| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-9338 | Hig | 0.49 | 7.5 | 0.01 | Aug 22, 2019 | The wp-file-upload plugin before 2.5.0 for WordPress has insufficient restrictions on upload of .php files. | ||
| CVE-2019-15330 | Hig | 0.49 | 7.5 | 0.02 | Aug 22, 2019 | The webp-express plugin before 0.14.11 for WordPress has insufficient protection against arbitrary file reading. | ||
| CVE-2019-15060 | Hig | 0.58 | 8.8 | 0.04 | Aug 22, 2019 | The traceroute function on the TP-Link TL-WR840N v4 router with firmware through 0.9.1 3.16 is vulnerable to remote code execution via a crafted payload in an IP address input field. | ||
| CVE-2019-12385 | Hig | 0.57 | 8.8 | 0.02 | Aug 22, 2019 | An issue was discovered in Ampache through 3.9.1. The search engine is affected by a SQL Injection, so any user able to perform lib/class/search.class.php searches (even guest users) can dump any data contained in the database (sessions, hashed passwords, etc.). This may lead to… | ||
| CVE-2018-20988 | Hig | 0.49 | 7.5 | 0.01 | Aug 22, 2019 | The wpgform plugin before 0.94 for WordPress has eval injection in the CAPTCHA calculation. | ||
| CVE-2015-9341 | Hig | 0.49 | 7.5 | 0.01 | Aug 22, 2019 | The wp-file-upload plugin before 3.4.1 for WordPress has insufficient restrictions on upload of .php.js files. | ||
| CVE-2019-7617 | Hig | 0.40 | 7.2 | 0.02 | Aug 22, 2019 | When the Elastic APM agent for Python versions before 5.1.0 is run as a CGI script, there is a variable name clash flaw if a remote attacker can control the proxy header. This could result in an attacker redirecting collected APM data to a proxy of their choosing. | ||
| CVE-2019-9154 | — | Hig | 0.00 | 7.5 | 0.02 | Aug 22, 2019 | Improper Verification of a Cryptographic Signature in OpenPGP.js <=4.1.2 allows an attacker to pass off unsigned data as signed. | |
| CVE-2019-9153 | — | Hig | 0.00 | 7.5 | 0.02 | Aug 22, 2019 | Improper Verification of a Cryptographic Signature in OpenPGP.js <=4.1.2 allows an attacker to forge signed messages by replacing its signatures with a "standalone" or "timestamp" signature. | |
| CVE-2019-14751 | — | Hig | 0.42 | 7.5 | 0.06 | Aug 22, 2019 | NLTK Downloader before 3.4.5 is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in an NLTK package (ZIP archive) that is mishandled during extraction. | |
| CVE-2019-11029 | Hig | 0.49 | 7.5 | 0.02 | Aug 22, 2019 | Mirasys VMS before V7.6.1 and 8.x before V8.3.2 mishandles the Download() method of AutoUpdateService in SMServer.exe, leading to Directory Traversal. An attacker could use ..\ with this method to iterate over lists of interesting system files and download them without previous… | ||
| CVE-2018-18573 | Hig | 0.47 | 7.2 | 0.03 | Aug 22, 2019 | osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page. Remote authenticated administrators can upload new '.htaccess' files (e.g., omitting .php) and subsequently achieve arbitrary PHP code execution via a… | ||
| CVE-2018-18572 | Hig | 0.47 | 7.2 | 0.03 | Aug 22, 2019 | osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page. Because of this filter, script files with certain PHP-related extensions (such as .phtml and .php5) didn't execute in the application. But this filter didn't prevent the '.pht'… | ||
| CVE-2019-5635 | Hig | 0.49 | 7.5 | 0.00 | Aug 22, 2019 | A cleartext transmission of sensitive information vulnerability is present in Hickory Smart Ethernet Bridge from Belwith Products, LLC. Captured data reveals that the Hickory Smart Ethernet Bridge device communicates over the network to an MQTT broker without using encryption.… | ||
| CVE-2019-15324 | Hig | 0.57 | 8.8 | 0.04 | Aug 22, 2019 | The ad-inserter plugin before 2.4.22 for WordPress has remote code execution. | ||
| CVE-2019-15323 | Hig | 0.49 | 7.5 | 0.02 | Aug 22, 2019 | The ad-inserter plugin before 2.4.20 for WordPress has path traversal. | ||
| CVE-2017-18584 | Hig | 0.49 | 7.5 | 0.01 | Aug 22, 2019 | The post-pay-counter plugin before 2.731 for WordPress has no permissions check for an update-settinga action. | ||
| CVE-2016-10924 | Hig | 0.50 | 7.5 | 0.12 | Aug 22, 2019 | The ebook-download plugin before 1.2 for WordPress has directory traversal. | ||
| CVE-2015-9337 | Hig | 0.49 | 7.5 | 0.01 | Aug 22, 2019 | The profile-builder plugin before 2.1.4 for WordPress has no access control for activating or deactivating addons via AJAX. | ||
| CVE-2019-14511 | Hig | 0.49 | 7.5 | 0.02 | Aug 22, 2019 | Sphinx Technologies Sphinx 3.1.1 by default has no authentication and listens on 0.0.0.0, making it exposed to the internet (unless filtered by a firewall or reconfigured to listen to 127.0.0.1 only). | ||
| CVE-2018-20980 | Hig | 0.49 | 7.5 | 0.01 | Aug 22, 2019 | The ninja-forms plugin before 3.2.15 for WordPress has parameter tampering. | ||
| CVE-2016-10918 | Hig | 0.57 | 8.8 | 0.01 | Aug 22, 2019 | The gallery-by-supsystic plugin before 1.8.6 for WordPress has CSRF. | ||
| CVE-2019-5638 | Hig | 0.57 | 8.7 | 0.01 | Aug 21, 2019 | Rapid7 Nexpose versions 6.5.50 and prior suffer from insufficient session expiration when an administrator performs a security relevant edit on an existing, logged on user. For example, if a user's password is changed by an administrator due to an otherwise unrelated credential… | ||
| CVE-2019-15316 | Hig | 0.46 | 7.0 | 0.00 | Aug 21, 2019 | Valve Steam Client for Windows through 2019-08-20 has weak folder permissions, leading to privilege escalation (to NT AUTHORITY\SYSTEM) via crafted use of CreateMountPoint.exe and SetOpLock.exe to leverage a TOCTOU race condition. | ||
| CVE-2019-15315 | Hig | 0.51 | 7.8 | 0.00 | Aug 21, 2019 | Valve Steam Client for Windows through 2019-08-16 allows privilege escalation (to NT AUTHORITY\SYSTEM) because local users can replace the current versions of SteamService.exe and SteamService.dll with older versions that lack the CVE-2019-14743 patch. | ||
| CVE-2019-14686 | Hig | 0.51 | 7.8 | 0.01 | Aug 21, 2019 | A DLL hijacking vulnerability exists in the Trend Micro Security's 2019 consumer family of products (v15) Folder Shield component and the standalone Trend Micro Ransom Buster (1.0) tool in which, if exploited, would allow an attacker to load a malicious DLL, leading to elevated… | ||
| CVE-2019-14685 | Hig | 0.51 | 7.8 | 0.01 | Aug 21, 2019 | A local privilege escalation vulnerability exists in Trend Micro Security 2019 (v15.0) in which, if exploited, would allow an attacker to manipulate a specific product feature to load a malicious service. | ||
| CVE-2019-11603 | Hig | 0.49 | 7.5 | 0.02 | Aug 21, 2019 | A HTTP Traversal Attack in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.0.2 allows remote attackers to read files outside the http root. | ||
| CVE-2019-11601 | Hig | 0.49 | 7.5 | 0.03 | Aug 21, 2019 | A directory traversal vulnerability in remote access to backup & restore in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.2.0 allows remote attackers to write or delete files at any location. | ||
| CVE-2018-17791 | Hig | 0.49 | 7.5 | 0.02 | Aug 21, 2019 | Newgen OmniFlow Intelligent Business Process Suite (iBPS) 7.0 has an "improper server side validation" vulnerability where client-side validations are tampered, and inappropriate information is stored on the server side and fetched from the server every time the user visits the… | ||
| CVE-2019-1936 | Hig | 0.53 | 7.2 | 0.39 | Aug 21, 2019 | A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an authenticated, remote attacker to execute arbitrary commands on the underlying Linux… | ||
| CVE-2019-1908 | Hig | 0.49 | 7.5 | 0.02 | Aug 21, 2019 | A vulnerability in the Intelligent Platform Management Interface (IPMI) implementation of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to view sensitive system information. The vulnerability is due to insufficient security… | ||
| CVE-2019-1907 | Hig | 0.57 | 8.8 | 0.01 | Aug 21, 2019 | A vulnerability in the web server of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to set sensitive configuration values and gain elevated privileges. The vulnerability is due to improper handling of substring comparison operations… | ||
| CVE-2019-1900 | Hig | 0.49 | 7.5 | 0.02 | Aug 21, 2019 | A vulnerability in the web server of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to cause the web server process to crash, causing a denial of service (DoS) condition on an affected system. The vulnerability is due to insufficient… | ||
| CVE-2019-1896 | Hig | 0.47 | 7.2 | 0.02 | Aug 21, 2019 | A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to inject arbitrary commands and obtain root privileges. The vulnerability is due to insufficient validation of user-supplied input… | ||
| CVE-2019-1885 | Hig | 0.47 | 7.2 | 0.04 | Aug 21, 2019 | A vulnerability in the Redfish protocol of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to inject and execute arbitrary commands with root privileges on an affected device. The vulnerability is due to insufficient validation of… | ||
| CVE-2019-1883 | Hig | 0.51 | 7.8 | 0.00 | Aug 21, 2019 | A vulnerability in the command-line interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker with read-only credentials to inject arbitrary commands that could allow them to obtain root privileges. The vulnerability is due to… | ||
| CVE-2019-1871 | Hig | 0.47 | 7.2 | 0.03 | Aug 21, 2019 | A vulnerability in the Import Cisco IMC configuration utility of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition and implement arbitrary commands with root privileges on an affected device.… | ||
| CVE-2019-1865 | Hig | 0.57 | 8.8 | 0.04 | Aug 21, 2019 | A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges on an affected device. The vulnerability is due to… | ||
| CVE-2019-1864 | Hig | 0.57 | 8.8 | 0.03 | Aug 21, 2019 | A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges on an affected device. The vulnerability is due to… | ||
| CVE-2019-1863 | Hig | 0.53 | 8.1 | 0.02 | Aug 21, 2019 | A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to make unauthorized changes to the system configuration. The vulnerability is due to insufficient authorization… | ||
| CVE-2019-1850 | Hig | 0.47 | 7.2 | 0.04 | Aug 21, 2019 | A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges on an affected device. An attacker would need to have… | ||
| CVE-2019-1634 | Hig | 0.47 | 7.2 | 0.03 | Aug 21, 2019 | A vulnerability in the Intelligent Platform Management Interface (IPMI) of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges on the underlying operating system (OS). The… | ||
| CVE-2019-14258 | Hig | 0.49 | 7.5 | 0.02 | Aug 21, 2019 | The XML-RPC subsystem in Zenoss 2.5.3 allows XXE attacks that lead to unauthenticated information disclosure via port 9988. | ||
| CVE-2019-14257 | Hig | 0.51 | 7.8 | 0.01 | Aug 21, 2019 | pyraw in Zenoss 2.5.3 allows local privilege escalation by modifying environment variables to redirect execution before privileges are dropped, aka ZEN-31765. | ||
| CVE-2019-13477 | Hig | 0.57 | 8.8 | 0.01 | Aug 21, 2019 | In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.837, CSRF in the forgot password function allows an attacker to change the password for the root account. | ||
| CVE-2019-12634 | Hig | 0.49 | 7.5 | 0.02 | Aug 21, 2019 | A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The… | ||
| CVE-2019-12627 | Hig | 0.49 | 7.5 | 0.01 | Aug 21, 2019 | A vulnerability in the application policy configuration of the Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data. The vulnerability is due to insufficient application identification.… | ||
| CVE-2019-12624 | Hig | 0.62 | 8.8 | 0.19 | Aug 21, 2019 | A vulnerability in the web-based management interface of Cisco IOS XE New Generation Wireless Controller (NGWC) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. The… | ||
| CVE-2017-18521 | Hig | 0.57 | 8.8 | 0.01 | Aug 21, 2019 | The democracy-poll plugin before 5.4 for WordPress has CSRF via wp-admin/options-general.php?page=democracy-poll&subpage=l10n. |
- risk 0.49cvss 7.5epss 0.01
The wp-file-upload plugin before 2.5.0 for WordPress has insufficient restrictions on upload of .php files.
- risk 0.49cvss 7.5epss 0.02
The webp-express plugin before 0.14.11 for WordPress has insufficient protection against arbitrary file reading.
- risk 0.58cvss 8.8epss 0.04
The traceroute function on the TP-Link TL-WR840N v4 router with firmware through 0.9.1 3.16 is vulnerable to remote code execution via a crafted payload in an IP address input field.
- risk 0.57cvss 8.8epss 0.02
An issue was discovered in Ampache through 3.9.1. The search engine is affected by a SQL Injection, so any user able to perform lib/class/search.class.php searches (even guest users) can dump any data contained in the database (sessions, hashed passwords, etc.). This may lead to…
- risk 0.49cvss 7.5epss 0.01
The wpgform plugin before 0.94 for WordPress has eval injection in the CAPTCHA calculation.
- risk 0.49cvss 7.5epss 0.01
The wp-file-upload plugin before 3.4.1 for WordPress has insufficient restrictions on upload of .php.js files.
- risk 0.40cvss 7.2epss 0.02
When the Elastic APM agent for Python versions before 5.1.0 is run as a CGI script, there is a variable name clash flaw if a remote attacker can control the proxy header. This could result in an attacker redirecting collected APM data to a proxy of their choosing.
- risk 0.00cvss 7.5epss 0.02
Improper Verification of a Cryptographic Signature in OpenPGP.js <=4.1.2 allows an attacker to pass off unsigned data as signed.
- risk 0.00cvss 7.5epss 0.02
Improper Verification of a Cryptographic Signature in OpenPGP.js <=4.1.2 allows an attacker to forge signed messages by replacing its signatures with a "standalone" or "timestamp" signature.
- risk 0.42cvss 7.5epss 0.06
NLTK Downloader before 3.4.5 is vulnerable to a directory traversal, allowing attackers to write arbitrary files via a ../ (dot dot slash) in an NLTK package (ZIP archive) that is mishandled during extraction.
- risk 0.49cvss 7.5epss 0.02
Mirasys VMS before V7.6.1 and 8.x before V8.3.2 mishandles the Download() method of AutoUpdateService in SMServer.exe, leading to Directory Traversal. An attacker could use ..\ with this method to iterate over lists of interesting system files and download them without previous…
- risk 0.47cvss 7.2epss 0.03
osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page. Remote authenticated administrators can upload new '.htaccess' files (e.g., omitting .php) and subsequently achieve arbitrary PHP code execution via a…
- risk 0.47cvss 7.2epss 0.03
osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page. Because of this filter, script files with certain PHP-related extensions (such as .phtml and .php5) didn't execute in the application. But this filter didn't prevent the '.pht'…
- risk 0.49cvss 7.5epss 0.00
A cleartext transmission of sensitive information vulnerability is present in Hickory Smart Ethernet Bridge from Belwith Products, LLC. Captured data reveals that the Hickory Smart Ethernet Bridge device communicates over the network to an MQTT broker without using encryption.…
- risk 0.57cvss 8.8epss 0.04
The ad-inserter plugin before 2.4.22 for WordPress has remote code execution.
- risk 0.49cvss 7.5epss 0.02
The ad-inserter plugin before 2.4.20 for WordPress has path traversal.
- risk 0.49cvss 7.5epss 0.01
The post-pay-counter plugin before 2.731 for WordPress has no permissions check for an update-settinga action.
- risk 0.50cvss 7.5epss 0.12
The ebook-download plugin before 1.2 for WordPress has directory traversal.
- risk 0.49cvss 7.5epss 0.01
The profile-builder plugin before 2.1.4 for WordPress has no access control for activating or deactivating addons via AJAX.
- risk 0.49cvss 7.5epss 0.02
Sphinx Technologies Sphinx 3.1.1 by default has no authentication and listens on 0.0.0.0, making it exposed to the internet (unless filtered by a firewall or reconfigured to listen to 127.0.0.1 only).
- risk 0.49cvss 7.5epss 0.01
The ninja-forms plugin before 3.2.15 for WordPress has parameter tampering.
- risk 0.57cvss 8.8epss 0.01
The gallery-by-supsystic plugin before 1.8.6 for WordPress has CSRF.
- risk 0.57cvss 8.7epss 0.01
Rapid7 Nexpose versions 6.5.50 and prior suffer from insufficient session expiration when an administrator performs a security relevant edit on an existing, logged on user. For example, if a user's password is changed by an administrator due to an otherwise unrelated credential…
- risk 0.46cvss 7.0epss 0.00
Valve Steam Client for Windows through 2019-08-20 has weak folder permissions, leading to privilege escalation (to NT AUTHORITY\SYSTEM) via crafted use of CreateMountPoint.exe and SetOpLock.exe to leverage a TOCTOU race condition.
- risk 0.51cvss 7.8epss 0.00
Valve Steam Client for Windows through 2019-08-16 allows privilege escalation (to NT AUTHORITY\SYSTEM) because local users can replace the current versions of SteamService.exe and SteamService.dll with older versions that lack the CVE-2019-14743 patch.
- risk 0.51cvss 7.8epss 0.01
A DLL hijacking vulnerability exists in the Trend Micro Security's 2019 consumer family of products (v15) Folder Shield component and the standalone Trend Micro Ransom Buster (1.0) tool in which, if exploited, would allow an attacker to load a malicious DLL, leading to elevated…
- risk 0.51cvss 7.8epss 0.01
A local privilege escalation vulnerability exists in Trend Micro Security 2019 (v15.0) in which, if exploited, would allow an attacker to manipulate a specific product feature to load a malicious service.
- risk 0.49cvss 7.5epss 0.02
A HTTP Traversal Attack in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.0.2 allows remote attackers to read files outside the http root.
- risk 0.49cvss 7.5epss 0.03
A directory traversal vulnerability in remote access to backup & restore in earlier versions than ProSyst mBS SDK 8.2.6 and Bosch IoT Gateway Software 9.2.0 allows remote attackers to write or delete files at any location.
- risk 0.49cvss 7.5epss 0.02
Newgen OmniFlow Intelligent Business Process Suite (iBPS) 7.0 has an "improper server side validation" vulnerability where client-side validations are tampered, and inappropriate information is stored on the server side and fetched from the server every time the user visits the…
- risk 0.53cvss 7.2epss 0.39
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an authenticated, remote attacker to execute arbitrary commands on the underlying Linux…
- risk 0.49cvss 7.5epss 0.02
A vulnerability in the Intelligent Platform Management Interface (IPMI) implementation of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to view sensitive system information. The vulnerability is due to insufficient security…
- risk 0.57cvss 8.8epss 0.01
A vulnerability in the web server of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to set sensitive configuration values and gain elevated privileges. The vulnerability is due to improper handling of substring comparison operations…
- risk 0.49cvss 7.5epss 0.02
A vulnerability in the web server of Cisco Integrated Management Controller (IMC) could allow an unauthenticated, remote attacker to cause the web server process to crash, causing a denial of service (DoS) condition on an affected system. The vulnerability is due to insufficient…
- risk 0.47cvss 7.2epss 0.02
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to inject arbitrary commands and obtain root privileges. The vulnerability is due to insufficient validation of user-supplied input…
- risk 0.47cvss 7.2epss 0.04
A vulnerability in the Redfish protocol of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to inject and execute arbitrary commands with root privileges on an affected device. The vulnerability is due to insufficient validation of…
- risk 0.51cvss 7.8epss 0.00
A vulnerability in the command-line interface of Cisco Integrated Management Controller (IMC) could allow an authenticated, local attacker with read-only credentials to inject arbitrary commands that could allow them to obtain root privileges. The vulnerability is due to…
- risk 0.47cvss 7.2epss 0.03
A vulnerability in the Import Cisco IMC configuration utility of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to cause a denial of service (DoS) condition and implement arbitrary commands with root privileges on an affected device.…
- risk 0.57cvss 8.8epss 0.04
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges on an affected device. The vulnerability is due to…
- risk 0.57cvss 8.8epss 0.03
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges on an affected device. The vulnerability is due to…
- risk 0.53cvss 8.1epss 0.02
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to make unauthorized changes to the system configuration. The vulnerability is due to insufficient authorization…
- risk 0.47cvss 7.2epss 0.04
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Software could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges on an affected device. An attacker would need to have…
- risk 0.47cvss 7.2epss 0.03
A vulnerability in the Intelligent Platform Management Interface (IPMI) of Cisco Integrated Management Controller (IMC) could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges on the underlying operating system (OS). The…
- risk 0.49cvss 7.5epss 0.02
The XML-RPC subsystem in Zenoss 2.5.3 allows XXE attacks that lead to unauthenticated information disclosure via port 9988.
- risk 0.51cvss 7.8epss 0.01
pyraw in Zenoss 2.5.3 allows local privilege escalation by modifying environment variables to redirect execution before privileges are dropped, aka ZEN-31765.
- risk 0.57cvss 8.8epss 0.01
In CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.837, CSRF in the forgot password function allows an attacker to change the password for the root account.
- risk 0.49cvss 7.5epss 0.02
A vulnerability in the web-based management interface of Cisco Integrated Management Controller (IMC) Supervisor, Cisco UCS Director, and Cisco UCS Director Express for Big Data could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The…
- risk 0.49cvss 7.5epss 0.01
A vulnerability in the application policy configuration of the Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to gain unauthorized read access to sensitive data. The vulnerability is due to insufficient application identification.…
- risk 0.62cvss 8.8epss 0.19
A vulnerability in the web-based management interface of Cisco IOS XE New Generation Wireless Controller (NGWC) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. The…
- risk 0.57cvss 8.8epss 0.01
The democracy-poll plugin before 5.4 for WordPress has CSRF via wp-admin/options-general.php?page=democracy-poll&subpage=l10n.