| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-11283 | Cri | 0.64 | 9.8 | 0.01 | Feb 22, 2021 | A buffer overflow can occur when playing an MKV clip due to lack of input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables | ||
| CVE-2020-11276 | Cri | 0.59 | 9.1 | 0.01 | Feb 22, 2021 | Possible buffer over read while processing P2P IE and NOA attribute of beacon and probe response frames due to improper validation of P2P IE and NOA attribute lengths in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity,… | ||
| CVE-2020-11275 | Cri | 0.59 | 9.1 | 0.01 | Feb 22, 2021 | Possible buffer over-read while parsing quiet IE in Rx beacon frame due to improper check of IE length in received beacon in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial… | ||
| CVE-2020-11272 | Cri | 0.64 | 9.8 | 0.01 | Feb 22, 2021 | Before enqueuing a frame to the PE queue for further processing, an entry in a hash table can be deleted and using a stale version later can lead to use after free condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics… | ||
| CVE-2020-11170 | Cri | 0.64 | 9.8 | 0.01 | Feb 22, 2021 | Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon… | ||
| CVE-2020-11163 | Cri | 0.64 | 9.8 | 0.01 | Feb 22, 2021 | Possible buffer overflow while updating ikev2 parameters due to lack of check of input validation for certain parameters received from the ePDG server in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon… | ||
| CVE-2021-26120 | — | Cri | 0.63 | 9.8 | 0.82 | Feb 22, 2021 | Smarty before 3.1.39 allows code injection via an unexpected function name after a {function name= substring. | |
| CVE-2021-24115 | Cri | 0.00 | 9.8 | 0.02 | Feb 22, 2021 | In Botan before 2.17.3, constant-time computations are not used for certain decoding and encoding operations (base32, base58, base64, and hex). | ||
| CVE-2021-27514 | Cri | 0.64 | 9.8 | 0.04 | Feb 22, 2021 | EyesOfNetwork 5.3-10 uses an integer of between 8 and 10 digits for the session ID, which might be leveraged for brute-force authentication bypass (such as in CVE-2021-27513 exploitation). | ||
| CVE-2021-3210 | Cri | 0.63 | 9.6 | 0.03 | Feb 19, 2021 | components/Modals/HelpTexts/GenericAll/GenericAll.jsx in Bloodhound <= 4.0.1 allows remote attackers to execute arbitrary system commands when the victim imports a malicious data file containing JavaScript in the objectId parameter. | ||
| CVE-2019-25024 | Cri | 0.69 | 9.8 | 0.28 | Feb 19, 2021 | OpenRepeater (ORP) before 2.2 allows unauthenticated command injection via shell metacharacters in the functions/ajax_system.php post_service parameter. | ||
| CVE-2021-26747 | Cri | 0.68 | 9.8 | 0.54 | Feb 18, 2021 | Netis WF2780 2.3.40404 and WF2411 1.1.29629 devices allow Shell Metacharacter Injection into the ping command, leading to remote code execution. | ||
| CVE-2021-27335 | Cri | 0.64 | 9.8 | 0.03 | Feb 18, 2021 | KollectApps before 4.8.16c is affected by insecure Java deserialization, leading to Remote Code Execution via a ysoserial.payloads.CommonsCollections parameter. | ||
| CVE-2021-27329 | Cri | 0.65 | 10.0 | 0.02 | Feb 18, 2021 | Friendica 2021.01 allows SSRF via parse_url?binurl= for DNS lookups or HTTP requests to arbitrary domain names. | ||
| CVE-2020-28490 | — | Cri | 0.52 | 9.1 | 0.03 | Feb 18, 2021 | The package async-git before 1.13.2 are vulnerable to Command Injection via shell meta-characters (back-ticks). For example: git.reset('atouch HACKEDb') | |
| CVE-2021-27378 | — | Cri | 0.00 | 9.8 | 0.01 | Feb 18, 2021 | An issue was discovered in the rand_core crate before 0.6.2 for Rust. Because read_u32_into and read_u64_into mishandle certain buffer-length checks, a random number generator may be seeded with too little data. | |
| CVE-2021-27377 | — | Cri | 0.64 | 9.8 | 0.01 | Feb 18, 2021 | An issue was discovered in the yottadb crate before 1.2.0 for Rust. For some memory-allocation patterns, ydb_subscript_next_st and ydb_subscript_prev_st have a use-after-free. | |
| CVE-2021-27376 | — | Cri | 0.64 | 9.8 | 0.01 | Feb 18, 2021 | An issue was discovered in the nb-connect crate before 1.0.3 for Rust. It may have invalid memory access for certain versions of the standard library because it relies on a direct cast of std::net::SocketAddrV4 and std::net::SocketAddrV6 data structures. | |
| CVE-2021-27362 | Cri | 0.64 | 9.8 | 0.04 | Feb 17, 2021 | The WPG plugin before 3.1.0.0 for IrfanView 4.57 has a Read Access Violation on Control Flow starting at WPG!ReadWPG_W+0x0000000000000133, which might allow remote attackers to execute arbitrary code. | ||
| CVE-2021-26809 | Cri | 0.64 | 9.8 | 0.02 | Feb 17, 2021 | PHPGurukul Car Rental Project version 2.0 suffers from a remote shell upload vulnerability in changeimage1.php. | ||
| CVE-2021-25779 | Cri | 0.64 | 9.8 | 0.01 | Feb 17, 2021 | Baby Care System v1.0 is vulnerable to SQL injection via the 'id' parameter on the contentsectionpage.php page. | ||
| CVE-2020-35339 | Cri | 0.64 | 9.8 | 0.04 | Feb 17, 2021 | In 74cms version 5.0.1, there is a remote code execution vulnerability in /Application/Admin/Controller/ConfigController.class.php and /ThinkPHP/Common/functions.php where attackers can obtain server permissions and control the server. | ||
| CVE-2021-22855 | Cri | 0.64 | 9.8 | 0.02 | Feb 17, 2021 | The specific function of HR Portal of Soar Cloud System accepts any type of object to be deserialized. Attackers can send malicious serialized objects to execute arbitrary commands. | ||
| CVE-2021-22856 | Cri | 0.64 | 9.8 | 0.01 | Feb 17, 2021 | The CGE property management system contains SQL Injection vulnerabilities. Remote attackers can inject SQL commands into the parameters in Cookie and obtain data in the database without privilege. | ||
| CVE-2021-23885 | Cri | 0.59 | 9.0 | 0.01 | Feb 17, 2021 | Privilege escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.8 allows an authenticated user to gain elevated privileges through the User Interface and execute commands on the appliance via incorrect improper neutralization of user input in the troubleshooting page. | ||
| CVE-2020-2501 | Cri | 0.64 | 9.8 | 0.03 | Feb 17, 2021 | A stack-based buffer overflow vulnerability has been reported to affect QNAP NAS devices running Surveillance Station. If exploited, this vulnerability allows attackers to execute arbitrary code. QNAP have already fixed this vulnerability in the following versions: Surveillance… | ||
| CVE-2021-27104 | Cri | 0.86 | 9.8 | 0.56 | KEV | Feb 16, 2021 | Accellion FTA 9_12_370 and earlier is affected by OS command execution via a crafted POST request to various admin endpoints. The fixed version is FTA_9_12_380 and later. | |
| CVE-2021-27103 | Cri | 0.83 | 9.8 | 0.11 | KEV | Feb 16, 2021 | Accellion FTA 9_12_411 and earlier is affected by SSRF via a crafted POST request to wmProgressstat.html. The fixed version is FTA_9_12_416 and later. | |
| CVE-2021-27101 | Cri | 0.82 | 9.8 | 0.06 | KEV | Feb 16, 2021 | Accellion FTA 9_12_370 and earlier is affected by SQL injection via a crafted Host header in a request to document_root.html. The fixed version is FTA_9_12_380 and later. | |
| CVE-2020-35565 | Cri | 0.64 | 9.8 | 0.01 | Feb 16, 2021 | An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. The login pages bruteforce detection is disabled by default. | ||
| CVE-2021-25648 | Cri | 0.64 | 9.8 | 0.01 | Feb 16, 2021 | Mobile application "Testes de Codigo" 11.4 and prior allows an attacker to gain access to the administrative interface and premium features by tampering the boolean value of parameters "isAdmin" and "isPremium" located on device storage. | ||
| CVE-2020-24841 | Cri | 0.64 | 9.8 | 0.02 | Feb 16, 2021 | PNPSCADA 2.200816204020 allows SQL injection via parameter 'interf' in /browse.jsp. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. | ||
| CVE-2021-27236 | Cri | 0.64 | 9.8 | 0.02 | Feb 16, 2021 | An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. getfile.asp allows Unauthenticated Local File Inclusion, which can be leveraged to achieve Remote Code Execution. | ||
| CVE-2021-27234 | Cri | 0.64 | 9.8 | 0.01 | Feb 16, 2021 | An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. The web application suffers from SQL injection on Adminlog.asp, Archivemsgs.asp, Deletelog.asp, Eventlog.asp, and Evmlog.asp. | ||
| CVE-2021-3239 | Cri | 0.65 | 9.8 | 0.18 | Feb 15, 2021 | E-Learning System 1.0 suffers from an unauthenticated SQL injection vulnerability, which allows remote attackers to execute arbitrary code on the hosting web server and gain a reverse shell. | ||
| CVE-2021-26822 | Cri | 0.64 | 9.8 | 0.05 | Feb 15, 2021 | Teachers Record Management System 1.0 is affected by a SQL injection vulnerability in 'searchteacher' POST parameter in search-teacher.php. This vulnerability can be exploited by a remote unauthenticated attacker to leak sensitive information and perform code execution attacks. | ||
| CVE-2021-26201 | Cri | 0.64 | 9.8 | 0.02 | Feb 15, 2021 | The Login Panel of CASAP Automated Enrollment System 1.0 is vulnerable to SQL injection authentication bypass. An attacker can obtain access to the admin panel by injecting a SQL query in the username field of the login page. | ||
| CVE-2021-26200 | Cri | 0.64 | 9.8 | 0.02 | Feb 15, 2021 | The user area for Library System 1.0 is vulnerable to SQL injection where a user can bypass the authentication and login as the admin user. | ||
| CVE-2021-3375 | Cri | 0.64 | 9.8 | 0.04 | Feb 15, 2021 | ActivePresenter 6.1.6 is affected by a memory corruption vulnerability that may result in a denial of service (DoS) or arbitrary code execution. | ||
| CVE-2020-29026 | Cri | 0.59 | 9.0 | 0.01 | Feb 15, 2021 | A directory traversal vulnerability exists in the file upload function of the GateManager that allows an authenticated attacker with administrative permissions to read and write arbitrary files in the Linux file system. This issue affects: GateManager all versions prior to 9.2c. | ||
| CVE-2020-35775 | Cri | 0.68 | 9.8 | 0.13 | Feb 15, 2021 | CITSmart before 9.1.2.23 allows LDAP Injection. | ||
| CVE-2021-27213 | Cri | 0.00 | 9.8 | 0.03 | Feb 14, 2021 | config.py in pystemon before 2021-02-13 allows code execution via YAML deserialization because SafeLoader and safe_load are not used. | ||
| CVE-2019-25019 | Cri | 0.57 | 9.8 | 0.01 | Feb 14, 2021 | LimeSurvey before 4.0.0-RC4 allows SQL injection via the participant model. | ||
| CVE-2021-26753 | Cri | 0.64 | 9.9 | 0.01 | Feb 12, 2021 | NeDi 1.9C allows an authenticated user to inject PHP code in the System Files function on the endpoint /System-Files.php via the txt HTTP POST parameter. This allows an attacker to obtain access to the operating system where NeDi is installed and to all application data. | ||
| CVE-2021-22504 | Cri | 0.64 | 9.8 | 0.03 | Feb 12, 2021 | Arbitrary code execution vulnerability on Micro Focus Operations Bridge Manager product, affecting versions 10.1x, 10.6x, 2018.05, 2018.11, 2019.05, 2019.11, 2020.05, 2020.10. The vulnerability could allow remote attackers to execute arbitrary code on an OBM server. | ||
| CVE-2021-20651 | Cri | 0.59 | 9.1 | 0.02 | Feb 12, 2021 | Directory traversal vulnerability in ELECOM File Manager all versions allows remote attackers to create an arbitrary file or overwrite an existing file in a directory which can be accessed with the application privileges via unspecified vectors. | ||
| CVE-2020-27868 | Cri | 0.70 | 9.8 | 0.81 | Feb 12, 2021 | This vulnerability allows remote attackers to execute arbitrary code on affected installations of Qognify Ocularis 5.9.0.395. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of serialized objects provided to the… | ||
| CVE-2021-21014 | Cri | 0.52 | 9.1 | 0.04 | Feb 11, 2021 | Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to a file upload restriction bypass. Successful exploitation could lead to arbitrary code execution by an authenticated attacker. Access to the admin console is required for… | ||
| CVE-2021-21025 | Cri | 0.59 | 9.1 | 0.03 | Feb 11, 2021 | Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to XML injection in the product layout updates. Successful exploitation could lead to arbitrary code execution by an authenticated attacker. Access to the admin console is… | ||
| CVE-2021-21024 | Cri | 0.59 | 9.1 | 0.03 | Feb 11, 2021 | Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are affected by a blind SQL injection vulnerability in the Search module. Successful exploitation could lead to unauthorized access to restricted resources by an unauthenticated attacker. Access… |
- risk 0.64cvss 9.8epss 0.01
A buffer overflow can occur when playing an MKV clip due to lack of input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables
- risk 0.59cvss 9.1epss 0.01
Possible buffer over read while processing P2P IE and NOA attribute of beacon and probe response frames due to improper validation of P2P IE and NOA attribute lengths in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity,…
- risk 0.59cvss 9.1epss 0.01
Possible buffer over-read while parsing quiet IE in Rx beacon frame due to improper check of IE length in received beacon in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial…
- risk 0.64cvss 9.8epss 0.01
Before enqueuing a frame to the PE queue for further processing, an entry in a hash table can be deleted and using a stale version later can lead to use after free condition in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics…
- risk 0.64cvss 9.8epss 0.01
Out of bound memory access while playing music playbacks with crafted vorbis content due to improper checks in header extraction in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon…
- risk 0.64cvss 9.8epss 0.01
Possible buffer overflow while updating ikev2 parameters due to lack of check of input validation for certain parameters received from the ePDG server in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon…
- risk 0.63cvss 9.8epss 0.82
Smarty before 3.1.39 allows code injection via an unexpected function name after a {function name= substring.
- risk 0.00cvss 9.8epss 0.02
In Botan before 2.17.3, constant-time computations are not used for certain decoding and encoding operations (base32, base58, base64, and hex).
- risk 0.64cvss 9.8epss 0.04
EyesOfNetwork 5.3-10 uses an integer of between 8 and 10 digits for the session ID, which might be leveraged for brute-force authentication bypass (such as in CVE-2021-27513 exploitation).
- risk 0.63cvss 9.6epss 0.03
components/Modals/HelpTexts/GenericAll/GenericAll.jsx in Bloodhound <= 4.0.1 allows remote attackers to execute arbitrary system commands when the victim imports a malicious data file containing JavaScript in the objectId parameter.
- risk 0.69cvss 9.8epss 0.28
OpenRepeater (ORP) before 2.2 allows unauthenticated command injection via shell metacharacters in the functions/ajax_system.php post_service parameter.
- risk 0.68cvss 9.8epss 0.54
Netis WF2780 2.3.40404 and WF2411 1.1.29629 devices allow Shell Metacharacter Injection into the ping command, leading to remote code execution.
- risk 0.64cvss 9.8epss 0.03
KollectApps before 4.8.16c is affected by insecure Java deserialization, leading to Remote Code Execution via a ysoserial.payloads.CommonsCollections parameter.
- risk 0.65cvss 10.0epss 0.02
Friendica 2021.01 allows SSRF via parse_url?binurl= for DNS lookups or HTTP requests to arbitrary domain names.
- risk 0.52cvss 9.1epss 0.03
The package async-git before 1.13.2 are vulnerable to Command Injection via shell meta-characters (back-ticks). For example: git.reset('atouch HACKEDb')
- risk 0.00cvss 9.8epss 0.01
An issue was discovered in the rand_core crate before 0.6.2 for Rust. Because read_u32_into and read_u64_into mishandle certain buffer-length checks, a random number generator may be seeded with too little data.
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in the yottadb crate before 1.2.0 for Rust. For some memory-allocation patterns, ydb_subscript_next_st and ydb_subscript_prev_st have a use-after-free.
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in the nb-connect crate before 1.0.3 for Rust. It may have invalid memory access for certain versions of the standard library because it relies on a direct cast of std::net::SocketAddrV4 and std::net::SocketAddrV6 data structures.
- risk 0.64cvss 9.8epss 0.04
The WPG plugin before 3.1.0.0 for IrfanView 4.57 has a Read Access Violation on Control Flow starting at WPG!ReadWPG_W+0x0000000000000133, which might allow remote attackers to execute arbitrary code.
- risk 0.64cvss 9.8epss 0.02
PHPGurukul Car Rental Project version 2.0 suffers from a remote shell upload vulnerability in changeimage1.php.
- risk 0.64cvss 9.8epss 0.01
Baby Care System v1.0 is vulnerable to SQL injection via the 'id' parameter on the contentsectionpage.php page.
- risk 0.64cvss 9.8epss 0.04
In 74cms version 5.0.1, there is a remote code execution vulnerability in /Application/Admin/Controller/ConfigController.class.php and /ThinkPHP/Common/functions.php where attackers can obtain server permissions and control the server.
- risk 0.64cvss 9.8epss 0.02
The specific function of HR Portal of Soar Cloud System accepts any type of object to be deserialized. Attackers can send malicious serialized objects to execute arbitrary commands.
- risk 0.64cvss 9.8epss 0.01
The CGE property management system contains SQL Injection vulnerabilities. Remote attackers can inject SQL commands into the parameters in Cookie and obtain data in the database without privilege.
- risk 0.59cvss 9.0epss 0.01
Privilege escalation vulnerability in McAfee Web Gateway (MWG) prior to 9.2.8 allows an authenticated user to gain elevated privileges through the User Interface and execute commands on the appliance via incorrect improper neutralization of user input in the troubleshooting page.
- risk 0.64cvss 9.8epss 0.03
A stack-based buffer overflow vulnerability has been reported to affect QNAP NAS devices running Surveillance Station. If exploited, this vulnerability allows attackers to execute arbitrary code. QNAP have already fixed this vulnerability in the following versions: Surveillance…
- risk 0.86cvss 9.8epss 0.56
Accellion FTA 9_12_370 and earlier is affected by OS command execution via a crafted POST request to various admin endpoints. The fixed version is FTA_9_12_380 and later.
- risk 0.83cvss 9.8epss 0.11
Accellion FTA 9_12_411 and earlier is affected by SSRF via a crafted POST request to wmProgressstat.html. The fixed version is FTA_9_12_416 and later.
- risk 0.82cvss 9.8epss 0.06
Accellion FTA 9_12_370 and earlier is affected by SQL injection via a crafted Host header in a request to document_root.html. The fixed version is FTA_9_12_380 and later.
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in MB CONNECT LINE mymbCONNECT24 and mbCONNECT24 through 2.6.2. The login pages bruteforce detection is disabled by default.
- risk 0.64cvss 9.8epss 0.01
Mobile application "Testes de Codigo" 11.4 and prior allows an attacker to gain access to the administrative interface and premium features by tampering the boolean value of parameters "isAdmin" and "isPremium" located on device storage.
- risk 0.64cvss 9.8epss 0.02
PNPSCADA 2.200816204020 allows SQL injection via parameter 'interf' in /browse.jsp. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. getfile.asp allows Unauthenticated Local File Inclusion, which can be leveraged to achieve Remote Code Execution.
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. The web application suffers from SQL injection on Adminlog.asp, Archivemsgs.asp, Deletelog.asp, Eventlog.asp, and Evmlog.asp.
- risk 0.65cvss 9.8epss 0.18
E-Learning System 1.0 suffers from an unauthenticated SQL injection vulnerability, which allows remote attackers to execute arbitrary code on the hosting web server and gain a reverse shell.
- risk 0.64cvss 9.8epss 0.05
Teachers Record Management System 1.0 is affected by a SQL injection vulnerability in 'searchteacher' POST parameter in search-teacher.php. This vulnerability can be exploited by a remote unauthenticated attacker to leak sensitive information and perform code execution attacks.
- risk 0.64cvss 9.8epss 0.02
The Login Panel of CASAP Automated Enrollment System 1.0 is vulnerable to SQL injection authentication bypass. An attacker can obtain access to the admin panel by injecting a SQL query in the username field of the login page.
- risk 0.64cvss 9.8epss 0.02
The user area for Library System 1.0 is vulnerable to SQL injection where a user can bypass the authentication and login as the admin user.
- risk 0.64cvss 9.8epss 0.04
ActivePresenter 6.1.6 is affected by a memory corruption vulnerability that may result in a denial of service (DoS) or arbitrary code execution.
- risk 0.59cvss 9.0epss 0.01
A directory traversal vulnerability exists in the file upload function of the GateManager that allows an authenticated attacker with administrative permissions to read and write arbitrary files in the Linux file system. This issue affects: GateManager all versions prior to 9.2c.
- risk 0.68cvss 9.8epss 0.13
CITSmart before 9.1.2.23 allows LDAP Injection.
- risk 0.00cvss 9.8epss 0.03
config.py in pystemon before 2021-02-13 allows code execution via YAML deserialization because SafeLoader and safe_load are not used.
- risk 0.57cvss 9.8epss 0.01
LimeSurvey before 4.0.0-RC4 allows SQL injection via the participant model.
- risk 0.64cvss 9.9epss 0.01
NeDi 1.9C allows an authenticated user to inject PHP code in the System Files function on the endpoint /System-Files.php via the txt HTTP POST parameter. This allows an attacker to obtain access to the operating system where NeDi is installed and to all application data.
- risk 0.64cvss 9.8epss 0.03
Arbitrary code execution vulnerability on Micro Focus Operations Bridge Manager product, affecting versions 10.1x, 10.6x, 2018.05, 2018.11, 2019.05, 2019.11, 2020.05, 2020.10. The vulnerability could allow remote attackers to execute arbitrary code on an OBM server.
- risk 0.59cvss 9.1epss 0.02
Directory traversal vulnerability in ELECOM File Manager all versions allows remote attackers to create an arbitrary file or overwrite an existing file in a directory which can be accessed with the application privileges via unspecified vectors.
- risk 0.70cvss 9.8epss 0.81
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Qognify Ocularis 5.9.0.395. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of serialized objects provided to the…
- risk 0.52cvss 9.1epss 0.04
Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to a file upload restriction bypass. Successful exploitation could lead to arbitrary code execution by an authenticated attacker. Access to the admin console is required for…
- risk 0.59cvss 9.1epss 0.03
Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are vulnerable to XML injection in the product layout updates. Successful exploitation could lead to arbitrary code execution by an authenticated attacker. Access to the admin console is…
- risk 0.59cvss 9.1epss 0.03
Magento versions 2.4.1 (and earlier), 2.4.0-p1 (and earlier) and 2.3.6 (and earlier) are affected by a blind SQL injection vulnerability in the Search module. Successful exploitation could lead to unauthorized access to restricted resources by an unauthenticated attacker. Access…