| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-24955 | 0.28 | — | 0.85 | KEV | May 9, 2023 | Microsoft SharePoint Server Remote Code Execution Vulnerability | ||
| CVE-2023-21492 | 0.12 | — | 0.03 | KEV | May 4, 2023 | Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR. | ||
| CVE-2023-29552 | — | 0.19 | — | 0.66 | KEV | Apr 25, 2023 | The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor. | |
| CVE-2023-28771 | 0.23 | — | 0.99 | KEV | Apr 25, 2023 | Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35, which could allow an… | ||
| CVE-2023-27524 | 0.16 | — | 0.97 | KEV | Apr 24, 2023 | Session Validation attacks in Apache Superset versions up to and including 2.0.1. Installations that have not altered the default configured SECRET_KEY according to installation instructions allow for an attacker to authenticate and access unauthorized resources. This does not… | ||
| CVE-2023-27351 | Hig | 0.73 | 7.5 | 0.78 | KEV | Apr 20, 2023 | This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914). Authentication is not required to exploit this vulnerability. The specific flaw exists within the SecurityRequestFilter class. The issue results… | |
| CVE-2023-27350 | 0.29 | — | 1.00 | KEV | Apr 20, 2023 | This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914). Authentication is not required to exploit this vulnerability. The specific flaw exists within the SetupCompleted class. The issue results from… | ||
| CVE-2023-2136 | 0.12 | — | 0.06 | KEV | Apr 19, 2023 | Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2023-2033 | 0.14 | — | 0.41 | KEV | Apr 14, 2023 | Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High) | ||
| CVE-2023-28252 | 0.26 | — | 0.49 | KEV | Apr 11, 2023 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | ||
| CVE-2023-28229 | 0.13 | — | 0.02 | KEV | Apr 11, 2023 | Windows CNG Key Isolation Service Elevation of Privilege Vulnerability | ||
| CVE-2023-29492 | 0.13 | — | 0.03 | KEV | Apr 11, 2023 | Novi Survey before 8.9.43676 allows remote attackers to execute arbitrary code on the server in the context of the service account. This does not provide access to stored survey or response data. | ||
| CVE-2023-28206 | 0.14 | — | 0.25 | KEV | Apr 10, 2023 | An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6.5, iOS 16.4.1 and iPadOS 16.4.1, macOS Ventura 13.3.1, iOS 15.7.5 and iPadOS 15.7.5, macOS Big Sur 11.7.6. An app may be able to execute arbitrary code with… | ||
| CVE-2023-28205 | 0.12 | — | 0.27 | KEV | Apr 10, 2023 | A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.4.1, iOS 15.7.5 and iPadOS 15.7.5, iOS 16.4.1 and iPadOS 16.4.1, macOS Ventura 13.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is… | ||
| CVE-2023-26083 | 0.12 | — | 0.01 | KEV | Apr 6, 2023 | Memory leak vulnerability in Mali GPU Kernel Driver in Midgard GPU Kernel Driver all versions from r6p0 - r32p0, Bifrost GPU Kernel Driver all versions from r0p0 - r42p0, Valhall GPU Kernel Driver all versions from r19p0 - r42p0, and Avalon GPU Kernel Driver all versions from… | ||
| CVE-2023-20118 | 0.12 | — | 0.54 | KEV | Apr 5, 2023 | A vulnerability in the web-based management interface of Cisco Small Business Routers RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. This vulnerability is due to improper… | ||
| CVE-2023-1671 | 0.23 | — | 1.00 | KEV | Apr 4, 2023 | A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older than version 4.3.10.4 allows execution of arbitrary code. | ||
| CVE-2022-43939 | 0.22 | — | 0.92 | KEV | Apr 3, 2023 | Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.2, including 8.3.x contain security restrictions using non-canonical URLs which can be circumvented. | ||
| CVE-2022-43769 | 0.23 | — | 0.98 | KEV | Apr 3, 2023 | Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x allow certain web services to set property values which contain Spring templates that are interpreted downstream. | ||
| CVE-2022-42948 | 0.14 | — | 0.03 | KEV | Mar 24, 2023 | Cobalt Strike 4.7.1 fails to properly escape HTML tags when they are displayed on Swing components. By injecting crafted HTML code, it is possible to remotely execute code in the Cobalt Strike UI. | ||
| CVE-2023-20963 | 0.12 | — | 0.01 | KEV | Mar 24, 2023 | In WorkSource, there is a possible parcel mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID:… | ||
| CVE-2023-26359 | 0.18 | — | 0.18 | KEV | Mar 23, 2023 | Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require… | ||
| CVE-2023-26360 | 0.23 | — | 0.97 | KEV | Mar 23, 2023 | Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user… | ||
| CVE-2023-28434 | 0.06 | — | 0.07 | KEV | Mar 22, 2023 | Minio is a Multi-Cloud Object Storage framework. Prior to RELEASE.2023-03-20T20-16-18Z, an attacker can use crafted requests to bypass metadata bucket name checking and put an object into any bucket while processing `PostPolicyBucket`. To carry out this attack, the attacker… | ||
| CVE-2023-28432 | 0.23 | — | 0.84 | KEV | Mar 22, 2023 | Minio is a Multi-Cloud Object Storage framework. In a cluster deployment starting with RELEASE.2019-12-17T23-16-33Z and prior to RELEASE.2023-03-20T20-16-18Z, MinIO returns all environment variables, including `MINIO_SECRET_KEY` and `MINIO_ROOT_PASSWORD`, resulting in… | ||
| CVE-2023-0386 | 0.16 | — | 0.08 | KEV | Mar 22, 2023 | A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a… | ||
| CVE-2023-25280 | 0.19 | — | 0.98 | KEV | Mar 16, 2023 | OS Command injection vulnerability in D-Link DIR820LA1_FW105B03 allows attackers to escalate privileges to root via a crafted payload with the ping_addr parameter to ping.ccp. | ||
| CVE-2023-28461 | 0.25 | — | 0.68 | KEV | Mar 15, 2023 | Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. An attacker can browse the filesystem on the SSL VPN gateway using a flags attribute in an HTTP header without authentication. The product could then be exploited through a vulnerable… | ||
| CVE-2023-1389 | 0.22 | — | 1.00 | KEV | Mar 15, 2023 | TP-Link Archer AX21 (AX1800) firmware versions before 1.1.4 Build 20230219 contained a command injection vulnerability in the country form of the /cgi-bin/luci;stok=/locale endpoint on the web management interface. Specifically, the country parameter of the write operation was… | ||
| CVE-2023-24880 | 0.24 | — | 0.78 | KEV | Mar 14, 2023 | Windows SmartScreen Security Feature Bypass Vulnerability | ||
| CVE-2023-23397 | 0.19 | — | 0.97 | KEV | Mar 14, 2023 | Microsoft Outlook Elevation of Privilege Vulnerability | ||
| CVE-2023-27532 | 0.25 | — | 0.78 | KEV | Mar 10, 2023 | Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the configuration database to be obtained. This may lead to gaining access to the backup infrastructure hosts. | ||
| CVE-2022-41328 | 0.12 | — | 0.12 | KEV | Mar 7, 2023 | A improper limitation of a pathname to a restricted directory vulnerability ('path traversal') [CWE-22] in Fortinet FortiOS version 7.2.0 through 7.2.3, 7.0.0 through 7.0.9 and before 6.4.11 allows a privileged attacker to read and write files on the underlying Linux system via… | ||
| CVE-2019-8720 | 0.12 | — | 0.02 | KEV | Mar 6, 2023 | A vulnerability was found in WebKit. The flaw is triggered when processing maliciously crafted web content that may lead to arbitrary code execution. Improved memory handling addresses the multiple memory corruption issues. | ||
| CVE-2023-23529 | 0.12 | — | 0.10 | KEV | Feb 27, 2023 | A type confusion issue was addressed with improved checks. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, iOS 16.3.1 and iPadOS 16.3.1, macOS Ventura 13.2.1, Safari 16.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a… | ||
| CVE-2022-47986 | 0.29 | — | 1.00 | KEV | Feb 17, 2023 | IBM Aspera Faspex 4.4.2 Patch Level 1 and earlier could allow a remote attacker to execute arbitrary code on the system, caused by a YAML deserialization flaw. By sending a specially crafted obsolete API call, an attacker could exploit this vulnerability to execute arbitrary… | ||
| CVE-2023-23752 | 0.16 | — | 1.00 | KEV | Feb 16, 2023 | An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints. | ||
| CVE-2023-21529 | Hig | 0.77 | 8.8 | 0.62 | KEV | Feb 14, 2023 | Microsoft Exchange Server Remote Code Execution Vulnerability | |
| CVE-2023-21823 | 0.12 | — | 0.06 | KEV | Feb 14, 2023 | Windows Graphics Component Remote Code Execution Vulnerability | ||
| CVE-2023-23376 | 0.19 | — | 0.11 | KEV | Feb 14, 2023 | Windows Common Log File System Driver Elevation of Privilege Vulnerability | ||
| CVE-2023-21715 | 0.12 | — | 0.12 | KEV | Feb 14, 2023 | Microsoft Publisher Security Feature Bypass Vulnerability | ||
| CVE-2023-25717 | 0.20 | — | 0.95 | KEV | Feb 13, 2023 | Ruckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET Request, as demonstrated by a /forms/doLogin?login_username=admin&password=password$(curl substring. | ||
| CVE-2022-24990 | 0.29 | — | 0.84 | KEV | Feb 7, 2023 | TerraMaster NAS 4.2.29 and earlier allows remote attackers to discover the administrative password by sending "User-Agent: TNAS" to module/api.php?mobile/webNasIPS and then reading the PWD field in the response. | ||
| CVE-2023-0669 | 0.22 | — | 1.00 | KEV | Feb 6, 2023 | Fortra (formerly, HelpSystems) GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object. This issue was patched in version 7.1.2. | ||
| CVE-2023-0266 | 0.12 | — | 0.04 | KEV | Jan 30, 2023 | A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend… | ||
| CVE-2023-21608 | 0.18 | — | 0.61 | KEV | Jan 18, 2023 | Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue… | ||
| CVE-2022-47966 | 0.29 | — | 1.00 | KEV | Jan 18, 2023 | Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow remote code execution due to use of Apache Santuario xmlsec (aka XML Security for Java) 1.4.1, because the xmlsec XSLT features, by design in that version, make the application… | ||
| CVE-2023-21839 | 0.23 | — | 1.00 | KEV | Jan 17, 2023 | Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP… | ||
| CVE-2023-22952 | 0.22 | — | 0.80 | KEV | Jan 11, 2023 | In SugarCRM before 12.0. Hotfix 91155, a crafted request can inject custom PHP code through the EmailTemplates because of missing input validation. | ||
| CVE-2023-21674 | 0.14 | — | 0.42 | KEV | Jan 10, 2023 | Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability |
- risk 0.28cvss —epss 0.85
Microsoft SharePoint Server Remote Code Execution Vulnerability
- risk 0.12cvss —epss 0.03
Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR.
- risk 0.19cvss —epss 0.66
The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor.
- risk 0.23cvss —epss 0.99
Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73, VPN series firmware versions 4.60 through 5.35, USG FLEX series firmware versions 4.60 through 5.35, and ATP series firmware versions 4.60 through 5.35, which could allow an…
- risk 0.16cvss —epss 0.97
Session Validation attacks in Apache Superset versions up to and including 2.0.1. Installations that have not altered the default configured SECRET_KEY according to installation instructions allow for an attacker to authenticate and access unauthorized resources. This does not…
- risk 0.73cvss 7.5epss 0.78
This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914). Authentication is not required to exploit this vulnerability. The specific flaw exists within the SecurityRequestFilter class. The issue results…
- risk 0.29cvss —epss 1.00
This vulnerability allows remote attackers to bypass authentication on affected installations of PaperCut NG 22.0.5 (Build 63914). Authentication is not required to exploit this vulnerability. The specific flaw exists within the SetupCompleted class. The issue results from…
- risk 0.12cvss —epss 0.06
Integer overflow in Skia in Google Chrome prior to 112.0.5615.137 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)
- risk 0.14cvss —epss 0.41
Type confusion in V8 in Google Chrome prior to 112.0.5615.121 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
- risk 0.26cvss —epss 0.49
Windows Common Log File System Driver Elevation of Privilege Vulnerability
- risk 0.13cvss —epss 0.02
Windows CNG Key Isolation Service Elevation of Privilege Vulnerability
- risk 0.13cvss —epss 0.03
Novi Survey before 8.9.43676 allows remote attackers to execute arbitrary code on the server in the context of the service account. This does not provide access to stored survey or response data.
- risk 0.14cvss —epss 0.25
An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in macOS Monterey 12.6.5, iOS 16.4.1 and iPadOS 16.4.1, macOS Ventura 13.3.1, iOS 15.7.5 and iPadOS 15.7.5, macOS Big Sur 11.7.6. An app may be able to execute arbitrary code with…
- risk 0.12cvss —epss 0.27
A use after free issue was addressed with improved memory management. This issue is fixed in Safari 16.4.1, iOS 15.7.5 and iPadOS 15.7.5, iOS 16.4.1 and iPadOS 16.4.1, macOS Ventura 13.3.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is…
- risk 0.12cvss —epss 0.01
Memory leak vulnerability in Mali GPU Kernel Driver in Midgard GPU Kernel Driver all versions from r6p0 - r32p0, Bifrost GPU Kernel Driver all versions from r0p0 - r42p0, Valhall GPU Kernel Driver all versions from r19p0 - r42p0, and Avalon GPU Kernel Driver all versions from…
- risk 0.12cvss —epss 0.54
A vulnerability in the web-based management interface of Cisco Small Business Routers RV016, RV042, RV042G, RV082, RV320, and RV325 Routers could allow an authenticated, remote attacker to execute arbitrary commands on an affected device. This vulnerability is due to improper…
- risk 0.23cvss —epss 1.00
A pre-auth command injection vulnerability in the warn-proceed handler of Sophos Web Appliance older than version 4.3.10.4 allows execution of arbitrary code.
- risk 0.22cvss —epss 0.92
Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.2, including 8.3.x contain security restrictions using non-canonical URLs which can be circumvented.
- risk 0.23cvss —epss 0.98
Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, including 8.3.x allow certain web services to set property values which contain Spring templates that are interpreted downstream.
- risk 0.14cvss —epss 0.03
Cobalt Strike 4.7.1 fails to properly escape HTML tags when they are displayed on Swing components. By injecting crafted HTML code, it is possible to remotely execute code in the Cobalt Strike UI.
- risk 0.12cvss —epss 0.01
In WorkSource, there is a possible parcel mismatch. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11 Android-12 Android-12L Android-13Android ID:…
- risk 0.18cvss —epss 0.18
Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require…
- risk 0.23cvss —epss 0.97
Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user…
- risk 0.06cvss —epss 0.07
Minio is a Multi-Cloud Object Storage framework. Prior to RELEASE.2023-03-20T20-16-18Z, an attacker can use crafted requests to bypass metadata bucket name checking and put an object into any bucket while processing `PostPolicyBucket`. To carry out this attack, the attacker…
- risk 0.23cvss —epss 0.84
Minio is a Multi-Cloud Object Storage framework. In a cluster deployment starting with RELEASE.2019-12-17T23-16-33Z and prior to RELEASE.2023-03-20T20-16-18Z, MinIO returns all environment variables, including `MINIO_SECRET_KEY` and `MINIO_ROOT_PASSWORD`, resulting in…
- risk 0.16cvss —epss 0.08
A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This uid mapping bug allows a…
- risk 0.19cvss —epss 0.98
OS Command injection vulnerability in D-Link DIR820LA1_FW105B03 allows attackers to escalate privileges to root via a crafted payload with the ping_addr parameter to ping.ccp.
- risk 0.25cvss —epss 0.68
Array Networks Array AG Series and vxAG (9.4.0.481 and earlier) allow remote code execution. An attacker can browse the filesystem on the SSL VPN gateway using a flags attribute in an HTTP header without authentication. The product could then be exploited through a vulnerable…
- risk 0.22cvss —epss 1.00
TP-Link Archer AX21 (AX1800) firmware versions before 1.1.4 Build 20230219 contained a command injection vulnerability in the country form of the /cgi-bin/luci;stok=/locale endpoint on the web management interface. Specifically, the country parameter of the write operation was…
- risk 0.24cvss —epss 0.78
Windows SmartScreen Security Feature Bypass Vulnerability
- risk 0.19cvss —epss 0.97
Microsoft Outlook Elevation of Privilege Vulnerability
- risk 0.25cvss —epss 0.78
Vulnerability in Veeam Backup & Replication component allows encrypted credentials stored in the configuration database to be obtained. This may lead to gaining access to the backup infrastructure hosts.
- risk 0.12cvss —epss 0.12
A improper limitation of a pathname to a restricted directory vulnerability ('path traversal') [CWE-22] in Fortinet FortiOS version 7.2.0 through 7.2.3, 7.0.0 through 7.0.9 and before 6.4.11 allows a privileged attacker to read and write files on the underlying Linux system via…
- risk 0.12cvss —epss 0.02
A vulnerability was found in WebKit. The flaw is triggered when processing maliciously crafted web content that may lead to arbitrary code execution. Improved memory handling addresses the multiple memory corruption issues.
- risk 0.12cvss —epss 0.10
A type confusion issue was addressed with improved checks. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, iOS 16.3.1 and iPadOS 16.3.1, macOS Ventura 13.2.1, Safari 16.3. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a…
- risk 0.29cvss —epss 1.00
IBM Aspera Faspex 4.4.2 Patch Level 1 and earlier could allow a remote attacker to execute arbitrary code on the system, caused by a YAML deserialization flaw. By sending a specially crafted obsolete API call, an attacker could exploit this vulnerability to execute arbitrary…
- risk 0.16cvss —epss 1.00
An issue was discovered in Joomla! 4.0.0 through 4.2.7. An improper access check allows unauthorized access to webservice endpoints.
- risk 0.77cvss 8.8epss 0.62
Microsoft Exchange Server Remote Code Execution Vulnerability
- risk 0.12cvss —epss 0.06
Windows Graphics Component Remote Code Execution Vulnerability
- risk 0.19cvss —epss 0.11
Windows Common Log File System Driver Elevation of Privilege Vulnerability
- risk 0.12cvss —epss 0.12
Microsoft Publisher Security Feature Bypass Vulnerability
- risk 0.20cvss —epss 0.95
Ruckus Wireless Admin through 10.4 allows Remote Code Execution via an unauthenticated HTTP GET Request, as demonstrated by a /forms/doLogin?login_username=admin&password=password$(curl substring.
- risk 0.29cvss —epss 0.84
TerraMaster NAS 4.2.29 and earlier allows remote attackers to discover the administrative password by sending "User-Agent: TNAS" to module/api.php?mobile/webNasIPS and then reading the PWD field in the response.
- risk 0.22cvss —epss 1.00
Fortra (formerly, HelpSystems) GoAnywhere MFT suffers from a pre-authentication command injection vulnerability in the License Response Servlet due to deserializing an arbitrary attacker-controlled object. This issue was patched in version 7.1.2.
- risk 0.12cvss —epss 0.04
A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the system user. We recommend…
- risk 0.18cvss —epss 0.61
Adobe Acrobat Reader versions 22.003.20282 (and earlier), 22.003.20281 (and earlier) and 20.005.30418 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue…
- risk 0.29cvss —epss 1.00
Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow remote code execution due to use of Apache Santuario xmlsec (aka XML Security for Java) 1.4.1, because the xmlsec XSLT features, by design in that version, make the application…
- risk 0.23cvss —epss 1.00
Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP…
- risk 0.22cvss —epss 0.80
In SugarCRM before 12.0. Hotfix 91155, a crafted request can inject custom PHP code through the EmailTemplates because of missing input validation.
- risk 0.14cvss —epss 0.42
Windows Advanced Local Procedure Call (ALPC) Elevation of Privilege Vulnerability