| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-22697 | Hig | 0.51 | 7.8 | 0.03 | Jan 26, 2021 | A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software (V2.1.13 and prior) that could allow a use-after-free condition which could result in remote code execution when a malicious SSD file is uploaded and… | ||
| CVE-2021-21723 | Hig | 0.49 | 7.5 | 0.01 | Jan 26, 2021 | Some ZTE products have a DoS vulnerability. Due to the improper handling of memory release in some specific scenarios, a remote attacker can trigger the vulnerability by performing a series of operations, resulting in memory leak, which may eventually lead to device denial of… | ||
| CVE-2020-9492 | — | Hig | 0.51 | 8.8 | 0.04 | Jan 26, 2021 | In Apache Hadoop 3.2.0 to 3.2.1, 3.0.0-alpha1 to 3.1.3, and 2.0.0-alpha to 2.10.0, WebHDFS client might send SPNEGO authorization header to remote URL without proper verification. | |
| CVE-2020-8295 | Hig | 0.49 | 7.5 | 0.02 | Jan 26, 2021 | A wrong check in Nextcloud Server 19 and prior allowed to perform a denial of service attack when resetting the password for a user. | ||
| CVE-2020-36230 | Hig | 0.43 | 7.5 | 0.12 | Jan 26, 2021 | A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service. | ||
| CVE-2020-36229 | Hig | 0.42 | 7.5 | 0.04 | Jan 26, 2021 | A flaw was discovered in ldap_X509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in ad_keystring, resulting in denial of service. | ||
| CVE-2020-36228 | Hig | 0.48 | 7.5 | 0.83 | Jan 26, 2021 | An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service. | ||
| CVE-2020-36227 | Hig | 0.48 | 7.5 | 0.78 | Jan 26, 2021 | A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service. | ||
| CVE-2020-36226 | Hig | 0.42 | 7.5 | 0.04 | Jan 26, 2021 | A flaw was discovered in OpenLDAP before 2.4.57 leading to a memch->bv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service. | ||
| CVE-2020-36225 | Hig | 0.42 | 7.5 | 0.04 | Jan 26, 2021 | A flaw was discovered in OpenLDAP before 2.4.57 leading to a double free and slapd crash in the saslAuthzTo processing, resulting in denial of service. | ||
| CVE-2020-36224 | Hig | 0.42 | 7.5 | 0.04 | Jan 26, 2021 | A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service. | ||
| CVE-2020-36223 | Hig | 0.42 | 7.5 | 0.04 | Jan 26, 2021 | A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read). | ||
| CVE-2020-36222 | Hig | 0.48 | 7.5 | 0.78 | Jan 26, 2021 | A flaw was discovered in OpenLDAP before 2.4.57 leading to an assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service. | ||
| CVE-2020-36221 | Hig | 0.48 | 7.5 | 0.84 | Jan 26, 2021 | An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck). | ||
| CVE-2020-36215 | — | Hig | 0.49 | 7.5 | 0.01 | Jan 26, 2021 | An issue was discovered in the hashconsing crate before 1.1.0 for Rust. Because HConsed does not have bounds on its Send trait or Sync trait, memory corruption can occur. | |
| CVE-2020-36213 | — | Hig | 0.42 | 7.5 | 0.01 | Jan 26, 2021 | An issue was discovered in the abi_stable crate before 0.9.1 for Rust. A retain call can create an invalid UTF-8 string, violating soundness. | |
| CVE-2020-36212 | — | Hig | 0.42 | 7.5 | 0.01 | Jan 26, 2021 | An issue was discovered in the abi_stable crate before 0.9.1 for Rust. DrainFilter lacks soundness because of a double drop. | |
| CVE-2020-36211 | — | Hig | 0.39 | 7.0 | 0.00 | Jan 26, 2021 | An issue was discovered in the gfwx crate before 0.3.0 for Rust. Because ImageChunkMut does not have bounds on its Send trait or Sync trait, a data race and memory corruption can occur. | |
| CVE-2020-36210 | — | Hig | 0.51 | 7.8 | 0.00 | Jan 26, 2021 | An issue was discovered in the autorand crate before 0.2.3 for Rust. Because of impl Random on arrays, uninitialized memory can be dropped when a panic occurs, leading to memory corruption. | |
| CVE-2020-36209 | — | Hig | 0.39 | 7.0 | 0.00 | Jan 26, 2021 | An issue was discovered in the late-static crate before 0.4.0 for Rust. Because Sync is implemented for LateStatic with T: Send, a data race can occur. | |
| CVE-2020-36208 | — | Hig | 0.44 | 7.8 | 0.00 | Jan 26, 2021 | An issue was discovered in the conquer-once crate before 0.3.2 for Rust. Thread crossing can occur for a non-Send but Sync type, leading to memory corruption. | |
| CVE-2020-36207 | — | Hig | 0.46 | 7.0 | 0.00 | Jan 26, 2021 | An issue was discovered in the aovec crate through 2020-12-10 for Rust. Because Aovec does not have bounds on its Send trait or Sync trait, a data race and memory corruption can occur. | |
| CVE-2020-36206 | — | Hig | 0.39 | 7.0 | 0.00 | Jan 26, 2021 | An issue was discovered in the rusb crate before 0.7.0 for Rust. Because of a lack of Send and Sync bounds, a data race and memory corruption can occur. | |
| CVE-2020-36201 | Hig | 0.49 | 7.5 | 0.01 | Jan 26, 2021 | An issue was discovered in certain Xerox WorkCentre products. They do not properly encrypt passwords. This affects 3655, 3655i, 58XX, 58XXi 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices. | ||
| CVE-2020-35845 | Hig | 0.51 | 7.8 | 0.01 | Jan 26, 2021 | FastStone Image Viewer 7.5 has an out-of-bounds write (via a crafted image file) at FSViewer.exe+0x96cf. | ||
| CVE-2020-35844 | Hig | 0.51 | 7.8 | 0.01 | Jan 26, 2021 | FastStone Image Viewer 7.5 has an out-of-bounds write (via a crafted image file) at FSViewer.exe+0xbe9c4. | ||
| CVE-2020-35576 | Hig | 0.64 | 8.8 | 0.42 | Jan 26, 2021 | A Command Injection issue in the traceroute feature on TP-Link TL-WR841N V13 (JP) with firmware versions prior to 201216 allows authenticated users to execute arbitrary code as root via shell metacharacters, a different vulnerability than CVE-2018-12577. | ||
| CVE-2020-35239 | — | Hig | 0.57 | 8.8 | 0.01 | Jan 26, 2021 | A vulnerability exists in CakePHP versions 4.0.x through 4.1.3. The CsrfProtectionMiddleware component allows method override parameters to bypass CSRF checks by changing the HTTP request method to an arbitrary string that is not in the list of request methods that CakePHP… | |
| CVE-2020-29001 | Hig | 0.47 | 7.2 | 0.01 | Jan 26, 2021 | An issue was discovered on Geeni GNC-CW028 Camera 2.7.2, Geeni GNC-CW025 Doorbell 2.9.5, Merkury MI-CW024 Doorbell 2.9.6, and Merkury MI-CW017 Camera 2.9.6 devices. A vulnerability exists in the RESTful Services API that allows a remote attacker to take full control of the… | ||
| CVE-2020-29000 | Hig | 0.47 | 7.2 | 0.03 | Jan 26, 2021 | An issue was discovered on Geeni GNC-CW013 doorbell 1.8.1 devices. A vulnerability exists in the RTSP service that allows a remote attacker to take full control of the device with a high-privileged account. By sending a crafted message, an attacker is able to remotely deliver a… | ||
| CVE-2020-28999 | Hig | 0.47 | 7.2 | 0.02 | Jan 26, 2021 | An issue was discovered in Apexis Streaming Video Web Application on Geeni GNC-CW013 doorbell 1.8.1 devices. A remote attacker can take full control of the camera with a high-privileged account. The vulnerability exists because a static username and password are compiled into a… | ||
| CVE-2020-28874 | Hig | 0.49 | 7.5 | 0.02 | Jan 26, 2021 | reset-password.php in ProjectSend before r1295 allows remote attackers to reset a password because of incorrect business logic. Errors are not properly considered (an invalid token parameter). | ||
| CVE-2020-27814 | Hig | 0.51 | 7.8 | 0.02 | Jan 26, 2021 | A heap-buffer overflow was found in the way openjpeg2 handled certain PNG format files. An attacker could use this flaw to cause an application crash or in some cases execute arbitrary code with the permission of the user running such an application. | ||
| CVE-2020-27541 | Hig | 0.49 | 7.5 | 0.01 | Jan 26, 2021 | Denial of Service vulnerability in Rostelecom CS-C2SHW 5.0.082.1. AgentGreen service has a bug in parsing broadcast discovery UDP packet. Sending a packet of too small size will lead to an attempt of allocating buffer of negative size. As the result service AgentGreen will be… | ||
| CVE-2020-27288 | Hig | 0.51 | 7.8 | 0.01 | Jan 26, 2021 | An untrusted pointer dereference has been identified in the way TPEditor(v1.98 and prior) processes project files, allowing an attacker to craft a special project file that may permit arbitrary code execution. | ||
| CVE-2020-27284 | Hig | 0.51 | 7.8 | 0.01 | Jan 26, 2021 | TPEditor (v1.98 and prior) is vulnerable to two out-of-bounds write instances in the way it processes project files, allowing an attacker to craft a special project file that may permit arbitrary code execution. | ||
| CVE-2020-27280 | Hig | 0.51 | 7.8 | 0.01 | Jan 26, 2021 | A use after free issue has been identified in the way ISPSoft(v3.12 and prior) processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution. | ||
| CVE-2020-25737 | Hig | 0.51 | 7.8 | 0.00 | Jan 26, 2021 | An elevation of privilege vulnerability exists in Hackolade versions prior 4.2.0 on Windows has an issue in specific deployment scenarios that could allow local users to gain elevated privileges during an uninstall of the application. | ||
| CVE-2020-25173 | Hig | 0.51 | 7.8 | 0.00 | Jan 26, 2021 | An attacker with local network access can obtain a fixed cryptography key which may allow for further compromise of Reolink P2P cameras outside of local network access | ||
| CVE-2020-25169 | Hig | 0.49 | 7.5 | 0.01 | Jan 26, 2021 | The affected Reolink P2P products do not sufficiently protect data transferred between the local device and Reolink servers. This can allow an attacker to access sensitive information, such as camera feeds. | ||
| CVE-2020-24549 | Hig | 0.57 | 8.8 | 0.03 | Jan 26, 2021 | openMAINT before 1.1-2.4.2 allows remote authenticated users to run arbitrary JSP code on the underlying web server. | ||
| CVE-2020-23826 | Hig | 0.58 | 8.8 | 0.13 | Jan 26, 2021 | The Yale WIPC-303W 2.21 through 2.31 camera is vulnerable to remote command execution (RCE) through command injection via the HTTP API. NOTE: This may be a duplicate of CVE-2020-10176 | ||
| CVE-2020-23449 | Hig | 0.49 | 7.5 | 0.01 | Jan 26, 2021 | newbee-mall all versions are affected by incorrect access control to remotely gain privileges through NewBeeMallIndexConfigServiceImpl.java. Unauthorized changes can be made to any user information through the userID. | ||
| CVE-2020-23162 | Hig | 0.49 | 7.5 | 0.01 | Jan 26, 2021 | Sensitive information disclosure and weak encryption in Pyrescom Termod4 time management devices before 10.04k allows remote attackers to read a session-file and obtain plain-text user credentials. | ||
| CVE-2020-23160 | Hig | 0.58 | 8.8 | 0.07 | Jan 26, 2021 | Remote code execution in Pyrescom Termod4 time management devices before 10.04k allows authenticated remote attackers to arbitrary commands as root on the devices. | ||
| CVE-2020-22643 | — | Hig | 0.47 | 7.2 | 0.02 | Jan 26, 2021 | Feehi CMS 2.1.0 is affected by an arbitrary file upload vulnerability, potentially resulting in remote code execution. After an administrator logs in, open the administrator image upload page to potentially upload malicious files. | |
| CVE-2020-16236 | Hig | 0.51 | 7.8 | 0.01 | Jan 26, 2021 | FPWIN Pro is vulnerable to an out-of-bounds read vulnerability when a user opens a maliciously crafted project file, which may allow an attacker to remotely execute arbitrary code. | ||
| CVE-2020-0236 | Hig | 0.49 | 7.5 | 0.01 | Jan 26, 2021 | In A2DP_GetCodecType of a2dp_codec_config, there is a possible out-of-bounds read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android,… | ||
| CVE-2020-4949 | Hig | 0.54 | 8.2 | 0.05 | Jan 26, 2021 | IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 192025. | ||
| CVE-2021-21272 | — | Hig | 0.43 | 7.7 | 0.01 | Jan 25, 2021 | ORAS is open source software which enables a way to push OCI Artifacts to OCI Conformant registries. ORAS is both a CLI for initial testing and a Go Module. In ORAS from version 0.4.0 and before version 0.9.0, there is a "zip-slip" vulnerability. The directory support feature… |
- risk 0.51cvss 7.8epss 0.03
A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software (V2.1.13 and prior) that could allow a use-after-free condition which could result in remote code execution when a malicious SSD file is uploaded and…
- risk 0.49cvss 7.5epss 0.01
Some ZTE products have a DoS vulnerability. Due to the improper handling of memory release in some specific scenarios, a remote attacker can trigger the vulnerability by performing a series of operations, resulting in memory leak, which may eventually lead to device denial of…
- risk 0.51cvss 8.8epss 0.04
In Apache Hadoop 3.2.0 to 3.2.1, 3.0.0-alpha1 to 3.1.3, and 2.0.0-alpha to 2.10.0, WebHDFS client might send SPNEGO authorization header to remote URL without proper verification.
- risk 0.49cvss 7.5epss 0.02
A wrong check in Nextcloud Server 19 and prior allowed to perform a denial of service attack when resetting the password for a user.
- risk 0.43cvss 7.5epss 0.12
A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service.
- risk 0.42cvss 7.5epss 0.04
A flaw was discovered in ldap_X509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in ad_keystring, resulting in denial of service.
- risk 0.48cvss 7.5epss 0.83
An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service.
- risk 0.48cvss 7.5epss 0.78
A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service.
- risk 0.42cvss 7.5epss 0.04
A flaw was discovered in OpenLDAP before 2.4.57 leading to a memch->bv_len miscalculation and slapd crash in the saslAuthzTo processing, resulting in denial of service.
- risk 0.42cvss 7.5epss 0.04
A flaw was discovered in OpenLDAP before 2.4.57 leading to a double free and slapd crash in the saslAuthzTo processing, resulting in denial of service.
- risk 0.42cvss 7.5epss 0.04
A flaw was discovered in OpenLDAP before 2.4.57 leading to an invalid pointer free and slapd crash in the saslAuthzTo processing, resulting in denial of service.
- risk 0.42cvss 7.5epss 0.04
A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read).
- risk 0.48cvss 7.5epss 0.78
A flaw was discovered in OpenLDAP before 2.4.57 leading to an assertion failure in slapd in the saslAuthzTo validation, resulting in denial of service.
- risk 0.48cvss 7.5epss 0.84
An integer underflow was discovered in OpenLDAP before 2.4.57 leading to slapd crashes in the Certificate Exact Assertion processing, resulting in denial of service (schema_init.c serialNumberAndIssuerCheck).
- risk 0.49cvss 7.5epss 0.01
An issue was discovered in the hashconsing crate before 1.1.0 for Rust. Because HConsed does not have bounds on its Send trait or Sync trait, memory corruption can occur.
- risk 0.42cvss 7.5epss 0.01
An issue was discovered in the abi_stable crate before 0.9.1 for Rust. A retain call can create an invalid UTF-8 string, violating soundness.
- risk 0.42cvss 7.5epss 0.01
An issue was discovered in the abi_stable crate before 0.9.1 for Rust. DrainFilter lacks soundness because of a double drop.
- risk 0.39cvss 7.0epss 0.00
An issue was discovered in the gfwx crate before 0.3.0 for Rust. Because ImageChunkMut does not have bounds on its Send trait or Sync trait, a data race and memory corruption can occur.
- risk 0.51cvss 7.8epss 0.00
An issue was discovered in the autorand crate before 0.2.3 for Rust. Because of impl Random on arrays, uninitialized memory can be dropped when a panic occurs, leading to memory corruption.
- risk 0.39cvss 7.0epss 0.00
An issue was discovered in the late-static crate before 0.4.0 for Rust. Because Sync is implemented for LateStatic with T: Send, a data race can occur.
- risk 0.44cvss 7.8epss 0.00
An issue was discovered in the conquer-once crate before 0.3.2 for Rust. Thread crossing can occur for a non-Send but Sync type, leading to memory corruption.
- risk 0.46cvss 7.0epss 0.00
An issue was discovered in the aovec crate through 2020-12-10 for Rust. Because Aovec does not have bounds on its Send trait or Sync trait, a data race and memory corruption can occur.
- risk 0.39cvss 7.0epss 0.00
An issue was discovered in the rusb crate before 0.7.0 for Rust. Because of a lack of Send and Sync bounds, a data race and memory corruption can occur.
- risk 0.49cvss 7.5epss 0.01
An issue was discovered in certain Xerox WorkCentre products. They do not properly encrypt passwords. This affects 3655, 3655i, 58XX, 58XXi 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices.
- risk 0.51cvss 7.8epss 0.01
FastStone Image Viewer 7.5 has an out-of-bounds write (via a crafted image file) at FSViewer.exe+0x96cf.
- risk 0.51cvss 7.8epss 0.01
FastStone Image Viewer 7.5 has an out-of-bounds write (via a crafted image file) at FSViewer.exe+0xbe9c4.
- risk 0.64cvss 8.8epss 0.42
A Command Injection issue in the traceroute feature on TP-Link TL-WR841N V13 (JP) with firmware versions prior to 201216 allows authenticated users to execute arbitrary code as root via shell metacharacters, a different vulnerability than CVE-2018-12577.
- risk 0.57cvss 8.8epss 0.01
A vulnerability exists in CakePHP versions 4.0.x through 4.1.3. The CsrfProtectionMiddleware component allows method override parameters to bypass CSRF checks by changing the HTTP request method to an arbitrary string that is not in the list of request methods that CakePHP…
- risk 0.47cvss 7.2epss 0.01
An issue was discovered on Geeni GNC-CW028 Camera 2.7.2, Geeni GNC-CW025 Doorbell 2.9.5, Merkury MI-CW024 Doorbell 2.9.6, and Merkury MI-CW017 Camera 2.9.6 devices. A vulnerability exists in the RESTful Services API that allows a remote attacker to take full control of the…
- risk 0.47cvss 7.2epss 0.03
An issue was discovered on Geeni GNC-CW013 doorbell 1.8.1 devices. A vulnerability exists in the RTSP service that allows a remote attacker to take full control of the device with a high-privileged account. By sending a crafted message, an attacker is able to remotely deliver a…
- risk 0.47cvss 7.2epss 0.02
An issue was discovered in Apexis Streaming Video Web Application on Geeni GNC-CW013 doorbell 1.8.1 devices. A remote attacker can take full control of the camera with a high-privileged account. The vulnerability exists because a static username and password are compiled into a…
- risk 0.49cvss 7.5epss 0.02
reset-password.php in ProjectSend before r1295 allows remote attackers to reset a password because of incorrect business logic. Errors are not properly considered (an invalid token parameter).
- risk 0.51cvss 7.8epss 0.02
A heap-buffer overflow was found in the way openjpeg2 handled certain PNG format files. An attacker could use this flaw to cause an application crash or in some cases execute arbitrary code with the permission of the user running such an application.
- risk 0.49cvss 7.5epss 0.01
Denial of Service vulnerability in Rostelecom CS-C2SHW 5.0.082.1. AgentGreen service has a bug in parsing broadcast discovery UDP packet. Sending a packet of too small size will lead to an attempt of allocating buffer of negative size. As the result service AgentGreen will be…
- risk 0.51cvss 7.8epss 0.01
An untrusted pointer dereference has been identified in the way TPEditor(v1.98 and prior) processes project files, allowing an attacker to craft a special project file that may permit arbitrary code execution.
- risk 0.51cvss 7.8epss 0.01
TPEditor (v1.98 and prior) is vulnerable to two out-of-bounds write instances in the way it processes project files, allowing an attacker to craft a special project file that may permit arbitrary code execution.
- risk 0.51cvss 7.8epss 0.01
A use after free issue has been identified in the way ISPSoft(v3.12 and prior) processes project files, allowing an attacker to craft a special project file that may allow arbitrary code execution.
- risk 0.51cvss 7.8epss 0.00
An elevation of privilege vulnerability exists in Hackolade versions prior 4.2.0 on Windows has an issue in specific deployment scenarios that could allow local users to gain elevated privileges during an uninstall of the application.
- risk 0.51cvss 7.8epss 0.00
An attacker with local network access can obtain a fixed cryptography key which may allow for further compromise of Reolink P2P cameras outside of local network access
- risk 0.49cvss 7.5epss 0.01
The affected Reolink P2P products do not sufficiently protect data transferred between the local device and Reolink servers. This can allow an attacker to access sensitive information, such as camera feeds.
- risk 0.57cvss 8.8epss 0.03
openMAINT before 1.1-2.4.2 allows remote authenticated users to run arbitrary JSP code on the underlying web server.
- risk 0.58cvss 8.8epss 0.13
The Yale WIPC-303W 2.21 through 2.31 camera is vulnerable to remote command execution (RCE) through command injection via the HTTP API. NOTE: This may be a duplicate of CVE-2020-10176
- risk 0.49cvss 7.5epss 0.01
newbee-mall all versions are affected by incorrect access control to remotely gain privileges through NewBeeMallIndexConfigServiceImpl.java. Unauthorized changes can be made to any user information through the userID.
- risk 0.49cvss 7.5epss 0.01
Sensitive information disclosure and weak encryption in Pyrescom Termod4 time management devices before 10.04k allows remote attackers to read a session-file and obtain plain-text user credentials.
- risk 0.58cvss 8.8epss 0.07
Remote code execution in Pyrescom Termod4 time management devices before 10.04k allows authenticated remote attackers to arbitrary commands as root on the devices.
- risk 0.47cvss 7.2epss 0.02
Feehi CMS 2.1.0 is affected by an arbitrary file upload vulnerability, potentially resulting in remote code execution. After an administrator logs in, open the administrator image upload page to potentially upload malicious files.
- risk 0.51cvss 7.8epss 0.01
FPWIN Pro is vulnerable to an out-of-bounds read vulnerability when a user opens a maliciously crafted project file, which may allow an attacker to remotely execute arbitrary code.
- risk 0.49cvss 7.5epss 0.01
In A2DP_GetCodecType of a2dp_codec_config, there is a possible out-of-bounds read due to improper input validation. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android,…
- risk 0.54cvss 8.2epss 0.05
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 192025.
- risk 0.43cvss 7.7epss 0.01
ORAS is open source software which enables a way to push OCI Artifacts to OCI Conformant registries. ORAS is both a CLI for initial testing and a Go Module. In ORAS from version 0.4.0 and before version 0.9.0, there is a "zip-slip" vulnerability. The directory support feature…