| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-21903 | Cri | 0.64 | 9.8 | 0.02 | Dec 22, 2021 | A stack-based buffer overflow vulnerability exists in the CMA check_udp_crc function of Garrett Metal Detectors’ iC Module CMA Version 5.0. A specially-crafted packet can lead to a stack-based buffer overflow during a call to strcpy. An attacker can send a malicious packet to… | ||
| CVE-2021-21894 | Cri | 0.59 | 9.1 | 0.02 | Dec 22, 2021 | A directory traversal vulnerability exists in the Web Manager FsTFtp functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to arbitrary file overwrite FsTFtp file disclosure. An attacker can make an authenticated HTTP request… | ||
| CVE-2021-21892 | Cri | 0.67 | 9.9 | 0.30 | Dec 22, 2021 | A stack-based buffer overflow vulnerability exists in the Web Manager FsUnmount functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this… | ||
| CVE-2021-21891 | Cri | 0.59 | 9.1 | 0.03 | Dec 22, 2021 | A stack-based buffer overflow vulnerability exists in the Web Manager FsBrowseClean functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to remote code execution in the vulnerable portion of the branch (deletefile). An… | ||
| CVE-2021-21890 | Cri | 0.59 | 9.1 | 0.03 | Dec 22, 2021 | A stack-based buffer overflow vulnerability exists in the Web Manager FsBrowseClean functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to remote code execution in the vulnerable portion of the branch (deletedir). An… | ||
| CVE-2021-21889 | Cri | 0.65 | 9.9 | 0.03 | Dec 22, 2021 | A stack-based buffer overflow vulnerability exists in the Web Manager Ping functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this… | ||
| CVE-2021-21888 | Cri | 0.59 | 9.1 | 0.04 | Dec 22, 2021 | An OS command injection vulnerability exists in the Web Manager SslGenerateCertificate functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to… | ||
| CVE-2021-21887 | Cri | 0.59 | 9.1 | 0.03 | Dec 22, 2021 | A stack-based buffer overflow vulnerability exists in the Web Manager SslGenerateCSR functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger… | ||
| CVE-2021-21884 | Cri | 0.60 | 9.1 | 0.05 | Dec 22, 2021 | An OS command injection vulnerability exists in the Web Manager SslGenerateCSR functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this… | ||
| CVE-2021-21883 | Cri | 0.65 | 9.9 | 0.06 | Dec 22, 2021 | An OS command injection vulnerability exists in the Web Manager Diagnostics: Ping functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this… | ||
| CVE-2021-21881 | Cri | 0.67 | 9.9 | 0.37 | Dec 22, 2021 | An OS command injection vulnerability exists in the Web Manager Wireless Network Scanner functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this… | ||
| CVE-2021-21877 | — | Cri | 0.59 | 9.1 | 0.03 | Dec 22, 2021 | Specially-crafted HTTP requests can lead to arbitrary command execution in “GET” requests. An attacker can make authenticated HTTP requests to trigger this vulnerability. | |
| CVE-2021-21876 | — | Cri | 0.59 | 9.1 | 0.03 | Dec 22, 2021 | Specially-crafted HTTP requests can lead to arbitrary command execution in PUT requests. An attacker can make authenticated HTTP requests to trigger this vulnerability. | |
| CVE-2021-21875 | — | Cri | 0.59 | 9.1 | 0.03 | Dec 22, 2021 | A specially-crafted HTTP request can lead to arbitrary command execution in EC keypasswd parameter. An attacker can make an authenticated HTTP request to trigger this vulnerability. | |
| CVE-2021-21874 | Cri | 0.59 | 9.1 | 0.03 | Dec 22, 2021 | A specially-crafted HTTP request can lead to arbitrary command execution in DSA keypasswd parameter. An attacker can make an authenticated HTTP request to trigger this vulnerability. | ||
| CVE-2021-21873 | Cri | 0.59 | 9.1 | 0.03 | Dec 22, 2021 | A specially-crafted HTTP request can lead to arbitrary command execution in RSA keypasswd parameter. An attacker can make an authenticated HTTP request to trigger this vulnerability. | ||
| CVE-2021-21872 | Cri | 0.65 | 9.9 | 0.06 | Dec 22, 2021 | An OS command injection vulnerability exists in the Web Manager Diagnostics: Traceroute functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger… | ||
| CVE-2021-44659 | Cri | 0.64 | 9.8 | 0.03 | Dec 22, 2021 | Adding a new pipeline in GoCD server version 21.3.0 has a functionality that could be abused to do an un-intended action in order to achieve a Server Side Request Forgery (SSRF). NOTE: the vendor's position is that the observed behavior is not a vulnerability, because the… | ||
| CVE-2021-43631 | Cri | 0.64 | 9.8 | 0.01 | Dec 22, 2021 | Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the appointment_no parameter in payment.php. | ||
| CVE-2021-43629 | Cri | 0.64 | 9.8 | 0.01 | Dec 22, 2021 | Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via multiple parameters in admin_home.php. | ||
| CVE-2021-43628 | Cri | 0.64 | 9.8 | 0.01 | Dec 22, 2021 | Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the email parameter in hms-staff.php. | ||
| CVE-2021-43157 | Cri | 0.64 | 9.8 | 0.01 | Dec 22, 2021 | Projectsworlds Online Shopping System PHP 1.0 is vulnerable to SQL injection via the id parameter in cart_remove.php. | ||
| CVE-2021-43155 | Cri | 0.64 | 9.8 | 0.01 | Dec 22, 2021 | Projectsworlds Online Book Store PHP v1.0 is vulnerable to SQL injection via the "bookisbn" parameter in cart.php. | ||
| CVE-2021-40612 | Cri | 0.00 | 9.8 | 0.02 | Dec 22, 2021 | An issue was discovered in Opmantek Open-AudIT after 3.5.0. Without authentication, a vulnerability in code_igniter/application/controllers/util.php allows an attacker perform command execution without echoes. | ||
| CVE-2021-45459 | — | Cri | 0.57 | 9.8 | 0.04 | Dec 22, 2021 | lib/cmd.js in the node-windows package before 1.0.0-beta.6 for Node.js allows command injection via the PID parameter. | |
| CVE-2021-44031 | Cri | 0.64 | 9.8 | 0.02 | Dec 22, 2021 | An issue was discovered in Quest KACE Desktop Authority before 11.2. /dacomponentui/profiles/profileitems/outlooksettings/Insertimage.aspx contains a vulnerability that could allow pre-authentication remote code execution. An attacker could upload a .ASP file to reside at… | ||
| CVE-2021-44029 | Cri | 0.64 | 9.8 | 0.01 | Dec 22, 2021 | An issue was discovered in Quest KACE Desktop Authority before 11.2. This vulnerability allows attackers to execute remote code through a deserialization exploitation in the RadAsyncUpload function of ASP.NET AJAX. An attacker can leverage this vulnerability when the encryption… | ||
| CVE-2021-27449 | Cri | 0.65 | 9.9 | 0.03 | Dec 21, 2021 | Mesa Labs AmegaView Versions 3.0 and prior has a command injection vulnerability that can be exploited to execute commands in the web server. | ||
| CVE-2021-27447 | Cri | 0.65 | 10.0 | 0.02 | Dec 21, 2021 | Mesa Labs AmegaView version 3.0 is vulnerable to a command injection, which may allow an attacker to remotely execute arbitrary code. | ||
| CVE-2021-36336 | Cri | 0.64 | 9.8 | 0.02 | Dec 21, 2021 | Wyse Management Suite 3.3.1 and below versions contain a deserialization vulnerability that could allow an unauthenticated attacker to execute code on the affected system. | ||
| CVE-2021-45090 | Cri | 0.64 | 9.8 | 0.03 | Dec 21, 2021 | Stormshield Endpoint Security before 2.1.2 allows remote code execution. | ||
| CVE-2021-4139 | Cri | 0.52 | 9.0 | 0.01 | Dec 21, 2021 | pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') | ||
| CVE-2021-45255 | Cri | 0.64 | 9.8 | 0.02 | Dec 21, 2021 | The email parameter from ajax.php of Video Sharing Website 1.0 appears to be vulnerable to SQL injection attacks. A payload injects a SQL sub-query that calls MySQL's load_file function with a UNC file path that references a URL on an external domain. The application interacted… | ||
| CVE-2021-45253 | Cri | 0.64 | 9.8 | 0.01 | Dec 21, 2021 | The id parameter in view_storage.php from Simple Cold Storage Management System 1.0 appears to be vulnerable to SQL injection attacks. A payload injects a SQL sub-query that calls MySQL's load_file function with a UNC file path that references a URL on an external domain. The… | ||
| CVE-2021-45252 | Cri | 0.64 | 9.8 | 0.01 | Dec 21, 2021 | Multiple SQL injection vulnerabilities are found on Simple Forum-Discussion System 1.0 For example on three applications which are manage_topic.php, manage_user.php, and ajax.php. The attacker can be retrieving all information from the database of this system by using this… | ||
| CVE-2021-24849 | Cri | 0.64 | 9.8 | 0.08 | Dec 21, 2021 | The wcfm_ajax_controller AJAX action of the WCFM Marketplace WordPress plugin before 3.4.12, available to unauthenticated and authenticated user, does not properly sanitise multiple parameters before using them in SQL statements, leading to SQL injections | ||
| CVE-2021-43439 | Cri | 0.64 | 9.8 | 0.03 | Dec 20, 2021 | RCE in Add Review Function in iResturant 1.0 Allows remote attacker to execute commands remotely | ||
| CVE-2021-44525 | Cri | 0.64 | 9.8 | 0.03 | Dec 20, 2021 | Zoho ManageEngine PAM360 before build 5303 allows attackers to modify a few aspects of application state because of a filter bypass in which authentication is not required. | ||
| CVE-2021-44676 | Cri | 0.64 | 9.8 | 0.04 | Dec 20, 2021 | Zoho ManageEngine Access Manager Plus before 4203 allows anyone to view a few data elements (e.g., access control details) and modify a few aspects of the application state. | ||
| CVE-2021-44675 | Cri | 0.64 | 9.8 | 0.06 | Dec 20, 2021 | Zoho ManageEngine ServiceDesk Plus MSP before 10.5 Build 10534 is vulnerable to unauthenticated remote code execution due to a filter bypass in which authentication is not required. | ||
| CVE-2020-8105 | Cri | 0.62 | 9.6 | 0.01 | Dec 20, 2021 | OS Command Injection vulnerability in the wirelessConnect handler of Abode iota All-In-One Security Kit allows an attacker to inject commands and gain root access. This issue affects: Abode iota All-In-One Security Kit versions prior to 1.0.2.23_6.9V_dev_t2_homekit_RF_2.0.19_s2_k… | ||
| CVE-2021-44790 | Cri | 0.74 | 9.8 | 0.97 | Dec 20, 2021 | A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP… | ||
| CVE-2021-44732 | Cri | 0.64 | 9.8 | 0.03 | Dec 20, 2021 | Mbed TLS before 3.0.1 has a double free in certain out-of-memory conditions, as demonstrated by an mbedtls_ssl_set_session() failure. | ||
| CVE-2021-44164 | Cri | 0.64 | 9.8 | 0.02 | Dec 20, 2021 | Chain Sea ai chatbot system’s file upload function has insufficient filtering for special characters in URLs, which allows a remote attacker to by-pass file type validation, upload malicious script and execute arbitrary code without authentication, in order to take control of… | ||
| CVE-2021-44159 | Cri | 0.64 | 9.8 | 0.03 | Dec 20, 2021 | 4MOSAn GCB Doctor’s file upload function has improper user privilege control. A remote attacker can upload arbitrary files including webshell files without authentication and execute arbitrary code in order to perform arbitrary system operations or deny of service attack. | ||
| CVE-2021-23803 | — | Cri | 0.57 | 9.8 | 0.02 | Dec 17, 2021 | This affects the package latte/latte before 2.10.6. There is a way to bypass allowFunctions that will affect the security of the application. When the template is set to allow/disallow the use of certain functions, adding control characters (x00-x08) after the function will… | |
| CVE-2021-40850 | Cri | 0.65 | 10.0 | 0.01 | Dec 17, 2021 | TCMAN GIM is vulnerable to a SQL injection vulnerability inside several available webservice methods in /PC/WebService.asmx. | ||
| CVE-2020-18078 | Cri | 0.64 | 9.8 | 0.01 | Dec 17, 2021 | A vulnerability in /include/web_check.php of SEMCMS v3.8 allows attackers to reset the Administrator account's password. | ||
| CVE-2021-36779 | Cri | 0.62 | 9.6 | 0.01 | Dec 17, 2021 | A Missing Authentication for Critical Function vulnerability in SUSE Longhorn allows any workload in the cluster to execute any binary present in the image on the host without authentication. This issue affects: SUSE Longhorn longhorn versions prior to 1.1.3; longhorn versions… | ||
| CVE-2021-45092 | Cri | 0.70 | 9.8 | 0.40 | Dec 16, 2021 | Thinfinity VirtualUI before 3.0 has functionality in /lab.html reachable by default that could allow IFRAME injection via the vpath parameter. |
- risk 0.64cvss 9.8epss 0.02
A stack-based buffer overflow vulnerability exists in the CMA check_udp_crc function of Garrett Metal Detectors’ iC Module CMA Version 5.0. A specially-crafted packet can lead to a stack-based buffer overflow during a call to strcpy. An attacker can send a malicious packet to…
- risk 0.59cvss 9.1epss 0.02
A directory traversal vulnerability exists in the Web Manager FsTFtp functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to arbitrary file overwrite FsTFtp file disclosure. An attacker can make an authenticated HTTP request…
- risk 0.67cvss 9.9epss 0.30
A stack-based buffer overflow vulnerability exists in the Web Manager FsUnmount functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this…
- risk 0.59cvss 9.1epss 0.03
A stack-based buffer overflow vulnerability exists in the Web Manager FsBrowseClean functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to remote code execution in the vulnerable portion of the branch (deletefile). An…
- risk 0.59cvss 9.1epss 0.03
A stack-based buffer overflow vulnerability exists in the Web Manager FsBrowseClean functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to remote code execution in the vulnerable portion of the branch (deletedir). An…
- risk 0.65cvss 9.9epss 0.03
A stack-based buffer overflow vulnerability exists in the Web Manager Ping functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger this…
- risk 0.59cvss 9.1epss 0.04
An OS command injection vulnerability exists in the Web Manager SslGenerateCertificate functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to…
- risk 0.59cvss 9.1epss 0.03
A stack-based buffer overflow vulnerability exists in the Web Manager SslGenerateCSR functionality of Lantronix PremierWave 2050 8.9.0.0R4 (in QEMU). A specially crafted HTTP request can lead to remote code execution. An attacker can make an authenticated HTTP request to trigger…
- risk 0.60cvss 9.1epss 0.05
An OS command injection vulnerability exists in the Web Manager SslGenerateCSR functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this…
- risk 0.65cvss 9.9epss 0.06
An OS command injection vulnerability exists in the Web Manager Diagnostics: Ping functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this…
- risk 0.67cvss 9.9epss 0.37
An OS command injection vulnerability exists in the Web Manager Wireless Network Scanner functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to command execution. An attacker can make an authenticated HTTP request to trigger this…
- risk 0.59cvss 9.1epss 0.03
Specially-crafted HTTP requests can lead to arbitrary command execution in “GET” requests. An attacker can make authenticated HTTP requests to trigger this vulnerability.
- risk 0.59cvss 9.1epss 0.03
Specially-crafted HTTP requests can lead to arbitrary command execution in PUT requests. An attacker can make authenticated HTTP requests to trigger this vulnerability.
- risk 0.59cvss 9.1epss 0.03
A specially-crafted HTTP request can lead to arbitrary command execution in EC keypasswd parameter. An attacker can make an authenticated HTTP request to trigger this vulnerability.
- risk 0.59cvss 9.1epss 0.03
A specially-crafted HTTP request can lead to arbitrary command execution in DSA keypasswd parameter. An attacker can make an authenticated HTTP request to trigger this vulnerability.
- risk 0.59cvss 9.1epss 0.03
A specially-crafted HTTP request can lead to arbitrary command execution in RSA keypasswd parameter. An attacker can make an authenticated HTTP request to trigger this vulnerability.
- risk 0.65cvss 9.9epss 0.06
An OS command injection vulnerability exists in the Web Manager Diagnostics: Traceroute functionality of Lantronix PremierWave 2050 8.9.0.0R4. A specially-crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger…
- risk 0.64cvss 9.8epss 0.03
Adding a new pipeline in GoCD server version 21.3.0 has a functionality that could be abused to do an un-intended action in order to achieve a Server Side Request Forgery (SSRF). NOTE: the vendor's position is that the observed behavior is not a vulnerability, because the…
- risk 0.64cvss 9.8epss 0.01
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the appointment_no parameter in payment.php.
- risk 0.64cvss 9.8epss 0.01
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via multiple parameters in admin_home.php.
- risk 0.64cvss 9.8epss 0.01
Projectworlds Hospital Management System v1.0 is vulnerable to SQL injection via the email parameter in hms-staff.php.
- risk 0.64cvss 9.8epss 0.01
Projectsworlds Online Shopping System PHP 1.0 is vulnerable to SQL injection via the id parameter in cart_remove.php.
- risk 0.64cvss 9.8epss 0.01
Projectsworlds Online Book Store PHP v1.0 is vulnerable to SQL injection via the "bookisbn" parameter in cart.php.
- risk 0.00cvss 9.8epss 0.02
An issue was discovered in Opmantek Open-AudIT after 3.5.0. Without authentication, a vulnerability in code_igniter/application/controllers/util.php allows an attacker perform command execution without echoes.
- risk 0.57cvss 9.8epss 0.04
lib/cmd.js in the node-windows package before 1.0.0-beta.6 for Node.js allows command injection via the PID parameter.
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in Quest KACE Desktop Authority before 11.2. /dacomponentui/profiles/profileitems/outlooksettings/Insertimage.aspx contains a vulnerability that could allow pre-authentication remote code execution. An attacker could upload a .ASP file to reside at…
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in Quest KACE Desktop Authority before 11.2. This vulnerability allows attackers to execute remote code through a deserialization exploitation in the RadAsyncUpload function of ASP.NET AJAX. An attacker can leverage this vulnerability when the encryption…
- risk 0.65cvss 9.9epss 0.03
Mesa Labs AmegaView Versions 3.0 and prior has a command injection vulnerability that can be exploited to execute commands in the web server.
- risk 0.65cvss 10.0epss 0.02
Mesa Labs AmegaView version 3.0 is vulnerable to a command injection, which may allow an attacker to remotely execute arbitrary code.
- risk 0.64cvss 9.8epss 0.02
Wyse Management Suite 3.3.1 and below versions contain a deserialization vulnerability that could allow an unauthenticated attacker to execute code on the affected system.
- risk 0.64cvss 9.8epss 0.03
Stormshield Endpoint Security before 2.1.2 allows remote code execution.
- risk 0.52cvss 9.0epss 0.01
pimcore is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
- risk 0.64cvss 9.8epss 0.02
The email parameter from ajax.php of Video Sharing Website 1.0 appears to be vulnerable to SQL injection attacks. A payload injects a SQL sub-query that calls MySQL's load_file function with a UNC file path that references a URL on an external domain. The application interacted…
- risk 0.64cvss 9.8epss 0.01
The id parameter in view_storage.php from Simple Cold Storage Management System 1.0 appears to be vulnerable to SQL injection attacks. A payload injects a SQL sub-query that calls MySQL's load_file function with a UNC file path that references a URL on an external domain. The…
- risk 0.64cvss 9.8epss 0.01
Multiple SQL injection vulnerabilities are found on Simple Forum-Discussion System 1.0 For example on three applications which are manage_topic.php, manage_user.php, and ajax.php. The attacker can be retrieving all information from the database of this system by using this…
- risk 0.64cvss 9.8epss 0.08
The wcfm_ajax_controller AJAX action of the WCFM Marketplace WordPress plugin before 3.4.12, available to unauthenticated and authenticated user, does not properly sanitise multiple parameters before using them in SQL statements, leading to SQL injections
- risk 0.64cvss 9.8epss 0.03
RCE in Add Review Function in iResturant 1.0 Allows remote attacker to execute commands remotely
- risk 0.64cvss 9.8epss 0.03
Zoho ManageEngine PAM360 before build 5303 allows attackers to modify a few aspects of application state because of a filter bypass in which authentication is not required.
- risk 0.64cvss 9.8epss 0.04
Zoho ManageEngine Access Manager Plus before 4203 allows anyone to view a few data elements (e.g., access control details) and modify a few aspects of the application state.
- risk 0.64cvss 9.8epss 0.06
Zoho ManageEngine ServiceDesk Plus MSP before 10.5 Build 10534 is vulnerable to unauthenticated remote code execution due to a filter bypass in which authentication is not required.
- risk 0.62cvss 9.6epss 0.01
OS Command Injection vulnerability in the wirelessConnect handler of Abode iota All-In-One Security Kit allows an attacker to inject commands and gain root access. This issue affects: Abode iota All-In-One Security Kit versions prior to 1.0.2.23_6.9V_dev_t2_homekit_RF_2.0.19_s2_k…
- risk 0.74cvss 9.8epss 0.97
A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP…
- risk 0.64cvss 9.8epss 0.03
Mbed TLS before 3.0.1 has a double free in certain out-of-memory conditions, as demonstrated by an mbedtls_ssl_set_session() failure.
- risk 0.64cvss 9.8epss 0.02
Chain Sea ai chatbot system’s file upload function has insufficient filtering for special characters in URLs, which allows a remote attacker to by-pass file type validation, upload malicious script and execute arbitrary code without authentication, in order to take control of…
- risk 0.64cvss 9.8epss 0.03
4MOSAn GCB Doctor’s file upload function has improper user privilege control. A remote attacker can upload arbitrary files including webshell files without authentication and execute arbitrary code in order to perform arbitrary system operations or deny of service attack.
- risk 0.57cvss 9.8epss 0.02
This affects the package latte/latte before 2.10.6. There is a way to bypass allowFunctions that will affect the security of the application. When the template is set to allow/disallow the use of certain functions, adding control characters (x00-x08) after the function will…
- risk 0.65cvss 10.0epss 0.01
TCMAN GIM is vulnerable to a SQL injection vulnerability inside several available webservice methods in /PC/WebService.asmx.
- risk 0.64cvss 9.8epss 0.01
A vulnerability in /include/web_check.php of SEMCMS v3.8 allows attackers to reset the Administrator account's password.
- risk 0.62cvss 9.6epss 0.01
A Missing Authentication for Critical Function vulnerability in SUSE Longhorn allows any workload in the cluster to execute any binary present in the image on the host without authentication. This issue affects: SUSE Longhorn longhorn versions prior to 1.1.3; longhorn versions…
- risk 0.70cvss 9.8epss 0.40
Thinfinity VirtualUI before 3.0 has functionality in /lab.html reachable by default that could allow IFRAME injection via the vpath parameter.