| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-15069 | Cri | 0.64 | 9.8 | 0.01 | Sep 25, 2019 | An unsafe authentication interface was discovered in Smart Battery A4, a multifunctional portable charger, firmware version ?<= r1.7.9 . An attacker can bypass authentication without modifying device file and gain web page management privilege. | ||
| CVE-2019-15068 | Cri | 0.64 | 9.8 | 0.02 | Sep 25, 2019 | A broken access control vulnerability in Smart Battery A4, a multifunctional portable charger, firmware version ?<= r1.7.9 allows an attacker to get/reset administrator’s password without any authentication. | ||
| CVE-2019-15067 | Cri | 0.64 | 9.8 | 0.02 | Sep 25, 2019 | An authentication bypass vulnerability discovered in Smart Battery A2-25DE, a multifunctional portable charger, firmware version ?<= SECFS-2013-10-16-13:42:58-629c30ee-60c68be6. An attacker can bypass authentication and gain privilege by modifying the login page. | ||
| CVE-2019-12204 | — | Cri | 0.64 | 9.8 | 0.01 | Sep 25, 2019 | In SilverStripe through 4.3.3, a missing warning about leaving install.php in a public webroot can lead to unauthenticated admin access. | |
| CVE-2019-16881 | — | Cri | 0.57 | 9.8 | 0.03 | Sep 25, 2019 | An issue was discovered in the portaudio-rs crate through 0.3.1 for Rust. There is a use-after-free with resultant arbitrary code execution because of a lack of unwind safety in stream_callback and stream_finished_callback. | |
| CVE-2019-16880 | — | Cri | 0.64 | 9.8 | 0.02 | Sep 25, 2019 | An issue was discovered in the linea crate through 0.9.4 for Rust. There is double free in the Matrix::zip_elements method. | |
| CVE-2019-16194 | — | Cri | 0.57 | 9.8 | 0.02 | Sep 25, 2019 | SQL injection vulnerabilities in Centreon through 19.04 allow attacks via the svc_id parameter in include/monitoring/status/Services/xml/makeXMLForOneService.php. | |
| CVE-2019-10418 | Cri | 0.64 | 9.9 | 0.01 | Sep 25, 2019 | Jenkins Kubernetes :: Pipeline :: Arquillian Steps Plugin provides a custom whitelist for script security that allowed attackers to invoke arbitrary methods, bypassing typical sandbox protection. | ||
| CVE-2019-10417 | Cri | 0.64 | 9.9 | 0.01 | Sep 25, 2019 | Jenkins Kubernetes :: Pipeline :: Kubernetes Steps Plugin provides a custom whitelist for script security that allowed attackers to invoke arbitrary methods, bypassing typical sandbox protection. | ||
| CVE-2019-16868 | Cri | 0.64 | 9.8 | 0.03 | Sep 25, 2019 | emlog through 6.0.0beta has an arbitrary file deletion vulnerability via an admin/data.php?action=dell_all_bak request with directory traversal sequences in the bak[] parameter. | ||
| CVE-2019-16759 | Cri | 0.87 | 9.8 | 1.00 | KEV | Sep 24, 2019 | vBulletin 5.x through 5.5.4 allows remote command execution via the widgetConfig[code] parameter in an ajax/render/widget_php routestring request. | |
| CVE-2019-16724 | Cri | 0.72 | 9.8 | 0.72 | Sep 24, 2019 | File Sharing Wizard 1.5.0 allows a remote attacker to obtain arbitrary code execution by exploiting a Structured Exception Handler (SEH) based buffer overflow in an HTTP POST parameter, a similar issue to CVE-2010-2330 and CVE-2010-2331. | ||
| CVE-2019-5505 | Cri | 0.64 | 9.8 | 0.01 | Sep 24, 2019 | ONTAP Select Deploy administration utility versions 2.2 through 2.12.1 transmit credentials in plaintext. | ||
| CVE-2019-5504 | Cri | 0.64 | 9.8 | 0.02 | Sep 24, 2019 | ONTAP Select Deploy administration utility versions 2.12 & 2.12.1 ship with an HTTP service bound to the network allowing unauthenticated remote attackers to perform administrative actions. | ||
| CVE-2019-16411 | Cri | 0.64 | 9.8 | 0.02 | Sep 24, 2019 | An issue was discovered in Suricata 4.1.4. By sending multiple IPv4 packets that have invalid IPv4Options, the function IPV4OptValidateTimestamp in decode-ipv4.c tries to access a memory region that is not allocated. There is a check for o->len < 5 (corresponding to 2 bytes of… | ||
| CVE-2019-16410 | Cri | 0.59 | 9.1 | 0.02 | Sep 24, 2019 | An issue was discovered in Suricata 4.1.4. By sending multiple fragmented IPv4 packets, the function Defrag4Reassemble in defrag.c tries to access a memory region that is not allocated, because of a lack of header_len checking. | ||
| CVE-2019-15699 | Cri | 0.59 | 9.1 | 0.02 | Sep 24, 2019 | An issue was discovered in app-layer-ssl.c in Suricata 4.1.4. Upon receiving a corrupted SSLv3 (TLS 1.2) packet, the parser function TLSDecodeHSHelloExtensions tries to access a memory region that is not allocated, because the expected length of HSHelloExtensions does not match… | ||
| CVE-2019-16383 | Cri | 0.65 | 9.4 | 0.05 | Sep 24, 2019 | MOVEit.DMZ.WebApi.dll in Progress MOVEit Transfer 2018 SP2 before 10.2.4, 2019 before 11.0.2, and 2019.1 before 11.1.1 allows an unauthenticated attacker to gain unauthorized access to the database. Depending on the database engine being used (MySQL, Microsoft SQL Server, or… | ||
| CVE-2019-16748 | Cri | 0.64 | 9.8 | 0.01 | Sep 24, 2019 | In wolfSSL through 4.1.0, there is a missing sanity check of memory accesses in parsing ASN.1 certificate data while handshaking. Specifically, there is a one-byte heap-based buffer over-read in CheckCertSignature_ex in wolfcrypt/src/asn.c. | ||
| CVE-2019-16746 | Cri | 0.65 | 9.8 | 0.13 | Sep 24, 2019 | An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow. | ||
| CVE-2019-16377 | — | Cri | 0.64 | 9.8 | 0.03 | Sep 23, 2019 | The makandra consul gem through 1.0.2 for Ruby has Incorrect Access Control. | |
| CVE-2019-3416 | Cri | 0.64 | 9.8 | 0.01 | Sep 23, 2019 | All versions up to V81511329.1008 of ZTE ZXV10 B860A products are impacted by input validation vulnerability. Due to input validation, unauthorized users can take advantage of this vulnerability to control the user terminal system. | ||
| CVE-2019-16722 | Cri | 0.64 | 9.8 | 0.03 | Sep 23, 2019 | ZZZCMS zzzphp v1.7.2 has an insufficient protection mechanism against PHP Code Execution, because passthru bypasses an str_ireplace operation. | ||
| CVE-2019-16705 | Cri | 0.59 | 9.1 | 0.02 | Sep 23, 2019 | Ming (aka libming) 0.4.8 has an out of bounds read vulnerability in the function OpCode() in the decompile.c file in libutil.a. | ||
| CVE-2019-16702 | Cri | 0.68 | 9.8 | 0.11 | Sep 23, 2019 | Integard Pro 2.2.0.9026 allows remote attackers to execute arbitrary code via a buffer overflow involving a long NoJs parameter to the /LoginAdmin URI. | ||
| CVE-2019-16696 | Cri | 0.64 | 9.8 | 0.02 | Sep 22, 2019 | phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/edit.php table parameter when action=add is used. | ||
| CVE-2019-16695 | Cri | 0.64 | 9.8 | 0.02 | Sep 22, 2019 | phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/filter.php table parameter when action=add is used. | ||
| CVE-2019-16694 | Cri | 0.64 | 9.8 | 0.02 | Sep 22, 2019 | phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/edit-result.php table parameter when action=add is used. | ||
| CVE-2019-16693 | Cri | 0.67 | 9.8 | 0.04 | Sep 22, 2019 | phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/order.php table parameter when action=add is used. | ||
| CVE-2019-16692 | Cri | 0.68 | 9.8 | 0.10 | Sep 22, 2019 | phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/filter-result.php table parameter when action=add is used. | ||
| CVE-2018-21018 | Cri | 0.00 | 9.8 | 0.03 | Sep 22, 2019 | Mastodon before 2.6.3 mishandles timeouts of incompletely established sessions. | ||
| CVE-2019-16656 | Cri | 0.64 | 9.8 | 0.01 | Sep 21, 2019 | joyplus-cms 1.6.0 allows remote attackers to execute arbitrary PHP code via /install by placing the code in the name of an object in the database. | ||
| CVE-2019-16650 | Cri | 0.65 | 10.0 | 0.02 | Sep 21, 2019 | On Supermicro X10 and X11 products, a client's access privileges may be transferred to a different client that later has the same socket file descriptor number. In opportunistic circumstances, an attacker can simply connect to the virtual media service, and then connect virtual… | ||
| CVE-2019-16649 | Cri | 0.65 | 10.0 | 0.01 | Sep 21, 2019 | On Supermicro H11, H12, M11, X9, X10, and X11 products, a combination of encryption and authentication problems in the virtual media service allows capture of BMC credentials and data transferred over virtual media devices. Attackers can use captured credentials to connect… | ||
| CVE-2019-6650 | Cri | 0.59 | 9.1 | 0.01 | Sep 20, 2019 | F5 BIG-IP ASM 15.0.0, 14.1.0-14.1.0.6, 14.0.0-14.0.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, 11.6.0-11.6.4, and 11.5.1-11.5.9 may expose sensitive information and allow the system configuration to be modified when using non-default settings. | ||
| CVE-2019-6649 | Cri | 0.59 | 9.1 | 0.01 | Sep 20, 2019 | F5 BIG-IP 15.0.0, 14.1.0-14.1.0.6, 14.0.0-14.0.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, 11.6.0-11.6.4, and 11.5.1-11.5.9 and Enterprise Manager 3.1.1 may expose sensitive information and allow the system configuration to be modified when using non-default ConfigSync settings. | ||
| CVE-2019-5521 | Cri | 0.63 | 9.6 | 0.02 | Sep 20, 2019 | VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x before 15.0.3 and 14.x before 14.1.6) and Fusion (11.x before 11.0.3 and 10.x before 10.1.6) contain an out-of-bounds read vulnerability in the pixel shader functionality.… | ||
| CVE-2019-16644 | Cri | 0.64 | 9.8 | 0.01 | Sep 20, 2019 | App\Home\Controller\ZhuantiController.class.php in TuziCMS 2.0.6 has SQL injection via the index.php/Zhuanti/group?id= substring. | ||
| CVE-2019-16642 | Cri | 0.64 | 9.8 | 0.02 | Sep 20, 2019 | App\Mobile\Controller\ZhuantiController.class.php in TuziCMS 2.0.6 has SQL injection via the index.php/Mobile/Zhuanti/group?id= substring. | ||
| CVE-2016-11000 | Cri | 0.64 | 9.8 | 0.02 | Sep 20, 2019 | The wp-ultimate-exporter plugin through 1.1 for WordPress has SQL injection via the export_type_name parameter. | ||
| CVE-2019-15088 | Cri | 0.64 | 9.8 | 0.02 | Sep 20, 2019 | An issue was discovered in PRiSE adAS 1.7.0. Password hashes are compared using the equality operator. Thus, under specific circumstances, it is possible to bypass login authentication. | ||
| CVE-2019-14914 | Cri | 0.59 | 9.1 | 0.02 | Sep 20, 2019 | An issue was discovered in PRiSE adAS 1.7.0. The path is not properly escaped in the medatadata_del method, leading to an arbitrary file read and deletion via Directory Traversal. | ||
| CVE-2019-15000 | Cri | 0.64 | 9.8 | 0.08 | Sep 19, 2019 | The commit diff rest endpoint in Bitbucket Server and Data Center before 5.16.10 (the fixed version for 5.16.x ), from 6.0.0 before 6.0.10 (the fixed version for 6.0.x), from 6.1.0 before 6.1.8 (the fixed version for 6.1.x), from 6.2.0 before 6.2.6 (the fixed version for 6.2.x),… | ||
| CVE-2019-3758 | Cri | 0.64 | 9.8 | 0.01 | Sep 18, 2019 | RSA Archer, versions prior to 6.6 P2 (6.6.0.2), contain an improper authentication vulnerability. The vulnerability allows sysadmins to create user accounts with insufficient credentials. Unauthenticated attackers could gain unauthorized access to the system using those accounts. | ||
| CVE-2019-11211 | Cri | 0.65 | 9.9 | 0.04 | Sep 18, 2019 | The server component of TIBCO Software Inc.'s TIBCO Enterprise Runtime for R - Server Edition, and TIBCO Spotfire Analytics Platform for AWS Marketplace contains a vulnerability that theoretically allows an authenticated user to trigger remote code execution in certain… | ||
| CVE-2019-11210 | Cri | 0.65 | 10.0 | 0.04 | Sep 18, 2019 | The server component of TIBCO Software Inc.'s TIBCO Enterprise Runtime for R - Server Edition, and TIBCO Spotfire Analytics Platform for AWS Marketplace contains a vulnerability that theoretically allows an unauthenticated user to bypass access controls and remotely execute code… | ||
| CVE-2019-13558 | Cri | 0.64 | 9.8 | 0.03 | Sep 18, 2019 | In WebAccess versions 8.4.1 and prior, an exploit executed over the network may cause improper control of generation of code, which may allow remote code execution, data exfiltration, or cause a system crash. | ||
| CVE-2019-5067 | Cri | 0.64 | 9.8 | 0.03 | Sep 18, 2019 | An uninitialized memory access vulnerability exists in the way Aspose.PDF 19.2 for C++ handles invalid parent object pointers. A specially crafted PDF can cause a read and write from uninitialized memory, resulting in memory corruption and possibly arbitrary code execution. To… | ||
| CVE-2019-5066 | Cri | 0.64 | 9.8 | 0.02 | Sep 18, 2019 | An exploitable use-after-free vulnerability exists in the way LZW-compressed streams are processed in Aspose.PDF 19.2 for C++. A specially crafted PDF can cause a dangling heap pointer, resulting in a use-after-free condition. To trigger this vulnerability, a specifically… | ||
| CVE-2019-15301 | Cri | 0.64 | 9.8 | 0.01 | Sep 18, 2019 | A SQL injection vulnerability in the method Terrasoft.Core.DB.Column.Const() in Terrasoft Bpm'online CRM-System SDK 7.13 allows attackers to execute arbitrary SQL commands via the value parameter. |
- risk 0.64cvss 9.8epss 0.01
An unsafe authentication interface was discovered in Smart Battery A4, a multifunctional portable charger, firmware version ?<= r1.7.9 . An attacker can bypass authentication without modifying device file and gain web page management privilege.
- risk 0.64cvss 9.8epss 0.02
A broken access control vulnerability in Smart Battery A4, a multifunctional portable charger, firmware version ?<= r1.7.9 allows an attacker to get/reset administrator’s password without any authentication.
- risk 0.64cvss 9.8epss 0.02
An authentication bypass vulnerability discovered in Smart Battery A2-25DE, a multifunctional portable charger, firmware version ?<= SECFS-2013-10-16-13:42:58-629c30ee-60c68be6. An attacker can bypass authentication and gain privilege by modifying the login page.
- risk 0.64cvss 9.8epss 0.01
In SilverStripe through 4.3.3, a missing warning about leaving install.php in a public webroot can lead to unauthenticated admin access.
- risk 0.57cvss 9.8epss 0.03
An issue was discovered in the portaudio-rs crate through 0.3.1 for Rust. There is a use-after-free with resultant arbitrary code execution because of a lack of unwind safety in stream_callback and stream_finished_callback.
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in the linea crate through 0.9.4 for Rust. There is double free in the Matrix::zip_elements method.
- risk 0.57cvss 9.8epss 0.02
SQL injection vulnerabilities in Centreon through 19.04 allow attacks via the svc_id parameter in include/monitoring/status/Services/xml/makeXMLForOneService.php.
- risk 0.64cvss 9.9epss 0.01
Jenkins Kubernetes :: Pipeline :: Arquillian Steps Plugin provides a custom whitelist for script security that allowed attackers to invoke arbitrary methods, bypassing typical sandbox protection.
- risk 0.64cvss 9.9epss 0.01
Jenkins Kubernetes :: Pipeline :: Kubernetes Steps Plugin provides a custom whitelist for script security that allowed attackers to invoke arbitrary methods, bypassing typical sandbox protection.
- risk 0.64cvss 9.8epss 0.03
emlog through 6.0.0beta has an arbitrary file deletion vulnerability via an admin/data.php?action=dell_all_bak request with directory traversal sequences in the bak[] parameter.
- risk 0.87cvss 9.8epss 1.00
vBulletin 5.x through 5.5.4 allows remote command execution via the widgetConfig[code] parameter in an ajax/render/widget_php routestring request.
- risk 0.72cvss 9.8epss 0.72
File Sharing Wizard 1.5.0 allows a remote attacker to obtain arbitrary code execution by exploiting a Structured Exception Handler (SEH) based buffer overflow in an HTTP POST parameter, a similar issue to CVE-2010-2330 and CVE-2010-2331.
- risk 0.64cvss 9.8epss 0.01
ONTAP Select Deploy administration utility versions 2.2 through 2.12.1 transmit credentials in plaintext.
- risk 0.64cvss 9.8epss 0.02
ONTAP Select Deploy administration utility versions 2.12 & 2.12.1 ship with an HTTP service bound to the network allowing unauthenticated remote attackers to perform administrative actions.
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in Suricata 4.1.4. By sending multiple IPv4 packets that have invalid IPv4Options, the function IPV4OptValidateTimestamp in decode-ipv4.c tries to access a memory region that is not allocated. There is a check for o->len < 5 (corresponding to 2 bytes of…
- risk 0.59cvss 9.1epss 0.02
An issue was discovered in Suricata 4.1.4. By sending multiple fragmented IPv4 packets, the function Defrag4Reassemble in defrag.c tries to access a memory region that is not allocated, because of a lack of header_len checking.
- risk 0.59cvss 9.1epss 0.02
An issue was discovered in app-layer-ssl.c in Suricata 4.1.4. Upon receiving a corrupted SSLv3 (TLS 1.2) packet, the parser function TLSDecodeHSHelloExtensions tries to access a memory region that is not allocated, because the expected length of HSHelloExtensions does not match…
- risk 0.65cvss 9.4epss 0.05
MOVEit.DMZ.WebApi.dll in Progress MOVEit Transfer 2018 SP2 before 10.2.4, 2019 before 11.0.2, and 2019.1 before 11.1.1 allows an unauthenticated attacker to gain unauthorized access to the database. Depending on the database engine being used (MySQL, Microsoft SQL Server, or…
- risk 0.64cvss 9.8epss 0.01
In wolfSSL through 4.1.0, there is a missing sanity check of memory accesses in parsing ASN.1 certificate data while handshaking. Specifically, there is a one-byte heap-based buffer over-read in CheckCertSignature_ex in wolfcrypt/src/asn.c.
- risk 0.65cvss 9.8epss 0.13
An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in a beacon head, leading to a buffer overflow.
- risk 0.64cvss 9.8epss 0.03
The makandra consul gem through 1.0.2 for Ruby has Incorrect Access Control.
- risk 0.64cvss 9.8epss 0.01
All versions up to V81511329.1008 of ZTE ZXV10 B860A products are impacted by input validation vulnerability. Due to input validation, unauthorized users can take advantage of this vulnerability to control the user terminal system.
- risk 0.64cvss 9.8epss 0.03
ZZZCMS zzzphp v1.7.2 has an insufficient protection mechanism against PHP Code Execution, because passthru bypasses an str_ireplace operation.
- risk 0.59cvss 9.1epss 0.02
Ming (aka libming) 0.4.8 has an out of bounds read vulnerability in the function OpCode() in the decompile.c file in libutil.a.
- risk 0.68cvss 9.8epss 0.11
Integard Pro 2.2.0.9026 allows remote attackers to execute arbitrary code via a buffer overflow involving a long NoJs parameter to the /LoginAdmin URI.
- risk 0.64cvss 9.8epss 0.02
phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/edit.php table parameter when action=add is used.
- risk 0.64cvss 9.8epss 0.02
phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/filter.php table parameter when action=add is used.
- risk 0.64cvss 9.8epss 0.02
phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/edit-result.php table parameter when action=add is used.
- risk 0.67cvss 9.8epss 0.04
phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/order.php table parameter when action=add is used.
- risk 0.68cvss 9.8epss 0.10
phpIPAM 1.4 allows SQL injection via the app/admin/custom-fields/filter-result.php table parameter when action=add is used.
- risk 0.00cvss 9.8epss 0.03
Mastodon before 2.6.3 mishandles timeouts of incompletely established sessions.
- risk 0.64cvss 9.8epss 0.01
joyplus-cms 1.6.0 allows remote attackers to execute arbitrary PHP code via /install by placing the code in the name of an object in the database.
- risk 0.65cvss 10.0epss 0.02
On Supermicro X10 and X11 products, a client's access privileges may be transferred to a different client that later has the same socket file descriptor number. In opportunistic circumstances, an attacker can simply connect to the virtual media service, and then connect virtual…
- risk 0.65cvss 10.0epss 0.01
On Supermicro H11, H12, M11, X9, X10, and X11 products, a combination of encryption and authentication problems in the virtual media service allows capture of BMC credentials and data transferred over virtual media devices. Attackers can use captured credentials to connect…
- risk 0.59cvss 9.1epss 0.01
F5 BIG-IP ASM 15.0.0, 14.1.0-14.1.0.6, 14.0.0-14.0.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, 11.6.0-11.6.4, and 11.5.1-11.5.9 may expose sensitive information and allow the system configuration to be modified when using non-default settings.
- risk 0.59cvss 9.1epss 0.01
F5 BIG-IP 15.0.0, 14.1.0-14.1.0.6, 14.0.0-14.0.0.5, 13.0.0-13.1.1.5, 12.1.0-12.1.4.1, 11.6.0-11.6.4, and 11.5.1-11.5.9 and Enterprise Manager 3.1.1 may expose sensitive information and allow the system configuration to be modified when using non-default ConfigSync settings.
- risk 0.63cvss 9.6epss 0.02
VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x before 15.0.3 and 14.x before 14.1.6) and Fusion (11.x before 11.0.3 and 10.x before 10.1.6) contain an out-of-bounds read vulnerability in the pixel shader functionality.…
- risk 0.64cvss 9.8epss 0.01
App\Home\Controller\ZhuantiController.class.php in TuziCMS 2.0.6 has SQL injection via the index.php/Zhuanti/group?id= substring.
- risk 0.64cvss 9.8epss 0.02
App\Mobile\Controller\ZhuantiController.class.php in TuziCMS 2.0.6 has SQL injection via the index.php/Mobile/Zhuanti/group?id= substring.
- risk 0.64cvss 9.8epss 0.02
The wp-ultimate-exporter plugin through 1.1 for WordPress has SQL injection via the export_type_name parameter.
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in PRiSE adAS 1.7.0. Password hashes are compared using the equality operator. Thus, under specific circumstances, it is possible to bypass login authentication.
- risk 0.59cvss 9.1epss 0.02
An issue was discovered in PRiSE adAS 1.7.0. The path is not properly escaped in the medatadata_del method, leading to an arbitrary file read and deletion via Directory Traversal.
- risk 0.64cvss 9.8epss 0.08
The commit diff rest endpoint in Bitbucket Server and Data Center before 5.16.10 (the fixed version for 5.16.x ), from 6.0.0 before 6.0.10 (the fixed version for 6.0.x), from 6.1.0 before 6.1.8 (the fixed version for 6.1.x), from 6.2.0 before 6.2.6 (the fixed version for 6.2.x),…
- risk 0.64cvss 9.8epss 0.01
RSA Archer, versions prior to 6.6 P2 (6.6.0.2), contain an improper authentication vulnerability. The vulnerability allows sysadmins to create user accounts with insufficient credentials. Unauthenticated attackers could gain unauthorized access to the system using those accounts.
- risk 0.65cvss 9.9epss 0.04
The server component of TIBCO Software Inc.'s TIBCO Enterprise Runtime for R - Server Edition, and TIBCO Spotfire Analytics Platform for AWS Marketplace contains a vulnerability that theoretically allows an authenticated user to trigger remote code execution in certain…
- risk 0.65cvss 10.0epss 0.04
The server component of TIBCO Software Inc.'s TIBCO Enterprise Runtime for R - Server Edition, and TIBCO Spotfire Analytics Platform for AWS Marketplace contains a vulnerability that theoretically allows an unauthenticated user to bypass access controls and remotely execute code…
- risk 0.64cvss 9.8epss 0.03
In WebAccess versions 8.4.1 and prior, an exploit executed over the network may cause improper control of generation of code, which may allow remote code execution, data exfiltration, or cause a system crash.
- risk 0.64cvss 9.8epss 0.03
An uninitialized memory access vulnerability exists in the way Aspose.PDF 19.2 for C++ handles invalid parent object pointers. A specially crafted PDF can cause a read and write from uninitialized memory, resulting in memory corruption and possibly arbitrary code execution. To…
- risk 0.64cvss 9.8epss 0.02
An exploitable use-after-free vulnerability exists in the way LZW-compressed streams are processed in Aspose.PDF 19.2 for C++. A specially crafted PDF can cause a dangling heap pointer, resulting in a use-after-free condition. To trigger this vulnerability, a specifically…
- risk 0.64cvss 9.8epss 0.01
A SQL injection vulnerability in the method Terrasoft.Core.DB.Column.Const() in Terrasoft Bpm'online CRM-System SDK 7.13 allows attackers to execute arbitrary SQL commands via the value parameter.