| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2010-1435 | Cri | 0.64 | 9.8 | 0.01 | Jun 21, 2021 | Joomla! Core is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently retrieve password reset tokens from the database through an already existing SQL injection vector. Joomla! Core versions… | ||
| CVE-2010-1433 | Cri | 0.64 | 9.8 | 0.01 | Jun 21, 2021 | Joomla! Core is prone to a vulnerability that lets attackers upload arbitrary files because the application fails to properly verify user-supplied input. An attacker can exploit this vulnerability to upload arbitrary code and run it in the context of the webserver process. This… | ||
| CVE-2021-35066 | Cri | 0.64 | 9.8 | 0.01 | Jun 21, 2021 | An XXE vulnerability exists in ConnectWise Automate before 2021.0.6.132. | ||
| CVE-2021-24376 | Cri | 0.64 | 9.8 | 0.04 | Jun 21, 2021 | The Autoptimize WordPress plugin before 2.7.8 attempts to delete malicious files (such as .php) form the uploaded archive via the "Import Settings" feature, after its extraction. However, the extracted folders are not checked and it is possible to upload a zip which contained a… | ||
| CVE-2021-24370 | Cri | 0.67 | 9.8 | 0.47 | Jun 21, 2021 | The Fancy Product Designer WordPress plugin before 4.6.9 allows unauthenticated attackers to upload arbitrary files, resulting in remote code execution. | ||
| CVE-2021-24361 | Cri | 0.64 | 9.8 | 0.02 | Jun 21, 2021 | In the Location Manager WordPress plugin before 2.1.0.10, the AJAX action gd_popular_location_list did not properly sanitise or validate some of its POST parameters, which are then used in a SQL statement, leading to unauthenticated SQL Injection issues. | ||
| CVE-2020-19510 | Cri | 0.64 | 9.8 | 0.01 | Jun 21, 2021 | Textpattern 4.7.3 contains an aribtrary file load via the file_insert function in include/txp_file.php. | ||
| CVE-2021-26461 | Cri | 0.64 | 9.8 | 0.05 | Jun 21, 2021 | Apache Nuttx Versions prior to 10.1.0 are vulnerable to integer wrap-around in functions malloc, realloc and memalign. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution. | ||
| CVE-2021-0516 | Cri | 0.64 | 9.8 | 0.02 | Jun 21, 2021 | In p2p_process_prov_disc_req of p2p_pd.c, there is a possible out of bounds read and write due to a use after free. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:… | ||
| CVE-2018-25016 | Cri | 0.00 | 9.8 | 0.01 | Jun 21, 2021 | Greenbone Security Assistant (GSA) before 7.0.3 and Greenbone OS (GOS) before 5.0.0 allow Host Header Injection. | ||
| CVE-2020-20466 | Cri | 0.64 | 9.8 | 0.02 | Jun 21, 2021 | White Shark System (WSS) 1.3.2 is vulnerable to unauthorized access via user_edit_password.php, remote attackers can modify the password of any user. | ||
| CVE-2021-31272 | Cri | 0.00 | 9.8 | 0.03 | Jun 18, 2021 | SerenityOS before commit 3844e8569689dd476064a0759d704bc64fb3ca2c contains a directory traversal vulnerability in tar/unzip that may lead to command execution or privilege escalation. | ||
| CVE-2021-3604 | Cri | 0.64 | 9.8 | 0.02 | Jun 18, 2021 | Secure 8 (Evalos) does not validate user input data correctly, allowing a remote attacker to perform a Blind SQL Injection. An attacker could exploit this vulnerability in order to extract information of users and administrator accounts stored in the database. | ||
| CVE-2021-33576 | Cri | 0.64 | 9.8 | 0.02 | Jun 18, 2021 | An issue was discovered in Cleo LexiCom 5.5.0.0. Within the AS2 message, the sender can specify a filename. This filename can include path-traversal characters, allowing the file to be written to an arbitrary location on disk. | ||
| CVE-2021-21669 | Cri | 0.59 | 9.8 | 0.26 | Jun 18, 2021 | Jenkins Generic Webhook Trigger Plugin 1.72 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks. | ||
| CVE-2021-34810 | Cri | 0.64 | 9.9 | 0.01 | Jun 18, 2021 | Improper privilege management vulnerability in cgi component in Synology Download Station before 3.8.16-3566 allows remote authenticated users to execute arbitrary code via unspecified vectors. | ||
| CVE-2021-34809 | Cri | 0.65 | 9.9 | 0.02 | Jun 18, 2021 | Improper neutralization of special elements used in a command ('Command Injection') vulnerability in task management component in Synology Download Station before 3.8.16-3566 allows remote authenticated users to execute arbitrary code via unspecified vectors. | ||
| CVE-2013-20002 | Cri | 0.64 | 9.8 | 0.04 | Jun 17, 2021 | Elemin allows remote attackers to upload and execute arbitrary PHP code via the Themify framework (before 1.2.2) wp-content/themes/elemin/themify/themify-ajax.php file. | ||
| CVE-2020-25414 | Cri | 0.64 | 9.8 | 0.02 | Jun 17, 2021 | A local file inclusion vulnerability was discovered in the captcha function in Monstra 3.0.4 which allows remote attackers to execute arbitrary PHP code. | ||
| CVE-2021-21777 | Cri | 0.65 | 10.0 | 0.02 | Jun 17, 2021 | An information disclosure vulnerability exists in the Ethernet/IP UDP handler functionality of EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A specially crafted network request can lead to an out-of-bounds read. | ||
| CVE-2020-25753 | Cri | 0.64 | 9.8 | 0.02 | Jun 16, 2021 | An issue was discovered on Enphase Envoy R3.x and D4.x devices with v3 software. The default admin password is set to the last 6 digits of the serial number. The serial number can be retrieved by an unauthenticated user at /info.xml. | ||
| CVE-2021-34813 | Cri | 0.00 | 9.8 | 0.04 | Jun 16, 2021 | Matrix libolm before 3.2.3 allows a malicious Matrix homeserver to crash a client (while it is attempting to retrieve an Olm encrypted room key backup from the homeserver) because olm_pk_decrypt has a stack-based buffer overflow. Remote code execution might be possible for some… | ||
| CVE-2020-22212 | Cri | 0.64 | 9.8 | 0.01 | Jun 16, 2021 | SQL Injection in 74cms 3.2.0 via the id parameter to wap/wap-company-show.php. | ||
| CVE-2020-22211 | Cri | 0.64 | 9.8 | 0.08 | Jun 16, 2021 | SQL Injection in 74cms 3.2.0 via the key parameter to plus/ajax_street.php. | ||
| CVE-2020-22210 | Cri | 0.64 | 9.8 | 0.09 | Jun 16, 2021 | SQL Injection in 74cms 3.2.0 via the x parameter to ajax_officebuilding.php. | ||
| CVE-2020-22209 | Cri | 0.64 | 9.8 | 0.09 | Jun 16, 2021 | SQL Injection in 74cms 3.2.0 via the query parameter to plus/ajax_common.php. | ||
| CVE-2020-22208 | Cri | 0.64 | 9.8 | 0.10 | Jun 16, 2021 | SQL Injection in 74cms 3.2.0 via the x parameter to plus/ajax_street.php. | ||
| CVE-2020-22206 | Cri | 0.64 | 9.8 | 0.01 | Jun 16, 2021 | SQL Injection in ECShop 3.0 via the aid parameter to admin/affiliate_ck.php. | ||
| CVE-2020-22205 | Cri | 0.64 | 9.8 | 0.01 | Jun 16, 2021 | SQL Injection in ECShop 3.0 via the id parameter to admin/shophelp.php. | ||
| CVE-2020-22204 | Cri | 0.64 | 9.8 | 0.01 | Jun 16, 2021 | SQL Injection in ECShop 2.7.6 via the goods_number parameter to flow.php. . | ||
| CVE-2020-22203 | Cri | 0.64 | 9.8 | 0.01 | Jun 16, 2021 | SQL Injection in phpCMS 2008 sp4 via the genre parameter to yp/job.php. | ||
| CVE-2020-22199 | Cri | 0.64 | 9.8 | 0.01 | Jun 16, 2021 | SQL Injection vulnerability in phpCMS 2007 SP6 build 0805 via the digg_mod parameter to digg_add.php. | ||
| CVE-2020-35760 | Cri | 0.64 | 9.8 | 0.02 | Jun 16, 2021 | bloofoxCMS 0.5.2.1 is infected with Unrestricted File Upload that allows attackers to upload malicious files (ex: php files). | ||
| CVE-2020-22198 | Cri | 0.64 | 9.8 | 0.02 | Jun 16, 2021 | SQL Injection vulnerability in DedeCMS 5.7 via mdescription parameter to member/ajax_membergroup.php. | ||
| CVE-2021-27610 | Cri | 0.64 | 9.8 | 0.01 | Jun 16, 2021 | SAP NetWeaver ABAP Server and ABAP Platform, versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 804, does not create information about internal and external RFC user in consistent and distinguished format, which could lead to improper authentication and may be… | ||
| CVE-2021-32928 | Cri | 0.64 | 9.8 | 0.01 | Jun 16, 2021 | The Sentinel LDK Run-Time Environment installer (Versions 7.6 and prior) adds a firewall rule named “Sentinel License Manager” that allows incoming connections from private networks using TCP Port 1947. While uninstalling, the uninstaller fails to close Port 1947. | ||
| CVE-2021-20093 | Cri | 0.62 | 9.1 | 0.33 | Jun 16, 2021 | A buffer over-read vulnerability exists in Wibu-Systems CodeMeter versions < 7.21a. An unauthenticated remote attacker can exploit this issue to disclose heap memory contents or crash the CodeMeter Runtime Server. | ||
| CVE-2020-9493 | Cri | 0.64 | 9.8 | 0.05 | Jun 16, 2021 | A deserialization flaw was found in Apache Chainsaw versions prior to 2.1.0 which could lead to malicious code execution. | ||
| CVE-2021-32685 | Cri | 0.57 | 9.8 | 0.01 | Jun 16, 2021 | tEnvoy contains the PGP, NaCl, and PBKDF2 in node.js and the browser (hashing, random, encryption, decryption, signatures, conversions), used by TogaTech.org. In versions prior to 7.0.3, the `verifyWithMessage` method of `tEnvoyNaClSigningKey` always returns `true` for any… | ||
| CVE-2021-24037 | — | Cri | 0.57 | 9.8 | 0.02 | Jun 15, 2021 | A use after free in hermes, while emitting certain error messages, prior to commit d86e185e485b6330216dee8e854455c694e3a36e allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits… | |
| CVE-2021-34170 | Cri | 0.64 | 9.8 | 0.03 | Jun 15, 2021 | Bandai Namco FromSoftware Dark Souls III allows remote attackers to execute arbitrary code. | ||
| CVE-2021-33622 | Cri | 0.64 | 9.8 | 0.01 | Jun 15, 2021 | Sylabs Singularity 3.5.x and 3.6.x, and SingularityPRO before 3.5-8, has an Incorrect Check of a Function's Return Value. | ||
| CVE-2021-27388 | Cri | 0.64 | 9.8 | 0.02 | Jun 15, 2021 | SINAMICS medium voltage routable products are affected by a vulnerability in the Sm@rtServer component for remote access that could allow an unauthenticated attacker to cause a denial-of-service condition, and/or execution of limited configuration modifications and/or execution… | ||
| CVE-2020-29214 | Cri | 0.64 | 9.8 | 0.04 | Jun 15, 2021 | SQL injection vulnerability in SourceCodester Alumni Management System 1.0 allows the user to inject SQL payload to bypass the authentication via admin/login.php. | ||
| CVE-2021-0324 | Cri | 0.64 | 9.8 | 0.01 | Jun 14, 2021 | Product: AndroidVersions: Android SoCAndroid ID: A-175402462 | ||
| CVE-2021-32682 | Cri | 0.02 | 9.8 | 0.70 | Jun 14, 2021 | elFinder is an open-source file manager for web, written in JavaScript using jQuery UI. Several vulnerabilities affect elFinder 2.1.58. These vulnerabilities can allow an attacker to execute arbitrary code and commands on the server hosting the elFinder PHP connector, even with… | ||
| CVE-2021-34679 | Cri | 0.65 | 10.0 | 0.01 | Jun 11, 2021 | Thycotic Password Reset Server before 5.3.0 allows credential disclosure. | ||
| CVE-2021-27200 | Cri | 0.64 | 9.8 | 0.03 | Jun 11, 2021 | In WoWonder 3.0.4, remote attackers can take over any account due to the weak cryptographic algorithm in recover.php. The code parameter is easily predicted from the time of day. | ||
| CVE-2021-32930 | Cri | 0.64 | 9.8 | 0.08 | Jun 11, 2021 | The affected product’s configuration is vulnerable due to missing authentication, which may allow an attacker to change configurations and execute arbitrary code on the iView (versions prior to v5.7.03.6182). | ||
| CVE-2021-27410 | Cri | 0.64 | 9.8 | 0.02 | Jun 11, 2021 | The affected product is vulnerable to an out-of-bounds write, which may result in corruption of data or code execution on the Welch Allyn medical device management tools (Welch Allyn Service Tool: versions prior to v1.10, Welch Allyn Connex Device Integration Suite – Network… |
- risk 0.64cvss 9.8epss 0.01
Joomla! Core is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently retrieve password reset tokens from the database through an already existing SQL injection vector. Joomla! Core versions…
- risk 0.64cvss 9.8epss 0.01
Joomla! Core is prone to a vulnerability that lets attackers upload arbitrary files because the application fails to properly verify user-supplied input. An attacker can exploit this vulnerability to upload arbitrary code and run it in the context of the webserver process. This…
- risk 0.64cvss 9.8epss 0.01
An XXE vulnerability exists in ConnectWise Automate before 2021.0.6.132.
- risk 0.64cvss 9.8epss 0.04
The Autoptimize WordPress plugin before 2.7.8 attempts to delete malicious files (such as .php) form the uploaded archive via the "Import Settings" feature, after its extraction. However, the extracted folders are not checked and it is possible to upload a zip which contained a…
- risk 0.67cvss 9.8epss 0.47
The Fancy Product Designer WordPress plugin before 4.6.9 allows unauthenticated attackers to upload arbitrary files, resulting in remote code execution.
- risk 0.64cvss 9.8epss 0.02
In the Location Manager WordPress plugin before 2.1.0.10, the AJAX action gd_popular_location_list did not properly sanitise or validate some of its POST parameters, which are then used in a SQL statement, leading to unauthenticated SQL Injection issues.
- risk 0.64cvss 9.8epss 0.01
Textpattern 4.7.3 contains an aribtrary file load via the file_insert function in include/txp_file.php.
- risk 0.64cvss 9.8epss 0.05
Apache Nuttx Versions prior to 10.1.0 are vulnerable to integer wrap-around in functions malloc, realloc and memalign. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution.
- risk 0.64cvss 9.8epss 0.02
In p2p_process_prov_disc_req of p2p_pd.c, there is a possible out of bounds read and write due to a use after free. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product:…
- risk 0.00cvss 9.8epss 0.01
Greenbone Security Assistant (GSA) before 7.0.3 and Greenbone OS (GOS) before 5.0.0 allow Host Header Injection.
- risk 0.64cvss 9.8epss 0.02
White Shark System (WSS) 1.3.2 is vulnerable to unauthorized access via user_edit_password.php, remote attackers can modify the password of any user.
- risk 0.00cvss 9.8epss 0.03
SerenityOS before commit 3844e8569689dd476064a0759d704bc64fb3ca2c contains a directory traversal vulnerability in tar/unzip that may lead to command execution or privilege escalation.
- risk 0.64cvss 9.8epss 0.02
Secure 8 (Evalos) does not validate user input data correctly, allowing a remote attacker to perform a Blind SQL Injection. An attacker could exploit this vulnerability in order to extract information of users and administrator accounts stored in the database.
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in Cleo LexiCom 5.5.0.0. Within the AS2 message, the sender can specify a filename. This filename can include path-traversal characters, allowing the file to be written to an arbitrary location on disk.
- risk 0.59cvss 9.8epss 0.26
Jenkins Generic Webhook Trigger Plugin 1.72 and earlier does not configure its XML parser to prevent XML external entity (XXE) attacks.
- risk 0.64cvss 9.9epss 0.01
Improper privilege management vulnerability in cgi component in Synology Download Station before 3.8.16-3566 allows remote authenticated users to execute arbitrary code via unspecified vectors.
- risk 0.65cvss 9.9epss 0.02
Improper neutralization of special elements used in a command ('Command Injection') vulnerability in task management component in Synology Download Station before 3.8.16-3566 allows remote authenticated users to execute arbitrary code via unspecified vectors.
- risk 0.64cvss 9.8epss 0.04
Elemin allows remote attackers to upload and execute arbitrary PHP code via the Themify framework (before 1.2.2) wp-content/themes/elemin/themify/themify-ajax.php file.
- risk 0.64cvss 9.8epss 0.02
A local file inclusion vulnerability was discovered in the captcha function in Monstra 3.0.4 which allows remote attackers to execute arbitrary PHP code.
- risk 0.65cvss 10.0epss 0.02
An information disclosure vulnerability exists in the Ethernet/IP UDP handler functionality of EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A specially crafted network request can lead to an out-of-bounds read.
- risk 0.64cvss 9.8epss 0.02
An issue was discovered on Enphase Envoy R3.x and D4.x devices with v3 software. The default admin password is set to the last 6 digits of the serial number. The serial number can be retrieved by an unauthenticated user at /info.xml.
- risk 0.00cvss 9.8epss 0.04
Matrix libolm before 3.2.3 allows a malicious Matrix homeserver to crash a client (while it is attempting to retrieve an Olm encrypted room key backup from the homeserver) because olm_pk_decrypt has a stack-based buffer overflow. Remote code execution might be possible for some…
- risk 0.64cvss 9.8epss 0.01
SQL Injection in 74cms 3.2.0 via the id parameter to wap/wap-company-show.php.
- risk 0.64cvss 9.8epss 0.08
SQL Injection in 74cms 3.2.0 via the key parameter to plus/ajax_street.php.
- risk 0.64cvss 9.8epss 0.09
SQL Injection in 74cms 3.2.0 via the x parameter to ajax_officebuilding.php.
- risk 0.64cvss 9.8epss 0.09
SQL Injection in 74cms 3.2.0 via the query parameter to plus/ajax_common.php.
- risk 0.64cvss 9.8epss 0.10
SQL Injection in 74cms 3.2.0 via the x parameter to plus/ajax_street.php.
- risk 0.64cvss 9.8epss 0.01
SQL Injection in ECShop 3.0 via the aid parameter to admin/affiliate_ck.php.
- risk 0.64cvss 9.8epss 0.01
SQL Injection in ECShop 3.0 via the id parameter to admin/shophelp.php.
- risk 0.64cvss 9.8epss 0.01
SQL Injection in ECShop 2.7.6 via the goods_number parameter to flow.php. .
- risk 0.64cvss 9.8epss 0.01
SQL Injection in phpCMS 2008 sp4 via the genre parameter to yp/job.php.
- risk 0.64cvss 9.8epss 0.01
SQL Injection vulnerability in phpCMS 2007 SP6 build 0805 via the digg_mod parameter to digg_add.php.
- risk 0.64cvss 9.8epss 0.02
bloofoxCMS 0.5.2.1 is infected with Unrestricted File Upload that allows attackers to upload malicious files (ex: php files).
- risk 0.64cvss 9.8epss 0.02
SQL Injection vulnerability in DedeCMS 5.7 via mdescription parameter to member/ajax_membergroup.php.
- risk 0.64cvss 9.8epss 0.01
SAP NetWeaver ABAP Server and ABAP Platform, versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 804, does not create information about internal and external RFC user in consistent and distinguished format, which could lead to improper authentication and may be…
- risk 0.64cvss 9.8epss 0.01
The Sentinel LDK Run-Time Environment installer (Versions 7.6 and prior) adds a firewall rule named “Sentinel License Manager” that allows incoming connections from private networks using TCP Port 1947. While uninstalling, the uninstaller fails to close Port 1947.
- risk 0.62cvss 9.1epss 0.33
A buffer over-read vulnerability exists in Wibu-Systems CodeMeter versions < 7.21a. An unauthenticated remote attacker can exploit this issue to disclose heap memory contents or crash the CodeMeter Runtime Server.
- risk 0.64cvss 9.8epss 0.05
A deserialization flaw was found in Apache Chainsaw versions prior to 2.1.0 which could lead to malicious code execution.
- risk 0.57cvss 9.8epss 0.01
tEnvoy contains the PGP, NaCl, and PBKDF2 in node.js and the browser (hashing, random, encryption, decryption, signatures, conversions), used by TogaTech.org. In versions prior to 7.0.3, the `verifyWithMessage` method of `tEnvoyNaClSigningKey` always returns `true` for any…
- risk 0.57cvss 9.8epss 0.02
A use after free in hermes, while emitting certain error messages, prior to commit d86e185e485b6330216dee8e854455c694e3a36e allows attackers to potentially execute arbitrary code via crafted JavaScript. Note that this is only exploitable if the application using Hermes permits…
- risk 0.64cvss 9.8epss 0.03
Bandai Namco FromSoftware Dark Souls III allows remote attackers to execute arbitrary code.
- risk 0.64cvss 9.8epss 0.01
Sylabs Singularity 3.5.x and 3.6.x, and SingularityPRO before 3.5-8, has an Incorrect Check of a Function's Return Value.
- risk 0.64cvss 9.8epss 0.02
SINAMICS medium voltage routable products are affected by a vulnerability in the Sm@rtServer component for remote access that could allow an unauthenticated attacker to cause a denial-of-service condition, and/or execution of limited configuration modifications and/or execution…
- risk 0.64cvss 9.8epss 0.04
SQL injection vulnerability in SourceCodester Alumni Management System 1.0 allows the user to inject SQL payload to bypass the authentication via admin/login.php.
- risk 0.64cvss 9.8epss 0.01
Product: AndroidVersions: Android SoCAndroid ID: A-175402462
- risk 0.02cvss 9.8epss 0.70
elFinder is an open-source file manager for web, written in JavaScript using jQuery UI. Several vulnerabilities affect elFinder 2.1.58. These vulnerabilities can allow an attacker to execute arbitrary code and commands on the server hosting the elFinder PHP connector, even with…
- risk 0.65cvss 10.0epss 0.01
Thycotic Password Reset Server before 5.3.0 allows credential disclosure.
- risk 0.64cvss 9.8epss 0.03
In WoWonder 3.0.4, remote attackers can take over any account due to the weak cryptographic algorithm in recover.php. The code parameter is easily predicted from the time of day.
- risk 0.64cvss 9.8epss 0.08
The affected product’s configuration is vulnerable due to missing authentication, which may allow an attacker to change configurations and execute arbitrary code on the iView (versions prior to v5.7.03.6182).
- risk 0.64cvss 9.8epss 0.02
The affected product is vulnerable to an out-of-bounds write, which may result in corruption of data or code execution on the Welch Allyn medical device management tools (Welch Allyn Service Tool: versions prior to v1.10, Welch Allyn Connex Device Integration Suite – Network…