| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-20217 | Cri | 0.64 | 9.8 | 0.04 | Jan 29, 2020 | D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via the urn: to the M-SEARCH method in ssdpcgi() in /htdocs/cgibin, because SERVER_ID is mishandled. The value of the urn: service/device is checked with the strstr function,… | ||
| CVE-2019-20216 | Cri | 0.64 | 9.8 | 0.04 | Jan 29, 2020 | D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via the urn: to the M-SEARCH method in ssdpcgi() in /htdocs/cgibin, because REMOTE_PORT is mishandled. The value of the urn: service/device is checked with the strstr function,… | ||
| CVE-2019-20215 | Cri | 0.73 | 9.8 | 0.75 | Jan 29, 2020 | D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via a urn: to the M-SEARCH method in ssdpcgi() in /htdocs/cgibin, because HTTP_ST is mishandled. The value of the urn: service/device is checked with the strstr function, which… | ||
| CVE-2013-3214 | Cri | 0.73 | 9.8 | 0.85 | Jan 28, 2020 | vtiger CRM 5.4.0 and earlier contain a PHP Code Injection Vulnerability in 'vtigerolservice.php'. | ||
| CVE-2013-3071 | Cri | 0.64 | 9.8 | 0.02 | Jan 28, 2020 | NETGEAR Centria WNDR4700 devices with firmware 1.0.0.34 allow authentication bypass. | ||
| CVE-2013-2748 | Cri | 0.68 | 9.8 | 0.13 | Jan 28, 2020 | Belkin Wemo Switch before WeMo_US_2.00.2176.PVT could allow remote attackers to upload arbitrary files onto the system. | ||
| CVE-2013-1599 | Cri | 0.70 | 9.8 | 0.40 | Jan 28, 2020 | A Command Injection vulnerability exists in the /var/www/cgi-bin/rtpd.cgi script in D-Link IP Cameras DCS-3411/3430 firmware 1.02, DCS-5605/5635 1.01, DCS-1100L/1130L 1.04, DCS-1100/1130 1.03, DCS-1100/1130 1.04_US, DCS-2102/2121 1.05_RU, DCS-3410 1.02, DCS-5230 1.02, DCS-5230L… | ||
| CVE-2020-4207 | Cri | 0.64 | 9.8 | 0.05 | Jan 28, 2020 | IBM Watson IoT Message Gateway 2.0.0.x, 5.0.0.0, 5.0.0.1, and 5.0.0.2 is vulnerable to a buffer overflow, caused by improper bounds checking when handling a failed HTTP request with specific content in the headers. By sending a specially crafted HTTP request, a remote attacker… | ||
| CVE-2015-8011 | Cri | 0.57 | 9.8 | 0.05 | Jan 28, 2020 | Buffer overflow in the lldp_decode function in daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via vectors involving large management addresses and TLV boundaries. | ||
| CVE-2020-8086 | Cri | 0.64 | 9.8 | 0.02 | Jan 28, 2020 | The mod_auth_ldap and mod_auth_ldap2 Community Modules through 2020-01-27 for Prosody incompletely verify the XMPP address passed to the is_admin() function. This grants remote entities admin-only functionality if their username matches the username of a local admin. | ||
| CVE-2013-4864 | Cri | 0.67 | 9.8 | 0.06 | Jan 28, 2020 | MiCasaVerde VeraLite with firmware 1.5.408 allows remote attackers to send HTTP requests to intranet servers via the url parameter to cgi-bin/cmh/proxy.sh, related to a Server-Side Request Forgery (SSRF) issue. | ||
| CVE-2014-2914 | Cri | 0.64 | 9.8 | 0.03 | Jan 28, 2020 | fish (aka fish-shell) 2.0.0 before 2.1.1 does not restrict access to the configuration service (aka fish_config), which allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by set_prompt. | ||
| CVE-2014-2898 | Cri | 0.64 | 9.8 | 0.03 | Jan 28, 2020 | wolfSSL CyaSSL before 2.9.4 allows remote attackers to have unspecified impact via multiple calls to the CyaSSL_read function which triggers an out-of-bounds read when an error occurs, related to not checking the return code and MAC verification failure. | ||
| CVE-2014-2897 | Cri | 0.64 | 9.8 | 0.03 | Jan 28, 2020 | The SSL 3 HMAC functionality in wolfSSL CyaSSL 2.5.0 before 2.9.4 does not check the padding length when verification fails, which allows remote attackers to have unspecified impact via a crafted HMAC, which triggers an out-of-bounds read. | ||
| CVE-2014-2896 | Cri | 0.64 | 9.8 | 0.03 | Jan 28, 2020 | The DoAlert function in the (1) TLS and (2) DTLS implementations in wolfSSL CyaSSL before 2.9.4 allows remote attackers to have unspecified impact and vectors, which trigger memory corruption or an out-of-bounds read. | ||
| CVE-2013-2060 | Cri | 0.64 | 9.8 | 0.06 | Jan 28, 2020 | The download_from_url function in OpenShift Origin allows remote attackers to execute arbitrary commands via shell metacharacters in the URL of a request to download a cart. | ||
| CVE-2014-3445 | Cri | 0.64 | 9.8 | 0.05 | Jan 28, 2020 | backup.php in HandsomeWeb SOS Webpages before 1.1.12 does not require knowledge of the cleartext password, which allows remote attackers to bypass authentication by leveraging knowledge of the administrator password hash. | ||
| CVE-2013-2571 | Cri | 0.68 | 9.8 | 0.16 | Jan 28, 2020 | Iris 3.8 before build 1548, as used in Xpient point of sale (POS) systems, allows remote attackers to execute arbitrary commands via a crafted request to TCP port 7510, as demonstrated by opening the cash drawer. | ||
| CVE-2013-1437 | Cri | 0.64 | 9.8 | 0.03 | Jan 28, 2020 | Eval injection vulnerability in the Module-Metadata module before 1.000015 for Perl allows remote attackers to execute arbitrary Perl code via the $Version value. | ||
| CVE-2019-5464 | Cri | 0.64 | 9.8 | 0.03 | Jan 28, 2020 | A flawed DNS rebinding protection issue was discovered in GitLab CE/EE 10.2 and later in the `url_blocker.rb` which could result in SSRF where the library is utilized. | ||
| CVE-2019-15585 | Cri | 0.64 | 9.8 | 0.02 | Jan 28, 2020 | Improper authentication exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) in the GitLab SAML integration had a validation issue that permitted an attacker to takeover another user's account. | ||
| CVE-2019-8257 | Cri | 0.64 | 9.8 | 0.04 | Jan 28, 2020 | Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead… | ||
| CVE-2019-7131 | Cri | 0.64 | 9.8 | 0.04 | Jan 28, 2020 | Adobe Acrobat and Reader versions 2019.010.20064 and earlier, 2019.010.20064 and earlier, 2017.011.30110 and earlier version, and 2015.006.30461 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution. | ||
| CVE-2013-2612 | Cri | 0.64 | 9.8 | 0.03 | Jan 27, 2020 | Command-injection vulnerability in Huawei E587 3G Mobile Hotspot 11.203.27 allows remote attackers to execute arbitrary shell commands with root privileges due to an error in the Web UI. | ||
| CVE-2020-8088 | Cri | 0.64 | 9.8 | 0.01 | Jan 27, 2020 | panel_login.php in UseBB 1.0.12 allows type juggling for login bypass because != is used instead of !== for password hashes, which mishandles hashes that begin with 0e followed by exclusively numerical characters. | ||
| CVE-2020-8087 | Cri | 0.64 | 9.8 | 0.06 | Jan 27, 2020 | SMC Networks D3G0804W D3GNV5M-3.5.1.6.10_GA devices allow remote command execution by leveraging access to the Network Diagnostic Tools screen, as demonstrated by an admin login. The attacker must use a Parameter Pollution approach against goform/formSetDiagnosticToolsFmPing by… | ||
| CVE-2014-8563 | Cri | 0.64 | 9.8 | 0.03 | Jan 27, 2020 | Synacor Zimbra Collaboration before 8.0.9 allows plaintext command injection during STARTTLS. | ||
| CVE-2014-8741 | Cri | 0.73 | 9.8 | 0.77 | Jan 27, 2020 | Directory traversal vulnerability in the GfdFileUploadServerlet servlet in Lexmark MarkVision Enterprise before 2.1 allows remote attackers to write to arbitrary files via unspecified vectors. | ||
| CVE-2013-7390 | Cri | 0.73 | 9.8 | 0.75 | Jan 27, 2020 | Unrestricted file upload vulnerability in AgentLogUploadServlet in ManageEngine DesktopCentral 7.x and 8.0.0 before build 80293 allows remote attackers to execute arbitrary code by uploading a file with a jsp extension, then accessing it via a direct request to the file in the… | ||
| CVE-2019-19825 | Cri | 0.66 | 9.8 | 0.30 | Jan 27, 2020 | On certain TOTOLINK Realtek SDK based routers, the CAPTCHA text can be retrieved via an {"topicurl":"setting/getSanvas"} POST to the boafrm/formLogin URI, leading to a CAPTCHA bypass. (Also, the CAPTCHA text is not needed once the attacker has determined valid credentials. The… | ||
| CVE-2019-17096 | Cri | 0.59 | 9.0 | 0.02 | Jan 27, 2020 | A OS Command Injection vulnerability in the bootstrap stage of Bitdefender BOX 2 allows the manipulation of the `get_image_url()` function in special circumstances to inject a system command. | ||
| CVE-2013-4441 | Cri | 0.64 | 9.8 | 0.02 | Jan 27, 2020 | The Phonemes mode in Pwgen 2.06 generates predictable passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack. | ||
| CVE-2015-0244 | Cri | 0.57 | 9.8 | 0.04 | Jan 27, 2020 | PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 does not properly handle errors while reading a protocol message, which allows remote attackers to conduct SQL injection attacks via crafted binary data in a parameter… | ||
| CVE-2019-20433 | Cri | 0.52 | 9.1 | 0.02 | Jan 27, 2020 | libaspell.a in GNU Aspell before 0.60.8 has a buffer over-read for a string ending with a single '\0' byte, if the encoding is set to ucs-2 or ucs-4 outside of the application, as demonstrated by the ASPELL_CONF environment variable. | ||
| CVE-2013-4462 | Cri | 0.59 | 9.1 | 0.03 | Jan 27, 2020 | WordPress Portable phpMyAdmin Plugin has an authentication bypass vulnerability | ||
| CVE-2013-3493 | Cri | 0.64 | 9.8 | 0.02 | Jan 27, 2020 | XnView 2.03 has an integer overflow vulnerability | ||
| CVE-2013-3492 | Cri | 0.64 | 9.8 | 0.02 | Jan 27, 2020 | XnView 2.03 has a stack-based buffer overflow vulnerability | ||
| CVE-2013-3486 | Cri | 0.63 | 9.6 | 0.02 | Jan 27, 2020 | IrfanView FlashPix Plugin 4.3.4 0 has an Integer Overflow Vulnerability | ||
| CVE-2012-1495 | Cri | 0.73 | 9.8 | 0.80 | Jan 27, 2020 | install/index.php in WebCalendar before 1.2.5 allows remote attackers to execute arbitrary code via the form_single_user_login parameter. | ||
| CVE-2019-20427 | Cri | 0.64 | 9.8 | 0.05 | Jan 27, 2020 | In the Lustre file system before 2.12.3, the ptlrpc module has a buffer overflow and panic, and possibly remote code execution, due to the lack of validation for specific fields of packets sent by a client. Interaction between req_capsule_get_size and tgt_brw_write leads to a… | ||
| CVE-2020-8001 | Cri | 0.64 | 9.8 | 0.02 | Jan 27, 2020 | The Intellian Aptus application 1.0.2 for Android has a hardcoded password of intellian for the masteruser FTP account. | ||
| CVE-2020-8000 | Cri | 0.64 | 9.8 | 0.02 | Jan 27, 2020 | Intellian Aptus Web 1.24 has a hardcoded password of 12345678 for the intellian account. | ||
| CVE-2020-7999 | Cri | 0.64 | 9.8 | 0.01 | Jan 27, 2020 | The Intellian Aptus application 1.0.2 for Android has hardcoded values for DOWNLOAD_API_KEY and FILE_DOWNLOAD_API_KEY. | ||
| CVE-2020-7995 | — | Cri | 0.64 | 9.8 | 0.05 | Jan 26, 2020 | The htdocs/index.php?mainmenu=home login page in Dolibarr 10.0.6 allows an unlimited rate of failed authentication attempts. | |
| CVE-2019-16029 | Cri | 0.59 | 9.1 | 0.01 | Jan 26, 2020 | A vulnerability in the application programming interface (API) of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to change user account information which can prevent users from logging in, resulting in a denial of service (DoS) condition of… | ||
| CVE-2020-7981 | — | Cri | 0.57 | 9.8 | 0.01 | Jan 25, 2020 | sql.rb in Geocoder before 1.6.1 allows Boolean-based SQL injection when within_bounding_box is used in conjunction with untrusted sw_lat, sw_lng, ne_lat, or ne_lng data. | |
| CVE-2020-7980 | Cri | 0.73 | 9.8 | 0.83 | Jan 25, 2020 | Intellian Aptus Web 1.24 allows remote attackers to execute arbitrary OS commands via the Q field within JSON data to the cgi-bin/libagent.cgi URI. NOTE: a valid sid cookie for a login to the intellian default account might be needed. | ||
| CVE-2013-1744 | Cri | 0.67 | 9.8 | 0.05 | Jan 25, 2020 | IRIS citations management tool through 1.3 allows remote attackers to execute arbitrary commands. | ||
| CVE-2019-5183 | Cri | 0.59 | 9.0 | 0.02 | Jan 25, 2020 | An exploitable type confusion vulnerability exists in AMD ATIDXX64.DLL driver, versions 26.20.13031.10003, 26.20.13031.15006 and 26.20.13031.18002. A specially crafted pixel shader can cause a type confusion issue, leading to potential code execution. An attacker can provide a… | ||
| CVE-2019-1353 | Cri | 0.64 | 9.8 | 0.02 | Jan 24, 2020 | An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. When running Git in the Windows Subsystem for Linux (also known as "WSL") while accessing a working directory on a regular Windows drive, none… |
- risk 0.64cvss 9.8epss 0.04
D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via the urn: to the M-SEARCH method in ssdpcgi() in /htdocs/cgibin, because SERVER_ID is mishandled. The value of the urn: service/device is checked with the strstr function,…
- risk 0.64cvss 9.8epss 0.04
D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via the urn: to the M-SEARCH method in ssdpcgi() in /htdocs/cgibin, because REMOTE_PORT is mishandled. The value of the urn: service/device is checked with the strstr function,…
- risk 0.73cvss 9.8epss 0.75
D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers to execute arbitrary OS commands via a urn: to the M-SEARCH method in ssdpcgi() in /htdocs/cgibin, because HTTP_ST is mishandled. The value of the urn: service/device is checked with the strstr function, which…
- risk 0.73cvss 9.8epss 0.85
vtiger CRM 5.4.0 and earlier contain a PHP Code Injection Vulnerability in 'vtigerolservice.php'.
- risk 0.64cvss 9.8epss 0.02
NETGEAR Centria WNDR4700 devices with firmware 1.0.0.34 allow authentication bypass.
- risk 0.68cvss 9.8epss 0.13
Belkin Wemo Switch before WeMo_US_2.00.2176.PVT could allow remote attackers to upload arbitrary files onto the system.
- risk 0.70cvss 9.8epss 0.40
A Command Injection vulnerability exists in the /var/www/cgi-bin/rtpd.cgi script in D-Link IP Cameras DCS-3411/3430 firmware 1.02, DCS-5605/5635 1.01, DCS-1100L/1130L 1.04, DCS-1100/1130 1.03, DCS-1100/1130 1.04_US, DCS-2102/2121 1.05_RU, DCS-3410 1.02, DCS-5230 1.02, DCS-5230L…
- risk 0.64cvss 9.8epss 0.05
IBM Watson IoT Message Gateway 2.0.0.x, 5.0.0.0, 5.0.0.1, and 5.0.0.2 is vulnerable to a buffer overflow, caused by improper bounds checking when handling a failed HTTP request with specific content in the headers. By sending a specially crafted HTTP request, a remote attacker…
- risk 0.57cvss 9.8epss 0.05
Buffer overflow in the lldp_decode function in daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via vectors involving large management addresses and TLV boundaries.
- risk 0.64cvss 9.8epss 0.02
The mod_auth_ldap and mod_auth_ldap2 Community Modules through 2020-01-27 for Prosody incompletely verify the XMPP address passed to the is_admin() function. This grants remote entities admin-only functionality if their username matches the username of a local admin.
- risk 0.67cvss 9.8epss 0.06
MiCasaVerde VeraLite with firmware 1.5.408 allows remote attackers to send HTTP requests to intranet servers via the url parameter to cgi-bin/cmh/proxy.sh, related to a Server-Side Request Forgery (SSRF) issue.
- risk 0.64cvss 9.8epss 0.03
fish (aka fish-shell) 2.0.0 before 2.1.1 does not restrict access to the configuration service (aka fish_config), which allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by set_prompt.
- risk 0.64cvss 9.8epss 0.03
wolfSSL CyaSSL before 2.9.4 allows remote attackers to have unspecified impact via multiple calls to the CyaSSL_read function which triggers an out-of-bounds read when an error occurs, related to not checking the return code and MAC verification failure.
- risk 0.64cvss 9.8epss 0.03
The SSL 3 HMAC functionality in wolfSSL CyaSSL 2.5.0 before 2.9.4 does not check the padding length when verification fails, which allows remote attackers to have unspecified impact via a crafted HMAC, which triggers an out-of-bounds read.
- risk 0.64cvss 9.8epss 0.03
The DoAlert function in the (1) TLS and (2) DTLS implementations in wolfSSL CyaSSL before 2.9.4 allows remote attackers to have unspecified impact and vectors, which trigger memory corruption or an out-of-bounds read.
- risk 0.64cvss 9.8epss 0.06
The download_from_url function in OpenShift Origin allows remote attackers to execute arbitrary commands via shell metacharacters in the URL of a request to download a cart.
- risk 0.64cvss 9.8epss 0.05
backup.php in HandsomeWeb SOS Webpages before 1.1.12 does not require knowledge of the cleartext password, which allows remote attackers to bypass authentication by leveraging knowledge of the administrator password hash.
- risk 0.68cvss 9.8epss 0.16
Iris 3.8 before build 1548, as used in Xpient point of sale (POS) systems, allows remote attackers to execute arbitrary commands via a crafted request to TCP port 7510, as demonstrated by opening the cash drawer.
- risk 0.64cvss 9.8epss 0.03
Eval injection vulnerability in the Module-Metadata module before 1.000015 for Perl allows remote attackers to execute arbitrary Perl code via the $Version value.
- risk 0.64cvss 9.8epss 0.03
A flawed DNS rebinding protection issue was discovered in GitLab CE/EE 10.2 and later in the `url_blocker.rb` which could result in SSRF where the library is utilized.
- risk 0.64cvss 9.8epss 0.02
Improper authentication exists in < 12.3.2, < 12.2.6, and < 12.1.12 for GitLab Community Edition (CE) and Enterprise Edition (EE) in the GitLab SAML integration had a validation issue that permitted an attacker to takeover another user's account.
- risk 0.64cvss 9.8epss 0.04
Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead…
- risk 0.64cvss 9.8epss 0.04
Adobe Acrobat and Reader versions 2019.010.20064 and earlier, 2019.010.20064 and earlier, 2017.011.30110 and earlier version, and 2015.006.30461 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.
- risk 0.64cvss 9.8epss 0.03
Command-injection vulnerability in Huawei E587 3G Mobile Hotspot 11.203.27 allows remote attackers to execute arbitrary shell commands with root privileges due to an error in the Web UI.
- risk 0.64cvss 9.8epss 0.01
panel_login.php in UseBB 1.0.12 allows type juggling for login bypass because != is used instead of !== for password hashes, which mishandles hashes that begin with 0e followed by exclusively numerical characters.
- risk 0.64cvss 9.8epss 0.06
SMC Networks D3G0804W D3GNV5M-3.5.1.6.10_GA devices allow remote command execution by leveraging access to the Network Diagnostic Tools screen, as demonstrated by an admin login. The attacker must use a Parameter Pollution approach against goform/formSetDiagnosticToolsFmPing by…
- risk 0.64cvss 9.8epss 0.03
Synacor Zimbra Collaboration before 8.0.9 allows plaintext command injection during STARTTLS.
- risk 0.73cvss 9.8epss 0.77
Directory traversal vulnerability in the GfdFileUploadServerlet servlet in Lexmark MarkVision Enterprise before 2.1 allows remote attackers to write to arbitrary files via unspecified vectors.
- risk 0.73cvss 9.8epss 0.75
Unrestricted file upload vulnerability in AgentLogUploadServlet in ManageEngine DesktopCentral 7.x and 8.0.0 before build 80293 allows remote attackers to execute arbitrary code by uploading a file with a jsp extension, then accessing it via a direct request to the file in the…
- risk 0.66cvss 9.8epss 0.30
On certain TOTOLINK Realtek SDK based routers, the CAPTCHA text can be retrieved via an {"topicurl":"setting/getSanvas"} POST to the boafrm/formLogin URI, leading to a CAPTCHA bypass. (Also, the CAPTCHA text is not needed once the attacker has determined valid credentials. The…
- risk 0.59cvss 9.0epss 0.02
A OS Command Injection vulnerability in the bootstrap stage of Bitdefender BOX 2 allows the manipulation of the `get_image_url()` function in special circumstances to inject a system command.
- risk 0.64cvss 9.8epss 0.02
The Phonemes mode in Pwgen 2.06 generates predictable passwords, which makes it easier for context-dependent attackers to guess the password via a brute-force attack.
- risk 0.57cvss 9.8epss 0.04
PostgreSQL before 9.0.19, 9.1.x before 9.1.15, 9.2.x before 9.2.10, 9.3.x before 9.3.6, and 9.4.x before 9.4.1 does not properly handle errors while reading a protocol message, which allows remote attackers to conduct SQL injection attacks via crafted binary data in a parameter…
- risk 0.52cvss 9.1epss 0.02
libaspell.a in GNU Aspell before 0.60.8 has a buffer over-read for a string ending with a single '\0' byte, if the encoding is set to ucs-2 or ucs-4 outside of the application, as demonstrated by the ASPELL_CONF environment variable.
- risk 0.59cvss 9.1epss 0.03
WordPress Portable phpMyAdmin Plugin has an authentication bypass vulnerability
- risk 0.64cvss 9.8epss 0.02
XnView 2.03 has an integer overflow vulnerability
- risk 0.64cvss 9.8epss 0.02
XnView 2.03 has a stack-based buffer overflow vulnerability
- risk 0.63cvss 9.6epss 0.02
IrfanView FlashPix Plugin 4.3.4 0 has an Integer Overflow Vulnerability
- risk 0.73cvss 9.8epss 0.80
install/index.php in WebCalendar before 1.2.5 allows remote attackers to execute arbitrary code via the form_single_user_login parameter.
- risk 0.64cvss 9.8epss 0.05
In the Lustre file system before 2.12.3, the ptlrpc module has a buffer overflow and panic, and possibly remote code execution, due to the lack of validation for specific fields of packets sent by a client. Interaction between req_capsule_get_size and tgt_brw_write leads to a…
- risk 0.64cvss 9.8epss 0.02
The Intellian Aptus application 1.0.2 for Android has a hardcoded password of intellian for the masteruser FTP account.
- risk 0.64cvss 9.8epss 0.02
Intellian Aptus Web 1.24 has a hardcoded password of 12345678 for the intellian account.
- risk 0.64cvss 9.8epss 0.01
The Intellian Aptus application 1.0.2 for Android has hardcoded values for DOWNLOAD_API_KEY and FILE_DOWNLOAD_API_KEY.
- risk 0.64cvss 9.8epss 0.05
The htdocs/index.php?mainmenu=home login page in Dolibarr 10.0.6 allows an unlimited rate of failed authentication attempts.
- risk 0.59cvss 9.1epss 0.01
A vulnerability in the application programming interface (API) of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to change user account information which can prevent users from logging in, resulting in a denial of service (DoS) condition of…
- risk 0.57cvss 9.8epss 0.01
sql.rb in Geocoder before 1.6.1 allows Boolean-based SQL injection when within_bounding_box is used in conjunction with untrusted sw_lat, sw_lng, ne_lat, or ne_lng data.
- risk 0.73cvss 9.8epss 0.83
Intellian Aptus Web 1.24 allows remote attackers to execute arbitrary OS commands via the Q field within JSON data to the cgi-bin/libagent.cgi URI. NOTE: a valid sid cookie for a login to the intellian default account might be needed.
- risk 0.67cvss 9.8epss 0.05
IRIS citations management tool through 1.3 allows remote attackers to execute arbitrary commands.
- risk 0.59cvss 9.0epss 0.02
An exploitable type confusion vulnerability exists in AMD ATIDXX64.DLL driver, versions 26.20.13031.10003, 26.20.13031.15006 and 26.20.13031.18002. A specially crafted pixel shader can cause a type confusion issue, leading to potential code execution. An attacker can provide a…
- risk 0.64cvss 9.8epss 0.02
An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. When running Git in the Windows Subsystem for Linux (also known as "WSL") while accessing a working directory on a regular Windows drive, none…