| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-3496 | Hig | 0.58 | 8.8 | 0.10 | Mar 21, 2019 | An issue was discovered on Wifi-soft UniBox controller 3.x devices. The tools/controller/diagnostic_tools_controller Diagnostic Tools Controller is vulnerable to Remote Command Execution, allowing an attacker to execute arbitrary system commands on the server with root user… | ||
| CVE-2019-3495 | Hig | 0.58 | 8.8 | 0.05 | Mar 21, 2019 | An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices. network/mesh/edit-nds.php is vulnerable to arbitrary file upload, allowing an attacker to upload .php files and execute code on the server with root user privileges. Authentication for accessing this… | ||
| CVE-2018-6517 | Hig | 0.49 | 7.5 | 0.01 | Mar 21, 2019 | Prior to version 0.3.0, chloride's use of net-ssh resulted in host fingerprints for previously unknown hosts getting added to the user's known_hosts file without confirmation. In version 0.3.0 this is updated so that the user's known_hosts file is not updated by chloride. | ||
| CVE-2018-4058 | Hig | 0.50 | 7.7 | 0.01 | Mar 21, 2019 | An exploitable unsafe default configuration vulnerability exists in the TURN server functionality of coTURN prior to 4.5.0.9. By default, the TURN server allows relaying external traffic to the loopback interface of its own host. This can provide access to other private services… | ||
| CVE-2018-20669 | Hig | 0.51 | 7.8 | 0.01 | Mar 21, 2019 | An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary… | ||
| CVE-2018-20648 | Hig | 0.57 | 8.8 | 0.01 | Mar 21, 2019 | PHP Scripts Mall Car Rental Script 2.0.8 has Cross-Site Request Forgery (CSRF) via accountedit.php. | ||
| CVE-2018-20644 | Hig | 0.57 | 8.8 | 0.01 | Mar 21, 2019 | PHP Scripts Mall Basic B2B Script 2.0.9 has Cross-Site Request Forgery (CSRF) via the Edit profile feature. | ||
| CVE-2018-20641 | Hig | 0.57 | 8.8 | 0.01 | Mar 21, 2019 | PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has Cross-Site Request Forgery (CSRF) via the Edit Profile feature. | ||
| CVE-2018-20633 | Hig | 0.57 | 8.8 | 0.01 | Mar 21, 2019 | PHP Scripts Mall Advance B2B Script 2.1.4 has Cross-Site Request Forgery (CSRF) via the Edit Profile feature. | ||
| CVE-2018-20628 | Hig | 0.49 | 7.5 | 0.02 | Mar 21, 2019 | PHP Scripts Mall Charity Foundation Script 1 through 3 allows directory traversal via a direct request for a listing of an uploads directory such as the wp-content/uploads/2018/12 directory. | ||
| CVE-2018-20615 | Hig | 0.49 | 7.5 | 0.04 | Mar 21, 2019 | An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame… | ||
| CVE-2018-20556 | Hig | 0.62 | 8.8 | 0.19 | Mar 21, 2019 | SQL injection vulnerability in Booking Calendar plugin 8.4.3 for WordPress allows remote attackers to execute arbitrary SQL commands via the booking_id parameter. | ||
| CVE-2018-20323 | Hig | 0.65 | 8.8 | 0.55 | Mar 21, 2019 | www/soap/application/MCSoap/Logs.php in MailCleaner Community Edition 2018.08 allows remote attackers to execute arbitrary OS commands. | ||
| CVE-2018-20221 | Hig | 0.61 | 8.8 | 0.10 | Mar 21, 2019 | Secure/SAService.rem in Deltek Ajera Timesheets 9.10.16 and prior are vulnerable to remote code execution via deserialization of untrusted user input from an authenticated user. The executed code will run as the IIS Application Pool that is running the application. | ||
| CVE-2018-20220 | Hig | 0.53 | 7.5 | 0.15 | Mar 21, 2019 | An issue was discovered on Teracue ENC-400 devices with firmware 2.56 and below. While the web interface requires authentication before it can be interacted with, a large portion of the HTTP endpoints are missing authentication. An attacker is able to view these pages before… | ||
| CVE-2018-20219 | Hig | 0.57 | 8.1 | 0.15 | Mar 21, 2019 | An issue was discovered on Teracue ENC-400 devices with firmware 2.56 and below. After successful authentication, the device sends an authentication cookie to the end user such that they can access the devices web administration panel. This token is hard-coded to a string in the… | ||
| CVE-2018-19513 | Hig | 0.49 | 7.5 | 0.02 | Mar 21, 2019 | In Webgalamb through 7.0, log files are exposed to the internet with predictable files/logs/sql_error_log/YYYY-MM-DD-sql_error_log.log filenames. The log file could contain sensitive client data (email addresses) and also facilitates exploitation of SQL injection errors. | ||
| CVE-2018-19512 | Hig | 0.47 | 7.2 | 0.07 | Mar 21, 2019 | In Webgalamb through 7.0, a system/ajax.php "wgmfile restore" directory traversal vulnerability could lead to arbitrary code execution by authenticated administrator users, because PHP files are restored under the document root directory. | ||
| CVE-2018-19487 | Hig | 0.49 | 7.5 | 0.05 | Mar 21, 2019 | The WP-jobhunt plugin before version 2.4 for WordPress does not control AJAX requests sent to the cs_employer_ajax_profile() function through the admin-ajax.php file, which allows remote unauthenticated attackers to enumerate information about users. | ||
| CVE-2018-19158 | Hig | 0.49 | 7.5 | 0.03 | Mar 21, 2019 | ColossusCoinXT through 1.0.5 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim's… | ||
| CVE-2018-18898 | Hig | 0.49 | 7.5 | 0.02 | Mar 21, 2019 | The email-ingestion feature in Best Practical Request Tracker 4.1.13 through 4.4 allows denial of service by remote attackers via an algorithmic complexity attack on email address parsing. | ||
| CVE-2018-18862 | Hig | 0.57 | 8.8 | 0.03 | Mar 21, 2019 | BMC Remedy Mid-Tier 7.1.00 and 9.1.02.003 for BMC Remedy AR System has Incorrect Access Control in ITAM forms, as demonstrated by TLS%3APLR-Configuration+Details/Default+Admin+View/, AST%3AARServerConnection/Default+Admin+View/, and AR+System+Administration%3A+Server+Information/… | ||
| CVE-2018-18466 | Hig | 0.46 | 7.0 | 0.00 | Mar 21, 2019 | An issue was discovered in SecurEnvoy SecurAccess 9.3.502. When put in Debug mode and used for RDP connections, the application stores the emergency credentials in cleartext in the logs (present in the DEBUG folder) that can be accessed by anyone. NOTE: The vendor disputes this… | ||
| CVE-2018-18435 | Hig | 0.54 | 7.8 | 0.01 | Mar 21, 2019 | KioWare Server version 4.9.6 and older installs by default to "C:\kioware_com" with weak folder permissions granting any user full permission "Everyone: (F)" to the contents of the directory and it's sub-folders. In addition, the program installs a service called "KWSService"… | ||
| CVE-2018-17497 | Hig | 0.55 | 8.4 | 0.00 | Mar 21, 2019 | eVisitorPass contains default administrative credentials. An attacker could exploit this vulnerability to gain full access to the application. | ||
| CVE-2018-17496 | Hig | 0.55 | 8.4 | 0.00 | Mar 21, 2019 | eVisitorPass could allow a local attacker to gain elevated privileges on the system, caused by an error while in kiosk mode. By visiting the kiosk and typing ctrl+shift+esc, an attacker could exploit this vulnerability to open the task manager to kill the process or launch new… | ||
| CVE-2018-17495 | Hig | 0.55 | 8.4 | 0.00 | Mar 21, 2019 | eVisitorPass could allow a local attacker to gain elevated privileges on the system, caused by an error with the Virtual Keyboard Help Dialog. By visiting the kiosk and removing the program from fullscreen, an attacker could exploit this vulnerability using the terminal to… | ||
| CVE-2018-17494 | Hig | 0.55 | 8.4 | 0.00 | Mar 21, 2019 | eVisitorPass could allow a local attacker to gain elevated privileges on the system, caused by an error with the Virtual Keyboard Start Menu. By visiting the kiosk and pressing windows key twice, an attacker could exploit this vulnerability to close the program and launch other… | ||
| CVE-2018-17493 | Hig | 0.55 | 8.4 | 0.00 | Mar 21, 2019 | eVisitorPass could allow a local attacker to gain elevated privileges on the system, caused by an error with the Fullscreen button. By visiting the kiosk and clicking the full screen button in the bottom right, an attacker could exploit this vulnerability to close the program… | ||
| CVE-2018-17492 | Hig | 0.55 | 8.4 | 0.00 | Mar 21, 2019 | EasyLobby Solo contains default administrative credentials. An attacker could exploit this vulnerability to gain full access to the application. | ||
| CVE-2018-17491 | Hig | 0.55 | 8.4 | 0.00 | Mar 21, 2019 | EasyLobby Solo could allow a local attacker to gain elevated privileges on the system. By visiting the kiosk and typing "esc" to exit the program, an attacker could exploit this vulnerability to perform unauthorized actions on the computer. | ||
| CVE-2018-17490 | Hig | 0.50 | 7.7 | 0.00 | Mar 21, 2019 | EasyLobby Solo is vulnerable to a denial of service. By visiting the kiosk and accessing the task manager, a local attacker could exploit this vulnerability to kill the process or launch new processes at will. | ||
| CVE-2018-17488 | Hig | 0.55 | 8.4 | 0.00 | Mar 21, 2019 | Lobby Track Desktop could allow a local attacker to gain elevated privileges on the system, caused by an error in the printer dialog. By visiting the kiosk and accessing the print badge screen, an attacker could exploit this vulnerability using the command line to break out of… | ||
| CVE-2018-17487 | Hig | 0.55 | 8.4 | 0.00 | Mar 21, 2019 | Lobby Track Desktop could allow a local attacker to gain elevated privileges on the system, caused by an error in the printer dialog. By visiting the kiosk and signing in as a visitor, an attacker could exploit this vulnerability using the command line to break out of kiosk mode. | ||
| CVE-2018-17485 | Hig | 0.55 | 8.4 | 0.00 | Mar 21, 2019 | Lobby Track Desktop contains default administrative credentials. An attacker could exploit this vulnerability to gain full access to the application. | ||
| CVE-2018-16789 | Hig | 0.00 | 7.5 | 0.06 | Mar 21, 2019 | libhttp/url.c in shellinabox through 2.20 has an implementation flaw in the HTTP request parsing logic. By sending a crafted multipart/form-data HTTP request, an attacker could exploit this to force shellinaboxd into an infinite loop, exhausting available CPU resources and… | ||
| CVE-2018-15906 | Hig | 0.47 | 7.2 | 0.08 | Mar 21, 2019 | SolarWinds Serv-U FTP Server 15.1.6 allows remote authenticated users to execute arbitrary code by leveraging the Import feature and modifying a CSV file. | ||
| CVE-2018-15818 | Hig | 0.49 | 7.5 | 0.02 | Mar 21, 2019 | An issue was discovered in Repute ARForms 3.5.1 and prior. An attacker is able to delete any file on the server with web server privileges by sending a malicious request to admin-ajax.php. | ||
| CVE-2018-15508 | Hig | 0.49 | 7.5 | 0.02 | Mar 21, 2019 | Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control allowing a remote attackers to cause a denial of service via opening a connection on port 8083 to a device running the Five9 SoftPhone(issue 1 of 2). | ||
| CVE-2018-15498 | Hig | 0.53 | 8.1 | 0.01 | Mar 21, 2019 | YSoft SafeQ Server 6 allows a replay attack. | ||
| CVE-2018-14745 | Hig | 0.57 | 8.8 | 0.02 | Mar 21, 2019 | Buffer overflow in prot_get_ring_space in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to overwrite kernel memory due to improper validation of the ring buffer read pointer. The… | ||
| CVE-2018-14575 | Hig | 0.60 | 8.8 | 0.02 | Mar 21, 2019 | Trash Bin plugin 1.1.3 for MyBB has cross-site scripting (XSS) via a thread subject and a cross-site request forgery (CSRF) via a post subject. | ||
| CVE-2018-12572 | Hig | 0.51 | 7.8 | 0.00 | Mar 21, 2019 | Avast Free Antivirus prior to 19.1.2360 stores user credentials in memory upon login, which allows local users to obtain sensitive information by dumping AvastUI.exe application memory and parsing the data. | ||
| CVE-2018-12023 | Hig | 0.42 | 7.5 | 0.09 | Mar 21, 2019 | An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Oracle JDBC jar in the classpath, and an attacker can provide an LDAP service to access,… | ||
| CVE-2018-12022 | Hig | 0.42 | 7.5 | 0.07 | Mar 21, 2019 | An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Jodd-db jar (for database access for the Jodd framework) in the classpath, and an… | ||
| CVE-2018-11789 | Hig | 0.49 | 7.5 | 0.07 | Mar 21, 2019 | When accessing the heron-ui webpage, people can modify the file paths outside of the current container to access any file on the host. Example woule be modifying the parameter path= to go to the directory you would like to view. i.e. ..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd. | ||
| CVE-2018-11767 | Hig | 0.48 | 7.4 | 0.04 | Mar 21, 2019 | In Apache Hadoop 2.9.0 to 2.9.1, 2.8.3 to 2.8.4, 2.7.5 to 2.7.6, KMS blocking users or granting access to users incorrectly, if the system uses non-default groups mapping mechanisms. | ||
| CVE-2018-10093 | Hig | 0.66 | 8.8 | 0.69 | Mar 21, 2019 | AudioCodes IP phone 420HD devices using firmware version 2.2.12.126 allow Remote Code Execution. | ||
| CVE-2017-16232 | Hig | 0.49 | 7.5 | 0.05 | Mar 21, 2019 | LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service (memory consumption), as demonstrated by tif_open.c, tif_lzw.c, and tif_aux.c. NOTE: Third parties were unable to reproduce the issue | ||
| CVE-2016-9166 | Hig | 0.49 | 7.5 | 0.01 | Mar 21, 2019 | NetIQ eDirectory versions prior to 9.0.2, under some circumstances, could be susceptible to downgrade of communication security. |
- risk 0.58cvss 8.8epss 0.10
An issue was discovered on Wifi-soft UniBox controller 3.x devices. The tools/controller/diagnostic_tools_controller Diagnostic Tools Controller is vulnerable to Remote Command Execution, allowing an attacker to execute arbitrary system commands on the server with root user…
- risk 0.58cvss 8.8epss 0.05
An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices. network/mesh/edit-nds.php is vulnerable to arbitrary file upload, allowing an attacker to upload .php files and execute code on the server with root user privileges. Authentication for accessing this…
- risk 0.49cvss 7.5epss 0.01
Prior to version 0.3.0, chloride's use of net-ssh resulted in host fingerprints for previously unknown hosts getting added to the user's known_hosts file without confirmation. In version 0.3.0 this is updated so that the user's known_hosts file is not updated by chloride.
- risk 0.50cvss 7.7epss 0.01
An exploitable unsafe default configuration vulnerability exists in the TURN server functionality of coTURN prior to 4.5.0.9. By default, the TURN server allows relaying external traffic to the loopback interface of its own host. This can provide access to other private services…
- risk 0.51cvss 7.8epss 0.01
An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function call to overwrite arbitrary…
- risk 0.57cvss 8.8epss 0.01
PHP Scripts Mall Car Rental Script 2.0.8 has Cross-Site Request Forgery (CSRF) via accountedit.php.
- risk 0.57cvss 8.8epss 0.01
PHP Scripts Mall Basic B2B Script 2.0.9 has Cross-Site Request Forgery (CSRF) via the Edit profile feature.
- risk 0.57cvss 8.8epss 0.01
PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has Cross-Site Request Forgery (CSRF) via the Edit Profile feature.
- risk 0.57cvss 8.8epss 0.01
PHP Scripts Mall Advance B2B Script 2.1.4 has Cross-Site Request Forgery (CSRF) via the Edit Profile feature.
- risk 0.49cvss 7.5epss 0.02
PHP Scripts Mall Charity Foundation Script 1 through 3 allows directory traversal via a direct request for a listing of an uploads directory such as the wp-content/uploads/2018/12 directory.
- risk 0.49cvss 7.5epss 0.04
An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash. The processing of the PRIORITY flag in a HEADERS frame requires 5 extra bytes, and while these bytes are skipped, the total frame…
- risk 0.62cvss 8.8epss 0.19
SQL injection vulnerability in Booking Calendar plugin 8.4.3 for WordPress allows remote attackers to execute arbitrary SQL commands via the booking_id parameter.
- risk 0.65cvss 8.8epss 0.55
www/soap/application/MCSoap/Logs.php in MailCleaner Community Edition 2018.08 allows remote attackers to execute arbitrary OS commands.
- risk 0.61cvss 8.8epss 0.10
Secure/SAService.rem in Deltek Ajera Timesheets 9.10.16 and prior are vulnerable to remote code execution via deserialization of untrusted user input from an authenticated user. The executed code will run as the IIS Application Pool that is running the application.
- risk 0.53cvss 7.5epss 0.15
An issue was discovered on Teracue ENC-400 devices with firmware 2.56 and below. While the web interface requires authentication before it can be interacted with, a large portion of the HTTP endpoints are missing authentication. An attacker is able to view these pages before…
- risk 0.57cvss 8.1epss 0.15
An issue was discovered on Teracue ENC-400 devices with firmware 2.56 and below. After successful authentication, the device sends an authentication cookie to the end user such that they can access the devices web administration panel. This token is hard-coded to a string in the…
- risk 0.49cvss 7.5epss 0.02
In Webgalamb through 7.0, log files are exposed to the internet with predictable files/logs/sql_error_log/YYYY-MM-DD-sql_error_log.log filenames. The log file could contain sensitive client data (email addresses) and also facilitates exploitation of SQL injection errors.
- risk 0.47cvss 7.2epss 0.07
In Webgalamb through 7.0, a system/ajax.php "wgmfile restore" directory traversal vulnerability could lead to arbitrary code execution by authenticated administrator users, because PHP files are restored under the document root directory.
- risk 0.49cvss 7.5epss 0.05
The WP-jobhunt plugin before version 2.4 for WordPress does not control AJAX requests sent to the cs_employer_ajax_profile() function through the admin-ajax.php file, which allows remote unauthenticated attackers to enumerate information about users.
- risk 0.49cvss 7.5epss 0.03
ColossusCoinXT through 1.0.5 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system. The attacker sends invalid headers/blocks, which are stored on the victim's…
- risk 0.49cvss 7.5epss 0.02
The email-ingestion feature in Best Practical Request Tracker 4.1.13 through 4.4 allows denial of service by remote attackers via an algorithmic complexity attack on email address parsing.
- risk 0.57cvss 8.8epss 0.03
BMC Remedy Mid-Tier 7.1.00 and 9.1.02.003 for BMC Remedy AR System has Incorrect Access Control in ITAM forms, as demonstrated by TLS%3APLR-Configuration+Details/Default+Admin+View/, AST%3AARServerConnection/Default+Admin+View/, and AR+System+Administration%3A+Server+Information/…
- risk 0.46cvss 7.0epss 0.00
An issue was discovered in SecurEnvoy SecurAccess 9.3.502. When put in Debug mode and used for RDP connections, the application stores the emergency credentials in cleartext in the logs (present in the DEBUG folder) that can be accessed by anyone. NOTE: The vendor disputes this…
- risk 0.54cvss 7.8epss 0.01
KioWare Server version 4.9.6 and older installs by default to "C:\kioware_com" with weak folder permissions granting any user full permission "Everyone: (F)" to the contents of the directory and it's sub-folders. In addition, the program installs a service called "KWSService"…
- risk 0.55cvss 8.4epss 0.00
eVisitorPass contains default administrative credentials. An attacker could exploit this vulnerability to gain full access to the application.
- risk 0.55cvss 8.4epss 0.00
eVisitorPass could allow a local attacker to gain elevated privileges on the system, caused by an error while in kiosk mode. By visiting the kiosk and typing ctrl+shift+esc, an attacker could exploit this vulnerability to open the task manager to kill the process or launch new…
- risk 0.55cvss 8.4epss 0.00
eVisitorPass could allow a local attacker to gain elevated privileges on the system, caused by an error with the Virtual Keyboard Help Dialog. By visiting the kiosk and removing the program from fullscreen, an attacker could exploit this vulnerability using the terminal to…
- risk 0.55cvss 8.4epss 0.00
eVisitorPass could allow a local attacker to gain elevated privileges on the system, caused by an error with the Virtual Keyboard Start Menu. By visiting the kiosk and pressing windows key twice, an attacker could exploit this vulnerability to close the program and launch other…
- risk 0.55cvss 8.4epss 0.00
eVisitorPass could allow a local attacker to gain elevated privileges on the system, caused by an error with the Fullscreen button. By visiting the kiosk and clicking the full screen button in the bottom right, an attacker could exploit this vulnerability to close the program…
- risk 0.55cvss 8.4epss 0.00
EasyLobby Solo contains default administrative credentials. An attacker could exploit this vulnerability to gain full access to the application.
- risk 0.55cvss 8.4epss 0.00
EasyLobby Solo could allow a local attacker to gain elevated privileges on the system. By visiting the kiosk and typing "esc" to exit the program, an attacker could exploit this vulnerability to perform unauthorized actions on the computer.
- risk 0.50cvss 7.7epss 0.00
EasyLobby Solo is vulnerable to a denial of service. By visiting the kiosk and accessing the task manager, a local attacker could exploit this vulnerability to kill the process or launch new processes at will.
- risk 0.55cvss 8.4epss 0.00
Lobby Track Desktop could allow a local attacker to gain elevated privileges on the system, caused by an error in the printer dialog. By visiting the kiosk and accessing the print badge screen, an attacker could exploit this vulnerability using the command line to break out of…
- risk 0.55cvss 8.4epss 0.00
Lobby Track Desktop could allow a local attacker to gain elevated privileges on the system, caused by an error in the printer dialog. By visiting the kiosk and signing in as a visitor, an attacker could exploit this vulnerability using the command line to break out of kiosk mode.
- risk 0.55cvss 8.4epss 0.00
Lobby Track Desktop contains default administrative credentials. An attacker could exploit this vulnerability to gain full access to the application.
- risk 0.00cvss 7.5epss 0.06
libhttp/url.c in shellinabox through 2.20 has an implementation flaw in the HTTP request parsing logic. By sending a crafted multipart/form-data HTTP request, an attacker could exploit this to force shellinaboxd into an infinite loop, exhausting available CPU resources and…
- risk 0.47cvss 7.2epss 0.08
SolarWinds Serv-U FTP Server 15.1.6 allows remote authenticated users to execute arbitrary code by leveraging the Import feature and modifying a CSV file.
- risk 0.49cvss 7.5epss 0.02
An issue was discovered in Repute ARForms 3.5.1 and prior. An attacker is able to delete any file on the server with web server privileges by sending a malicious request to admin-ajax.php.
- risk 0.49cvss 7.5epss 0.02
Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control allowing a remote attackers to cause a denial of service via opening a connection on port 8083 to a device running the Five9 SoftPhone(issue 1 of 2).
- risk 0.53cvss 8.1epss 0.01
YSoft SafeQ Server 6 allows a replay attack.
- risk 0.57cvss 8.8epss 0.02
Buffer overflow in prot_get_ring_space in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to overwrite kernel memory due to improper validation of the ring buffer read pointer. The…
- risk 0.60cvss 8.8epss 0.02
Trash Bin plugin 1.1.3 for MyBB has cross-site scripting (XSS) via a thread subject and a cross-site request forgery (CSRF) via a post subject.
- risk 0.51cvss 7.8epss 0.00
Avast Free Antivirus prior to 19.1.2360 stores user credentials in memory upon login, which allows local users to obtain sensitive information by dumping AvastUI.exe application memory and parsing the data.
- risk 0.42cvss 7.5epss 0.09
An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Oracle JDBC jar in the classpath, and an attacker can provide an LDAP service to access,…
- risk 0.42cvss 7.5epss 0.07
An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Jodd-db jar (for database access for the Jodd framework) in the classpath, and an…
- risk 0.49cvss 7.5epss 0.07
When accessing the heron-ui webpage, people can modify the file paths outside of the current container to access any file on the host. Example woule be modifying the parameter path= to go to the directory you would like to view. i.e. ..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd.
- risk 0.48cvss 7.4epss 0.04
In Apache Hadoop 2.9.0 to 2.9.1, 2.8.3 to 2.8.4, 2.7.5 to 2.7.6, KMS blocking users or granting access to users incorrectly, if the system uses non-default groups mapping mechanisms.
- risk 0.66cvss 8.8epss 0.69
AudioCodes IP phone 420HD devices using firmware version 2.2.12.126 allow Remote Code Execution.
- risk 0.49cvss 7.5epss 0.05
LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service (memory consumption), as demonstrated by tif_open.c, tif_lzw.c, and tif_aux.c. NOTE: Third parties were unable to reproduce the issue
- risk 0.49cvss 7.5epss 0.01
NetIQ eDirectory versions prior to 9.0.2, under some circumstances, could be susceptible to downgrade of communication security.