor.java Allows Escape from Setup Wizard and Local Privilege Escalation
Out of Bounds Write Vulnerability in Android (A-119120561)
NEON Register Preservation Vulnerability in libmpeg2
Use-after-free vulnerability in btm_proc_smp_cback of tm_ble.cc allows remote code execution in Android
Possible Use After Free Vulnerability in removeInterfaceAddress of NetworkController.cpp in Android
Out-of-Bound Write Vulnerability in rw_t3t_act_handle_check_ndef_rsp of Android
Out-of-Bound Write Vulnerability in SetScanResponseData of ble_advertiser_hci_interface.cc
Heap-based Buffer Overflow in _cairo_image_surface_create_from_jpeg() in gThumb and Pix
Privilege Escalation Vulnerability in Centreon Infrastructure Monitoring Software
OpenLambda 2019-09-10: DNS Rebinding Vulnerability in REST API on TCP Port 5000
Use-after-free vulnerability in create_hdr of dnssd_clientstub.c in Android allows local attackers to escalate privileges via crafted input.
Jackson-databind Vulnerability: Lack of net.sf.ehcache Blocking
Stack Consumption Vulnerability in NASM 2.14.02's expr# Functions
XSS Vulnerability in PHP Scripts Mall Advanced Real Estate Script 4.0.9
SQL Injection Vulnerability in PHP Scripts Mall Advanced Real Estate Script 4.0.9
Integer Overflow leading to Out-of-Bounds Write in rw_i93_sm_read_ndef of rw_i93.cc
Arbitrary Code Execution Vulnerability in MojoHaus Exec Maven Plugin 1.1.1
Root Terminal Access Vulnerability on OKER G232V1 v1.03.02.20161129 Devices
Out-of-Bound Write Vulnerability in rw_i93_sm_update_ndef of Android
Heap-Based Buffer Over-Read Vulnerability in NASM 2.15rc0
Arbitrary File Download Vulnerability in piSignage Player API
Persistent Arbitrary Code Execution Vulnerability in Trend Micro Security 2020 and 2019 Consumer Products
Vulnerability in Trend Micro Anti-Threat Toolkit (ATTK) Allows Arbitrary Remote Code Execution
Possible Permission Bypass in okToConnect Method of HidHostService.java
Unauthenticated Access to Personally Identifiable User Information in Give WordPress Plugin
Blind SQL Injection Vulnerability in Email Subscribers & Newsletters Plugin
Unquoted Service Path Vulnerability in Teradici PCoIP Agent and Client
XSS Vulnerability in Ignite Realtime Openfire 4.4.4 via Alias to Manage Store Contents
XSS Vulnerability in Ignite Realtime Openfire 4.4.4 via cacheName in SystemCacheDetails.jsp
XSS Vulnerability in Ignite Realtime Openfire 4.4.4 via Users/Group Search
XSS Vulnerability in Ignite Realtime Openfire 4.4.4: Exploiting isTrustStore to Manage Store Contents
Out-of-Bounds Read Vulnerability in nlist.c
Out-of-Bound Read Vulnerability in l2c_utils.cc of Android
HTTP Request Smuggling Vulnerability in NGINX
Vulnerability: Root Access Exploit in LTSP LDM
Remote Code Execution via Mutation XSS in Typora
Cross-Site Scripting (XSS) Vulnerability in Electronic Logbook (ELOG) 3.1.4
Cross-Site Scripting (XSS) Vulnerability in ELOG 3.1.4 via Crafted SVG Document
XSS Vulnerability in TopList before 2019-09-03: Exploiting the Title Field
Cross-Site Scripting (XSS) Vulnerability in Ganglia Web Frontend (ganglia-web) 3.7.5 via header.php ce Parameter
Cross-Site Scripting (XSS) Vulnerability in Ganglia Web Frontend (ganglia-web) 3.7.5 via header.php cs Parameter
Out-of-Bound Read Vulnerability in rw_i93_process_sys_info of Android
Incomplete Fix for XSS Vulnerability in TestLink before 1.9.20
Memory Leak in QEMU 4.1.0 during VNC Disconnect Operation
Privilege Escalation via File Manipulation in ABBYY FineReader 15 Network License Server
Local Privilege Escalation Vulnerability in Gentoo Portage
Arbitrary PHP Code Execution via CSV Upload in Logaritmo Aware CallManager 2012
Memory Leak in systemd's button_open Function
Heap-based Buffer Over-read in repodata_schema2id in libsolv
Memory Leak in xmlSchemaValidateStream in libxml2 2.9.10
Reflected Cross-Site Scripting (XSS) Vulnerability in Subrion CMS 4.2.1
Out-of-Bound Read Vulnerability in rw_i93_sm_detect_ndef of Android
Subrion CMS 4.2.1 CSRF Vulnerability Allows Unauthorized File Deletion
Invalid Memory Access Vulnerability in libyang resolve_feature_value() Function
Invalid Memory Access Vulnerability in libyang resolve_feature_value() Function
Double-Free Vulnerability in libyang's yyparse() Function
Double-Free Vulnerability in libyang's yyparse() Function
Stack Consumption Vulnerability in libyang before v1.0-r1
Segmentation Fault Vulnerability in libyang's yyparse Function
Double-Free Vulnerability in libyang's yyparse() Function
NULL Pointer Dereference Vulnerability in libyang's lys_extension_instances_free() Function
Timing Vulnerability in Scalar::check_overflow Function in Parity libsecp256k1-rs
Out-of-Bound Read Vulnerability in rw_i93_process_ext_sys_info of Android-9 (A-122316913)
DLL Hijacking Vulnerability in Tomcat Used by Jira (CVE-XXXX)
CSRF Vulnerability in Jira Installation Setup Resources
Improper Authorization Vulnerability Allows Unauthorized Download of Support Zip Files in Atlassian Jira Server and Data Center
Jira Server and Data Center Information Disclosure Vulnerability
Improper Authorization Vulnerability in Atlassian Jira Server and Data Center Allows Unauthorized Access to Project Titles
JMX Monitoring Flag CSRF Vulnerability in Atlassian Jira Server and Data Center
DLL Hijacking Vulnerability in Tomcat for Confluence on Windows
Unauthenticated Remote Attackers Can View Release Version Information in Jira Software and Jira Software Data Center
Server Side Request Forgery (SSRF) vulnerability in Jira before version 8.7.0 allows unauthorized access to internal network resources via the /plugins/servlet/gadgets/makeRequest resource.
Server Side Template Injection Vulnerability in Atlassian Jira Server and Data Center (CVE-2021-26084)
Insecure Default Value in NFC Module Configuration on Android Devices
Information Disclosure Vulnerability in Atlassian Jira Server and Data Center's Comment Restriction Feature
CSRF Vulnerability in Atlassian Jira Server and Data Center Allows Unauthorized Modification of Wallboard Settings
Improper Authentication Vulnerability in Atlassian Jira Server and Data Center Allows Information Enumeration
Denial of Service (DoS) Vulnerability in Atlassian Jira Server and Data Center
Cross-Site Scripting (XSS) Vulnerability in Atlassian Jira Server and Data Center's Issue Navigator Basic Search
CSRF Vulnerability in Atlassian Jira Server and Data Center Allows Unauthorized Modification of Logging and Profiling Settings
Cross-Site Scripting (XSS) Vulnerability in Atlassian Jira Server and Data Center Project Configuration (CVE-2020-14179)
Application Denial of Service Vulnerability in Atlassian Jira Server and Data Center (CVE-2021-26084)
DLL Hijacking Vulnerability in Atlassian Jira Server and Data Center
Denial of Service Vulnerability in Exiv2 0.27.2 via Infinite Loop in Jp2Image::readMetadata()
Vulnerability: Mishandling of RT6_LOOKUP_F_DST_NOREF Flag in fib6_rule_lookup in Linux Kernel
Buffer Overflow and Panic in Lustre File System: Integer Signedness Error in target_handle_connect()
NULL Pointer Dereference and Panic in Lustre File System: Lack of Validation in mdt_object_remote
Out-of-Bounds Access and Panic in Lustre File System: Lack of Validation in ptlrpc Module
Out-of-Bounds Access and Panic in Lustre File System: Lack of Validation in ptlrpc Module
Buffer Overflow and Remote Code Execution Vulnerability in Lustre File System
Out-of-Bounds Read and Panic in Lustre File System: Lack of Validation in ptlrpc Module
Out-of-Bounds Read and Panic Vulnerability in Lustre File System
Possible Privilege Escalation via Overlay Attack in SmsDefaultDialog.onStart
Lustre File System MDT Module LBUG Panic Vulnerability
Out-of-bounds Access and Lack of Validation in Lustre File System
Out-of-Bounds Access and Panic in Lustre File System (CVE-XXXX-XXXX)
Buffer Over-read Vulnerability in GNU Aspell
Reflected XSS Vulnerability in WSO2 API Manager 2.6.0 Datasource Creation Page
Reflected XSS Vulnerability in WSO2 API Manager 2.6.0
XSS Vulnerability in WSO2 API Manager, WSO2 IS as Key Manager, and WSO2 Identity Server
XSS Vulnerability in WSO2 API Manager and Identity Server
Stored XSS Vulnerability in WSO2 API Manager 2.6.0 API Publisher Inline Documentation Editor
Reflected XSS Vulnerability in WSO2 API Manager 2.6.0
Out-of-bounds Write Vulnerability in G4VideoCodecSpecificData of APacketSource.cpp
Reflected XSS Vulnerability in WSO2 API Manager 2.6.0's Update API Documentation Feature
Stored Cross-Site Scripting (XSS) Vulnerability in WSO2 API Manager 2.6.0 API Publisher
Stored Cross-Site Scripting (XSS) Vulnerability in WSO2 Products
Stored Cross-Site Scripting (XSS) Vulnerability in WSO2 Products
HTTP Header Parsing Vulnerability in Netty
Multiple Content-Length Headers Vulnerability
Exponential Growth Denial of Service Vulnerability in GNOME librsvg
SQL Injection Vulnerability in Jobberbase 2.0 via PATH_INFO to jobs-in Endpoint
Out of Bounds Write Vulnerability in JSCallTyper of typer.cc
Remote Code Execution via RebootSystem.lnk in Prismview System and Prismview Player
PHP Object Injection Vulnerability in Pydio Core and Pydio Enterprise
PHP Object Injection Vulnerability in Pydio Core and Pydio Enterprise
PCRE Out-of-Bounds Read Vulnerability in JIT Compilation
SSL Certificate Validation Bypass in Heartland & Global Payments PHP SDK
Untrusted Search Path Vulnerability in Goverlan Reach Console, Server, and Client Agent
Integer Overflow Vulnerability in CalculateInstanceSizeForDerivedClass of objects.cc
Vulnerability: Denial of Service (DoS) via Crafted IP Traffic on Sannce Smart HD Wifi Security Camera
Unauthenticated Access to Video Feed on Sannce Smart HD Wifi Security Camera
Unauthenticated Remote Control of Sannce Smart HD Wifi Security Camera
Vulnerability: Weakly Hashed Root Password on Sannce Smart HD Wifi Security Camera
Default Backdoor Accounts on Sannce Smart HD Wifi Security Camera EAN 2 950004 595317 Devices
Unnecessary Permissions in SeTracker2 for TK-Star Q90 Junior GPS Horloge Devices
Type Confusion Vulnerability in UpdateLoadElement of ic.cc Allows Remote Code Execution in Android Proxy Auto-Config
Vulnerability: Unauthorized Voice Communication Channel Setup on TK-Star Q90 Junior GPS Horloge
Default Password Vulnerability on TK-Star Q90 Junior GPS Horloge 3.1042.9.8656 Devices
Vulnerability: Lack of SIM Card PIN Configuration on TK-Star Q90 Junior GPS Horloge
Authorization Bypass Vulnerability in Zoho ManageEngine Remote Access Plus 10.0.447
Insufficient Restrictions on PyYAML 5.1 through 5.1.2 Load Functions
Remote Code Execution in ruamel.yaml's load Method
Open Redirect Vulnerability in mod_auth_openidc
CSRF Vulnerability in MIELE XGW 3000 ZigBee Gateway before 2.4.0
Unauthenticated Password Change Vulnerability in MIELE XGW 3000 ZigBee Gateway
Cross-Site Scripting (XSS) Vulnerability in Viki Vera 4.9.1.26180
Unauthorized File Access in Viki Vera 4.9.1.26180
Denial of Service in libvirt's QEMU Driver due to Monitor Job Mishandling
Stored XSS Vulnerability in NETGEAR WNR1000V4 1.1.0.54 Web Management Console
Unauthenticated GET Request Vulnerability in NETGEAR WNR1000V4 1.1.0.54
Command Injection Vulnerability in NETGEAR WNR1000V4 1.1.0.54 Devices
Authentication Bypass and Remote Compromise Vulnerability in NETGEAR WNR1000V4 1.1.0.54
Use-after-free vulnerability in avrcp_service.cc allows for local privilege escalation in Android Bluetooth service
Authentication Bypass Vulnerability in cPanel (SEC-499)
Virtual Mail Account Bypass Vulnerability in cPanel (SEC-508)
Authentication Bypass Vulnerability in cPanel (SEC-516)
Self-XSS vulnerability in cPanel before 82.0.18 due to mishandled JSON string escaping (SEC-520)
Predictable Number Generation Vulnerability in cPanel (SEC-525)
Arbitrary Database Read Vulnerability in cPanel (SEC-531)
Arbitrary Chown Operations Vulnerability in cPanel (SEC-532)
Stored XSS Vulnerability in cPanel's WHM Backup Restoration (SEC-533)
WebDAV Authentication Bypass in cPanel (SEC-534)
Authenticated OS Command Injection Vulnerability in D-Link DWL-2600AP 4.2.0.15 Rev A Devices via Restore Configuration Functionality
Use-after-free vulnerability in tearDownClientInterface in WificondControl.java allows for local privilege escalation without additional execution privileges.
Authenticated OS Command Injection Vulnerability in D-Link DWL-2600AP 4.2.0.15 Rev A Devices via Save Configuration Functionality
Authenticated OS Command Injection Vulnerability in D-Link DWL-2600AP 4.2.0.15 Rev A Firmware Upgrade Functionality
Buffer Overflow Vulnerability in EFS Easy Chat Server 3.1 via long body2.ghp message parameter
Out-of-Bounds Reads in usrsctp's sctp_load_addresses_from_init (CVE-2019-XXXX)
Remote Code Execution in Quest KACE K1000 Systems Management Appliance
Out-of-bounds Read Vulnerability in spaces.h
ERPNext 11.1.47 Blog Category Frame Injection Vulnerability
Reflected XSS Vulnerability in Open edX Ironwood.1 Support/Certificates Course_ID Parameter
Reflected XSS vulnerability in Open edX Ironwood.1 support/certificates?user= parameter
Reflected XSS Vulnerability in ERPNext 11.1.47 via PATH_INFO
Reflected XSS Vulnerability in ERPNext 11.1.47 via PATH_INFO in addresses/ URI
Reflected XSS Vulnerability in ERPNext 11.1.47 via PATH_INFO in blog/ URI
Reflected XSS Vulnerability in ERPNext 11.1.47 via PATH_INFO in contact/ URI
Reflected XSS Vulnerability in ERPNext 11.1.47 via PATH_INFO
Reflected XSS Vulnerability in ERPNext 11.1.47 via PATH_INFO in user/ URI
Out-of-bounds Read Vulnerability in VisitPointers of heap.cc
Reflected XSS Vulnerability in ERPNext 11.1.47 via PATH_INFO
Reflected XSS Vulnerability in ERPNext 11.1.47 via api/ URI
XSS Vulnerability in ilchCMS 2.1.23 via index.php/partner/index Link Parameter
Cross-Site Scripting (XSS) Vulnerability in ilchCMS 2.1.23 via index.php/partner/index Name Parameter
XSS Vulnerability in ilchCMS 2.1.23 via index.php/partner/index Banner Parameter
XSS Vulnerability in Ignite Realtime Openfire 4.4.1 via setup-datasource-standard.jsp
XSS Vulnerability in Ignite Realtime Openfire 4.4.1 via setup-datasource-standard.jsp
XSS Vulnerability in Ignite Realtime Openfire 4.4.1 via setup-datasource-standard.jsp
XSS Vulnerability in Ignite Realtime Openfire 4.4.1 via setup-datasource-standard.jsp
Improper Access Control in Prepared Report File Storage
Out-of-bounds read vulnerability in wnm_parse_neighbor_report_elem of wnm_sta.c
Arbitrary Code Execution Vulnerability on Samsung Mobile Devices (SVE-2019-15266)
Out-of-Bounds Read Vulnerability in Samsung Mobile Devices with P(9.0) (Exynos Chipsets) Software
Unauthenticated Access to Developer Options on Samsung Mobile Devices (SVE-2019-15800)
S Secure App Vulnerability: Unauthorized Launch of Masked Apps
Samsung Mobile Devices Lock Screen Wallpaper Exposure Vulnerability
Bluetooth Connection Vulnerability on Samsung Mobile Devices
Vulnerability in Samsung Firewall Application's PermissionWhiteLists Protection Mechanism (SVE-2019-14299)
Arbitrary Memory Overwrite Vulnerability in Samsung Mobile Devices (SVE-2019-14651, SVE-2019-14666)
Heap Overflow Vulnerability in Samsung Knox_Kap Driver (SVE-2019-14857)
Out-of-Bounds Read Vulnerability in Samsung Mobile Devices with Broadcom Chipsets
Seccomp Bypass Vulnerability in Android Kernel
Buffer Over-read and Information Leak in Samsung Exynos Touch Screen Driver (SVE-2019-14942)
Stack Overflow Vulnerability in Samsung Wi-Fi Kernel Drivers on Exynos Chipsets
Samsung Mobile Devices Exynos Kernel Driver Stack Overflow Vulnerability (SVE-2019-15034)
Samsung Mobile Devices with P(9.0) Software Vulnerability: Bypassing Factory Reset Protection via SamsungPay Mini (SVE-2019-15090)
Out-of-Bounds Write Vulnerability in Samsung Exynos Chipsets (SVE-2019-15274)
Buffer Overflow Vulnerability in Samsung Exynos Chipsets' HDCP Trustlet
Denial-of-Service Vulnerability in Samsung Mobile Devices with Broadcom Wi-Fi Chipsets (SVE-2019-15350)
Bluetooth Debug Command Data Leakage Vulnerability
Buffer Overflow Vulnerability in Samsung Mobile Devices with P(9.0) Software
Heap Out-of-Bounds Access Vulnerability in Broadcom Bluetooth on Samsung Mobile Devices
Out of Bounds Write Vulnerability in libxaac Allows Remote Code Execution
S Secure App Bypass Vulnerability on Samsung Mobile Devices
Samsung Mobile Devices Factory Reset Protection Bypass via Class 0 Type Message (SVE-2019-14941)
Samsung Mobile Devices with P(9.0) Software Vulnerability: Bypassing Factory Reset Protection (FRP) via RCS Call (SVE-2019-15035)
Arbitrary Memory Read and Write Vulnerability in Samsung Mobile Devices (SVE-2019-15143)
Samsung Mobile Devices with O(8.x) Software: Factory Reset Protection Bypass via External Keyboard (SVE-2019-15164)
Gallery App Vulnerability: Unauthorized Access to Locked Device Pictures (SVE-2019-15189)
RKP Memory Corruption Vulnerability on Samsung Mobile Devices (SVE-2019-15221)
Samsung Mobile Devices Vulnerability: Factory Reset Protection Bypass via SIM Card Blocking
Buffer Overflow Vulnerability in Samsung Exynos Touch Screen Driver (SVE-2019-14990)
Lock Screen Photo Viewing Vulnerability on Samsung Mobile Devices
Improper Crypto Usage in Android-10 Allows for RAM Disclosure with Shared Key
Out of Bounds Write Vulnerability in Samsung BIOSUB Trustlet (SVE-2019-15261)
Integer Signedness Error in Samsung Mobile Devices with Exynos Chipsets (SVE-2019-15230)
Buffer Overflow Vulnerability in Samsung Mobile Devices with P(9.0) Software
Out of Bounds Write Vulnerability in Samsung SEC_FR Trustlet (SVE-2019-15272)
Vulnerability: Manipulation of IMEI on Samsung Mobile Devices (SVE-2019-15435)
Unauthenticated USB Configuration Change Vulnerability on Samsung Mobile Devices
Stack Corruption Vulnerability in Samsung Mobile Devices with SMP1300 Exynos Modem Chipsets
Samsung Mobile Devices Exynos Bootloader Code Execution Vulnerability
Race Condition Vulnerability in Samsung Mobile Devices (Exynos and Qualcomm Chipsets) Software (SVE-2019-15067)
Bypassing Factory Reset Protection (FRP) via Status Bar on Samsung Mobile Devices (SVE-2019-15089)
Bypassing Factory Reset Protection (FRP) via Smart Switch on Samsung Mobile Devices (SVE-2019-15138)
Type Confusion Vulnerability in Samsung WVDRM Trustlet (SVE-2019-14885)
Buffer Overflow Vulnerability in Samsung Mobile Devices with Exynos Chipsets (SVE-2019-14939)
Local SQL Injection Vulnerability in Samsung Mobile Devices (SVE-2019-14059, SVE-2019-14685)
Local SQL Injection in Samsung Wi-Fi History Content Provider (SVE-2019-14061)
Vulnerability in Samsung Mobile Devices: WPA3 Handshake Downgrade and Dictionary Attack
SQL Injection Vulnerability in Samsung Mobile Devices with P(9.0) Software
Samsung Exynos Chipsets: Kernel Panic Vulnerability (SVE-2019-14372)
Buffer Overflow Vulnerability in Samsung Mobile Devices with Exynos 9820 Chipsets
Lock Screen Location Information Sharing Vulnerability on Samsung Mobile Devices
Out of Bounds Read Vulnerability in libAACdec of Android-10 (A-136089102)
Motion Photo Player Vulnerability: Bypassing Secure Folder on Samsung Mobile Devices
Stack Overflow Vulnerability in Samsung Exynos Chipsets: SVE-2019-14665
Use After Free Vulnerability in Samsung Exynos9810 Chipsets (SVE-2019-14837)
Type Confusion Vulnerability in Samsung Mobile Devices with TEEGRIS Software (SVE-2019-14847)
Type Confusion Vulnerability in Samsung HDCP Trustlet Allows Arbitrary Code Execution
Type Confusion Vulnerability in Samsung SEC_FR Trustlet
Type Confusion Vulnerability in Samsung FINGERPRINT Trustlet (SVE-2019-14864)
Type Confusion Vulnerability in Samsung Mobile Devices with TEEGRIS Software (SVE-2019-14867)
Type Confusion Vulnerability in Samsung Mobile Devices with TEEGRIS Software (SVE-2019-14891)
Type Confusion Vulnerability in Samsung SKPM Trustlet (SVE-2019-14892)
Out of Bounds Write Vulnerability in libxaac Allows Remote Code Execution
Integer Underflow Vulnerability in Samsung Secure Storage Trustlet (SVE-2019-13952)
Local SQL Injection in Samsung Gear VR Service Content Provider (SVE-2019-14058)
Local SQL Injection in Samsung Story Video Editor Content Provider (SVE-2019-14062)
Gallery Leaks Private Mode Thumbnails on Samsung Mobile Devices (SVE-2019-14208)
Heap Overflow Vulnerability in Samsung Mobile Devices with Exynos Chipsets (SVE-2019-14371)
Unauthenticated Bluetooth Stack Control on Samsung Mobile Devices (SVE-2019-14545)
GateKeeper Trustlet Information Disclosure Vulnerability
SPENgesture Vulnerability: Unauthorized Access to User-Input Logs on Samsung Mobile Devices
Bixby Keyboard Data Leakage Vulnerability
Voice Assistant Notification Audibility Vulnerability
Out of Bounds Read Vulnerability in libxaac on Android-10 (A-112709994)
Use-after-free vulnerability in Samsung Exynos8890 chipsets (SVE-2019-13921-1)
RKP Memory Corruption Vulnerability on Samsung Mobile Devices
Samsung Mobile Devices with Qualcomm Chipsets: Authnr Trustlet NULL Pointer Dereference Vulnerability (SVE-2019-13949)
Samsung Mobile Devices ESECOMM Trustlet NULL Pointer Dereference Vulnerability
Samsung Mobile Devices Gallery Permanent Disabling Vulnerability
Heap Overflow Vulnerability in Samsung Mobile Devices with Exynos Chipsets
OMACP Phishing Vulnerability on Samsung Mobile Devices
Heap Overflow Vulnerability in Samsung Mobile Devices (SVE-2019-14126)
Emergency Mode Vulnerability on Samsung Mobile Devices
Smartwatch Exploit Allows Unauthorized Access to Secure Folder Notifications on Samsung Devices
Out of Bounds Write Vulnerability in libxaac Allows Remote Code Execution
Double-fetch vulnerability in Trustlet allows arbitrary TEE code execution on Samsung mobile devices
Samsung Mobile Devices Experiencing Baseband Stack Overflow Vulnerability (SVE-2019-13963)
Denial of Service Vulnerability in Samsung Mobile Devices with Broadcom and SEC Wi-Fi Chipsets
Time-based SQL Injection Vulnerability in Samsung Contacts (SVE-2018-13452)
Allshare Vulnerability: Unauthorized Access to Sensitive Information on Samsung Mobile Devices
Bypassing Factory Reset Protection (FRP) via SVoice T&C on Samsung Mobile Devices (SVE-2018-13547)
Gallery Thumbnail Leak in Samsung Mobile Devices
Secure Folder Data Leak Vulnerability on Samsung Mobile Devices
Unauthenticated Unpinning Vulnerability in Samsung Mobile Devices with P(9.0) Software
Secure Startup Keyboard Suggested Words Leak on Samsung Mobile Devices (SVE-2019-13773)
Out of Bounds Write Vulnerability in libxaac Allows Remote Code Execution
Unauthenticated Changes Vulnerability in Samsung Mobile Devices with P(9.0) Software
Samsung Mobile Devices Experiencing Baseband Heap Overflow Vulnerability (SVE-2018-13187)
Samsung Mobile Devices Experiencing Baseband Stack Overflow Vulnerability (SVE-2018-13188)
Uninitialized Memory Disclosure Vulnerability in Samsung Mobile Devices
S-Voice Keyboard Word Leak Vulnerability
Information Disclosure Vulnerability on Samsung Mobile Devices with Exynos Chipsets (SVE-2018-13427)
Vulnerability: Replay Attack Exploit in Honda HR-V 2017 Remote Keyless System
XXE Vulnerability in AutoUpdater.NET
Use-After-Free Vulnerability in GPAC's MP4Box Allows Denial of Service
Heap-based Buffer Over-read Vulnerability in GPAC
Out of Bounds Write Vulnerability in libxaac Allows Remote Code Execution
Heap-based Buffer Over-read Vulnerability in libgpac.a
Invalid Pointer Dereference in GPAC's libgpac.a: Denial of Service Vulnerability
Invalid Pointer Dereference in libgpac.a Can Cause Denial of Service
Double Free Vulnerability in GNU Patch through 2.7.6
Proofpoint Email Protection Vulnerability: Exploiting ML Classification Model for Crafting Malicious Emails
Arbitrary Code Execution and Java Class Loader Access Vulnerability in codeBeamer before 9.5.0-RC3
Out-of-Bounds Write Vulnerability in Linux Kernel's input.c (CID-cb222aed03d7)
Pointer Leakage Vulnerability in Varnish Cache
Administrative Credentials Disclosure in NETGEAR MR1100 Devices
Stored XSS Vulnerability in NETGEAR RBR50, RBS50, and RBK50 Devices
Out of Bounds Write Vulnerability in libxaac Allows Remote Code Execution
Stack-based Buffer Overflow Vulnerability in Multiple NETGEAR Devices
Lack of Function-Level Access Control in NETGEAR RAX40 Devices
Authentication Bypass Vulnerability in NETGEAR RAX40 Devices
Sensitive Information Disclosure in NETGEAR RAX40 Devices
Stored XSS Vulnerability in NETGEAR RAX40 Devices (Versions prior to 1.0.3.62)
Stored XSS Vulnerability in NETGEAR RAX40 Devices (Versions prior to 1.0.3.62)
Administrative Credentials Disclosure in NETGEAR RAX40 Devices
Denial of Service Vulnerability in NETGEAR RAX40 Devices
Incorrect Configuration of Security Settings in NETGEAR RN42400 Devices
Vulnerability: Sensitive Information Disclosure in NETGEAR MR1100 Devices
Out of Bounds Write Vulnerability in libxaac Allows Remote Code Execution
Title: Denial of Service Vulnerability in NETGEAR R8900, R9000, XR500, and XR700 Devices
Command Injection Vulnerability in NETGEAR WAC505 and WAC510 Devices
Disclosure of Sensitive Information Vulnerability in NETGEAR WAC505 Devices
Denial of Service Vulnerability in NETGEAR WAC505 and WAC510 Devices
NETGEAR WAC505 and WAC510 Devices Vulnerable to Incorrect Security Configuration
Command Injection Vulnerability in NETGEAR XR500 and XR700 Routers
Hardcoded Password Vulnerability in Certain NETGEAR Devices
Buffer Overflow Vulnerability in Certain NETGEAR Devices
Sensitive Information Disclosure Vulnerability in Certain NETGEAR Devices
Command Injection Vulnerability in NETGEAR Devices
Out of Bounds Write Vulnerability in libxaac Allows Remote Code Execution
Stored XSS Vulnerability in NETGEAR Devices
Stored XSS Vulnerability in NETGEAR RBR50, RBS50, and RBK50 Devices
Stored XSS Vulnerability in NETGEAR RBR50, RBS50, and RBK50 Devices
Stored XSS Vulnerability in NETGEAR RBR50, RBS50, and RBK50 Devices
Stored XSS Vulnerability in NETGEAR Devices
Stored XSS Vulnerability in NETGEAR Devices
Stored XSS Vulnerability in NETGEAR RBR50, RBS50, and RBK50 Devices
Stored XSS Vulnerability in NETGEAR Devices
Stored XSS Vulnerability in NETGEAR Devices
Stored XSS Vulnerability in NETGEAR Devices
Out of Bounds Write Vulnerability in libxaac Allows Remote Code Execution
Stored XSS Vulnerability in NETGEAR RBR50, RBS50, and RBK50 Devices
Stored XSS Vulnerability in NETGEAR Devices
Stored XSS Vulnerability in NETGEAR RBR50, RBS50, and RBK50 Devices
Stored XSS Vulnerability in NETGEAR Devices
Stored XSS Vulnerability in NETGEAR Devices
Stored XSS Vulnerability in NETGEAR RBR50, RBS50, and RBK50 Devices
Function Level Access Control Vulnerability in Certain NETGEAR Devices
Stored XSS Vulnerability in NETGEAR RBR50, RBS50, and RBK50 Devices
Stored XSS Vulnerability in NETGEAR Devices
Lack of Function-Level Access Control in NETGEAR MR1100 Devices
Out of Bounds Write Vulnerability in libxaac Allows Remote Code Execution
Command Injection Vulnerability in Multiple NETGEAR Devices
Authentication Bypass Vulnerability in Certain NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Multiple NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Multiple NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Multiple NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Buffer Overflow Vulnerability in Multiple NETGEAR Devices
Denial of Service Vulnerability in NETGEAR Devices
Command Injection Vulnerability in Multiple NETGEAR Devices
Command Injection Vulnerability in Multiple NETGEAR Devices
Out of Bounds Write Vulnerability in libxaac Allows Remote Code Execution
Authentication Bypass Vulnerability in NETGEAR Devices
CSRF Vulnerability in Certain NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Multiple NETGEAR Devices
Security Configuration Vulnerability in NETGEAR WAC505 and WAC510 Devices
Vulnerability: Disclosure of Sensitive Information in NETGEAR Devices
Sensitive Information Disclosure Vulnerability in NETGEAR SRK60, SRR60, and SRS60 Devices
Vulnerability: Sensitive Information Disclosure in NETGEAR WAC505 and WAC510 Devices
Stack-based Buffer Overflow Vulnerability in NETGEAR Devices
Sensitive Information Disclosure Vulnerability in NETGEAR WAC505 and WAC510 Devices
Buffer Overflow Vulnerability in NETGEAR Devices
Out of Bounds Write Vulnerability in libxaac Allows Remote Code Execution
Stack-based Buffer Overflow Vulnerability in Multiple NETGEAR Devices
Command Injection Vulnerability in NETGEAR Devices
Command Injection Vulnerability in NETGEAR Devices
Command Injection Vulnerability in NETGEAR Devices
Command Injection Vulnerability in NETGEAR Devices
Command Injection Vulnerability in NETGEAR Devices
Command Injection Vulnerability in NETGEAR R7800 and XR500 Devices
Command Injection Vulnerability in NETGEAR R7800 and XR500 Devices
Command Injection Vulnerability in NETGEAR Devices
Command Injection Vulnerability in NETGEAR Devices
Out of Bounds Write Vulnerability in libxaac Allows Remote Code Execution
Command Injection Vulnerability in NETGEAR Devices
Command Injection Vulnerability in NETGEAR Devices
Buffer Overflow Vulnerability in Multiple NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Stored XSS Vulnerability in Multiple NETGEAR Devices
Stored XSS Vulnerability in Certain NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in NETGEAR DGN2200v4 and DGND2200Bv4 Devices
Denial of Service Vulnerability in Certain NETGEAR Devices
Command Injection Vulnerability in Multiple NETGEAR Devices
Buffer Overflow Vulnerability in Certain NETGEAR Devices
Out of Bounds Write Vulnerability in libxaac Allows Remote Code Execution
Stored XSS Vulnerability in Multiple NETGEAR Devices
Stored XSS Vulnerability in Certain NETGEAR Devices
Command Injection Vulnerability in Certain NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Multiple NETGEAR Devices
Command Injection Vulnerability in Certain NETGEAR Devices
Stack-based buffer overflow vulnerability in certain NETGEAR devices
Command Injection Vulnerability in Certain NETGEAR Devices
Command Injection Vulnerability in Certain NETGEAR Devices
Buffer Overflow Vulnerability in Multiple NETGEAR Devices
Incorrect Configuration of Security Settings in Certain NETGEAR Devices
Out of Bounds Write Vulnerability in libxaac Allows Remote Code Execution
SQL Injection Vulnerability in Multiple NETGEAR Devices
Buffer Overflow Vulnerability in Multiple NETGEAR Devices
Command Injection Vulnerability in Multiple NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Multiple NETGEAR Devices
Buffer Overflow Vulnerability in Certain NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Stack-based buffer overflow vulnerability in certain NETGEAR devices
Stack-based Buffer Overflow Vulnerability in Multiple NETGEAR Devices
Stored XSS Vulnerability Affects Multiple NETGEAR Devices
Buffer Overflow Vulnerability in NETGEAR R8500 Devices
Out of Bounds Write Vulnerability in libxaac Allows Remote Code Execution
Stack-based Buffer Overflow Vulnerability in NETGEAR Devices
Sensitive Information Disclosure in NETGEAR WAC510 Devices
Stored XSS Vulnerability in NETGEAR WAC510 Devices Before 8.0.1.3
Stored XSS Vulnerability in NETGEAR WAC510 Devices Before 8.0.1.3
Sensitive Information Disclosure in NETGEAR WAC510 Devices
Command Injection Vulnerability in NETGEAR WAC505 and WAC510 Devices
Reflected XSS Vulnerability in Multiple NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Stored XSS Vulnerability in Certain NETGEAR Devices
Out of Bounds Write Vulnerability in libxaac Allows Remote Code Execution
Stored XSS Vulnerability in Certain NETGEAR Devices
Stack-based buffer overflow vulnerability in certain NETGEAR devices
Stored XSS Vulnerability in Multiple NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Multiple NETGEAR Devices
Buffer Overflow Vulnerability in Multiple NETGEAR Devices
Stack-based Buffer Overflow Vulnerability in Certain NETGEAR Devices
Reflected XSS vulnerability in certain NETGEAR devices
Command Injection Vulnerability in NETGEAR R7800 Devices
Buffer Overflow Vulnerability in NETGEAR R7000 Devices
Stored XSS Vulnerability in NETGEAR R9000 Devices
Out of Bounds Write Vulnerability in libxaac Allows Remote Code Execution
Authentication Bypass Vulnerability in NETGEAR R9000 Devices
Command Injection Vulnerability in NETGEAR R7800 Devices
Buffer Overflow Vulnerability in Certain NETGEAR Devices
Stack-Based Buffer Overflow in NETGEAR R7800 Devices
Stack-Based Buffer Overflow in NETGEAR R7800 Devices
Stack-Based Buffer Overflow in NETGEAR R7800 Devices
Stack-Based Buffer Overflow in NETGEAR R7800 Devices
Stack-based buffer overflow vulnerability in certain NETGEAR devices
Stored XSS Vulnerability in ServiceNow IT Service Management
DLL Hijacking Vulnerability in LG PC Suite v5.3.27 and earlier
Out of Bounds Write Vulnerability in libxaac Allows Remote Code Execution
Buffer Overflow Vulnerability in LG Mobile Devices with Android OS 9.0
Unconfirmed Configuration Changes Vulnerability in LG Mobile Devices
LG Mobile Devices Authorization Bypass Vulnerability
LG Mobile Devices Android OS Shell Command Execution Vulnerability
Local Password Retrieval Vulnerability on LG Mobile Devices with Android OS 7.0-9.0
Weak Encryption Vulnerability on LG Mobile Devices with Android OS 9.0
LG Mobile Devices Android OS TZ Trusted Application Crash Vulnerability
LG Mobile Devices OTA Provisioning Vulnerability
LG Mobile Devices Backup Subsystem Input Validation Vulnerability
LG Mobile Devices TrustZone Trusted Application Crash Vulnerability
Out of Bounds Write Vulnerability in libxaac Allows Remote Code Execution
LG Mobile Devices Security Settings Mishandling Vulnerability
DLL Hijacking Vulnerability in LG Bridge on Windows
LG Mobile Devices Buffer Overflow Vulnerability
Bypass of AKA in LG Mobile Devices with Android OS 7.0-8.1
GPS Mishandling in LG Mobile Devices with Android OS 7.0-8.1 (MTK Chipsets)
Uninitialized Variable Vulnerability in LG Mobile Devices with Android OS 8.0 and 8.1
Arbitrary Unencrypted Data Injection Vulnerability in Pion DTLS
Integer Overflow in Teeworlds Prior to 0.7.4: Tilemap Size Calculation Vulnerability
Integer Overflow and Heap-Based Buffer Overflow in LibVNCServer's cursor.c
Cross-Site Scripting (XSS) Vulnerability in Croogo before 3.0.7 via Title in admin/menus/menus and admin/taxonomy/vocabularies
Out of Bounds Read Vulnerability in libxaac on Android-10 (A-115509210)
Bypassing SPF and DMARC Authentication via Inconsistent HELO and MAIL FROM Fields in OpenDMARC and pypolicyd-spf
Stack-Based Buffer Overflow in OpenThread's MeshCoP::Commissioner::GeneratePskc Function
Double Free Vulnerability in OpenSC before 0.20.0
Resource Exhaustion Vulnerability in Linux Kernel with Unprivileged User Namespaces
Use-after-free vulnerability in iproute2 before 5.1.0
Buffer Overflow in e6y prboom-plus 2.5.1.5 UDP Packet Handling
XSS Vulnerability in Cherokee Web Server Allows Arbitrary Command Execution
Remote Memory Corruption Vulnerabilities in Cherokee Server
Out of Bounds Write Vulnerability in libxaac Allows Remote Code Execution
Out-of-Bounds Write Vulnerability in Cherokee Server
Cross-Origin Resource Sharing (CORS) and WebSocket Authorization Bypass in Readdle Documents iOS App
Stored XSS Vulnerability in Readdle Documents App
Reflected XSS Vulnerability in Gila CMS 1.11.6 via admin/content/postcategory id Parameter
CSRF and XSS Vulnerability in Gila CMS Allows Admin Account Compromise
Integer Overflow Vulnerability in p_lx_elf.cpp in UPX
NULL pointer dereference in tw5864_handle_frame() in drivers/media/pci/tw5864/tw5864-video.c
Vulnerability: Arbitrary OS Command Execution in Vim Restricted Mode
Out-of-Bounds Read Vulnerability in QEMU's ATI VGA Implementation
Price Manipulation Vulnerability in Compound Finance Compound Price Oracle
Out of Bounds Write Vulnerability in libxaac Allows Remote Code Execution
Memory leak in go7007_snd_init function in Linux kernel before 5.6
Reference Count Mishandling in rx_queue_add_kobject() and netdev_queue_add_kobject() in net/core/net-sysfs.c
Denial of Service Vulnerability in Linux Kernel's prb_calc_retire_blk_tmo() Function
NULL Pointer Dereference Vulnerability in Foxit PhantomPDF
Memory Consumption Vulnerability in Foxit PhantomPDF
Stack Consumption Vulnerability in Foxit PhantomPDF XML Parsing
NULL Pointer Dereference Vulnerability in Foxit PhantomPDF
NULL Pointer Dereference Vulnerability in Foxit Reader and PhantomPDF
Memory Consumption Vulnerability in Foxit Reader and PhantomPDF
Stack Consumption Vulnerability in Foxit Reader and PhantomPDF
Out of Bounds Write Vulnerability in libxaac Allows Remote Code Execution
NULL Pointer Dereference Vulnerability in Foxit Reader and PhantomPDF
NULL Pointer Dereference Vulnerability in Foxit PhantomPDF Mac
Out-of-Bounds Write Vulnerability in Foxit Reader and PhantomPDF 3D Plugin Beta
Buffer Overflow in Foxit PhantomPDF JavaScript Field APs Update
NULL Pointer Dereference in Foxit PhantomPDF via FXSYS_wcslen in Epub File
Out-of-Bounds Write Vulnerability in Foxit PhantomPDF
NULL Pointer Dereference Vulnerability in Foxit PhantomPDF Mac 3.3 and Foxit Reader for Mac
Stack Consumption Vulnerability in Foxit PhantomPDF Mac and Foxit Reader for Mac
Buffer Overflow Vulnerability in Foxit Reader and PhantomPDF
NULL Pointer Dereference Vulnerability in Foxit Reader and PhantomPDF
Out of Bounds Write Vulnerability in libxaac Allows Remote Code Execution
Out-of-Bounds Write Vulnerability in Foxit Reader and PhantomPDF
Void Data Mishandling Vulnerability in Foxit Reader and PhantomPDF 3D Plugin Beta
Homograph Mishandling Vulnerability in Foxit PhantomPDF
Cloud Credential Mishandling in Foxit PhantomPDF
Signature Validation Bypass in Foxit PhantomPDF
Homograph Mishandling Vulnerability in Foxit Reader and PhantomPDF
Cloud Credential Mishandling in Foxit Reader and PhantomPDF: Exploiting Google Drive Vulnerability
Signature Validation Bypass Vulnerability in Foxit Reader and PhantomPDF
Subject Buffer Over-read Vulnerability in libpcre
Buffer Overflow in LibVNCServer's sockets.c via Long Socket Filename
Out of Bounds Write Vulnerability in libxaac Allows Remote Code Execution
Crash Vulnerability in LibVNCServer's ws_decode.c
CSRF Vulnerability in Mattermost Server for Account Takeover Attacks
SQL Injection Vulnerability in Mattermost Server via SearchAllChannels
Weak Permissions for Configuration Files in Mattermost Server
Channel Spoofing Vulnerability in Mattermost Server
Denial of Service Vulnerability in Mattermost Server via Large Slack Import
Weak Permissions for Server-Local File Storage in Mattermost Server
WebSocket User Typing Event Spoofing Vulnerability
Quick Reply Vulnerability in Mattermost Mobile Apps
Persistent Cookie Data Vulnerability
Out of Bounds Write Vulnerability in libxaac Allows Remote Code Execution on Android
Persistent View Cache Vulnerability in Mattermost Mobile Apps
Arbitrary File Overwrite Vulnerability in Mattermost Mobile Apps
Sensitive Information Leakage in Mattermost Mobile Apps
Remote Code Execution Vulnerability in Mattermost Packages
Denial of Service via LaTeX Message in Mattermost Server
Sensitive Information Disclosure during Legacy Attachment Migration in Mattermost Server
Mattermost Desktop App macOS Dylib Injection Vulnerability
Denial of Service Vulnerability in Mattermost Server 5.16.0
Denial of Service (CPU Consumption) via Crafted Characters in SQL LIKE Clause
Bypassing Login Access Control in Mattermost Server
Out of Bounds Write Vulnerability in libxaac Allows Remote Code Execution
Denial of Service Vulnerability in Mattermost Server via Crafted SVG Document
Arbitrary Code Execution Vulnerability in Mattermost Desktop App
Unauthenticated Access to Team Slash Commands in Mattermost Server
Unrestricted Creation of Incoming Webhooks in Mattermost Server
GitHub Account Hijacking Vulnerability in Mattermost Plugins
Cross-Site Request Forgery (CSRF) Vulnerability in Mattermost Server
Improper Handling of Proxy HTTP Header in Mattermost Server
Channel Post Loading Interference Vulnerability
Improper Generation of Invite IDs in Mattermost Server
Privilege Escalation in Mattermost Server: Unauthorized Update/Patch Channel Modification in Private Channels
Out of Bounds Write Vulnerability in libxaac Allows Remote Code Execution
Bypassing Edited Flag Appearance in Mattermost Server
Catastrophic Backtracking Vulnerability in Mattermost Server
SSRF Vulnerability in Mattermost Server
User Activation/Deactivation Information Disclosure Vulnerability
Sensitive Information Disclosure during Role Change in Mattermost Server
Password Reset Vulnerability during Email Address Change
User Self-Deactivation Bypass Vulnerability
Information Disclosure Vulnerability in Mattermost Server Allows 2FA Status Enumeration
Email Address Mishandling Vulnerability in Mattermost Server
Email Address Change without Credential Re-entry Vulnerability
Out of Bounds Read Vulnerability in StatsService
Denial of Service Vulnerability via OpenGraph in Mattermost Server
Mattermost Server Brute-Force Attack Vulnerability
Domain Requirement Bypass in Mattermost Server
Post Pinning Vulnerability in Mattermost Server
File Attachment Duplication Vulnerability
Missing robots.txt file vulnerability in Mattermost Server
Inadvertent System Admin Privileges Vulnerability in Mattermost Server
Intra-team Post Permission Bypass in Mattermost Server
Denial of Service Vulnerability in Mattermost Server
User-Access Token Creation Permissions Mishandling Vulnerability
Uninstallation Permission Retention Vulnerability in Android
Email Address Discovery Bypass Vulnerability in Mattermost Server
Cross-Site Request Forgery (CSRF) and Stored Cross-Site Scripting (XSS) Vulnerability in WooCommerce CSV Product Importer
Double Free Vulnerability in net-snmp before 5.8.1.pre1 via SNMPv3 GetBulk Request
Buffer Overflow Vulnerability in Call of Duty Modern Warfare 2 Allows Arbitrary Code Execution
Traefik 2.x Vulnerability: Mutual TLS Verification Bypass
SQL Injection Vulnerability in WebChess 1.0
Denial of Service Vulnerability in Atlassian Jira Server and Data Center via Crafted PNG File
Unauthenticated Access to Sensitive Information in Atlassian Jira Server and Data Center
Denial of Service Vulnerability in Atlassian Jira Server and Data Center
Missing Permissions Check in isPackageDeviceAdminOnAnyUser of PackageManagerService.java
Cross-Site Scripting (XSS) Vulnerability in Atlassian Jira Server and Data Center (Versions before 8.7.0)
Open Redirect Vulnerability in Jira Login Page (CVE-2020-14181)
XML Data Transfer Vulnerability in Crowd Allows Reactivation of Disabled OpenLDAP User
Cross-Site Scripting (XSS) Vulnerability in atlaskit/editor-core Allows Arbitrary Code Injection via Hyperlinks
Infinite Loop Vulnerability in Python's tarfile Module
Incorrect Access Permissions for efivar_ssdt ACPI Variable Vulnerability
NULL Pointer Dereference in dwg_encode_LWPOLYLINE Function
Missing Permission Check in GetPermittedAccessibilityServicesForUser in DevicePolicyManagerService.java
Heap-based Buffer Over-read in decode_R13_R2000 in GNU LibreDWG
Denial of Service Vulnerability in GNU LibreDWG through 0.9.3
Stack Overflow Vulnerability in GNU LibreDWG
Heap-based Buffer Over-read in dwg_encode_entity in GNU LibreDWG
NULL Pointer Dereference in dwg_encode_common_entity_handle_data
Heap-based Buffer Over-read in bit_write_TF in GNU LibreDWG
Directory Traversal Vulnerability in pip Package (Versions before 19.2)
NULL Pointer Dereference in InspIRCd MySQL Module
Use After Free Vulnerability in InspIRCd 3 Allows Remote Server Crashing
NULL Pointer Dereference in DBI Module
Missing Permission Check in isSeparateProfileChallengeAllowed in DevicePolicyManagerService.java
Arbitrary Code Execution via Lookup Helper in Handlebars
Cross-Site Scripting (XSS) Vulnerability in bootstrap-select
Handlebars Template Engine Regular Expression Denial of Service (ReDoS) Vulnerability
Denial of Service Vulnerability in MongoDB Server v4.0.7 and Earlier
Denial of Service Vulnerability in MongoDB Server v4.2.2
Memory Allocation Vulnerability in MongoDB Server
Out-of-bounds Write Vulnerability in huff_dec_1D of nlc_dec.cpp in Android
InfluxDB Authentication Bypass Vulnerability
Use-after-free vulnerability in Linux kernel before 5.2.6 on NUMA systems
Out-of-bounds Write Vulnerability in parseMPEGCCData of NuPlayerCCDecoder.cpp
Race condition vulnerability in callGenIDChangeListeners and related functions in SkPixelRef.cpp allows for use after free, potentially leading to remote code execution without additional privileges. (Android-9, A-124232283)
Double Free Vulnerability in EffectBundle.cpp Allows Local Privilege Escalation in Android
Type Confusion Vulnerability in HAliasAnalyzer.Query of hydrogen-alias-analysis.h
Missing Permissions Check in areNotificationsEnabledForPackage of NotificationManagerService.java
Out-of-Bound Write Vulnerability in nfa_rw_store_ndef_rx_buf of nfa_rw_act.cc
Out-of-Bound Read Vulnerability in uvc_parse_standard_control of Android Kernel
Remote Keystroke Injection Vulnerability in Android BLE Implementation
Google Assistant in Android 9 Vulnerability: Permissions Bypass and Information Disclosure
Uninitialized Field Vulnerability in HIDL and C++ Structs/Unions in Android
Uninitialized Data Memory Corruption Vulnerability in FileInputStream::Read
Out-of-bounds Write Vulnerability in ihevcd_sao_shift_ctb of Android
Out-of-bounds Write Vulnerability in ihevcd_parse_pps of Android
Out of Bounds Write Vulnerability in ihevcd_ref_list.c in Android 10
Out-of-bounds Write Vulnerability in MakeMPEG4VideoCodecSpecificData of AVIExtractor.cpp
Missing Permission Check in ScreenRotationAnimation Allows for Secure Screen Capture
Heap Memory Corruption Vulnerability in DnsTlsSocket.cpp Allows Remote Code Execution in Android
Use-after-free vulnerability in alarm.cc allows for local code execution in Android
Bypass of Factory Reset Protection in Android Setup Wizard
Local Bypass of User Interaction Requirements in NFC Package Installation
Double Free Vulnerability in GateKeeper::MintAuthToken in Android 7.1.1, 7.1.2, 8.0, 8.1, and 9
Out-of-Bound Read Vulnerability in save_attr_seq of sdp_discovery.cc
Missing Permission Check in checkQueryPermission of TelephonyProvider.java
Uninitialized Stack Variables in Parcel.cpp: Local Information Disclosure Vulnerability
Improper Locking in key_store_service.cpp Allows for Information Disclosure
Insecure Default Value in OatFileAssistant::GenerateOatFile of oat_file_assistant.cc
Race Condition Vulnerability in ActivityManagerService.attachApplication of Android
Local Privilege Escalation Vulnerability in LockTaskController.lockKeyguardIfNeeded
Memory Overwrite Vulnerability in execTransact of Binder.java in Android 7.1.1, 7.1.2, 8.0, 8.1, and 9
Silent File Attachment Vulnerability in ComposeActivityEmailExternal
Overlay Attack Vulnerability in ChangeDefaultDialerDialog.java
Double Free Vulnerability in ParseContentEncodingEntry of mkvparser.cc
Use-after-free vulnerability in AudioInputDescriptor::setClientActive in Android
Out of Bounds Write Vulnerability in ACELP_4t64_fx of c4t64fx.c
Out-of-bounds Read Vulnerability in extract3GPPGlobalDescriptions of TextDescriptions.cpp
Remote Code Execution Vulnerability in CompilationJob::FinalizeJob of compiler.cc
Overlay Permission Vulnerability in Android
Android VPN Dialog Overlay Vulnerability
Heap Buffer Overflow in Mfc_Transceive of phNxpExtns_MifareStd.cpp
Integer Overflow Vulnerability in phFriNfc_ExtnsTransceive of phNxpExtns_MifareStd.cpp
Out of Bounds Read Vulnerability in Mfc_Transceive of phNxpExtns_MifareStd.cpp
Out-of-bounds Read Vulnerability in Status::readFromParcel of Android
Missing Permission Check in endCall() Function of TelecomManager.java Leads to Denial of Service Vulnerability in Android
Out of Bounds Read Vulnerability in libxaac on Android-10 (A-118494320)
Out of Bounds Read Vulnerability in libxaac on Android-10 (A-117610049)
Uninitialized Data Information Disclosure Vulnerability in libxaac
Out of Bounds Write Vulnerability in libxaac Allows Remote Code Execution
Out of Bounds Read Vulnerability in libxaac on Android-10 (A-112768568)
Out of Bounds Read Vulnerability in libxaac on Android-10 (A-114746174)
Out of Bounds Read Vulnerability in libxaac on Android-10 (A-112856493)
Out of Bounds Read Vulnerability in libxaac on Android-10 (A-112858430)
Out of Bounds Read Vulnerability in libxaac on Android-10 (A-112859714)
Out of Bounds Read Vulnerability in libxaac on Android-10 (A-116474108)
Out of Bounds Read Vulnerability in libxaac on Android-10 (A-113508105)
Out of Bounds Read Vulnerability in libxaac on Android-10 (A-113262406)
Out of Bounds Read Vulnerability in libxaac on Android-10 (A-117935831)
Out of Bounds Read Vulnerability in libxaac on Android-10 (A-117495174)
Out of Bounds Read Vulnerability in libxaac on Android-10 (A-118145923)
Out of Bounds Read Vulnerability in libxaac on Android-10 (A-112611181)
Out of Bounds Read Vulnerability in libxaac on Android-10 (A-117610057)
Out of Bounds Read Vulnerability in libxaac on Android-10 (A-117655547)
Out of Bounds Read Vulnerability in libxaac on Android-10 (A-112552816)
Out of Bounds Read Vulnerability in libxaac on Android-10 (A-112611363)
Out of Bounds Read Vulnerability in libxaac on Android-10 (A-118766492)
Out of Bounds Write Vulnerability in libxaac Allows Remote Code Execution
Out of Bounds Read Vulnerability in libxaac Allows Information Disclosure
Out of Bounds Read Vulnerability in libxaac Allows Information Disclosure
Out of Bounds Read Vulnerability in libxaac Allows Remote Information Disclosure
Out of Bounds Read Vulnerability in libxaac Allows Information Disclosure
Out of Bounds Read Vulnerability in libxaac Allows Information Disclosure
Out of Bounds Read Vulnerability in libxaac Allows Information Disclosure
Uninitialized Data Vulnerability in libxaac on Android-10 (A-117661478)
Uninitialized Data Information Disclosure Vulnerability in libxaac
Uninitialized Data Vulnerability in libxaac on Android-10 (A-118492594)
Uninitialized Data in libxaac: Potential Information Disclosure Vulnerability
Uninitialized Data Information Disclosure Vulnerability in libxaac
Uninitialized Data in libxaac: Potential Information Disclosure Vulnerability
Uninitialized Data Vulnerability in libxaac on Android-10 (A-113035224)
Incorrect Permission Check in startActivityMayWait of ActivityStarter.java Allows for Local Privilege Escalation
Use-after-free vulnerability in SensorManager::assertStateLocked in Android 7.1.1, 7.1.2, 8.0, 8.1, and 9
Incorrect Order of Arguments in checkAccess Method Allows Local Privilege Escalation in Android 9
Out-of-bounds Write Vulnerability in ihevcd_parse_buffering_period_sei of Android 8.0, 8.1, and 9
Device Type Confusion Vulnerability in HidProfile.java Allows Remote Code Execution
Out of Bounds Write Vulnerability in Android NFC Service
Integer Overflow Vulnerability in NDEF_MsgValidate of ndef_utils in Android 7.1.1, 7.1.2, 8.0, 8.1, and 9
Out of Bounds Read Vulnerability in Android Printer Service
Integer Overflow Vulnerability in binder_transaction of Android Kernel
Android Kernel MMU Code Vulnerability: Local Privilege Escalation without User Interaction
Account Protection Bypass and Local Information Disclosure in RegisteredServicesCache
Out-of-bounds Write Vulnerability in PV_DecodePredictedIntraDC of dec_pred_intra_dc.cpp
Out-of-bounds Write Vulnerability in VlcDequantH263IntraBlock_SH of vlc_dequant.cpp
Out-of-Bounds Write Vulnerability in GetMBheader of combined_decode.cpp
Out-of-bounds Read Vulnerability in nfc_ncif_decode_rf_params of nfc_ncif.cc
Race condition vulnerability in Easel driver allows for local privilege escalation
Race condition vulnerability in Easel driver allows for local privilege escalation
LG LAF Component Information Leak Vulnerability
LG LAF Component Information Leak Vulnerability
Possible Permissions Bypass in SliceProvider.java Allows Local Privilege Escalation
Possible Permissions Bypass in WelcomeActivity.java and Related Files
Arbitrary Code Execution Vulnerability in SurfaceFlinger::createLayer of Android-9
Possible Local Escalation of Privilege in SQLite3 Android Tokenize Function
Possible SQL Injection Vulnerability in Download Provider
Insecure Default Value in CachedBluetoothDevice.java Allows Contact List Disclosure
SQL Injection Vulnerability in Download Provider
Possible Permissions Bypass in createSessionInternal of PackageInstallerService.java
Custom Permission Bypass Vulnerability in PermissionManagerService
Out-of-bounds Write Vulnerability in generate_jsimd_ycc_rgb_convert_neon of jsimd_arm64_neon.S
Heap Buffer Overflow in CryptoPlugin::decrypt of CryptoPlugin.cpp
Heap Buffer Overflow in CryptoPlugin::decrypt in CryptoPlugin.cpp
Out of Bounds Read Vulnerability in FindSharedFunctionInfo of objects.cc
Use-after-free vulnerability in ProxyResolverV8::SetPacScript in proxy_resolver_v8.cc allows for remote code execution without additional privileges (Android).
Out of Bounds Write Vulnerability in rw_i93_sm_set_read_only of Android NFC
Out-of-Bound Write Vulnerability in nfa_hci_handle_admin_gate_rsp of nfa_hci_act.cc
Out of Bounds Read Vulnerability in PromiseBuiltinsAssembler::NewPromiseCapability
Out-of-bounds Read Vulnerability in BTA_DmPinReply of bta_dm_api.cc
Heap Buffer Overflow in load_logging_config of qmi_vs_service.cc
Possible SQL Injection in createProjectionMapForQuery of TvProvider.java
Out-of-bounds Read Vulnerability in Android's Poisson Distribution
Race condition vulnerability in binder_free_transaction in binder.c allows for local escalation of privilege without additional execution privileges needed
Out of Bounds Write Vulnerability in binder_transaction of Android Kernel
Elevation of Privilege Vulnerability in Android Binder
Hidden Overlay Notification Vulnerability in Android-10 (A-38390530)
Possible Memory Corruption and Local Privilege Escalation in setCpuVulkanInUse of GpuStats.cpp
Improper Permission Grant in createSessionInternal of PackageInstallerService.java
Permission Bypass Vulnerability Allows Unauthorized Background Audio Recording in Android
Possible bypass of user interaction requirements in checkOperation of AppOpsService.java leading to local information disclosure
Possible bypass of user interaction requirements in hasActivityInVisibleTask of WindowProcessController.java leading to local privilege escalation
Out of Bounds Write Vulnerability in ihevcd_parse_slice_data of ihevcd_parse_slice.c
Out of Bounds Write Vulnerability in ihevcd_ref_list.c
Bluetooth Pairing Vulnerability: Silent Malicious Device Pairing and Remote Privilege Escalation
Out-of-Bounds Read Vulnerability in device_class_to_int of device_class.cc
Out of Bounds Read Vulnerability in btif_av.cc Allows Remote Information Disclosure over Bluetooth
Out-of-bounds Read Vulnerability in array_find of array.c
Missing Permission Check in updateWidget of BaseWidgetProvider.java Allows Local Information Disclosure
Use-after-free vulnerability in nfcManager_routeAid and nfcManager_unrouteAid of NativeNfcManager.cpp in Android-10 allows remote information disclosure.
Possible Unencrypted Master Key Vulnerability in Blob::Blob of blob.cpp
Possible Denial of Service Vulnerability in TextLine.java
Possible Local Escalation of Privilege Vulnerability in UserSwitcherController.java
Buffer Overflow Vulnerability in Emulated RPMB Sector Size Assumptions
Null Pointer Dereference Vulnerability in Snapdragon Auto, Compute, Connectivity, Consumer Electronics Connectivity, Consumer IOT, Industrial IOT, Mobile, Voice & Music, Wired Infrastructure and Networking in various Qualcomm chipsets
Vulnerability: Silent Failure and Unhandled Keypad GPIO Deactivation Error
Data Type Check Vulnerability in Snapdragon Auto, Compute, Consumer Electronics Connectivity, Consumer IOT, Industrial IOT, Mobile in MDM9206, MDM9607, MDM9650, MDM9655, QCS605, SD 210/SD 212/SD 205, SD 410/12, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 8CX, SXR1130
Missing Sanity Checks in Layout: Vulnerability in Multiple Snapdragon Platforms
Unpredictable Behavior Vulnerability in Multiple Snapdragon Platforms
Improper Error Status Handling in Snapdragon Processors
Buffer Overflow/Underflow Vulnerability in Snapdragon Auto, Compute, Consumer Electronics Connectivity, Consumer IoT, Industrial IoT, IoT, Mobile, Voice & Music, Wearables in APQ8009, APQ8016, APQ8017, APQ8053, APQ8096, APQ8096AU, APQ8098, MDM9150, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8905, MSM8909, MSM8909W, MSM8917, MSM8920, MSM8937, MSM8939, MSM8940, MSM8953, MSM8996AU, MSM8998, Nicobar, QCM2150, QCS605, QM215, SDA660, SDA845, SDM429, SDM439, SDM450, SDM630, SDM632, SDM636, SDM660, SDM670, SDM710, SDM845, SDM850, SDX20, SM6150, SM7150, SXR1130
Buffer overflow vulnerability in multiple Snapdragon platforms
Possible Integer Underflow Vulnerability in Snapdragon Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, IoT, Mobile, Wearable, and other Qualcomm Snapdragon Platforms
Possible Integer Underflow Vulnerability in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SM7150, Snapdragon_High_Med_2016
Arbitrary Memory Write Vulnerability in Snapdragon Auto, Compute, Connectivity, Consumer IOT, Industrial IOT, Mobile, MDM9205, MDM9640, MSM8996AU, QCA6574, QCS605, Qualcomm 215, SD 425, SD 427, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016, SXR1130
Double Free Vulnerability in Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, Wearables in Multiple Qualcomm Chipsets
Buffer Overflow Vulnerability in Multiple Snapdragon Processors
Arbitrary Memory Read Vulnerability in Snapdragon Processors
Arbitrary Memory Write Vulnerability in Snapdragon Processors
Stack Buffer Overflow Vulnerability in Snapdragon Auto, Compute, Connectivity, Consumer Electronics, Consumer IoT, Industrial IoT, Mobile, Voice & Music
Buffer Overflow Vulnerability in Snapdragon Processors with High Decode Picture Buffer Size
Buffer Over-read Vulnerability in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20
Vulnerability: Position Determination Accuracy Degradation in Snapdragon Platforms
Bitstream Vulnerability in Multiple Snapdragon Platforms
Bitstream Code Execution Vulnerability in Multiple Snapdragon Platforms
Improper Configuration File Permissions Vulnerability in Snapdragon Platforms
Out-of-Bounds Write Vulnerability in Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, Wearables in Multiple Qualcomm Chipsets
Video Dimension Resource Allocation Vulnerability in Multiple Snapdragon Platforms
Race Condition Vulnerability in Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, Mobile, Voice & Music, Wearables in Multiple Qualcomm Chipsets
Unauthorized GPU Subsystem Access Vulnerability in Multiple Snapdragon Platforms
Use After Free Vulnerability in Multiple Snapdragon Platforms
Null Pointer Dereference Vulnerability in Glink Channel Opening in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9607, MDM9640, MSM8909W, QCS405, QCS605, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 712 / SD 710 / SD 670, SD 820A, SD 835, SD 845 / SD 850, SDM439, SDM630, SDM660, SDX24
Double Free Vulnerability in Kernel Power Sequence Handling for Camera Sensor Sub-modules in Snapdragon Devices
Improper Access Control in Secure Boot Loader Image Allows Modification of Locked Regions
Out-of-Bounds Read Vulnerability in Snapdragon Auto, Consumer Electronics Connectivity, Consumer IoT, Industrial IoT, Mobile, Voice & Music
Buffer Overflow Vulnerability in Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, Mobile, Voice & Music Processors
Buffer Over-read Vulnerability in Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, Wearables, and other Snapdragon Platforms
Buffer Overflow Vulnerability in Display Function of Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 820A, SD 845 / SD 850, SDM660, SDX20
IOMMU Page Fault Denial of Service Vulnerability in Multiple Snapdragon Platforms
Improper Access Control for RPU Write Access Vulnerability in Qualcomm Snapdragon Processors
Buffer Overflow Vulnerability in Key Operations (CVE-2018-13907) in Multiple Snapdragon Platforms
Out-of-Bound Read Vulnerability in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Mobile, Snapdragon Voice & Music in Multiple Qualcomm Chipsets
Out of Bound Read Vulnerability in WLAN in Snapdragon Processors
Bypassing Boot Image Signature Verification in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile
Shared Memory Vulnerability in Multiple Snapdragon Platforms
Unauthenticated Bitmap Image Execution Vulnerability
Out-of-Bound Access Vulnerability in Snapdragon Processors
Race condition vulnerability in camera ioctl calls leading to use-after-free in Snapdragon devices
Out of Bound Write Vulnerability in Snapdragon Platforms
Out of Bound Write Vulnerability in Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, Mobile, Voice & Music, Wearables
Out of Bound Write Vulnerability in TZ Memory Dump Copying
Authentication Bypass Vulnerability in Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, Wearables
Camera Driver Vulnerability: Accessing Destroyed Session Data Pointer in Snapdragon Platforms
Buffer Overflow Vulnerability in Qualcomm Snapdragon Processors
Pointer Dereference Vulnerability in Qualcomm Snapdragon Devices
Hard-coded Magic Number Vulnerability in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9205, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9655, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SD 8CX, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130
Address range check vulnerability in multiple Snapdragon platforms
Buffer Overflow Vulnerability in Multiple Snapdragon Processors
Use-after-free vulnerability in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, QCS405, QCS605, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 845 / SD 850, SD 855, SDM660, SDX20, SDX24 via unprotected access to md sessions info
Out-of-Bound Write Vulnerability in Snapdragon Processors
Possible Buffer Overflow Vulnerability in WLAN Handler in Multiple Snapdragon Platforms
Out-of-Bound Read Vulnerability in Multiple Snapdragon Platforms
Heap Overflow Vulnerability in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in Multiple Qualcomm Chipsets
Array Out-of-Bounds Access Vulnerability in SNDCP Module
Integer Overflow Leading to Buffer Overflow in Multiple Snapdragon Platforms
Out of Bound Access Vulnerability in Snapdragon Auto, Consumer Electronics Connectivity, Consumer IOT, Industrial IOT, Mobile, Voice & Music
Out of Bound Read Vulnerability in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in Multiple Qualcomm Chipsets
Potential Integer Underflow Vulnerability in 802.11 Rx Management Configuration in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in Multiple Qualcomm Chipsets
Remote Procedure Call (RPC) Vulnerability in Snapdragon Processors
Integer Overflow Vulnerability in Snapdragon Auto, Consumer Electronics Connectivity, Consumer IoT, Industrial IoT, Mobile, Voice & Music in Multiple Qualcomm Chipsets
Out of Bound Read Vulnerability in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in Multiple Qualcomm Chipsets
Possible Buffer Overflow Vulnerability in WLAN Handler in Multiple Snapdragon Processors
Buffer Overflow Vulnerability in Snapdragon Auto, Consumer Electronics Connectivity, Consumer IOT, Industrial IOT, Mobile, Voice & Music in Multiple Qualcomm Chipsets
Race Condition Vulnerability in Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MSM8909W, QCS405, QCS605, Qualcomm 215, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 845 / SD 850, SD 855, SDM439, SDM660, SDX20, SDX24
Insecure Parameter Population Vulnerability
Out-of-Scope Variable Usage Vulnerability in Snapdragon Processors
Predictable Initial Sequence Number (ISN) Vulnerability in Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, Wearables in MSM8905, MSM8909, MSM8917, MSM8920, MSM8937, MSM8940, MSM8953, Nicobar, QCM2150, QM215, SC8180X, SDM429, SDM439, SDM450, SDM632, SDX24, SDX55, SM6150, SM7150, SM8150
Vulnerability: Non Secure Kernel Trustzone Memory Read DOS in Snapdragon Platforms
Vulnerability: Memory Corruption in HLOS for Snapdragon Platforms
Improper Validation of Array Index in Snapdragon Processors: Potential Out of Bounds Write Vulnerability
Vulnerability: Incorrect Length Validation in QSEE Log Buffer
Buffer Overflow Vulnerability in Multiple Snapdragon Platforms
Uninitialized Crypto Engine Data Vulnerability in Qualcomm Snapdragon Processors
Out of Boundary Access Vulnerability in Snapdragon Processors
Out-of-Boundary Access Vulnerability in Snapdragon Platforms
Out-of-Bound Access Vulnerability in Qualcomm Snapdragon Processors
Buffer Overflow Vulnerability in Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, Wearables in Multiple Qualcomm Snapdragon Processors
Buffer Overflow Vulnerability in Multiple Snapdragon Platforms
Critical Use After Free Vulnerability in Snapdragon Processors
Improper Input Validation in Allocation Request for Secure Allocations Vulnerability
Integer Overflow Vulnerability in Multiple Snapdragon Platforms
Memory Corruption Vulnerability in Multiple Snapdragon Platforms
Buffer Overflow Vulnerability in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9150, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24
Null Pointer Dereferencing Vulnerability in Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, Wearables in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCS405, QCS605, Qualcomm 215, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 600, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 665, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016
Infinite Loop Vulnerability in Snapdragon Auto, Compute, Consumer IOT, Industrial IOT, IoT, Mobile, Voice & Music, Wearables
Use After Free Vulnerability in Multiple Snapdragon Platforms
Buffer Overflow Vulnerability in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables
Vulnerability: Crafted Image Signature Bypass in Multiple Snapdragon Platforms
Vulnerability: Out of Bound Access in Snapdragon Platforms
Buffer Overflow Vulnerability in Snapdragon Processors
Firmware Vulnerability: Out of Bound Read and Information Disclosure in Snapdragon Platforms
Race condition vulnerability in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MSM8909W, MSM8996AU, QCS605, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDM660, SDX20, SDX24 JPEG Driver
Memory Overwrite Vulnerability in Snapdragon Compute, Consumer IOT, Industrial IOT, Mobile, Voice & Music, Wired Infrastructure and Networking
Improper Invalidation of Authorization Sessions in MongoDB Server
Exposure of Access Logs in MongoDB Ops Manager
Arbitrary PID Injection Vulnerability in MongoDB Server's SysV Init Scripts
OpenSSL Configuration File Vulnerability in MongoDB Server
Improper JSON Parsing in MongoDB Inc. js-bson Library (Versions 1.1.3 and Prior) Leads to Data Disclosure
Denial of Service Vulnerability in MongoDB Server Versions Prior to 4.4.1
MongoDB Server Denial of Service Vulnerability
Oracle WebLogic Server Component Vulnerability: Unauthorized Data Access and Partial Denial of Service
Oracle CRM Technical Foundation Component Vulnerability
Vulnerability in Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications (CVE-2021-12345)
Oracle WebLogic Server Component Vulnerability: Unauthorized Data Manipulation via HTTP Access
Vulnerability in Oracle Communications Diameter Signaling Router (DSR) Allows Unauthorized Data Access and Partial Denial of Service
Oracle iStore User Registration Vulnerability
Vulnerability in Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications (CVE-2021-12345)
Oracle Hospitality Simphony Component Vulnerability
Oracle Hospitality Simphony Component Vulnerability
Unauthenticated Read Access Vulnerability in Oracle PeopleSoft Enterprise PeopleTools
Critical Vulnerability in Oracle PeopleSoft Products: Compromise of PeopleSoft Enterprise PeopleTools
Oracle Database Server Core RDBMS Component Takeover Vulnerability
Oracle Hospitality Reporting and Analytics Component Unauthorized Access Vulnerability
Unauthenticated Unauthorized Read Access Vulnerability in Oracle PeopleSoft Products
Vulnerability in Oracle Hospitality Cruise Shipboard Property Management System: Unauthorized Access and Denial of Service
Vulnerability in Oracle Hospitality Cruise Shipboard Property Management System: Unauthorized Data Access and Manipulation
Oracle Hospitality Cruise Shipboard Property Management System Vulnerability
High Privilege Takeover Vulnerability in Sun ZFS Storage Appliance Kit (AK)
Oracle Reports Developer Vulnerability: Unauthorized Data Access and Manipulation
Oracle HTTP Server Vulnerability: Unauthorized Takeover of Server
Vulnerability in Oracle Hyperion BI+ Component: Unauthorized Data Access and Partial Denial of Service
Critical Vulnerability in Oracle PeopleSoft Products: Compromise of PeopleSoft Enterprise PeopleTools
Vulnerability in PeopleSoft Enterprise PeopleTools Performance Monitor Component
Oracle WebLogic Server T3 Network Access Vulnerability
Vulnerability in PeopleSoft Enterprise CC Common Application Objects: Unauthorized Data Access and Manipulation
MySQL Server Optimizer Vulnerability
Vulnerability in PeopleSoft Enterprise HCM eProfile Manager Desktop Allows Unauthorized Data Access and Manipulation
Java SE Libraries Unauthorized Read Access Vulnerability
Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Data Access
Oracle Retail Convenience Store Back Office Component Vulnerability
Oracle Hospitality Reporting and Analytics Unauthenticated Access Vulnerability
Java SE Networking Vulnerability: Unauthorized Read Access
Unauthenticated Remote Code Execution Vulnerability in Oracle WebCenter Portal
Vulnerability in Oracle Outside In Technology: Unauthorized Access and Denial of Service
Oracle Argus Safety Console Unauthorized Access Vulnerability
Vulnerability in Oracle Argus Safety Console: Unauthorized Data Access
Oracle Argus Safety Login Vulnerability
XML Publisher Component Vulnerability in PeopleSoft Enterprise PeopleTools
MySQL Server Denial of Service Vulnerability
Vulnerability in MySQL Connectors: Unauthorized Access and Data Manipulation
Vulnerability in MySQL Server Replication Component: Unauthorized Data Access and Server Crash
Oracle Solaris Kernel Denial of Service Vulnerability
Oracle Web Cache ESI/Partial Page Caching Vulnerability
Vulnerability in PeopleSoft Enterprise PeopleTools Portal Component
Oracle E-Business Suite Oracle Marketing User Interface Unauthenticated Remote Code Execution Vulnerability
Unauthenticated Unauthorized Read Access Vulnerability in Oracle WebLogic Server
Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Data Access and Manipulation
XML Publisher Component Vulnerability in PeopleSoft Enterprise PeopleTools
Vulnerability in Oracle Database Server: Core RDBMS Takeover
Vulnerability in Oracle Content Manager component of Oracle E-Business Suite: Unauthorized Access and Data Compromise
Vulnerability in Oracle VM VirtualBox: Unauthorized Access to Critical Data
Oracle Partner Management Component Vulnerability in Oracle E-Business Suite
Vulnerability in Oracle VM VirtualBox: Unauthorized Access to Critical Data
Java SE Deployment Component Vulnerability
Vulnerability in Oracle VM VirtualBox: Unauthorized Access to Critical Data
Vulnerability in Oracle VM VirtualBox: Unauthorized Access to Critical Data
Oracle WebLogic Server Remote Code Execution Vulnerability
Oracle E-Business Suite Performance Management Plan Unauthorized Data Access Vulnerability
MySQL Server Denial of Service Vulnerability
Vulnerability in Oracle Outside In Technology: Unauthorized Data Access and Partial Denial of Service
Vulnerability in Oracle Outside In Technology Allows Partial Denial of Service
Vulnerability in Oracle Outside In Technology Allows Partial Denial of Service
Vulnerability in Oracle Outside In Technology Allows Partial Denial of Service
Vulnerability in Oracle Outside In Technology Allows Partial Denial of Service
Vulnerability in Oracle Outside In Technology Allows Partial Denial of Service
Vulnerability in Oracle Outside In Technology: Unauthorized Data Access and Partial Denial of Service
Vulnerability in Oracle Outside In Technology: Unauthorized Data Access and Partial Denial of Service
Vulnerability in Oracle Outside In Technology Allows Unauthorized Data Access
Vulnerability in Oracle Outside In Technology Allows Unauthorized Data Access
Vulnerability in Oracle Outside In Technology Allows Unauthorized Data Access
Oracle Outside In Technology Denial of Service Vulnerability
Oracle Outside In Technology Denial of Service Vulnerability
Vulnerability in Oracle Outside In Technology: Unauthorized Access and Denial of Service
Oracle Partner Management Component Vulnerability in Oracle E-Business Suite
Vulnerability in PeopleSoft Enterprise PeopleTools Portal Component
Vulnerability in Oracle Outside In Technology Allows Partial Denial of Service
Vulnerability in Oracle Outside In Technology Allows for Denial of Service Attacks
Oracle Outside In Technology Denial of Service Vulnerability
Oracle Outside In Technology Denial of Service Vulnerability
Vulnerability in Oracle Outside In Technology Allows for Denial of Service Attacks
Vulnerability in Oracle Outside In Technology Allows for Denial of Service Attacks
Vulnerability in Oracle Outside In Technology Allows Partial Denial of Service
Vulnerability in Oracle Outside In Technology Allows for Denial of Service Attacks
Vulnerability in Oracle Outside In Technology: Unauthorized Partial Denial of Service
MySQL Server Denial of Service Vulnerability
MySQL Server Denial of Service Vulnerability
Vulnerability in Oracle Database Server's Application Express Component
Oracle Mobile Field Service Component Vulnerability in Oracle E-Business Suite
MySQL Server Privilege Escalation Vulnerability
Oracle Transportation Management UI Infrastructure Unauthorized Data Access Vulnerability
Oracle CRM Technical Foundation Session Management Vulnerability
Oracle One-to-One Fulfillment Component OCM Query Vulnerability
Vulnerability in PeopleSoft Enterprise PeopleTools Panel Processor Component
Vulnerability in Oracle Email Center component of Oracle E-Business Suite: Unauthorized Data Access
Vulnerability in Oracle Email Center component of Oracle E-Business Suite: Unauthorized Data Access
Vulnerability in PeopleSoft Enterprise CS Campus Community component allows unauthorized data manipulation
MySQL Server Denial of Service Vulnerability
MySQL Server Denial of Service Vulnerability
Oracle CRM Technical Foundation Component Vulnerability
Vulnerability in Oracle CRM Technical Foundation component of Oracle E-Business Suite: Unauthorized Access and Data Compromise
Oracle Partner Management Component Vulnerability in E-Business Suite: Unauthorized Access and Data Compromise
Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Data Access and Manipulation
Vulnerability in Oracle VM VirtualBox: Takeover Exploit
Stack Consumption Vulnerability in serde_cbor Crate
Degenerate Security Properties in sodiumoxide crate's generichash::Digest::eq
Timing Side-Channel Vulnerability in libsecp256k1 Crate
Flatbuffers Crate for Rust: Arbitrary Byte Reinterpretation as Bool Vulnerability
ChaCha20 Counter Overflow Vulnerability
Streebog Hash Function Vulnerability: Incorrect Output Generation
Panic-inducing Vulnerability in Streebog Hash Function
Soundness Defeating Vulnerability in http Crate's HeaderMap::Drain API
Vulnerability in Oracle VM VirtualBox: Unauthorized Read Access
Type Confusion Vulnerability in Failure Crate
Cross-Site Scripting (XSS) Vulnerability in NetBox 2.6.2
Unauthenticated Access to Webform Submissions in Drupal Webform Report Project
Buffer Over-read Vulnerability in GNU C Library's iconv Feature
NULL Pointer Dereference Vulnerability in Istio Pilot
Stored XSS Vulnerability in LuCI OpenWrt 18.06.0 through 18.06.4 via Crafted SSID
Inherited PATH Variable Vulnerability in OpenDoas
Arbitrary File Overwrite Vulnerability in rcp
Vulnerability: Bypassing Access Restrictions in MIT krb5-appl RCP Client
SQL Injection Vulnerability in LimeSurvey Participant Model
MySQL Server InnoDB Component Denial of Service Vulnerability
Unauthenticated Access to Administrative Configuration in Scytl sVote 2.1
Vulnerability: Unauthenticated Access to OrientDB in Scytl sVote 2.1
Code Injection Vulnerability in Scytl sVote 2.1
IP Address Manipulation Vulnerability in Scytl sVote 2.1
Unauthenticated Command Injection in OpenRepeater (ORP) before 2.2
Timing Discrepancy Vulnerability in activerecord-session_store
Markup Data Mishandling in Redmine before 3.4.13 and 4.x before 4.0.6
Cross-Site Scripting (XSS) vulnerability in com.vaadin:flow-server versions 1.0.0 through 1.0.10 and 1.1.0 through 1.4.2
Unsanitized Variable Input in Vaadin Grid Component Allows for JavaScript Injection
Command Injection Vulnerability in Versa Director
Vulnerability in MySQL Server: Unauthorized Access and Denial of Service
Vulnerability: Weak Password Hashing in Versa Director, Versa Analytics, and VOS
Configuration Injection Vulnerability in create_unbound_ad_servers.sh
Integer Overflow Vulnerability in Unbound Regional Allocator
Integer Overflow in Unbound's Regional Allocator via ALIGN_UP Macro
Integer Overflow in sldns_str2wire_dname_buf_origin Leading to Out-of-Bounds Write
Out-of-Bounds Write Vulnerability in Unbound before 1.9.5
Assertion Failure and Denial of Service in Unbound's synth_cname Function
Assertion Failure and Denial of Service in Unbound's dname_pkt_copy
Integer Overflow in Size Calculation in Unbound's dnscrypt/dnscrypt.c
Integer Overflow in Size Calculation in Unbound's respip/respip.c
Vulnerability in Oracle VM VirtualBox: Unauthorized Read Access
Infinite Loop Vulnerability in Unbound before 1.9.5
Assertion Failure in Unbound's dname_pkt_copy Function
Out-of-Bounds Write Vulnerability in Unbound before 1.9.5
ModSecurity 3.x Key-Value Pair Parsing Vulnerability
Use-after-free vulnerability in the block subsystem in the Linux kernel before 5.2 allows for arbitrary code execution and privilege escalation (CID-c3e2219216c9)
Use-after-free vulnerability in Linux kernel XFRM subsystem (CVE-2020-12345)
Cross-Site Scripting (XSS) Vulnerability in Cerberus FTP Server Enterprise
Cross-Site Scripting (XSS) Vulnerability in Greenbone Security Assistant (GSA) and Greenbone OS (GOS)
Heap-Based Buffer Over-Read Vulnerability in LibreSSL 2.9.1 through 3.2.1
Out-of-Bounds Read Vulnerability in LibreSSL 2.9.1 through 3.2.1
Vulnerability in Oracle VM VirtualBox: Unauthorized Read Access
Stack-based Buffer Overflow in netCDF in GDAL 2.4.2 through 3.0.4
Heap-based Buffer Overflow in GNU Aspell 0.60.8: acommon::ObjStack::dup_top Vulnerability
Crash and Sensitive Information Leakage Vulnerability in Linaro OP-TEE
Path Traversal Vulnerability in Sage FRP 1000 (Pre-November 2019) Allows Unauthorized File Access
Segmentation Fault Due to Erroneous IcmpTransportChannelIterator Optimization
Panic Propagation Vulnerability in libpulse-binding Crate
Vulnerability: Version Identification and User-Agent Defeat in Bromite through 78.0.3904.130
CustomSerializer Vulnerability in Corda
USBGuard Vulnerability: Unprivileged User Bypasses Device Connection Restrictions
Incomplete Fix for CVE-2019-3839 in Artifex Ghostscript through 9.26: Mishandling of .completefont
Vulnerability in Oracle VM VirtualBox: Unauthorized Read Access
User Role Information Disclosure in WPGraphQL WordPress Plugin
Cyclic Password Prediction Vulnerability in RandomPasswordGenerator Gem
Critical Memory Corruption Vulnerability in Sricam IP CCTV Camera
Critical Memory Corruption Vulnerability in Sricam IP CCTV Camera
Cross-Site Request Forgery Vulnerability in CoreHR Core Portal up to 27.0.7
Critical Privilege Escalation Vulnerability in OpenNetAdmin 18.1.1
Critical Privilege Escalation Vulnerability in Ajenti 2.1.31
Critical Privilege Escalation Vulnerability in Podman and Varlink 1.5.1
Critical Privilege Escalation Vulnerability in Axios Italia Axios RE 1.7.0/7.0.0
Remote Information Disclosure Vulnerability in Axios Italia Axios RE 1.7.0/7.0.0
MySQL Server Denial of Service Vulnerability
Cross-Site Scripting (XSS) Vulnerability in Unsupported WolfCMS Versions
Critical Siri Vulnerability in Apple iPhone up to 12.4.1 Allows Remote Command Execution
Gzip Compression Denial of Service Vulnerability
Path Traversal Vulnerability in goa (github.com/goadesign/goa) before v3.0.9, v2.0.10, or v1.4.3
Arbitrary File Read Vulnerability in Gravitee API Management Email Service
Tuple Space Explosion (TSE) Attack in Open vSwitch
Buffer Overflow Vulnerability in pacparser up to 1.3.x (CVE-2021-215443)
Vulnerability in Oracle VM VirtualBox: Unauthorized Denial of Service (DoS)
Cross Site Scripting (XSS) Vulnerability in Hide Files on GitHub up to 2.x
Critical Use After Free Vulnerability in GNOME gvdb (CVE-2021-216789)
Cross-Site Scripting (XSS) Vulnerability in IET-OU Open Media Player up to 1.5.0 (CVE-2021-216862)
Critical Path Traversal Vulnerability in RamseyK httpserver (VDB-216863)
Cross-Site Scripting (XSS) Vulnerability in ytti Oxidized Web
Insufficient Randomness in Morgawr Muon 0.1.1 (VDB-216877)
Vulnerability in Oracle VM VirtualBox: Unauthorized Denial of Service (DoS)
Cross-Site Scripting (XSS) Vulnerability in FreePBX arimanager up to 13.0.5.3
CSRF Cookie Handler in nsupdate.info Allows Remote Attackers to Bypass 'httponly' Flag in Cookies (VDB-216909)
Cross-Site Scripting (XSS) Vulnerability in Nakiami Mellivora Admin Panel
Cross Site Scripting (XSS) Vulnerability in dragonexpert Recent Threads on Index
Cross-Site Scripting (XSS) Vulnerability in innologi appointments Extension up to 2.0.5 on TYPO3
Cross-Site Scripting (XSS) Vulnerability in kakwa LdapCherry up to 0.x
Cross Site Scripting (XSS) Vulnerability in soerennb eXtplorer up to 2.1.12
Critical Path Traversal Vulnerability in soerennb eXtplorer up to 2.1.12 (VDB-217436)
Critical Path Traversal Vulnerability in soerennb eXtplorer up to 2.1.12 (VDB-217437)
Arthmoor QSF-Portal Path Traversal Vulnerability (VDB-217558)
MySQL Server Denial of Service Vulnerability
Critical SQL Injection Vulnerability in happyman twmap (CVE-2021-217645)
Critical HTTP Response Splitting Vulnerability in OnShift TurboGears 1.0.11.10
Inefficient Regular Expression Complexity Vulnerability in simple-markdown 0.6.0
Regular Expression Complexity Vulnerability in simple-markdown 0.5.1
Denial of Service Vulnerability in rtcwcoop 1.0.2
Cross Site Scripting (XSS) Vulnerability in dro.pm
Oracle VM VirtualBox SOAP Denial of Service Vulnerability
Vulnerability in Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite: Unauthorized Data Access and Manipulation
Vulnerability in Oracle MySQL Server (Shell Subcomponent) Allows Unauthorized Data Access
Child Process Injection Vulnerability in Firefox < 70: Arbitrary Code Execution and Sandbox Escape
Remote Code Execution Vulnerability in Umbraco CMS 4.11.8 through 7.15.10 and 7.12.4
Arbitrary File Upload Vulnerability in User Submitted Posts Plugin for WordPress
Unauthenticated Settings Reset Vulnerability in Coming Soon Page & Maintenance Mode Plugin for WordPress
Stored Cross-Site Scripting Vulnerability in WordPress Coming Soon Page & Maintenance Mode Plugin
Authorization Bypass and Arbitrary User Account Injection in Easy WP SMTP Plugin for WordPress
Vulnerability: Authenticated Options Change in Mesmerize & Materialis WordPress Themes
Authorization Bypass Vulnerability in GDPR Cookie Compliance Plugin for WordPress
HTML Injection Vulnerability in WP HTML Mail Plugin for WordPress (Versions up to 2.2.10)
HTML Injection Vulnerability in PirateForms WordPress Plugin
Stored Cross-Site Scripting Vulnerability in DELUCKS SEO Plugin for WordPress
Stored Cross-Site Scripting Vulnerability in Pretty Links WordPress Plugin (Versions up to 2.1.9)
HTML Injection Vulnerability in WP HTML Mail Plugin for WordPress (Versions up to 2.9.0.3)
Arbitrary Plugin Deactivation Vulnerability in Gallery Images Ape WordPress Plugin (up to version 2.0.6)
HTML Injection Vulnerability in Email Templates Plugin for WordPress (up to version 1.3)
Authorization Bypass Vulnerability in Funnel Builder WordPress Plugin
Stored Cross-Site Scripting Vulnerability in Abandoned Cart Lite and Pro for WooCommerce Plugins
Reverse Tabnabbing Vulnerability in DOMPurify 1.0.11 and Earlier
Cross-Site Scripting (XSS) Vulnerability in dstar2018 Agency up to 61
Critical Vulnerability in Ethex Contracts: Remote Manipulation and Improper Access Controls (VDB-248271)
Critical OS Command Injection Vulnerability in pedroetb tts-api up to 2.1.4 (VDB-248278)
SQL Injection Vulnerability in mpedraza2020 Intranet del Monterroso up to 4.50.0
Vulnerability in Portable Clusterware component of Oracle Database Server
CVE-2019-25160
CVE-2019-25162
Oracle Database Server Core RDBMS Component Vulnerability
Java VM Component Vulnerability in Oracle Database Server
Vulnerability in PeopleSoft Enterprise SCM eProcurement Component: Unauthorized Data Access and Manipulation
Oracle VM VirtualBox Vulnerability: Unauthorized Takeover of Virtualization Infrastructure
Vulnerability in Oracle VM VirtualBox: Privilege Escalation and Takeover
CVE-2019-25210
Oracle VM VirtualBox Vulnerability: Unauthorized Takeover of Virtualization Infrastructure
Vulnerability in Oracle VM VirtualBox: Privilege Escalation and Takeover
Vulnerability in Oracle VM VirtualBox: Takeover Exploit
Vulnerability in Oracle VM VirtualBox: Unauthorized Access to Critical Data
Vulnerability in Oracle VM VirtualBox: Privilege Escalation and Takeover
Vulnerability in Oracle VM VirtualBox: Unauthorized Hang or Crash
MySQL Server Partition Vulnerability
MySQL Server Denial of Service Vulnerability
Vulnerability in MySQL Server: Unauthorized Server Hang or Crash
MySQL Server Replication Vulnerability
MySQL Server Privilege Escalation Vulnerability
Privilege Escalation Vulnerability in Oracle MySQL Server
Vulnerability in MySQL Server Replication Component: Unauthorized Access and Data Compromise
MySQL Server Denial of Service Vulnerability
Vulnerability in Oracle MySQL Server: Unauthorized Denial of Service (DoS)
MySQL Server Denial of Service Vulnerability
Oracle Managed File Transfer Component Vulnerability
MySQL Server Vulnerability: Unauthorized Hang and Crash
Vulnerability in Oracle Java SE's Java Advanced Management Console: Unauthorized Data Access and Manipulation
Oracle Solaris DHCP Client Vulnerability
Oracle Solaris Kernel Unauthorized Read Access Vulnerability
Oracle Solaris Kernel Unauthorized Read Access Vulnerability
Oracle Solaris LDoms IO Vulnerability: Unauthorized Access and Partial Denial of Service
Oracle E-Business Suite Oracle Applications Manager SQL Extensions Unauthenticated Remote Code Execution Vulnerability
Oracle Database Server Java VM Component Denial of Service Vulnerability
Vulnerability in Oracle VM VirtualBox: Takeover Exploit
Vulnerability in Oracle FLEXCUBE Direct Banking Logoff Page Allows Unauthorized Data Access
Vulnerability in Oracle FLEXCUBE Direct Banking Logoff Page Allows Unauthorized Data Manipulation
Vulnerability in Oracle One-to-One Fulfillment Print Server Component
Vulnerability in Oracle VM VirtualBox: Takeover Exploit
Vulnerability in Oracle VM VirtualBox: Unauthorized Read Access
Vulnerability in Oracle VM VirtualBox: Unauthorized Access to Critical Data
Vulnerability in Oracle VM VirtualBox: Unauthorized Access to Critical Data
Vulnerability in Oracle VM VirtualBox: Unauthorized Access to Critical Data
Vulnerability in Oracle Application Testing Suite component of Oracle Enterprise Manager Products Suite: Unauthorized Data Access and Partial Denial of Service
Oracle Retail Point-of-Service Vulnerability: Unauthorized Access and Partial Denial of Service
Vulnerability in Oracle Retail Xstore Office component allows unauthorized access and data compromise
Unauthorized Read Access Vulnerability in JD Edwards EnterpriseOne Tools
JD Edwards World Technical Foundation Unauthenticated Remote Access Vulnerability
MySQL Server Audit Plug-in Denial of Service Vulnerability
Oracle Configurator Component Vulnerability in Supply Chain Products Suite
Oracle WebLogic Server Component Vulnerability
Oracle Database Server Core RDBMS Local Logon Privilege Vulnerability
Vulnerability in Oracle Siebel CRM: Unauthorized Access and Partial Denial of Service in Siebel Core - Server BizLogic Script
Oracle Database Server RDBMS DataPump Component Takeover Vulnerability
Oracle SOA Suite Fabric Layer Unauthorized Read Access Vulnerability
Unauthenticated Remote Code Execution Vulnerability in PeopleSoft Enterprise PeopleTools
Vulnerability in Oracle VM VirtualBox Allows Unauthorized Access to Critical Data
Unauthenticated Unauthorized Read Access Vulnerability in Oracle AutoVue 3D Professional Advanced
Oracle Service Bus Web Container Unauthenticated Remote Denial of Service Vulnerability
Oracle Solaris File Locking Services Vulnerability
Oracle WebCenter Sites Unauthenticated Remote Code Execution Vulnerability
Unauthorized Read Access Vulnerability in Oracle WebCenter Sites (12.2.1.3.0)
MySQL Server InnoDB Component Denial of Service Vulnerability
MySQL Server Vulnerability: Denial of Service (DoS) via Optimizer Component
Oracle Database Server Core RDBMS Unauthorized Read Access Vulnerability
Vulnerability in Oracle iSupplier Portal: Unauthorized Access and Data Compromise
Vulnerability in MySQL Server: Unauthorized Hang or Crash
MySQL Server InnoDB Component Denial of Service Vulnerability
Unauthorized Read Access Vulnerability in Oracle PeopleSoft Products
MySQL Server Vulnerability: Unauthorized Hang and Crash
BI Publisher (formerly XML Publisher) High Privilege Unauthorized Access Vulnerability
Vulnerability in MySQL Server: Unauthorized Hang or Crash
Vulnerability in PeopleSoft Enterprise HCM Talent Acquisition Manager: Unauthorized Access and Data Compromise
Vulnerability in PeopleSoft Enterprise HRMS Component of Oracle PeopleSoft Products: Unauthorized Data Access and Manipulation
MySQL Server Denial of Service Vulnerability
MySQL Server InnoDB Component Denial of Service Vulnerability
Vulnerability in PeopleSoft Enterprise PT PeopleTools component allows unauthorized access and data manipulation
Vulnerability in Oracle BI Publisher component allows unauthorized access and data compromise
Vulnerability in MySQL Server: Optimizer Component (CVE-2019-2628)
Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Data Access and Manipulation
Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Access and Data Manipulation
Critical Data Access Vulnerability in Oracle PeopleSoft Products (Pagelet Wizard)
Vulnerability in Oracle Email Center component of Oracle E-Business Suite: Unauthorized Access and Data Compromise
Vulnerability in BI Publisher component of Oracle Fusion Middleware: Unauthorized Access and Data Compromise
Vulnerability in Oracle Java SE Allows for Denial of Service Attacks
Vulnerability in Oracle One-to-One Fulfillment Print Server Component
Oracle Marketing Component Vulnerability in Oracle E-Business Suite
Oracle Business Intelligence Enterprise Edition Web Catalog Unauthorized Read Access Vulnerability
Vulnerability in MySQL Server: Unauthorized Hang or Crash
Vulnerability in MySQL Server: Optimizer Component (CVE-2019-2628)
Vulnerability in Oracle Outside In Technology: Unauthorized Access and Partial Denial of Service
Vulnerability in Oracle Outside In Technology: Unauthorized Data Access and Partial Denial of Service
Vulnerability in Oracle Outside In Technology: Unauthorized Data Access and Partial Denial of Service
Vulnerability in Oracle Outside In Technology: Unauthorized Data Access and Partial Denial of Service
Vulnerability in Oracle Outside In Technology: Unauthorized Data Access and Partial Denial of Service
Vulnerability in Oracle Outside In Technology: Unauthorized Data Access and Partial Denial of Service
MySQL Server Replication Vulnerability
Oracle WebLogic Server Component Vulnerability
Vulnerability in Oracle BI Publisher (formerly XML Publisher) Allows Unauthorized Data Access and Manipulation
Vulnerability in MySQL Server Replication Component: Unauthorized Server Crash
Oracle WebLogic Server Remote Code Execution Vulnerability
Vulnerability in Portable Clusterware component of Oracle Database Server
Vulnerability in MySQL Server: Unauthorized Hang or Crash
Oracle E-Business Suite Vulnerability: Unauthorized Data Manipulation in Application Object Library
Oracle Service Contracts Renewals Component Vulnerability
Vulnerability in MySQL Server: Unauthorized Server Hang or Crash
MySQL Server InnoDB Component Denial of Service Vulnerability
Vulnerability in MySQL Server: Optimizer Component (CVE-2019-2628)
Vulnerability in MySQL Server: Unauthorized Hang or Crash
MySQL Server Privilege Escalation Vulnerability
MySQL Server Denial of Service Vulnerability
Vulnerability in Oracle Health Sciences Data Management Workbench allows unauthorized data access and manipulation
Vulnerability in MySQL Server Replication Component: Unauthorized Server Crash
MySQL Server Information Schema Denial of Service Vulnerability
Vulnerability in MySQL Server: Pluggable Auth Component
Oracle Work in Process Component Vulnerability: Unauthorized Access and Data Manipulation
Vulnerability in MySQL Server Replication Component: Unauthorized Server Hang or Crash
Vulnerability in MySQL Server Replication Component: Unauthorized Server Crash
MySQL Server Group Replication Plugin Denial of Service Vulnerability
Vulnerability in PeopleSoft Enterprise PeopleTools: Unauthorized Data Access and Manipulation
Oracle General Ledger Component Vulnerability in Consolidation Hierarchy Viewer
Vulnerability in Oracle CRM Technical Foundation component of Oracle E-Business Suite: Unauthorized Access and Data Compromise
Oracle Trade Management User Interface Vulnerability
Oracle Trade Management User Interface Vulnerability
Oracle Trade Management User Interface Vulnerability
Oracle Trade Management User Interface Vulnerability
Vulnerability in MySQL Server: Unauthorized Hang or Crash
Oracle WebLogic Server T3 Network Access Vulnerability
Oracle WebLogic Server EJB Container Takeover Vulnerability
Oracle WebLogic Server Unauthenticated Remote Code Execution Vulnerability
Oracle WebLogic Server Unauthenticated Remote Code Execution Vulnerability
Oracle WebLogic Server Unauthenticated Remote Code Execution Vulnerability
Oracle WebLogic Server Unauthenticated Remote Code Execution Vulnerability
Vulnerability in Oracle Email Center component of Oracle E-Business Suite: Unauthorized Access and Data Compromise
Oracle iStore Component Vulnerability: Unauthorized Access and Data Compromise
Vulnerability in Oracle One-to-One Fulfillment Print Server Component
Oracle One-to-One Fulfillment Print Server Unauthenticated Remote Code Execution Vulnerability
Vulnerability in Oracle Interaction Center Intelligence component of Oracle E-Business Suite: Unauthorized Access and Data Compromise
Vulnerability in Oracle VM VirtualBox Allows Takeover
Vulnerability in Oracle VM VirtualBox allows for takeover
Oracle WebLogic Server Remote Code Execution Vulnerability
Vulnerability in Oracle Commerce Platform: Unauthorized Data Access and Manipulation
Vulnerability in Oracle Knowledge Management component of Oracle E-Business Suite: Unauthorized Access and Data Compromise
Vulnerability in Oracle Email Center component of Oracle E-Business Suite: Unauthorized Access and Data Compromise
Oracle E-Business Suite Territory Management Component Vulnerability
Oracle Advanced Outbound Telephony User Interface Unauthenticated Remote Code Execution Vulnerability
Oracle Marketing Component Vulnerability in Oracle E-Business Suite
Oracle E-Business Suite CRM User Management Framework Unauthenticated Remote Code Execution Vulnerability
Oracle One-to-One Fulfillment Print Server Unauthenticated Remote Code Execution Vulnerability
Oracle One-to-One Fulfillment Print Server Unauthenticated Remote Code Execution Vulnerability
Oracle E-Business Suite CRM Technical Foundation Preferences Unauthenticated Remote Code Execution Vulnerability
Oracle Marketing Component Vulnerability in Oracle E-Business Suite
Vulnerability in Oracle CRM Technical Foundation component of Oracle E-Business Suite: Unauthorized Access and Data Compromise
Oracle One-to-One Fulfillment Print Server Unauthenticated Remote Code Execution Vulnerability
Oracle Marketing Component Vulnerability in Oracle E-Business Suite
Vulnerability in Oracle One-to-One Fulfillment Print Server Component
Vulnerability in Oracle CRM Technical Foundation component of Oracle E-Business Suite: Unauthorized Access and Data Compromise
Oracle E-Business Suite CRM Technical Foundation Preferences Unauthenticated Remote Code Execution Vulnerability
Oracle Marketing Component Vulnerability in Oracle E-Business Suite
Vulnerability in Oracle VM VirtualBox Allows Unauthorized Access to Critical Data
Vulnerability in Oracle VM VirtualBox Allows Unauthorized Access and Denial of Service
Vulnerability in Oracle VM VirtualBox Allows Takeover
Vulnerability in MySQL Server: Optimizer Component (CVE-2019-2628)
Oracle E-Business Suite Vulnerability: Unauthorized Access and Data Compromise in Attachments/File Upload Component
MySQL Server Denial of Service Vulnerability
Vulnerability in Oracle Java SE RMI Component: Unauthorized Data Access
Vulnerability in MySQL Server: Optimizer Component (CVE-2019-2628)
Vulnerability in MySQL Server: Optimizer Component (CVE-2019-2628)
Vulnerability in MySQL Server: Optimizer Component (CVE-2019-2628)
Vulnerability in MySQL Server: Optimizer Component (CVE-2019-2628)
Vulnerability in MySQL Server: Optimizer Component (CVE-2019-2628)
Vulnerability in Oracle VM VirtualBox Allows Takeover
MySQL Server Vulnerability: Unauthorized Hang and Crash
Vulnerability in MySQL Connectors: High Privileged Takeover
Vulnerability in MySQL Server: Unauthorized Server Hang or Crash
Vulnerability in MySQL Server: Unauthorized Server Hang or Crash
Vulnerability in MySQL Server: Unauthorized Server Hang or Crash
Vulnerability in Oracle VM VirtualBox Allows Takeover
Java SE 2D Component Takeover Vulnerability
Java SE 2D Component Takeover Vulnerability
Java SE Component DLL Vulnerability
Vulnerability in PeopleSoft Enterprise ELM Allows Unauthorized Data Manipulation
Unauthorized Read Access Vulnerability in Primavera P6 Enterprise Project Portfolio Management
Oracle Hospitality Cruise Dining Room Management Web Service Vulnerability
Vulnerability in Oracle VM VirtualBox Allows Takeover
Oracle Solaris IPS Package Manager Unauthorized Read Access Vulnerability
Vulnerability in Oracle Outside In Technology: Unauthorized Access and Denial of Service
Oracle Business Process Management Suite Vulnerability
Vulnerability in PeopleSoft Enterprise ELM Enterprise Learning Management: Unauthorized Data Access and Manipulation
Vulnerability in Oracle Berkeley DB Data Store Component: Unauthorized Partial Denial of Service
Oracle Transportation Management Component Vulnerability
Vulnerability in Oracle Commerce Platform: Unauthorized Data Access and Manipulation
Vulnerability in Oracle Commerce Merchandising component allows unauthorized data access and manipulation
Oracle Knowledge Component Vulnerability in Oracle Siebel CRM
Oracle Data Integrator Unauthorized Read Access Vulnerability
Vulnerability in Oracle VM VirtualBox Allows Takeover
Vulnerability in Oracle VM VirtualBox Allows Takeover
Vulnerability in Oracle VM VirtualBox Allows Takeover
Oracle WebLogic Server Remote Code Execution Vulnerability
Enterprise Manager Ops Center Services Integration Vulnerability
Oracle Application Testing Suite Component Vulnerability
Vulnerability in Enterprise Manager Ops Center Networking Component Allows Unauthorized Data Manipulation
Oracle WebLogic Server Remote Code Execution Vulnerability
Privilege Escalation Vulnerability in Oracle MySQL Server
Vulnerability in MySQL Server Replication Component: Unauthorized Data Access and Partial Denial of Service
Unauthenticated Read Access Vulnerability in Oracle Demantra Demand Management
Oracle Demantra Demand Management Component Vulnerability: Unauthorized Data Manipulation
Vulnerability in Core RDBMS Component of Oracle Database Server (CVE-2021-1234)
Oracle Hyperion Workspace Unauthorized Data Access Vulnerability
Vulnerability in Oracle FLEXCUBE Investor Servicing component allows unauthorized data access and manipulation
MySQL Server Pluggable Auth Vulnerability
MySQL Server Vulnerability: Unauthorized Read Access to Data
Privilege Escalation Vulnerability in Oracle MySQL Server
MySQL Server XML Component Denial of Service Vulnerability
MySQL Server Audit Log Denial of Service Vulnerability
Oracle BI Publisher Web Service API Unauthenticated Remote Code Execution Vulnerability
Vulnerability in MySQL Server component allows for Denial of Service (DoS) attacks
Vulnerability in Oracle FLEXCUBE Universal Banking Allows Unauthorized Data Access and Manipulation
Java SE Security Vulnerability: Unauthorized Access to Critical Data
Vulnerability in MySQL Server: Unauthorized Server Hang or Crash
MySQL Server GIS Component Denial of Service Vulnerability
Vulnerability in PeopleSoft Enterprise PT PeopleTools component allows unauthorized access and data manipulation
Vulnerability in Java VM Component of Oracle Database Server: Unauthorized Data Access and DOS
Vulnerability in MICROS Retail-J component of Oracle Retail Applications: Unauthorized Access and Data Compromise
Oracle HTTP Server Vulnerability: Unauthorized Access to Critical Data
MySQL Server Denial of Service Vulnerability
Oracle Text Component Vulnerability: Unauthorized Data Access and Partial Denial of Service
Vulnerability in Oracle FLEXCUBE Universal Banking: Unauthorized Data Access and Modification
MySQL Server Replication Vulnerability
Vulnerability in Oracle Outside In Technology Allows Unauthorized Data Access and Partial Denial of Service
MySQL Server Denial of Service Vulnerability
Vulnerability in MySQL Server component allows unauthorized data access and server compromise
Vulnerability in Oracle Outside In Technology Allows Unauthorized Data Access and Partial Denial of Service
Vulnerability in Oracle Berkeley DB Data Store Component (CVE-XXXX-XXXX)
Unauthenticated Read Access Vulnerability in Oracle Application Object Library
Vulnerability in Oracle Java SE Allows Partial Denial of Service
Oracle Hospitality Gift and Loyalty Component Unauthorized Access Vulnerability
Vulnerability in Oracle Outside In Technology Allows Unauthorized Data Access and Partial Denial of Service
Vulnerability in Oracle Solaris Filesystem Allows Unauthorized Access and Partial Denial of Service
Java SE Networking Vulnerability
Vulnerability in Oracle BI Publisher (formerly XML Publisher) Allows Unauthorized Data Access and Manipulation
Unauthenticated Access Vulnerability in Oracle BI Publisher
Vulnerability in Oracle Java SE Allows Partial Denial of Service
Oracle Hyperion Planning Component Vulnerability: Unauthorized Access to Critical Data
Vulnerability in BI Publisher (formerly XML Publisher) component of Oracle Fusion Middleware: Unauthorized Data Access and Partial Denial of Service
Vulnerability in PeopleSoft Enterprise PeopleTools Activity Guide Component
Oracle Payments File Transmission Vulnerability
MySQL Server Denial of Service Vulnerability
Oracle Payments File Transmission Vulnerability
Oracle Database Server Core RDBMS Component Unauthorized Access Vulnerability
Vulnerability in Oracle Siebel CRM: Unauthorized Data Access and Manipulation
Vulnerability in MySQL Server: Unauthorized Data Access and Partial Denial of Service
Siebel Core - Common Components Email Vulnerability
MySQL Server Denial of Service Vulnerability
Oracle Hospitality Suite8 XML Interface Unauthorized Access Vulnerability
Oracle Payments Component File Transmission Vulnerability
Oracle Payments File Transmission Vulnerability
MySQL Server Denial of Service Vulnerability
MySQL Server InnoDB Component Denial of Service Vulnerability
Unauthenticated Remote Code Execution Vulnerability in Oracle Java SE
Oracle Solaris Automount Unauthenticated Network Access Vulnerability
Solaris Open Fabrics Tools Unauthorized Access and Denial of Service Vulnerability
Privilege Escalation Vulnerability in Oracle MySQL Server
Vulnerability in Oracle FLEXCUBE Universal Banking Allows Unauthorized Data Access and Manipulation
Vulnerability in MySQL Server Audit Plug-in Allows Unauthorized Data Access
Vulnerability in Oracle Outside In Technology Allows Unauthorized Data Access and Partial Denial of Service
Vulnerability in Oracle FLEXCUBE Universal Banking Allows Partial Denial of Service
Oracle FLEXCUBE Universal Banking Unauthorized Data Access Vulnerability
Vulnerability in MySQL Server: Unauthorized Server Hang or Crash
Vulnerability in MySQL Server: Unauthorized Hang and Crash
MySQL Server Denial of Service Vulnerability
MySQL Server InnoDB Component Denial of Service Vulnerability
Privilege Escalation Vulnerability in Oracle ODBC Driver for Windows
Vulnerability in MySQL Server Replication Component: Unauthorized Access and Denial of Service
MySQL Server FTS Component Denial of Service Vulnerability
Vulnerability in MySQL Server: Optimizer Component (CVE-2020-2819)
Vulnerability in MySQL Server: Unauthorized Hang and Crash
Vulnerability in Oracle Solaris Filesystem Allows Takeover
MySQL Server Denial of Service Vulnerability
Oracle Solaris Zone Vulnerability: Unauthorized Data Access and Partial Denial of Service
Vulnerability in MySQL Server: Unauthorized Hang and Crash
Oracle iRecruitment Password Reset Vulnerability
Vulnerability in MySQL Server: Optimizer Component (CVE-2020-2819)
MySQL Server Privilege Escalation Vulnerability
Vulnerability in MySQL Server: Unauthorized Server Hang or Crash
Oracle GraalVM Enterprise Edition Denial of Service Vulnerability
MySQL Server Vulnerability: Unauthorized Data Manipulation via Multiple Protocols
Vulnerability in MySQL Server: Unauthorized Hang and Crash
Java SE, Java SE Embedded Networking Vulnerability
Vulnerability in Oracle Agile PLM Component of Oracle Supply Chain Products Suite: Unauthorized Access and Partial Denial of Service
Java SE Security Vulnerability: Unauthorized Read Access
Vulnerability in Oracle MySQL Server: Unauthorized Access and Denial of Service
Oracle Solaris Gnuplot Vulnerability: Unauthorized Takeover of Oracle Solaris
Java SE JSSE Vulnerability: Unauthorized Access to Critical Data
Vulnerability in MySQL Server Allows Takeover (CVE-2020-2819)
Vulnerability in Oracle Financial Services Analytical Applications Infrastructure component allows unauthorized data access and manipulation
Oracle WebLogic Server Remote Code Execution Vulnerability
Vulnerability in Oracle Applications Manager: Unauthorized Access and Data Manipulation
MySQL Server Vulnerability: Unauthorized Hang or Crash
Oracle WebLogic Server Remote Code Execution Vulnerability
Oracle Field Service Component Vulnerability: Unauthorized Takeover
Vulnerability in Oracle iSupport component of Oracle E-Business Suite: Unauthorized Access and Data Compromise
Vulnerability in MySQL Server: Unauthorized Hang and Crash
Vulnerability in PeopleSoft Enterprise FIN Project Costing component of Oracle PeopleSoft Products (9.2)
Oracle Solaris Common Desktop Environment Vulnerability
Oracle Hospitality Simphony Component Vulnerability
Vulnerability in MySQL Server: Unauthorized Server Hang or Crash
Vulnerability in Oracle Outside In Technology Allows Unauthorized Data Access and Partial Denial of Service
Oracle Hospitality Simphony Component Vulnerability
Vulnerability in Oracle CRM Technical Foundation component of Oracle E-Business Suite: Unauthorized Access and Data Compromise
Oracle Solaris NFS Unauthorized Access Vulnerability
Critical Data Access Vulnerability in Oracle FLEXCUBE Universal Banking
Vulnerability in Oracle FLEXCUBE Universal Banking: Unauthorized Access to Critical Data
Vulnerability in Oracle FLEXCUBE Investor Servicing component allows unauthorized access and data manipulation
Java SE JCE Component Denial of Service Vulnerability
Vulnerability in Oracle FLEXCUBE Investor Servicing component allows unauthorized data access and manipulation
Oracle Solaris LDAP Client Tools Vulnerability: Unauthorized Takeover of Oracle Solaris
Oracle FLEXCUBE Investor Servicing Component Denial of Service Vulnerability
Oracle FLEXCUBE Investor Servicing Unauthorized Read Access Vulnerability
Vulnerability in Oracle FLEXCUBE Investor Servicing component allows unauthorized access to critical data
Vulnerability in Oracle VM VirtualBox Allows Unauthorized Denial of Service Attacks
Vulnerability in Oracle VM VirtualBox Allows Partial Denial of Service
Vulnerability in Oracle Outside In Technology Allows Unauthorized Data Access and Partial Denial of Service
Vulnerability in Oracle Outside In Technology Allows Unauthorized Data Access and Partial Denial of Service
Vulnerability in Oracle Outside In Technology Allows Unauthorized Data Access and Partial Denial of Service
Vulnerability in Oracle Outside In Technology Allows Unauthorized Data Access and Partial Denial of Service
Oracle WebLogic Server Remote Code Execution Vulnerability
Vulnerability in Siebel UI Framework component of Oracle Siebel CRM: Unauthorized Data Access and Manipulation
Oracle Identity Manager Advanced Console Unauthorized Data Access Vulnerability
Vulnerability in Oracle VM VirtualBox Allows Takeover
Oracle Clusterware Vulnerability in Trace File Analyzer (TFA) Collector (CVE-2021-1234)
Oracle Hyperion Planning Security Vulnerability: Unauthorized Data Access and Modification
Vulnerability in Oracle GraalVM Enterprise Edition: Unauthorized Data Access and Denial of Service
Vulnerability in Oracle VM VirtualBox Allows Unauthorized Access to Critical Data
Oracle VM VirtualBox Vulnerability: High Privileged Takeover (CVE-2019-2537)
Oracle VM VirtualBox Vulnerability: High Privileged Takeover (CVE-2019-2537)
Oracle VM VirtualBox Vulnerability: High Privileged Takeover (CVE-2019-2537)
Oracle VM VirtualBox Vulnerability: High Privileged Takeover (CVE-2019-2537)
Vulnerability in Oracle Berkeley DB Data Store Component (CVE-XXXX-XXXX)
Vulnerability in Oracle Berkeley DB Data Store Component (CVE-XXXX-XXXX)
Vulnerability in Oracle Berkeley DB Data Store Component (CVE-XXXX-XXXX)
Vulnerability in Oracle Berkeley DB Data Store Component (CVE-XXXX-XXXX)
Vulnerability in Oracle Retail Xstore Point of Service: Unauthorized Data Access
Vulnerability in Oracle VM VirtualBox Allows Partial Denial of Service
Vulnerability in Oracle VM VirtualBox Allows Partial Denial of Service
Vulnerability in Oracle VM VirtualBox Allows Partial Denial of Service
Vulnerability in Oracle VM VirtualBox Allows Partial Denial of Service
Vulnerability in Oracle VM VirtualBox Allows for Denial of Service Attacks
Vulnerability in Sun ZFS Storage Appliance Kit (AK) Allows Unauthorized Data Access
MySQL Server InnoDB Component Denial of Service Vulnerability
Oracle Retail Store Inventory Management Product Takeover Vulnerability
Vulnerability in Oracle Retail Customer Management and Segmentation Foundation (Version 17.0) Allows Unauthorized Data Access and Manipulation
Oracle Retail Customer Management and Segmentation Foundation Unauthenticated Access Vulnerability
Vulnerability in Oracle Forms of Oracle Fusion Middleware: Unauthorized Data Access and Manipulation
Oracle WebLogic Server Unauthorized Read Access Vulnerability
Oracle WebLogic Server EJB Container Unauthorized Read Access Vulnerability
Vulnerability in Oracle WebLogic Server 12.2.1.3.0 Allows Unauthorized Data Access
Oracle WebLogic Server T3 Network Access Vulnerability
Oracle WebLogic Server Console Unauthenticated Takeover Vulnerability
Unauthenticated Access Vulnerability in Oracle Java SE and Java SE Embedded
Enterprise Manager for Exadata Remote Code Execution Vulnerability
Unauthenticated Remote Access Vulnerability in MICROS Relate CRM Software
Vulnerability in Oracle Business Intelligence Enterprise Edition: Unauthorized Data Access and Manipulation
Unauthorized Read Access Vulnerability in Oracle BI Publisher
Oracle JDeveloper and ADF Unauthorized Read Access Vulnerability
Unauthenticated Remote Code Execution Vulnerability in Oracle Business Intelligence Enterprise Edition
Vulnerability in Oracle Outside In Technology: Unauthorized Access and Partial Denial of Service
Vulnerability in Oracle Outside In Technology: Unauthorized Access and Partial Denial of Service
Vulnerability in Oracle Outside In Technology: Unauthorized Access and Partial Denial of Service
Oracle JDeveloper and ADF Product Vulnerability: Unauthorized Takeover
Oracle Business Intelligence Enterprise Edition Installation Vulnerability
Vulnerability in Oracle BI Publisher (formerly XML Publisher) Allows Unauthorized Access and Data Manipulation
Oracle Web Services Unauthenticated Remote Code Execution Vulnerability
Java VM Component Vulnerability in Oracle Database Server (Versions 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c, and 19c) Allows Unauthorized Data Manipulation
Unauthenticated Unauthorized Read Access Vulnerability in Oracle MySQL Server
Vulnerability in Oracle MySQL Server: Unauthorized Read Access to Data
Vulnerability in Oracle Database Server: Unauthorized Read Access to Core RDBMS Data
MySQL Server Vulnerability: Unauthorized Denial of Service (DoS) Attacks
Vulnerability in Oracle PeopleSoft Enterprise PeopleTools: Unauthorized Data Access and Manipulation
Vulnerability in MySQL Connectors Allows Partial Denial of Service
Unauthenticated Unauthorized Read Access Vulnerability in Oracle MySQL Server
Unauthenticated Unauthorized Read Access Vulnerability in Oracle MySQL Server
Unauthenticated Unauthorized Read Access Vulnerability in Oracle MySQL Server
Oracle Workflow Worklist Unauthenticated Access Vulnerability
Oracle VM VirtualBox Prior to 5.2.34 and 6.0.14 Vulnerability: Unauthorized Partial Denial of Service
Highly Privileged Takeover Vulnerability in Oracle Hyperion Data Relationship Management
Vulnerability in Oracle PeopleSoft Enterprise PeopleTools: Unauthorized Data Access and Manipulation
Oracle Field Service Product Vulnerability: Unauthorized Data Manipulation
Vulnerability in Oracle PeopleSoft Enterprise PeopleTools: Unauthorized Data Access and Manipulation
Vulnerability in Oracle PeopleSoft Enterprise PeopleTools: Unauthorized Access to Critical Data
Unauthenticated Unauthorized Read Access Vulnerability in Oracle Java SE
Vulnerability in Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications (CVE-2021-12345)
Unauthenticated Unauthorized Read Access Vulnerability in Oracle Siebel CRM
Vulnerability in Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications (CVE-2021-12345)
Vulnerability in Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications (CVE-2021-12345)
MySQL Server Denial of Service Vulnerability
Vulnerability in Oracle Database Server: Unauthorized Read Access to Core RDBMS Data
Oracle Database Server Core RDBMS Component Unauthorized Data Manipulation Vulnerability
Vulnerability in Oracle Hyperion Profitability and Cost Management (Modeling Component) Allows Unauthorized Data Access
Vulnerability in Oracle Advanced Outbound Telephony Allows Unauthorized Access and Data Manipulation
Oracle Data Integrator Studio Vulnerability
Oracle VM VirtualBox Vulnerability: Unauthorized Access and Denial of Service
Java SE Networking Vulnerability Allows Unauthorized Partial Denial of Service
MySQL Server Denial of Service Vulnerability
Oracle Hospitality Reporting and Analytics Component Unauthorized Access Vulnerability
MySQL Server Denial of Service Vulnerability
Vulnerability in Oracle Java SE: Unauthorized Access via Kerberos
MySQL Server Vulnerability: Unauthorized Hang and Crash
Unauthorized Read Access Vulnerability in Oracle PeopleSoft Enterprise HCM Human Resources (9.2)
Vulnerability in Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications (CVE-2021-12345)
Oracle Hospitality Cruise Dining Room Management Web Service Unauthorized Access Vulnerability
Vulnerability in Oracle Database Server: Unauthorized Data Manipulation and Partial Denial of Service
Vulnerability in Oracle Database Server: Unauthorized Data Access and Partial Denial of Service
Vulnerability in Core RDBMS (jackson-databind) component of Oracle Database Server: Unauthorized Denial of Service (DoS)
MySQL Server Encryption Vulnerability
Vulnerability in Oracle Java SE Libraries Allows Unauthorized Data Manipulation
High Privilege Vulnerability in Oracle Hyperion Financial Reporting (Version 11.1.2.4)
MySQL Server Replication Vulnerability: Unauthorized Hang or Crash
Vulnerability in Oracle Solaris SMF Services & Legacy Daemons: Unauthorized Data Access and Partial Denial of Service
Java SE, Java SE Embedded 2D Component Denial of Service Vulnerability
MySQL Server InnoDB Component Denial of Service Vulnerability
Vulnerability in Java SE and Java SE Embedded: Concurrency Component Allows Partial Denial of Service
Vulnerability in Oracle Siebel CRM: Unauthorized Access to Critical Data
MySQL Server Vulnerability: Unauthorized Hang and Crash (CVE-XXXX-XXXX)
MySQL Server Vulnerability: Unauthorized Hang and Crash (CVE-XXXX-XXXX)
MySQL Server InnoDB Component Denial of Service Vulnerability
Vulnerability in Oracle MySQL Server Allows Unauthorized Access to Critical Data
Vulnerability in Oracle Outside In Technology: Unauthorized Access and Partial Denial of Service
Vulnerability in Oracle Outside In Technology: Unauthorized Access and Partial Denial of Service
Vulnerability in Oracle Outside In Technology: Unauthorized Access and Partial Denial of Service
Vulnerability in JAXP component of Oracle Java SE: Unauthorized Partial Denial of Service
MySQL Server Vulnerability: Unauthorized Denial of Service (DoS) Attacks
Vulnerability in Oracle Java SE Allows Unauthorized Data Access and Partial Denial of Service
Title: Critical Vulnerability in Oracle Primavera P6 Enterprise Project Portfolio Management Allows Unauthorized Access to Critical Data
Vulnerability in Oracle Java SE: Unauthorized Data Access and Partial Denial of Service
Java SE and Java SE Embedded Networking Vulnerability: Unauthorized Partial Denial of Service
Vulnerability in Oracle FLEXCUBE Direct Banking Allows Unauthorized Data Manipulation
Vulnerability in Oracle FLEXCUBE Direct Banking: Unauthorized Access to Critical Data
Vulnerability in JAXP component of Oracle Java SE: Unauthorized Partial Denial of Service
MySQL Server Vulnerability: Unauthorized Hang and Crash
Java SE and Java SE Embedded Serialization Vulnerability
Oracle VM VirtualBox Vulnerability: Unauthorized Hang and Crash Attacks
Vulnerability in Oracle PeopleSoft Enterprise PeopleTools: Unauthorized Data Access and Manipulation
Oracle GraalVM Enterprise Edition Multiple Protocol Vulnerability
Java SE 2D Component Denial of Service Vulnerability
Java SE, Java SE Embedded 2D Component Denial of Service Vulnerability
Java SE, Java SE Embedded Networking Vulnerability
Oracle iStore Order Tracker Unauthenticated Remote Code Execution Vulnerability
Vulnerability in Oracle MySQL Server: Unauthorized Data Access and Server Crash
Java SE, Java SE Embedded 2D Component Denial of Service Vulnerability
MySQL Server Denial of Service Vulnerability
Vulnerability in Oracle Marketing of Oracle E-Business Suite: Unauthorized Access and Data Compromise
Oracle Marketing Product Vulnerability: Unauthorized Access and Data Compromise
Vulnerability in Java SE and Java SE Embedded Allows Unauthorized Data Access
MySQL Server Denial of Service Vulnerability
MySQL Server Vulnerability: Unauthorized Hang and Crash
Vulnerability in Oracle Java SE Javadoc Component: Unauthorized Data Access
Oracle Marketing Product Vulnerability: Unauthorized Access and Data Compromise
Unauthenticated Access Vulnerability in Oracle PeopleSoft Enterprise SCM eProcurement (CVE-XXXX)
Oracle VM VirtualBox Vulnerability: Unauthorized Hang and Crash Attacks
MySQL Server InnoDB Component Denial of Service Vulnerability
MySQL Server Denial of Service Vulnerability
Oracle VM VirtualBox Vulnerability: Unauthorized Hang and Crash
LDAP Library Vulnerability in Oracle Solaris 11: Unauthorized Partial Denial of Service
MySQL Server Vulnerability: Unauthorized Hang and Crash
Oracle Solaris XScreenSaver Privilege Escalation Vulnerability
MySQL Server Denial of Service Vulnerability
Oracle Business Intelligence Enterprise Edition Unauthenticated Read Access Vulnerability
Vulnerability in Oracle PeopleSoft Enterprise PeopleTools: Unauthorized Data Access and Manipulation
Unauthorized Read Access Vulnerability in Oracle PeopleSoft Integration Broker
Memory Leakage Vulnerability in Linux KVM Guests with PV TLB Enabled
Oracle VM VirtualBox Vulnerability: High Privileged Takeover (CVE-2020-12345)
MySQL Server InnoDB Component Denial of Service Vulnerability
Vulnerability in Oracle Banking Digital Experience: Unauthorized Data Access and Manipulation
Vulnerability in Primavera P6 Enterprise Project Portfolio Management: Unauthorized Access and Data Manipulation
Vulnerability in Oracle VM VirtualBox: Unauthorized Hang or Crash
Oracle Content Manager Unauthenticated Remote Code Execution Vulnerability
Vulnerability in Oracle PeopleSoft: Unauthorized Data Manipulation via Stylesheet
Vulnerability in Oracle Installed Base of Oracle E-Business Suite: Unauthorized Data Manipulation
Oracle Hospitality RES 3700 Unauthenticated Remote Code Execution Vulnerability
Vulnerability in Oracle VM VirtualBox: Unauthorized Access to Critical Data
Unauthenticated Remote Denial of Service Vulnerability in Oracle Application Object Library
Vulnerability in Oracle VM VirtualBox: Unauthorized Takeover
Vulnerability in Oracle VM VirtualBox: Unauthorized Access to Critical Data
Local File Disclosure Vulnerability in Confluence Server and Confluence Data Center via Page Exporting
Server-Side Request Forgery in Atlassian Confluence Server and Data Center
Path Traversal and Remote Code Execution via Server-Side Template Injection in Atlassian Confluence Server
Remote Code Execution via Path Traversal in Atlassian Bitbucket Data Center Migration Tool
Path Traversal Vulnerability in Confluence Server and Data Center
Unauthenticated Access to Archived Projects in Jira
Cross-Site Scripting (XSS) Vulnerability in Jira Labels Gadget
User Enumeration Vulnerability in Jira ManageFilters.jspa Resource
Cross-Site Scripting (XSS) Vulnerability in ConfigurePortalPages.jspa Resource in Jira
User Enumeration Vulnerability in Jira REST API
Unauthenticated Abuse of Background App CGI Functions in 360 Router P0 and F5C
360F5 Firmware Vulnerability: Remote Deauthentication Attack Exploitation
Command Injection Vulnerability in ZTE WF820+ LTE Outdoor CPE
Cross-Site Request Forgery Vulnerability in ZTE WF820+ LTE Outdoor CPE
ZTE MF920 Product Information Leak Vulnerability
Command Execution Vulnerability in ZTE MF920 Product
XSS Vulnerability in ZTE NetNumen DAP Product Allows User Hijacking
XSS Vulnerability in ZTE OTCP Product Versions up to V1.19.20.02
ZTE MW NR8000V2.4.4.03 and NR8000V2.4.4.04 Path Traversal Vulnerability
Input Validation Vulnerability in ZTE ZXV10 B860A Products Allows Unauthorized Control
Command Injection Vulnerability in ZTE ZXHN F670 Routers
Cross-Site Scripting (XSS) Vulnerability in ZTE ZXHN F670 Product (Versions up to V1.1.10P3T18)
Denial of Service Vulnerability in ZTE ZXMP M721V3.10P01B10_M2NCP Management Port
Information Leak Vulnerability in ZTE ZXHN H108N (Versions up to V2.5.0_EG1T5_TED)
Command Injection Vulnerability in ZTE ZX297520V3
ZTE MF910S Product Information Disclosure Vulnerability
Directory Traversal Vulnerability in C520V21 Smart Camera Devices
Authentication Bypass Vulnerability in C520V21 Smart Camera Devices
ZTE ZXUPN-9000E Password Reset Vulnerability
Input Validation Vulnerability in ZTE ZXUPN-9000E (9000EV5.0R1B12 and earlier versions) Allows Unauthorized Operations
Code Injection Vulnerability in ZTE ZXCDN IAMWEB Product (Version V6.01.03.01) Allows for Information Leakage
ZTE ZXCDN IAMWEB Product Configuration Error Vulnerability
ZTE ZXCLOUD GoldenData VAP File Reading Vulnerability
ZTE ZXCLOUD GoldenData VAP Information Disclosure Vulnerability
Encryption Vulnerability in ZTE ZXCLOUD GoldenData VAP Product Allows Sniffing of Unencrypted Account and Password
Heap Address Information Leak in Linux Kernel: L2CAP_GET_CONF_OPT Vulnerability
Heap Data Infoleak in Linux Kernel: Multiple Locations Including L2CAP_PARSE_CONF_RSP (CVE-2019-3459)
Race Condition Vulnerability in Debian tmpreaper Version 1.6.13+nmu1
Remote Code Execution Vulnerability in apt Versions 1.4.8 and Earlier
Bypassing rssh Restrictions via Insufficient Argument Sanitization in rsync
Bypassing rssh Restrictions via Insufficient Sanitization of Environment Variables in rsync
XML Signature Wrapping Vulnerability in Rob Richards XmlSecLibs
Local Privilege Escalation in pg_ctlcluster Script
Kerberos Admin Server Vulnerability in Debian-edu-config and debian-lan-config
Arbitrary File Download Vulnerability in Micro Focus Filr 3.x
Local Privilege Escalation Vulnerability in Micro Focus Filr 3.0's famtd Component
Critical Remote Code Execution Vulnerability in Micro Focus Data Protector 10.03
Open Redirect Vulnerability in Micro Focus Solution Business Manager (prior to 11.4.2)
Critical Remote Code Execution Vulnerability in ArcSight Logger Versions Prior to 6.7
Stored/Reflected XSS Vulnerability in ArcSight Logger versions prior to 6.7
Vulnerability: XML External Entity Parsing in ArcSight Logger versions prior to 6.7
Directory Traversal Vulnerability Patch for ArcSight Logger Versions Prior to 6.7
Information Leakage Vulnerability in ArcSight Logger Versions Prior to 6.7
Critical Remote Code Execution Vulnerability in ArcSight Logger Versions Prior to 6.7
Stored Cross Site Scripting Vulnerability in ArcSight Logger versions prior to 6.7.1
Stored Cross Site Scripting Vulnerability in ArcSight Security Management Center versions prior to 2.9.1
Unauthenticated File Upload Vulnerability in Micro Focus Content Manager
DOM Based XSS Vulnerability in Netstorage Component of Open Enterprise Server (OES)
Remote Code Execution Vulnerability in Micro Focus Network Automation Software and Network Operations Management
SQL Injection Vulnerability in Simply-Blog's admin/deleteCategories.php
Arbitrary File Upload and Authentication Bypass Vulnerability in Wifi-soft UniBox Controller
Remote Command Execution and Authentication Bypass Vulnerability in Wifi-soft UniBox Controller 3.x
Remote Command Execution and Authentication Bypass in Wifi-soft UniBox Controller
Content Spoofing Vulnerability in Django 1.11.x, 2.0.x, and 2.1.x
Sensitive Information Disclosure in aria2c 1.33.1 via Stored HTTP Basic Authentication Credentials
Cross-Site Scripting (XSS) Vulnerability in OUGC Awards Plugin for MyBB
Denial of Service Vulnerability in Facebook Thrift Servers (C++ cpp2)
Denial of Service Vulnerability in Facebook Thrift Servers
Denial of Service Vulnerability in Wangle's AcceptRoutingHandler
Arbitrary File Overwrite Vulnerability in HHVM's dump-pcre-cache Handler
Out-of-Bounds Read Vulnerability in HHVM Stream Implementations
Denial of Service Vulnerability in Python Facebook Thrift Servers
Denial of Service Vulnerability in Java Facebook Thrift Servers
Infinite Loop Denial-of-Service Vulnerability in PlaintextRecordLayer of fizz
Out-of-Bounds Memory Access Vulnerability in HHVM's strrpos and strripos Functions
Arbitrary HTML Injection Vulnerability in Oculus Browser (Versions 5.2.7 - 5.7.11)
Buffer Underflow Vulnerability in Wangle's LineBasedFrameDecoder
Denial of Service Vulnerability in Facebook Thrift Servers
Denial of Service Vulnerability in Legacy C++ Facebook Thrift Servers
WhatsApp Android Vulnerability: Message Recovery Exploit
Privilege Escalation Vulnerability in osquery Prior to v3.4.0
WhatsApp Buffer Overflow Vulnerability Allows Remote Code Execution via RTCP Packets
Default Binding to All Interfaces in HHVM FastCGI: Information Disclosure Vulnerability
Heap Corruption Vulnerability in HHVM's scrypt_enc() Function
WhatsApp Desktop Input Validation Vulnerability
Heap-based Buffer Over-read in libming 0.4.8's writePNG Function
Infinite Loop Vulnerability in libsixel v1.8.2
Heap-Based Buffer Over-Read Vulnerability in libsixel v1.8.2's load_jpeg() Function
Arbitrary Code Execution Vulnerability in Sqla_yaml_fixtures 0.9.1
SQL Injection Vulnerability in deleteFavorite Endpoint of inxedu through 2018-12-24
Blind SQL Injection Vulnerability in Waimai Super Cms 20150505
XSS Vulnerability in MyBB 1.8.19 Reset Password Function
Information Disclosure Vulnerability in MyBB 1.8.19
Arbitrary File Write Vulnerability in OpenRefine 3.1 through Directory Traversal
Denial of Service Vulnerability in McAfee Web Gateway 7.8.2.0 and Later
Privilege Escalation Vulnerability in McAfee Endpoint Security (ENS) 10.6.1 and Earlier on Microsoft Windows Client
Authentication Bypass Vulnerability in McAfee MVision Endpoint Prior to 1811 Update 1
Privilege Escalation Vulnerability in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14
Firewall Bypass Vulnerability in McAfee Endpoint Security (ENS) 10.x
DLL Search Order Hijacking Vulnerability in McAfee Total Protection (MTP) Prior to 16.0.18
Privilege Escalation Vulnerability in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 14
Cross-site Scripting (XSS) Vulnerability in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.0
Privilege Escalation Vulnerability in McAfee Agent: Disabling McAfee Processes via Directory Manipulation
Privilege Escalation and Unauthorized Uninstallation Vulnerability in McAfee Total Protection
Command Injection Vulnerability in McAfee Data Loss Prevention (DLP) 11.x
McAfee Network Security Manager (NSM) Authentication Bypass Vulnerability
Buffer Overflow Vulnerability in McAfee Agent (MA) 5.x Allows Remote DoS Attacks
Remote Logging Information Disclosure Vulnerability in McAfee Agent 5.x
XSS Vulnerability in McAfee Network Security Manager (NSM) Prior to 9.1 Update 5
CSRF Vulnerability in McAfee ePO (legacy) Cloud Allows Unauthorized Actions via Authenticated User's Session
Data Leakage Vulnerability in McAfee Network Security Management (NSM) Web Portal
Data Leakage Vulnerability in McAfee True Key (TK) 3.1.9211.0 and Earlier on Microsoft Windows Client
Information Disclosure Vulnerability in McAfee DXL Platform and TIE Server: Unauthorized Access to Sensitive Information
DLL Search Order Hijacking Vulnerability in McAfee Agent (MA) Prior to 5.6.4: Local Code Execution via Compromised Folder
Data Leakage via Auto-Completing Password Fields in McAfee Database Security
Privilege Escalation Vulnerability in McAfee Total Protection for Mac OS: Root Privilege Gain via Inadequate Temporary File Protection
Agent Handler Information Disclosure Vulnerability in McAfee ePolicy Orchestrator
Authentication Protection Bypass Vulnerability in McAfee Data Loss Prevention (DLPe) for Windows 11.x
Arbitrary Location Redirection Vulnerability in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.0
Privilege Escalation via Incorrect Access Control in McAfee ESM 11.x
Impersonation Vulnerability in McAfee Enterprise Security Manager (ESM)
Arbitrary Code Execution Vulnerability in McAfee Enterprise Security Manager (ESM)
Arbitrary Code Execution Vulnerability in McAfee Enterprise Security Manager (ESM)
McAfee Enterprise Security Manager (ESM) Directory Traversal Vulnerability
Buffer Overflow Vulnerability in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.2.8
Buffer Overflow Vulnerability in McAfee Data Loss Prevention (DLPe) for Windows 11.x prior to 11.3.2.8
Data Exfiltration Vulnerability in McAfee Web Gateway (MWG) 7.8.2.x prior to 7.8.2.12
File Masquerade Vulnerability in McAfee Total Protection (MTP) Allows Undetected Malware Replacement
Privilege Escalation in McAfee FRP 5.x prior to 5.1.0.209 via McAfee Tray
Reflected Cross Site Scripting Vulnerability in McAfee Web Gateway (MWG) Administrators Web Console
Clickjack Vulnerability in McAfee Web Gateway (MWG) 7.8.2.x: Remote Clickjacking Attack via Missing X-Frame-Options Header
Unprotected Transport of Credentials in ePO Extension: LDAP Login Details Leakage
Unauthorized Modification of Reputation Data in McAfee Threat Intelligence Exchange Server (TIE Server) 3.0.0
Denial of Service Vulnerability in McAfee Web Gateway (MWG) Prior to 7.8.2.13
Denial of Service Vulnerability in McAfee Web Gateway (MWG) Prior to 7.8.2.13
DLL Search Order Hijacking Vulnerability in McAfee Total Protection (MTP) Free Antivirus Trial 16.0.R18 and Earlier
Privilege Escalation Vulnerability in McAfee Total Protection 16.0.R22 and Earlier
Information Disclosure Vulnerability in McAfee Advanced Threat Defense (ATD) Prior to 4.8
Information Disclosure Vulnerability in McAfee Advanced Threat Defense (ATD) Prior to 4.8
McAfee Advanced Threat Defense (ATD) Information Disclosure Vulnerability
Code Injection Vulnerability in McAfee Endpoint Security (ENS) Installer
Unauthorized Access to Security Configuration in McAfee Endpoint Security (ENS) Configuration Tool
Authentication Bypass Vulnerability in McAfee Client Proxy (MCP) Allows Local User to Access Blocked Sites
Remote Command Execution Vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.8
SQL Injection Vulnerability in McAfee Advanced Threat Defense (ATD) prior to 4.8
McAfee Advanced Threat Defense (ATD) Path Traversal Vulnerability
Critical Vulnerability: Unprotected Storage of Credentials in McAfee Advanced Threat Defense (ATD) prior to 4.8
Remote Code Injection Vulnerability in McAfee Web Advisor
Remote Unauthenticated API Abuse/Misuse Vulnerability in McAfee Web Advisor
DLL Search Order Hijacking Vulnerability in McAfee Tech Check 3.0.0.17 and Earlier
Cross-Site Scripting (XSS) Vulnerability in McAfee Web Advisor (WA) 8.0.34745 and Earlier
Arbitrary File Overwrite Vulnerability in osc of SUSE Linux Enterprise and openSUSE
Insecure API Access in Docker-Kubic Package in SUSE CaaS Platform 3.0
User-project-map.json vulnerability in SUSE Openstack Cloud 8
World-readable swap file vulnerability in SUSE Manager and Uyuni
Insecure TLS Certificate Validation in Open Build Service (OBS) osc Client Binary
XSS Vulnerability in openQA (Commit c172e8883d8f32fced5e02f9b6faaacc913df27b)
Vulnerability: Unrestricted Network Traffic Sniffing in SUSE Linux Enterprise Server Permissions
Privilege Escalation via Insecure Permissions in /usr/sbin/pinger Binary
Privilege Escalation via NFS Directory Ownership Vulnerability
Symlink Vulnerability in chkstat Tool Allows Privilege Escalation
Privilege Escalation via Symbolic Link (Symlink) Following in munge Packaging
Local Privilege Escalation Vulnerability in inn on SUSE Linux Enterprise Server 11; openSUSE Factory, Leap 15.1
Privilege Escalation and File Manipulation Vulnerability in Mailman Packaging
Local Privilege Escalation Vulnerability in munin Packaging for openSUSE Factory and Leap 15.1
Improper Control of Code Generation in pcp Packaging Vulnerability
Improper Limitation of Pathname Vulnerability in pcp Packaging
Local Privilege Escalation in gnump3d Package on openSUSE Leap 15.1
UNIX Symbolic Link (Symlink) Following Vulnerability in Nagios Cronjob on SUSE Linux Enterprise Server 12, SUSE Linux Enterprise Server 11, and openSUSE Factory
Privilege Escalation via Symlink Following in Privoxy on openSUSE Leap 15.1 and Factory
Insecure Default Password Encryption in yast2-security
CAN Frame Modification Rule Vulnerability
Remote Code Execution in Lifesize Icon LS_RM3_3.7.0 (2421) DNS Query Web UI
Vulnerability: OS Command Injection in Dell EMC VNX2 OE for File versions prior to 8.1.9.236
Stack-based buffer overflow vulnerability in Dell EMC iDRAC versions prior to 2.92, 2.61.60.60, and 3.20.21.20, 3.21.24.22, 3.21.26.22, and 3.23.23.23
Dell EMC iDRAC9 Authentication Bypass Vulnerability
Dell EMC iDRAC9 Authentication Bypass Vulnerability
Cross-Site Scripting Vulnerability in IsilonSD Management Server 1.1.0 during OVA File Upload
Cross-Site Scripting Vulnerability in IsilonSD Management Server 1.1.0 during vCenter Server Registration
Undocumented X.509v3 Key/Certificate Vulnerability in Dell EMC Networking OS10
Insecure Credential Management Vulnerability in RSA Authentication Manager
Buffer Overflow Vulnerability in Dell WES Wyse Device Agent and Dell Wyse ThinLinux HAgent
RSA Archer Information Exposure Vulnerability
RSA Archer Information Exposure Vulnerability
DSA-2019-043: Dell Client Improper Access Control Vulnerability
Improper Origin Validation Vulnerability in Dell SupportAssist Client
Remote Code Execution Vulnerability in Dell SupportAssist Client
Directory Traversal Vulnerability in Dell EMC Open Manage System Administrator (OMSA) Versions Prior to 9.3.0
Improper Range Header Processing Vulnerability in Dell EMC Open Manage System Administrator (OMSA) Versions Prior to 9.3.0
XML External Entity (XXE) Injection Vulnerability in Dell EMC OpenManage Server Administrator (OMSA)
Web Parameter Tampering Vulnerability in Dell EMC OpenManage Server Administrator (OMSA)
Authorization Bypass Vulnerability in RSA Netwitness Platform versions prior to 11.2.1.1
Command Injection Vulnerability in RSA Netwitness Platform and RSA Security Analytics
Uncontrolled Search Path Vulnerability in Dell Update Package (DUP) Framework
OS Command Injection Vulnerability in Dell EMC RecoverPoint and RecoverPoint for VMs
Buffer Over-read vulnerability in RSA BSAFE Crypto-C Micro Edition and RSA BSAFE Micro Edition Suite
Heap-based Buffer Overflow Vulnerability in RSA BSAFE Micro Edition Suite
RSA BSAFE Micro Edition Suite Information Exposure Through Error Message Vulnerability
Information Exposure Through Timing Discrepancy in RSA BSAFE Crypto-C Micro Edition and RSA Micro Edition Suite
Information Exposure Through Timing Discrepancy in RSA BSAFE Crypto-C Micro Edition and RSA Micro Edition Suite
RSA BSAFE Crypto-C Micro Edition Heap Inspection Vulnerability
Improper Authorization Vulnerability in Dell EMC Unity and UnityVSA
Improper Privilege Management Vulnerability in Dell SupportAssist for Business and Home PCs
Password Storage Vulnerability in Dell EMC Integrated Data Protection Appliance
Dell EMC Avamar ADMe Web Interface LFI Vulnerability
RSA BSAFE Crypto-J Vulnerability: Missing Required Cryptographic Step
Vulnerability: Information Exposure Through Timing Discrepancy in RSA BSAFE Crypto-J versions prior to 6.2.5 during ECDSA Key Generation
Information Exposure Through Timing Discrepancy Vulnerability in RSA BSAFE Crypto-J Versions Prior to 6.2.5 during DSA Key Generation
Plain-text Password Storage Vulnerability in Dell EMC Unity and UnityVSA
Privilege Escalation Vulnerability in Dell/Alienware Digital Delivery
Privilege Escalation Vulnerability in Dell/Alienware Digital Delivery
Arbitrary Code Execution Vulnerability in Dell Encryption Enterprise and Dell Endpoint Security Suite Enterprise Installers
Unlimited Authentication Attempts Vulnerability in Dell EMC Integrated Data Protection Appliance
Stored Cross-Site Scripting Vulnerability in Dell EMC Integrated Data Protection Appliance
Arbitrary File Deletion Vulnerability in Dell Command Update
Arbitrary File Deletion Vulnerability in Dell Command Update
Certificate Validation Vulnerability in Dell EMC Enterprise Copy Data Management (eCDM)
XML External Entity (XXE) Injection Vulnerability in Dell EMC Avamar Server and Integrated Data Protection Appliance
Plain-text Password Storage Vulnerability in Dell EMC PowerConnect Switches
Reflected Cross-Site Scripting Vulnerability in Dell EMC Unity, UnityVSA, and VNXe3200
Information Disclosure Vulnerability in RSA Archer
Improper Authentication Vulnerability in RSA Archer
Code Injection Vulnerability in RSA Identity Governance and Lifecycle Software and RSA Via Lifecycle and Governance Products
SQL Injection Vulnerability in RSA Identity Governance and Lifecycle Software
Stored Cross-Site Scripting Vulnerability in RSA Identity Governance and Lifecycle Software
Improper Certificate Chain of Trust Vulnerability in Data Protection Central
Information Exposure Vulnerability in RSA Identity Governance and Lifecycle Software and RSA Via Lifecycle and Governance Products
Improper Authorization Vulnerability in Dell EMC iDRAC: Unauthorized Access to Sensitive Information
Incorrect Permission Assignment for Critical Resource in Dell EMC Avamar Server and Integrated Data Protection Appliance
Improper Restriction of Excessive Authentication Attempts in Dell EMC ECS Versions Prior to 3.4.0.0
Information Disclosure Vulnerability in Dell ImageAssist Prior to 8.7.15
XML Entity Injection Vulnerability in RSA Authentication Manager versions prior to 8.4 P7
Stored Cross-Site Scripting Vulnerability in Dell Wyse Management Suite
Stored Cross-Site Scripting Vulnerability in Dell Wyse Management Suite
XML External Entity Injection (XXE) Vulnerability in Spring Integration
XML External Entity Injection (XXE) Vulnerability in Spring Web Services
XML External Entity Injection (XXE) Vulnerability in Spring Batch
User Impersonation Vulnerability in Cloud Foundry UAA
Reflected Cross-Site Scripting Vulnerability in Pivotal Operations Manager
Unauthenticated Remote Hijacking of Cloud Controller DNS Record in Pivotal Application Service
Open Redirector Vulnerability in Spring Security OAuth
Privilege Escalation via Shared CA in Cloud Foundry Container Runtime
Privilege Escalation via IAAS Credential Exposure in Cloud Foundry Container Runtime
Exposure of Passwords in Cloud Foundry CLI (CVE-2021-21214)
Insecure Storage of Authentication Credentials in Cloud Foundry CredHub CLI
Default Session Store Secret Vulnerability in Cloud Foundry Stratos
Insecure Session Spoofing Vulnerability in Cloud Foundry Stratos
Improper Authorization in Cloud Foundry Cloud Controller Allows Privilege Escalation
BOSH Backup and Restore CLI Metadata Script Injection Vulnerability
Vulnerability in Cloud Foundry UAA Allows Account Takeover via Email Fallback
Insecure Redirect URI Vulnerability in Cloud Foundry UAA Release
Hijacking Traffic in Cloud Foundry Routing Release
Vulnerability: Unauthorized Access to Expired Browser Sessions in Pivotal Ops Manager
SQL Injection Vulnerability in Pivotal Concourse version 5.0.0
Vulnerability: Unauthorized Access to Authorization Credentials in Pivotal Apps Manager Invitation Service
Clickjacking Vulnerability in Cloud Foundry UAA
Insecure Randomness Vulnerability in Spring Security
Vulnerability in Spring Data JPA allows for unexpected query results
Privilege Escalation via Improper Authentication in Cloud Foundry Cloud Controller API
Arbitrary Configuration File Access via Directory Traversal in Spring Cloud Config Server
CF CLI Config File Vulnerability: Unauthorized Access to Client Credentials
Insecure Protocol Vulnerability in Cloud Foundry cf-deployment
ExampleMatcher StringMatcher Vulnerability
User Access Token Exposure in Pivotal Concourse Login Flow
Cockpit Denial of Service Vulnerability through Incorrect Usage of glib's Base64 Decode Functionality
Local Privilege Escalation Vulnerability in WildFly Versions up to 16.0.0.Final
PowerDNS Recursor TCP Query Lua Hook Bypass Vulnerability
Bypassing DNSSEC Validation in PowerDNS Recursor
Unassigned XSS Risk in Moodle's 'Manage Groups' Capability
Blind SSRF Vulnerability in Moodle's mybackpack Functionality
Unescaped Full Name Exposure in Moodle User Profile Hover
Vulnerability in sssd: Incorrect Home Directory Path Handling
Out-of-Bounds Read Vulnerability in QEMU's i2c_ddc() Function
Out-of-Bounds Read Vulnerability in Spice Versions 0.5.2 - 0.14.1
Dovecot Client Certificate Impersonation Vulnerability
Memory Leak in systemd-journald-server.c in Red Hat Enterprise Linux
Arbitrary File Disclosure Vulnerability in Openwsman 2.6.9 and Earlier
Use-After-Free Vulnerability in libcomps Allows for Application Crash or Code Execution
Insecure TLS Configuration in kube-rbac-proxy Container
Linux Kernel Local Privilege Escalation Vulnerability
Gnome-Shell Lock Screen Vulnerability Allows Unauthorized Actions
Remote Denial of Service Vulnerability in civetweb Frontend for Ceph RGW Server with SSL Enabled
Stack-based Buffer Overflow in libcurl
Heap Out-of-Bounds Read in libcurl SMTP End-of-Response Handling
LDAP Search Expression Denial of Service Vulnerability in Samba AD DC
Bypassing Lock Screen in gdm with Timed Login Vulnerability
Stored DOM-based XSS Vulnerability in Prometheus Server
Privilege Escalation via Incorrect Permission Check in gvfs
Path Traversal Vulnerability in Ansible Fetch Module
Memory Corruption Vulnerability in GnuTLS Certificate Verification API
Information Exposure in ceilometer-agent
Arbitrary Command Execution Vulnerability in vdsm
Incomplete Fix for CVE-2018-19758 in libsndfile Allows Local Application Crash
Denial of Service Vulnerability in Openwsman 2.6.9 and Earlier
Reverted Fix for CVE-2014-0114 in JBoss Operations Network 3 (JON) Allows ClassLoader Manipulation (CVE-2019-3834)
Vulnerability: Unauthorized File System Access via superexec Operator in Ghostscript
Uninitialized Pointer Access Vulnerability in GnuTLS Versions 3.6.3 and Later
Thread-Unsafe Net_DMA Code in RHEL6 Kernel: Memory Leak, DoS, and Memory Corruption Vulnerability
Forceput Operator Extraction Vulnerability in Ghostscript
Privileged Operator Access Vulnerability in Ghostscript Versions Before 9.27
NULL Pointer Dereference Vulnerability in libvirt
TLS Certificate Validation Bypass in Kubevirt/virt-cdi-importer
Vulnerability: Privilege Escalation via Improper Sanitization of XDG_SEAT Environment Variable in systemd
Systemd DynamicUser Property Vulnerability: Persistent SUID/SGID Binary Exploit
Privilege Escalation via DynamicUser Property in systemd Service
Access Control Bypass in Satellite's QPID Broker and katello-agent
Memory Corruption and Privilege Escalation Vulnerability in mwifiex Kernel Module
Unescaped JavaScript Vulnerability in Moodle
Unauthorised Calendar Event Viewing Vulnerability in Moodle
Self-Assignment of Escalated Roles in Moodle LTI Integration
Vulnerability: Open Window Link Exploit in Moodle
Link to Site Home Vulnerability in Moodle Boost Theme
Context Freezing Vulnerability in Moodle
Integer Overflow Vulnerability in libssh2 Allows Remote Code Execution
Integer Overflow Vulnerability in libssh2: Remote Code Execution
Integer Overflow Vulnerability in libssh2 Allows Remote Code Execution
Out of Bounds Read Vulnerability in libssh2 Allows Remote Code Execution and Data Leakage
Out of Bounds Read Vulnerability in libssh2
Vulnerability: Out of Bounds Read Flaw in libssh2
Vulnerability: Out of Bounds Read Flaw in libssh2
Vulnerability: Out of Bounds Read Flaw in libssh2 before 1.8.1
Out of Bounds Memory Write Vulnerability in libssh2
CSRF Token Reuse Vulnerability in Quay Web GUI
Stored XSS Vulnerability in Quay-2 Super User Function
OpenStack-Mistral Undercloud Log Files Information Exposure Vulnerability
Unlimited Session Expiration Vulnerability in Quay Web Application
Session Hijacking Vulnerability in Keycloak
Exposure of Application Credentials in Tower Playbook Job Runs
Samba AD DC Vulnerability: Insecure File Permissions and World-Writable Files
Insufficient Validation in PowerDNS Authoritative Server: Denial of Service and Information Disclosure Vulnerability
Cross-Site Scripting (XSS) Vulnerability in Picketlink versions shipped in Jboss Application Platform 7.2.x and 7.1.x
Picketlink in JBoss EAP 7.2 Vulnerability: XML External Entity (XXE) Injection
SCTP Socket Buffer Denial of Service Vulnerability
Unvalidated Signature Vulnerability in Keycloak's X.509 Authenticator
XSS Vulnerability in OpenShift OAuth Server's /oauth/token/request Endpoint
Open Redirect Vulnerability in mod_auth_mellon before v0.14.2
Bypassing Authentication in mod_auth_mellon via Special HTTP Headers
Insecure Permission Validation in ovirt's REST API Allows Unauthorized Disk Deletion
Samba RPC Endpoint Vulnerability: Unauthorized Registry Hive File Creation
Insecure Storage Location Vulnerability in Bundler
Linux Kernel vfio Interface Memory Limit Violation Vulnerability
Denial of Service Vulnerability in 389-ds-base up to version 1.4.1.2
Garbage Collection Spoofing Vulnerability in Atomic-OpenShift
Use-After-Free Vulnerability in Pacemaker 2.0.1 Allows Sensitive Information Leakage via System Logs
Improper Permissions Check in libvirt 4.8.0 and Above: Potential Information Disclosure and Denial of Service Vulnerability
Nested Virtualization Vulnerability: Exploiting x2APIC MSR Access in KVM Hypervisor
Undertow Web Server Information Exposure Vulnerability
Reflected XSS Vulnerability in OpenShift Container Platform Authorization Flow
Unvalidated SSL Certificates in Evolution-EWS: A Gateway for Confidential Information Theft
Candlepin Log File Exposes Database Credentials, Allowing Unauthorized Access and Package Update Manipulation
Foreman API Vulnerability: Plaintext Password Disclosure in Delete Compute Resource Operation
ElytronManagedThread Vulnerability: Incorrect Security Identity Assignment
Arbitrary Image Execution Vulnerability in Octavia Service
Double-Free Vulnerability in idr_remove_all() in Linux Kernel 2.6 Branch
Unrestricted File Download Vulnerability in Red Hat Certification 6 and 7
Default Configuration of Heketi in Openshift Container Platform 3.11 Allows Unauthorized Access to Management Interface
Infinite Loop DoS Vulnerability in vhost_net Kernel Module
Race Condition Vulnerability in perf_event_open() Allows Leakage of Sensitive Data from Setuid Programs
Vulnerability: Symlink and Subrepository Exploit in Mercurial
SSRF Vulnerability in Zoho ManageEngine ADSelfService Plus 5.x before build 5703
Hardcoded Credentials in Premisys Identicard Version 3.1.190 WCF Service on Port 9003 Vulnerability
Weak Encryption Method Used in Premisys Identicard Version 3.1.190 Puts User Credentials at Risk
Hard-coded and Unchangeable Password Vulnerability in Premisys Identicard Version 3.1.190
Default Credentials Vulnerability in Premisys Identicard Version 3.1.190
Authentication Bypass in Crestron AM-100 Web Interface's return.cgi Script
LabKey Server Community Edition before 18.3.0-61806.763 Reflected XSS Vulnerability in /__r2/query Endpoints
Open Redirect Vulnerability in LabKey Server Community Edition
Drive Unmounting Vulnerability in LabKey Server Community Edition
Verizon Fios Quantum Gateway (G1100) Firmware 02.01.00.05 Remote Command Injection Vulnerability
Verizon Fios Quantum Gateway (G1100) Firmware 02.01.00.05 Authentication Bypass Vulnerability
Verizon Fios Quantum Gateway (G1100) Firmware Version 02.01.00.05 - Password Salt Information Disclosure Vulnerability
Remote Code Execution Vulnerability in Alcatel Lucent I-240W-Q GPON ONT Firmware
Critical Security Vulnerability: Hard Coded Credentials in Alcatel Lucent I-240W-Q GPON ONT Firmware
Command Injection Vulnerability in Alcatel Lucent I-240W-Q GPON ONT Firmware 3FE54567BOZJ19
Authenticated Command Injection Vulnerability in Alcatel Lucent I-240W-Q GPON ONT Firmware 3FE54567BOZJ19
Stack Buffer Overflow Vulnerability in Alcatel Lucent I-240W-Q GPON ONT Firmware 3FE54567BOZJ19
Stack Buffer Overflow Vulnerability in Alcatel Lucent I-240W-Q GPON ONT Firmware 3FE54567BOZJ19
Stored XSS Vulnerability in Nessus Versions 8.2.1 and Earlier
Intermediary Vulnerability in MikroTik RouterOS Allows Firewall Bypass and Network Scanning
Command Injection Vulnerability in Crestron AM-100 and AM-101 via SNMP OID iso.3.6.1.4.1.3212.100.3.2.9.3
Command Injection Vulnerability in Crestron AM-100 and AM-101 via SNMP OID iso.3.6.1.4.1.3212.100.3.2.14.1
Vulnerability: Unauthorized Password Change in Crestron AM-100 and AM-101
Crestron AM-100 and AM-101 Firmware Vulnerability: Unauthorized Access to Presentation Passcode
Command Injection Vulnerability in Multiple Wireless Presentation Systems
Stack Buffer Overflow in Multiple Wireless Presentation Systems
Argument Injection Vulnerability in Crestron AM-100 and AM-101 Allows Remote Code Execution
Authentication Bypass Vulnerability in Crestron AM-100 and AM-101 Firmware
Bypassing Presentation Code in Crestron AM-100 and AM-101
Bypassing Presentation Code and Unauthorized Slide Image Download in Crestron AM-100 and AM-101
Unauthenticated Remote Control Vulnerability in Crestron AM-100 and AM-101
Denial of Service Vulnerability in Crestron AM-100 and AM-101 Slideshow Transition
ClearText Storage of Sensitive Data in Crestron AM-100 and AM-101
Insecure Encryption of Configuration Files in Crestron AM-100 and AM-101
Default Credentials Vulnerability in Crestron AM-100 and AM-101
File Upload Vulnerability in Advantech WebAccess 8.3.4 Allows Remote Code Execution
Arbitrary File Deletion Vulnerability in Advantech WebAccess 8.3.4
Unauthenticated Remote File Read Vulnerability in Advantech WebAccess 8.3.4
Authenticated Remote Directory Traversal Vulnerability in MikroTik RouterOS
Parrot ANAFI Vulnerability: Remote Wi-Fi Deauthentication Attack Disconnects Drone Mid-Flight
Parrot ANAFI Web Server Crash Vulnerability
Denial of Service Vulnerability in Fuji Electric V-Server before 6.0.33.0 via Crafted UDP Message
Plaintext Storage of Database Credentials in Fuji Electric V-Server
Unauthenticated Access to /videotalk Endpoint Allows Audio Eavesdropping
Arlo Basestation Firmware Misconfiguration Vulnerability
Arlo Basestation Firmware Vulnerability: Hardcoded Root Access via Serial Interface
Stack-based Buffer Overflow in Advantech WebAccess before 8.4.3 Allows Remote Code Execution or Denial of Service
Remote Code Execution Vulnerability in Advantech WebAccess/SCADA 8.4.0 via Crafted IOCTL 10012 RPC Call
Remote Code Execution Vulnerability in Advantech WebAccess/SCADA 8.4.0 via Crafted IOCTL 81024 RPC Call
Unauthenticated Remote Heap Overflow in Dameware Remote Mini Control 12.1.0.34 and Prior
Unauthenticated Remote Buffer Over-read in Dameware Remote Mini Control Version 12.1.0.34 and Prior
Unauthenticated Remote Buffer Over-read in Dameware Remote Mini Control Version 12.1.0.34 and Prior
Persistent Cross-Site Scripting (XSS) Vulnerability in WallacePOS 1.4.3
Cross-Site Request Forgery (CSRF) Vulnerability in WallacePOS 1.4.3
Arbitrary Code Execution via Unrestricted File Upload in WallacePOS 1.4.3
Reflected XSS Vulnerability in Nessus Versions 8.4.0 and Earlier
Content Injection Vulnerability in Tenable Nessus: Unauthorized Message Injection
Reflected XSS Vulnerability in OpenEMR 5.0.1 and Earlier: Execution of Arbitrary Code via patient_id Parameter
Reflected XSS Vulnerability in OpenEMR 5.0.1 and Earlier: Execution of Arbitrary Code via doc_id Parameter
Reflected XSS Vulnerability in OpenEMR 5.0.1 and Earlier: Execution of Arbitrary Code via document_id Parameter
Reflected XSS Vulnerability in OpenEMR 5.0.1 and Earlier: Execution of Arbitrary Code via foreign_id Parameter
Arbitrary File Download Vulnerability in OpenEMR 5.0.1 and Earlier
Arbitrary Command Execution Vulnerability in OpenEMR Scanned Forms Interface
Local Privilege Escalation in Comodo Antivirus: Exploiting CmdAgent's COM Client Handling
Arbitrary File Write Vulnerability in Comodo Antivirus Versions up to 12.0.0.6810
Local Denial of Service Vulnerability in Comodo Antivirus (Versions up to 12.0.0.6810)
Denial of Service Vulnerability in Comodo Antivirus Versions 12.0.0.6810 and Below
Denial of Service Vulnerability in Comodo Antivirus Versions 11.0.0.6582 and Below via CmdGuard.sys Filter Port cmdServicePort
Arbitrary System File Overwrite Vulnerability in Nessus 8.5.2 and Earlier on Windows Platforms
Remote Code Execution Vulnerability in Advantech WebAccess/SCADA 8.4.1 via Crafted IOCTL 70603 RPC Message
Arbitrary Directory Creation Vulnerability in RouterOS 6.45.6 and Below
Insecure Autoupgrade Feature Allows Remote Attackers to Downgrade RouterOS and Reset Credentials
Remote DNS Query Cache Poisoning Vulnerability in RouterOS Versions 6.45.6 Stable, 6.44.5 Long-term, and Below
Vulnerability: DNS Cache Poisoning in RouterOS Versions 6.45.6 Stable, 6.44.5 Long-term, and Below
Smart Card Authentication Bypass and Arbitrary Code Execution in Solarwinds Dameware Mini Remote Client Agent v12.1.0.89
Vulnerability: Man-in-the-Middle Attack on MikroTik Winbox 3.20 and Below
Denial of Service Vulnerability in Nessus Versions 8.6.0 and Earlier
Remote Code Execution Vulnerability in Blink XT2 Sync Module Firmware
Arbitrary Command Execution in Blink XT2 Sync Module Firmware (CVE-2021-XXXX)
Arbitrary Command Execution in Blink XT2 Sync Module Firmware (prior to 2.13.11) via Improper Input Sanitization
Arbitrary Command Execution in Blink XT2 Sync Module Firmware (prior to 2.13.11) via Improper Input Sanitization
Arbitrary Command Execution in Blink XT2 Sync Module Firmware (prior to 2.13.11) via Improper Input Sanitization
Arbitrary Command Execution in Blink XT2 Sync Module Firmware (prior to 2.13.11) via Improper Input Sanitization
Arbitrary Command Execution in Blink XT2 Sync Module Firmware (prior to 2.13.11)
User Enumeration Vulnerability in Harbor
Information Disclosure Vulnerability in ELOG 3.1.4-57bea22 and Below
Information Disclosure Vulnerability in ELOG 3.1.4-57bea22 and Below
ELOG 3.1.4-57bea22 and below Denial of Service Vulnerability
ELOG 3.1.4-57bea22 and below Denial of Service Vulnerability
Unauthenticated Remote Attackers Exploit ELOG 3.1.4-57bea22 and Below as HTTP GET Request Proxy
Authentication Bypass Vulnerability in SimpliSafe SS3 Firmware 1.0-1.3: Unauthorized Pairing of Rogue Keypad
SimpliSafe SS3 Firmware 1.4: Local Authentication Bypass for Wi-Fi Network Modification
Arbitrary OS Command Execution Vulnerability in Druva inSync Windows Client 6.5.0
Arbitrary Code Execution with Root Privileges in Druva inSync Mac OS Client 6.5.0
Arbitrary Code Execution Vulnerability in Druva inSync Client 6.5.0
Access Token Leak in API Connect V2018.1 through 2018.4.1.1
Cross-Site Scripting Vulnerability in IBM BigFix Platform 9.2 and 9.5
SQL Injection Vulnerability in IBM BigFix WebUI Profile Management 6 and Software Distribution 23
Privilege Escalation Vulnerability in IBM BigFix Platform 9.5
Buffer Overflow Vulnerability in IBM DB2 for Linux, UNIX and Windows
Buffer Overflow Vulnerability in IBM DB2 for Linux, UNIX and Windows
Buffer Overflow Vulnerability in IBM DB2 for Linux, UNIX and Windows
Cross-Site Scripting (XSS) Vulnerability in IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0
Cross-Site Scripting (XSS) Vulnerability in IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0
Cross-Site Scripting (XSS) Vulnerability in IBM Sterling B2B Integrator 5.2.0.1 through 6.0.0.0
Cross-Site Scripting (XSS) Vulnerability in IBM WebSphere Application Server 8.5 and 9.0
Privilege Escalation Vulnerability in IBM Workload Scheduler Distributed 9.2-9.5
SQL Injection Vulnerability in IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.1.0
Cross-Site Scripting Vulnerability in IBM Content Navigator 2.0.3 and 3.0CD
Arbitrary Code Execution Vulnerability in IBM Content Navigator 3.0CD
IBM Content Navigator 3.0CD Vulnerability: Web Traffic Redirection to Malicious Site
Denial of Service Vulnerability in IBM Security Access Manager Appliance Reverse Proxy Component
Uncontrolled Control Flow Vulnerability in IBM Security Identity Manager
Denial of Service Vulnerability in IBM WebSphere MQ
Cross-Site Scripting Vulnerability in IBM I 7.2 and 7.3
XML External Entity Injection (XXE) Vulnerability in IBM Sterling B2B Integrator Standard Edition 5.2.0 and 6.0.0.0
Spoofing of Last Modified By Value in IBM Business Automation Workflow and IBM Business Process Manager
Denial of Service Vulnerability in IBM WebSphere Application Server
IBM Jazz Reporting Service (JRS) 6.0.6 - Unauthorized Access to Execution Log Files
Information Leakage Vulnerability in IBM Maximo Asset Management 7.6
Denial of Service Vulnerability in IBM MQ 9.1.x
Information Disclosure Vulnerability in IBM API Connect 2018.1 and 2018.4.1.3
Unauthenticated User Enumeration in IBM API Connect 2018.1 and 2018.4.1.2
Local User Information Disclosure Vulnerability in IBM QRadar SIEM 7.2 and 7.3
IBM MQ TLS Key Renegotiation Denial of Service Vulnerability
Unvalidated File Upload Vulnerability in IBM Maximo Asset Management 7.6 Work Centers
Arbitrary Code Execution Vulnerability in IBM DB2
Privilege Escalation Vulnerability in IBM BigFix Platform 9.2 and 9.5
Insecure Document Database Password Protection in IBM Rational ClearCase 1.0.0.0 GIT Connector
Unauthenticated Remote Query Vulnerability in IBM BigFix Platform 9.2 and 9.5
XML External Entity Injection (XXE) Vulnerability in IBM i2 Intelligent Analysis Platform 9.0.0 through 9.1.1
Plain Text Transmission of Highly Sensitive Information in IBM Sterling B2B Integrator
Arbitrary User Creation Vulnerability in IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0
Weak Password Policy in IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0
User Enumeration Vulnerability in IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0
File Type Validation Bypass in IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0
Cross-Site Scripting (XSS) Vulnerability in IBM Intelligent Operations Center (IOC) 5.1.0 through 5.2.0
Arbitrary Command Execution Vulnerability in IBM Tivoli Storage Productivity Center
Session Hijacking Vulnerability in IBM Tivoli Storage Productivity Center
Cross-Site Scripting (XSS) Vulnerability in IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1
Cross-Site Scripting (XSS) Vulnerability in IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1
Cross-Site Scripting (XSS) Vulnerability in IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1
Cross-Site Scripting (XSS) Vulnerability in IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1
Cross-Site Scripting (XSS) Vulnerability in IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1
Privilege Escalation Vulnerability in IBM WebSphere MQ
Improper Parameter Parsing Denial of Service Vulnerability in IBM WebSphere Application Server Admin Console
Cross-Site Scripting Vulnerability in IBM Jazz Foundation Products (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1)
Information Disclosure Vulnerability in IBM Jazz Foundation Products
Remote Click Hijacking Vulnerability in IBM Cloud Application Performance Management 8.1.4
Stack-based Buffer Overflow in IBM Spectrum Protect Servers and Storage Agents
Privilege Escalation Vulnerability in IBM Spectrum Protect Servers and Storage Agents
Cross-Site Scripting Vulnerability in HCL Campaign's Description Field
Cross-Site Scripting Vulnerability in HCL Marketing Platform Allows Injection of Malicious Code
Open Redirect Vulnerability in IBM Content Navigator 2.0.3 and 3.0CD
Unauthorized File Restoration Vulnerability in IBM Tivoli Storage Manager (IBM Spectrum Protect 8.1.7)
Privilege Escalation Vulnerability in IBM DB2 for Linux, UNIX, and Windows
Cross-Site Request Forgery Vulnerability in IBM Cloud Pak System 2.3
Cross-Site Scripting (XSS) Vulnerability in IBM Cloud Pak System 2.3 and 2.3.0.1
Denial of Service Vulnerability in IBM DB2 for Linux, UNIX and Windows
Weak Cryptographic Algorithms in IBM DB2 for Linux, UNIX and Windows
Remote Code Execution Vulnerability in IBM Tivoli Netcool/Impact 7.1.0
Cross-Site Scripting (XSS) Vulnerability in IBM WebSphere eXtreme Scale 8.6 Admin Console
Remote Click Hijacking Vulnerability in IBM WebSphere eXtreme Scale 8.6 Admin Console
Local File Disclosure Vulnerability in IBM WebSphere eXtreme Scale 8.6 Admin Console
Cross-Site Scripting (XSS) Vulnerability in IBM WebSphere eXtreme Scale 8.6 Admin API
Information Disclosure in IBM Cloud Private Installer Logs
Cross-Site Request Forgery Vulnerability in IBM Cloud Private 3.1.1 and 3.1.2
Local Privilege Escalation Vulnerability in IBM Multicloud Manager 3.1.0, 3.1.1, and 3.1.2
IBM Cloud Private Kubernetes API Server HTTP Proxy Vulnerability
Cross-Site Scripting Vulnerability in IBM Cloud Private 3.1.1 and 3.1.2
Information Disclosure Vulnerability in IBM Spectrum Protect Operations Center
Arbitrary File Upload Vulnerability in IBM Cloud Pak System 2.3 and 2.3.0.1
Remote DNS Lookup Vulnerability in IBM Application Performance Management (IBM Monitoring 8.1.4)
Improper Redirection Vulnerability in IBM Cloud Automation Manager 3.1.2
Client-side script execution vulnerability in IBM Cloud Automation Manager 3.1.2
Cross-Site Scripting (XSS) Vulnerability in IBM Planning Analytics 2.0
User Impersonation Vulnerability in IBM Security Access Manager 9.0.1 through 9.0.6
Cross-Site Scripting (XSS) Vulnerability in IBM Cognos Controller 10.2.0 - 10.4.0
Cross-Site Scripting (XSS) Vulnerability in IBM Tivoli Storage Productivity Center 5.2.13 through 5.3.0.1
Improper HTTP Strict Transport Security Configuration in IBM Tivoli Storage Productivity Center 5.2.13 through 5.3.0.1
Cross-Site Scripting (XSS) Vulnerability in IBM Cognos Analytics 11.0, 11.1.0, and 11.1.1
Local User Database Replacement Vulnerability in IBM Tivoli Storage Manager Server
Memory Leak Denial of Service Vulnerability in IBM MQ Clustering Code (IBM X-Force ID: 158337)
Cross-Site Request Forgery (CSRF) Vulnerability in IBM Cloud Private 2.1.0, 3.1.0, 3.1.1, and 3.1.2
Local User Information Disclosure in IBM Cloud Private Key Management Service
Local User Information Disclosure Vulnerability in IBM Security Access Manager 9.0.1 through 9.0.6
Sensitive Document Information Disclosure in IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1
SQL Injection Vulnerability in IBM Sterling File Gateway 2.2.0.0 through 6.0.1.0
Cross-Site Scripting (XSS) Vulnerability in IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1
Cross-Site Scripting (XSS) Vulnerability in IBM Business Automation Workflow and IBM Business Process Manager
Certificate Validation Vulnerability in IBM Security Access Manager 9.0.1 through 9.0.6
Weak Cryptographic Algorithms in IBM Security Access Manager 9.0.1-9.0.6: A Potential Decryption Vulnerability
Session Token Expiration Vulnerability in IBM Security Access Manager 9.0.1 through 9.0.6
Open Redirect Vulnerability in IBM Security Access Manager 9.0.1 through 9.0.6
Buffer Overflow Vulnerability in IBM DB2 for Linux, UNIX and Windows
Privilege Escalation Vulnerability in IBM API Connect's Developer Portal 2018.1 and 2018.4.1.3 with OpenID Connect Integration
Weak Cryptographic Algorithms in IBM Security Access Manager 9.0.1-9.0.6: A Potential Decryption Vulnerability
Cross-Site Scripting (XSS) Vulnerability in IBM Security Access Manager 9.0.1 through 9.0.6
Identity Verification Bypass in IBM Security Access Manager 9.0.1-9.0.6
Weak Cryptographic Algorithms in IBM Security Guardium Data Encryption (GDE) 3.0.0.2
IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2 Unauthorized Information Disclosure Vulnerability
Missing HTTP Strict Transport Security Header in IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2
Information Disclosure Vulnerability in IBM StoreIQ 7.6.0.0 - 7.6.0.18
Denial of Service Vulnerability in IBM StoreIQ 7.6.0.0 - 7.6.0.18
Open Redirect Vulnerability in IBM StoredIQ 7.6 Allows for Phishing Attacks
Cross-Site Request Forgery Vulnerability in IBM StoredIQ 7.6.0
Default OpenBMC Password Bypass Vulnerability in IBM Open Power Firmware OP910 and OP920
Insecure Session Cookie Handling in IBM Cognos Controller 10.3.0-10.4.1
Optionsbleed Vulnerability in IBM Cognos Controller 10.2.0 - 10.4.0
Local File Disclosure Vulnerability in IBM Cognos Controller
Weak Cryptographic Algorithms in IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, and 10.4.1
Insecure HTTP Methods Bypass in IBM Cognos Controller 10.x.x
Local File Disclosure Vulnerability in IBM Cognos Controller
Directory Traversal Vulnerability in IBM Cognos Analytics 11
Denial of Service Vulnerability in IBM Cognos Analytics 11.0 and 11.1
Cross-Site Scripting (XSS) Vulnerability in IBM Jazz Reporting Service 6.0 through 6.0.6.1
Privilege Escalation in IBM InfoSphere Information Server 11.7.1 Containers
HTTP Header Injection Vulnerability in IBM Jazz for Service Management 1.1.3
Sensitive Information Disclosure in IBM Jazz for Service Management 1.1.3 and 1.1.3.2
Missing Function Level Access Control in IBM Jazz for Service Management 1.1.3, 1.1.3.1, and 1.1.3.2
Open Redirect Vulnerability in IBM Jazz for Service Management 1.1.3, 1.1.3.1, and 1.1.3.2
Command Injection Vulnerability in IBM API Connect 5.0.0.0 and 5.0.8.6 Developer Portal
Arbitrary File Download and SSRF Vulnerability in IBM API Connect Developer Portal
Cross-Site Scripting (XSS) Vulnerability in IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, and 19.0.0.1
Local Information Disclosure Vulnerability in IBM TRIRIGA Application Platform 3.5.3 and 3.6.0
XML External Entity Injection (XXE) Vulnerability in IBM TRIRIGA Application Platform 3.5.3 and 3.6.0
Open Redirect Vulnerability in HCL Connections v5.5, v6.0, and v6.5: A Potential Gateway for Phishing Attacks
Authentication Bypass Vulnerability in IBM QRadar SIEM 7.3.2
Cross-Site Scripting (XSS) Vulnerability in IBM QRadar SIEM 7.2 and 7.3
Cross-Site Request Forgery Vulnerability in IBM QRadar SIEM 7.2 and 7.3
Insecure Session Cookie Handling in IBM SmartCloud Analytics
Clickjacking Vulnerability in IBM SmartCloud Analytics 1.3.1 through 1.3.5
Vulnerability: Host Header Injection in IBM SmartCloud Analytics
Remote Click Hijacking Vulnerability in IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2
Local File Disclosure Vulnerability in IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2
Sensitive Information Disclosure in IBM Security Information Queue (ISIQ) 1.0.0, 1.0.1, and 1.0.2
Hard Coded Encryption Key Vulnerability in IBM InfoSphere Information Server 11.7.1.0
Unauthorized Access to Business Process Definitions in IBM Sterling B2B Integrator Standard Edition 6.0.0.0 and 6.0.0.1
SQL Injection Vulnerability in IBM PureApplication System 2.2.3.0 through 2.2.5.3
Local Information Disclosure Vulnerability in IBM PureApplication System
Cross-Site Scripting (XSS) Vulnerability in IBM Cloud Pak System 2.3 and 2.3.0.1
IBM MQ AMQP Listeners Session Fixation Vulnerability
Cross-Site Request Forgery Vulnerability in IBM Cognos Analytics 11.0 and 11.1
Pattern Editor Locking Bypass Vulnerability in IBM PureApplication System
Weak Password Policy in IBM PureApplication System 2.2.3.0 through 2.2.5.3
Silent Skipping of ACL Entries in IBM Spectrum Protect 7.l Client Backup or Archive Operation
Cross-Frame Scripting Vulnerability in IBM InfoSphere Information Server 11.3, 11.5, and 11.7
Cross-Site Scripting (XSS) Vulnerability in IBM InfoSphere Information Server 11.3, 11.5, and 11.7
Credential Exposure in IBM MQ Advanced Cloud Pak
Authentication Bypass Vulnerability in IBM PureApplication System
Unauthorized Disclosure and Disruptive Administrator Tasks Vulnerability in IBM SmartCloud Analytics
Unauthenticated Remote Control and Information Disclosure in IBM SmartCloud Analytics
Exposure of Internal Parameters in IBM Daeja ViewONE Virtual 5.0 through 5.0.6
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1
Cross-Site Scripting Vulnerability in IBM Jazz Foundation Products (IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1)
Directory Traversal Vulnerability in IBM Rational Collaborative Lifecycle Management 6.0 through 6.0.6.1
Privilege Escalation Vulnerability in IBM Informix Dynamic Server Enterprise Edition 12.1
Weak Cryptographic Algorithms in IBM API Connect 5.0.0.0 through 5.0.8.6: High-Risk Information Decryption Vulnerability
Information Disclosure Vulnerability in IBM InfoSphere Information Server 11.5 and 11.7
Cross-Site Scripting (XSS) Vulnerability in IBM Sterling B2B Integrator 6.0.0.0 and 6.0.0.1 Standard Edition
Sensitive Data Exposure Vulnerability in IBM Spectrum Scale with CES Stack Enabled
Information Disclosure Vulnerability in IBM Daeja ViewONE Professional, Standard & Virtual 5.0 through 5.0.5
Denial of Service Vulnerability in IBM WebSphere MQ and IBM MQ
IBM QRadar SIEM 7.2 and 7.3 Vulnerability: Server Side Request Forgery (SSRF)
Local File Inclusion Vulnerability in IBM Content Navigator 3.0CD
Certificate Validation Vulnerability in IBM QRadar SIEM 7.2.8 WinCollect
Lack of Device Root Detection in IBM Maximo Anywhere 7.6.x
Lack of Device Jailbreak Detection in IBM Maximo Anywhere 7.6.x
Buffer Overflow Vulnerability in IBM Spectrum Protect Backup-Archive Client (Versions 7.1 and 8.1)
Directory Traversal Vulnerability in IBM WebSphere Application Server
Information Disclosure Vulnerability in IBM WebSphere Application Server Admin Console
Cross-Site Scripting (XSS) Vulnerability in IBM WebSphere Application Server Admin Console
Client-side HTTP Parameter Pollution Vulnerability in IBM WebSphere Application Server Admin Console
Unauthorized Local User Denial of Service Vulnerability in IBM Jazz for Service Management 1.1.3, 1.1.3.1, and 1.1.3.2
Arbitrary Code Execution Vulnerability in IBM WebSphere Application Server 8.5 and 9.0
Sensitive Information Disclosure in IBM Sterling File Gateway
Sensitive OIDC Token Leakage in IBM Cloud Private
Remote Clickjacking Vulnerability in IBM WebSphere Application Server - Liberty Admin Center
Information Disclosure Vulnerability in IBM Maximo Anywhere
Information Disclosure Vulnerability in IBM Maximo Anywhere
Lack of Binary Protection in IBM Maximo Anywhere 7.6.4.0 Allows Reverse Engineering
Arbitrary File Upload Vulnerability in IBM Security Guardium 10.5
IBM Storwize V7000 Unified (2073) 1.6 Server Version Disclosure Vulnerability
Command Injection Vulnerability in IBM DataPower Gateway and IBM MQ Appliance
Credential Vault Information Disclosure Vulnerability in IBM Robotic Process Automation with Automation Anywhere 11
Information Disclosure in IBM Robotic Process Automation with Automation Anywhere 11: Local User Access to E-mail Contents
IBM Robotic Process Automation with Automation Anywhere 11 LDAP Injection Vulnerability
Privilege Escalation Vulnerability in IBM Robotic Process Automation with Automation Anywhere 11
Local User Information Disclosure in IBM Robotic Process Automation with Automation Anywhere 11
Arbitrary Code Execution Vulnerability in BigFix Self-Service Application (SSA)
Cross-Site Scripting (XSS) Vulnerability in IBM Maximo Asset Management 7.6
Improper Session Validation Vulnerability in IBM WebSphere Application Server - Liberty (X-Force ID: 160950)
Improper Cookie Setting Vulnerability in IBM WebSphere Application Server Liberty
Unintended Access and Modification of Security-Critical Resource in IBM Security Guardium Big Data Intelligence (SonarG) 4.0
Vulnerability: User Credentials Stored in Plain Text in IBM Security Guardium Big Data Intelligence (SonarG) 4.0
Information Disclosure Vulnerability in IBM Emptoris Sourcing, Contract Management, and Spend Analysis
Hard Coded Credentials Vulnerability in IBM Security Guardium Big Data Intelligence (SonarG) 4.0
Inadequate Account Lockout Setting in IBM Security Guardium Big Data Intelligence 4.0 (SonarG) Allows Remote Brute Force Attack
IBM Security Guardium Big Data Intelligence (SonarG) 4.0 Unauthorized Information Disclosure Vulnerability
Cleartext Storage of Sensitive Information in IBM Security Guardium Big Data Intelligence (SonarG) 4.0
Weak Password Requirement in IBM Intelligent Operations Center and IBM Water Operations for Waternamics
Buffer Overflow Vulnerability in IBM DB2 for Linux, UNIX and Windows
Clickjacking Vulnerability in HCL AppScan Enterprise Advisory API Documentation
Critical Cross-Site Scripting Vulnerability in HCL AppScan Enterprise during Test Policy Import
Insecure Cryptographic Algorithm Used in HCL AppScan Enterprise for Storing REST API User Details
Missing HTTP Strict-Transport-Security Header in HCL AppScan Enterprise Web Application Console
Hard-coded Credentials in HCL AppScan Enterprise Allow Unauthorized Access to Encrypted Files
Incomplete Blacklisting in IBM Security Guardium Big Data Intelligence (SonarG) 4.0 Allows Bypass of Application Controls
Insecure Cookie Handling in IBM Security Guardium Big Data Intelligence (SonarG) 4.0
Information Disclosure Vulnerability in IBM Cognos Analytics 11.0 and 11.1
Insecure Storage of Key Files in IBM Watson Studio Local 1.2.3
Inadequate Account Lockout Setting in IBM Robotic Process Automation with Automation Anywhere 11 Allows Remote Brute Force Attack
Missing Authentication in Ignite Nodes in IBM Robotic Process Automation with Automation Anywhere 11
Resource Consumption Vulnerability in IBM Security Guardium Big Data Intelligence 4.0 (SonarG)
Weak Cryptographic Algorithms in IBM Security Guardium Big Data Intelligence (SonarG) 4.0: A Potential Decryption Vulnerability
XML External Entity Injection (XXE) Vulnerability in IBM Security Guardium Big Data Intelligence 4.0 (SonarG)
Cross-Site Scripting (XSS) Vulnerability in IBM Cognos Analytics 11.0 and 11.1
Overly Permissive Cross-Origin Resource Sharing in IBM Cognos Analytics 11.0 and 11.1
Deprecated Operating System Version Vulnerability in IBM Maximo Anywhere Applications
Sensitive Information Disclosure in IBM Maximo Anywhere 7.6.4.0 Applications
Obfuscation Vulnerability in IBM Maximo Anywhere 7.6.4.0 Applications
Arbitrary Code Execution Vulnerability in IBM Spectrum Protect Plus
CSV Injection Vulnerability in IBM Maximo Asset Management 7.6
Information Disclosure Vulnerability in IBM Cognos Analytics 11.0 and 11.1: Unauthorized Access to Cached Browser Data
Sensitive Information Disclosure in IBM Sterling B2B Integrator 6.0.0.0 and 6.0.0.1
IBM MQ Command Server Denial of Service Vulnerability
IBM i 7.27.3 Clustering Local Information Disclosure Vulnerability
Information Disclosure Vulnerability in IBM API Connect 5.0.0.0 through 5.0.8.6
Privilege Escalation Vulnerability in IBM Spectrum Protect Plus 10.1.0, 10.1.2, and 10.1.3
Directory Traversal Vulnerability in IBM Campaign 9.1.2 and 10.1
Information Disclosure: Password Exposure in IBM Spectrum Protect Plus 10.1.2 Joblog
IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1: Authenticated User Crash Vulnerability
SQL Injection Vulnerability in IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.2.0
Cross-Site Scripting (XSS) Vulnerability in HCL AppScan Source 9.0.3.13 and Earlier
HCL AppScan Standard XML External Entity Injection (XXE) Vulnerability
Hard-coded Credentials Vulnerability in HCL AppScan Standard Edition 9.0.3.13 and Earlier
Excessive Authorization Attempts Vulnerability in HCL AppScan Standard
Local User Email Spoofing Vulnerability in IBM Cloud Orchestrator
Information Disclosure Vulnerability in IBM Cloud Orchestrator
IBM Cloud Orchestrator Multiple Versions HTTP Response Splitting Vulnerability
Sensitive Information Disclosure in IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise
Sensitive Information Disclosure in IBM Cloud Orchestrator and IBM Cloud Orchestrator Enterprise
Weak Cryptographic Algorithms in IBM Cloud Orchestrator 2.4 and 2.5
Directory Traversal Vulnerability in IBM Cloud Orchestrator 2.4 and 2.5
Unprotected API in IBM API Connect Developer Portal Allows Denial of Service
Cross-Site Scripting (XSS) Vulnerability in IBM Connections 6.0
Timing Issue in IBM Spectrum Protect Backup-Archive Client TCP/IP Communications Vulnerability
Cross-Site Scripting (XSS) Vulnerability in HCL Traveler Versions 9.x and Earlier
Cross-Site Scripting (XSS) Vulnerability in IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, and 19.0.0.1
Easy to Guess Session Identifier Names in IBM Cognos Controller 10.3.0, 10.3.1, 10.4.0, and 10.4.1
Sensitive Information Disclosure in IBM Cognos Controller via URL Parameters
Improper Security Context Constraints in IBM Cloud Private 3.1.1 and 3.1.2
XML External Entity Injection (XXE) Vulnerability in IBM Intelligent Operations Center V5.1.0 through V5.2.0
Information Disclosure Vulnerability in IBM Intelligent Operations Center V5.1.0 through V5.2.0
Privilege Escalation Vulnerability in IBM Security Guardium
Directory Traversal Vulnerability in IBM Sterling File Gateway
XML External Entity Injection (XXE) Vulnerability in IBM Business Automation Workflow 18.0.0.0-19.0.0.2
Information Disclosure Vulnerability in IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, and 18.0.0.2
Cross-Site Scripting Vulnerability in IBM Case Builder Component
Weak SHA1 Certificate Used in IBM Cloud CLI Windows Installers
Cross-Site Scripting (XSS) Vulnerability in IBM Watson Assistant for IBM Cloud Pak for Data
Cross-Site Scripting (XSS) Vulnerability in IBM Maximo Asset Management 7.6.0 and 7.6.1
Directory Traversal Vulnerability in IBM Maximo Asset Management 7.6
Cross-Site Scripting (XSS) Vulnerability in IBM Rational Publishing Engine 6.0.6 and 6.0.6.1
XML External Entity Injection (XXE) Vulnerability in IBM InfoSphere Global Name Management and IBM InfoSphere Identity Insight
Information Leakage via API Swagger in IBM API Connect 2018.1 through 2018.4.1.6
Session Invalidation Vulnerability in IBM Cloud Private 3.1.0, 3.1.1, and 3.1.2
Information Disclosure Vulnerability in IBM WebSphere Application Server
Directory Traversal Vulnerability in IBM WebSphere Application Server
Password Autocomplete Enabled on IBM API Connect Developer Portal User Registration Page (CVE-2020-12345)
Unauthorized Actions by Modifying Request Parameters in IBM Maximo Asset Management 7.6
Privilege Escalation via PATH Manipulation in IBM DB2 High Performance Unload Load for LUW 6.1
Privilege Escalation in IBM DB2 High Performance Unload Load for LUW 6.1
Cross-Site Scripting (XSS) Vulnerability in IBM i 7.2, 7.3, and 7.4 for i
Cross-Site Scripting (XSS) Vulnerability in IBM Security Identity Manager 6.0.0
Cross-Site Scripting (XSS) Vulnerability in IBM QRadar 7.3.0 to 7.3.2 Patch 4
XML External Entity Injection (XXE) Vulnerability in IBM Daeja ViewONE Professional, Standard & Virtual 5.0.5 and 5.0.6
Information Disclosure Vulnerability in IBM Jazz Foundation 6.0 - 6.0.6.1
Cross-Site Scripting (XSS) Vulnerability in IBM Cloud Orchestrator
Directory Traversal Vulnerability in IBM API Connect Developer Portal
HTTP Response Splitting Vulnerability in IBM Cloud Orchestrator 2.4 and 2.5
Local File Inclusion Vulnerability in IBM Cloud Pak System 2.3 and 2.3.0.1
Cross-Site Scripting Vulnerability in IBM Cloud Pak System 2.3 and 2.3.0.1
Cross-Site Scripting (XSS) Vulnerability in IBM Cloud Pak System 2.3 and 2.3.0.1
Cross-Site Scripting (XSS) Vulnerability in IBM QRadar 7.3.0 to 7.3.2 Patch 4
Failure to Set Secure Flag for Sensitive Cookie in IBM Cognos Analytics 11.0 and 11.1
Insecure Absolute RPATHs in IBM SDK, Java Technology Edition on AIX Platform
Improper Handling of Command Line Options in IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0
Information Disclosure Vulnerability in IBM Maximo Asset Management 7.6.0 and 7.6.1
SQL Injection Vulnerability in IBM Contract Management and IBM Emptoris Spend Analysis
Cross-Site Scripting Vulnerability in IBM Emptoris Spend Analysis 10.1.0 through 10.1.3
SQL Injection Vulnerability in IBM Contract Management and IBM Emptoris Spend Analysis
Sensitive Information Disclosure Vulnerability in IBM Emptoris Sourcing, Contract Management, and Spend Analysis
Sensitive Information Disclosure Vulnerability in IBM Emptoris Sourcing, Contract Management, and Spend Analysis (X-Force ID: 164069)
Cross-Site Scripting (XSS) Vulnerability in IBM Maximo Asset Management 7.6
Cross-Site Scripting (XSS) Vulnerability in IBM Jazz Reporting Service (JRS) 6.0-6.0.6.1
Cross-Site Scripting (XSS) Vulnerability in IBM Jazz Reporting Service (JRS) 6.0-6.0.6.1
Cross-Site Scripting (XSS) Vulnerability in IBM Jazz Reporting Service (JRS) 6.0-6.0.6.1
Sensitive Information Disclosure Vulnerability in IBM WebSphere Application Server
Weak Credential Storage Vulnerability in IBM QRadar SIEM 7.3.0 through 7.3.3
Incorrect Authorization Vulnerability in IBM QRadar 7.3.0 to 7.3.2 Patch 4
Sensitive Information Disclosure in IBM Maximo Asset Management 7.6.1.1
XML External Entity Injection (XXE) Vulnerability in IBM Security Access Manager for Enterprise Single Sign-On 8.2.2
Sensitive Information Disclosure in IBM Security Key Lifecycle Manager
Cross-Site Request Forgery Vulnerability in IBM Security Key Lifecycle Manager 3.0 and 3.0.1
Inadequate Account Lockout Setting in IBM Security Directory Server 6.4.0
CVS Injection Vulnerability in IBM Cloud Pak System 2.3
Buffer Overflow Vulnerability in IBM DB2 High Performance Unload Load for LUW 6.1 and 6.5
Unauthorized Record Deletion Vulnerability in IBM Maximo Asset Management 7.6, 7.6.1, and 7.6.1.1
Denial of Service Vulnerability in IBM Resilient SOAR V38.0
Privilege Escalation Vulnerability in IBM i 7.4 with Db2 Mirror for i
Information Disclosure Vulnerability in IBM WebSphere Service Registry and Repository 8.5
Open Redirect Vulnerability in IBM Security Directory Server 6.4.0
XML Injection Vulnerability in IBM Security Directory Server 6.4.0
Weak Cryptographic Algorithms in IBM Security Directory Server 6.4.0
Incomplete Blacklisting in IBM Security Directory Server 6.4.0 Allows Bypass of Application Controls
Cross-Site Scripting (XSS) Vulnerability in IBM Security Directory Server 6.4.0
Spoofing Vulnerability in IBM QRadar SIEM 7.3 and 7.4 with Active Directory Authentication
Privilege Escalation Vulnerability in IBM Maximo Health- Safety and Environment Manager 7.6.1
Sensitive Information Disclosure in IBM Security Directory Server 6.4.0
Clickjacking Vulnerability in IBM Security Directory Server 6.4.0
IBM Security Directory Server 6.4.0 Information Disclosure Vulnerability
Debugging Code Vulnerability in IBM Security Directory Server 6.4.0
Authentication Bypass Vulnerability in IBM Security Directory Server 6.4.0
HTTP Response Splitting Vulnerability in IBM Security Access Manager and IBM Security Verify Access
Weak Cryptographic Algorithms in IBM API Connect V5.0.0.0 through 5.0.8.7iFix3: High-Risk Information Decryption Vulnerability
Cross-Site Scripting (XSS) Vulnerability in IBM Cognos Analytics 11.0 and 11.0
Incomplete Blacklisting in IBM QRadar Advisor 1.0.0 through 2.4.0 Allows Bypassing of Application Controls
Weak Cryptographic Algorithms in IBM Qradar Advisor 1.1-2.5 with Watson: High-Risk Information Decryption Vulnerability
Privilege Escalation Vulnerability in IBM Spectrum Scale
IBM QRadar SIEM 7.3.0 through 7.3.3 Information Disclosure Vulnerability
Denial of Service Vulnerability in IBM MQ and IBM MQ Appliance 9.1 CD, 9.1 LTS, 9.0 LTS, and 8.0
Arbitrary Code Execution Vulnerability in IBM Security Identity Manager 6.0.0
Sensitive Information Disclosure in IBM Security Directory Server 6.4.0
Insecure Cookie Handling in IBM Security Directory Server 6.4.0
Cross-Site Scripting (XSS) Vulnerability in IBM Security Key Lifecycle Manager
Weak Password Requirement in IBM Security Key Lifecycle Manager 3.0 and 3.0.1
Vulnerability: Plain Text Storage of User Credentials in IBM Security Key Lifecycle Manager 3.0 and 3.0.1
Denial of Service Vulnerability in IBM MQ and IBM MQ Appliance 8.0 and 9.0 LTS
Cross-Site Scripting Vulnerability in IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.16
Sensitive Information Disclosure in IBM Tivoli Netcool Impact 7.1.0 through 7.1.0.16
Cross-Site Scripting (XSS) Vulnerability in IBM Content Navigator 3.0CD
Web Service User Credentials Logging Vulnerability in IBM FileNet Content Manager 5.5.2 and 5.5.3
SQL Injection Vulnerability in IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.2.0 through 3.2.9
Weak Password Requirement in IBM QRadar Network Packet Capture
Incomplete Blacklisting in IBM Resilient SOAR 38 Allows Bypass of Application Controls and Compromises System and Data Integrity
Cross-Site Scripting (XSS) Vulnerability in IBM QRadar 7.3.0 to 7.3.2 Patch 4
Directory Traversal Vulnerability in IBM Maximo Asset Management 7.6.0 and 7.6.1
Information Disclosure Vulnerability in IBM Maximo Asset Management 7.6.0.10 and 7.6.1.1
Local Privilege Escalation and DLL Hijacking Vulnerability in IBM Db2 for Linux, UNIX and Windows
Privilege Escalation in IBM Cognos Analytics 11.0 and 11.1: Unauthorized Access to My Schedules and Subscriptions Page
Session Invalidation Vulnerability in IBM Maximo Asset Management 7.6.0 and 7.6.1
Unauthorized Access and Modification Vulnerability in IBM Tivoli Monitoring Service 6.3.0.7.3 through 6.3.0.7.10
Sensitive Information Disclosure in IBM QRadar 7.3.0 to 7.3.3 Patch 2
Improper HTTP Strict Transport Security Configuration in IBM QRadar 7.3.0 to 7.3.3 Patch 2
Open Redirect Vulnerability in IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5
Cross-Site Scripting (XSS) Vulnerability in IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5
SQL Injection Vulnerability in IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5
SQL Injection Vulnerability in IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5
Sensitive Information Disclosure in IBM API Connect (CVE-2020-4428)
Information Disclosure Vulnerability in IBM Quality Manager (RQM) 6.02, 6.06, and 6.0.6.1
Cross-Site Scripting (XSS) Vulnerability in IBM Quality Manager (RQM) 6.02, 6.06, and 6.0.6.1
User Impersonation Vulnerability in IBM Quality Manager (RQM) 6.02, 6.06, and 6.0.6.1
Untrusted Search Path Vulnerability in IBM DB2 High Performance Unload Load for LUW 6.1 and 6.5
Cross-Site Scripting Vulnerability in IBM Tivoli Workload Scheduler 9.3
Weak Cryptographic Algorithms in IBM API Connect 2018.4.1.7: A Potential Threat to Sensitive Data
Cross-Site Scripting (XSS) Vulnerability in IBM Planning Analytics 2.0
Vulnerability: Malicious File Upload in IBM Planning Analytics 2.0 My Account Portal
Cross-Site Request Forgery Vulnerability in IBM Planning Analytics 2.0
SIGSEGV Denial of Service Vulnerability in IBM MQ and IBM MQ Appliance 8.0 and 9.0 LTS Client
Insecure Cookie Handling in IBM Cloud Automation Manager 3.2.1.0
Session Fixation/Hijacking Vulnerability in IBM Cloud Automation Manager 3.2.1.0
Sensitive Information Disclosure in IBM MQ and IBM MQ Appliance
Improper Validation of Environment Variables in IBM MQ Appliance 8.0 and 9.0 LTS
Default Administrator Account Enabled via IPMI LAN Channel in IBM DataPower Gateway
Cross-Site Scripting (XSS) Vulnerability in IBM Cognos Analytics 11.0 and 11.1
Open Redirect Vulnerability in IBM Security Secret Server 10.7 Allows for Phishing Attacks
Cross-Site Scripting (XSS) Vulnerability in IBM Security Secret Server 10.7
CORS Policy Vulnerability in IBM Security Secret Server 10.7
Command Injection Vulnerability in IBM Security Secret Server 10.7
Information Disclosure Vulnerability in IBM Security Secret Server 10.7
Incomplete Blacklisting in IBM Security Secret Server 10.7 Allows Bypass of Application Controls and Compromises System and Data Integrity
Insecure Session Management in IBM Security Secret Server 10.7
Weak Cryptographic Algorithms in IBM Security Secret Server 10.7: A Critical Vulnerability
Insufficient Verification of Code Origin and Integrity in IBM Security Secret Server 10.7
Cross-Site Scripting (XSS) Vulnerability in IBM Maximo Asset Management 7.6
Cross-Site Scripting (XSS) Vulnerability in IBM Cognos Analytics 11.0 and 11.1
SQL Injection Vulnerability in IBM Maximo Asset Management 7.6.1.1
SQL Injection Vulnerability in IBM Jazz Reporting Service (JRS) 6.0.6.1
Insecure File Permissions in IBM Spectrum Protect Plus 10.1.0 through 10.1.4 on Windows
Cross-Site Scripting (XSS) Vulnerability in IBM Cognos Analytics 11.0 and 11.1
Certificate Validation Vulnerability in IBM QRadar 7.3.0 to 7.3.3 Patch 2
IBM MQ 9.1.x Denial of Service Vulnerability
Denial of Service Vulnerability in IBM MQ and IBM MQ Appliance
Cross-Site Scripting (XSS) Vulnerability in IBM WebSphere Application Server - Liberty (IBM X-Force ID: 171245)
Cross-Site Scripting (XSS) Vulnerability in IBM Spectrum Scale 4.2 and 5.0
Unmasking of Secure Values in IBM UrbanCode Deploy and IBM UrbanCode Build
IBM UrbanCode Deploy (UCD) 7.0.5.2 HTTP Strict Transport Security Bypass Vulnerability
Clear Text Storage of User Credentials in IBM UrbanCode Deploy (UCD) 7.0.4.0
SQL Injection Vulnerability in IBM Business Process Manager and IBM Business Automation Workflow
Improper Data Representation Vulnerability in IBM WebSphere Application Server
SQL Injection Vulnerability in IBM Maximo Asset Management 7.6.0 and 7.6.1
IBM QRadar Advisor 1.1 through 2.5 Information Disclosure Vulnerability
Directory Traversal Vulnerability in IBM Security Identity Manager 7.0.1
Hard-coded Credentials Vulnerability in IBM Security Identity Manager 7.0.1
Clear Text Storage of User Credentials in IBM Security Identity Manager Virtual Appliance 7.0.2
Information Disclosure Vulnerability in IBM Content Navigator 3.0CD
SQL Injection Vulnerability in IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.2.2
Cross-Site Scripting Vulnerability in IBM Tivoli Netcool Impact 7.1.0.0 through 7.1.0.17
Insecure Cookie Handling in IBM Security Guardium Data Encryption (GDE) 3.0.0.2
Sensitive Information Disclosure via URL Parameters in IBM Security Guardium Data Encryption (GDE) 3.0.0.2
Insecure Cookie Handling in IBM Security Guardium Data Encryption (GDE) 3.0.0.2
Improper HTTP Strict Transport Security Configuration in IBM Security Guardium Data Encryption (GDE) 3.0.0.2
Cross-Site Scripting (XSS) Vulnerability in IBM Security Guardium Data Encryption (GDE) 3.0.0.2
IBM Security Guardium Data Encryption (GDE) 3.0.0.2 Unauthorized Information Disclosure Vulnerability
Clear Text Storage of User Credentials in IBM Security Guardium Data Encryption (GDE) 3.0.0.2
Hard-coded Credentials in IBM Security Guardium Data Encryption (GDE) 3.0.0.2
Local File Disclosure Vulnerability in IBM Security Guardium Data Encryption (GDE) 3.0.0.2
Clear text storage of user credentials in IBM Security Guardium Data Encryption (GDE) 3.0.0.2
Weak Password Requirement in IBM Security Guardium Data Encryption (GDE) 3.0.0.2
Sensitive Information Disclosure in IBM Security Guardium Data Encryption (GDE) 3.0.0.2
Debugging Code Vulnerability in IBM Security Guardium Data Encryption (GDE) 3.0.0.2
Unintended Access and Modification of Security-Critical Resource in IBM Security Guardium Data Encryption (GDE) 3.0.0.2
Information Disclosure Vulnerability in IBM Spectrum Protect Plus
Insecure Cookie Handling in IBM Security Identity Manager Virtual Appliance 7.0.2
Sensitive Information Disclosure Vulnerability in IBM Security Identity Manager Virtual Appliance 7.0.2
Sensitive Information Exposure in IBM Security Identity Manager Virtual Appliance 7.0.2
XML External Entity Injection (XXE) Vulnerability in IBM Security Access Manager Appliance 9.0.7.0
Arbitrary Command Execution Vulnerability in IBM Security Guardium Data Encryption (GDE) 3.0.0.2
Arbitrary Command Execution Vulnerability in IBM Spectrum Scale 4.2 and 5.0
IBM Planning Analytics 2.0.0 through 2.0.8 Configuration Overwrite Vulnerability
Cross-Site Scripting (XSS) Vulnerability in IBM Jazz for Service Management 3.13
Sensitive Information Disclosure in IBM MQ and IBM MQ Appliance
Denial of Service Vulnerability in IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0
Information Disclosure Vulnerability in IBM Cognos Analytics 11.0 and 11.1
Remote Credential Theft in IBM Cognos Analytics 11.0 and 11.1 via Incorrect Autocomplete Settings
Remote Credential Theft in IBM Cognos Analytics 11.0 and 11.1 via Incorrect Autocomplete Settings
Cross-Site Scripting (XSS) Vulnerability in IBM Security Access Manager Appliance 9.0
Cross-Site Request Forgery Vulnerability in IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5
Arbitrary Code Execution Vulnerability in IBM Sterling B2B Integrator
Sensitive Information Disclosure in IBM Cognos Analytics 11.0 and 11.1
XML External Entity Injection (XXE) Vulnerability in IBM Cognos Analytics 11.0 and 11.1
Sensitive Information Disclosure in IBM MQ Appliance 9.1.4.CD via Trace Inclusion
DLL Search Order Hijacking Vulnerability in IBM SDK, Java Technology Edition Versions 7.0.0.0 through 7.0.10.55, 7.1.0.0 through 7.1.4.55, and 8.0.0.0 through 8.0.6.0
Vulnerability in IBM MaaS360 for iOS Allows Unauthorized Access to Sensitive Information
Cross-Site Request Forgery Vulnerability in IBM Financial Transaction Manager 3.0
Cross-Site Scripting (XSS) Vulnerability in IBM DOORS Next Generation (DNG/RRC) 6.0.2 - 6.0.61
Information Disclosure Vulnerability in IBM Sterling B2B Integrator Standard Edition
Cross-Site Scripting (XSS) Vulnerability in IBM DOORS Next Generation (DNG/RRC) 6.0.2 - 6.0.61
IBM Content Navigator 3.0CD Vulnerability: Server Side Request Forgery (SSRF)
Remote Click Hijacking Vulnerability in IBM Financial Transaction Manager 3.0
Insecure Cookie Handling in IBM Financial Transaction Manager 3.0
Cross-Site Scripting (XSS) Vulnerability in IBM Financial Transaction Manager 3.0
Information Disclosure Vulnerability in IBM Maximo Asset Management 7.6.1.0
Cross-Site Scripting (XSS) Vulnerability in IBM DOORS Next Generation (DNG/RRC) 6.0.2 - 6.0.61
Cross-Site Scripting (XSS) Vulnerability in IBM Team Concert (RTC)
Cross-Site Scripting Vulnerability in IBM Jazz Team Server Based Applications
Cross-Site Scripting (XSS) Vulnerability in IBM Maximo Asset Management 7.6
Cross-Site Request Forgery Vulnerability in IBM Cloud App Management 2019.3.0 and 2019.4.0
Information Disclosure Vulnerability in IBM Cloud App Management 2019.3.0 and 2019.4.0
SQL Injection Vulnerability in IBM Emptoris Spend Analysis and Strategic Supply Management Platform
Denial of Service Vulnerability in IBM MQ 9.0 and 9.1 Channel Processing Function
Memory Corruption Vulnerability in Foxit Reader and PhantomPDF
NULL Pointer Dereference Vulnerability in Foxit Reader and PhantomPDF
Out-of-Bounds Read Information Disclosure and Crash in Foxit Reader and PhantomPDF
QEMU 3.1.50 Vulnerability: NULL Pointer Dereference in hw/sparc64/sun4u.c
Arbitrary PHP Code Execution via Logo Upload in Vtiger CRM 7.1.0
X509 Certificate Parser Denial-of-Service Vulnerability in Python.org Python 2.7.11 / 3.6.6
Privilege Escalation Vulnerability in CleanMyMac X 4.20
Privilege Escalation Vulnerability in Wacom Driver Update Helper Service
Wacom Driver Privilege Escalation Vulnerability
Bluetooth Low Energy Access Control Vulnerability in Winco Fireworks FireFly FW-1007 V2.0
Local Privilege Escalation Vulnerability in Pixar Renderman 22.3.0's Install Helper Tool for Mac OS X
Arbitrary Memory Read Vulnerability in KCodes NetUSB.ko Kernel Module
Information Disclosure Vulnerability in KCodes NetUSB.ko Kernel Module
Use After Free Vulnerability in Sqlite3 3.26.0 Window Function
Heap-Based Overflow Vulnerability in Rainbow PDF Office Server Document Converter V7.0 Pro R1 (7,0,2018,1113)
Denial of Service Vulnerability in Yara 3.8.1 Object Lookup Functionality
NULL Password Vulnerability in Official Alpine Linux Docker Images
Memory Leakage Vulnerability in grsecurity PaX Patch for read_kmem Function
Kiosk Mode Escape: Unauthorized Administrator Access in Capsule Technologies SmartLinx Neuron 2 Devices
Command Injection Vulnerability in Exhibitor Web UI
Buffer Overflow Vulnerability in Rainbow PDF Office Server Document Converter V7.0 Pro MR1 (7,0,2019,0220) PowerPoint Document Conversion Function
Memory Corruption Vulnerability in Foxit PDF Reader 9.4.1.16828 Allows Arbitrary Code Execution
Out-of-Bounds Read Vulnerability in Aspose.Cells 19.1.0 Library
Out-of-Bounds Read Vulnerability in Aspose.Cells 19.1.0 Library
Weave Legacy Pairing Information Disclosure Vulnerability in Nest Cam IQ Indoor
Weave PASE Pairing Vulnerability in Nest Cam IQ Indoor
Denial-of-Service Vulnerability in Nest Cam IQ Indoor Weave Error Reporting
Weave Certificate Loading Integer Overflow Denial-of-Service Vulnerability in Nest Cam IQ Indoor Camera
Weave Tool Print-TLV Command Stack-Based Buffer Overflow Vulnerability
Openweave-core 4.0.2 ASN1 Certificate Writing Heap-Based Buffer Overflow Vulnerability
Integer Overflow and Information Disclosure in Weave MessageLayer Parsing
Stack Based Buffer Overflow in Aspose.Words Library (Version 18.11.0.0) Allows Remote Code Execution
Use-After-Free Vulnerability in Aspose.PDF 19.2 for C++
Denial-of-Service Vulnerability in Nest Cam IQ Indoor Weave Daemon (Version 4620002)
Heap Corruption and Arbitrary Code Execution Vulnerability in NitroPDF 12.12.1.522
Heap Corruption and Arbitrary Code Execution Vulnerability in NitroPDF 12.12.1.522
Use After Free Vulnerability in NitroPDF's CharProcs Parsing Functionality
Heap Corruption Vulnerability in NitroPDF 12.12.1.522 Allows Arbitrary Code Execution
Out-of-Bounds Memory Write Vulnerability in AMD ATIDXX64.DLL Driver
Heap Corruption Vulnerability in NitroPDF 12.12.1.522 Allows Arbitrary Code Execution
Heap-based Buffer Overflow in SDL2_image PCX File Loading
Integer Overflow Vulnerability in SDL2_image 2.0.4 Allows for Buffer Overflow and Code Execution
Use-After-Free Vulnerability in NitroPDF's Length Parsing Function
Denial-of-Service Vulnerability in NETGEAR N300 (WNR2000v5) HTTP Server
Denial-of-Service Vulnerability in NETGEAR N300 Wireless Router
PCX Image Rendering Heap Overflow Vulnerability in SDL2_image 2.0.4
Heap Overflow Vulnerability in SDL2_image 2.0.4 XCF Image Rendering
Integer Overflow and Heap Overflow in SDL2_image 2.0.4 XPM Image Rendering
Heap Overflow Vulnerability in SDL2_image 2.0.4 via XPM Image Rendering
Denial-of-Service Vulnerability in hostapd 2.6: Pre-Authentication IAPP Location Update Exploit
Denial-of-Service Vulnerability in 802.11w Security State Handling
Heap Buffer Overflow in OpenCV 4.1.0's Data Structure Persistence Functionality
Heap Buffer Overflow in OpenCV's Data Structure Persistence Functionality
Unterminated strncpy Information Disclosure Vulnerability in Blynk-Library v0.6.1
Use-After-Free Vulnerability in Aspose.PDF 19.2 for C++
Uninitialized Memory Access Vulnerability in Aspose.PDF 19.2 for C++
X11 Mesa 3D Graphics Library 19.1.2 Shared Memory Permissions Vulnerability
Unsafe Deserialization Vulnerability in Epignosis eFront LMS v5.2.12
Unauthenticated SQL Injection Vulnerability in eFront LMS v5.2.12 and Earlier
Command Injection Vulnerability in Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Router (AC9V1.0 Firmware V15.03.05.16multiTRU)
Command Injection Vulnerability in Tenda AC9 Router AC1200 Smart Dual-Band Gigabit WiFi Router (AC9V1.0 Firmware V15.03.05.16multiTRU)
Information Exposure Vulnerability in WAGO PFC200 and PFC100 Firmware
Stack Buffer Overflow in WAGO PFC200 and PFC100 Firmware
Stack Buffer Overflow in WAGO PFC200 and PFC100 Firmware Versions 03.01.07(13) and 03.00.39(12)
Accusoft ImageGear 19.3.0 Library PNG Header-Parser Out-of-Bounds Write Vulnerability
Denial-of-Service Vulnerability in WAGO PFC Devices
Denial of Service Vulnerability in WAGO PFC200 and PFC100 Firmware
Heap Buffer Overflow in WAGO PFC200 and PFC100 Firmware
Denial-of-Service and Credential Weakness Vulnerability in WAGO PFC Devices
Heap Buffer Overflow in WAGO PFC 200 and PFC100 Firmware
Heap Buffer Overflow in WAGO PFC200 and PFC100 Firmware Versions 03.01.07(13), 03.00.39(12)
Remote Code Execution Vulnerability in Accusoft ImageGear 19.3.0 Library
Heap Out-of-Bounds Write Vulnerability in LEADTOOLS 20 TIF Parsing Functionality
DICOM Packet-Parsing Integer Overflow Vulnerability in LEADTOOLS libltdic.so
Integer Overflow Vulnerability in xcftools' flattenIncrementally Function
Integer Overflow Vulnerability in xcftools 1.0.7's flattenIncrementally Function
Out-of-Bounds Memory Write Vulnerability in Investintech Able2Extract Professional 14.0.7 x64
JPEG File Memory Corruption Vulnerability in Investintech Able2Extract Professional 4.0.7 x64
DICOM Packet-Parsing Out-of-Bounds Read Information Disclosure Vulnerability in LEADTOOLS libltdic.so
LEADTOOLS libltdic.so Version 20.0.2019.3.15 Denial-of-Service Vulnerability
Heap Out of Bounds Write Vulnerability in LEADTOOLS DICOM Image Format Parsing
DICOM Network Response Integer Overflow Vulnerability in LEADTOOLS libltdic.so
Heap-based Out-of-Bounds Write Vulnerability in E2fsprogs 1.45.3
Information Disclosure Vulnerability in Atlassian Jira Tempo Plugin (Version 4.10.0) Allows Unauthorized Access to Issue Summaries
Code Execution Vulnerability in GoAhead Web Server
Denial-of-Service Vulnerability in GoAhead Web Server Application
Out-of-Bounds Read Vulnerability in AMD ATIDXX64.DLL Driver
Integer Underflow Vulnerability in LEADTOOLS 20 CMP Parsing Functionality
Integer Overflow Vulnerability in LEADTOOLS 20 BMP Header Parsing
OpenWrt ustream-ssl Library Information Leak Vulnerability
OpenWrt ustream-ssl Library Information Leak Vulnerability
Memory Corruption Vulnerability in CODESYS GatewayService
Hard-coded Encryption Key Vulnerability in WAGO e!Cockpit 1.5.1.1
Cleartext Transmission Vulnerability in WAGO e!Cockpit 1.5.1.1: Exposing Sensitive Data to Network Interception
Linux Kernel Denial-of-Service Vulnerability via IAPP Location Updates
SQL Injection Vulnerability in Forma LMS 2.2.1 Allows Database Exfiltration and OS Access
SQL Injection Vulnerability in Forma LMS 2.2.1 Allows Database Exfiltration and OS Access
Authenticated SQL Injection Vulnerability in Forma LMS 2.2.1
Authenticated SQL Injection Vulnerability in Forma LMS 2.2.1
SQL Injection Vulnerability in YouPHPTube 7.6
SQL Injection Vulnerability in YouPHPTube 7.6
SQL Injection Vulnerability in YouPHPTube 7.6: Exfiltration of Database and User Credentials
SQL Injection Vulnerability in YouPHPTube 7.6
SQL Injection Vulnerability in YouPHPTube 7.6
SQL Injection Vulnerability in YouPHPTube 7.6 Authenticated PluginSwitch Endpoint
SQL Injection Vulnerability in YouPHPTube 7.6 Authenticated PluginSwitch.json.php Endpoint
SQL Injection Vulnerability in YouPHPTube 7.6 via Parameter dir in /objects/pluginSwitch.json.php
Out-of-Bounds Read Vulnerability in AMD ATIDXX64.DLL Driver (Version 26.20.13001.50005)
Heap Overflow Vulnerability in LEADTOOLS 20 JPEG2000 Parsing Functionality
Use-After-Free Vulnerability in Foxit PDF Reader 9.7.0.29435 Allows Arbitrary Code Execution
Command Injection Vulnerability in YouPHPTube Encoder Plugin
Command Injection Vulnerability in YouPHPTube Encoder
Command Injection Vulnerability in YouPHPTube Encoder Plugin
Use-After-Free Vulnerability in Foxit PDF Reader 9.7.0.29435 Allows Arbitrary Code Execution
Use-After-Free Vulnerability in Foxit PDF Reader 9.7.0.29435 Allows Arbitrary Code Execution
Remote Code Execution Vulnerability in Accusoft ImageGear 19.3.0 Library
Remote Code Execution Vulnerability in ImageGear 19.3.0 BMP Parser
Regular Expression Bypass Vulnerability in WAGO PFC200 and PFC100 Web-Based Management Authentication
Timing Discrepancy Vulnerability in WAGO PFC100/200 Controllers' Web-Based Management Application
Privilege Escalation Vulnerability in Moxa AWK-3131A Firmware v1.13
Hard-coded Cryptographic Keys Vulnerability in Moxa AWK-3131A Firmware v1.13
Command Injection Vulnerability in Moxa AWK-3131A Firmware v1.13 Allows Remote Device Control
Hard-coded Credentials Vulnerability in Moxa AWK-3131A Firmware v1.13
Command Injection Vulnerability in Moxa AWK-3131A Firmware v1.13
Command Injection Vulnerability in Moxa AWK-3131A Firmware v1.13
Command Injection Vulnerability in Moxa AWK-3131A Firmware v1.13
Format String Vulnerability in Moxa AWK-3131A Firmware v1.13 Allows Remote Code Execution
Heap Underflow Vulnerability in Kakadu Software SDK 7.10.2 Allows Remote Code Execution
Use-After-Free Vulnerability in Foxit PDF Reader 9.7.0.29435 Allows Arbitrary Code Execution
Out-of-Bounds Read Vulnerability in AMD ATIDXX64.DLL Driver
Out-of-Bounds Read Vulnerability in AMD ATIDXX64.DLL Driver (CVE-2020-XXXX)
Denial-of-Service Vulnerability in Moxa AWK-3131A ServiceAgent Functionality
Denial of Service Vulnerability in WAGO PFC100 and PFC2000 Web Application
SQL Injection Vulnerability in YouPHPTube 7.7 with VideoTags Plugin
SQL Injection Vulnerability in YouPHPTube 7.7 Allows for Remote Code Execution
Information Disclosure Vulnerability in Shadowsocks-libev 3.3.2 Allows Outbound Connection and Data Leakage
Remote Code Execution Vulnerability in Moxa AWK-3131A Firmware Version 1.13
Heap Overflow Vulnerability in LEADTOOLS 20.0.2019.3.15 JPEG2000 Parsing Functionality
Command Injection Vulnerability in WAGO PFC200 Cloud Connectivity Feature
Command Injection Vulnerability in WAGO PFC200 Cloud Connectivity Functionality
Command Injection Vulnerability in WAGO PFC200 Firmware
Firmware Downgrade Vulnerability in WAGO e!COCKPIT Automation Software v1.6.1.5
Arbitrary File Write Vulnerability in WAGO e!COCKPIT Automation Software
Improper Host Validation Vulnerability in WAGO PFC200 Firmware
Remote Code Execution Vulnerability in WAGO PFC200 Cloud Connectivity Service
Improper Access Control Vulnerability in Moxa AWK-3131A Firmware v1.13
UDPRelay Denial-of-Service Vulnerability in Shadowsocks-libev 3.3.2
Code Execution and Privilege Escalation Vulnerability in Shadowsocks-libev 3.3.2
Authentication Bypass Vulnerability in Moxa AWK-3131A Firmware v1.13
Stack Buffer Overflow in WAGO PFC 200 Version 03.02.02(14)
Command Injection Vulnerability in WAGO PFC 200 Version 03.02.02(14)
Command Injection Vulnerability in WAGO PFC 200 Version 03.02.02(14)
Command Injection Vulnerability in WAGO PFC 200 Firmware version 03.02.02(14)
Command Injection Vulnerability in WAGO PFC 200 Firmware version 03.02.02(14)
Command Injection Vulnerability in WAGO PFC 200 Firmware 03.02.02(14)
Command Injection Vulnerability in WAGO PFC 200 Firmware version 03.02.02(14)
Command Injection Vulnerability in WAGO PFC 200 Firmware version 03.02.02(14)
Command Injection Vulnerability in WAGO PFC 200 Version 03.02.02(14)
Command Injection Vulnerability in WAGO PFC 200 Firmware version 03.02.02(14)
Stack Buffer Overflow in WAGO PFC 200 Firmware version 03.02.02(14)
Stack Buffer Overflow in WAGO PFC 200 Firmware version 03.02.02(14)
Stack Buffer Overflow in WAGO PFC 200 Firmware version 03.02.02(14)
Stack Buffer Overflow Vulnerability in WAGO PFC 200 Firmware 03.02.02(14)
Stack Buffer Overflow in WAGO PFC 200 Firmware v03.02.02(14) IO-Check Service
Stack Buffer Overflow Vulnerability in WAGO PFC 200 Firmware 03.02.02(14)
Stack Buffer Overflow in WAGO PFC 200 Firmware 03.02.02(14) IOCheck Service
Type Confusion Vulnerability in AMD ATIDXX64.DLL Driver
Double Free Vulnerability in WAGO PFC 200's I/O-Check Service
Stack Buffer Overflow Vulnerability in WAGO PFC 200's I/O-Check Service
Stack Buffer Overflow Vulnerability in WAGO PFC 200's I/O-Check Service
Accusoft ImageGear 19.5.0 TIFreadstripdata Out-of-Bounds Write Remote Code Execution Vulnerability
Stack-based code execution vulnerability in E2fsprogs e2fsck 1.45.4 via crafted ext4 directory
Improper Validation of Array Index Vulnerability in Huawei Nova 5i Pro and Nova 5 Smartphones
Improper File Management Vulnerability in Huawei Share Function of P20 Phones
Improper Access Control Vulnerability in Huawei Share Allows Information Disclosure
Insufficient Authentication Vulnerability in Honor Play Smartphones
Use After Free Vulnerability in Huawei Mate10 Smartphones
Huawei P30 and P30 Pro Man-in-the-Middle (MITM) Vulnerability
Race Condition Vulnerability on Huawei Honor V10, Honor 10, and Honor Play Smartphones
Information Disclosure Vulnerability on Mate 9 Pro Huawei Smartphones
Insufficient Authentication Vulnerability in Huawei Band 2 and Honor Band 3
Double Free Vulnerability in Huawei Mate10 Smartphones: Exploiting Resource Sharing for Denial of Service
Factory Reset Protection (FRP) Bypass Vulnerability on Multiple Smartphones
Path Traversal Vulnerability in Huawei Share
Information Disclosure Vulnerability in Huawei Smartphones' Secure Input
Improper Authentication Vulnerability in PCManager 9.1.3.1
Out of Bounds Read Vulnerability in P30 Smartphones
Buffer Overflow Vulnerability in P30, Mate 20, P30 Pro Smartphones
Vulnerability: Version Downgrade in P30, P30 Pro, Mate 20 Smartphones and HiSuite Software
Vulnerability: Version Downgrade in P30, P30 Pro, Mate 20 Smartphones and HiSuite Software
Race Condition Vulnerability in Certain Detection Module of P30, P30 Pro, Honor V20 Smartphones
Insufficient Verification Vulnerability in P30 Smartphones
Improper Validation Vulnerability in Huawei P20 Pro, P20, Mate RS Smartphones
Improper Authorization Check in P30 Smartphones
Insufficiently Random Values Vulnerability in Huawei ViewPoint Products
Improper Authentication Vulnerability in Pre-Taurus-AL00B 10.0.0.41(SP2C00E41R3P2) Huawei Smartphones
Null Pointer Dereference Vulnerability in Huawei Smart Phones
Double Free Vulnerability in Huawei Smart Phones Emily-L29C
Code Execution Vulnerability in Huawei PCManager
Code Execution Vulnerability in Huawei PCManager
Information Leak Vulnerability in Huawei PCManager
Privilege Escalation Vulnerability in Huawei PCManager: Exploiting User-Installed Malicious Applications
Title: Code Execution Vulnerability in Huawei PCManager Allows Remote Code Execution
Clickjacking Vulnerability in Huawei HG255s: Exploiting User Clicks to Compromise Device Integrity
Information Leak Vulnerability in Huawei Mate 9 Pro Smartphones
DLL Hijacking Vulnerability in HiSuite 9.1.0.300 and Earlier Versions
Insufficient Verification Vulnerability in ELLE-AL00B 9.1.0.109(C00E106R1P21) and other versions
Buffer Overflow Vulnerability in Huawei Atlas 300 and Atlas 500: Local Authenticated Attackers Can Cause Service Crash
CloudEngine 12800 DoS Vulnerability: Memory Leak Exploitation
Improper Authorization Vulnerability in Mate 20 Pro Smartphones
Path Traversal Vulnerability in Huawei Smartphones: Exploiting Application Pathnames for Information Disclosure
Improper Authentication Vulnerability in Huawei Smartphones: Applock Bypass
Improper Authentication Vulnerability in E5572-855 (Versions < 8.0.1.3) Allows Reboot and Man-in-the-Middle Attack
Out-of-Bounds Read Vulnerability in Certain Huawei Products
DoS Vulnerability in Certain Huawei Products: Crafted FTP Messages Exploit
Null Pointer Dereference Vulnerability in Certain Huawei Products
Resource Management Vulnerability in Huawei Products: Unauthorized Message Injection via Internal Network
Buffer Overflow Vulnerability in Certain Huawei Products
Information Leakage Vulnerability on Huawei Products: Unauthorized Access to High-Privilege Information
Denial of Service Vulnerability in Huawei Y9 2019 and Honor View 20 Smartphones
Brute Forcing Encrypted Backup Data Vulnerability in HiSuite and HwBackup
Information Disclosure Vulnerability in Huawei Smartphones: Applock Bypass
Improper Access Control Vulnerability in Huawei Share Function on P30 9.1.0.193(C00E190R2P1) Smartphone
Insufficient Input Validation Vulnerability in Huawei Share Function on P30 9.1.0.193(C00E190R2P1) Smartphone
Information Disclosure Vulnerability in Huawei OceanStor SNS3096 V100R002C01
Huawei Home Routers Input Validation Vulnerability: File Access and Upload Exploit
Improper Authorization Vulnerability in Huawei Home Routers Allows Privilege Escalation and File Execution
Information Leak Vulnerability in Huawei Smart Speaker Myna Allows Unauthorized Configuration Access
Missing Integrity Checking Vulnerability in USG9500 (V500R001C30;V500R001C60) Software
Denial of Service Vulnerability in USG9500 with V500R001C30;V500R001C60
Denial of Service Vulnerability in USG9500 with V500R001C30;V500R001C60
Denial of Service Vulnerability in USG9500 with V500R001C30;V500R001C60
Buffer Overflow Vulnerability in Huawei Smart Phones
Information Leak Vulnerability in Huawei CloudUSM-EUA V600R006C10;V600R019C00
Out-of-Bounds Read Vulnerability in Advanced Packages Feature of Gauss100 OLTP Database in CampusInsight
Information Leakage Vulnerability in Huawei Smart Phones
Huawei CloudLink Phone 7900 TLS Certificate Verification Vulnerability
Information Leak Vulnerability in Huawei Phones: Exploiting Camera Access for Sensitive Data Retrieval
Double Free Vulnerability in Bastet Module of Huawei Smartphones
Factory Reset Protection (FRP) Bypass Vulnerability in P20 Huawei Smartphones
DoS Vulnerability in Huawei Leland-AL00A Smart Phones via Malformed RTSP Media Stream (HWPSIRT-2019-02004)
Huawei S Series Switches DoS Vulnerability
HedEx Lite V200R006C00SPC007 and Earlier Versions: Remote Reflection XSS Vulnerability
Integer Overflow Vulnerability in P30 Smart Phones
Integer Overflow Vulnerability in P30 Smart Phones
Out-of-Bounds Read Vulnerability in Gauss100 OLTP Database in ManageOne 6.5.0
Huawei S5700 and S6700 DoS Vulnerability: Pointer Processing Abnormality
Insufficient Verification of Data Authenticity Vulnerability in Huawei Products
Information Leak Vulnerability in Honor and Huawei Mobile Phones
Memory Leak Vulnerability in Huawei Products: Exploiting Continuous Message Handling
Out of Bound Read Vulnerability in Huawei Products
Authorization Bypass Vulnerability in Huawei Honor V10 Smartphones
Out-of-Bounds Read Vulnerability in Mate20 Huawei Smartphones
Factory Reset Protection (FRP) Bypass Vulnerability in Emily-L29C Huawei Phones
Improper Authentication Vulnerability in Huawei AP Products
Signature Verification Bypass Vulnerability in Huawei Hima-AL00B Mobile Phones
Digital Signature Verification Bypass Vulnerability in Huawei Routers
Information Leak Vulnerability in Huawei Honor V20 Smartphones
Denial of Service Vulnerability in Huawei Smartphones
Denial of Service Vulnerabilities on Huawei Smartphones
Buffer Error Vulnerability in Huawei Products: Remote Device Reset Exploit
Memory Double Free Vulnerability in Huawei Mate 10 Smartphones
Factory Reset Protection (FRP) Bypass Vulnerability in P20 Huawei Smartphones
Message Replay Vulnerability in Huawei 4G LTE Devices: Exposing GUTI Tampering and IMSI Retrieval
Improper Authorization Vulnerability in Mate 20 RS Smartphones
Information Disclosure Vulnerability in Honor Play Smartphones
XSS Vulnerability in YUNUCMS 1.1.8: Injection in app/admin/controller/System.php
XSS Vulnerability in YUNUCMS V1.1.8 via index.php/index/show/index cw Parameter
XXE Vulnerability in getXmlDoc Method of weixin-java-tools v3.3.0
ArubaOS Web Components Vulnerable to HTTP Response Splitting and Reflected XSS via URL Parameters
ArubaOS 8.x Web Management Interface Command Injection Vulnerability
Aruba Instant Access Point (IAP) Local Authentication Bypass Vulnerability
ArubaOS Remote CSRF Vulnerability
Aruba Instant Access Point Remote Buffer Overflow Vulnerability
Aruba Intelligent Edge Switch Series Web UI Cross Site Scripting Vulnerability
Aruba Intelligent Edge Switch Series WebUI Remote Unauthorized Access Vulnerability
Aruba Intelligent Edge Switch Remote Information Disclosure Vulnerability
Command Injection Vulnerabilities in AirWave Application
Aruba Airwave VisualRF File Overwrite and Code Execution Vulnerability
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Title: Remote Authentication Bypass Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Denial of Service Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Command Injection Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Stack Buffer Overflow Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Information Disclosure Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Critical Remote Code Execution Vulnerability in HPE Intelligent Management Center (IMC) PLAT
Local Disclosure of Information Vulnerability in HPE Nonstop Maintenance Entity Family
Critical Remote Arbitrary File Upload Vulnerability in HPE 3PAR Service Processor
Critical Remote Authentication Bypass Vulnerability in HPE 3PAR Service Processor
Remote Bypass of Security Restrictions in HPE 3PAR Service Processor (Versions Prior to 5.0.5.1)
Critical Remote Multiple Cross-Site Vulnerability in HPE 3PAR Service Processor
Remote Gain Authorized Access Vulnerability in HPE 3PAR Service Processor
Remote Session Reuse Vulnerability in HPE 3PAR Service Processor
XSS Injection Vulnerability in HP2910al-48G Switch Version W.15.14.0016
Remote Authorization Bypass Vulnerability in HPE 3PAR StoreServ Management and Core Software Media
Critical Cross-Site Scripting Vulnerability in HPE 3PAR StoreServ Management and Core Software Media
Critical Remote Script Injection Vulnerability in HPE 3PAR StoreServ Management and Core Software Media
Remote Authorization Bypass Vulnerability in HPE 3PAR StoreServ Management and Core Software Media
Remote Session Reuse Vulnerability in HPE 3PAR StoreServ Management and Core Software Media
Remote Information Disclosure Vulnerability in HPE 3PAR StoreServ Management and Core Software Media
Vulnerability in Command View Advanced Edition (CVAE) Products Exposing Configuration Information
Command Injection Vulnerability in morgan < 1.9.1 via Format Parameter
Arbitrary OS Command Injection Vulnerability in kill-port < 1.3.2
Serve 6.5.3 Vulnerability: Unauthorized File and Directory Access
Path Traversal Vulnerability in localhost-now npm Package (v1.0.2) Allows Arbitrary File Content Reading
Path Traversal Vulnerability in serve npm Package (Version 7.0.1) Allows Arbitrary File Content Reading
File Content Disclosure Vulnerability in Action View
Action View Denial of Service Vulnerability
Development Mode Secret Token Guessing Vulnerability
Concurrent Brute Force Attack Vulnerability in Plataformatec Devise
Arbitrary File Creation XSS Vulnerability in Buttle npm Package (v0.2.0)
Arbitrary File Access Vulnerability in http-live-simulator npm Package (Version 1.0.5)
Arbitrary Command Execution Vulnerability in Ubiquiti Networks EdgeSwitch X v1.1.0 and Prior
Privilege Escalation via SSH in Ubiquiti Networks EdgeSwitch X v1.1.0 and Prior
Unauthenticated Remote Access and Traffic Forwarding Vulnerability in Ubiquiti Networks EdgeSwitch X v1.1.0 and Prior
Vulnerability: Recursive Entity Expansion in c3p0 XML Configuration Loading
Privilege Escalation via Untrusted Search Path in FileZilla
CSRF Vulnerability in UniFi Video 3.10.0 and Prior
Incomplete Fix to CVE-2017-0911: Callback Verification Flaw in Twitter Kit for iOS Allows Credential Manipulation
MQTT Broker Crash Vulnerability in mqtt-packet Module
Clickjacking Vulnerability in Revive Adserver
XML-RPC Unserialize Vulnerability in Revive Adserver
Buffer Overflow Vulnerability in libcurl 7.62.0 to 7.64.1 due to Integer Overflow in URL API
Heap Buffer Overflow in TFTP Receiving Code: DoS and Arbitrary Code Execution in libcurl 7.19.4 - 7.64.1
Directory Listing Information Exposure in npm's Harp Module
Symlink Path Traversal Vulnerability in npm Harp Module (<= 0.29.0)
Critical Buffer Overflow Vulnerability in VLC Media Player < 3.0.7 Enables Remote Code Execution
Cryptographically Weak PRNG in Password Recovery Token Generation of Revive Adserver
Billion Laughs Attack in Pippo 1.12.0: XML Entity Expansion Vulnerability
Curl Privilege Escalation Vulnerability
Path Traversal Vulnerability in serve-here.js npm Module (Versions up to v1.1.3) Allows Unauthorized File Listing
Denial of Service (DoS) Vulnerability in EdgeMAX EdgeSwitch Prior to 1.8.2
Command Injection Vulnerability in EdgeMAX EdgeSwitch Prior to 1.8.2 Allows Admin User to Execute Commands as Root
Path Traversal Vulnerability in http-file-server npm Module (<= v0.2.6) Allows Arbitrary File Listing
Yarn 1.17.3 and Earlier: Missing Encryption of Sensitive Data via HTTP URLs in Lockfile
Calendar Event Name Leakage in Nextcloud Server (prior to version 15.0.1)
HTML Injection in Directory Names in Nextcloud Android App (Versions < 3.7.0)
Vulnerability: Bypassing Lock Protection in Nextcloud Android App (Prior to Version 3.6.1)
Thumbnail Leakage Vulnerability in Nextcloud Android App (Prior to Version 3.6.2)
Bypassing Lock Protection in Nextcloud Android App Prior to Version 3.3.0
SQL Injection Vulnerability in Nextcloud Android App Prior to Version 3.0.0: Cache Destruction and Account Reset Required
Vulnerability: Bypassing Lock Protection in Nextcloud Android App 3.6.0
SMTP Proxy Server Vulnerability in UniFi Controller Version <= 5.10.21
Arbitrary JavaScript Code Execution via Cross-Site Scripting (XSS) in min-http-server
Arbitrary JavaScript Code Execution via Cross-Site Scripting (XSS) in http-file-server
VLC Media Player Integer Underflow Vulnerability: Out-of-Band Read Exploit
Double Free Vulnerability in VLC Versions <= 3.0.6: Crash Exploit
GitHub Service Integration Input Validation Vulnerability
Privilege Escalation Vulnerability in GitLab CE/EE 9.0 and Later with Unrotated Trigger Tokens
GitLab CE/EE CI Badge Images Endpoint Authorization Issue
Vulnerability: Flawed DNS Rebinding Protection in GitLab CE/EE 10.2 and Later
GitLab CE/EE 8.14 and Later: Information Disclosure via Move Issue Feature
IDOR Vulnerability in GitLab CE/EE 11.5 and Later: Disclosure of Label Names via New Merge Requests Endpoint
Persistent XSS in GitLab CE/EE Wiki Pages
Privilege Escalation Vulnerability in Gitlab with Blocked Account and Mattermost Slash Commands
IDOR Vulnerability in GitLab Allows Unauthorized File Replacement
GitLab Security Dashboard Information Disclosure Vulnerability
Persistent XSS Vulnerability in GitLab Email Notification Feature
Authorization Bypass Vulnerability in Gitlab Versions < 12.1.2, < 12.0.4, and < 11.11.6 Allows Unauthorized Deletion of Epic Comments
Authentication Bypass Vulnerability in GitLab Allows Email Verification Bypass
Authorization Bypass Vulnerability in GitLab EE
Remote Code Execution Vulnerability in Nexus Yum Repository Plugin v2
SQL Injection Vulnerability in Nextcloud Lookup-Server < v0.3.0
Command Injection Vulnerability in Nokogiri v1.10.3 and Earlier
Vulnerability: Control Field Modification in Encrypt Only Boot Mode of Zynq UltraScale+ Devices
Unintended Require Vulnerability in larvitbase-api v0.5.5: Arbitrary Non-Production Code Loading
Arbitrary File Listing Vulnerability in statichttpserver npm Module (<= v0.9.7)
Double-Free Vulnerability in cURL FTP-Kerberos Code (Versions 7.52.0 to 7.65.3)
CVE-2019-5482: Heap Buffer Overflow in cURL TFTP Protocol Handler
Seneca < 3.9.0 Vulnerability: Unauthorized Exposure of Environment Variables
Arbitrary File Write Vulnerability in Bower before 1.8.8
Command Injection Vulnerability in NPM Package gitlabhook (Version 0.0.17)
GitLab CE/EE Salesforce Login Integration Authentication Bypass Vulnerability
Improper Access Control Vulnerability in Gitlab EE Group Search with Elasticsearch
SQL Injection Vulnerability in ESPCMS-P8's verifyAccount Endpoint
Page Cache Side-Channel Attack in Linux Kernel
Default Account Vulnerability in NetApp Service Processor Firmware
Sensitive Information Disclosure in Clustered Data ONTAP Versions Prior to 9.1P15 and 9.3 Prior to 9.3P7
Sensitive Account Information Disclosure in Element Plug-in for vCenter Server
Information Disclosure Vulnerability in Data ONTAP Operating in 7-Mode Versions Prior to 8.2.5P3
Missing HTTP Security Headers in OnCommand Unified Manager 7-Mode Prior to Version 5.2.4
Missing HTTP Security Headers in OnCommand Unified Manager for VMware vSphere, Linux, and Windows prior to 9.5
Missing HTTP Security Headers in Oncommand Insight Versions Prior to 7.3.5
Default Account Vulnerability in NetApp AFF A700s Baseboard Management Controller (BMC) Firmware
Sensitive Account Information Disclosure in OnCommand Insight Versions through 7.3.6
Remote Unauthenticated DoS Vulnerability in NetApp Service Processor and Baseboard Management Controller Firmware
LDAP Account Information Disclosure in Data ONTAP Operating in 7-Mode Versions Prior to 8.2.5P3
Weak Cryptography Vulnerability in Data ONTAP 7-Mode Versions Prior to 8.2.5P3
Missing HTTP Security Headers in OnCommand Workflow Automation Versions Prior to 5.0
Unauthenticated Remote Administrative Access in ONTAP Select Deploy Administration Utility
Plaintext Transmission of Credentials in ONTAP Select Deploy Administration Utility (Versions 2.2 - 2.12.1)
Vulnerability: Hostname Verification Bypass in Clustered Data ONTAP Versions 9.0 and Higher
SnapManager for Oracle Prior to Version 3.4.2P1 Information Disclosure Vulnerability
Denial of Service (DoS) Vulnerability in Clustered Data ONTAP Versions 9.2-9.4
Code Injection Vulnerability in ONTAP Select Deploy Administration Utility
Path Hijacking Vulnerability in VMware Workstation
VMware Workstation Windows Host COM Class Hijacking Vulnerability
VMware Horizon Connection Server Information Disclosure Vulnerability
Unauthenticated API Access Vulnerability in VMware Fusion
Out-of-Bounds Write Vulnerability in VMware Workstation and Fusion Virtual Network Adapters
Out-of-bounds vulnerability in VMware ESXi, Workstation, and Fusion with 3D Graphics
Multiple Out-of-Bounds Read Vulnerabilities in VMware ESXi, Workstation, and Fusion Shader Translator
Out-of-Bounds Read/Write Vulnerability in VMware Virtual USB Controller
TOCTOU Vulnerability in VMware ESXi, Workstation, and Fusion Allows Guest to Execute Code on Host
Out-of-bounds read vulnerability in VMware virtualization software with 3D graphics enabled
Out-of-Bounds Read Vulnerability in VMware ESXi, Workstation, and Fusion
Out of Bounds Read Vulnerability in VMware Tools for Windows
Remote Session Hijack Vulnerability in VMware vCloud Director for Service Providers 9.5.x
Out-of-Bounds Write Vulnerability in VMware Workstation and Fusion's e1000 Virtual Network Adapter
Use-After-Free Vulnerability in VMware Workstation ALSA Backend
DLL Hijacking Vulnerability in VMware Workstation (15.x before 15.1.0) Allows Privilege Escalation on Windows Host
Use-After-Free Vulnerability in Virtual Sound Device: Important Severity
Partial Denial of Service Vulnerability in VMware ESXi 6.5 Hostd Process
Tampering Vulnerability in Pre-19.7.0 InstallBuilder Windows Binaries
Insufficient Session Expiration in VMware vSphere ESXi and vCenter Server
Information Disclosure Vulnerability in VMware vCenter Server
Information Disclosure Vulnerability in VMware SD-WAN by VeloCloud
Information Disclosure Vulnerability in VMware vCenter Server
Moderate Severity Network Denial-of-Service Vulnerability in VMware Workstation and Fusion
Denial-of-Service Vulnerability in VMware ESXi, Workstation, and Fusion's Shader Functionality
Certificate Validation Bypass Vulnerability in VMware vCenter Server Appliance
Certificate Validation Bypass Vulnerability in VMware vCenter Server Appliance
DLL Hijacking Vulnerability in VMware Workstation and Horizon View Agent
Information Disclosure Vulnerability in VMware Workstation and Fusion
Out-of-Bounds Write Vulnerability in VMware Workstation and Fusion
Denial-of-Service Vulnerability in VMware Workstation and Fusion
Writable Configuration Files Vulnerability in VMware Software
Critical Heap Overwrite Vulnerability in OpenSLP
Improper Access Control Vulnerability in FortiClientMac: File Modification Affecting Performance
Reflected XSS Vulnerability in Fortinet FortiOS SSL VPN Web Portal
Root File System Integrity Vulnerability in Fortinet FortiOS VM Application Images
Reflected XSS Vulnerability in Fortinet FortiOS SSL VPN Web Portal
FortiClient Online Installer (Windows) Unsafe Search Path Arbitrary Code Execution Vulnerability
Cross-Site Scripting (XSS) Vulnerability in Fortinet FortiWeb 6.0.2 and Below
Default Configuration Vulnerability in FortiOS Allows Impersonation of LDAP Server
FortiOS IPS Engine CBC Padding Oracle Vulnerabilities
Insecure CLI Console Permissions Allow Unauthorized Access to Fortinet FortiOS Plaintext Private Keys
Reflected XSS Vulnerability in Fortinet FortiNAC 8.3.0 to 8.3.6 and 8.5.0 Admin WebUI
Kernel Data Exposure in FreeBSD System Calls
Vulnerability: Privilege Escalation and Jail Escape via UNIX Domain Sockets in FreeBSD
IPv6 Fragment Reassembly Logic Vulnerability in FreeBSD
Vulnerability: ICMP/ICMP6 Packet Bypass in pf
Denial of Service Vulnerability in FreeBSD 12.0-STABLE and 12.0-RELEASE
Buffer overflow vulnerability in FreeBSD iconv implementation
Uninitialized Directory Entry Padding Vulnerability in FreeBSD 12.0 and 11.2
Arbitrary Kernel Memory Overwrite Vulnerability in FreeBSD CDROM Driver
File Descriptor Reference Overflow Vulnerability in FreeBSD
Out-of-Bounds Read Vulnerability in FreeBSD's bhyve Hypervisor
Memory Disclosure Vulnerability in FreeBSD 11.3-STABLE and Earlier Versions
Privilege Escalation via Write-After-Free Vulnerability in FreeBSD
Reference Counter Wrap Vulnerability in FreeBSD
ICMPv6 Input Path Fragmentation Vulnerability in FreeBSD
Buffer Overflow Vulnerability in bhyve e1000 Device Emulation
Out-of-Bounds Read Vulnerability in FreeBSD bsnmp Library
Remote Denial of Service Vulnerability in FreeBSD 12.0-STABLE and Earlier Versions
Kernel Memory Leakage in FreeBSD's /dev/midistat Driver
Reinjection Vulnerability in FreeBSD 12.0-RELEASE
Incomplete Packet Data Validation Vulnerability in FreeBSD 12.1-STABLE, 12.1-RELEASE, 11.3-STABLE, and 11.3-RELEASE
Vulnerability: Unauthorized Access to Encrypted Passwords and Backup Credentials in Rapid7 InsightVM
Insecure JavaScript Authentication in CircuitWerkes Sicon-8 Web Controller
C4G BLIS Version 3.4 and Earlier: Unauthenticated User Password Change Vulnerability
Stack-based Buffer Overflow in A-PDF WAV to MP3 version 1.0.0
Stack-based Buffer Overflow in AASync.com AASync version 2.2.1.0
Missing Authentication for Critical Function in ABB MicroSCADA Pro SYS600 version 9.3
Stack-based Buffer Overflow in ABBS Software Audio Media Player version 3.1
Accellion File Transfer Appliance version FTA_8_0_540 Vulnerability: Use of Hard-coded Credentials
Command Injection Vulnerability in Accellion File Transfer Appliance version FTA_8_0_540
Path Traversal Vulnerability in Rapid7 Metasploit Framework
Insecure Storage of OAuth Tokens in Halo Home Android App
Clear Text Storage of User Credentials in BlueCats Reveal Android App
Insecure Storage of Credentials in BlueCats Reveal iOS App
Local Privilege Escalation in Rapid7 Insight Agent 2.6.3 and Prior
CSRF Vulnerability in Rapid7 Nexpose InsightVM Security Console Versions 6.5.0 - 6.5.68
InsightAppSec Broker DLL Injection Vulnerability
Insecure Storage of Sensitive Information in Hickory Smart for Android
Insecure Storage of Sensitive Information in Hickory Smart for iOS
Insecure Logging of Sensitive Information in Hickory Smart for Android
Cleartext Transmission of Sensitive Information Vulnerability in Belwith Products' Hickory Smart Ethernet Bridge
Vulnerability: Denial of Service in Beckhoff TwinCAT ADS Discovery Service
Denial of Service Vulnerability in Beckhoff TwinCAT Profinet Driver
Insufficient Session Expiration Vulnerability in Rapid7 Nexpose Versions 6.5.50 and Prior
Information Exposure Vulnerability in Rapid7 Nexpose
Session Timeout Information Exposure Vulnerability in Rapid7 InsightVM
World-readable permissions on server.key file in Rapid7 Metasploit Pro version 4.16.0-2019081901 and prior
C4G BLIS Version 3.5 and Earlier: Improper Access Control Vulnerability
C4G BLIS v3.5 and Earlier: Unauthenticated User Account Manipulation and Unauthorized Administrator Privileges
Arbitrary Regular Expression Registration Vulnerability in Rapid7 Metasploit HTTP Handler
Session Hijacking Vulnerability in Rapid7 AppSpider Chrome Plugin
LDAP Server Manipulation Vulnerability in Barracuda Load Balancer ADC
Vulnerability in NVIDIA Windows GPU Display Driver Allows Code Execution and Privilege Escalation
NVIDIA Windows GPU Display Driver Kernel Mode Vulnerability: Unvalidated Array Index in DxgkDdiCreateContext Command
NVIDIA Windows GPU Display Driver Kernel Mode Handler Null Pointer Dereference Vulnerability
NULL Pointer Dereference Vulnerability in NVIDIA Windows GPU Display Driver
NVIDIA Windows GPU Display Driver DxgkDdiEscape Buffer Overflow Vulnerability
NVIDIA Windows GPU Display Driver DxgkDdiEscape Buffer Overflow Vulnerability
NVIDIA Windows GPU Display Driver Denial of Service Vulnerability
Insecure SSH Keys in NVIDIA Jetson TX1 and TX2 Linux for Tegra (L4T) Operating System
Denial of Service Vulnerability in NVIDIA Jetson TX2 Kernel Driver
NVIDIA GeForce Experience Hard Link Vulnerability
NVIDIA Windows GPU Display Driver Software Kernel Mode Synchronization Vulnerability
NVIDIA Windows GPU Display Driver Software DLL Preloading Vulnerability
NVIDIA Windows GPU Display Driver Software Denial of Service Vulnerability
Vulnerability in NVIDIA GeForce Experience Web Helper Component
Vulnerability in NVIDIA Tegra Bootloader: Improper Authentication of Trusted OS Image
Vulnerability in NVIDIA Jetson TX1 L4T R32 Tegra Bootloader: Unvalidated Load Address in nvtboot-cpu Image
NVIDIA Shield TV Experience v8.0 Vulnerability: User Data Override in Mount System Service
Improper Activity Export in NVIDIA Games App Allows Code Execution or Denial of Service
NVIDIA Windows GPU Display Driver Hard Link Vulnerability
Out of Bounds Access Vulnerability in NVIDIA Windows GPU Display Driver
Out of Bounds Access Vulnerability in NVIDIA Windows GPU Display Driver
NVIDIA Windows GPU Display Driver Denial of Service Vulnerability
Unintended Actor Exposure Vulnerability in NVIDIA Windows GPU Display Driver
NVIDIA NVFlash and GPUModeSwitch Tool Privilege Escalation Vulnerability
NVIDIA GeForce Experience Downloader Component Vulnerability
NVIDIA Windows GPU Display Driver Kernel Mode Buffer Overflow Vulnerability
NVIDIA Windows GPU Display Driver Kernel Mode NULL Pointer Dereference Vulnerability
NVIDIA Windows GPU Display Driver Kernel Mode Vulnerability
NVIDIA Windows GPU Display Driver Kernel Mode Pointer Initialization Vulnerability
NVIDIA Windows GPU Display Driver R390 DLL Preloading Vulnerability
DLL Preloading Vulnerability in NVIDIA GeForce Experience and Windows GPU Display Driver
NVIDIA Virtual GPU Manager Denial of Service Vulnerability
NVIDIA Virtual GPU Manager Memory Access Vulnerability
Denial of Service Vulnerability in NVIDIA Virtual GPU Manager
NVIDIA Shield TV Experience v8.0.1 Vulnerability: Tegra Bootloader Buffer Overflow
Vulnerability in NVIDIA Shield TV Bootloader: Code Execution, DoS, Privilege Escalation, and Information Disclosure
NVIDIA GeForce Experience GameStream DLL Preloading Vulnerability
Local Privilege Escalation Vulnerability in NVIDIA GeForce Experience
Reflected SQL Injection Vulnerability in SilverStripe Forms and DataObjects
6LoWPAN Dissector Crash Vulnerability in Wireshark 2.6.0 to 2.6.5
P_MUL Dissector Crash Vulnerability
Vulnerability: Crash in Wireshark RTSE and ASN.1 Dissectors
ISAKMP Dissector Crash Vulnerability in Wireshark 2.6.0 to 2.6.5 and 2.4.0 to 2.4.11
SQL Injection Vulnerability in FrontAccounting 2.4.6: Exploiting the reference field in includes/db/class.reflines_db.inc
ENIP Dissector Use-After-Free Vulnerability in Wireshark 2.4.0 to 2.4.11
SQL Injection Vulnerabilities in Portier Vision 4.4.4.2 and 4.4.4.6
Reversible Encryption and Outdated Vigenere Algorithm in Portier Vision
Arbitrary File Read Vulnerability in Qibosoft V7 via SSRF
Persistent XSS Vulnerability in Splunk Web
Untrusted TLS Server Certificate Verification Vulnerability in Splunk-SDK-Python
Vulnerability: Host Root Access via runc Binary Overwrite
Slow HTTP Denial of Service (DoS) Vulnerability in Node.js
Potential Denial of Service (DoS) Attack Vector in Node.js 6.16.0 and Earlier
Out of Bounds Read Vulnerability in BusyBox DHCP Components
Potential XXE Vulnerability in Traccar Server 4.2's SpotProtocolDecoder.java
Proxy Server Vulnerability in Google Chrome's QUIC Networking
Arbitrary Read/Write Vulnerability in V8 in Google Chrome
PDFium Memory Management Vulnerability in Google Chrome
SVG Object Type Assumption Vulnerability in Google Chrome (CVE-2019-5786)
Heap Corruption Vulnerability in Blink in Google Chrome
Sandbox Escape Vulnerability in Google Chrome on Android and Mac
Heap Corruption Vulnerability in WebRTC in Google Chrome (CVE-2019-5786)
Heap Corruption Vulnerability in SwiftShader in Google Chrome
PDFium Memory Management Vulnerability in Google Chrome
Heap Corruption Vulnerability in V8 Engine in Google Chrome (prior to 72.0.3626.81)
WebRTC Heap Corruption Vulnerability in Google Chrome
Exposed Debugging Endpoint in Google Chrome on Android Prior to 72.0.3626.81 Allows Information Disclosure via Crafted Intent
Cross-Origin Data Leakage in Canvas in Google Chrome
Insufficient Protection of Permission UI in WebAPKs in Google Chrome on Android: Privacy/Security Sensitive Web API Access Vulnerability
DevTools API Vulnerability Allows Unauthorized File Access via Malicious Chrome Extension
Heap Corruption Vulnerability in Blink Rendering Engine
Out of Bounds Memory Read Vulnerability in WebGL in Google Chrome
Arbitrary Code Execution Vulnerability in SwiftShader in Google Chrome
Heap Corruption Vulnerability in PDFium JavaScript Runtime in Google Chrome
Bypassing Same Origin Policy in IndexedDB in Google Chrome (CVE-2019-5786)
Arbitrary Code Execution via Omitted .desktop Filetype in SafeBrowsing Checklist
Omnibox Spoofing Vulnerability in Google Chrome
Omnibox Spoofing Vulnerability in Google Chrome
Omnibox Spoofing Vulnerability in Google Chrome
Bypassing Extension Permission Checks for Privileged Pages in Google Chrome (CVE-2019-5786)
Bypassing Navigation Restrictions in Google Chrome ServiceWorker
Apple Event JavaScript Execution Vulnerability in Google Chrome on macOS
Omnibox Spoofing Vulnerability in Google Chrome
Arbitrary Code Execution Vulnerability in V8 Engine of Google Chrome (CVE-2019-5786)
Dangling Markup Injection Vulnerability in Google Chrome DevTools
Heap Corruption Vulnerability in V8 Engine in Google Chrome (CVE-2019-5786)
Out of Bounds Memory Write Vulnerability in Skia in Google Chrome
Out of Bounds Memory Access Vulnerability in Google Chrome
Heap Corruption Vulnerability in Google Chrome prior to 73.0.3683.75
Use-after-free vulnerability in Blink Storage in Google Chrome on Linux prior to 73.0.3683.75
WebMIDI Integer Overflow Use-After-Free Vulnerability in Google Chrome
Integer Overflow Vulnerability in Google Chrome (prior to 73.0.3683.75) Allows Remote Code Execution
Out of Bounds Memory Read Vulnerability in V8 Engine of Google Chrome (CVE-2019-5786)
PDFium Integer Overflow Vulnerability
Remote Code Execution via Insufficient Policy Enforcement in Google Chrome Extensions
Domain Spoofing Vulnerability in Google Chrome Navigation
PDFium Integer Overflow Vulnerability
Data Race Vulnerability in Google Chrome Extensions Guest View
Double Free Vulnerability in DOMStorage in Google Chrome
Out of Bounds Memory Read Vulnerability in Skia in Google Chrome (CVE-2019-5786)
Content Security Policy Bypass via Incorrect Inheritance in Google Chrome (CVE-2019-5786)
Bypassing Content Security Policy in Blink in Google Chrome prior to 73.0.3683.75
Domain Spoofing Vulnerability in Google Chrome on iOS
Domain Spoofing Vulnerability in Google Chrome
Bypassing Content Security Policy in Google Chrome prior to 73.0.3683.75 via crafted HTML page
Domain Spoofing Vulnerability in Google Chrome
PDFium Use-After-Free Vulnerability in Google Chrome (CVE-2019-5786)
Integer Overflow Vulnerability in ANGLE in Google Chrome on Windows
Heap Corruption Vulnerability in V8 Engine in Google Chrome (CVE-2019-5786)
Remote Code Execution Vulnerability in Google Chrome Prior to 74.0.3729.108
Remote Code Execution via Use After Free in Google Chrome File Chooser
Autofill Information Leak Vulnerability in Google Chrome
CORS Bypass Vulnerability in Google Chrome ServiceWorker (CVE-2019-5805)
Domain Spoofing Vulnerability in iOS UI in Google Chrome (prior to 74.0.3729.108)
Remote Code Execution Vulnerability in V8 Engine in Google Chrome (CVE-2019-5786)
Cross-Origin Data Leakage in Google Chrome Prior to 74.0.3729.108
Type Confusion Vulnerability in xsltNumberFormatGetMultipleLevel
Process Lifetime Issue in Chrome: Remote Code Execution via Crafted HTML Page
Heap Buffer Overflow in ANGLE in Google Chrome on Windows
Uninitialized Data Vulnerability in Google Chrome: Information Disclosure via Crafted Video File
Arbitrary Code Execution via Crafted String in Google Chrome Developer Tools on OS X
PDFium Integer Overflow Vulnerability in Google Chrome
PDFium Integer Overflow Vulnerability in Google Chrome
Same Origin Policy Bypass in Google Chrome Blink (CVE-2019-5805)
Bypassing Navigation Restrictions in Google Chrome Service Workers
Heap Corruption Vulnerability in Google Chrome Prior to 74.0.3729.131
Heap Corruption Vulnerability in Google Chrome (prior to 73.0.3683.86) via Crafted HTML Page
Use After Free Vulnerability in IndexedDB in Google Chrome (Versions prior to 73.0.3683.86)
Heap Corruption Vulnerability in SQLite via WebSQL in Google Chrome
Out of Bounds Memory Access Vulnerability in Google Chrome ServiceWorker
Integer Overflow in Google Chrome Download Manager Allows Remote Code Execution
CORS Policy Enforcement Vulnerability in Google Chrome (prior to 75.0.3770.80) Allows Cross-Origin Data Leakage
Heap Corruption Vulnerability in V8 Engine in Google Chrome (CVE-2019-5825)
Cross-Origin Data Leakage Vulnerability in Google Chrome
Misleading Security UI Display Vulnerability in Google Chrome on Android (prior to version 75.0.3770.80)
Domain Spoofing Vulnerability in Google Chrome (CVE-2019-5825)
Out of Bounds Memory Access Vulnerability in SwiftShader in Google Chrome
Heap Buffer Overflow in ANGLE in Google Chrome
Resource Size Information Leakage in Blink
Bypassing File URI Restrictions in Google Chrome Extensions
Bypassing Website URL Validation in Google Chrome (CVE-2019-5825)
Bypassing Navigation Restrictions in Google Chrome on iOS (CVE-2019-5825)
Heap Corruption Vulnerability in Google Chrome (prior to 75.0.3770.80) via Crafted HTML Page
Use After Free Vulnerability in Google Chrome Prior to 75.0.3770.90
Heap Corruption Vulnerability in Google Chrome (prior to 74.0.3729.108) via Crafted HTML Page
Heap Corruption Vulnerability in SwiftShader in Google Chrome
Heap Corruption Vulnerability in SwiftShader in Google Chrome
Heap Corruption Vulnerability in SwiftShader in Google Chrome
Heap Corruption Vulnerability in Google Chrome (prior to 75.0.3770.142) via Crafted HTML Page
Font Handling Vulnerability in Google Chrome Autofill
Skia Out of Bounds Read Vulnerability in Google Chrome
Sandbox Escape Vulnerability in Google Chrome Prior to 76.0.3809.87
WebAudio Use After Free Vulnerability in Google Chrome
Memory Disclosure Vulnerability in Google Chrome (prior to 76.0.3809.87) via Crafted HTML Page
Heap Corruption Vulnerability in Google Chrome (prior to 76.0.3809.87) via Crafted HTML Page
PDFium Integer Overflow Vulnerability
PDFium Integer Overflow Vulnerability
Bypassing Site Isolation in Google Chrome: Insufficient Policy Enforcement in Storage
Object Corruption Vulnerability in Google Chrome (prior to 76.0.3809.87) via Crafted HTML Page
Arbitrary Code Execution Vulnerability in Google Chrome on MacOS Services Integration
Bypassing Navigation Restrictions in Google Chrome on Windows
PDFium Use After Free Vulnerability in Google Chrome
Bypassing Anti-Clickjacking Policy in Google Chrome (CVE-2019-5842)
AppCache Bypass Vulnerability in Google Chrome (CVE-2019-5869)
CORS Vulnerability in Google Chrome Prior to 76.0.3809.87 Allows Bypassing Content Security Policy via Malicious Extension
Bypassing Site Isolation in Google Chrome Prior to 76.0.3809.87
Heap Corruption Vulnerability in Google Chrome (prior to 75.0.3770.142) via Crafted HTML Page
Heap Corruption Vulnerability in Google Chrome (prior to 76.0.3809.100) via Crafted HTML Page
PDFium Use After Free Vulnerability in Google Chrome
Remote Code Execution Vulnerability in Google Chrome Prior to 76.0.3809.132
Remote Code Execution via Use After Free Vulnerability in Google Chrome
Heap Buffer Overflow in Skia: Remote Code Execution in Google Chrome
Remote Code Execution via Use After Free Vulnerability in Google Chrome
Omnibox Spoofing Vulnerability in Google Chrome on iOS
Bypassing Navigation Restrictions in Google Chrome on Windows
Omnibox Spoofing Vulnerability in Google Chrome (prior to 77.0.3865.75)
Remote Code Execution Vulnerability in Google Chrome for Android (CVE-2019-13699)
Heap Corruption Vulnerability in Google Chrome (prior to 77.0.3865.75) via Crafted HTML Page
Heap Corruption Vulnerability in V8 in Google Chrome (prior to 77.0.3865.75) via Crafted HTML Page
Insufficient Policy Enforcement in Google Chrome Extensions Allows Local File Reading
Cross-Origin Data Leakage in Google Chrome Prior to 77.0.3865.75
Remote Information Disclosure Vulnerability in SwiftShader in Google Chrome
Use After Free Vulnerability in Irssi 1.1.x
Improper Access Control in GitLab Issue Comments
Information Leakage in elFinder PHP Class
Predictable Secret Key Generation in Matrix Synapse before 0.34.0.1
Unvalidated Database Reinstallation Vulnerability in ShopXO 1.2.0
Arbitrary File Deletion Vulnerability in ShopXO 1.2.0
Multiple Cross-Site Scripting (XSS) Vulnerabilities in OverIT Geocall 6.3
Directory Traversal Vulnerability in OverIT Geocall 6.3
Weak Authentication and Session Management in OverIT Geocall 6.3: Unauthorized Access to Administrative Control Panel
Unauthenticated Servlet Allows Cookie Theft and Unauthorized Login in OverIT Geocall 6.3
Denial of Service Vulnerability in FRRouting's BGP Virtual Network Control
SQL Injection Vulnerability in Nelson Open Source ERP v6.3.1 via db/utils/query/data.xml Parameter
Remote Code Execution via License Manager Service in YOKOGAWA Products
Arbitrary File Read Vulnerability in HOUSE GATE App for iOS 1.7.8 and Earlier
Untrusted Search Path Vulnerability in UNLHA32.DLL Installer
Untrusted Search Path Vulnerability in UNARJ32.DLL Installer
Untrusted Search Path Vulnerability in LHMelting Installer
V20 PRO L-01J Software Version L01J20c and L01J20d Vulnerability: NULL Pointer Exception Crash
OpenAM Open Redirect Vulnerability
Remote Code Execution via Input Validation Issue in POWER EGG
Denial of Service Vulnerability in azure-umqtt-c
Nablarch 5 XML External Entity (XXE) Vulnerability
Incomplete Cryptography in Nablarch 5 Allows Remote Data Manipulation
CSRF Vulnerability in FormCraft 1.2.1 and Earlier
Windows 7 Untrusted Search Path Privilege Escalation Vulnerability
Untrusted Search Path Vulnerability in Microsoft Teams Installer
Arbitrary File Read Vulnerability in iChain Insurance Wallet App for iOS Version 1.3.0 and Earlier
CSRF Vulnerability in Smart Forms 2.6.15 and Earlier Allows Remote Authentication Hijacking
Cross-Site Scripting Vulnerability in Dradis Community and Professional Editions
Arbitrary Code Injection Vulnerability in KinagaCMS Versions Prior to 6.5
Arbitrary File Read Vulnerability in 'an' App for iOS Version 3.2.0 and Earlier
Arbitrary Script Injection Vulnerability in Cybozu Garoon 4.0.0 to 4.6.3
Cross-Site Scripting Vulnerability in Cybozu Garoon's 'Memo' Application
Access Restriction Bypass in Cybozu Garoon 4.0.0 to 4.6.3
Privilege Escalation via Unspecified Vectors in Cybozu Garoon 4.0.0 to 4.6.3
Cross-Site Scripting Vulnerability in Cybozu Garoon 4.6.0 to 4.6.3 via 'Portal' Application
Bypassing Access Restriction in Cybozu Garoon Bulletin Board
SQL Injection Vulnerability in Cybozu Garoon 4.0.0 to 4.10.0: Arbitrary SQL Command Execution via Log Search
Access Restriction Bypass Vulnerability in Cybozu Garoon 4.0.0 to 4.10.1
Directory Traversal Vulnerability in Cybozu Garoon 4.0.0 to 4.10.1: Unauthorized File Access via 'Work Flow' Application
Cross-Site Scripting Vulnerability in Cybozu Garoon 4.0.0 to 4.10.1
Cross-Site Scripting Vulnerability in Cybozu Garoon's Mail Application
Arbitrary Web Script Injection Vulnerability in Cybozu Garoon 4.0.0 to 4.10.1
Cross-Site Scripting Vulnerability in Cybozu Garoon Scheduler
Bypassing Access Restriction in Cybozu Garoon 4.0.0 to 4.10.1 via 'Multi Report' Application
Bypassing Access Restrictions in Cybozu Garoon's Cabinet Multiple Files Download Function
Access Restriction Bypass in Cybozu Garoon 4.0.0 to 4.10.1 via Bulletin and Cabinet Applications
Bypassing Access Restriction and Unauthorized Modification in Cybozu Garoon Application 'Address'
Information Disclosure Vulnerability in Cybozu Garoon Authentication
Open Redirect Vulnerability in Cybozu Garoon Login Screen
Cross-Site Scripting Vulnerability in Cybozu Garoon's 'Cabinet' Application
Buffer Overflow Vulnerability in GNU Wget 1.20.1 and Earlier
Access Restriction Bypass Vulnerability in JR East Japan Train Operation Information App
Arbitrary Website Access and Phishing Vulnerability in CREATE SD Official App for Android (Versions 1.0.2 and Earlier)
Arbitrary File Deletion Vulnerability in WonderCMS 2.6.0 and Earlier
Untrusted Search Path Vulnerability in Electronic Reception and Examination of Radio License Application Installer
Untrusted Search Path Vulnerability in Electronic Reception and Examination of Application for Radio Licenses Offline 1.0.9.0 and Earlier
CSRF Vulnerability in WP Open Graph Plugin
Unverified SSL Certificates in Tootdon for Mastodon App Allow Man-in-the-Middle Attacks
Arbitrary Code Injection Vulnerability in Zoho SalesIQ 1.0.8 and Earlier
Zoho SalesIQ CSRF Vulnerability: Remote Authentication Hijacking
Authentication Bypass Vulnerability in iDoors Reader 2.10.17 and Earlier
Open Redirect Vulnerability in Joruri Mail 2.1.4 and Earlier: Remote Phishing Attack Vector
Session Management Vulnerability in Joruri Mail 2.1.4 and Earlier
Arbitrary Web Script Injection Vulnerability in Joruri CMS 2017 Release2 and Earlier
CSRF Vulnerability in GROWI v3.4.6 and Earlier: Administrator Authentication Hijacking via 'Basic Info' Update
Open Redirect Vulnerability in GROWI v3.4.6 and Earlier: Phishing Attack via Login Process
Cross-Site Scripting Vulnerability in Attendance Manager 0.5.6 and Earlier
CSRF Vulnerability in Attendance Manager 0.5.6 and Earlier Allows Remote Authentication Hijacking
Arbitrary Code Injection Vulnerability in Online Lesson Booking 0.8.6 and Earlier
CSRF Vulnerability in Online Lesson Booking 0.8.6 and Earlier Allows Remote Authentication Hijacking
CSRF Vulnerability in Contest Gallery Prior to 10.4.5 Allows Remote Authentication Hijacking
DOM-based Cross-Site Scripting Vulnerability in Cybozu Garoon 4.6.0 to 4.10.2
Unspecified Vector Denial of Service Vulnerability in Cybozu Garoon 4.0.0 to 4.10.2
Cybozu Garoon Mail Header Injection Vulnerability
Open Redirect Vulnerability in Cybozu Garoon Scheduler
CSRF Vulnerability in Personalized WooCommerce Cart Page 2.4 and Earlier
CSRF Vulnerability in Related YouTube Videos Plugin
Arbitrary Execution Vulnerability in VAIO Update 7.3.0.03150 and Earlier
Man-in-the-Middle Attack Exploiting VAIO Update's Improper Download File Verification
CSRF Vulnerability in HTML5 Maps 1.6.5.6 and Earlier Allows Remote Authentication Hijacking
CSRF Vulnerability in Custom CSS Pro 1.0.3 and Earlier
Arbitrary web script injection vulnerability in Hikari Denwa router/Home GateWay
Hikari Denwa Router/Home GateWay CSRF Vulnerability
Arbitrary OS Command Execution in An-Analyzer CGI Management Page
Stored Cross-Site Scripting Vulnerability in Access Analysis CGI An-Analyzer
DOM-based Cross-Site Scripting Vulnerability in Access Analysis CGI An-Analyzer
Vulnerability: Password Disclosure in Access Analysis CGI An-Analyzer
Cybozu Garoon 4.0.0 to 4.10.3 SQL Injection Vulnerability
CSRF Vulnerability in WordPress Ultra Simple Paypal Shopping Cart v4.4 and Earlier
CSRF Vulnerability in Category Specific RSS Feed Subscription v2.0 and Earlier
Buffer Overflow Vulnerability in PTP (Picture Transfer Protocol) of EOS Series Digital Cameras and PowerShot Cameras
Unauthenticated Firmware Update Vulnerability in EOS Series Digital Cameras and PowerShot Cameras
Arbitrary SQL Command Execution Vulnerability in Video Insight VMS 7.3.2.5 and Earlier
Code Injection Vulnerability in Video Insight VMS Versions Prior to 7.6.1
Buffer Overflow Vulnerability in PTP (Picture Transfer Protocol) of EOS Series Digital Cameras and PowerShot Cameras
Buffer Overflow Vulnerability in PTP (Picture Transfer Protocol) of EOS Series Digital Cameras and PowerShot Cameras
Buffer Overflow Vulnerability in PTP (Picture Transfer Protocol) of EOS Series Digital Cameras and PowerShot Cameras
Buffer Overflow Vulnerability in PTP (Picture Transfer Protocol) of EOS Series Digital Cameras and PowerShot Cameras
Arbitrary Web Script Injection Vulnerability in Central Dogma 0.17.0 to 0.40.1
Cross-Site Scripting Vulnerability in EC-CUBE Amazon Pay Plugin 2.12, 2.13 (<=2.4.2)
Open Redirect Vulnerability in ApeosWare Management Suite Versions 1.4.0.18 and Earlier, and ApeosWare Management Suite 2 Versions 2.1.2.4 and Earlier
Remote Access Bypass Vulnerability in Smart TV Box Firmware
Integer Overflow Vulnerability in apng-drawable 1.0.0 to 1.6.0: Denial of Service and Arbitrary Code Execution
Unquoted Search Path Privilege Escalation Vulnerability in Yokogawa Products for Windows
Open Redirect Vulnerability in SHIRASAGI v1.7.0 and Earlier: Remote Phishing Attack Vector
Integer Overflow Vulnerability in LINE(Android) Allows Remote Code Execution via Crafted Image
Arbitrary Code Injection Vulnerability in wpDataTables Lite Version 2.0.11 and Earlier
Arbitrary SQL Command Execution in wpDataTables Lite Version 2.0.11 and Earlier
Arbitrary OS Command Execution Vulnerability in DBA-1510P Firmware 1.70b009 and Earlier
Arbitrary OS Command Execution Vulnerability in DBA-1510P Firmware 1.70b009 and Earlier
FON2601E Series Firmware Vulnerability: DNS Amplification Attacks
Arbitrary Web Script Injection Vulnerability in REMISE Payment Module (2.11, 2.12, and 2.13) version 3.0.12 and earlier
Unspecified Remote Information Disclosure Vulnerability in REMISE Payment Module (2.11-2.13) version 3.0.12 and earlier
Arbitrary Web Script Injection Vulnerability in NetCommons 3.2.2 and Earlier
Untrusted Search Path Vulnerability in STAMP Workbench Installer Allows Privilege Escalation via Trojan Horse DLL
Open Redirect Vulnerability in PowerCMS Versions 3.x, 4.x, and 5.x
Open Redirect Vulnerability in Library Information Management System LIMEDIO: Remote Phishing Attack Vector
Cybozu Office Directory Traversal Vulnerability in Customapp Function
Access Restriction Bypass in Cybozu Office 10.0.0 to 10.8.3 via 'Address' Application
Authentication Bypass Vulnerability in Rakuma App for Android and iOS
Open Redirect Vulnerability in Movable Type Series
Privilege Escalation Vulnerability in Multiple MOTEX Products
CSRF Vulnerability in WP Spell Check 7.1.9 and Earlier
Arbitrary Web Script Injection in Custom Body Class Plugin
CSRF Vulnerability in Custom Body Class Plugin Allows Authentication Hijacking
Cross-Site Scripting Vulnerability in KINZA RSS Reader
Unverified X.509 Certificates in NTV News24 Ver.3.0.0 Vulnerability
Arbitrary Code Injection in a-blog cms versions prior to Ver.2.10.23, Ver.2.9.26, and Ver.2.8.64
Arbitrary Script Execution Vulnerability in a-blog CMS Versions Prior to Ver.2.10.23, Ver.2.9.26, and Ver.2.8.64
Athenz v1.8.24 and Earlier Open Redirect Vulnerability
Arbitrary Web Script Injection Vulnerability in F-RevoCRM 6.0 to 6.5 patch6
OpenSSH 7.9 Vulnerability: Manipulation of Client Output via Crafted Object Names
OpenSSH 7.9 Vulnerability: Manipulation of Client Output by Malicious Server
Arbitrary File Overwrite Vulnerability in OpenSSH 7.9
Cross-site Scripting (XSS) Vulnerability in Sell Media Plugin v2.4.1 for WordPress
Directory Traversal Vulnerability on ONKYO TX-NR686 A/V Receiver Devices
Integer Overflow Vulnerability in Corel PaintShop Pro 2019
Ephemeral or Transient Procedure Vulnerability in Artifex Ghostscript
Stored XSS Vulnerability in wpape APE GALLERY Plugin 1.6.14 for WordPress
Unauthenticated Email Address Enumeration in NiceHash Miner
Missing Authorization Vulnerability in NiceHash Miner Allows Unauthorized Access to Miner's Information
Username Enumeration via Error Message Vulnerability in NiceHash Miner
Bypassing Access Restrictions in PHP Scripts Mall Advance Peer to Peer MLM Script v1.7.0 Admin Panel
XiaoCms 20141229 SQL Injection Vulnerability with PHP Code Execution
Memory Leak in LibTIFF 4.0.10's TIFFFdOpen Function
Memory Leak in png_create_info_struct in libpng 1.6.36
SEGV Vulnerability in Artifex MuPDF 1.14.0
Infinite Recursion Vulnerability in Artifex MuPDF 1.14.0
Memory Leak in AP4_DescriptorFactory::CreateDescriptorFromStream
Bypassing Start Time Protection Mechanism in PolicyKit 0.115
Memory Leak in libIEC61850 v1.3.1
SEGV Vulnerability in libIEC61850 v1.3.1 Ethernet_setProtocolFilter
NULL Pointer Dereference in lib60870's LinkLayer_setAddress
Memory leaks in libIEC61850 v1.3.1 when calling Memory_malloc and Memory_calloc
Remote Arbitrary File Upload Vulnerability in Forcepoint User ID (FUID) Server Versions up to 1.2
Incomplete Hybrid Registration Process Vulnerability in Forcepoint Email Security 8.4.x and 8.5.x
XSS Vulnerability in Forcepoint Email Security 8.5 and 8.5.3
Authentication Bypass Vulnerability in Forcepoint Next Generation Firewall
Forcepoint One Endpoint Vulnerability: Disabling Security Features and Bypassing DLP and Web Protection
Unquoted Search Path Vulnerability in Forcepoint VPN Client for Windows
Cross-Site Scripting (XSS) Vulnerability in Forcepoint Web Security 8.x via Host Header Injection
Vulnerability: Database Corruption in Forcepoint NGFW Security Management Center (SMC)
Unquoted Search Path Vulnerability in Lenovo Dynamic Power Reduction Utility
Lenovo Bootable Generator DLL Search Path Vulnerability
Denial of Service Vulnerability in Legacy IBM System x and BladeCenter BIOS Versions
Vulnerability: PRx Not Set After Resuming from S3 Sleep Mode in Lenovo Systems
Exposure of Private Key in Lenovo System x IMM2 Firmware FFDC Log
Clear text storage of HTTP proxy credentials in Lenovo XClarity Administrator (LXCA) log files
Stored XSS Vulnerability in Legacy IBM System x IMM Firmware
Unauthenticated Access Vulnerability in Iomega and LenovoEMC NAS Products
Session Reuse Vulnerability in ThinkAgile CP-SB BMC Firmware
Denial of Service Vulnerability in Lenovo System Update Allows Unauthorized Log File Writing
Privilege Escalation Vulnerability in PaperDisplay Hotkey Service 1.2.0.8
Cross-Site Request Forgery Vulnerability in Lenovo Service Bridge
Remote Code Execution Vulnerability in Lenovo Service Bridge
Remote Code Execution Vulnerability in Lenovo Service Bridge
Unencrypted FTP Downloads Vulnerability in Lenovo Service Bridge
Arbitrary Code Execution Vulnerability in Lenovo ThinkPad Legacy USB Driver
ThinkPad BIOS Vulnerability: Unauthorized Firmware Update Exploit
Arbitrary Code Execution Vulnerability in Lenovo ThinkPad Legacy USB Driver
Privilege Escalation Vulnerability in Lenovo Installation Packages
Denial of Service Vulnerability in Lenovo System Update Allows Unauthorized Configuration File Writing
ThinkPad USB-C Dock Firmware 3.7.2 Denial of Service Vulnerability
Privilege Escalation Vulnerability in Unsupported Lenovo Solution Center Version 03.12.003
Information Leakage Vulnerability in Iomega and LenovoEMC NAS Products with Personal Cloud Enabled
XML External Entity (XXE) Processing Vulnerability in Lenovo XClarity Administrator (LXCA), Lenovo XClarity Integrator (LXCI) for Microsoft System Center, and Lenovo XClarity Integrator (LXCI) for VMWare vCenter
Stored Cross-Site Scripting (XSS) Vulnerability in Lenovo XClarity Administrator (LXCA) Versions Prior to 2.5.0
Reflected Cross-Site Scripting (XSS) Vulnerability in Lenovo XClarity Administrator (LXCA) Versions Prior to 2.5.0
CSV Injection Vulnerability in Lenovo XClarity Administrator (LXCA) Versions Prior to 2.5.0
Lenovo Energy Management Driver for Windows 10 Denial of Service Vulnerability
Local Privilege Escalation Vulnerability in CCSDK Software Version 2.0.21.1
Code Execution Vulnerability in Lenovo System Interface Foundation
CSV Injection Vulnerability in Lenovo XClarity Controller (XCC)
Untriggered BIOS Tamper Detection in Lenovo ThinkPad T460p and T470p Allows Unauthorized Access
Lenovo System Interface Foundation: Unsigned DLL Loading Vulnerability
Intermittent PCR Clearing Vulnerability in Lenovo BIOS for Desktop and ThinkStation Systems
Local Privilege Escalation Vulnerability in LenovoPaper Software v1.0.0.22
Buffer Overflow Vulnerability in Lenovo Power Management Driver
Information Disclosure Vulnerability in Lenovo XClarity Administrator (LXCA) Versions Prior to 2.6.6
Lenovo XClarity Administrator (LXCA) XML External Entity (XXE) Processing Vulnerability
Authorization Bypass Vulnerability in Lenovo XClarity Controller (XCC)
Privilege Escalation Vulnerability in Lenovo Installation Packages
Privileged Network Position Exploit: Arbitrary Code Execution Vulnerability
Arbitrary Code Execution Vulnerability in iOS, tvOS, Safari, iTunes, and iCloud
Elevated Privileges Vulnerability Fixed in iOS 12.1.3, macOS Mojave 10.14.3, watchOS 5.1.3
Improved State Management to Address Logic Issue in iOS 12.2, macOS Mojave 10.14.4, and tvOS 12.2
Universal Cross-Site Scripting Vulnerability in Safari Reader Feature
Memory Corruption Vulnerability in iOS, macOS, and tvOS
Vulnerability: Password Autofill Resumes After Cancellation
Kernel Memory Disclosure Vulnerability
Memory Initialization Vulnerability
Kernel Memory Disclosure Vulnerability
Memory Corruption Vulnerability in iOS, macOS, tvOS, and watchOS Allows Arbitrary Code Execution
Memory Corruption Vulnerability in iOS 12.1.3 and macOS Mojave 10.14.3 Allows Arbitrary Code Execution
Arbitrary Code Execution Vulnerability in iOS, tvOS, Safari, iTunes, and iCloud
Improved Bounds Checking Fixes Buffer Overflow Vulnerability in iOS, macOS, tvOS, and watchOS
Type Confusion Vulnerability Allows Sandbox Escape
Type Confusion Vulnerability in iOS, tvOS, Safari, iTunes, and iCloud
Arbitrary Code Execution Vulnerability in Multiple Apple Products
Arbitrary Code Execution Vulnerability in Multiple Apple Products
Memory Corruption Vulnerability in iOS, macOS, and tvOS Allows Arbitrary Code Execution
Improper Validation in Message Processing Leads to Denial of Service
Improper Input Validation Leads to Out-of-Bounds Read Vulnerability in macOS Mojave 10.14.3
Privilege Escalation Vulnerability Fixed in iOS 12.1.3, macOS Mojave 10.14.3, iTunes 12.9.3 for Windows
iOS 12.2 Vulnerability: Unauthorized Microphone Access without Indicator Displayed
Group FaceTime Call Vulnerability: Unauthorized Call Answering Exploit
Buffer Overflow Vulnerability in FaceTime Call Handling
Privilege Escalation Vulnerability in iOS, macOS, and tvOS
Arbitrary Code Execution Vulnerability in Multiple Apple Products
Arbitrary Code Execution Vulnerability in iOS, tvOS, watchOS, Safari, iTunes, and iCloud
Cross-Site Scripting Vulnerability in Safari Fixed in iOS 12.1.3 and Safari 12.0.3
Universal Cross-Site Scripting Vulnerability Fixed in iOS, tvOS, Safari, iTunes, and iCloud
Memory Initialization Vulnerability in iOS, macOS, tvOS, and watchOS
Improper Bounds Checking Allows Unauthorized Memory Reading
Race Condition Vulnerability in iTunes Installer for Windows
Arbitrary Code Execution Vulnerability in iOS, tvOS, Safari, iTunes, and iCloud
Arbitrary Code Execution Vulnerability in iOS, tvOS, Safari, iTunes, and iCloud
Sandbox Bypass Vulnerability in iOS, macOS, tvOS, watchOS, and iTunes
Race Condition Vulnerability in iCloud for Windows Installer
Arbitrary Code Execution Vulnerability in Multiple Apple Products
Symlink Validation Vulnerability in macOS Mojave and High Sierra
Gatekeeper Bypass Vulnerability in macOS Mojave 10.14.4
Directory Traversal Vulnerability in GitLab Community and Enterprise Edition before 11.4
MQTTRoute 1.1 build 1018-002 Denial of Service Vulnerability
Cleartext SMTP Password Disclosure in Kentico v10.0.42
Cross-Site Scripting (XSS) Vulnerability in Frog CMS 0.9.5 via Forgot Password Page
CSRF Vulnerability in UsualToolCMS 8.0 Allows SQL Injection and Arbitrary PHP Code Execution
Stack Overflow Vulnerability in Anti-Grain Geometry (AGG) 2.4
Out-of-Bounds Read Vulnerability in SVG++ (svgpp) 1.2.3
Heap-based Buffer Overflow in svgpp_agg_render Function
Reflected XSS Vulnerability in PHP Scripts Mall Citysearch / Hotfrog / Gelbeseiten Clone Script 2.0.1
CSRF Vulnerability Allows Unauthorized Addition of Admin Account in HuCart v5.7.4
ZeroMQ libzmq v2_decoder_t::size_ready Integer Overflow with Code Execution
Address Bar Spoofing Vulnerability in WebKitGTK and WPE WebKit (CVE-2020-XXXX)
Denial of Service Vulnerability in LIVE555 Streaming Media Libraries
Server Side Request Forgery (SSRF) Vulnerability in elFinder: Unauthorized Access to Internal Network Resources
Buffer Overflow Vulnerability in D-Link DIR-822 Rev.Bx Devices
SQL Injection in idreamsoft iCMS V7.0.13 via _data_id parameter in article.admincp.php
Vulnerability: Arbitrary Read and Write Access to ASPEED BMC's Physical Address Space
Stored XSS Vulnerability in Joomla! com_contact
Stored XSS Vulnerability in Joomla! before 3.9.2
Stored XSS Vulnerability in Joomla! before 3.9.2
Stored XSS Vulnerability in Joomla! mod_banners
Insecure Scripting and AutoUpdate Implementation in Cordaware bestinformed Microsoft Windows Client Versions before 6.2.1.0
Insecure SSL Certificate Verification and Access Pattern Vulnerability in Cordaware Bestinformed Microsoft Windows Client
XSS Vulnerability in Premium WP Suite Easy Redirect Manager Plugin
CVE-2019-6268
Command Injection Vulnerability in GL.iNet GL-AR300M-Lite Firmware 2.27
Arbitrary File Download Vulnerability in GL.iNet GL-AR300M-Lite Firmware 2.27
GL.iNet GL-AR300M-Lite Directory Traversal Vulnerability
Firmware_cgi Command Injection Vulnerability in GL.iNet GL-AR300M-Lite Devices
Cross-Site Scripting (XSS) Vulnerability in JPress v1.0.4 via Markdown Input
ChinaMobile PLC Wireless Router GPN2.4P21-C-CN Firmware W2001EN-00 Incorrect Access Control Vulnerability
CSRF Vulnerability in ChinaMobile PLC Wireless Router GPN2.4P21-C-CN Firmware W2001EN-00
Heap-Based Buffer Over-Read Vulnerability in LibSass 3.5.5
Heap-Based Buffer Over-Read Vulnerability in LibSass 3.5.5
Denial of Service Vulnerability in yaml-cpp (aka LibYaml-C++) 0.6.2
Heap-based Buffer Over-read in LibSass 3.5.5
Persistent Namespace Access Vulnerability in Rancher 2.0.0 through 2.1.5
Unauthenticated Command Injection in Edgecore ECS2020 Firmware 1.0.0.0 Devices
Arbitrary PHP Code Execution via File Upload in DedeCMS V57_UTF8_SP2
Stack Exhaustion Vulnerability in Netwide Assembler (NASM) through 2.14.02
Stack Exhaustion Vulnerability in Netwide Assembler (NASM) through 2.14.02
Stack Exhaustion in YAML::SingleDocParser in yaml-cpp 0.6.2
Stack Exhaustion Vulnerability in mark_beginning_as_normal Function in flex 2.6.4
CSRF Vulnerability in EasyCMS 1.5 via index.php?s=/admin/articlem/insert/navTabId/listarticle/callbackType/closeCurrent URI
SQL Injection Vulnerability in Cleanto 5.0 via service_method_ajax.php service_id Parameter
SQL Injection Vulnerability in Cleanto 5.0 via assets/lib/export_ajax.php id parameter
Insufficient Solution Bundle Signature Validation in HP Printers: Potential Arbitrary Code Execution Vulnerability
Cross-Site Request Forgery (CSRF) Vulnerability in HP DeskJet 3630 All-in-One Printers
HP DeskJet 3630 All-in-One Printers CSRF Vulnerability
Tampering Vulnerability in HP Workstation BIOS with Disabled TPM
Tampering Vulnerability in HP Workstation BIOS with Disabled TPM
Reflected XSS Vulnerability in HP Color LaserJet Pro and LaserJet Pro Printer Series
Stored XSS Vulnerability in HP Color LaserJet Pro and LaserJet Pro MFP Printers' Wireless Configuration Page
Potential Cross-site Request Forgery Vulnerability in HP Color LaserJet Pro M280-M281 and HP LaserJet Pro MFP M28-M31 Printer Series
Potential Buffer Overflow Vulnerability in HP Color LaserJet Pro M280-M281 and HP LaserJet Pro MFP M28-M31 Printer Series
Potential Buffer Overflow Vulnerability in HP Color LaserJet Pro M280-M281 and HP LaserJet Pro MFP M28-M31 Printer Series
HP Support Assistant Privilege Escalation and Unauthorized File Modification Vulnerability
HP Support Assistant Privilege Escalation and Unauthorized File Modification Vulnerability
HP Access Control Elevation of Privilege Vulnerability
Incomplete Obfuscation of Application Configuration Information in Samsung Mobile Print (Android) Versions Prior to 4.08.007
HP InkJet Printers XSS Vulnerability
Local Privilege Escalation Vulnerability in HP Touchpoint Analytics
Application Signature Check Bypass Vulnerability in HP Printers
Samsung Laser Printers Vulnerability: Potential Denial of Service Exploit
HP Inkjet Printers Vulnerable to Malicious Print File Exploitation and Core Dump Generation
Vulnerability in Drupal Core's Third-Party PEAR Archive_Tar Library (CVE-2018-1000888)
Remote Code Execution Vulnerability in Drupal Core
Arbitrary PHP Code Execution Vulnerability in Drupal 8.5.x and 8.6.x
File Upload XSS Vulnerability in Drupal 7 and Drupal 8
Access Bypass Vulnerability in Drupal 8.7.4 Workspaces Module
32-bit System Mishandling in SchedMD Slurm Versions 17.11.13 and 18.x before 18.08.5
Heap-Based Buffer Overflow in TLS Benchmark Tool
Update Logic Vulnerability in Zemana AntiMalware before 3.0.658 Beta
Unauthenticated Password Reset Vulnerability in Shenzhen Coship Routers
Out-of-Bounds Write Vulnerability in NTPsec
Stack-based Buffer Over-read Vulnerability in NTPsec
Stack-based Buffer Over-read in NTPsec's process_control() Function
NULL Pointer Dereference and Crash in NTPsec's ntp_control.c (CVE-2020-11868)
Remote Code Execution via Unsafe Usage of Pickle in NumPy
Arbitrary File Read and Application Execution Vulnerability in ES File Explorer File Manager for Android
Unauthenticated POST Access Vulnerability on SOYAL AR-727H and AR-829Ev5 Devices
Remote Code Execution via Test Button in Kyocera Command Center RX
Remote Command Execution via Argument Injection in mIRC URI Protocol Handlers
Stack Buffer Overflow in sd-bus Allows for Denial of Service
Double-Free Vulnerability in GNU Recutils 1.8
NULL Pointer Dereference in rec_fex_size() Function of GNU Recutils 1.8
Memory Leak in GNU Recutils 1.8: rec_aggregate_reg_new in rec-aggregate.c
Memory Leak in GNU Recutils 1.8: rec_buf_new Function in rec-buf.c
Memory Leak in rec_extract_type in GNU Recutils 1.8
NULL Pointer Dereference in rec_field_set_name() Function in GNU Recutils 1.8
Assertion Problem in _cairo_arc_in_direction Function
Infinite Loop Vulnerability in Cairo 1.16.0
Improper Application of Zone Transfer Controls in BIND 9.9.0 - 9.13.6
Vulnerability: Assertion Failure in Query.c due to Programming Error in NXDOMAIN-Redirect Feature
Vulnerability: Assertion Failure in BIND Supported Preview Edition with nxdomain-redirect and ECS Support
Vulnerability: Assertion Failure in BIND DNS Resolver with Malformed RRSIGs
Vulnerability: Potential Crash in ISC BIND Library Function Used by DHCPv6 Mode
BIND Vulnerability: Race Condition Leading to REQUIRE Assertion Failure in dispatch.c
Kea DHCPv6 Server Assertion Failure Vulnerability
Assertion Failure in Kea DHCPv4 Server Process due to Invalid Hostname Option
Kea Server Lease Storage Vulnerability
Mirror Zone Data Validation Bypass Vulnerability
QNAME Minimization Vulnerability in BIND Versions 9.14.0-9.14.6 and 9.15.0-9.15.4
TCP Pipelining Vulnerability: Resource Exhaustion and Server Unresponsiveness
Abine Blur 7.8.2431 Vulnerability: Second-Factor Auth Bypass via Forgotten Dev Menu
TLS Padding Oracle Vulnerability in Citrix NetScaler Gateway and Application Delivery Controller
Elliptic Curve Vulnerability in Go Versions 1.10.8 and 1.11.x
Command Injection Vulnerability in TP-Link WDR Series Devices through Firmware v3
Segmentation Fault Vulnerability in GNU C Library on x32 Architecture
Remote Shortcut Erasure Vulnerability in Lexmark CX, MX, X, XC, XM, XS, and 6500e Devices
SQL Injection Vulnerability in RISI Gestao de Horarios v3201.09.08 rev.23
Kernel Pool Memory Leak Vulnerability in IObit Smart Defrag 6
Kernel Pool Memory Leak Vulnerability in IObit Smart Defrag 6
Vulnerability: Arbitrary File Deletion via IMFForceDelete.sys in IObit Malware Fighter 6.2
Remote Code Execution and Denial of Service Vulnerability in Marvell Avastar Wi-Fi Devices
SQL Injection Vulnerability in Hotels_Server through 2018-11-05 via controller/fetchpwd.php username parameter
Stack-Based Buffer Over-Read Vulnerability in GattLib 0.2
Hardcoded Password Vulnerability in Teradata Viewpoint
Unauthenticated Directory Traversal Vulnerability in Axway File Transfer Direct 2.7.1
Out-of-Bounds Read/Write Vulnerability in QEMU 3.1's scsi_handle_inquiry_reply
Memory Leak in sc_context_create in libopensc in OpenSC 0.19.0
Deserialization Vulnerability in Chatopera Cosin v3.10.0: Remote Code Execution via Malicious File Upload
Persistent Cross-Site Scripting (XSS) Vulnerability in Automic Web Interface (AWI)
SQL Injection Vulnerability in SuiteCRM
CSRF Vulnerability in creditease-sec insight
CSRF Vulnerability in creditease-sec insight
CSRF Vulnerability in depart_delete Function in creditease-sec insight
CSRF Vulnerability in creditease-sec insight
SSRF Vulnerability in WSO2 API Manager 2.6.0
Arbitrary File Upload Vulnerability in WSO2 API Manager 2.6.0
Cross-Site Scripting (XSS) Vulnerability in WSO2 Dashboard Server 2.0.0
Unauthenticated Access to Uploaded API Documentation in WSO2 API Manager 2.6.0
Server-Side Request Forgery (SSRF) Vulnerability in WSO2 Dashboard Server 2.0.0
Improper User Access Control in BD FACSLyric Research and IVD Systems
Vulnerability: Moxa IKS and EDS Store Plaintext Passwords
Improper Authentication Vulnerability in WebAccess/SCADA Version 8.3
Server-side Authority Check Bypass in Moxa IKS and EDS: Enabling Arbitrary Configuration Changes for Read-Only Users
Authentication Bypass Vulnerability in WebAccess/SCADA Version 8.3
Array Bounds Check Failure in Moxa IKS and EDS Devices: Potential Memory Read and Data Leakage Vulnerability
SQL Injection Vulnerability in WebAccess/SCADA Version 8.3
Insufficient Authentication Measures in Moxa IKS and EDS Devices Enable Brute Force Password Discovery
Privilege Escalation via ArchestrA Network User Account in AVEVA Wonderware System Platform 2017 Update 2 and Prior
Plaintext Transmission of Sensitive Data in Moxa Industrial Switches
Modbus Gateway Password Change Vulnerability
Arbitrary Code Execution in PSI GridConnect Telecontrol Gateway and Smart Telecontrol Unit Family
FTP Request Vulnerability in PR100088 Modbus Gateway
Heap-Based Buffer Overflow in Panasonic FPWIN Pro Version 7.3.0.0 and Prior
Vulnerability: Password Retrieval via MITM Attack in Kunbus PR100088 Modbus Gateway
Remote Code Execution in Panasonic FPWIN Pro Version 7.3.0.0 and Prior
Unauthenticated Access to Modbus Registers in PR100088 Modbus Gateway
Gemalto Sentinel UltraPro Client Library ux32w.dll Uncontrolled Search Path Element Vulnerability
Mitsubishi Electric Ethernet Stack Crash Vulnerability
Buffer Overflow Vulnerability in LCDS LAquis SCADA
Stack-based Buffer Overflow Vulnerabilities in WECON LeviStudioU Version 1.8.56 and Prior
Unauthenticated Telemetry Communication Vulnerability in Medtronic MyCareLink Monitor and Implantable Cardiac Devices
Heap-based Buffer Overflow Vulnerabilities in WECON LeviStudioU Version 1.8.56 and Prior: Arbitrary Code Execution
Unencrypted Telemetry Communication Vulnerability in Medtronic MyCareLink Monitor and Other Devices
Arbitrary Code Execution Vulnerability in WECON LeviStudioU Version 1.8.56 and Prior
Unauthenticated Remote Reboot Vulnerability in ENTTEC Datagate MK2, Storm 24, and Pixelator
Privilege Escalation Vulnerability in AVEVA InduSoft Web Studio and InTouch Edge HMI
Privilege Escalation in GE Communicator
Arbitrary Process Execution via Specially Crafted Database Connection Configuration File in AVEVA InduSoft Web Studio and InTouch Edge HMI
Arbitrary File Placement Vulnerability in GE Communicator
Out-of-Bounds Read Vulnerability in Delta Industrial Automation CNCSoft ScreenEditor
Hardcoded Credentials Backdoor in GE Communicator
FTP-based Retrieval of Plain-Text Credentials in PR100088 Modbus Gateway
Multiple Stack-Based Buffer Overflow Vulnerabilities in Advantech WebAccess/SCADA Versions 8.3.5 and Prior
Authentication Bypass and Denial-of-Service Vulnerability in Pangea Communications Internet FAX ATA
Command Injection Vulnerabilities in Advantech WebAccess/SCADA
Stack-based Buffer Overflow in Rockwell Automation RSLinx Classic
Improper Access Control Vulnerability in Advantech WebAccess/SCADA Versions 8.3.5 and Prior
Improper Input Validation Vulnerability in Cscape 9.80 SP4 and Prior
Memory Reference Vulnerability in Omron CX-Programmer v9.70 and Prior
Buffer Overflow Vulnerabilities in Moxa IKS and EDS: Remote Code Execution Risk
Weak Password Recovery Mechanism in Auto-Maskin RP210E, DCU210E, and Marine Observer Pro
Remote Denial of Service Vulnerability in Moxa IKS and EDS Switches
Weak Password Recovery Mechanism in Auto-Maskin RP210E, DCU210E, and Marine Observer Pro
Title: Moxa IKS and EDS Devices Vulnerable to Cross-Site Request Forgery (CSRF) Attack
Cross-Site Scripting (XSS) Vulnerability in Philips Tasy EMR Versions 3.02.1744 and Prior
Predictable Cookie Vulnerability in Moxa IKS and EDS Devices
Privilege Escalation Vulnerability in GE Communicator
Unvalidated User Input in Moxa IKS and EDS Enables XSS Attacks
Privilege Escalation via Uninstaller Replacement in GE Communicator
Vulnerability: Password Extraction from SCALANCE X-200, X-200IRT, X-300, and X-414-3E Switches
Webserver Denial of Service Vulnerability
Insufficient Monitor Barrier Allows Unauthorized Data Forwarding and Manipulation
Insufficient User Permission Checking in SINEMA Remote Connect Server (All versions < V2.0)
SIEMENS LOGO!8 Denial-of-Service Vulnerability
Title: Critical SNMP Hardcoded Community String Vulnerability in SIMATIC HMI Panels and WinCC Software
Vulnerability in SINAMICS PERFECT HARMONY GH180 with NXG I and II Control
Multiple Siemens Products Denial of Service Vulnerability
Title: TLS Traffic Decryption Vulnerability in SIMATIC HMI Comfort Panels and WinCC Software
Title: Cross-Site Scripting (XSS) Vulnerability in SIMATIC HMI Panels and WinCC Software
Denial of Service Vulnerability in SINAMICS PERFECT HARMONY GH180 with NXG I and NXG II Control
Remote Code Execution Vulnerability in Spectrum Power 4 (Web Office Portal)
Unauthorized Device Property Modification Vulnerability in Siveillance VMS
Unauthorized User Role Change Vulnerability in Siveillance VMS
Unauthorized Modification of User-Defined Event Properties in Siveillance VMS
Session ID Persistence Vulnerability in SIEMENS LOGO!8
Cross-Site Scripting (XSS) Vulnerability in SCALANCE S602, S612, S623, and S627-2M Configuration Web Server
XSS Vulnerability in Liferay Portal SimpleCaptcha API
Reflected Cross Site Scripting (XSS) Vulnerability in BIG-IP TMUI
Excessive Resource Consumption Vulnerability in BIG-IP LTM
Reflected Cross-Site Scripting (XSS) Vulnerability in BIG-IP APM Webtop Configuration
SSL Certificate Validation Vulnerability in BIG-IP 14.1.0-14.1.0.1
Zombie POODLE and GOLDENDOODLE: Chosen Ciphertext Attack on BIG-IP Virtual Servers
Infinite Loop Vulnerability in Multi-Path TCP (MPTCP) on BIG-IP
F5 BIG-IP Access Policy Manager (APM) Admin Web UI XSS Vulnerability
DTLS Fragmented ClientHello Memory Corruption Vulnerability
Command Execution Vulnerability in BIG-IP Configuration Utility
TMUI Malformed Request Vulnerability
Remote Cross-Site Scripting (XSS) Vulnerability in BIG-IP Configuration Utility
Cross-Site Scripting (XSS) Vulnerability in BIG-IP Administrative Login Page
Group Permission Escalation in BIG-IP Application Acceleration Manager (AAM)
Insecure Handling of Malicious Requests in BIG-IP Configuration Utility Login Page
Malformed TCP Packets Vulnerability in BIG-IP Virtual Servers and Self IPs
High-Speed Bridge Lockup Vulnerability
Denial of Service Vulnerability in BIG-IP SSL Virtual Server
Memory Leak Vulnerability in BIG-IP SNMP Processing
Stored Cross-Site Scripting Vulnerability in BIG-IP ASM Configuration Utility
Memory Leakage Vulnerability in BIG-IP SNMP Daemon on vCMP Guests
Platform Dependent Weakness: Plaintext Storage of Unit Key on iSeries Platforms in BIG-IP
Denial of Service Vulnerability in BIG-IP URL Classification
PPTP VPN Traffic Processing Logic Vulnerability in BIG-IP Systems
DNS Query TCP Connection Aborted Vulnerability
Insecure Transmission of Sensitive Configuration Objects via SNMPv2 on BIG-IP
Arbitrary File Overwrite Vulnerability in BIG-IP Appliance Mode
TMSH Access Exploit Allows Bypassing Appliance Mode Restrictions on BIG-IP Systems
TMSH Access Vulnerability on BIG-IP Appliances
Vulnerability: Unauthorized File Overwrite by Resource Administrator Role
Vulnerability: Unauthorized Filesystem Modification by Resource Administrators
HTTP/2 Profile ALPN Zero-Length Extension Vulnerability
Undisclosed iControl REST Worker Command Injection Vulnerability
Command Injection Vulnerability in iControl REST Worker
Command Injection Vulnerability in iControl REST Worker on BIG-IP Multi-Bladed Systems
Denial-of-Service Vulnerability in BIG-IP iSession Virtual Server
Undisclosed Traffic Pattern Denial-of-Service (DoS) Vulnerability on BIG-IP
Reflected Cross-Site Scripting (XSS) Vulnerability in BIG-IP Traffic Management User Interface (TMUI)
Reflected Cross-Site Scripting (XSS) Vulnerability in BIG-IP Traffic Management User Interface (TMUI)
Race condition vulnerability in F5 SSL Orchestrator 14.1.0-14.1.0.5 leading to TMM restart during SSL Forward Proxy bypass action enforcement on transparent virtual server with SNAT enabled
TMM Process Termination and Restart Vulnerability in BIG-IP PEM with OpenVPN Classifier
Undisclosed SSL Traffic Vulnerability in BIG-IP 14.1.0-14.1.0.5
Undisclosed Traffic Flow Vulnerability in F5 SSL Orchestrator
HTTP Header Manipulation Vulnerability in BIG-IP 11.5.1-11.6.4
Insufficient Randomness in vCMP Configuration Unit Key Generation Vulnerability
Bypassing Appliance Mode Restrictions in BIG-IP Systems
Vulnerability: High Volume Malformed Analytics Report Requests Leading to Instability in restjavad Process
Appliance Mode Bypass Vulnerability in BIG-IP Systems
Stored Cross-Site Scripting Vulnerability in BIG-IP (AFM, ASM) 14.1.0-14.1.0.5, 14.0.0-14.0.0.4, 13.0.0-13.1.1.4, 12.1.0-12.1.4, and 11.5.1-11.6.4
Application Logic Abuse in BIG-IP (ASM) REST Endpoints Leading to System Instability and OOM Killer Trigger
Infinite Loop Vulnerability in BIG-IP iControl REST Endpoint
Stored Cross-Site Scripting (XSS) Vulnerability in BIG-IP (AFM, PEM) Subscriber Management Pages
Insecure Transmission of Sensitive Configuration Objects via SNMPv2 in BIG-IP
Vulnerability: iControl REST Process Crash via Undisclosed Requests on BIG-IP 12.1.0-12.1.4.1
Privilege Escalation via File Upload in BIG-IP, BIG-IQ, iWorkflow, and Enterprise Manager
DHCPv6 Request Crafted Attack Vulnerability
CVE-2021-XXXX: Unauthorized Access to Debug Node.js Process in BIG-IP
FTP Traffic Vulnerability in BIG-IP Virtual Server with Active FTP Profile and Connection Mirroring
Privilege Escalation Vulnerability in BIG-IP and Enterprise Manager REST Users
Memory Leakage Vulnerability in BIG-IP Control-Plane Authentication Processing
Exposure of BIG-IP Secrets in F5 Container Ingress Service (CIS) and Red Hat OpenShift (k8s-bigip-ctlr) Log Files
Sensitive Information Exposure and System Configuration Modification Vulnerability in F5 BIG-IP and Enterprise Manager
Sensitive Information Exposure and System Configuration Modification Vulnerability in F5 BIG-IP ASM
Insecure Configuration Utility Login Page Handling Vulnerability
Unauthenticated and Unencrypted Services in BIG-IQ 6.0.0-6.1.0
Stored Cross Site Scripting Vulnerability in BIG-IQ System
Vulnerability: Lack of Martian Address Filtering on BIG-IP Control Plane
Sensitive Data Leakage Vulnerability in BIG-IP Platforms with AVR, ASM, APM, PEM, AFM, and/or AAM Provisioning
Full APM Session ID Exposure in BIG-IP APM Edge Client
Reflected Cross-Site Scripting (XSS) Vulnerability in BIG-IP Traffic Management User Interface (TMUI)
SQL Injection Vulnerability in BIG-IP AFM Configuration Utility
Denial of Service Vulnerability in BIG-IP Virtual Servers with TLSv1.3 Enabled
Excessive Resource Consumption Denial of Service Vulnerability in BIG-IP 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.1
Excessive Resource Consumption Vulnerability in BIG-IP APM
Sensitive Information Leakage in BIG-IP 13.1.0-13.1.1.4 through Invalid Request Handling
BIG-IP, BIG-IQ, iWorkflow, and Enterprise Manager Configuration Utility Anti DNS Pinning Vulnerability
Vulnerability: Network Protections on Management Port Not Following Best Practices
Vulnerability: Proxy Traffic Interception in BIG-IP ASM and BIG-IQ/Enterprise Manager/iWorkflow Communication
TMM Process Core File Generation Vulnerability
Excessive Resource Consumption Vulnerability in BIG-IP Virtual Server with FIX Profile
Privilege Escalation Vulnerability in BIG-IP APM Edge Client for macOS
Undisclosed Traffic Flow Vulnerability in BIG-IP
Exposure of Plaintext Unit Key in vCMP Hypervisors on BIG-IP
Memory Leakage Vulnerability in BIG-IP Versions 15.0.0-15.0.1, 14.1.0-14.1.2, 14.0.0-14.0.1, and 13.1.0-13.1.3.1
Performance Degradation in BIG-IP AFM System with Bad-Actor Detection on Wildcard Virtual Server
HTTP/2 Full Proxy Mode Disruption of Service Vulnerability
TMM Crash Vulnerability in F5 SSL Orchestrator
Authentication Bypass Vulnerability in BIG-IP Configurations with Active Directory, LDAP, or Client Certificate LDAP
TMM Restart Vulnerability on BIG-IP Virtual Edition (VE) with Virtio Direct Descriptors
TCP Profile Custom Congestion Control Vulnerability
TMM Process Restart Vulnerability in BIG-IP Versions 15.0.0-15.0.1, 14.1.0-14.1.2.2, 14.0.0-14.0.1, and 13.1.0-13.1.3.1
Symlink Bypass Vulnerability in BIG-IP Access Controls
Virtual Server Targeting FastL4 Virtual Server Vulnerability
Memory Leak Vulnerability in BIG-IP Multicast Forwarding Cache (MFC) Handling
Excessive Resource Consumption Vulnerability in BIG-IP ASM System
Excessive Flow Usage Vulnerability in BIG-IP Virtual Servers with Loose Initiation Enabled
Fragmented Broadcast IP Packet Vulnerability in BIG-IP Virtual Clustered Multiprocessing (vCMP)
Elevation of Privilege and Command Execution via iRules in BIG-IP
Diameter Connection Overload Vulnerability on BIG-IP
X.509 Certificate Authentication Failure in BIG-IP ASM Cloud Security Services Profile
Vulnerability: Secret Disclosure via SNMP Query on BIG-IP and BIG-IQ Systems
Privilege Escalation via Command Injection in Tidal Workload Automation Agent
Improper Input Validation in python-gnupg 0.4.3 allows for unauthorized decryption
SQL Injection Vulnerability in phpwind 9.0.2.170426 UTF8 via admin.php?m=backup&c=backup&a=doback tabledb[] parameter
DLL Preload Vulnerability in Fortinet FortiClient for Windows 6.2.0 and Below: Arbitrary Code Execution
Hard-coded Cryptographic Key Vulnerability in FortiOS Configuration Backup File
Root File System Integrity Vulnerability in Fortinet FortiManager VM Application Images
URL Redirect Vulnerability in FortiOS Admin WebUI
Hard-coded Credentials Vulnerability in FortiRecorder: Unauthorized Control of FortiCameras
Stored Cross Site Scripting (XSS) Vulnerability in Fortinet FortiADC 5.3.3 and Earlier
Information Exposure Vulnerability in FortiSIEM External Authentication Profile Form
Missing SSL Certificate Validation in MasterCard Qkr! App (iOS versions prior to 5.0.8)
Arbitrary WordPress Option Update Vulnerability in Total Donations Plugin
Use-After-Free Vulnerability in Lua 5.3.5's lua_upvaluejoin in lapi.c
SQL Injection Vulnerability in PHPSHE 1.7 via admin.php?mod=product&act=state product_id[] parameter
SQL Injection Vulnerability in PHPSHE 1.7 via admin.php?mod=order state parameter
CSRF Vulnerability in Zyxel NBG-418N v2 v1.00(AAXM.4)C0 Devices
Arbitrary PHP Code Execution in ThinkCMF 5.0.190111 via RouteController.php
Path Traversal and Local File Inclusion Vulnerability in BlogEngine.NET
Arbitrary File Read Vulnerability in W3 Total Cache Plugin
Unauthenticated IDOR Vulnerability in LogonBox Nervepoint Access Manager 2013-2017
Use-after-free vulnerability in libIEC61850 v1.3.1 getState function in iso_server.c
Privilege Escalation Vulnerability in Barracuda VPN Client
Unauthenticated Access to Admin Password and Modem Interface on ZyXEL P-660HN-T1 V2 (2.00(AAKK.3)) Devices
Arbitrary File Deletion Vulnerability in WP Fastest Cache Plugin
Arbitrary Code Execution in Foxit Reader via XFA Remerge Method (ZDI-CAN-7347)
Remote Code Execution Vulnerability in Foxit Reader (ZDI-CAN-7353)
Arbitrary Code Execution Vulnerability in Foxit Reader (ZDI-CAN-7423)
Arbitrary Code Execution Vulnerability in Foxit Reader's popUpMenu Method (ZDI-CAN-7368)
Arbitrary Code Execution via HTML to PDF Conversion in Foxit PhantomPDF (ZDI-CAN-7369)
Remote Code Execution Vulnerability in Foxit PhantomPDF (ZDI-CAN-7453)
Remote Code Execution Vulnerability in Foxit PhantomPDF
Remote Code Execution Vulnerability in Foxit PhantomPDF
Remote Code Execution Vulnerability in Foxit Reader (ZDI-CAN-7355)
Arbitrary Code Execution Vulnerability in Bitdefender SafePay 23.0.10.34
Arbitrary Code Execution via Bitdefender SafePay 23.0.10.34 TIScript openFile Method Vulnerability
Arbitrary Code Execution Vulnerability in Bitdefender SafePay 23.0.10.34 (ZDI-CAN-7250)
Arbitrary Code Execution via Malicious URIs in Malwarebytes Antimalware 3.6.1.2711
Arbitrary Code Execution via ASN.1 Parser in Samsung Galaxy S9 (CVE-2018-13467)
Captive Portal HTML Manipulation Remote Code Execution Vulnerability
Remote Code Execution Vulnerability in Samsung Galaxy S9 (ZDI-CAN-7477)
Remote Code Execution in Xiaomi Mi6 Browser (CVE-2021-XXXX)
Local Authentication Bypass Vulnerability in Samsung Knox 1.2.02.39 on Samsung Galaxy S9
Remote Code Execution Vulnerability in Foxit Studio Photo 3.6.6 via TIF File Handling
Arbitrary Code Execution via EZI File Handling in Foxit Studio Photo 3.6.6
Arbitrary Code Execution via EZI File Handling in Foxit Studio Photo 3.6.6
Arbitrary Code Execution via EZIX File Handling in Foxit Studio Photo 3.6.6
Arbitrary Code Execution via EZI File Handling in Foxit Studio Photo 3.6.6
Arbitrary Code Execution Vulnerability in Foxit Studio Photo 3.6.6.779
Remote Code Execution Vulnerability in Foxit PhantomPDF 9.3.10826
Integer Overflow Vulnerability in Foxit Reader 9.3.0.10826 (ZDI-CAN-7561)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.3.10826 (ZDI-CAN-7407)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.3.10826 (ZDI-CAN-7613)
Remote Code Execution Vulnerability in Foxit PhantomPDF 9.4.0.16811
Arbitrary Code Execution Vulnerability in Foxit Reader 9.4.16811 (ZDI-CAN-7696)
Remote Code Execution Vulnerability in Foxit Reader 9.4.16811 via ConvertToPDF_x86.dll
Arbitrary Code Execution Vulnerability in Foxit Reader 9.3.10826 (ZDI-CAN-7614)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.4.16811 (ZDI-CAN-7694)
Arbitrary Code Execution Vulnerability in Foxit Reader 9.4.0.16811 (ZDI-CAN-7777)
Arbitrary Code Execution via HTML to PDF Conversion in Foxit PhantomPDF 9.4.1.16828
Arbitrary Code Execution in Foxit Reader 9.4.1.16828 via ToggleFormsDesign Method (ZDI-CAN-7874)
Arbitrary Code Execution via XFA Template Objects in Foxit Reader 9.4.1.16828
Arbitrary Code Execution via HTML to PDF Conversion in Foxit PhantomPDF 9.4.1.16828
Remote Code Execution Vulnerability in Foxit Reader 9.4.1.16828
Arbitrary Code Execution Vulnerability in Foxit Reader 9.4.1.16828
Arbitrary Code Execution Vulnerability in Foxit Reader 9.4.1.16828
Arbitrary Code Execution Vulnerability in Foxit Reader 9.4.1.16828
Remote Code Execution Vulnerability in Foxit Reader 9.4.1.16828
Remote Code Execution Vulnerability in Foxit Reader 2019.010.20098
Remote Code Execution Vulnerability in Foxit Reader 2019.010.20098
Remote Code Execution Vulnerability in Foxit Reader 9.4.1.16828
Arbitrary Code Execution Vulnerability in Foxit Reader 9.4.1.16828
Arbitrary Code Execution Vulnerability in Foxit Reader 9.5.0.20723
Arbitrary Code Execution via removeField Method in Foxit PhantomPDF 9.5.0.20723
Reflected XSS Vulnerability in ZoneMinder v1.32.3 via plugin.php
Heap-Based Buffer Overflow in tcp_emu of QEMU 3.0.0
CSRF Vulnerability in CSCMS 4.1.8 Allows Unauthorized Modification of Friend Links
Improper Handling of External Links in Wise Chat Plugin for WordPress
Improper Input Validation Allows Injection of Malicious Links in GitLab Notification Emails
Information Disclosure Vulnerability in GitLab Community and Enterprise Edition
GitLab Pages Directory Traversal Vulnerability Leading to Remote Command Execution
Persistent XSS vulnerability in GitLab Community and Enterprise Edition before 11.7.1
Denial of Service Vulnerability in GitLab Community and Enterprise Edition
LFS Object Access Control Vulnerability
Improper Access Control in GitLab API Allows Unauthorized Access to Trigger Tokens
Covert Redirect Vulnerability in GitLab OAuth Integration
Information Disclosure in GitLab Community and Enterprise Edition before 11.7.1
Insecure Access Control Allows Guest Users to View Group Merge Requests
Incorrect Access Control during Project Import
Path Disclosure Vulnerability in GitLab Community and Enterprise Edition
Unauthenticated Blind SSRF Vulnerability in GitLab Jira Integration
Information Disclosure Vulnerability in GitLab Community and Enterprise Edition
Insufficient Visual Distinction of Homoglyphs and RTLO Characters in GitLab
Persistent XSS vulnerability in GitLab Community and Enterprise Edition before 11.7.1
Information Disclosure Vulnerability in GitLab Enterprise Edition
SQL Injection Vulnerability in phpMyAdmin Designer Feature
Arbitrary File Read Vulnerability in phpMyAdmin
Arbitrary Command Injection in TitanHQ SpamTitan through 7.03
CRLF Injection and Possible XSS Attacks in pypiserver 1.2.5 and Below
XSS and Remote Command Execution Vulnerability in Typora 0.9.9.20.3 Beta via Left Outline Bar
Cross-Site Scripting (XSS) Vulnerability on Job Edit Page in Rundeck Community Edition
SQL Injection Vulnerability in S-CMS V3.0 via alipay/alipayapi.php O_id Parameter
Modicon Controllers: SNMP Information Disclosure Vulnerability
Uncaught Exception Vulnerability in Modicon Controllers: Potential Denial of Service via Modbus
Remote Code Execution via Modbus Configuration Overwrite
Uncaught Exception Vulnerability in Modicon Controllers: Potential Denial of Service
Unauthorized Command Execution in BMXNOR0200H Ethernet / Serial RTU Module
Denial of Service Vulnerability in Modicon Quantum 140 NOE771x1 (CWE-754)
BMX-NOR-0200H Firmware Vulnerability: Hardcoded Credentials Expose Confidentiality Risk
Denial of Service Vulnerability in BMXNOR0200H Ethernet / Serial RTU Module and Modicon M340 Controller
CWE-287: Improper Authentication in NET55XX Encoder Firmware
CWE-264: Access Control Vulnerability in Modicon Quantum PLCs via Ethernet/IP Protocol
CWE-94: Code Injection Vulnerability in Modicon Quantum Firmware Allows Unauthorized Firmware Modification and Denial of Service
Denial of Service Vulnerability in Modicon Controllers
Title: Critical Function Authentication Bypass Vulnerability in Modicon and PacDrive Devices
Insufficiently Random Values Vulnerability in Modicon M580, M340, Premium, and Quantum Firmware
Remote Code Execution Vulnerability in Zelio Soft 2: CWE-416
Arbitrary Code Execution Vulnerability in ProClima (Versions Prior to 8.0.0)
Arbitrary Code Execution Vulnerability in ProClima (Versions Prior to 8.0.0)
Uncontrolled Search Path Element Vulnerability in ProClima (Versions Prior to 8.0.0)
Arbitrary Code Execution Vulnerability in SoMachine HVAC v2.4.1 and Earlier Versions
Out-of-bounds Write Vulnerability in Interactive Graphical SCADA System (IGSS) Version 14 and Prior
Denial of Service Vulnerability in Modicon Controllers
Uncaught Exception Vulnerability in Modicon M580 and M340 Controllers
Uncaught Exception Vulnerability in Modicon M580 (Versions Prior to V2.80)
Denial of Service Vulnerability in BMXNOR0200H Ethernet / Serial RTU Module
Authentication Bypass Vulnerability in spaceLYnk and Wiser for KNX (Versions < 2.4.0)
Uncontrolled Frame Rate Vulnerability in Magelis HMI Panels
Arbitrary Code Execution via Deserialization in Schneider Electric Software Update (SESU) SUT Service (V2.1.1 to V2.3.0)
U.motion Server Cross-Site Scripting (XSS) Vulnerability
U.motion Server Incorrect Authorization Vulnerability
Server-Side Request Forgery (SSRF) Vulnerability in U.motion Server: Exposing Server Configuration Data
Privilege Escalation: Unauthorized File Deletion in U.motion Server
Unrestricted File Upload Vulnerability in U.motion Server
Arbitrary Command Execution Vulnerability in U.motion Server
Denial of Service Vulnerability in Modicon PLCs during Firmware Upgrade
Firmware Upgrade Denial of Service Vulnerability in Modicon PLCs
Denial of Service Vulnerability in Modicon PLCs via Empty Firmware Package Upgrade
Denial of Service Vulnerability in Modicon PLCs via Invalid Web Server Image Upgrade
CWE-319: Cleartext Transmission of Sensitive Information in Modicon Controllers via Modbus TCP Protocol
CWE-319: Cleartext Transmission of Sensitive Information in Modicon M580, M340, BMxCRA, and 140CRA Modules via FTP
Denial of Service Vulnerability in Modicon Controllers and Modules
Denial of Service Vulnerability in Modicon M580 CPU and Communication Module
CWE-200: Information Exposure in Modicon M580, BMENOC 0311, and BMENOC 0321 via REST API Modbus Services
CWE-200: Information Exposure via REST API in Modicon M580, Modicon BMENOC 0311, and Modicon BMENOC 0321
TFTP Protocol Information Disclosure Vulnerability in Modicon Controllers
CWE-200: Information Exposure Vulnerability in Modicon Controllers: Disclosure of FTP Hardcoded Credentials
Andover Continuum Web Server XSS Vulnerability
Improper Authentication Vulnerability in EcoStruxure Geo SCADA Expert (ClearSCADA)
Bypassing Authentication in EcoStruxure Control Expert and Modicon Controllers
Denial of Service Vulnerability in Modicon PLCs via Modbus TCP
Denial of Service Vulnerability in Modicon PLCs via Modbus TCP Memory Block Reading
Privilege Escalation via Uncontrolled Search Path Element in MSX Configurator
CWE-798: Modicon Controllers Hardcoded FTP Credentials Disclosure Vulnerability
Buffer Over-read Vulnerability in FAAD2 2.8.8
Bosch Video Management System (BVMS) and Related Products Vulnerability: Unauthorized Code Execution via Network Interface
Bosch Video Management System (BVMS) Vulnerability: Unauthorized Access and Data Manipulation
Incorrect Access Control in GitLab Community and Enterprise Edition
Improper Access Control Allows Unauthorized Control of Privileged Configurations
Shell Injection Vulnerability in CcspWifiAgent Module
Remote Code Execution Vulnerability in RDKB-20181217-1 CcspPandM Module
Heap-based Buffer Over-read Vulnerability in Service_SetParamStringValue in CcspPandM Module
XSS Vulnerability in i-doit Open 1.12 via qr.php URL Parameter
Excessive Memory Allocation Vulnerability in Bento4 1.5.1-628
AirTies Air5341 1.0.0.12 Devices CSRF Vulnerability in cgi-bin/login
D-Link DVA-5592 20180823 Web Interface XSS Vulnerability
Authentication Bypass Vulnerability in D-Link DVA-5592 20180823 Web Interface
SSRF Vulnerability in Moodle 3.5.x before 3.5.4
Authentication Bypass Vulnerability in TP-Link TL-WR1043ND V2 Devices
Vulnerability: Weak Credentials and Easy Decoding on TP-Link TL-WR1043ND V2 Devices
Vulnerability: Denial of Service in Sricam IP CCTV Cameras
Race condition in kvm_ioctl_create_device in Linux kernel before 4.20.8 leads to use-after-free vulnerability
Uncontrolled Memory Consumption in Django's numberformat.format() Function
Memory Leakage Vulnerability in libvips
Heap-based Buffer Overflow in gdImageColorMatch function in LibGD
Double Free Vulnerability in LibGD 2.2.5
XSS Vulnerability in User IP History Logs Plugin for MyBB
Insecure Object Deserialization Vulnerability in Synacor Zimbra Collaboration Suite IMAP Component
Blind SSRF Vulnerability in Zimbra Collaboration Suite Feed Component
Out-of-Bounds Write Vulnerability in Foxit 3D Plugin Beta
Integer Overflow Vulnerability in Foxit 3D Plugin Beta
Use-After-Free and Type Confusion Vulnerability in Foxit 3D Plugin Beta
Out-of-Bounds Read and Heap Overflow Vulnerability in Foxit 3D Plugin Beta
VIVO Vitro v1.10.0 SPARQL Injection Vulnerability
Denial of Service Vulnerability in OpenJPEG 2.3.0
Stack-based Buffer Overflow in TP-Link TL-WR940N: Remote Code Execution
Stored-Self XSS Vulnerability in ZoneMinder 1.32.3
Stack-based Buffer Overflow in zmLoadUser() Function in ZoneMinder through 1.32.3
Stored-Self XSS Vulnerability in ZoneMinder 1.32.3: Remote Code Execution via controlcaps.php
Incorrect Access Control Allows Commenting on Locked Project Issues
Incorrect Access Control in GitLab Enterprise Edition Allows Project Maintainers to View Membership of Private Groups
Incorrect Access Control Allows Guest Users to View Merge Request Titles
Avaya Aura Conferencing Web UI XSS Vulnerability
SQL Injection Vulnerability in IP Office Contact Center WebUI
SQL Injection Vulnerability in Avaya Control Manager Reporting Component
Cross-Site Scripting (XSS) Vulnerability in IP Office Application Server WebUI Component
Remote Information Disclosure Vulnerability in IP Office Web Interface
Weak Cryptographic Algorithms in Avaya one-X Communicator Client Authentication Component
Directory Traversal Vulnerability in Avaya Equinox Management (iView) Versions R9.1.9.0 and Earlier
Use After Free Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Buffer Errors Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Integer Overflow Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Adobe Acrobat and Reader Privilege Escalation Vulnerability
Untrusted Pointer Dereference Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Untrusted Pointer Dereference Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Untrusted Pointer Dereference Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Untrusted Pointer Dereference Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Untrusted Pointer Dereference Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Type Confusion Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Untrusted Pointer Dereference Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Double Free Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Buffer Errors Vulnerability in Adobe Acrobat and Reader
Type Confusion Vulnerability in Adobe Acrobat and Reader
Type Confusion Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Adobe Acrobat and Reader: Data Leakage Vulnerability
Out-of-Bounds Read Vulnerability in Flash Player Desktop Runtime and Browsers
Deserialization of Untrusted Data Vulnerability in ColdFusion Versions
Cross-Site Scripting Vulnerability in ColdFusion Versions Update 1 and Earlier, Update 7 and Earlier, and Update 15 and Earlier
Insecure Library Loading Vulnerability in Creative Cloud Desktop Application Installer
Heap Corruption Vulnerability in Adobe Photoshop CC 19.1.7 and Earlier, and 20.0.2 and Earlier
Heap Overflow Vulnerability in Adobe Digital Editions 4.5.10.185749 and Below: Arbitrary Code Execution
Use After Free Vulnerability in Adobe Flash Player (Versions 32.0.0.156 and Earlier)
Insecure Protocol Implementation Vulnerability in Adobe Dreamweaver: Potential Sensitive Data Disclosure via SMB Relay Attack
Memory Corruption Vulnerability in Adobe Shockwave Player
Memory Corruption Vulnerability in Adobe Shockwave Player
Memory Corruption Vulnerability in Adobe Shockwave Player
Memory Corruption Vulnerability in Adobe Shockwave Player
Memory Corruption Vulnerability in Adobe Shockwave Player
Memory Corruption Vulnerability in Adobe Shockwave Player
Memory Corruption Vulnerability in Adobe Shockwave Player
Path Traversal Vulnerability in Adobe XD Versions 16.0 and Earlier: Arbitrary Code Execution
Path Traversal Vulnerability in Adobe XD Versions 16.0 and Earlier: Arbitrary Code Execution
Unsafe Hyperlink Processing Vulnerability in Adobe InDesign Versions 14.0.1 and Below
Out-of-Bounds Read Vulnerability in Adobe Flash Player (CVE-2020-3757)
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Type Confusion Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Type Confusion Vulnerability in Adobe Acrobat and Reader
Stored Cross-Site Scripting Vulnerability in Adobe Experience Manager Forms (Versions 6.2, 6.3, and 6.4)
Heap Overflow Vulnerability in Adobe Bridge CC 9.0.2: Remote Code Execution
Type Confusion Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Bridge CC 9.0.2
Out-of-Bounds Read Vulnerability in Adobe Bridge CC 9.0.2
Out-of-Bounds Read Vulnerability in Adobe Bridge CC 9.0.2
Out-of-Bounds Read Vulnerability in Adobe Bridge CC 9.0.2
Use After Free Vulnerability in Adobe Bridge CC 9.0.2: Risk of Information Disclosure
Memory Corruption Vulnerability in Adobe Bridge CC 9.0.2: Risk of Information Disclosure
Out-of-Bounds Read Vulnerability in Adobe Bridge CC 9.0.2
SQL Injection Vulnerability in Magento 2.1, 2.2, and 2.3
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Buffer Over-read Vulnerability in elfutils 0.175
Buffer Over-read Vulnerability in NASM 2.14rc16: Denial-of-Service Exploitation
Denial-of-Service Vulnerability in libelf's read_long_names Function
Heap-based Buffer Over-read Vulnerability in libdw in elfutils 0.175
Segmentation Fault in elf64_xlatetom in elfutils 0.175
NULL Pointer Dereference Vulnerability in Binaryen 1.38.22
Heap-based Buffer Over-read in wasm::WasmBinaryBuilder::processFunctions() in Binaryen 1.38.22
NULL Pointer Dereference in wasm::WasmBinaryBuilder::processFunctions() in Binaryen 1.38.22
Heap-based Buffer Overflow in Binaryen 1.38.22
Incorrect Access Control in GitLab Community and Enterprise Edition 9.x, 10.x, and 11.x before 11.5.8, 11.6.x before 11.6.6, and 11.7.x before 11.7.1: Retention of User Role in Private Group after Removal
Division by Zero Vulnerability in libdoc through 2019-01-28
Incorrect Access Control in OX App Suite 7.10.0 and earlier
Information Exposure in OX App Suite 7.10.1 and earlier
Arbitrary PHP Code Execution Vulnerability in iCMS 7.0.13
Fixed Ciphering Keys in Zoho ManageEngine ADSelfService Plus 5.x Allows for Data Decryption
Unauthenticated Information Disclosure and Product Installation Modification in Zoho ManageEngine ADSelfService Plus 5.6 Build 5607
Authentication Bypass Vulnerability in Alcatel LINKZONE MW40-V-V1.0 MW40_LU_02.00_02 Web Interface
SQLAlchemy: SQL Injection via order_by Parameter
Buffer Overflow Vulnerability in DOSBox 0.74-2 Enables Arbitrary Code Execution
Zcash Counterfeiting Vulnerability: Bypassing Consistency Check in Pre-Sapling Network Upgrade
Stored-Self XSS Vulnerability in Croogo v3.0.5: Remote Code Execution in Blog Field
Stored-Self XSS Vulnerability in Croogo v3.0.5: Execution of HTML/JavaScript Code via Title Field in /admin/menus/menus/edit/3
Stored-Self XSS Vulnerability in Croogo v3.0.5: Execution of HTML/JavaScript Code via Vulnerable Title Field
Stored-Self XSS Vulnerability in Croogo v3.0.5: Execution of HTML/JavaScript Code via Title Field in /admin/blocks/blocks/edit/8
Stored-Self XSS Vulnerability in ATutor v2.2.4
Stored-Self XSS Vulnerability in Croogo v3.0.5: Execute Code via Title Field in /admin/file-manager/attachments/edit/4
Vulnerability: Arbitrary File Operations in Roxy Fileman 1.4.5
Memory leaks in DecodeImage in coders/pcd.c in ImageMagick before 7.0.8-25
Incorrect Access Control Allows Guest Users to Add Reaction Emojis on Inaccessible Comments
Code Injection Vulnerability in Pexip Infinity before 20.1
Privilege Escalation via System Backup Restoration in Pexip Infinity before 20.1
Buffer Overflow Vulnerability in myQNAPcloud Connect 1.3.3.0925 and Earlier: Remote Crash Exploit
Improper Link Resolution Vulnerability Enables Unauthorized Access to System Files
Remote Code Execution Vulnerability in Video Station Allows Injection of Scripts on Administrator's Management Console
Remote Code Execution Vulnerability in Music Station Allows Injection of Malicious Scripts
Improper Access Control Vulnerability in QNAP Photo Station Allows Unauthorized Remote Access
Arbitrary Code Injection Vulnerability in QNAP QTS
External Control of File Name or Path Vulnerability in QNAP Photo Station
External Control of File Name or Path Vulnerability in QNAP Photo Station
Stored Cross-Site Scripting (XSS) Vulnerability in QTS
Command Injection Vulnerability in QNAP QTS and QuTS hero
Unquoted Service Path Vulnerability in QNAP NetBak Replicator
Stored XSS Vulnerability in SmarterTools SmarterMail 16.x before build 6995
Hardcoded Secret Keys in SmarterTools SmarterMail 16.x Allows Unauthorized Access to Emails and File Attachments
Directory Traversal Vulnerability in SmarterTools SmarterMail 16.x
Remote Code Execution Vulnerability in SmarterTools SmarterMail 16.x
Session Cookie Invalidation Vulnerability in Progress Sitefinity 10.1.6536
FileChucker 4.99e-free-e02 File Upload Filter Bypass Vulnerability
User Enumeration Vulnerability in Citrix ShareFile
Downgrade Attack Vulnerability in Citrix ShareFile: Bypassing Two-Factor Authentication
Unauthenticated Reflected XSS Vulnerability in Zarafa Webapp 2.0.1.47791 and Earlier
X-Cart V5 CategoryFilter2 Parameter XSS Vulnerability
Linux Kernel KVM Use-after-Free Vulnerability
Linux Kernel KVM Information Leak Vulnerability
Stored XSS in InvoicePlane 1.5 via invoice_password parameter in Create Invoice option
Undocumented Administrative Accounts with Default Credentials in ABB HMI Components
Unauthenticated Access to Privileged Functions via ABB IDAL HTTP Server CGI Interface
Arbitrary Directory Traversal and Unauthorized Access in ABB IDAL FTP Server
Format String Vulnerability in ABB IDAL HTTP Server
Lack of Encryption and Authenticity Checks in ABB CP635 HMI Firmware Upgrade Methods
Format String Vulnerability in ABB IDAL FTP Server
ABB IDAL FTP Server Buffer Overflow Vulnerability
ABB IDAL HTTP Server Buffer Overflow Vulnerability
NULL Pointer Dereference in doc2text function of catdoc.c
Directory Traversal Vulnerability in idreamsoft iCMS 7.0.13
Arbitrary Directory Deletion Vulnerability in idreamsoft iCMS 7.0.13
Directory Traversal Vulnerability in idreamsoft iCMS 7.0.13
Directory Traversal Vulnerability in idreamsoft iCMS 7.0.13
Incorrect Access Control in Sonatype Nexus Repository Manager before 3.15.0
Arbitrary MSR Write Vulnerability in Moo0 System Monitor 1.83
Arbitrary MSR Write Vulnerability in AIDA64
Arbitrary MSR Write Vulnerability in TechPowerUp GPU-Z
Privilege Escalation via Arbitrary MSR Writes in AMD ATI Diagnostics Hardware Abstraction Sys/Overclocking Utility 5.11.9.0
Privilege Escalation via Arbitrary MSR Writes in AMD OverDrive Driver
Time-to-check-time-to-use vulnerability in Keybase on macOS allows unauthorized tampering of user installs
Stored XSS Vulnerability in Cross Reference Add-on 36 for Google Docs
Integer Signedness Issue in res_pjsip_sdp_rtp Module Allows Remote Crash
Default Credentials in Linear eMerge E3-Series Devices
Directory Traversal Vulnerability in Linear eMerge E3-Series Devices
File Inclusion Vulnerability in Linear eMerge E3-Series Devices
Cross-Site Scripting (XSS) Vulnerability in Linear eMerge E3-Series Devices
Command Injection Vulnerability in Linear eMerge E3-Series Devices
Unrestricted File Upload Vulnerability in Linear eMerge E3-Series Devices
Privilege Escalation Vulnerability in Linear eMerge E3-Series Devices
Authorization Bypass and Information Disclosure Vulnerability in Linear eMerge E3-Series Devices
Cleartext Credentials Vulnerability in Linear eMerge E3-Series Devices
Hard-coded Credentials in Linear eMerge E3-Series Devices
Cross-Site Request Forgery (CSRF) Vulnerability in Linear eMerge E3-Series Devices
Version Control Failure in Linear eMerge E3-Series Devices
Stack-based Buffer Overflow Vulnerability in Linear eMerge E3-Series Devices on ARM Platform
Remote Code Execution Vulnerability in Linear eMerge E3-Series Devices
Authentication Bypass Vulnerability in Linear eMerge 50P/5000P Devices
Cookie Path Traversal Vulnerability in Linear eMerge 50P/5000P Devices
Unauthenticated File Upload Vulnerability in Linear eMerge 50P/5000P Devices
Authenticated Command Injection with Root Code Execution in Linear eMerge 50P/5000P Devices
Cross-Site Request Forgery (CSRF) Vulnerability in Linear eMerge 50P/5000P Devices
Default Credentials in Nortek Linear eMerge 50P/5000P Devices
Username Disclosure Vulnerability in Optergy Proton/Enterprise Devices
Cross-Site Request Forgery (CSRF) Vulnerability in Optergy Proton/Enterprise Devices
Vulnerability: Authenticated File Upload with Root Code Execution in Optergy Proton/Enterprise Devices
Open Redirect Vulnerability in Optergy Proton/Enterprise Devices
Backdoor Console Vulnerability in Optergy Proton/Enterprise Devices Allows Remote Root Code Execution
Unauthenticated Internal Network Information Disclosure in Optergy Proton/Enterprise Devices
Unauthenticated SMS Sending Service in Optergy Proton/Enterprise Devices
Hard-coded Credentials in Optergy Proton/Enterprise Devices
Insufficient Length Session-ID Vulnerability in Prima Systems FlexAir
Unauthenticated Remote Code Execution in Prima Systems FlexAir
Remote Code Execution Vulnerability in NetKit rcp Client
Arbitrary File Overwrite Vulnerability in rcp
S/MIME Signature Spoofing Vulnerability Fixed in iOS 12.2
Use After Free Vulnerability in iOS, tvOS, Safari, iTunes, and iCloud
Elevated Privileges Vulnerability Patched in iOS 12.1.4 and macOS Mojave 10.14.3 Supplemental Update
iOS 12.1.4 Patch: Memory Corruption Vulnerability Allows Arbitrary Code Execution
FaceTime Live Photos Vulnerability Patched in macOS Mojave and iOS 12.1.4
Improper Path Validation Allows Local User to Access Sensitive User Information
Sandbox Circumvention Vulnerability in Shortcuts 2.1.3 for iOS
Denial of Service Vulnerability in AirPort Base Station Firmware
Disclosure of Process Memory Vulnerability
Memory Corruption Vulnerability Allows Local User to Read Kernel Memory
XSS and Remote Command Execution Vulnerability in Typora 0.9.63
XSS and Remote Command Execution Vulnerability in Typora 0.9.64
Command Injection Vulnerability in D-Link DIR-823G Devices
Command Injection Vulnerability in D-Link DIR-823G Devices
Stored XSS Vulnerability in WP Support Plus Responsive Ticket System Plugin 9.1.1 for WordPress
Arbitrary Command Execution in Artica Proxy 3.06.200056
Arbitrary Command Execution Vulnerability in Zen Load Balancer 3.10.1
Vulnerability in Canonical snapd Allows Terminal Character Injection
Arbitrary Command Execution Vulnerability in Canonical snapd
eXtplorer Information Exposure Vulnerability: World-Accessible System Directories Over HTTP
Byobu Apport Hook Vulnerability: Disclosure of Sensitive Information
TOCTTOU vulnerability in Apport allows local attackers to read arbitrary files
Out-of-Bounds Speculation Vulnerability in Linux Kernel's BPF Verifier
Vulnerability: Incorrect Return Value in memcmp Function for x32 Architecture in GNU C Library
Heap-based Buffer Over-read Vulnerability in Poppler 0.73.0
Lack of Encryption in Linksys WRT1900ACS Admin-Auth Cookie Storage Vulnerability
Limited plaintext disclosure vulnerability in PRIMX Zed Enterprise and Zed Pro versions before 6.1.2240 for Windows, before 2.0.199 for Mac, and before 2.0.199 for Linux, and in Zed Free versions before 1.0.195 for Windows, before 1.0.199 for Mac, and before 1.0.199 for Linux.
CRLF Injection in Buildbot's Redirect Parameter Allows Cross-Site Scripting
Use-After-Free Vulnerability in liblivemedia
Directory Traversal Vulnerability in Genie Access WIP3BVAF WISH IP 3MP IR Auto Focus Bullet Camera
SQL Injection Vulnerability in CSS-TRICKS Chat2 (2015-05-05)
Use-after-free vulnerability in libpng's png_image_free in png.c
Privilege Escalation Vulnerability in Cloudera Hue 6.0.0 - 6.1.0
Heap Overflow Vulnerability in Artifex MuPDF 1.14: Uninitialized Variable in fz_load_jpeg Function
Insecure Update Process Allows Arbitrary Code Execution in LightySoft LogMX
XSS Vulnerability in Pagination Sorting of Kanboard before 1.2.8
ZoneMinder 1.32.3 - Reflected Cross Site Scripting (XSS) Vulnerability
ZoneMinder 1.32.3 - Self-Stored Cross Site Scripting (XSS) Vulnerability in Host Parameter
ZoneMinder 1.32.3 Reflected Cross Site Scripting (XSS) Vulnerability
ZoneMinder 1.32.3 Reflected Cross Site Scripting (XSS) Vulnerability
ZoneMinder 1.32.3 Reflected Cross Site Scripting (XSS) Vulnerability
ZoneMinder 1.32.3 Reflected Cross Site Scripting (XSS) Vulnerability
ZoneMinder 1.32.3 - Self-Stored Cross Site Scripting (XSS) in signal check color field
ZoneMinder 1.32.3 Reflected Cross Site Scripting (XSS) Vulnerability in download.php
ZoneMinder 1.32.3 Reflected Cross Site Scripting (XSS) Vulnerability
ZoneMinder 1.32.3 Reflected Cross Site Scripting (XSS) Vulnerability in Exportfile Parameter
ZoneMinder 1.32.3 Self-Stored XSS Vulnerability in 'log' View
Insecure Input Handling in ZoneMinder: Self-Stored Cross-Site Scripting (XSS) Vulnerability
ZoneMinder 1.32.3 Reflected Cross Site Scripting (XSS) Vulnerability in 'events.php'
ZoneMinder 1.32.3 Vulnerability: Self-Stored XSS in 'Group Name' Field
Cross Site Scripting (XSS) Vulnerability in ZoneMinder 1.32.3 via 'level' Parameter in log.php
ZoneMinder 1.32.3 - Cross Site Scripting (XSS) Vulnerability in filter.php
ZoneMinder 1.32.3 - Reflected Cross Site Scripting (XSS) in 'newMonitor[LinkedMonitors]' Parameter
Cross Site Scripting (XSS) Vulnerability in ZoneMinder 1.32.3
ZoneMinder 1.32.3 - Reflected Cross Site Scripting (XSS) in monitor.php
Reflected XSS Vulnerability in ZoneMinder 1.32.3: Unfiltered Execution of HTML/JavaScript Code in 'filter[Name]' Field
ZoneMinder 1.32.3 - Unvalidated Input in 'options.php' Allows Self-Stored XSS
CSRF Vulnerability in ZoneMinder: Bypassing CSRF Check with Try Again Button
TOCTOU Race Condition in ZoneMinder: Persistent Session Access Vulnerability
ZoneMinder 1.32.3 - Self-Stored Cross Site Scripting (XSS) Vulnerability in User View
ZoneMinder 1.32.3 - Reflected Cross Site Scripting (XSS) Vulnerability in monitor.php
Session Fixation Vulnerability in ZoneMinder 1.32.3: Account Hijacking through Cookie Fixation
ZoneMinder Log Injection Vulnerability
ZoneMinder 1.32.3 - Self-Stored Cross Site Scripting (XSS) Vulnerability
Unauthorized Access to Confidential Issue and Merge Request Titles in GitLab
Cross-Site Scripting (XSS) Vulnerability in Subrion CMS v4.2.1 via panel/phrases/ VALUE Parameter
CSRF Vulnerability in Subrion CMS 4.2.1 Allows Remote Activation/Deactivation of Plugins
Heap Overflow Vulnerability in Autodesk Software
Heap Overflow Vulnerability in Autodesk Software
DXF-parsing Use-After-Free Vulnerability in Autodesk Software
Code Execution Vulnerability in Multiple Autodesk Products via Malicious .actm File
Autodesk Design Review DLL Preloading Vulnerability
Autodesk Design Review Use-After-Free Code Execution Vulnerability
DLL Preloading Vulnerability in Autodesk Software: Exploiting AutoCAD's Weaknesses
Autodesk Desktop Application DLL Preloading Vulnerability
Critical Buffer Overflow Vulnerability in Autodesk FBX SDK 2019.5
Shell Command Injection via ISP File Description in Systrome Cumilon Devices
Authenticated Shell Command Injection in Raisecom ISCOM HT803G Series
Authenticated Shell Command Injection in Raisecom ISCOM HT803G Series
Gecko Denial of Service Vulnerability on KaiOS 2.5
Local File Inclusion Vulnerability in Systrome Cumilon ISG-600C, ISG-600H, and ISG-800W Devices
Incorrect Access Control in D-Link DIR-823G Firmware 1.02B03 Allows Unauthorized Access to Client Information
Incorrect Access Control in D-Link DIR-823G Firmware 1.02B03 Allows Unauthorized Router Reset
Remote DNS Hijacking Vulnerability in D-Link DIR-823G Devices
CSRF Vulnerability in ZyXEL VMG3312-B10B DSL-491HNU-B1B v2 Devices
Improper Authentication Vulnerability in CA Privileged Access Manager 3.x Web-UI jk-manager and jk-status
UI Redress Vulnerability in CA Strong Authentication and CA Risk Authentication
Privilege Escalation in CA Strong Authentication and CA Risk Authentication
Memory Leak in WritePSDChannel in ImageMagick
Memory Leak in ReadSIXELImage in ImageMagick
Memory Leaks in WritePDFImage in ImageMagick and GraphicsMagick
Memory Leak in WriteDIBImage in ImageMagick
Man-in-the-Middle Vulnerability in Amazon Fire OS: Exploiting HTTP Requests for Terms of Use and Privacy Pages
Rukovoditel before 2.4.1 Vulnerability: Cross-Site Scripting (XSS)
Heap-based Buffer Overflow in NGINX Unit Router Process
XSS and CSRF Vulnerability in PHPMyWind 5.5 via GetQQ Function
Arbitrary Folder Deletion Vulnerability in PHPMyWind 5.5
Unauthenticated Log File Disclosure Vulnerability on LG GAMP-7100, GAPM-7200, and GAPM-8000 Routers
Multiple Cross-Site Scripting (XSS) Vulnerabilities in ProfileDesign CMS v6.0.2.5
Stored Cross Site Scripting (XSS) Vulnerability in Galileo CMS v0.042 via $page_title Field
Stored Cross-Site Scripting (XSS) Vulnerabilities in MyThemeShop Launcher Plugin 1.0.8 for WordPress
Input Sanitization Vulnerability in PS PHPCaptcha WP Plugin
XSS Vulnerability in Parallax Scroll Plugin for WordPress
OpenText Documentum Webtop 5.3 SP2 - XSS and Client Side URL Redirect Vulnerability in startat Parameter
Cross-Site Scripting (XSS) Vulnerability in Ericsson Active Library Explorer (ALEX) 14.3
Cross-Site Scripting (XSS) Vulnerability in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015
Cross-Site Scripting (XSS) Vulnerability in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015
Cross-Site Scripting (XSS) Vulnerability in SAMSUNG X7400GX SyncThru Web Service
Cross-Site Scripting (XSS) Vulnerability in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015
Cross-Site Scripting (XSS) Vulnerability in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2
Cross-Site Scripting (XSS) Vulnerability in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2
Cross-Site Scripting (XSS) Vulnerability in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2
Cross-Site Scripting (XSS) Vulnerability in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2
Cross-Site Scripting (XSS) Vulnerability in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2
Cross-Site Scripting (XSS) Vulnerability in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2
Directory Traversal Vulnerability in PHP Scripts Mall Property Rental Software 2.1.4
HTML Injection Vulnerability in PHP Scripts Mall Image Sharing Script 1.3.4 via Search Bar
Directory Traversal Vulnerability in PHP Scripts Mall Image Sharing Script 1.3.4
HTML Injection Vulnerability in Rental Bike Script 2.0.3 - Profile Edit Section (STREET Field)
Cross-Site Request Forgery (CSRF) Vulnerability in Rental Bike Script 2.0.3
Directory Traversal Vulnerability in PHP Scripts Mall Rental Bike Script 2.0.3
Reflected HTML Injection Vulnerability in PHP Scripts Mall Opensource Classified Ads Script 3.2.2
Directory Traversal Vulnerability in PHP Scripts Mall Opensource Classified Ads Script 3.2.2
Reflected Cross-Site Scripting (XSS) Vulnerability in PHP Scripts Mall Opensource Classified Ads Script 3.2.2
XSS and HTML Injection Vulnerability in JioFi 4G M2S 1.0.2 - cgi-bin/qcmap_web_cgi
DoS Vulnerability in JioFi 4G M2S 1.0.2: Hang via mask POST Parameter in cgi-bin/qcmap_web_cgi
CSRF Vulnerability in JioFi 4G M2S 1.0.2 Devices via Edit Wi-Fi Settings
Parameter Tampering Vulnerability in WooCommerce PayPal Checkout Payment Gateway Plugin 1.6.8
XML External Entity (XXE) Vulnerability in CyberArk Enterprise Password Vault <=10.7 Allows Arbitrary File Reading and Authentication Bypass
Arbitrary Type Parameter Vulnerability in KDE KAuth
Unstable State Vulnerability in SonicWall SonicOS and SonicOSv
Unprivileged User Access to Advanced Routing Services in SonicWall SonicOS and SonicOSv
SonicWall Global Management System (GMS) SSH Key Access Vulnerability
SonicWall SonicOS and SonicOSv TLS CBC Cipher Vulnerability
Unauthenticated SQL Injection Vulnerability in GMS Webservice Module
SonicOS Privilege Escalation Vulnerability
Unauthenticated Read-Only Access Vulnerability in SonicWall SMA100 (Version 9.0.0.3 and Earlier)
SonicWall SMA100 Stack-Based Buffer Overflow Vulnerability
Unauthenticated Directory Traversal Vulnerability in SonicWall SMA100's handleWAFRedirect CGI
Authenticated SQL Injection in SonicWall SMA100: Unauthorized Read-Only Access via viewcacert CGI Script
Buffer Overflow in SonicWall SMA100 DEARegister CGI Script
Arbitrary Code Execution Vulnerability in SonicWall SMA100 (CVE-2021-20016)
SonicOS SSLVPN NACagent 3.5 Windows Autorun Path Vulnerability
Default Password Vulnerability in SonicWall Email Security Appliance Allows Unauthorized Access to Database
Remote Code Execution Vulnerability in SonicWall Email Security Appliance
Buffer Overflow Vulnerability in Dovecot Indexer-Worker Process
Full Path Disclosure and PHP Backend Identification Vulnerability in Gurock TestRail 5.3.0.3603
Arbitrary Command Execution Vulnerability in Donfig 0.3.0
Critical Code Injection Vulnerability in ipycache (2016-05-31)
Cross-Site Scripting (XSS) Vulnerability in Rukovoditel 2.4.1
Reflected XSS Vulnerability in KindEditor 4.1.11's php/demo.php Content1 Parameter
Stored XSS Vulnerability in User Name Field of MyWebSQL User Manager
Stored Cross-site Scripting (XSS) Vulnerability in User Name Field of DbNinja 3.2.7's Add Host Function
Reflected XSS Vulnerability in SIDU 6.0's conn.php Page
Stored XSS Vulnerability in SIDU 6.0 via Unfiltered Database Name Input
SQLAlchemy 1.2.17 Group_by Parameter SQL Injection Vulnerability
Unauthorized Access to Job Information in GitLab Pipelines
User Enumeration Vulnerability in JForum 2.1.8
Cross-Site Scripting (XSS) Vulnerability in Cantemo Portal Versions 3.2.13, 3.3.x, and 3.4.x
Stored XSS Vulnerability in Investment MLM Software 2.0.2
Stored XSS in Profile Update Page via My Name Field
Reflected XSS Vulnerability in PHP Scripts Mall API Based Travel Booking 3.4.7
Out of Bounds Write Vulnerability in btor2parser.c in Boolector Btor2Tools
Use After Free Vulnerability in Boolector 3.0.0
Unauthenticated Password Reset Vulnerability in Shenzhen Coship WM3300 WiFi Router 5.0.0.55
CSZ CMS 1.1.8 CSRF Vulnerability in admin/users/new/add
Cross-Site Scripting (XSS) Vulnerability in Waimai Super Cms 20150505
Time-Based Blind SQL Injection in baijiacms V4 via cate Parameter
CSRF Vulnerability Allows Unauthorized Creation of Super Administrator Account in DOYO CMS
CSRF Vulnerability in PbootCMS v1.3.6 Allows Unauthorized User Deletion
Buffer Over-read Vulnerability in SDL_wave.c
Heap-Based Buffer Over-read Vulnerability in SDL (Simple DirectMedia Layer)
Heap-Based Buffer Over-read Vulnerability in SDL's IMA_ADPCM_decode Function
Heap-Based Buffer Overflow in SDL's MS_ADPCM_decode Function
Heap-Based Buffer Over-read Vulnerability in SDL (Simple DirectMedia Layer)
Buffer Over-read Vulnerability in SDL_LoadWAV_RW in SDL
Heap-Based Buffer Over-read Vulnerability in SDL's InitIMA_ADPCM Function
Unauthenticated Access to Confidential Setup File on Linksys WRT1900ACS Routers
Arbitrary PHP Code Execution in ThinkCMF 5.0.190111 via Alias Parameter Injection
Memory Allocation Failure Vulnerability in libming through 0.4.8
Memory Allocation Failure Vulnerability in libming through 0.4.8
Time-Based SQL Injection in Waimai Super Cms 20150505
SQL Injection Vulnerability in Bo-blog Wind through 1.6.0-r
Privilege Escalation Vulnerability in exacqVision ESM v5.12.2 and Prior Versions
SmartService API Service Unauthorized Code Execution Vulnerability
Unquoted Service Path Privilege Escalation in ExacqVision Server 9.6 and 9.8
Shared RSA Key Pair Vulnerability in Metasys® ADS/ADX Servers and NAE/NIE/NCE Engines
Hardcoded RC2 Key Vulnerability in Metasys® ADS/ADX Servers and NAE/NIE/NCE Engines
Cross-Site Scripting (XSS) Vulnerability in Kibana Versions Before 5.6.15 and 6.6.1
Arbitrary Code Execution Vulnerability in Kibana Timelion Visualizer
Arbitrary Code Execution Vulnerability in Kibana Security Audit Logger
Permission Bypass Vulnerability in Elasticsearch
Logstash Sensitive Data Disclosure Vulnerability
Insufficient Logging Vulnerability in Winlogbeat
Race Condition Vulnerability in Elasticsearch Versions Before 7.2.1 and 6.8.2 Allows Unauthorized Access to Response Headers
TLS Certificate Validation Flaw in Elastic APM Agent for Ruby: Man-in-the-Middle Attack Vulnerability
Server Side Request Forgery (SSRF) Vulnerability in Kibana's Timelion Visualizer Integration
Variable Name Clash Vulnerability in Elastic APM Agent for Python
Local File Disclosure Vulnerability in Elastic Code
Username Disclosure Vulnerability in Elasticsearch API Key Service
Logstash Beats Input Plugin Denial of Service Vulnerability
Cross-Site Scripting (XSS) Vulnerability in Kibana Coordinate and Region Map Visualizations
API Key Leakage via Insecure E-mail Communication in Pagure 5.2
Arbitrary Code Execution via Stack-based Buffer Overflow in TinTin++ 2.01.6 and WinTin++ 2.01.6
Arbitrary MSR Writes Vulnerability in Gigabyte APP Center
Authenticated Remote OS Command Injection in LifeSize Devices
XSS Vulnerability in SUAP V2 User Information Update
Heap-Based Buffer Over-read Vulnerability in SDL's Blit1to4 Function
Heap-Based Buffer Over-read in SDL_GetRGB in SDL
Heap-Based Buffer Overflow in SDL_FillRect in SDL_Surface.c
Heap-Based Buffer Over-Read Vulnerability in SDL's Map1toN Function
Authentication Bypass Vulnerability in gsi-openssh-server 7.9p1
Unauthenticated Access to DNS and Login Logs in D-Link mydlink Routers
JWT Signature Leakage in Auth0-WCF-Service-JWT before 1.0.4
Stored/Persistent XSS Vulnerability in CentOS Web Panel (CWP) through 0.9.8.763
Insecure Password Storage in Hotels_Server through 2018-11-05
Weak Password Hashing Algorithm in CMSWing 1.3.7
ACL Bypass Vulnerability in Emsisoft Anti-Malware (CVE-2018-XXXX)
SSRF Vulnerability in TheHive Project UnshortenLink Analyzer
Code Injection Vulnerability in Debian python-rdflib-tools 4.2.2-1 Package
CSRF Vulnerabilities in Wowza Streaming Engine 4.8.0 and Earlier
Multiple Authenticated XSS Vulnerabilities in Wowza Streaming Engine 4.8.0 and Earlier
Privilege Escalation Vulnerability in Wowza Streaming Engine 4.8.0 and Earlier
Denial of Service Vulnerability in Genivia gSOAP Libraries with -DWITH_COOKIES Flag
Stored Cross-site Scripting (XSS) Vulnerability in PHPMyWind 5.5
Reflected Cross-site Scripting (XSS) Vulnerability in PHPMyWind 5.5
Denial of Service Vulnerability in Binaryen 1.38.22
Invalid Address Dereference in LibTIFF 4.0.10: Remote Denial-of-Service Vulnerability
Denial of Service Vulnerability in elfutils 0.175: Negative-Sized memcpy in elf_cvt_note
Heap-based Buffer Over-read in elf32_xlatetom.c in libelf
Improper Authentication in Prima Systems FlexAir, Versions 2.3.38 and prior
Predictable Database Backup File Name Vulnerability in Prima Systems FlexAir
Default Credentials Vulnerability in Prima Systems FlexAir Devices
Arbitrary File Upload Vulnerability in Prima Systems FlexAir
Command Injection Vulnerability in Prima Systems FlexAir, Versions 2.3.38 and prior
Arbitrary Code Execution Vulnerability in Prima Systems FlexAir
Hard-coded Username and Password Vulnerability in Prima Systems FlexAir
Insecure Storage of Administrator Credentials in MOBOTIX S14 MX-V4.2.1.61 Devices
Insecure Password Setting Vulnerability on MOBOTIX S14 MX-V4.2.1.61 Devices
Cleartext HTTP and Basic Authentication Vulnerability on MOBOTIX S14 MX-V4.2.1.61 Devices
Enphase Envoy R3.*.* Weak Password Vulnerability
Cross-Site Scripting (XSS) Vulnerability in Enphase Envoy R3.*.* via profileName Parameter
Directory Traversal Vulnerability in Enphase Envoy R3.*.* via TCP Port 8888
Vulnerability: Arbitrary File Upload via fileType Parameter
Reflected XSS Vulnerability in JioFi 4 jmr1140 Amtel_JMR1140_R12.07 Devices
Vulnerability: Passwordless Authentication with Password Protected SSH Private Key in MobaTek MobaXterm Personal Edition v11.1 Build 3860
Arbitrary PHP Code Execution via install/install.php in CIM 0.9.3
XSS Vulnerability in Axios Italia Axios RE 1.7.0/7.0.0 Devices via RELogOff.aspx Error_Parameters Parameter
Denial of Service Vulnerability in Bento4 v1.5.1-627
Memory Allocation Vulnerability in AP4_Array<AP4_CttsTableEntry>::EnsureCapacity in Bento4 1.5.1-627
Heap-based Buffer Over-read Vulnerability in AP4_BitStream::WriteBytes in Bento4 v1.5.1-627
Heap-based Buffer Over-read Vulnerability in Binaryen 1.38.22
Heap-based Buffer Over-read in wasm::SExpressionParser::skipWhitespace() in Binaryen 1.38.22
NULL Pointer Dereference Vulnerability in Binaryen 1.38.22
Use-after-free vulnerability in Binaryen 1.38.22 allows remote attackers to cause denial-of-service via a crafted wasm file
Excessive Memory Allocation Vulnerability in Binaryen 1.38.22
Information Leak in Interpeak IPCOMShell TELNET Server on Green Hills INTEGRITY RTOS 5.0.4
Format String Vulnerability in handler_ipcom_shell_pwd in Interpeak IPCOMShell TELNET Server on Green Hills INTEGRITY RTOS 5.0.4
Heap-based Buffer Overflow in Interpeak IPCOMShell TELNET Server on Green Hills INTEGRITY RTOS 5.0.4
Stack-based Buffer Overflow in Interpeak IPWEBS on Green Hills INTEGRITY RTOS 5.0.4
Format String Vulnerability in Interpeak IPCOMShell TELNET Server on Green Hills INTEGRITY RTOS 5.0.4
Race Condition Vulnerability in Metinfo 6.x Database Backup Function
Eval Injection Vulnerability in Nibbleblog 4.0.5 via install.php Username Parameter
Eval Injection Vulnerability in Taocms (through 2014-05-24) via install.php db_name Parameter
Arbitrary PHP File Upload Vulnerability in nc-cms 3.5
XML External Entity (XXE) Vulnerability in PMD 5.8.1 and Earlier
Untrusted nvloginhash Cookie Deserialization Vulnerability in NukeViet
SQL Injection Vulnerability in NukeViet's click.php Module
Unauthenticated Remote Code Execution via JMX/RMI Interface in NICE Engage through 6.5
Improper TLS Certificate Checks in Bosch Smart Camera App for Android
Insecure Permissions Allow Unauthorized Access to Cached Video Clips and Images in Bosch Smart Camera App for Android
Cross-Site Request Forgery (CSRF) Vulnerability in MyWebSQL 3.7 for Database Deletion
Remote Code Execution Vulnerability in MyWebSQL 3.7 via Backup Database Function
Memory Leak Vulnerability in Live555 0.95: DoS Exploitation via Setup Packet
Buffer Overflow Vulnerability in Live555 0.95 via Content-Length HTTP Header
Authentication Bypass Vulnerability in D-Link DIR-600M C1 3.04 Devices
CSRF Vulnerability in Verydows v2.0 Allows Unauthorized Admin Account Addition
CSRF Vulnerability in C.P.Sub before 5.3 via manage.php?p=article_del&id= URI
Vulnerability: Lack of Explanation for No Filtering Textfilter Override in Joomla
Cross-Site Scripting (XSS) Vulnerability in Joomla! before 3.9.3
Stored XSS Vulnerability in Joomla! before 3.9.3
Cross-Site Scripting (XSS) Vulnerability in Joomla! before 3.9.3
Vulnerability: Object Injection via phar:// Stream Wrapper in Joomla!
Cross-Site Scripting (XSS) Vulnerability in Joomla! Core Components
JioFi 4 jmr1140 Amtel_JMR1140_R12.07: Remote Wi-Fi Password Disclosure Vulnerability
JioFi 4 jmr1140 Amtel_JMR1140_R12.07 - Remote Admin Token Disclosure Vulnerability
Session Fixation Vulnerability in DbNinja 3.2.7 via data.php sessid Parameter
XSS Vulnerability in DbNinja 3.2.7 via data.php Task Parameter
Directory Traversal and Local File Inclusion Vulnerability in Ricoh MarcomCentral's FPProducerInternetServer.exe
XSS Vulnerability in Verydows 2.0 via index.php?m=api&c=stats&a=count Referrer Parameter
SQL Injection Vulnerability in webERP 4.15 Import Bank Transactions Function
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Adobe Acrobat and Reader Security Bypass Vulnerability
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Double Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Adobe Acrobat and Reader Data Leakage Vulnerability
Arbitrary Code Execution Vulnerability in ColdFusion File Upload Restriction Bypass
Use After Free Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat Reader Allows Memory Disclosure
Type Confusion Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Buffer Error Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Flash Player (CVE-2020-9633)
Arbitrary Code Execution Vulnerability in ColdFusion Versions Update 3 and Earlier, Update 10 and Earlier, and Update 18 and Earlier
Command Injection Vulnerability in ColdFusion Versions: Update 3 and Earlier, Update 10 and Earlier, and Update 18 and Earlier
Deserialization of Untrusted Data Vulnerability in ColdFusion Versions: Update 3 and Earlier, Update 10 and Earlier, and Update 18 and Earlier
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Use-After-Free Vulnerability in Adobe Media Encoder 13.0.2 Allows Remote Code Execution
Insufficient Input Validation Vulnerability in Adobe Campaign Classic
Out-of-Bounds Read Vulnerability in Adobe Media Encoder 13.0.2
Use After Free Vulnerability in Adobe Flash Player (CVE-2019-7845)
Improper Error Handling Vulnerability in Adobe Campaign Classic 18.10.5-8984 and Earlier Versions
Adobe Campaign Classic XXE Vulnerability
Inadequate Access Control Vulnerability in Adobe Campaign Classic Versions 18.10.5-8984 and Earlier
Inadequate Session Validation Handling Vulnerability in Magento
Command Injection Vulnerability in Adobe Campaign Classic (CVE-2020-9735)
Unintended Data Deletion Vulnerability in Magento 2.x
Path Disclosure Vulnerability in Magento 2.x Prior to 2.3.2
Stored Cross-Site Scripting Vulnerability in Magento Admin Panel
Unauthorized Disclosure of Company Credit History Details in Magento 2.x
Gift Card Generation Invariant Discovery Vulnerability in Magento 2.x
Insufficient Anti-CSRF Token Implementation in Magento 2.x: Cart Manipulation Vulnerability
Insecure Cryptographic Storage in Magento 2.x
Path Traversal Vulnerability in Magento WYSIWYG Editor Allows Unauthorized Access to Uploaded Images
Cryptographically Weak Pseudo-Random Number Generator Vulnerability in Magento 2.x
File Upload Bypass Vulnerability in Magento 2.x
Reflected Cross-Site Scripting Vulnerability in Magento 2.x Product Widget Chooser
Stored Cross-Site Scripting Vulnerability in Magento Admin Panel
Insecure Direct Object Reference (IDOR) Vulnerability in Magento RSS Feeds
CSRF Vulnerability in Magento Checkout Cart Item
Stored Cross-Site Scripting Vulnerability in Magento 2 Admin Panel
Stored Cross-Site Scripting Vulnerability in Magento Admin Panel
Stored Cross-Site Scripting Vulnerability in Magento Admin Panel
Stored Cross-Site Scripting Vulnerability in Magento 2.x Admin Panel
Insecure Library Loading (DLL Hijacking) Vulnerability in Adobe Character Animator
Arbitrary PHP Code Execution Vulnerability in Magento 2.x
Insecure Direct Object Reference (IDOR) Vulnerability in Magento 2.x
Cross-Site Request Forgery Vulnerability in Magento 2.1, 2.2, and 2.3
Unintended User Role Deletion Vulnerability in Magento 2.x
Stored Cross-Site Scripting Vulnerability in Magento Admin Panel
Remote Code Execution Vulnerability in Magento 2.x
Stored Cross-Site Scripting Vulnerability in Magento 2.x Admin Panel
Stored Cross-Site Scripting Vulnerability in Magento 2.x Admin Panel
Cross-Site Scripting Mitigation Bypass in Magento 2.1, 2.2, and 2.3
Stored Cross-Site Scripting Vulnerability in Magento WYSIWYG Editor
Remote Code Execution Vulnerability in Magento 2.x Elastic Search Module
Weak Cryptographic Initialization Vector Generation in Magento 2.x
Reflected Cross-Site Scripting Vulnerability in Magento Admin Panel
Information Disclosure Vulnerability in Magento 2.x: Privileged User Email Template Data Leak
Authenticated User Injection Vulnerability in Magento
Unauthorized Access to Order Details in Magento 2.x
Arbitrary Code Execution via Server-Side Request Forgery in Magento
Arbitrary Code Execution through Crafted XML Layout Update in Magento 2.x
Arbitrary Code Execution via Product Import in Magento 2.x
Stored Cross-Site Scripting Vulnerability in Magento Admin Panel
Inadequate Validation of User Input in Magento Allows Access to Disabled Downloadable Products
Inadequate Validation of User Input in Magento: Disclosure of Disabled Downloadable Product Names
Arbitrary Code Execution via Email Template Preview in Magento 2.x
User Access Control Vulnerability in Magento 2.1, 2.2, and 2.3
Stored Cross-Site Scripting Vulnerability in Magento Admin Panel
Stored Cross-Site Scripting Vulnerability in Magento Admin Panel
Server-side Request Forgery (SSRF) Vulnerability in Magento
File Upload Filter Bypass in Magento 2.x
SSRF Vulnerability in Magento 2.x: Arbitrary Code Execution via Shipment Method Manipulation
Denial-of-Service Vulnerability in Magento Full Page Cache
Stored Cross-Site Scripting Vulnerability in Magento 2.x Product Catalog Form
Server-side Request Forgery (SSRF) Vulnerability in Magento 2.1, 2.2, and 2.3
Insecure Direct Object Reference (IDOR) Vulnerability in Magento 2.1, 2.2, and 2.3
Stored Cross-Site Scripting Vulnerability in Magento 2.x Admin Panel
Stored Cross-Site Scripting Vulnerability in Magento 2.x Admin Panel
Denial-of-Service (DoS) Vulnerability in Magento's PayPal Integration
Authenticated User Metadata Leakage Vulnerability in Magento 2.x
File Upload Restriction Bypass in Magento 2.x
Insecure Library Loading (DLL Hijacking) Vulnerability in Adobe Premiere Pro CC Versions 13.1.2 and Earlier
Arbitrary PHP Code Execution via Malicious Sitemap in Magento
Stored Cross-Site Scripting Vulnerability in Magento Admin Panel
Stored Cross-Site Scripting Vulnerability in Magento Admin Panel
Stored Cross-Site Scripting Vulnerability in Magento 2.x Admin Panel
Stored Cross-Site Scripting Vulnerability in Magento 2.x Admin Panel
Stored Cross-Site Scripting Vulnerability in Magento Admin Panel
Reflected Cross-Site Scripting Vulnerability in Magento 2.x
Stored Cross-Site Scripting Vulnerability in Magento Admin Panel
Adobe Campaign Classic Information Exposure Through Error Message Vulnerability
Arbitrary Code Execution via Malicious XML Layout Updates in Magento 2.x
Stored Cross-Site Scripting Vulnerability in Magento Open Source and Magento Commerce
Stored Cross-Site Scripting Vulnerability in Magento Versions Prior to 2.3.2
Cross-Site Request Forgery Vulnerability in Magento GiftCardAccount Removal Feature
Access Control Bypass Vulnerability in Magento 2.1, 2.2, and 2.3
SOAP Web Service Information Leakage Vulnerability in Magento
Cross-Site Request Forgery Vulnerability in Adobe Experience Manager 6.4 and Earlier
Stored Cross-site Scripting Vulnerability in Adobe Experience Manager 6.4 and Earlier: Risk of Sensitive Information Disclosure
Reflected Cross-site Scripting Vulnerability in Adobe Experience Manager 6.4 and Earlier
Insecure Library Loading (DLL Hijacking) Vulnerability in Adobe Dreamweaver
Security Bypass Vulnerability in Creative Cloud Desktop Application 4.6.1 and Earlier: Risk of Denial of Service
Insecure Inherited Permissions Vulnerability in Creative Cloud Desktop Application: Privilege Escalation Risk
Arbitrary Code Execution Vulnerability in Creative Cloud Desktop Application
Insecure Library Loading (DLL Hijacking) Vulnerability in Adobe Animate CC Versions 19.2.1 and Earlier
Insecure Library Loading (DLL Hijacking) Vulnerability in Adobe Prelude CC Versions 8.1 and Earlier
Insecure Library Loading (DLL Hijacking) Vulnerability in Adobe Illustrator CC Versions 23.1 and Earlier
Out of Bound Read Vulnerability in Adobe Bridge CC 9.0.2 and Earlier Versions
Authentication Bypass Vulnerability in Adobe Experience Manager Versions 6.5 and 6.4 Leading to Remote Code Execution
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Command Injection Vulnerability in Adobe Photoshop CC
Type Confusion Vulnerability in Adobe Photoshop CC: Arbitrary Code Execution
Type Confusion Vulnerability in Adobe Photoshop CC: Arbitrary Code Execution
Type Confusion Vulnerability in Adobe Photoshop CC: Arbitrary Code Execution
Type Confusion Vulnerability in Adobe Photoshop CC: Arbitrary Code Execution
Type Confusion Vulnerability in Adobe Photoshop CC: Arbitrary Code Execution
Type Confusion Vulnerability in Adobe Photoshop CC: Arbitrary Code Execution
Type Confusion Vulnerability in Adobe Photoshop CC: Arbitrary Code Execution
Out of Bound Write Vulnerability in Adobe Photoshop CC Versions 19.1.8 and Earlier and 20.0.5 and Earlier
Out of Bound Read Vulnerability in Adobe Photoshop CC Versions 19.1.8 and Earlier and 20.0.5 and Earlier
Heap Overflow Vulnerability in Adobe Photoshop CC Versions 19.1.8 and Earlier and 20.0.5 and Earlier
Out of Bound Write Vulnerability in Adobe Photoshop CC Versions 19.1.8 and Earlier and 20.0.5 and Earlier
Type Confusion Vulnerability in Adobe Photoshop CC: Arbitrary Code Execution
Out of Bound Read Vulnerability in Adobe Photoshop CC Versions 19.1.8 and Earlier and 20.0.5 and Earlier
Out of Bound Write Vulnerability in Adobe Photoshop CC Versions 19.1.8 and Earlier and 20.0.5 and Earlier
Out of Bound Write Vulnerability in Adobe Photoshop CC Versions 19.1.8 and Earlier and 20.0.5 and Earlier
Out of Bound Write Vulnerability in Adobe Photoshop CC Versions 19.1.8 and Earlier and 20.0.5 and Earlier
Heap Overflow Vulnerability in Adobe Photoshop CC Versions 19.1.8 and Earlier and 20.0.5 and Earlier
Out of Bound Write Vulnerability in Adobe Photoshop CC Versions 19.1.8 and Earlier and 20.0.5 and Earlier
Out of Bound Read Vulnerability in Adobe Photoshop CC Versions 19.1.8 and Earlier and 20.0.5 and Earlier
Out of Bound Write Vulnerability in Adobe Photoshop CC Versions 19.1.8 and Earlier and 20.0.5 and Earlier
Command Injection Vulnerability in Adobe Photoshop CC
Heap Overflow Vulnerability in Adobe Photoshop CC Versions 19.1.8 and Earlier and 20.0.5 and Earlier
Out of Bound Read Vulnerability in Adobe Photoshop CC Versions 19.1.8 and Earlier and 20.0.5 and Earlier
Out of Bound Write Vulnerability in Adobe Photoshop CC Versions 19.1.8 and Earlier and 20.0.5 and Earlier
Heap Overflow Vulnerability in Adobe Photoshop CC Versions 19.1.8 and Earlier and 20.0.5 and Earlier
Out of Bound Write Vulnerability in Adobe Photoshop CC Versions 19.1.8 and Earlier and 20.0.5 and Earlier
Out of Bound Read Vulnerability in Adobe Photoshop CC Versions 19.1.8 and Earlier and 20.0.5 and Earlier
Out of Bound Read Vulnerability in Adobe Photoshop CC Versions 19.1.8 and Earlier and 20.0.5 and Earlier
Out of Bound Write Vulnerability in Adobe Photoshop CC Versions 19.1.8 and Earlier and 20.0.5 and Earlier
Out of Bound Write Vulnerability in Adobe Photoshop CC Versions 19.1.8 and Earlier and 20.0.5 and Earlier
Out of Bound Read Vulnerability in Adobe Photoshop CC Versions 19.1.8 and Earlier and 20.0.5 and Earlier
Out of Bound Read Vulnerability in Adobe Photoshop CC Versions 19.1.8 and Earlier and 20.0.5 and Earlier
Out of Bound Write Vulnerability in Adobe Photoshop CC Versions 19.1.8 and Earlier and 20.0.5 and Earlier
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Untrusted Pointer Dereference Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Untrusted Pointer Dereference Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Type Confusion Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Double Free Vulnerability in Adobe Acrobat and Reader
Untrusted Pointer Dereference Vulnerability in Adobe Acrobat and Reader
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Buffer Error Vulnerability in Adobe Acrobat and Reader
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Adobe Acrobat and Reader Command Injection Vulnerability
Use After Free Vulnerability in Adobe Acrobat and Reader
Insecure Library Loading Vulnerability in Adobe After Effects Versions 16 and Earlier
Insecure Transmission of Sensitive Data in Creative Cloud Desktop Application 4.6.1 and Earlier Versions
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Same Origin Method Execution Vulnerability in Adobe Flash Player
Use After Free Vulnerability in Adobe Flash Player (CVE-2019-8070)
Insecure File Permissions Vulnerability in Adobe Download Manager 2.0.0.363
ColdFusion Security Bypass Vulnerability: Information Disclosure Risk
Command Injection Vulnerability in ColdFusion 2018 and 2016
Path Traversal Vulnerability in ColdFusion 2018 and 2016
Same Origin Policy Bypass Vulnerability in Adobe Flash Player (CVE-2019-7845)
Insecure Library Loading (DLL Hijacking) Vulnerability in Adobe Application Manager Installer Version 10.0
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Reflected Cross Site Scripting Vulnerability in Adobe Experience Manager Versions 6.4, 6.3, and 6.2
Stored Cross Site Scripting Vulnerability in Adobe Experience Manager Versions 6.0-6.4
Stored Cross Site Scripting Vulnerability in Adobe Experience Manager 6.4 and 6.3: Risk of Privilege Escalation
Authentication Bypass Vulnerability in Adobe Experience Manager Versions 6.5, 6.4, 6.3, and 6.2
XML External Entity (XXE) Injection Vulnerability in Adobe Experience Manager (AEM) Versions 6.4, 6.3, and 6.2
Cross-Site Scripting Vulnerability in Adobe Experience Manager Versions 6.5, 6.4, and 6.3: Risk of Sensitive Information Disclosure
Reflected Cross Site Scripting Vulnerability in Adobe Experience Manager Versions 6.2-6.5
Reflected Cross Site Scripting Vulnerability in Adobe Experience Manager Versions 6.2-6.5
XML External Entity (XXE) Injection Vulnerability in Adobe Experience Manager Versions 6.5, 6.4, 6.3, and 6.2
XML External Entity (XXE) Injection Vulnerability in Adobe Experience Manager Versions 6.5, 6.4, 6.3, and 6.2
Command Injection Vulnerability in Adobe Experience Manager Versions 6.2-6.5
Reflected Cross-Site Scripting Vulnerability in Adobe Experience Manager Forms 6.3-6.5
Arbitrary File Deletion Vulnerability in Magento 2.x
Remote Code Execution via Product Attribute Layout Updates in Magento 1
Reflected Cross-Site Scripting (XSS) Vulnerability in Magento 2.2 and 2.3
Arbitrary File Access Vulnerability in Magento 2.2 and 2.3
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Internal IP Disclosure Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Integer Overflow Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Integer Overflow Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Arbitrary File Deletion Vulnerability in Magento 2.2 and 2.3
Insecure Authentication and Session Management Vulnerability in Magento 2.2 and 2.3
Arbitrary Command Execution via CSRF in Magento 2.2 and 2.3
Remote Code Execution Vulnerability in Magento 2.2 and 2.3
Magento 2.2 and 2.3 Remote Code Execution Vulnerability
Email Confirmation Bypass Vulnerability in Magento 2.2 and 2.3
Weak Random Number Generator in Magento 2.2 and 2.3 for Customer Registration Confirmation Code
Arbitrary Code Execution via Crafted Configuration Archive File Upload in Magento
Reflected Cross-Site Scripting (XSS) Vulnerability in Magento 2.2 and 2.3
Insecure Authentication and Session Management Vulnerability in Magento 2.2 and 2.3
Stored Cross-Site Scripting (XSS) Vulnerability in Magento 2.2 and 2.3
Weak Cryptographic Function Used for Storing Failed Login Attempts in Magento
Remote Code Execution Vulnerability in Magento 2.x through Bulk Product Import
Stored Cross-Site Scripting (XSS) Vulnerability in Magento 2.1, 2.2, and 2.3
Outdated JS Libraries with Security Vulnerabilities in Magento 2.x
Remote Code Execution Vulnerability in Magento 2.x
Insufficient Logging and Monitoring Vulnerability in Magento
Insufficient Logging and Monitoring Vulnerability in Magento 2.x
Remote Code Execution via Crafted Support Configuration in Magento 1.x
XML Entity Injection Vulnerability in Magento 2.2 and 2.3
SQL Injection Vulnerability in Magento 2.2 and 2.3 Allows Privilege Escalation
Stored Cross-Site Scripting (XSS) Vulnerability in Magento 2.2 and 2.3
Stored Cross-Site Scripting (XSS) Vulnerability in Magento 2.2 and 2.3
SQL Injection Vulnerability in Magento 2.2 and 2.3
Stored Cross-Site Scripting (XSS) Vulnerability in Magento 2.2 and 2.3
Stored Cross-Site Scripting (XSS) Vulnerability in Magento 2.2 and 2.3
Magento 2.2 and 2.3 Security Bypass Vulnerability
SQL Injection Vulnerability in Magento 2.2 and 2.3
Remote Code Execution Vulnerability in Magento 2.2 and 2.3
Outdated HTTP Specification Abstraction Vulnerability in Magento 2.x
Remote Code Execution via Custom Layout Update in Magento 2.2 and 2.3
Stored Cross-Site Scripting (XSS) Vulnerability in Magento 2.2 and 2.3
Stored Cross-Site Scripting (XSS) Vulnerability in Magento 2.3.x Page Builder
Unrestricted File Upload Vulnerability in Magento 2.2 and 2.3
Phar Deserialization Remote Code Execution Vulnerability in Magento
Stored XSS Vulnerability in Magento 2.2 and 2.3: Injecting JavaScript via Order Title
SQL Injection Vulnerability in Magento 2.2 and 2.3
Remote Code Execution Vulnerability in Magento 2.3.x through PageBuilder Template Methods
Stored Cross-Site Scripting (XSS) Vulnerability in Magento 2.2 and 2.3
Stored Cross-Site Scripting (XSS) Vulnerability in Magento 2.2 and 2.3
Stored Cross-Site Scripting (XSS) Vulnerability in Magento 2.2 and 2.3
Stored Cross-Site Scripting (XSS) Vulnerability in Magento 2.3
Arbitrary Session ID Vulnerability in Magento 2.2 and 2.3
Remote Code Execution Vulnerability in Magento 2.2 and 2.3
Magento 2.2 and 2.3 Remote Code Execution Vulnerability through Server-Side Request Forgery
Stored Cross-Site Scripting (XSS) Vulnerability in Magento Admin Dashboard
Mitigation Bypass Vulnerability in Magento 2.2 and 2.3
Magento 2.2 and 2.3 Remote Code Execution Vulnerability through Crafted XML File
CSRF Token Exposure in Magento Prior to 1.9.4.3 and 1.14.4.3
Magento 2.2 and 2.3 SSRF Vulnerability Allows Remote Code Execution
Stored Cross-Site Scripting (XSS) Vulnerability in Magento 2.2 and 2.3
XPath Entity Injection Vulnerability in Magento 2.2 and 2.3
Magento 2.2 and 2.3 Remote Code Execution Vulnerability
Cross-Site Scripting Vulnerability in Adobe Acrobat and Reader Versions 2019.012.20040 and Earlier
Type Confusion Vulnerability in Adobe Acrobat and Reader
Race Condition Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Buffer Overrun Vulnerability in Adobe Acrobat and Reader
Type Confusion Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Type Confusion Vulnerability in Adobe Acrobat and Reader
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Untrusted Pointer Dereference Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader Versions 2019.012.20040 and Earlier
Use After Free Vulnerability in Adobe Acrobat and Reader Versions 2019.012.20040 and Earlier
Use After Free Vulnerability in Adobe Acrobat and Reader Versions 2019.012.20040 and Earlier
Use After Free Vulnerability in Adobe Acrobat and Reader Versions 2019.012.20040 and Earlier
Use After Free Vulnerability in Adobe Acrobat and Reader Versions 2019.012.20040 and Earlier
Use After Free Vulnerability in Adobe Acrobat and Reader Versions 2019.012.20040 and Earlier
Use After Free Vulnerability in Adobe Acrobat and Reader Versions 2019.012.20040 and Earlier
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader Versions 2019.012.20040 and Earlier
Use After Free Vulnerability in Adobe Acrobat and Reader Versions 2019.012.20040 and Earlier
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Untrusted Pointer Dereference Vulnerability in Adobe Acrobat and Reader
Untrusted Pointer Dereference Vulnerability in Adobe Acrobat and Reader
Heap Overflow Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Type Confusion Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader Versions 2019.012.20040 and Earlier
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Untrusted Pointer Dereference Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Write Vulnerability in Adobe Acrobat and Reader
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader Versions 2019.012.20040 and Earlier
Use After Free Vulnerability in Adobe Acrobat and Reader Versions 2019.012.20040 and Earlier
Use After Free Vulnerability in Adobe Acrobat and Reader Versions 2019.012.20040 and Earlier
Use After Free Vulnerability in Adobe Acrobat and Reader Versions 2019.012.20040 and Earlier
Use After Free Vulnerability in Adobe Acrobat and Reader Versions 2019.012.20040 and Earlier
Use After Free Vulnerability in Adobe Acrobat and Reader Versions 2019.012.20040 and Earlier
Use After Free Vulnerability in Adobe Acrobat and Reader Versions 2019.012.20040 and Earlier
Use After Free Vulnerability in Adobe Acrobat and Reader Versions 2019.012.20040 and Earlier
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader Versions 2019.012.20040 and Earlier
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader Versions 2019.012.20040 and Earlier
Use After Free Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader Versions 2019.012.20040 and Earlier
Out-of-Bounds Read Vulnerability in Adobe Acrobat and Reader
Use After Free Vulnerability in Adobe Acrobat and Reader Versions 2019.012.20040 and Earlier
Use After Free Vulnerability in Adobe Acrobat and Reader Versions 2019.012.20040 and Earlier
Use After Free Vulnerability in Adobe Acrobat and Reader Versions 2019.012.20040 and Earlier
Incomplete Implementation of Security Mechanism Vulnerability in Adobe Acrobat and Reader
Arbitrary JavaScript Injection via Import/Export Functionality in Magento
Arbitrary JavaScript Injection in Magento Transactional Email Templates
Arbitrary Code Execution through Crafted Layout Updates in Magento
Arbitrary Code Execution Vulnerability in Magento Prior to 1.9.4.3 and 1.14.4.3
Arbitrary Code Execution through Custom Layout Modification in Magento
Race condition vulnerability allows arbitrary code execution through webserver configuration file modification in Magento prior to 1.9.4.3, 1.14.4.3, 2.2.10, and 2.3.3 or 2.3.2-p1.
Arbitrary JavaScript Injection Vulnerability in Magento 2.2 and 2.3
Cross-Site Request Forgery Vulnerability in Adobe Experience Manager Versions 6.4, 6.3, and 6.2
Insecure Direct Object Reference (IDOR) Vulnerability in Magento 2.3 and Earlier Versions
Security Bypass Vulnerability in Creative Cloud Desktop Application Allows Privilege Escalation
Insufficiently Robust Encryption Vulnerability in Adobe Acrobat and Reader
Path Traversal Vulnerability in Adobe Acrobat and Reader
Memory Corruption Vulnerability in Adobe Bridge CC Versions 9.1 and Earlier
Memory Corruption Vulnerability in Adobe Bridge CC Versions 9.1 and Earlier
Out-of-Bounds Read Vulnerability in Adobe Media Encoder Versions 13.1 and Earlier
Out-of-Bounds Read Vulnerability in Adobe Media Encoder Versions 13.1 and Earlier
Out-of-Bounds Read Vulnerability in Adobe Media Encoder Versions 13.1 and Earlier
Out-of-Bounds Read Vulnerability in Adobe Media Encoder Versions 13.1 and Earlier
Out-of-Bounds Write Vulnerability in Adobe Media Encoder Versions 13.1 and Earlier
Memory Corruption Vulnerability in Adobe Illustrator CC Versions 23.1 and Earlier
Memory Corruption Vulnerability in Adobe Illustrator CC Versions 23.1 and Earlier
Type Confusion Vulnerability in Adobe Acrobat and Reader
Type Confusion Vulnerability in Adobe Acrobat and Reader
Type Confusion Vulnerability in Adobe Acrobat and Reader
Type Confusion Vulnerability in Adobe Acrobat and Reader
Memory Corruption Vulnerability in Adobe Photoshop CC Versions Before 20.0.8 and 21.0.x Before 21.0.2
Memory Corruption Vulnerability in Adobe Photoshop CC Versions Before 20.0.8 and 21.0.x Before 21.0.2
Command Injection Vulnerability in Brackets Versions 1.14 and Earlier
Insecure Inherited Permissions Vulnerability in ColdFusion Versions Update 6 and Earlier
Use After Free Vulnerability in Adobe Acrobat and Reader
Heap Buffer Overflow Vulnerability in UltraVNC Revision 1198 Allows Remote Code Execution
Memory Leaks in UltraVNC Revision 1198: Exploitable Information Disclosure Vulnerability
Out-of-Bounds Read Vulnerability in UltraVNC Revision 1199
Out-of-Bounds Read Vulnerability in UltraVNC Revision 1199
Heap Buffer Overflow Vulnerabilities in UltraVNC Revision 1203: Code Execution via Network Connectivity
Stack-based Buffer Overflow Vulnerability in UltraVNC Revision 1205 ShowConnInfo Routine
Out-of-Bounds Access Vulnerability in UltraVNC Revision 1203
Out-of-Bounds Access Vulnerabilities in UltraVNC Revision 1207
Out-of-Bounds Access Vulnerabilities in UltraVNC Revision 1207
Out-of-Bounds Read Vulnerability in UltraVNC Revision 1207 TextChat Module
Off-by-one vulnerabilities in UltraVNC revision 1206 VNC Client Code
Stack-based Buffer Overflow Vulnerability in UltraVNC Revision 1206 FileTransfer Module
Out-of-Bounds Read Vulnerability in UltraVNC Revision 1210
Heap Buffer Overflow Vulnerability in UltraVNC Revision 1211
Off-by-one vulnerabilities in UltraVNC revision 1211 VNC Server Code
Heap Buffer Overflow Vulnerability in UltraVNC Revision 1211
Heap Buffer Overflow Vulnerability in UltraVNC Revision 1211: Potential Code Execution
Multiple Improper Null Termination Vulnerabilities in UltraVNC Revision 1211
Stack Buffer Overflow Vulnerability in UltraVNC Revision 1211 VNC Server Code: Denial of Service (DoS) Exploit via Network Connectivity
Memory Leaks in UltraVNC Revision 1211: Exploitable Information Disclosure Vulnerability
Critical Stored XSS Vulnerability in Invision Power Board 3.3.1 - 3.4.8 Allows Remote Code Execution
Multiple Stored XSS Vulnerabilities in Vanilla Forums before 2.5
Out-of-Bounds Access Vulnerability in UltraVNC Revision 1203
Cleartext HTTP Vulnerability in Gemalto Admin Control Center
Gemalto Admin Control Center Prior to Version 7.92 Vulnerability: Missing 'HttpOnly' Flag in Hasplm Cookie
Critical Heap-Based Buffer Overflow Vulnerability in Kaspersky Lab Antivirus Engine (Pre-04.apr.2019)
Information Disclosure Vulnerability in Kaspersky Anti-Virus, Kaspersky Internet Security, and Kaspersky Total Security (up to 2019)
TightVNC Code Version 1.3.10: Network-Exploitable Buffer Overflow in HandleCoRREBBP Macro Function
Stored XSS Vulnerability in Online Store v1.0: Unsanitized adidas_member_user Variable in user_view.php
Stored XSS Vulnerability in Online Store v1.0: Exploiting adidas_member_email Variable in admin/user_view.php
Email Format Bypass Vulnerability in Online Store v1.0
Unauthenticated Path Traversal and Unauthorized File Deletion in Online Store System v1.0
Arbitrary Product Deletion Vulnerability in Online Store System v1.0
Arbitrary File Upload Vulnerability in upload-image-with-ajax v1.0
Flatpak Sandbox Escape Vulnerability
Command Injection Vulnerability in D-Link DIR-878 Firmware 1.12A1
Command Injection Vulnerability in D-Link DIR-878 Firmware 1.12A1
Command Injection Vulnerability in D-Link DIR-878 Firmware 1.12A1
Command Injection Vulnerability in D-Link DIR-878 Firmware 1.12A1
Command Injection Vulnerability in D-Link DIR-878 Firmware 1.12A1
Command Injection Vulnerability in D-Link DIR-878 Firmware 1.12A1
Command Injection Vulnerability in D-Link DIR-878 Firmware 1.12A1
Command Injection Vulnerability in D-Link DIR-878 Firmware 1.12A1
RubyGems Directory Traversal Vulnerability
Escape Sequence Injection Vulnerability in RubyGems
Escape Sequence Injection in RubyGems Gem Owner Command
Escape Sequence Injection Vulnerability in RubyGems
Arbitrary Code Injection via Crafted Gem Name in RubyGems
Escape Sequence Injection Vulnerability in RubyGems
XSS Vulnerability in Bootstrap Tooltip and Popover Data-Template Attribute
XSS Vulnerability in SchoolCMS 2.3.1 via index.php?a=Index&c=Channel&m=Home&viewid=[XSS]
XSS Vulnerability in SchoolCMS 2.3.1 via index.php?a=Index&c=Channel&m=Home&id=[XSS]
Privilege Escalation in HashiCorp Consul 1.4.x
Insecure Certificate Verification in msmtp 1.8.2 and mpop 1.4.3
Airmail GPG-PGP Plugin Signature Spoofing Vulnerability
Insufficient Resources Indicator Bypass Vulnerability in Falco
Server Side Template Injection (SSTI) in Jinja2 2.10
Local Privilege Escalation Vulnerability in Foxit Reader for macOS
Use-after-free vulnerability in NASM 2.14.02: paste_tokens in asm/preproc.c
Session Hijacking Vulnerability in ES File Explorer File Manager Application
Cross-Site Scripting (XSS) Vulnerability in Zoho ManageEngine ADSelfService Plus 5.x through 5704
CSRF Vulnerability in BEESCMS 4.0 Allows Addition of Arbitrary VIP Accounts
Multiple Cross-Site Scripting (XSS) Vulnerabilities in HTMLy 2.7.4
Information Disclosure Vulnerability in Simple - Better Banking App for Android
Unverified X.509 Certificates in Heimdal Thor Agent 2.5.17x before 2.5.173 Vulnerability
Static Encryption Key Vulnerability in BMC PATROL Agent
Heap-based Buffer Overflow in SoX 14.4.2 due to Integer Overflow in lsx_make_lpf
Heap-based Buffer Overflow in SoX 14.4.2 due to Integer Overflow in xmalloc.h
Stack-based Buffer Overflow in SoX 14.4.2
NULL Pointer Dereference in lsx_make_lpf in SoX 14.4.2
Directory Traversal Vulnerability in Hiawatha (CVE-2021-12345)
Out of Bounds Write Vulnerability in Contiki-NG and Contiki
SQL Injection Vulnerability in Themerig Find a Place CMS Directory 1.5
XSS Vulnerability in PHP Scripts Mall Responsive Video News Script via Search Bar
Arbitrary File Upload Vulnerability in DedeCMS V5.7SP2
XSS Vulnerability in Verydows 2.0 via index.php?c=main Parameter
Cross-Site Scripting (XSS) Vulnerability in OpenEMR v5.0.1-6
Remote Code Execution in OpenEMR v5.0.1-6
Arbitrary Memory Read/Write Vulnerability in LG Device Manager
Buffer Overflow Vulnerability in WebKitGTK
NULL Pointer Dereference in Tcpreplay 4.3.1: Denial of Service Vulnerability
NULL Pointer Dereference in Tcpreplay 4.3.1: Denial of Service Vulnerability
Heap-based Buffer Over-read in AP4_BitStream::ReadBytes() in Bento4 1.5.1-628
NULL Pointer Dereference in be_uint32_read() Function in AdvanceCOMP
NULL Pointer Dereference in AP4_Track::GetSampleIndexForTimeStampMs() in Bento4 1.5.1-628
Invalid Memory Access Vulnerability in Tcpreplay 4.3.1
NULL Pointer Dereference in Bento4 1.5.1-628: Denial of Service Vulnerability
Memory Address Invalidity in AdvanceCOMP's adv_png_unfilter_8 Function
Unauthenticated Directory Traversal and Local File Inclusion Vulnerability in Thomson Reuters Desktop Extensions 1.9.0.358
Remote Command Execution Vulnerability in MASTER IPCAMERA01 3.3.4.2103 Devices
Musicloud 1.6 Wi-Fi Transfer File-Read Vulnerability
Cross-site Scripting (XSS) Vulnerability in qdPM 9.1's search[keywords] Parameter
Cross-site Scripting (XSS) Vulnerability in qdPM 9.1 via configuration?type=[XSS] Parameter
Incorrect Access Control Allows Remote Attackers to Enable Guest Wi-Fi on D-Link DIR-823G Devices
SQL Injection Vulnerability in Hotels_Server API Login Endpoint
Arbitrary File Upload Vulnerability in Zoho ManageEngine ServiceDesk Plus (SDP)
Insecure Direct Object Reference (IDOR) Vulnerability in Zoho ManageEngine ServiceDesk Plus (SDP) Allows Unauthorized Access to Attachments
Buffer Overflow Vulnerability in H5O__layout_encode in HDF HDF5 Library
Out of Bounds Read Vulnerability in HDF HDF5 1.10.4 Library
Out of Bounds Read Vulnerability in HDF HDF5 1.10.4 Library
Reflected XSS Vulnerability in ORY Hydra before v1.0.0-rc.3+oryOS.9 via oauth2/fallbacks/error error_hint Parameter
Arbitrary File Upload Vulnerability in Webiness Inventory 2.3
Arbitrary File Read and Write Vulnerability in HongCMS 3.0.0
OneFileCMS 3.6.13 Remote Code Modification Vulnerability
XSS Vulnerability in Maccms 8.0 via inc/config/cache.php t_key Parameter
Arbitrary File Deletion Vulnerability in zzcms 2018 (2018-10-19)
Arbitrary File Read and Delete Vulnerability in FeiFeiCms 4.0.181010
NULL Pointer Dereference Vulnerability in Xiaomi MIX 2 Devices with 4.4.78 Kernel
SeaCMS 7.2 Remote Password Reset Vulnerability
XSS Vulnerability in VNote 2.2 via New Text Note
SQL Injection in upload/protected/modules/admini/views/post/index.php in BageCMS through 3.1.4 via title or titleAlias parameter
SQL Injection Vulnerability in PbootCMS v1.3.2 via description parameter in ContentController.php
SQL Injection in ZoneMinder through 1.32.3 via events.php filter[Query][terms][0][cnj] parameter
SQL Injection in ZoneMinder before 1.32.3 via ajax/status.php sort parameter
XSS Vulnerability in ZoneMinder's includes/database.php
XSS Vulnerability in ZoneMinder's controlcap.php
Command Injection Vulnerability in ZoneMinder's daemonControl Function
SQL Injection in ZoneMinder before 1.32.3 via skins/classic/views/control.php groupSql parameter
SQL Injection in ZoneMinder before 1.32.3 via ajax/status.php filter[Query][terms][0][cnj] parameter
XSS Vulnerability in CmsEasy 7.0 via ckplayer.php URL Parameter
Arbitrary File Upload Vulnerability in JTBC(PHP) 3.0.1.8 via console/#/console/file/manage.php?type=list URI
XSS Vulnerability in CmsEasy 7.0 via ckplayer.php Autoplay Parameter
XSS Vulnerability in PHPMyWind v5.5 via HTTP Host Header in admin/default.php
Stored XSS Vulnerability in imcat 4.5 via fm[instop][note] Parameter in root/run/adm.php
CSRF Vulnerability in njiandan-cms Allows Unauthorized Administrator Addition
Stored XSS Vulnerability in DiliCMS 2.4.0's System Setting -> Site Setting Textbox
Stored XSS Vulnerability in DiliCMS 2.4.0's System Setting->Site Setting Textbox
Stored XSS Vulnerability in DiliCMS 2.4.0 Site Logo Field
Lax Path Access Check Vulnerability in Jira
Improper Access Control Vulnerability in Jira Allows Unauthorized Access to ViewUpgrades Administrative Resource
Cross-Site Scripting (XSS) Vulnerability in Jira's Wikirenderer Component
Worklog Time Information Disclosure Vulnerability
User Enumeration Vulnerability in Jira REST API
CSRF Vulnerability in Jira ServiceExecutor Resource Allows Unauthorized Export File Creation
Jira User Enumeration via Login.jsp Information Disclosure Vulnerability
Jira User Enumeration Vulnerability
Cross-Site Scripting (XSS) Vulnerability in Jira Optimization Plugin
Server Side Request Forgery (SSRF) vulnerability in Jira before version 8.4.0 allows unauthorized access to internal network resources via the /plugins/servlet/gadgets/makeRequest resource.
Privilege Escalation via Hard-Link Vulnerability in Check Point ZoneAlarm and Endpoint Security
DLL Hijacking Vulnerability in Check Point ZoneAlarm
Vulnerability: Local File Manipulation and Command Execution in Check Point Endpoint Security Client for Windows
Privilege Escalation via Hard-Link Vulnerability in Check Point ZoneAlarm up to 15.4.062
IKEv2 IPsec VPN Vulnerability in Check Point R80.30: Unauthorized Site-to-Site VPN Connection
Heap Out-of-Bound Read Vulnerability in SQLite3's rtreenode() Function
DLL Loading Vulnerability in Check Point Endpoint Security Client for Windows
Path Traversal Vulnerability in Check Point Endpoint Security Client for Windows VPN
Denial of Service Vulnerability in OpenBSD Kernel Version <= 6.5 through TCP SACK Packet Exploitation
DLL Hijacking Vulnerability in Check Point Endpoint Security Initial Client for Windows
Critical Vulnerability: Check Point R80.30 Security Gateway Crashes with Enhanced Logging Configuration
Denial of Service Vulnerability in Check Point Endpoint Security Client for Windows
Unauthorized Dictation Request Vulnerability
Cross-Site Scripting (XSS) Vulnerability in iOS, tvOS, Safari, iTunes, and iCloud
Memory Initialization Vulnerability in iOS 12.2 and macOS Mojave 10.14.4 Allows Local User to Read Kernel Memory
Universal Cross-Site Scripting Vulnerability in Safari Reader Feature
Type Confusion Vulnerability in iOS, tvOS, watchOS, Safari, iTunes, and iCloud
Memory Corruption Vulnerabilities Patched in macOS Mojave 10.14.4
Vulnerability: Buffer Overflow in macOS Mojave 10.14.4 Allows Arbitrary Code Execution via NFS Network Share
Privilege Escalation Vulnerability in macOS Catalina 10.15.1 and earlier
Kernel Memory Disclosure Vulnerability
Privilege Escalation Vulnerability Fixed in iOS 12.2, macOS Mojave 10.14.4, watchOS 5.2
Unauthorized Remote Device Wiping Vulnerability in iOS 12.2
Arbitrary Shell Command Execution Vulnerability in macOS Mojave 10.14.4
Elevated Privileges Vulnerability Patched in iOS 12.2 and macOS Mojave 10.14.4
Cross-Origin Issue in Fetch API Allows Disclosure of Sensitive User Information
Improper Input Validation Leading to Denial of Service in Apple Operating Systems
Vulnerability: Out-of-Bounds Read in Font Processing
Arbitrary Code Execution Vulnerability in iOS, tvOS, watchOS, Safari, iTunes, and iCloud
Improved Bounds Checking Fixes Out-of-Bounds Read Vulnerability in macOS Mojave 10.14.4
Improper Bounds Checking in macOS Mojave 10.14.4 Allows Unauthorized Memory Reading
Arbitrary File Overwrite Vulnerability in iOS 12.2 and macOS Mojave 10.14.4
Unauthenticated User Can Remount Encrypted Volume Without Password Prompt
Arbitrary Code Execution Vulnerability in iOS, tvOS, Safari, iTunes, and iCloud
Arbitrary Code Execution Vulnerability in iOS, tvOS, Safari, iTunes, and iCloud
Memory Corruption Vulnerability in macOS and iOS
Elevated Privileges Vulnerability Fixed in macOS Mojave 10.14.4
Buffer Overflow Vulnerability Patched in iOS 12.2, macOS Mojave 10.14.4, tvOS 12.2, watchOS 5.2
Arbitrary Code Execution Vulnerability in watchOS, macOS, and iOS
Arbitrary Code Execution Vulnerability in iOS 12.2 and macOS Mojave 10.14.4
Arbitrary File Overwrite Vulnerability in iOS, macOS, and tvOS
Trust Anchor Management Vulnerability: Untrusted Radius Server Certificate Trust
Vulnerability: Unauthorized File Access in watchOS 5.2 and iOS 12.2
Lock Handling Issue in macOS Mojave 10.14.4: Failure to Lock when Disconnecting from External Monitor
Memory Corruption Vulnerability in macOS Mojave 10.14.4 and Security Updates
Arbitrary Code Execution Vulnerability in iOS, tvOS, Safari, iTunes, and iCloud
Arbitrary Code Execution Vulnerability in iOS, tvOS, watchOS, Safari, iTunes, and iCloud
Improper Access Control in macOS Mojave 10.14.4 Allows Local User to View Locked Notes
Denial of Service Vulnerability in vcf File Processing
Memory Initialization Vulnerability in macOS Mojave 10.14.6 and Security Updates 2019-004 High Sierra and Sierra
Memory Initialization Vulnerability in iOS, macOS, tvOS, and watchOS
Motion Sensor Calibration Privacy Vulnerability
Buffer Overflow Vulnerability Patched in Multiple Apple Products
Arbitrary Code Execution Vulnerability in iOS, tvOS, watchOS, Safari, iTunes, and iCloud
Memory Corruption Vulnerability in iOS, macOS, tvOS, and watchOS
Sandbox Restrictions Patched to Prevent Local User Access to Sensitive User Information
Kernel Memory Disclosure Vulnerability
Vulnerability: Incomplete Passcode Clearing on Sleep
Arbitrary Code Execution Vulnerability in MIG Generated Code
FaceTime Video Pausing Vulnerability
Universal Cross-Site Scripting Vulnerability Fixed in iOS 12.2, tvOS 12.2, Safari 12.1, iTunes 12.9.4 for Windows, iCloud for Windows 7.11
Memory Initialization Vulnerability in iOS, macOS, tvOS, and watchOS
Arbitrary Code Execution via Malicious SMS Link in iOS 12.2
Improper Sensor Data Access Vulnerability
Buffer Overflow Vulnerability in macOS Mojave 10.14.4 Allows Arbitrary Code Execution with Kernel Privileges
Use After Free Vulnerability in iOS, tvOS, Safari, iTunes, and iCloud
Arbitrary Code Execution Vulnerability in iOS, tvOS, watchOS, Safari, iTunes, and iCloud
Arbitrary Code Execution Vulnerability in iOS, tvOS, watchOS, Safari, iTunes, and iCloud
Improper Bounds Checking Allows Unauthorized Memory Reading
Privilege Escalation Vulnerability in macOS Mojave 10.14.4
Sandbox Bypass Vulnerability in iOS, tvOS, Safari, and iTunes
Arbitrary Code Execution Vulnerability in iOS, tvOS, watchOS, Safari, iTunes, and iCloud
Privileged Network Position Vulnerability: Driver State Modification
Race Condition Vulnerability Allows Malicious Apps to Gain Root Privileges
Microphone Access Vulnerability in iOS 12.1 and Earlier
Privacy Vulnerability: Passive Tracking via WiFi MAC Address in iOS 12.1 and below
Symlink Validation Vulnerability Allows Local File System Modification
Memory Corruption Vulnerability in macOS Mojave and High Sierra
Vulnerability: Information Disclosure via Malicious Web Content
Arbitrary Code Execution Vulnerability in Multiple Apple Products
Null Pointer Dereference Vulnerability Patched in AirPort Base Station Firmware Updates 7.8.1 and 7.9.1
Improper Input Validation Leading to System Denial of Service
Memory Corruption Vulnerability in iOS, macOS, tvOS, and watchOS
Incomplete Data Deletion in AirPort Base Station Firmware
Improper Bounds Checking Leading to Kernel Memory Read Vulnerability
Elevated Privileges Vulnerability Patched in Multiple Apple Platforms
Use After Free Vulnerability in AirPort Base Station Firmware
Elevated Privileges Vulnerability in macOS Mojave 10.14.4 and Security Updates
Vulnerability: Unexpected Acceptance of Source-Routed IPv4 Packets
Memory Leak Vulnerability in AirPort Base Station Firmware
Vulnerability: Out-of-bounds read leading to process memory disclosure
Memory Corruption Vulnerabilities in Apple Software Allow Arbitrary Code Execution
Arbitrary Code Execution Vulnerability in Multiple Apple Products
Vulnerability: Arbitrary Code Execution via Malicious Movie File
Arbitrary Code Execution Vulnerability in Multiple Apple Products
Arbitrary Code Execution Vulnerability in Multiple Apple Products
Null Pointer Dereference Vulnerability in AirPort Base Station Firmware
Gatekeeper Bypass Vulnerability in macOS Mojave 10.14.5
Kernel Privilege Escalation Vulnerability Patched in macOS Mojave 10.14.5
Type Confusion Vulnerability in iOS, macOS, tvOS, and watchOS
Arbitrary Code Execution via Malicious Audio File
Arbitrary Code Execution Vulnerability in iOS, tvOS, and watchOS
Arbitrary Code Execution Vulnerability in Multiple Apple Products
Arbitrary Code Execution Vulnerability in Multiple Apple Products
Arbitrary Code Execution Vulnerability in Multiple Apple Products
Arbitrary Code Execution Vulnerability in Multiple Apple Products
Memory Reading Vulnerability in iOS, macOS, tvOS, watchOS, iTunes, and iCloud
iOS 12.3 Vulnerability: Unauthorized Access to iTunes Email Address
Arbitrary Code Execution via Malicious SQL Query
Memory Corruption Vulnerabilities in Apple Software Allow Arbitrary Code Execution
Privilege Escalation Vulnerability Patched in Apple Operating Systems and Applications
Improved Input Sanitization Fixes Memory Reading Vulnerability in macOS Mojave 10.14.5
Memory Corruption Vulnerability in macOS Mojave 10.14.5 Allows Arbitrary Code Execution
Use After Free Vulnerability in iOS, macOS, tvOS, and watchOS
Symlink Validation Vulnerability in macOS Mojave 10.14.5
Memory Disclosure Vulnerability in Apple Software
Arbitrary Code Execution Vulnerability in Multiple Apple Products
Arbitrary Code Execution Vulnerability in Multiple Apple Products
Arbitrary Code Execution Vulnerability in Multiple Apple Products
Arbitrary Code Execution Vulnerability in Multiple Apple Products
Privileged Network Position Vulnerability: Driver State Modification
Use After Free Vulnerability in iOS, tvOS, and watchOS Allows Remote Code Execution
Arbitrary Code Execution Vulnerability in Multiple Apple Products
Memory Corruption Vulnerability in macOS Mojave 10.14.5 Allows Arbitrary Code Execution
Sandbox Circumvention Vulnerability in iOS 12.3
Sandbox Circumvention Vulnerability Fixed in Multiple Apple Operating Systems
Arbitrary Code Execution Vulnerability in Multiple Apple Products
Privacy Vulnerability: Passive Tracking via WiFi MAC Address in iOS 12.3, tvOS 12.3, watchOS 5.2.1
Memory Corruption Vulnerabilities in Apple Software Allow Arbitrary Code Execution
Memory Corruption Vulnerabilities in Apple Software Allow Arbitrary Code Execution
Vulnerability: Out-of-Bounds Read Leading to Memory Leak
Universal Cross-Site Scripting Vulnerability Fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14
Improper Input Validation in iOS 12.3 and watchOS 5.2.1 Leads to Denial of Service
Arbitrary Code Execution Vulnerability in Multiple Apple Products
Memory Initialization Vulnerability in macOS Mojave 10.14.5 Allows Arbitrary Code Execution
Lock Screen Icon Display Vulnerability
Vulnerability: State Alteration in iMessage Conversation
Insecure Transmission of Analytics Data in Texture Mobile App
Memory Reading Vulnerability in macOS and iOS
Improper State Management Leads to Unauthorized Account Access in macOS Mojave 10.14.5
Memory Corruption Vulnerability in macOS Mojave 10.14.5 Allows Arbitrary Code Execution
Root Privilege Escalation Vulnerability in iOS 12.3, tvOS 12.3, and watchOS 5.2.1
Arbitrary Code Execution Vulnerability in Multiple Apple Products
Arbitrary Code Execution Vulnerability in Multiple Apple Products
Sandbox Circumvention Vulnerability in macOS Mojave and High Sierra
Improved Input Validation Fixes Out-of-Bounds Read Vulnerability
S-MIME Certificate Validation Vulnerability
Logic Issue in macOS Mojave 10.14
Arbitrary Code Execution Vulnerability in Multiple Apple Products
Vulnerability: Intercepting S/MIME-encrypted Email Contents
Memory Leak Vulnerability in iOS, macOS, tvOS, and watchOS
Use After Free Vulnerability in iOS, tvOS, and watchOS Allows Remote Code Execution
Memory Corruption Vulnerability in iOS, macOS, tvOS, and watchOS Allows Remote Code Execution
Universal Cross-Site Scripting Vulnerability in Synchronous Page Loads
User Interface Spoofing Vulnerability Fixed in Safari 13.0.1
Gatekeeper Bypass Vulnerability through Symbolic Link Extraction
Vulnerability: Out-of-Bounds Read in Office Document Parsing
Universal Cross-Site Scripting Vulnerability in Apple Software
Vulnerability: Unauthorized State Alteration in iMessage Conversations
Memory Corruption Vulnerability in iOS, macOS, tvOS, and watchOS
Improper Memory Management in macOS Mojave 10.14.6 Allows Remote Code Execution
Use-after-free vulnerability in NSDictionary deserialization
Memory Leakage Vulnerability in iOS 12.4 and macOS Mojave 10.14.6
Improper Input Validation in iOS 12.3 and watchOS 5.2.1 Leads to Denial of Service
Improved Validation to Address Denial of Service Vulnerability in iOS 12.4 and watchOS 5.3
Arbitrary Code Execution Vulnerability in Multiple Apple Products
Inconsistent User Interface Issue with Time Machine Backup Encryption Status in macOS Mojave 10.14.6
Improved Validation to Address Denial of Service Vulnerability in iOS 12.4, tvOS 12.4, watchOS 5.3
Arbitrary Code Execution Vulnerability in Apple Devices
Address Bar Spoofing Vulnerability in macOS Mojave 10.14.6 and Safari 12.1.2
Arbitrary Code Execution Vulnerability in Multiple Apple Products
Arbitrary Code Execution Vulnerability in Apple Devices
Arbitrary Code Execution Vulnerability in Multiple Apple Products
Universal Cross-Site Scripting Vulnerability Fixed in iOS 13 and Safari 13
Buffer Overflow Vulnerability in macOS Mojave 10.14.6 and Security Updates 2019-004 High Sierra and Sierra
Arbitrary Code Execution Vulnerability in Apple Devices
Arbitrary Code Execution Vulnerability in Multiple Apple Products
Arbitrary Code Execution Vulnerability in Multiple Apple Products
Arbitrary Code Execution Vulnerability in Multiple Apple Products
Arbitrary Code Execution Vulnerability in Multiple Apple Products
Arbitrary Code Execution Vulnerability in Multiple Apple Products
Inadvertent In-App Purchase Vulnerability on Lock Screen
Arbitrary Code Execution Vulnerability in Multiple Apple Products
Arbitrary Code Execution Vulnerability in Apple Devices
Arbitrary Code Execution Vulnerability in Apple Devices
Arbitrary Code Execution Vulnerability in Multiple Apple Products
Arbitrary Code Execution Vulnerability in Multiple Apple Products
Arbitrary Code Execution Vulnerability in Apple Devices
Arbitrary Code Execution Vulnerability in Apple Devices
Universal Cross-Site Scripting Vulnerability in Document Load Handling
Improper Input Sanitization Allows Unauthorized Memory Access in macOS Mojave 10.14.6
Improper Input Sanitization in macOS Mojave 10.14.6 Allows Unauthorized Memory Access
Improper Input Sanitization in macOS Mojave 10.14.6 Allows Unauthorized Memory Access
Memory Corruption Vulnerability in macOS Mojave 10.14.6 Allows Arbitrary Code Execution with Kernel Privileges
Memory Corruption Vulnerability in macOS Mojave 10.14.6 Allows Arbitrary Code Execution
Buffer Overflow Vulnerability in macOS Mojave 10.14.6 and Security Updates 2019-004 High Sierra and Sierra
Memory Corruption Vulnerability in macOS Mojave 10.14.6 Allows Arbitrary Code Execution
Entitlement Verification Vulnerability Allows Website Access Restriction
Simultaneous Walkie-Talkie Connection Vulnerability
Memory Corruption Vulnerability in macOS Catalina 10.15 Allows Arbitrary Code Execution
Local User Account Identifier Disclosure Vulnerability
Elevated Privileges Vulnerability Patched in watchOS 6, tvOS 13, macOS Catalina 10.15, iOS 13
tvOS 13 Fixes Authentication Vulnerability Allowing Sensitive User Information Leakage
Memory Corruption Vulnerability in macOS Catalina 10.15 and tvOS 13 Allows Disclosure of Process Memory
Memory Corruption Vulnerability in Audio File Processing
Arbitrary Code Execution Vulnerability in tvOS, iTunes, and iCloud
File Existence Disclosure Vulnerability
Memory Corruption Vulnerability in macOS, tvOS, watchOS, and iOS
Arbitrary Code Execution Vulnerability in iCloud for Windows 11.0
Notification Previews Displayed on Bluetooth Accessories Despite Disabled Previews
Arbitrary Code Execution Vulnerability in watchOS 6, iOS 13, and tvOS 13
Memory Corruption Vulnerability in macOS and iOS
Memory Corruption Vulnerability in macOS Catalina 10.15.1 and Security Updates 2019-001/006
Memory Corruption Vulnerability in macOS Catalina 10.15 and tvOS 13 Allows Arbitrary Code Execution with Kernel Privileges
Arbitrary Code Execution Vulnerability in watchOS 6, iOS 13, and tvOS 13
Universal Cross-Site Scripting Vulnerability Fixed in tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14
Arbitrary Code Execution Vulnerability in WebKit
Arbitrary Code Execution Vulnerability in ld64 Toolchain
Arbitrary Code Execution Vulnerability in ld64 Toolchain
Arbitrary Code Execution Vulnerability in ld64 Toolchain
Arbitrary Code Execution Vulnerability in ld64 Toolchain
Safari 13.0.1 Fixes Service Worker Vulnerability Allowing Private Browsing History Leakage
Arbitrary Code Execution Vulnerability in tvOS, iTunes, and iCloud
Address Bar Spoofing Vulnerability in iOS 13
Arbitrary Code Execution Vulnerability in Multiple Apple Products
Vulnerability: Information Leakage in Locked Notes on macOS Catalina 10.15
Improper Execute Permission Granting Vulnerability in iOS 13
iOS 13 Fixes Data Deletion Vulnerability Allowing Deleted Calls to Remain Visible
Arbitrary Code Execution Vulnerability in tvOS, iTunes, and iCloud
Arbitrary Code Execution Vulnerability in Multiple Apple Products
Arbitrary Code Execution Vulnerability in tvOS, iTunes, and iCloud
Input Validation Vulnerability in macOS Catalina 10.15.1 and Security Updates
Privileged Denial of Service Vulnerability Patched in macOS Catalina 10.15.1 and Security Updates
Memory Corruption Vulnerability in Xcode 11.0 Allows Arbitrary Code Execution
Memory Corruption Vulnerability in Xcode 11.0 Allows Arbitrary Code Execution
Memory Corruption Vulnerability in iOS 13.1 and iPadOS 13.1, watchOS 6, tvOS 13 Allows Arbitrary Code Execution with Kernel Privileges
Enhanced Input Validation to Mitigate Denial of Service Vulnerability
Lock Screen Contact Access Vulnerability in iOS 13
Arbitrary Code Execution Vulnerability in watchOS 6.1
Memory Corruption Vulnerability in IPv6 Packet Handling
Buffer Overflow Vulnerability Fixed in macOS Catalina 10.15, tvOS 13, iTunes for Windows 12.10.1, iCloud for Windows 10.7, iCloud for Windows 7.14
Improper Input Validation Leads to Out-of-Bounds Read Vulnerability
Memory Corruption Vulnerability Fixed in watchOS 6.1: Arbitrary Code Execution with Kernel Privileges
Memory Corruption Vulnerability in macOS Catalina 10.15 Allows Arbitrary Code Execution with Kernel Privileges
Memory Corruption Vulnerabilities in macOS, iOS, iCloud, tvOS, watchOS, and iTunes
Memory Corruption Vulnerabilities in watchOS, iCloud for Windows, and libxslt
Memory Corruption Vulnerabilities in Safari, iOS, iPadOS, iCloud, tvOS, watchOS, and iTunes
Memory Corruption Vulnerabilities in Safari, iOS, iPadOS, iCloud, tvOS, watchOS, and iTunes
Cross-Site Scripting Vulnerability Patched in macOS Catalina 10.15 and Other Apple Operating Systems
Cross-Origin Vulnerability in iframe Elements
Kernel Memory Layout Disclosure Vulnerability in macOS Catalina 10.15
Memory Corruption Vulnerabilities in macOS, iOS, iCloud, tvOS, watchOS, and iTunes
Race Condition in User Preferences Handling
Memory Corruption Vulnerability in macOS Catalina 10.15 Allows Arbitrary Code Execution
Vulnerability: Out-of-bounds read leading to unexpected system termination or kernel memory disclosure
Face ID Vulnerability: 3D Model Authentication Exploit
Vulnerability in macOS Catalina Allows Disclosure of User Information via Malicious Text File Parsing
Universal Cross-Site Scripting Vulnerability Fixed in Multiple Apple Products
Arbitrary Code Execution Vulnerability in iOS, iPadOS, tvOS, Safari, iTunes, and iCloud
Universal Cross-Site Scripting Vulnerability Fixed in watchOS 6.1
Arbitrary Code Execution Vulnerability in watchOS 6.1
Arbitrary Code Execution Vulnerability in watchOS 6.1 and iCloud for Windows 11.0
Heap Corruption Vulnerability in macOS Catalina 10.15.1 and Security Updates
Persistent Browsing History Vulnerability in macOS Catalina 10.15
Web Page Element Drawing Vulnerability
Improved Permissions Logic Fixes Recent Documents Access Vulnerability in macOS Catalina 10.15
Improved iframe sandbox enforcement in Safari 13.0.1 and iOS 13 mitigates violation of sandboxing policy
Vulnerability: Unencrypted PDF Content Exfiltration via Links
Memory Corruption Vulnerabilities in Safari, iOS, iPadOS, iCloud, tvOS, watchOS, and iTunes
Persistent Denial-of-Service Vulnerability in iBooks File Parsing
Lock Screen Contact Access Vulnerability in iOS 13.1 and iPadOS 13.1
Memory Corruption Vulnerability in macOS Catalina 10.15 Allows Arbitrary Code Execution
Lock Screen Vulnerability Allows Unauthorized Access to Contacts
Incorrect Sandbox Restrictions in iOS 13.1.1 and iPadOS 13.1.1 for Third Party App Extensions
Improved Permissions Logic Fixes Kernel Memory Layout Vulnerability
Memory Corruption Vulnerability in macOS Catalina 10.15 Allows Arbitrary Code Execution with Kernel Privileges
Arbitrary Code Execution Vulnerability in iOS, iPadOS, tvOS, Safari, iTunes, and iCloud
Arbitrary Code Execution Vulnerability in iOS, iPadOS, tvOS, Safari, iTunes, and iCloud
Arbitrary Code Execution Vulnerability in iOS, iPadOS, macOS, iTunes, and iCloud
Memory Corruption Vulnerability in iOS, iPadOS, macOS, tvOS, and watchOS
Memory Corruption Vulnerability in iOS, iPadOS, macOS, tvOS, and watchOS Allows Arbitrary Code Execution with Kernel Privileges
Memory Leak Vulnerability in iOS, iPadOS, macOS, tvOS, and watchOS
Improper URL Processing Vulnerability
Symlink Validation Vulnerability in iBooks File Parsing
Inadvertent Data Disclosure Vulnerability in URLSession
Open Redirect Vulnerability in Shazam App Versions 9.25.0 (Android) and 12.11.0 (iOS)
Arbitrary JavaScript Code Execution Vulnerability in Shazam Mobile Apps
Screen Recording Indicator Bypass Vulnerability
Memory Reading Vulnerability in iOS 13.2 and macOS Catalina 10.15.1
Arbitrary Code Execution Vulnerability in iOS 13.2 and iPadOS 13.2
AirDrop Logic Issue Allows Unexpected Acceptance in Everyone Mode
Memory Corruption Vulnerability in iOS, iPadOS, macOS, tvOS, and watchOS
Memory Corruption Vulnerability in iOS, iPadOS, macOS, tvOS, and watchOS
Device Name Exposure in AWDL Communications
Arbitrary Code Execution Vulnerability Fixed in Xcode 11.2
Vulnerability: Arbitrary Code Execution in iTunes Setup
Root Privilege Escalation Vulnerability in macOS Catalina 10.15.1
Improved State Management Fixes Authentication Vulnerability
Wi-Fi Network Configuration Vulnerability in iOS 13.2 and iPadOS 13.2
Entitlement Verification Vulnerability in macOS Catalina 10.15.1
Arbitrary Code Execution Vulnerability Fixed in Xcode 11.2
Memory Corruption Vulnerability in macOS Catalina 10.15.1 Allows Arbitrary Code Execution
Memory Corruption Vulnerabilities in iOS, iPadOS, tvOS, watchOS, Safari, and iTunes
Local App Account Identifier Exposure Vulnerability
Memory Corruption Vulnerabilities in Apple Software Could Lead to Arbitrary Code Execution
Memory Corruption Vulnerabilities in iOS, iPadOS, tvOS, watchOS, Safari, and iTunes
Universal Cross-Site Scripting Vulnerability in iOS, iPadOS, tvOS, Safari, iTunes, and iCloud
Arbitrary Code Execution Vulnerability in iOS, iPadOS, tvOS, Safari, iTunes, and iCloud
Arbitrary Code Execution Vulnerability in iOS, iPadOS, tvOS, Safari, iTunes, and iCloud
Memory Corruption Vulnerabilities in Apple Software Could Lead to Arbitrary Code Execution
Improved Input Sanitization in macOS Catalina 10.15.1 Fixes Memory Reading Vulnerability
Arbitrary Code Execution Vulnerability in iOS, iPadOS, tvOS, Safari, iTunes, and iCloud
Memory Corruption Vulnerabilities in Apple Software Could Lead to Arbitrary Code Execution
Arbitrary Code Execution Vulnerability in iOS, iPadOS, tvOS, Safari, iTunes, and iCloud
Arbitrary Code Execution Vulnerability in iOS, iPadOS, tvOS, Safari, iTunes, and iCloud
Arbitrary Code Execution Vulnerability in iOS, iPadOS, tvOS, Safari, iTunes, and iCloud
Memory Corruption Vulnerability in macOS Catalina 10.15.1 and Security Updates 2019-001/006
Memory Corruption Vulnerability in macOS, iOS, and iCloud
Memory Corruption Vulnerability in macOS Catalina 10.15 Allows Arbitrary Code Execution
HTTP Referrer Header Vulnerability: Browsing History Leakage
Arbitrary Code Execution Vulnerability with Kernel Privileges
Memory Corruption Vulnerability with Improved Locking
Vulnerability: Out-of-bounds read leading to arbitrary code execution via FaceTime video processing
Memory Corruption Vulnerability in macOS, iOS, iPadOS, tvOS, and watchOS
Memory Corruption Vulnerability in iOS, iPadOS, watchOS, macOS, tvOS
Memory Corruption Vulnerability Patched in Multiple Apple Operating Systems
Bypassing HSTS for Specific Top-Level Domains Vulnerability
Arbitrary Code Execution Vulnerability in Multiple Apple Products
Arbitrary Code Execution Vulnerability in watchOS, iOS, iPadOS, and tvOS
Vulnerability: Logic Issue Allows Unauthorized Access to Restricted Files
Arbitrary Code Execution Vulnerability with Kernel Privileges
Buffer Overflow Vulnerability Patched in macOS Catalina 10.15.2 and Security Updates for Mojave and High Sierra
Improper Bounds Checking in Xcode 11.3 Leads to Arbitrary Code Execution
Arbitrary Code Execution Vulnerability in iOS 13.3 and iPadOS 13.3
Buffer Overflow Vulnerability in macOS Print System
Arbitrary Code Execution Vulnerability in Multiple Apple Products
Arbitrary Code Execution Vulnerability in Apple Software
Memory Corruption Vulnerability in macOS Catalina 10.15.2 and Earlier Versions
Elevated Privileges Vulnerability Patched in Multiple Apple Products
Arbitrary Code Execution Vulnerability in SwiftNIO SSL 2.4.0 and earlier
Vulnerability: Out-of-bounds read in audio file processing leading to memory disclosure
Delayed Locking Vulnerability in macOS
Memory Corruption Vulnerability in macOS Catalina 10.15.2 and Earlier Versions
Memory Read Vulnerability in macOS
Privacy Enhancement: Removal of Broadcast MAC Address Tracking in macOS Catalina 10.15 and iOS 13
Sandbox Restrictions Patched in macOS Catalina 10.15 to Prevent Unauthorized File Access
Improper Cellular Plan Selection Vulnerability in Siri-initiated Phone Calls
Vulnerability: Live Photo Audio and Video Data Leakage via iCloud Links
Screen Sharing Logic Issue in macOS Catalina 10.15.1 and Security Updates 2019-001/006
Information Disclosure Vulnerability in Storage Access API
Vulnerability: Intercepting SSH Traffic in Run script over SSH Action
CSRF Vulnerability in idreamsoft iCMS Allows Deletion of Users' Articles
Path Traversal Vulnerability in Total.js Platform before 3.2.3
Stack-based buffer over-read in do_bid_note function in readelf.c
Stack-based Buffer Over-read in do_core_note function in readelf.c
Out-of-Bounds Read Vulnerability in do_core_note function of readelf.c
Remote Denial of Service Vulnerability in libmagic.a
Arbitrary PHP Code Execution via Image File Upload in WTCMS 1.0
Denial of Service Vulnerability in WTCMS 1.0
CSRF Vulnerability in WTCMS 1.0's Admin Setting Site Post
Stored XSS Vulnerability in WTCMS 1.0 via Website Statistics Code
Use-after-free vulnerability in Linux kernel through 4.20.11 in af_alg_release() function
SolarWinds Orion NPM before 12.4 SYSTEM Remote Code Execution Vulnerability
Insecure Initialization Vector (IV) Usage in Seadroid Android Client
XSS Vulnerability in iart.php of XAMPP 1.7.0
Arbitrary Heap Data Leakage in BlueZ Bluetoothd
Heap-based Buffer Overflow in BlueZ Bluetoothd
SQL Injection Vulnerability in XAMPP (Discontinued)
XSS Vulnerability in XAMPP (Discontinued) via cds-fpdf.php Interpret or Titel Parameter
Absolute Path Traversal Vulnerability in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2
Cross-Site Scripting (XSS) Vulnerability in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2
Cross-Site Scripting (XSS) Vulnerability in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2
Cross-Site Scripting (XSS) Vulnerability in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2
Cross-Site Scripting (XSS) Vulnerability in Zoho ManageEngine Netflow Analyzer Professional 7.0.0.2
Email Extraction Vulnerability in Redbrick Shift through 3.4.3
Authentication Token Extraction Vulnerability in Redbrick Shift through 3.4.3
Arbitrary File Upload and Remote Code Execution in DedeCMS 5.7SP2
Information Exposure in QEMU's hw/ppc/spapr.c through 3.1.0
Cross-Site Scripting (XSS) Vulnerability in Collabtive 3.1 via manageuser.php?action=profile id parameter
Critical Vulnerability: NULL Pointer Dereference in NTP 4.2.8p12
Cross-Site Scripting (XSS) Vulnerability in HotelDruid 2.3.0
Cross-Site Scripting (XSS) Vulnerability in VertrigoServ 2.17 via /inc/extensions.php ext Parameter
Cross-Site Scripting (XSS) Vulnerability in Tautulli 2.1.26 via Crafted Plex Username in History Page
Arbitrary Remote Code Execution in WordPress via Crafted Image Upload (CVE-2019-8943)
Arbitrary Directory Write Vulnerability in WordPress wp_crop_image()
Information Exposure in Terraform Deployment Step in Octopus Deploy
Persistent XSS Vulnerability in Zimbra Collaboration 8.7.x - 8.8.11P2
Persistent XSS Vulnerability in Zimbra Collaboration 8.7.x - 8.8.11P2
Non-Persistent XSS Vulnerability in Zimbra Collaboration 8.7.x - 8.8.11P2
Script Injection Vulnerability in PaperCut MF and PaperCut NG (PC-15163)
Backdoor Account Vulnerability in DASAN H665 Devices with Firmware 1.46p1-0028
Open Redirect Vulnerability in Bosch Hardware and Software Products
Path Traversal Vulnerability in Bosch Hardware and Software Products
XSS Vulnerability in HAProxy Package for pfSense
Arbitrary Code Execution Vulnerability in Indexhibit 2.1.5
Remote Denial of Service via Memory Exhaustion in KIST Cell Scheduler
Use-after-free vulnerability in sctp_sendmsg() function allows memory corruption
Denial of Service Vulnerability in FlexNet Publisher lmadmin.exe Version 11.16.2: Command Handling DoS
Stack Exhaustion Denial of Service Vulnerability in FlexNet Publisher lmadmin.exe 11.16.2
FlexNet Publisher's lmadmin 11.16.5 Denial of Service (DoS) Vulnerability via Crafted POST Request
Race Condition Exploitation in Ellucian Banner Web Tailor and Banner Enterprise Identity Services
SQL Injection Vulnerability in Kohana through 3.3.6 via Controlled order_by() Parameter
Memory Leak Vulnerability in Linux Kernel's kernel_read_file Function
Buffer Overflow Vulnerability in axTLS 2.1.5: Mismanaged need_bytes Value in tls1.c
File Disclosure and Server-Side Request Forgery (SSRF) in WaveMaker Studio 6.6
Cross-Site Scripting (XSS) Vulnerability in MDaemon Webmail 14.x through 18.x
Cross-Site Scripting (XSS) Vulnerability in MDaemon Webmail 14.x through 18.x before 18.5.2
Stack-based Buffer Overflow in Netis WF2xxx Devices: Unauthenticated Remote Code Execution
File Copy Vulnerability in TIBCO JasperReports Server and TIBCO JasperReports Server for ActiveMatrix BPM
Persistent Cross-Site Scripting Vulnerability in TIBCO Data Science and Spotfire Data Science
Persistent Cross-Site Scripting Vulnerability in TIBCO Data Science and Spotfire Data Science
User Account Spoofing Vulnerability in TIBCO Data Science and Spotfire Data Science
Unauthenticated HTTP Requests Bypass Authentication in TIBCO ActiveMatrix BusinessWorks
Multiple Cross-Site Scripting (XSS) and Cross-Site Request Forgery (CSRF) Vulnerabilities in TIBCO Software Inc.'s ActiveMatrix BPM, ActiveMatrix BPM Distribution for Silver Fabric, ActiveMatrix Policy Director, ActiveMatrix Service Bus, ActiveMatrix Service Grid, Silver Fabric Enabler for ActiveMatrix BPM, and Silver Fabric Enabler for ActiveMatrix Service Grid
Arbitrary Code Execution Vulnerability in TIBCO ActiveMatrix Products
Unauthenticated File Download Vulnerability in TIBCO Software Inc.'s ActiveMatrix Products
Authenticated User Settings Manipulation Vulnerability in TIBCO ActiveMatrix BPM Workspace Client
URL Redirection Vulnerability in TIBCO ActiveMatrix BPM and TIBCO Silver Fabric
Buffer Overflow Vulnerability in Signiant Manager+Agents Implementation of the Set Command
XML External Entity Injection (XXE) Vulnerability in BlackBerry AtHoc Management System
Information Disclosure and Local Privilege Escalation Vulnerability in BlackBerry QNX Software Development Platform
XML External Entity (XXE) Vulnerability in BlackBerry UEM Core
Arbitrary PHP Code Execution in Tiny Issue and pixeline Bugs
Use-after-free vulnerability in Linux kernel before 4.20.5 in drivers/char/ipmi/ipmi_msghandler.c
Memory Leak Vulnerability in Eclipse Wakaama (formerly liblwm2m) 1.0
Directory Traversal Vulnerability in Cprime Power Scripts App for Atlassian Jira
Privilege Escalation Vulnerability in 3S-Smart CODESYS V3
Network Packet Crafted to Crash Control Runtime in 3S-Smart CODESYS
Insecure Ownership Verification in CODESYS Gateway
User Enumeration Vulnerability in Pilz PMC Programming Tool 3.x
Uncontrolled Memory Allocation Vulnerability in CODESYS V3 Products
Insufficient Transport Protection of User Credentials in CODESYS V3 Products
Path Traversal Vulnerability in MOPCMS Allows Deletion of Critical Files
Persistent XSS Vulnerability in MOPCMS through 2018-11-30
Buffer Overflow Vulnerability in SolarWinds DameWare Mini Remote Control 10.0 x64
USB Keyboard and Mouse Exploit in British Airways Entertainment System
Heap Out-of-Bounds Read Vulnerability in PHP's xmlrpc_decode() Function
Heap-based Buffer Over-read in PHAR Reading Functions
Buffer Overflow Vulnerability in PHP's dns_get_record Function
Heap-based Buffer Over-read Vulnerability in PHP mbstring Regular Expression Functions
Memory Read Vulnerability in PHP's xmlrpc_decode() Function
Buffer Overflow Vulnerability in PHP 7.3.x
Heap-Based Buffer Overflow in InflateVarName() Function
Heap-Based Buffer Overflow in ReadNextCell() Function in libmatio.a
Stack-based Buffer Over-read in InflateDimensions() Function
Out-of-Bounds Read Vulnerability in libmatio.a
Stack-based Buffer Over-read in Mat_VarReadNextInfo5() in mat5.c
NULL Pointer Dereference in Mat_VarFree() Function in libmatio.a
Out-of-Bounds Write Vulnerability in Mat_VarFree() Function
Stack-based Buffer Over-read in ReadNextCell() Function of libmatio.a
Stack-based Buffer Over-read in ReadNextCell() Function
Stack-based Buffer Over-read in ReadNextStructField() in mat5.c
Heap-Based Buffer Overflow in ReadNextFunctionHandle() in libmatio.a
Buffer Over-read in Mat_VarPrint() Function in libmatio.a
Out-of-Bounds Read Vulnerability in libmatio.a
Arbitrary N1QL Statement Injection and Denial of Service Vulnerability in Couchbase Sync Gateway 2.1.2
CSRF Vulnerability in S-CMS PHP v3.0 Allows Unauthorized Addition of Admin User
PHP Code Execution Vulnerability in ZZZCMS zzzphp V1.6.1
Arbitrary Code Execution via Unfiltered File Upload in Sitemagic CMS v4.4
SQL Injection Vulnerability in GoRose v1.0.4 via Controllable order_by or group_by Parameter
CSRF Vulnerability in Pluck 4.7.9-dev1 Allows Theme Deletion
CSRF Vulnerability in Pluck 4.7.9-dev1 Allows Unauthorized Module Deletion
Arbitrary Code Execution via ZIP Archive Upload in Pluck 4.7.9-dev1
CSRF Vulnerability in Pluck 4.7.9-dev1 Allows Unauthorized Article Deletion
CSRF Vulnerability in Pluck 4.7.9-dev1 Allows Unauthorized Picture Deletion
Unauthenticated Blind Time-Based SQL Injection in CMS Made Simple 2.2.8 via News Module
Unprivileged User Object Injection in CMS Made Simple 2.2.8 DesignManager Module
Authenticated Object Injection in CMS Made Simple 2.2.8 via Untrusted __FEU__ Cookie
Authenticated Object Injection in CMS Made Simple 2.2.8 FilePicker Module
Authenticated Object Injection in CMS Made Simple 2.2.8 via sel_groups Parameter
Command Injection Vulnerability in CMS Made Simple 2.2.8
Unauthenticated Path Traversal and Arbitrary File Read Vulnerabilities in CMS Made Simple 2.2.8
Authenticated Object Injection in CMS Made Simple 2.2.8 ModuleManager
Cross-Site Request Forgery (CSRF) Vulnerability in PHP Scripts Mall Online Food Ordering Script 1.0
Payment Amount Parameter Tampering Vulnerability in PHP Scripts Mall Auction Website Script 2.0.4
Directory Traversal Vulnerability in PHP Scripts Mall Cab Booking Script 1.0.3
Parameter Tampering Vulnerability in PHP Scripts Mall Custom T-Shirt Ecommerce Script 3.1.1
HTML Injection Vulnerability in PHP Appointment Booking Script 3.0.3
Heap-based Buffer Over-read in d_expression_1 in GNU libiberty
Stack Consumption Vulnerability in GNU libiberty
Excessive Memory Allocation Vulnerability in GNU Binutils 2.32
Excessive Memory Allocation Vulnerability in GNU Binutils 2.32
Out-of-Bounds Read Vulnerability in GNU Binutils 2.32
Heap-based Buffer Overflow in _bfd_archive_64_bit_slurp_armap in GNU Binutils 2.32
Excessive Memory Allocation Vulnerability in GNU Binutils 2.32
Heap-based Buffer Overflow in GNU Binutils 2.32 via Malformed MIPS Option Section
XSS Vulnerability in zzcms 2019 via Arbitrary User/ask.php?do=modify Parameter
Insecure Password Storage in DomainMOD before 4.14.0
Remote Command Execution in ThinkPHP before 3.2.4
SQL Injection Vulnerability in SQLiteManager 1.20 and 1.24 via /sqlitemanager/main.php dbsel parameter
Remote Denial of Service Vulnerability in Hoteldruid before 2.3.1
Denial of Service Vulnerability in Hoteldruid v2.3.1
SQL Injection Vulnerability in HotelDruid v2.3.1 and Earlier via /visualizza_tabelle.php anno Parameter
SQL Injection Vulnerability in HotelDruid v2.3.1 and Earlier via /tab_tariffe.php numtariffa1 Parameter
Reflected Cross Site Scripting (XSS) Vulnerability in Humhub 1.3.10 Community Edition's file/file/upload
Reflected Cross Site Scripting (XSS) Vulnerability in Humhub 1.3.10 Community Edition's /s/adada/cfiles/upload
Weak Encryption Vulnerability in Moxa MGate Devices
Insufficient Password Requirements in Moxa MGate Devices
Denial of Service Vulnerability in Moxa MGate Devices
Integer Overflow in Moxa MGate Devices: Remote DoS Vulnerability
Buffer Overflow Vulnerability in Moxa MGate Devices
Cleartext Transmission of Sensitive Information in Moxa MGate Devices
Predictable Token Generation Vulnerability
Unauthorized Access to Sensitive Information on Moxa MGate Devices
Cleartext Passwords in Configuration File Vulnerability
Unauthenticated API Access in SAET Impianti Speciali TEBE Small 05.01 Build 1137
Remote File Inclusion Vulnerability in SAET Impianti Speciali TEBE Small 05.01 build 1137
Cross-Site Scripting (XSS) Vulnerability in WUZHI CMS 4.1.0 via index.php?m=attachment&f=imagecut&v=init&imgurl=[XSS]
Cross-Site Scripting (XSS) Vulnerability in WUZHI CMS 4.1.0 via index.php?m=core&f=map&v=baidumap&x=[XSS]&y=[XSS]
Cross-Site Scripting (XSS) Vulnerability in WUZHI CMS 4.1.0 via index.php?m=message&f=message&v=add&username=[XSS]
Cross-Site Scripting (XSS) Vulnerability in WUZHI CMS 4.1.0 via index.php?m=content&f=postinfo&v=listing&set_iframe=[XSS]
Integer Overflow and OOPS Vulnerability in Xiaomi MIX 3 MSM GPU Driver
Integer Overflow and OOPS Vulnerability in Xiaomi MIX 3 MSM GPU Driver
NULL Pointer Dereference in getString() Function in Ming (libming) 0.4.8
Out of Bounds Write Vulnerability in Ming (libming) 0.4.8
Unsafe eval usage in util/utils.js allows code execution in irisnet-crypto before 1.1.7 for IRISnet
DLL Hijacking Vulnerability in Sublime Text 3 version 3.1.1 build 3176 on 32-bit Windows Platforms
Command Injection Vulnerability in Motorola C1 and M2 Devices
Command Injection Vulnerability in Motorola C1 and M2 Devices
Command Injection Vulnerability in Motorola C1 and M2 Devices
Command Injection Vulnerability in Motorola C1 and M2 Devices
Command Injection Vulnerability in Motorola C1 and M2 Devices
Arbitrary Command Execution Vulnerability in D-Link DIR-825 Rev.B 2.10 Devices
Blank Password Vulnerability on D-Link DIR-825 Rev.B 2.10 Devices
Authentication Bypass Vulnerability in D-Link DIR-878 1.12B01 Devices
Stack-based Buffer Overflow Vulnerability in D-Link DIR-878 1.12B01 Devices
Information Disclosure Vulnerability in D-Link DIR-825 Rev.B 2.10: Exposing Sensitive Device Information via router_info.xml
Remote Code Execution Vulnerability in KaKaoTalk PC Messenger
Subtitle Processing Integer Underflow Vulnerability in KMPlayer 2018.12.24.14 or Lower
Stack-based Buffer Overflow in Architectural Information System 1.0 and Earlier Versions
Heap-based Overflow Vulnerability in DaviewIndy 8.98.7 and Earlier Versions
Heap-based Overflow Vulnerability in DaviewIndy 8.98.7 and Earlier Versions
Integer Overflow Vulnerability in DaviewIndy 8.98.7 and Earlier Versions
Integer Overflow Vulnerability in DaviewIndy 8.98.7 and Earlier Versions
Integer Overflow Vulnerability in DaviewIndy 8.98.7 and Earlier Versions
Deeplink Scheme Processing Vulnerability in Happypoint Mobile App 6.3.19 and Earlier Versions
Arbitrary File Execution Vulnerability in ZInsVX.dll ActiveX Control
Cross-Site Scripting (XSS) Vulnerability in b3log Symphony (Sym) v3.4.7 and earlier
Infinite Recursion Vulnerability in Exiv2 0.27
Infinite Recursion Vulnerability in Exiv2 0.27
XSS Vulnerability in Hsycms V1.1 via Name Field on /book Page
Vulnerability: Man-in-the-Middle Attack in Jamf Self Service 10.9.0
Clickjacking Vulnerability in Mailvelope Settings Page
Invalid PGP Public Key Import Vulnerability in Mailvelope
Privilege Escalation and Unauthorized Key Operations in Mailvelope
Mailvelope Prior to 3.3.0: Unauthenticated Public Key Import Vulnerability
Out of Bounds Read Vulnerability in HDF HDF5 1.10.4 Library
Out of Bounds Read Vulnerability in HDF HDF5 1.10.4 Library
OpenPGP.js <=4.1.2 Vulnerability: Signature Replacement for Forging Signed Messages
OpenPGP.js <=4.1.2 Vulnerability: Signature Verification Bypass
Invalid Curve Attack in OpenPGP.js <=4.2.0: Exploiting Cryptographic Vulnerability to Obtain ECDH Private Key
Gemalto DS3 Authentication Server 2.6.1-SP01 OS Command Injection Vulnerability
Local File Disclosure Vulnerability in Gemalto DS3 Authentication Server 2.6.1-SP01
Gemalto DS3 Authentication Server 2.6.1-SP01 Broken Access Control Vulnerability
Backdoor Account Vulnerability in Sangfor Sundray WLAN Controller
Remote Code Execution Vulnerability in Sangfor Sundray WLAN Controller Version 3.7.4.2 and Earlier
Insufficient ASN.1 Length Checks in SNMP NAT Module Leading to OOPS or Local Privilege Escalation
Arbitrary Code Execution via Crafted XAML Objects in March Networks Command Client
Arbitrary Remote Command Execution in Nagios XI Autodiscovery
SQL Injection Vulnerability in Nagios XI API Allows Arbitrary SQL Command Execution
Privilege Escalation in Nagios XI: Root Access via config.inc.php and import_xiconfig.php
Arbitrary Code Injection through Nagios XI's xiwindow Parameter
XSS Vulnerability in WooCommerce Photoswipe Caption
Heap-based Buffer Over-read in GNU C Library's posix/regexec.c
Incorrect Access Control Vulnerability in GitLab Community and Enterprise Edition
Information Exposure Vulnerability in GitLab Community and Enterprise Edition
Information Exposure Vulnerability in GitLab Community and Enterprise Edition
SSRF Vulnerability in GitLab Community and Enterprise Edition
Information Exposure Vulnerability in GitLab Community and Enterprise Edition
CSRF Vulnerability in GitLab Community and Enterprise Edition
Information Exposure Vulnerability in GitLab Community and Enterprise Edition
Information Exposure Vulnerability in GitLab Community and Enterprise Edition
Arbitrary PHP Code Execution via Logo Upload in SchoolCMS 2.3.1
CSRF Vulnerability in ZZZCMS zzzphp V1.6.1 via /admin015/save.php?act=editfile Endpoint
Buffer Overflow Vulnerability in Contiki-NG and Contiki
J2Store Plugin 3.x SQL Injection Vulnerability
Arbitrary PHP Code Execution via File Extension Renaming in Bolt CMS
Remote Code Execution Vulnerability in JetBrains IntelliJ IDEA Spring Boot Run Configuration
SSRF and Local File Read Vulnerability in ikiwiki
Arbitrary Python Script Upload Vulnerability in Prima Systems FlexAir
Lack of Per-Session Forward Secrecy in ETSI Enterprise Transport Security (ETS) Protocol
Uncontrolled Recursion Vulnerability in GNU C Library (glibc) through 2.29
Arbitrary Code Execution via PostgreSQL's COPY TO/FROM PROGRAM Function
Command Injection Vulnerability in elFinder PHP Connector (Versions prior to 2.1.48)
Arbitrary Code Execution via Directory Traversal in Grin 1.0.2
Biometrical Liveness Authentication Bypass in Aware Mobile Liveness 2.2.1 SDK 2.2.0 for Knomi
Remote Code Execution Vulnerability in Unity Editor 2018.3
NULL Pointer Dereference Vulnerability in PoDoFo 0.9.6's PdfTranslator::setSource() Function
Heap-based Buffer Underwrite Vulnerability in Poppler 0.74.0
Phoenix Contact Devices: Remote TCP Session Hijacking and Information Disclosure Vulnerability
Arbitrary Code Execution Vulnerability in Nagios IM (Nagios XI)
Authorization Bypass in Nagios IM API Allows Unauthorized Incident Closure
Arbitrary SQL Command Execution Vulnerability in Nagios IM (Nagios XI)
XSS Vulnerability in PRTG Network Monitor v7.1.3.3378 via /public/login.htm errormsg or loginurl parameter
XSS Vulnerability in PRTG Network Monitor v7.1.3.3378 via /search.htm searchtext Parameter
TCAP Dissector Null Pointer Dereference Vulnerability
Buffer Overflow Vulnerability in Wireshark ASN.1 BER Dissectors
Integer Overflow and Buffer Overflow in AdvanceCOMP 2.1's png_compress Function
Denial of Service Vulnerability in GNU PSPP 1.2.0: Assertion Abort in write_long_string_missing_values()
Arbitrary Command Execution in SOFA-Hessian through 4.0.2 via Serialized Hessian Object
Vulnerability: Kernel NULL Pointer Dereference Exploit in Linux Kernel
RPCAP Dissector NULL Conversation Dereference Vulnerability
Live555 before 2019.02.27: Vulnerability in parseAuthorizationHeader function allows for invalid memory access due to malformed headers
Misrepresentation of Critical Information in GitLab User Interface
Incorrect Access Control Vulnerability in GitLab Community and Enterprise Edition
Incorrect Access Control Vulnerability in GitLab Community and Enterprise Edition
Uncontrolled Resource Consumption Vulnerability in GitLab Community and Enterprise Edition
Incorrect Access Control Vulnerability in GitLab Community and Enterprise Edition
Insecure Permissions Vulnerability in GitLab Community and Enterprise Edition
Information Exposure Vulnerability in GitLab Community and Enterprise Edition
Incorrect Access Control Vulnerability in GitLab Community and Enterprise Edition
Incorrect Access Control Vulnerability in GitLab Community and Enterprise Edition
Persistent XSS Vulnerability in baigo CMS 2.1.1
Arbitrary Code Execution Vulnerability in baigo CMS 2.1.1
Denial of Service Vulnerability in AudioCodes Mediant Devices
Vulnerability: Unauthorized Access to Quagga VTYs on AudioCodes Mediant Devices
Cross-Site Scripting (XSS) Vulnerability in AudioCodes Mediant Devices
Cross-Site Request Forgery (CSRF) Vulnerability in AudioCodes Mediant Devices
Out of Bounds Read Vulnerability in libvpx
Out of Bounds Read Vulnerability in wpa_supplicant_8 Allows Remote Information Disclosure
Out of Bounds Read Vulnerability in wpa_supplicant_8 Allows Remote Information Disclosure
NFC Out of Bounds Read Vulnerability in Android-10 (A-122323053)
NFC Out of Bounds Read Vulnerability in Android-10 (A-122322613)
Android Bluetooth Vulnerability: Remote Information Disclosure via Out of Bounds Read
NFC Stack Out of Bounds Write Vulnerability in Android-10 (A-121267042)
NFC Out of Bounds Read Vulnerability in Android-10 (A-121263487)
NFC Out of Bounds Read Vulnerability in Android-10 (A-121150966)
Bluetooth Out of Bounds Read Vulnerability in Android
NFC Out of Bounds Read Vulnerability in Android-10 (A-121035878)
Out of Bounds Read Vulnerability in wpa_supplicant_8
NFC Out of Bounds Read Vulnerability in Android-10 (A-120865977)
Out of Bounds Read Vulnerability in Android Kernel's f2fs Driver
NFC Out of Bounds Read Vulnerability in Android-10 (A-120428637)
Missing Variable Initialization in AAC Codec: Remote Information Disclosure Vulnerability
Out of Bounds Write Vulnerability in Android Kernel's FingerTipS Touchscreen Driver
Android Bluetooth Vulnerability: Out of Bounds Read Leading to Local Information Disclosure
Bluetooth Out of Bounds Read Vulnerability in Android
NFC Out of Bounds Read Vulnerability in Android-10 (A-120274615)
Uninitialized Data Out-of-Bounds Read Vulnerability in libavc
Vulnerability: Insecure Storage of Symmetric Keys in KeyStore
Command Injection Vulnerability in readArgumentList of zygote.java in Android 10
Integer Overflow Vulnerability in libmediaextractor Allows Remote Code Execution
Android Bluetooth Integer Overflow Vulnerability Allows Local Privilege Escalation
Out of Bounds Write Vulnerability in wifilogd Allows Local Privilege Escalation
Bluetooth Stack Use After Free Vulnerability in Android-10 (A-113575306)
Bluetooth Out of Bounds Read Vulnerability in Android
Out of Bounds Read Vulnerability in libxaac on Android-10 (A-116774214)
Integer Overflow Vulnerability in MPEG4Extractor Allows for Remote Code Execution
Android Telephony Vulnerability: Local Privilege Escalation without User Interaction
Out of Bounds Read Vulnerability in libxaac on Android-10 (A-116774502)
Bluetooth Out of Bounds Read Vulnerability in Android
Out of Bounds Write Vulnerability in sensorservice
Use-after-free vulnerability in libstagefright allows for local privilege escalation
Cached Linux User ID Permissions Bypass in Android System Settings
Out of Bounds Write Vulnerability in Android Kernel WiFi Drivers
Race Condition in Android Kernel's mnh Driver Allows Privilege Escalation
WiFi State Leak: Location Disclosure Vulnerability in Android-10
Use-after-free vulnerability in Android kernel's synaptics_dsx_htc touchscreen driver allows for local privilege escalation
Out of Bounds Write Vulnerability in Android Kernel's mnh Driver
Use After Free Vulnerability in Android Kernel's mnh Driver Allows Privilege Escalation
Android Kernel Synaptics_dsx_htc Touchscreen Driver Out-of-Bounds Write Vulnerability
Information Disclosure Vulnerability in Android-10's proc Filesystem
Integer Overflow Vulnerability in libexif Allows for Remote Privilege Escalation
Android WiFi Hotspot Service Null Pointer Dereference Denial of Service Vulnerability
Improper Permission Checks in Keyguard: Local Privilege Escalation Vulnerability
Path Traversal Vulnerability in GoogleContactsSyncAdapter Allows Bypass of User Interaction Requirements
Skia Out of Bounds Read Vulnerability in Android-10 (A-113211371)
Resource Exhaustion Vulnerability in AAC Codec on Android-10 (Android ID: A-112663564)
Android Bluetooth Out of Bounds Read Vulnerability: Remote Information Disclosure
Android Bluetooth Out of Bounds Read Vulnerability Allows Remote Denial of Service
Bluetooth Out of Bounds Read Vulnerability in Android
Android Bluetooth Out of Bounds Read Vulnerability (A-78287084)
Out of Bounds Write Vulnerability in libhidcommand_jni
Bluetooth Out of Bounds Read Vulnerability in Android
Memory Corruption Vulnerability in tzdata Allocation and Deallocation Functions
Critical Remote Code Execution Vulnerability in Bluetooth on Android-10
Information Disclosure Vulnerability in Android Activity Manager Service
Out of Bounds Read Vulnerability in libstagefright Allows Remote Information Disclosure
Out of Bounds Read Vulnerability in libstagefright Allows Remote Information Disclosure
Possible Bypass of User Interaction Requirements in com.android.apps.tag
NFC Out of Bounds Read Vulnerability in Android-10 (A-112162089)
Integer Overflow Vulnerability in libAACdec Allows for Remote Code Execution
Integer Overflow Vulnerability in libAACdec Allows for Remote Code Execution
Integer Overflow Vulnerability in libAACdec Allows for Remote Code Execution
Integer Overflow Vulnerability in libAACdec Allows for Remote Code Execution
Integer Overflow Vulnerability in libAACdec Allows for Remote Code Execution
Integer Overflow Vulnerability in libAACdec Allows for Remote Code Execution
Integer Overflow Vulnerability in libFDK: Remote Code Execution in Android
Integer Overflow Vulnerability in libMpegTPDec Allows Remote Code Execution on Android
Integer Overflow Vulnerability in libAACdec Allows for Remote Code Execution
Integer Overflow Vulnerability in libMpegTPDec Allows Remote Code Execution on Android
Integer Overflow Vulnerability in libAACdec Allows for Remote Code Execution
Integer Overflow Vulnerability in libAACdec Allows for Remote Code Execution
NFC Out of Bounds Write Vulnerability in Android-10 (A-117985575)
Integer Overflow Vulnerability in libFDK: Remote Code Execution in Android
Bluetooth Integer Overflow Vulnerability in Android-10: Remote Denial of Service on Incoming Calls
Android Bluetooth Vulnerability: Out of Bounds Read Leading to Local Information Disclosure
Missing Variable Initialization in libstagefright: Remote Information Disclosure Vulnerability
Missing Variable Initialization in libavc: Remote Information Disclosure Vulnerability
Missing Variable Initialization in libhevc: Remote Information Disclosure Vulnerability
Missing Variable Initialization in libstagefright: Remote Information Disclosure Vulnerability
Missing Variable Initialization in libstagefright: Remote Information Disclosure Vulnerability
Missing Variable Initialization in libhevc: Remote Information Disclosure Vulnerability
Missing Variable Initialization in libavc: Remote Information Disclosure Vulnerability
Missing Variable Initialization in libavc: Remote Information Disclosure Vulnerability
Missing Variable Initialization in libavc: Remote Information Disclosure Vulnerability
Uninitialized Data Vulnerability in libavc Allows Remote Information Disclosure
Unauthenticated Access to Wallpaper Images in Android Wallpaper Manager Service
Out of Bounds Read Vulnerability in libvpx
Bluetooth Out of Bounds Read Vulnerability in Android
Android Bluetooth Out of Bounds Read Vulnerability: Remote Information Disclosure
Android Bluetooth Out of Bounds Read Vulnerability: Remote Information Disclosure
Uninitialized Data Vulnerability in Bluetooth on Android-10 (A-112917952)
Android Bluetooth Out of Bounds Read Vulnerability (A-111214739)
Bluetooth Out of Bounds Read Vulnerability in Android
Bluetooth Out of Bounds Read Vulnerability in Android
Bluetooth Out of Bounds Read Vulnerability in Android
Uninitialized Data Vulnerability in libhevc Allows Remote Information Disclosure
Uninitialized Data Vulnerability in libavc Allows Remote Information Disclosure
Uninitialized Data Vulnerability in libavc Allows Remote Information Disclosure
Uninitialized Data Vulnerability in libavc Allows Remote Information Disclosure
Uninitialized Data Vulnerability in libavc Allows Remote Information Disclosure
Android Bluetooth Out of Bounds Read Vulnerability (A-111214770)
Bluetooth Out of Bounds Read Vulnerability in Android
Bluetooth Out of Bounds Read Vulnerability in Android
NFC Server Out of Bounds Read Vulnerability
Shared Mapping of OBB Files in Android Kernel Allows Local Privilege Escalation
Heap Buffer Overflow in libstagefright: Remote Code Execution Vulnerability
Possible Out of Bounds Read Vulnerability in m4v_h263 Codec in Android
Remote Denial of Service Vulnerability in libstagefright on Android-10 (CVE-2020-XXXX)
Remote Denial of Service Vulnerability in libstagefright on Android-10 (A-124330204)
Use-after-free vulnerability in Keymaster in Android-10 allows for local escalation of privilege without additional execution privileges (CVE-2020-XXXXX)
Missing Permission Check in SyncStatusObserver Allows for User Profile Bypass and Limited Information Disclosure in Android
Resource Exhaustion Vulnerability in libstagefright: Remote Denial of Service in Android
Android Bluetooth Out of Bounds Read Vulnerability
NFC Server Out of Bounds Read Vulnerability
Bluetooth Out of Bounds Read Vulnerability in Android
NFC Server Out of Bounds Read Vulnerability
Integer Overflow Vulnerability in libAACdec Allows for Remote Code Execution
NFC Out of Bounds Write Vulnerability in Android-10 (A-120156401)
Uninitialized Data Vulnerability in libavc Allows Remote Information Disclosure
Out of Bounds Read Vulnerability in Android TEE
Uninitialized Data Vulnerability in libavc Allows Remote Information Disclosure
Out of Bounds Read Vulnerability in libSACdec of Android-10 (A-120426980)
Android Bluetooth Out of Bounds Write Vulnerability Allows Remote Code Execution
Background User Audio Disclosure Vulnerability in AudioService
Critical Bluetooth Deserialization Vulnerability in Android-10 Allows Remote Code Execution
Out of Bounds Read Vulnerability in libSBRdec of Android-10 (A-112052062)
Android Bluetooth Out of Bounds Read Vulnerability: Remote Information Disclosure
Bluetooth Out of Bounds Read Vulnerability in Android
Uninitialized Variable Vulnerability in Bluetooth on Android-10 (A-79995407)
Android-10 Sonivox Out of Bounds Read Vulnerability
Resource Exhaustion Vulnerability in libvpx Leads to Remote Denial of Service in Android
Null Pointer Dereference Vulnerability in libskia
Mismatched Serialization/Deserialization in JobStore Allows for Local Denial of Service in Android
Race condition vulnerability in hostapd allows for local privilege escalation
Improper Input Validation in Account.java Leads to Local Denial of Service Vulnerability
Local Information Disclosure of Biometric Metadata in FingerprintService
Permission Bypass Vulnerability in Activity Manager Service
Resource Exhaustion Vulnerability in libstagefright: Remote Denial of Service in Android
Possible Spoofing Vulnerability in Android-10 Settings UI Allows Unauthorized Permission Changes
Possible Out of Bounds Read Vulnerability in netd with Use After Free
Out of Bounds Write Vulnerability in libeffects Allows Remote Code Execution
NFC Server Out of Bounds Read Vulnerability
Improper Permissions Check in LockPatternUtils Allows Local Privilege Escalation
Out of Bounds Read Vulnerability in libxaac Allows Remote Information Disclosure
Out of Bounds Write Vulnerability in NFC Server Allows Local Privilege Escalation
Android Bluetooth Vulnerability: Remote Information Disclosure via Out of Bounds Read
Bluetooth Out of Bounds Read Vulnerability in Android
Android Bluetooth Out of Bounds Read Vulnerability Allows Remote Denial of Service
Android Bluetooth Out of Bounds Read Vulnerability Allows Remote Denial of Service
Uninitialized Data Out-of-Bounds Read Vulnerability in libxaac
Bluetooth Vulnerability: Remote Denial of Service in Android-10 (A-116357965)
Bluetooth Vulnerability: Remote Denial of Service in Android-10 (A-116351796)
Bluetooth Vulnerability: Remote Denial of Service in Android-10 (A-116267405)
Bluetooth Denial of Service Vulnerability in Android-10 (CVE-2020-XXXXX)
Bluetooth Denial of Service Vulnerability in Android-10 (CVE-2020-XXXXX)
Bluetooth Vulnerability: Remote Denial of Service in Android-10 (A-115745406)
Vulnerability: Man-in-the-Middle Attack in Android Print Service
Bluetooth Null Pointer Dereference Vulnerability in Android-10 (A-115509589)
Bluetooth Denial of Service Vulnerability in Android-10 (CVE-2020-XXXXX)
Bluetooth Denial of Service Vulnerability in Android-10 (CVE-2020-XXXXX)
Improper Casting in cn-cbor Library Leads to Out-of-Bounds Read Vulnerability
Bluetooth Vulnerability: Remote Denial of Service Exploit in Android-10 (A-112923309)
Integer Overflow Vulnerability in libAACdec Allows for Remote Code Execution
Uninitialized Data in libhevc: Remote Information Disclosure Vulnerability in Android-10 (A-112552517)
Possible Permissions Bypass in Android Notification Management
Uninitialized Data Vulnerability in libavc Allows Remote Information Disclosure
Uninitialized Data in libhevc: Remote Information Disclosure Vulnerability in Android-10 (A-112272091)
Uninitialized Data Vulnerability in libavc Allows Remote Information Disclosure
Uninitialized Data Vulnerability in libavc Allows Remote Information Disclosure
Out of Bounds Read Vulnerability in libSBRdec Allows Remote Information Disclosure
Android Bluetooth Vulnerability: Remote Information Disclosure via Out of Bounds Read
Improper Input Validation in wpa_supplicant Allows for Man-in-the-Middle Attack
Uninitialized Data Vulnerability in libstagefright: Remote Information Disclosure in Android
Uninitialized Data in libstagefright: Remote Information Disclosure Vulnerability
Android Bluetooth Vulnerability: Out of Bounds Read Leading to Local Information Disclosure
Resource Exhaustion Vulnerability in libstagefright: Remote Denial of Service in Android
Android Bluetooth Vulnerability: Remote Information Disclosure via Out of Bounds Read
Integer Overflow Vulnerability in libhevc Leads to Remote Denial of Service in Android
Integer Overflow Vulnerability in libandroidfw: Local Information Disclosure
Android Bluetooth Vulnerability: Remote Information Disclosure via Out of Bounds Read
Out of Bounds Write Vulnerability in OpenCV with libpng Integration
Information Disclosure Vulnerability in Android Screen Lock
Android Bluetooth Out of Bounds Read Vulnerability Allows Remote Denial of Service
Android Bluetooth Kernel Out-of-Bounds Write Vulnerability
Bluetooth Use After Free Vulnerability in Android-10: Local Information Disclosure
Remote Information Disclosure Vulnerability in Android-10: Exploiting BROWSEABLE Intents to Access Sensitive URLs
Out of Bounds Write Vulnerability in profman Allows Local Privilege Escalation
Bluetooth Null Pointer Dereference Vulnerability in Android-10 (A-109838296)
Bluetooth Use After Free Vulnerability in Android-10: Remote Information Disclosure
Android Bluetooth Server Out of Bounds Read Vulnerability
Possible Information Disclosure in libvpx: Remote Exploitation on Android-10 (A-80479354)
Bluetooth Out of Bounds Read Vulnerability in Android
Android Bluetooth Out of Bounds Read Vulnerability
Secure Boot Bypass Vulnerability in Android Kernel Bootloader
Package Manager Information Disclosure Vulnerability
Possible Information Disclosure in AOSP Email App: Local File Access Vulnerability
Out of Bounds Write Vulnerability in Android Kernel's mnh Driver Allows Privilege Escalation
Android Kernel mnh Driver Use After Free Memory Corruption Vulnerability
Android Kernel vl53L0 Driver Out of Bounds Write Vulnerability
Kernel Pointer Leak in Android Sync Debug FS Driver
Out of Bounds Read Vulnerability in Android F2FS Driver
Out of Bounds Write Vulnerability in Android Kernel's FingerTipS Touchscreen Driver
Use-after-free vulnerability in Android kernel's FingerTipS touchscreen driver allows for local privilege escalation
Out of Bounds Write Vulnerability in Android Kernel's FingerTipS Touchscreen Driver
Out of Bounds Read Vulnerability in Android Kernel's FingerTipS Touchscreen Driver
Race condition vulnerability in Android kernel's FingerTipS touchscreen driver allows for local privilege escalation
Out of Bounds Write Vulnerability in Android Touchscreen Driver Allows Local Privilege Escalation
Out of Bounds Read Vulnerability in Android Kernel SEC_TS Touch Driver
Out of Bounds Read Vulnerability in Android F2FS Touch Driver
Out of Bounds Write Vulnerability in Android Kernel i2c Driver
Kernel Pointer Leak Vulnerability in Android Video Driver
Android Kernel in Pixel C USB Monitor Driver OOB Write Vulnerability
Race Condition Use After Free Vulnerability in Android Kernel Video Driver Allows Local Privilege Escalation
Heap Buffer Overflow in libttspico: Remote Privilege Escalation in Android
Android Kernel VPN Routing Information Disclosure Vulnerability
Bluetooth Out of Bounds Read Vulnerability in Android-10 (A-91544774)
Possible Bypass of User Interaction Requirements in Android-10: Local Privilege Escalation Vulnerability
Incorrect Warning in Location Access Permissions in Android
Titan M Cryptographic Operations Information Disclosure Vulnerability
Kernel Command Injection Vulnerability in Android Bootloader
Double Free Vulnerability in export_key_der of export_key.cpp in Android
Out of Bounds Write Vulnerability in km_compute_shared_hmac of Android Kernel
Out of Bounds Write Vulnerability in dma_sblk_start of abc-pcie.c
Out of Bounds Write Vulnerability in set_outbound_iatu of abc-pcie.c
Timing Attack Vulnerability in DCRYPTO_equals of compare.c
Bluetooth Out of Bounds Read Vulnerability in Android
Bluetooth Out of Bounds Read Vulnerability in Android
Information Disclosure Vulnerability in /proc/net Filesystem
Unauthorized Access to Sightings in MISP 2.4.102
Amazon Ring Doorbell Encryption Vulnerability
Remote Access Vulnerability in Glen Dimplex Deutschland GmbH's Carel pCOWeb Configuration Tool
Insecure Permissions Vulnerability in GitLab Community and Enterprise Edition
Privilege Escalation Vulnerability in STRATO HiDrive Desktop Client 5.0.1.0 for Windows
XML External Entity Attack Vulnerability in Trend Micro Deep Security Manager (10.x, 11.x) and Vulnerability Protection (2.0)
Arbitrary File Modification Vulnerability in Trend Micro Apex One, OfficeScan, and Worry-Free Business Security
Authentication Bypass Vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2
Arbitrary Remote Code Execution Vulnerability in Trend Micro Anti-Threat Toolkit (ATTK) Versions 1.62.0.1218 and Below
DLL Side-Loading Vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG: Code Execution and Endpoint Protection Disabling
Hard-coded Admin Credentials in MyCar Controls Mobile App
Timing Side Channel Vulnerability in SAE Implementation in hostapd and wpa_supplicant
Vulnerability: Side-Channel Attacks in EAP-PWD Implementations
Denial of Service Vulnerability in hostapd with SAE Support
Unvalidated Scalar and Element Values in EAP-PWD Authentication
EAP-PWD Implementation Vulnerability in hostapd and wpa_supplicant
EAP-PWD Implementation Vulnerability in wpa_supplicant and hostapd
Heap Buffer Overflow in Broadcom brcmfmac WiFi Driver
Heap Buffer Overflow in Broadcom wl WiFi Driver
Heap Buffer Overflow in Broadcom wl WiFi Driver
Broadcom brcmfmac WiFi Driver Frame Validation Bypass Vulnerability
Remote Code Execution Vulnerability in PrinterLogic Print Management Software
KNOB Attack: Brute-Forcing Bluetooth Encryption Key Length
Command Injection Vulnerability in Vertiv Avocent UMG-4000 v4.2.1.19 Web Interface
Stored XSS Vulnerability in Vertiv Avocent UMG-4000 Web Interface
Reflected XSS Vulnerability in Vertiv Avocent UMG-4000 Web Interface
Unlocked State RDP Vulnerability in Windows 10 and Windows Server 2019+
HTTP/2 Vulnerability: Window Size and Stream Prioritization Manipulation Leading to Denial of Service
HTTP/2 Ping Flood Vulnerability
HTTP/2 Resource Loop Vulnerability: Denial of Service through Priority Tree Churn
HTTP/2 Reset Flood Vulnerability
HTTP/2 Settings Flood Vulnerability
HTTP/2 Header Leak Vulnerability
HTTP/2 Unconstrained Internal Data Buffering Vulnerability
HTTP/2 Empty Frame Denial of Service Vulnerability
Default Authentication Bypass in Cobham EXPLORER 710 Web Application Portal
Unrestricted File Access Vulnerability in Cobham EXPLORER 710 Firmware 1.07
Unauthenticated Remote Access Vulnerability in Cobham EXPLORER 710 Firmware Version 1.07
Cobham EXPLORER 710 Web Application Portal Cleartext Password Vulnerability
Vulnerability: Universal Root Password in Cobham EXPLORER 710 Firmware
Firmware Image Validation Bypass Vulnerability in Cobham EXPLORER 710
iTerm2 and tmux Integration Vulnerability: Arbitrary Command Execution via Terminal Output
'alloc8' vulnerability in Apple iPhone 3GS bootrom allows arbitrary firmware installation
Cross-site Scripting (XSS) vulnerability in uploaditem.asp of Telos Automated Message Handling System
Title: Cross-Site Scripting (XSS) Vulnerability in Telos Automated Message Handling System
Cross-site Scripting (XSS) vulnerability in ModalWindowPopup.asp of Telos Automated Message Handling System allows remote script injection into AMHS session
Title: Cross-Site Scripting (XSS) Vulnerability in Telos Automated Message Handling System
Arbitrary Script Injection in Telos Automated Message Handling System (AMHS)
Cross-site Scripting (XSS) vulnerability in itemlookup.asp of Telos Automated Message Handling System allows remote code injection into AMHS session
Recursive Function Call Vulnerability in Poppler 0.74.0
Out of Bounds Write Vulnerability in Bento4 1.5.1-628
Recursive Function Call Vulnerability in Poppler 0.74.0
SolarWinds Orion Platform Privilege Escalation via RabbitMQ Service
Circular Descriptor Chain Vulnerability in SPDK Vhost Target
Incorrect Access Control in Citrix Application Delivery Management (ADM) 12.1.x before 12.1.50.33
CSRF Vulnerability in PopojiCMS v2.0.1 via po-admin/route.php?mod=user&act=addnew URI
DhCms through 2017-09-18 Admin Panel XSS Vulnerability
Admin.php XSS Vulnerability in DOYO CMS 2.3 through 2015-05-06
File Listing Vulnerability in Eloan V3.0 through 2018-09-20
XSS Vulnerability in Bolt 3.6.4 via Slug, Teaser, or Title Parameter
Craft CMS 3.1.12 Pro Version XSS Vulnerability in Header Insertion Field
Insufficient Entropy in PSK Generation for Sagemcom F@st 5260 Routers
XSS Vulnerability in FiberHome AN5506-04-F RP2669 Devices
Persistent Cross Site Scripting (XSS) in Ability Mail Server 4.2.6 via Email Body
Persistent Cross Site Scripting (XSS) in Mailtraq WebMail version 2.17.7.3550 via Email Body
Contact Application Temporary Uploads Vulnerability
Authentication Bypass Vulnerability in Wyze Cam Devices
Remote NTLM Hash Theft and SMB Relay Attacks in Druide Antidote RX, HD, 8, 9, and 10
SQL Injection Vulnerability in FlarumChina v0.1.0-beta.7C via /?q= Request
XSS Vulnerability in Forminator Contact Form, Poll & Quiz Builder Plugin for WordPress
SQL Injection Vulnerability in Forminator Contact Form, Poll & Quiz Builder Plugin for WordPress
Remote Code Execution Vulnerability in Delta Controls enteliBUS Manager V3.40_B-571848
Cross-Site Scripting (XSS) Vulnerability in YzmCMS 5.2.0 via admin/system_manage/save.html URI
Arbitrary PHP Code Execution Vulnerability in SchoolCMS Version 2.3.1
Vulnerability: Leave Application Mishandling in WP Human Resource Management Plugin
Privilege Escalation in WP Human Resource Management Plugin
Cross-Site Scripting (XSS) Vulnerability in Quiz And Survey Master Plugin 6.0.4 for WordPress
Cross-Site Scripting (XSS) Vulnerability in Blog2Social Plugin for WordPress
Uninitialized Stack Memory Leak in Yubico libu2f-host
Unintended Access Vulnerability in NexentaStor SMB Server
CORS Bypass Vulnerability in st2web Allows for XSS via null Origin
Arbitrary File Upload Vulnerability in Booked Scheduler 2.7.5
Outdated Base Software Packages in eQ-3 Homematic CCU2: Denial of Service Vulnerability
Title: eQ-3 Homematic CCU2 and CCU3 Vulnerability: Unauthorized Session ID Retrieval and Denial of Service
Uncontrolled Admin Access and VPN Service Manipulation in eQ-3 Homematic AddOn 'CloudMatic' on CCU2 and CCU3
Improper Access Control in eQ-3 Homematic CCU2 and CCU3 JSON API Allows Unauthorized Metadata Manipulation
Stack Consumption Vulnerability in Xpdf 4.01's md5Round1() Function
Invalid Memory Access Vulnerability in gAtomicIncrement() in Xpdf 4.01
NULL Pointer Dereference Vulnerability in Xpdf 4.01's PSOutputDev::setupResources() Function
Denial of Service Vulnerability in TENGCONTROL T-920 PLC v5.5 Devices
Reflected XSS Vulnerability in ShoreTel Connect ONSITE
Reflected XSS Vulnerability in ShoreTel Connect ONSITE 19.45.1602.0
Reflected XSS Vulnerability in ShoreTel Connect ONSITE 18.82.2000.0
SQL Injection Vulnerability in BlueCMS 1.6 via user_id Parameter in uploads/admin/user.php?act=edit Request
XSS Vulnerability in AppCMS 2.0.101 via upload/callback.php params Parameter
CSRF Vulnerability in Darktrace Enterprise Immune System before 3.1 via /whitelisteddomains Endpoint
CSRF Vulnerability in Darktrace Enterprise Immune System 3.1
CSRF Vulnerability in Cscms 4.1.0 Allows Unauthorized Payment Account Modification
AirDroid Android Application Denial of Service Vulnerability
Denial of Service Vulnerability in Olive Tree FTP Server for Android
Denial of Service Vulnerability in ApowerManager Android Application
CSRF Vulnerability in MiniCMS 1.10 Allows Unauthorized Article Deletion
Cross-Site Request Forgery (CSRF) Vulnerability in Online Lottery PHP Readymade Script 1.7.0
Reflected Cross-site Scripting (XSS) Vulnerability in PHP Scripts Mall Online Lottery PHP Readymade Script 1.7.0 via .ico Picture Upload
Stored XSS Vulnerability in PHP Scripts Mall Personal Video Collection Script 4.0.4 via Update Profile Feature
Path Traversal Vulnerability in PHP Scripts Mall Medical Store Script 3.0.3
Arbitrary Code Execution Vulnerability in OFCMS 1.1.3
Arbitrary Code Execution Vulnerability in OFCMS 1.1.3
Directory Traversal Vulnerability in OFCMS 1.1.3
Arbitrary File Write Vulnerability in OFCMS 1.1.3
Arbitrary Code Execution Vulnerability in OFCMS
Arbitrary Code Execution Vulnerability in OFCMS 1.1.3
Command Execution Vulnerability in OFCMS before 1.1.3 via Template File
SQL Injection Vulnerability in OFCMS 1.1.3
Arbitrary Code Execution Vulnerability in OFCMS 1.1.3
Arbitrary Code Execution Vulnerability in OFCMS 1.1.3
Local File Inclusion Vulnerability in GraceMedia Media Player Plugin 1.0 for WordPress
SSRF Vulnerability in Zimbra Collaboration Suite
Arbitrary File Download Vulnerability in eBrigade 4.5 via Directory Traversal
Arbitrary Code Execution in Feng Office 3.7.0.5 via ck_upload_handler.php
Arbitrary Code Execution Vulnerability in Webmin 1.900 via Java File Manager and Upload/Download Privileges
CSRF Vulnerability in JBMC DirectAdmin 1.55 Allows Unauthorized Creation of Admin Account
SQL Injection Vulnerability in PHPSHE 1.7's module/index/cart.php
Buffer Overflow Vulnerability in CyberArk Endpoint Privilege Manager Allows Privilege Escalation and System Crash
XMLTooling Library XML Parsing Exception Vulnerability
Default Administrator User with Weak Credentials in Sonatype Nexus Repository Manager
Weak Default Permissions in Sonatype Nexus Repository Manager
Heap-Based Buffer Over-Read Vulnerability in Poppler 0.74.0's CairoRescaleBox.cc Downsample_Row_Box_Filter Function
Arbitrary File Download Vulnerability in ESAFENET CDG V3 and V5
Denial of Service Vulnerability in GNOME GLib 2.59.2
DLL Injection Vulnerability in Minecraft 1.12 on Windows
Denial of Service Vulnerability in Google TensorFlow 1.12.2 via Invalid GIF File
Improper Handling of Unicode Encoding in urllib.parse.urlsplit and urllib.parse.urlparse leading to Information Disclosure
File Access Vulnerability during Rename Operation
Uninitialized Read Vulnerability in PHP EXIF Component
Uninitialized Read Vulnerability in PHP EXIF Component
Invalid Read Vulnerability in PHP EXIF Component
Uninitialized Read Vulnerability in PHP EXIF Component
Arbitrary PHP Code Execution in Pydio through proxy.php
XSSI Vulnerability in Jupyter Notebook Allows Cross-Site Inclusion of Resources
Cross-Site Scripting (XSS) Vulnerability in Contact Form Email Plugin for WordPress
Cross-Site Scripting (XSS) Vulnerability in Gila CMS 1.9.1
Directory Traversal Vulnerability in Core FTP 2.0 Build 674
Directory Traversal Vulnerability in Core FTP 2.0 Build 674
XSS Vulnerability in Upcoming Events Plugin for MyBB
Vulnerability: Inadequate Filtering Allows PHP Code Execution in SDCMS V1.7
CSRF Vulnerability in SDCMS V1.7 via m=admin&c=theme&a=edit Request
Arbitrary Command Execution in NUUO Network Video Recorder Firmware
NULL Pointer Dereference in LibOFX startElement Function
Incorrect Access Control in Alarm.com ADC-V522IR 0100b9 Devices: VPN Certificate Vulnerability
External DTD Loading Vulnerability in Checkstyle before 8.18
Static Code Vulnerability in Chuango 433 MHz Burglar-Alarm Products
Stored XSS Vulnerability in YzmCMS 5.2 via admin/category/edit.html catname Parameter
Stored XSS Vulnerability in YzmCMS 5.2 via value parameter in admin/system_manage/user_config_edit.html
Arbitrary File Deletion Vulnerability in JTBC(PHP) 3.0.1.8
Denial of Service Vulnerability in rovinbhandari FTP
XSS Vulnerability in Wordfence Plugin 7.2.3 for WordPress
XML External Entity Injection (XXE) Vulnerability in Synacor Zimbra Collaboration Suite 8.7.x before 8.7.11p10
Freenet 1483 Vulnerability: MIME Type Bypass for Arbitrary JavaScript Execution
Denial of Service Vulnerability in Python's Lib/zipfile.py
Buffer Overflow Vulnerability in PHP's phar_tar_writeheaders_int Function
Buffer Overflow Vulnerability in Dahua IP Camera Devices: IPC-HFW1XXX, IPC-HDW1XXX, IPC-HFW2XXX (Build before 2018/11)
Buffer Overflow Vulnerability in Dahua CGI Interface
Denial of Service Vulnerability in Dahua Products
Dahua Debug Function Permission Separation Vulnerability
Information Leakage Vulnerability in Dahua Products
Unencrypted Online Upgrade Information Vulnerability in Dahua Firmware Packages
Weak Security Login Mode Vulnerability in Dahua Devices
Arbitrary Root Code Execution via Directory Traversal in pacman
Heap-Based Buffer Overflow in PoDoFo 0.9.6: PdfString::ConvertUTF16toUTF8 Vulnerability
CSRF Vulnerability in sftnow Allows Unauthorized Admin Account Creation
Buffer Overflow in process_certificate function in axTLS through 2.1.5 via crafted TLS certificate handshake message
Arbitrary File Upload Vulnerability in CMS Made Simple (CMSMS) before 2.2.10
SQL Injection Vulnerability in CMS Made Simple (CMSMS) before 2.2.10
Privilege Escalation Vulnerability in Symantec Endpoint Encryption
Arbitrary Code Execution Vulnerability in Norton Core (prior to v278)
Cross-Site Scripting (XSS) Vulnerability in Symantec VIP Enterprise Gateway
Information Disclosure Vulnerability in Management Center (MC) REST API Allows Unauthorized Access to Passwords
Arbitrary File Deletion Vulnerability in Symantec AV Engine
Information Disclosure Vulnerability in Symantec Messaging Gateway (prior to 10.7.0)
Address Spoofing Vulnerability in Norton Password Manager
Cross-Site Scripting (XSS) Vulnerability in DLP 15.5 MP1 and Prior Versions
Privilege Escalation Vulnerability in Symantec Endpoint Encryption
Privilege Escalation Vulnerability in Symantec Endpoint Encryption
Vulnerability: Denial of Service in Vixie Cron due to Unchecked calloc Return Value
Vixie Cron Denial of Service Vulnerability
Use-after-free vulnerability in Vixie Cron before 3.0pl1-133 Debian package
System User Suspension Vulnerability
Cross Site Scripting (XSS) Vulnerability in Mahara Collection Title
Thread-Safety Vulnerability in JSON Parsing in webargs
Unescaped XSS Vulnerability in Joomla! Edit Views
Unvalidated Input in JSON Handler of Joomla! com_config leading to XSS
Unauthenticated Access to Sample Data Plugins in Joomla!
Joomla! Media Form Field XSS Vulnerability
Denial of Service Vulnerability in Libav 12.3 Subtitle Decoder
Denial of Service Vulnerability in FFmpeg Subtitle Decoder via Crafted Matroska Video File
Stack-based buffer overflow in Libav 12.3 subtitle decoder via crafted Matroska video file
Stack-based buffer overflow in Libav 12.3 subtitle decoder via crafted Matroska video file
Subtitle Decoder Denial of Service Vulnerability in FFmpeg 3.2 and 4.1
Path Traversal Vulnerability in LogicalDOC Community Edition 8.x before 8.2.1
Information Exposure through Log Files in Aquaverde Aquarius CMS through 4.3.5
Persistent XSS Vulnerability in Korenix JetPort 5601 and 5601f Web Manager
Arbitrary File Read Vulnerability in eQ-3 AG Homematic CCU3 3.43.15 and Earlier
Unauthenticated Password Hash Disclosure in eQ-3 AG Homematic CCU3
Heap-based Buffer Underflow Vulnerability in SdoKeyCrypt.sys Driver in Shanda MapleStory Online V160
Privilege Escalation via Unpublished API in Synaptics Sound Device Drivers
Incorrect Access Control Vulnerability in GitLab Community and Enterprise Edition 10.x and 11.x
Unauthenticated Remote Access to Admin Account in JFrog Artifactory
Sensitive Information Exposure in Aquarius CMS through 4.3.5
Security Group Rule Bypass Vulnerability in OpenStack Neutron
DOM-based XSS vulnerability in 1024Tools Markdown 1.0 via '<EMBED SRC=data:image/svg+xml' substring.
DOM-based XSS vulnerability in Editor.md 1.5.0 via '<EMBED SRC=data:image/svg+xml' substring.
DOM-based XSS vulnerability in Jimmykuu Gopher 2.0 via '<EMBED SRC=data:image/svg+xml' substring.
CRLF Injection Vulnerability in urllib2 and urllib
CRLF Injection Vulnerability in Go 1.11.5's net/http Package
Bypassing ACLs in G Data Total Security through gdwfpcd.sys
Command Injection Vulnerability in PHOENIX CONTACT RAD-80211-XD and RAD-80211-XD/HP-BUS WebHMI Component
Unauthorized Access to WEB-UI via Session Hijacking Vulnerability
Privilege Escalation via Insecure Communication Channel in CloudCTI HIP Integrator Recognition Configuration Tool
NULL Pointer Dereference in libwebm: DoS Vulnerability
Infinite Loop Vulnerability in tinysvcmdns
Arbitrary Data Read Vulnerability in tinysvcmdns
MQTT Input Plugin Crash via Negative Size Parameter in Fluent Bit
CoAP Server Interface Vulnerability: Amplified DDoS Attacks in IoTivity
JavaScript Execution Vulnerability in OTRS 6.x and 7.x
Content-type mishandling in PictureUpload.pm allows for JavaScript execution in OTRS
Information Disclosure Vulnerability in OTRS 7.x
Out-of-Bounds Write Vulnerability in Tiny C Compiler 0.9.27
NTFS-3G Integer Underflow Vulnerability
Incorrect Access Control in GitLab Community and Enterprise Edition 10.x and 11.x before 11.8.1
Local File Read Vulnerability in LabKey Server 19.1.0
Stored XSS Vulnerability in LabKey Server 19.1.0 Allows Privilege Escalation
SQL Injection Vulnerability in TONGDA Office Anywhere 10.18.190121
Remote Code Execution and Memory Corruption Vulnerability in FTPGetter Standard v.5.97.0.177
XXE Vulnerability in PHPSHE 1.7 Allows Unauthorized File Access and Network Scanning
Unauthenticated SQL Injection in PHPSHE 1.7 via id parameter in pay.php
Cross-Site Scripting (XSS) Vulnerability in Openfind Mail2000 Webmail
Vulnerability: Hostname Verification Bypass in HashiCorp Consul 1.4.3
XSS Vulnerability in Blog_mini 1.0 via Comment Reply Author Name
Arbitrary Code Execution via Crafted .mp3 File in Free MP3 CD Ripper 2.6
Arbitrary Code Execution via Crafted .wma File in Free MP3 CD Ripper 2.6
Canarytokens Vulnerability: Predictable Size and Metadata in Word Documents
CSRF Vulnerability in PilusCart 1.4.1 Allows Unauthorized Addition of Administrator User
Heap-based Buffer Overflow in dwg_decode_eed_data Function
NULL Pointer Dereference in bit_convert_TU function
NULL Pointer Dereference in dwg_dxf_LEADER Function
Heap-based Buffer Overflow in dwg_decode_eed_data Function
Out-of-Bounds Read Vulnerability in GNU LibreDWG
Out-of-Bounds Read Vulnerability in GNU LibreDWG
NULL Pointer Dereference in dwg_dxf_LTYPE Function
Heap-based Buffer Over-read in GNU LibreDWG's dxf_header_write Function
Heap-based Buffer Over-read in dwg_dxf_LTYPE Function
NULL Pointer Dereference in dwg_dxf_LTYPE Function
Arbitrary Code Execution in gitnote 3.1.0 via Crafted Markdown File
Remote Code Execution and Cross-Site Scripting Vulnerability in WordPress 5.1.1
Memory Corruption Vulnerabilities in Firefox 65, Firefox ESR 60.5, and Thunderbird 60.5
Memory Corruption Vulnerability in Firefox 65
Use-After-Free Vulnerability in Thunderbird, Firefox ESR, and Firefox
Arbitrary Object Type Confusion Vulnerability in IonMonkey JIT Compiler
Memory Corruption Vulnerability in IonMonkey JIT Compiler
Spectre Mitigation Bypass Vulnerability in Thunderbird and Firefox
Command Injection Vulnerability in Firefox URI Handler
Type-Confusion Vulnerability in IonMonkey JIT Compiler: Potential Crash Exploit
Use-after-free vulnerability in SMIL animation controller registration
Cross-Origin Image Reading Vulnerability in Firefox < 66
Android Firefox < 66: Man-in-the-Middle Attack via APITRACE_LIB Vulnerability
Memory Leakage Vulnerability in Firefox < 66
Memory Corruption Vulnerabilities in Firefox and Thunderbird
Arbitrary Program ID Execution Vulnerability in Firefox
Arbitrary File Length Bypass Vulnerability in Firefox Sandbox
Insecure Navigation Vulnerability in Firefox < 66
Command Injection Vulnerability in Firefox Developer Tools on macOS
Uninitialized Memory Read Vulnerability in Prio Library Affecting Firefox < 66
FTP Authorization Modal Prompt Denial of Service Vulnerability in Firefox < 66
FTP Connection Text Injection Vulnerability in Firefox < 66
WebRTC Permission Notification Spoofing Vulnerability in Firefox < 66
FTP Connection Denial of Service Vulnerability in Firefox < 66
Buffer Overflow Vulnerability in IonMonkey JIT Compiler for Array.prototype.slice Method
Language Pack Sandbox Escape: Exploiting Firefox ESR and Thunderbird Vulnerability
Firefox Sandbox Escape via Malicious Firefox Sync Account Login
Type Confusion and Arbitrary Memory Access in IonMonkey JIT Code through __proto__ Mutation
Memory Corruption Vulnerability in Firefox 66
Timing Attack Vulnerability in macOS 10.14.5 with Hyperthreading Enabled
Type Confusion Vulnerability in JavaScript Object Groups
Cross-Origin Image Reading Vulnerability
Race Condition in Crash Generation Server: Windows Sandbox Escape
JavaScript Compartment Mismatch Vulnerability in Fetch API: Exploitable Crash Risk
Use-After-Free Vulnerability in Chrome Event Handler
Use-After-Free Vulnerability in AssertWorkerThread with Shared Workers in Firefox < 67
Cleartext Storage of Server Credentials in JetBrains IntelliJ IDEA
Uninitialized Data in snprintf Call: Information Disclosure Vulnerability in QEMU 3.0.0
Arbitrary PHP Code Execution in FeiFeiCMS 4.1.190209
phpBB Fulltext Search Component Denial of Service Vulnerability
Hawt Hawtio 2.5.0 SSRF Vulnerability
Arbitrary PHP Code Execution Vulnerability in Maccms 10 Template Rendering
Denial of Service Vulnerability in AirMore Android Application
AirDrop 2.0 for Android Denial of Service Vulnerability
Denial of Service Vulnerability in Screen Stream Application for Android
HTML Injection Vulnerability in Netdata Web Application
Keystroke Injection Vulnerability in Fujitsu Wireless Keyboard Set LX901 GK900 Devices
Insecure Cryptographic Implementation in AMD Platform Security Processor (PSP) 0.17 and Earlier
Open Redirect Vulnerability in Doorkeeper::OpenidConnect
Stored XSS Vulnerability in VFront 0.99.5 via admin/sync_reg_tab.php azzera parameter
Reflected XSS Vulnerability in VFront 0.99.5 via admin/menu_registri.php and admin/sync_reg_tab.php
XSS Vulnerability in Vesta Control Panel 0.9.8-23 via Crafted URL
Arbitrary ASPX Code Execution in madskristensen MiniBlog
XML External Entity (XXE) Vulnerability in DiffPlug Spotless
Cross-Site Scripting (XSS) Vulnerability in simple-markdown.js in Khan Academy simple-markdown before 0.4.4
Arbitrary ASPX Code Execution via Unvalidated File Extension in Miniblog.Core
RockOA 1.8.7 Background SQL Injection Vulnerability
Unconditional Execution of Executable Files via Hyperlinks in LibreOffice
Arbitrary Python Command Execution in LibreOffice Versions Prior to 6.2.5
LibreOffice Vulnerability: Stealth Mode Bypass for Bullet Graphics Retrieval
Insufficient URL Validation Vulnerability in LibreOffice
Arbitrary Python Command Execution in LibreOffice's LibreLogo
Vulnerability: Bypassing Directory Traversal Protection in LibreOffice
URL Decoding Flaw in LibreOffice Macros Allows Bypass of Security Settings
Vulnerability: Arbitrary Script Execution in LibreOffice
Arbitrary Python Command Execution Vulnerability in LibreOffice
Memory Leak Vulnerability in Linux Kernel's inotify_update_existing_watch() Function
Remote Code Execution in Horde Groupware Webmail 5.2.22 and 5.2.17 via Image Upload Vulnerability
Vesta Control Panel (VestaCP) 0.9.7 through 0.9.8-23 Authenticated Command Execution Vulnerability
Vulnerability: Desynchronization of ABUS Secvest Wireless Remote Control and Alarm System
Insecure RFID Technology in ABUS Secvest FUAA50000 Alarm System Allows Unauthorized Deactivation
Vulnerability: Lack of Encrypted Signal Transmission in ABUS Secvest Wireless Alarm System
Insecure Rolling Code Algorithm Vulnerability in ABUS Secvest Wireless Alarm System
Parameter Tampering Vulnerability in PHP Scripts Mall Amazon Affiliate Store 2.1.6
Integer Overflow Vulnerability in Wind River VxWorks 6.9 Allows Remote Code Execution
Information Disclosure Vulnerability in GitLab Community and Enterprise Edition 11.x before 11.7.7 and 11.8.x before 11.8.3
Proxy Server Password Disclosure Vulnerability
SMTP Password Disclosure in Veritas NetBackup Appliance
Cross-Site Scripting (XSS) vulnerability in w8tcha oEmbed plugin for CKEditor
Remote Code Execution Vulnerability in Jector Smart TV FM-K75 Devices
Cleartext Credential Storage Vulnerability in JetBrains IntelliJ IDEA Ultimate
Cleartext Storage of Server Credentials in JetBrains IntelliJ IDEA Ultimate
Arbitrary Code Execution via Deserialization in Sitecore.Security.AntiCSRF Module
Arbitrary Code Execution via Deserialization in Sitecore Anti-CSRF Module
Invalid Memory Access Vulnerability in Xpdf 4.01's TextPage::findGaps() Function
Invalid Memory Access Vulnerability in GfxIndexedColorSpace::mapColorToBase() Function in Xpdf 4.0.0
Remote Code Execution Vulnerability in WPGraphQL 0.2.3 Plugin for WordPress
Unauthenticated User Data Disclosure in WPGraphQL Plugin
Unauthenticated Users Can Bypass Comment Restrictions in WPGraphQL 0.2.3 Plugin
CSRF Vulnerability in MailSherlock MSR35 and MSR45 Allows Unauthorized Addition of Malicious Email Sources to Whitelist
CSRF Vulnerability in MailSherlock MSR35 and MSR45: Privilege Escalation via useradmin/cf_new.cgi
Bypassing Password Validation and Access Management in eClass Platform
SQL Injection Vulnerability in eClass Platform
Arbitrary File Download Vulnerability in BroadLearning eClass (before ip.2.5.10.2.1)
Directory Traversal and File Inclusion Vulnerability in Vanilla before 2.6.4
Insecure Permissions Vulnerability in GitLab Community and Enterprise Edition
Privilege Escalation and Command Execution Vulnerability in getopt_simple
Arbitrary File Read Vulnerability in Open Ticket Request System (OTRS)
libseccomp before 2.4.0: 64-bit syscall argument comparison vulnerability
Critical Vulnerability: Remote Memory Overwrite in PuTTY RSA Key Exchange
Remote Buffer Overflow Vulnerability in PuTTY Versions Before 0.71 on Unix
Local File Hijacking Vulnerability in PuTTY Versions before 0.71 on Windows
PuTTY Versions Before 0.71: Multiple Terminal-Based Denial-of-Service Vulnerabilities
Recycling of Random Numbers Vulnerability in PuTTY (before 0.71)
Null Byte Injection in Envoy HTTP/1.x Header Parsing
Path Traversal Vulnerability in Envoy Proxy
Stack Consumption Vulnerability in Poppler 0.74.0
Stack Consumption Vulnerability in Graphviz 2.40.1
Font-Organizer Plugin 2.1.1 for WordPress - XSS Vulnerability in wp-admin/options-general.php manage_font_id
XSS Vulnerability in Donation Plugin and Fundraising Platform Plugin for WordPress
KingComposer Plugin 2.7.6 for WordPress - Cross-Site Scripting (XSS) Vulnerability in wp-admin/admin.php?page=kc-mapper id
Cross-Site Scripting (XSS) Vulnerability in Social Networks Auto Poster Plugin for WordPress
XSS Vulnerability in wp-google-maps Plugin for WordPress
XSS Vulnerability in wp-live-chat-support Plugin for WordPress
Cross-Site Scripting (XSS) Vulnerability in YOP Poll Plugin for WordPress
Open Redirect Vulnerability in GetSimpleCMS 3.3.13 via admin/index.php Redirect Parameter
Remote User Denial of Service Vulnerability in ZNC before 1.7.3-rc1
SQL Injection Vulnerability in Harmis JE Messenger Component 1.2.2 for Joomla!
Cross-Site Scripting (XSS) Vulnerability in Harmis JE Messenger Component 1.2.2 for Joomla!
User Account Impersonation Vulnerability in Harmis JE Messenger Component for Joomla!
User Information Disclosure Vulnerability in Harmis JE Messenger Component 1.2.2 for Joomla!
Directory Traversal Vulnerability in Harmis JE Messenger Component 1.2.2 for Joomla!
NULL Pointer Dereference in pax_decode_header in GNU Tar before 1.32
rbash Vulnerability: Unauthorized Command Execution via BASH_CMDS Manipulation
XSS Vulnerability in S-CMS PHP v1.0 via S_id Parameter in 4.edu.php
CSRF Vulnerability in LabKey Server 19.1.0 Allows Code Execution via /reports-viewScriptReport.view
Caret Remote Code Execution Vulnerability
Heap-based Buffer Overflow in GStreamer RTSP Connection Parser
Insecure Permissions in Northern.tech CFEngine Enterprise 3.12.1
Lexmark Products: Integer Overflow Vulnerability
Denial of Service Vulnerability in Lexmark Printers' SNMP Service
Lexmark Products Buffer Overflow Vulnerability
Lexmark Products Buffer Overflow Vulnerability
Incorrect Access Control in Lexmark Products
Lexmark Products Vulnerability: Incorrect Access Control
Heap-based Buffer Over-read Vulnerability in SQLite 3.27.2's fts5HashEntrySort Function
NULL Pointer Dereference Vulnerability in SQLite 3.27.2 with FTS5 Virtual Table
Arbitrary File Download Vulnerability in SHAREit Application
Authentication Bypass Vulnerability in SHAREit Application
Twig Sandbox Information Disclosure Vulnerability
OMERO.server Group Permissions Circumvention Vulnerability
OMERO.server File Reading Vulnerability
Remote Command Execution in SoftNAS Cloud 4.2.0 and 4.2.1 via User Cookie Bypass
Network Firewall Misconfiguration in Cloud Native Computing Foundation (CNCF) CNI 0.7.4 Affecting Kubernetes
CRLF Injection Vulnerability in urllib2 and urllib
Local File Inclusion Vulnerability in urllib for Python 2.x through 2.7.16
Arbitrary Code Execution via Symlink Abuse in Western Digital My Cloud Devices
Authentication Bypass Vulnerability in Western Digital My Cloud Devices
Unauthenticated File Upload Vulnerability in Western Digital My Cloud Devices
Reflected XSS Vulnerability in Zyxel ATP and USG Series Firewalls
Stack-based Buffer Overflow in ImageMagick 7.0.8-35 Q16's PopHexPixel Function in coders/ps.c
Stored XSS Vulnerability in Quadbase EspressReport ES (ERES) v7.0 Update 7
CSRF Vulnerability in Quadbase EspressReport ES (ERES) v7.0 Update 7 Allows Privilege Escalation and Unauthorized Admin Account Creation
Integer Overflow in JPXStream::init function in Poppler 0.78.0 and earlier
Relative Path Vulnerability in LimeSurvey's downloadZip Function
Arbitrary Web Script Injection Vulnerability in Wikindx Ressource View
Denial of Service and Potential Remote Code Execution in XnView MP 0.93.1 on Windows
Denial of Service and Potential Remote Code Execution in XnView MP 0.93.1
Denial of Service Vulnerability in XnView MP 0.93.1 on Windows
Denial of Service Vulnerability in XnView MP 0.93.1 on Windows
Denial of Service Vulnerability in XnView Classic 2.48
Denial of Service Vulnerability in XnView Classic 2.48 on Windows
Denial of Service Vulnerability in XnView Classic 2.48 on Windows
Denial of Service Vulnerability in XnView Classic 2.48
IDN Homograph Attack Vulnerability in Signal Messaging App
Privilege Escalation via Insecure sudo Configuration in 3CX Phone System
Arbitrary Command Execution Vulnerability in 3CX Phone System Terminal
Unauthenticated Remote Ping and DoS Vulnerability in DASAN H660RM GPON Routers
Hard-coded Encryption Key Vulnerability in DASAN H660RM Firmware 1.03-0022
Boa Server Configuration Vulnerability on DASAN H660RM Devices
Tesla Model 3 Entertainment System Renderer Process JIT Compilation Vulnerability
Stored XSS Vulnerability in Social Warfare Plugin for WordPress