| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-13550 | Cri | 0.64 | 9.8 | 0.03 | Sep 18, 2019 | In WebAccess, versions 8.4.1 and prior, an improper authorization vulnerability may allow an attacker to disclose sensitive information, cause improper control of generation of code, which may allow remote code execution or cause a system crash. | ||
| CVE-2019-9677 | Cri | 0.64 | 9.8 | 0.01 | Sep 18, 2019 | The specific fields of CGI interface of some Dahua products are not strictly verified, an attacker can cause a buffer overflow by constructing malicious packets. Affected products include: IPC-HDW1X2X,IPC-HFW1X2X,IPC-HDW2X2X,IPC-HFW2X2X,IPC-HDW4X2X,IPC-HFW4X2X,IPC-HDBW4X2X,IPC-HD… | ||
| CVE-2019-14254 | Cri | 0.64 | 9.8 | 0.01 | Sep 18, 2019 | An issue was discovered in the secure portal in Publisure 2.1.2. Because SQL queries are not well sanitized, there are multiple SQL injections in userAccFunctions.php functions. Using this, an attacker can access passwords and/or grant access to the user account "user" in order… | ||
| CVE-2019-16399 | Cri | 0.67 | 9.8 | 0.07 | Sep 18, 2019 | Western Digital WD My Book World through II 1.02.12 suffers from Broken Authentication, which allows an attacker to access the /admin/ directory without credentials. An attacker can easily enable SSH from /admin/system_advanced.php?lang=en and login with the default root… | ||
| CVE-2016-10995 | Cri | 0.64 | 9.8 | 0.02 | Sep 18, 2019 | The Tevolution plugin before 2.3.0 for WordPress has arbitrary file upload via single_upload.php or single-upload.php. | ||
| CVE-2019-16199 | Cri | 0.65 | 9.8 | 0.13 | Sep 17, 2019 | eQ-3 Homematic CCU2 before 2.47.18 and CCU3 before 3.47.18 allow Remote Code Execution by unauthenticated attackers with access to the web interface via an HTTP POST request to certain URLs related to the ReGa core process. | ||
| CVE-2019-6840 | Cri | 0.64 | 9.8 | 0.01 | Sep 17, 2019 | A Format String: CWE-134 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), which could allow an attacker to… | ||
| CVE-2019-6837 | Cri | 0.59 | 9.1 | 0.01 | Sep 17, 2019 | A Server-Side Request Forgery (SSRF): CWE-918 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), which could… | ||
| CVE-2018-7820 | Cri | 0.64 | 9.8 | 0.01 | Sep 17, 2019 | A Credentials Management CWE-255 vulnerability exists in the APC UPS Network Management Card 2 AOS v6.5.6, which could cause Remote Monitoring Credentials to be viewed in plaintext when Remote Monitoring is enabled, and then disabled. | ||
| CVE-2019-16378 | Cri | 0.00 | 9.8 | 0.02 | Sep 17, 2019 | OpenDMARC through 1.3.2 and 1.4.x through 1.4.0-Beta1 is prone to a signature-bypass vulnerability with multiple From: addresses, which might affect applications that consider a domain name to be relevant to the origin of an e-mail message. | ||
| CVE-2019-16239 | Cri | 0.57 | 9.8 | 0.03 | Sep 17, 2019 | process_http_response in OpenConnect before 8.05 has a Buffer Overflow when a malicious server uses HTTP chunked encoding with crafted chunk sizes. | ||
| CVE-2019-15131 | Cri | 0.64 | 9.8 | 0.02 | Sep 17, 2019 | In Code42 Enterprise 6.7.5 and earlier, 6.8.4 through 6.8.8, and 7.0.0 a vulnerability has been identified that may allow arbitrary files to be uploaded to Code42 servers and executed. This vulnerability could allow an attacker to create directories and save files on Code42… | ||
| CVE-2019-5482 | Cri | 0.65 | 9.8 | 0.18 | Sep 16, 2019 | Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3. | ||
| CVE-2019-5481 | Cri | 0.64 | 9.8 | 0.07 | Sep 16, 2019 | Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3. | ||
| CVE-2019-15741 | Cri | 0.64 | 9.8 | 0.03 | Sep 16, 2019 | An issue was discovered in GitLab Omnibus 7.4 through 12.2.1. An unsafe interaction with logrotate could result in a privilege escalation | ||
| CVE-2019-10071 | Cri | 0.64 | 9.8 | 0.09 | Sep 16, 2019 | The code which checks HMAC in form submissions used String.equals() for comparisons, which results in a timing side channel for the comparison of the HMAC signatures. This could lead to remote code execution if an attacker is able to determine the correct signature for their… | ||
| CVE-2019-16366 | Cri | 0.64 | 9.8 | 0.01 | Sep 16, 2019 | In XS 9.0.0 in Moddable SDK OS180329, there is a heap-based buffer overflow in fxBeginHost in xsAPI.c when called from fxRunDefine in xsRun.c, as demonstrated by crafted JavaScript code to xst. | ||
| CVE-2016-10972 | Cri | 0.64 | 9.8 | 0.09 | Sep 16, 2019 | The newspaper theme before 6.7.2 for WordPress has a lack of options access control via td_ajax_update_panel. | ||
| CVE-2019-0195 | — | Cri | 0.65 | 9.8 | 0.15 | Sep 16, 2019 | Manipulating classpath asset file URLs, an attacker could guess the path to a known file in the classpath and have it downloaded. If the attacker found the file with the value of the tapestry.hmac-passphrase configuration symbol, most probably the webapp's AppModule class, the… | |
| CVE-2019-16264 | Cri | 0.64 | 9.8 | 0.02 | Sep 16, 2019 | In Escuela de Gestion Publica Plurinacional (EGPP) Sistema Integrado de Gestion Academica (GESAC) v1, the username parameter of the authentication form is vulnerable to SQL injection, allowing attackers to access the database. | ||
| CVE-2016-10971 | Cri | 0.64 | 9.8 | 0.02 | Sep 16, 2019 | The MemberSonic Lite plugin before 1.302 for WordPress has incorrect login access control because only knowlewdge of an e-mail address is required. | ||
| CVE-2019-16057 | Cri | 0.89 | 9.8 | 0.87 | KEV | Sep 16, 2019 | The login_mgr.cgi script in D-Link DNS-320 through 2.05.B10 is vulnerable to remote command injection. | |
| CVE-2019-13474 | Cri | 0.64 | 9.8 | 0.03 | Sep 16, 2019 | TELESTAR Bobs Rock Radio, Dabman D10, Dabman i30 Stereo, Imperial i110, Imperial i150, Imperial i200, Imperial i200-cd, Imperial i400, Imperial i450, Imperial i500-bt, and Imperial i600 TN81HH96-g102h-g102 devices have insufficient access control for the /set_dname, /mylogo,… | ||
| CVE-2017-18634 | Cri | 0.64 | 9.8 | 0.02 | Sep 16, 2019 | The newspaper theme before 6.7.2 for WordPress has script injection via td_ads[header] to admin-ajax.php. | ||
| CVE-2019-16335 | — | Cri | 0.57 | 9.8 | 0.05 | Sep 15, 2019 | A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540. | |
| CVE-2019-14540 | — | Cri | 0.58 | 9.8 | 0.11 | Sep 15, 2019 | A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig. | |
| CVE-2019-16314 | Cri | 0.67 | 9.8 | 0.39 | Sep 14, 2019 | Indexhibit 2.1.5 allows a product reinstallation, with resultant remote code execution, via /ndxzstudio/install.php?p=2. | ||
| CVE-2019-16309 | Cri | 0.64 | 9.8 | 0.05 | Sep 14, 2019 | FlameCMS 3.3.5 has SQL injection in account/login.php via accountName. | ||
| CVE-2019-16303 | — | Cri | 0.57 | 9.8 | 0.04 | Sep 14, 2019 | A class generated by the Generator in JHipster before 6.3.0 and JHipster Kotlin through 1.1.0 produces code that uses an insecure source of randomness (apache.commons.lang3 RandomStringUtils). This allows an attacker (if able to obtain their own password reset URL) to compute… | |
| CVE-2019-5485 | — | Cri | 0.73 | 10.0 | 0.60 | Sep 13, 2019 | NPM package gitlabhook version 0.0.17 is vulnerable to a Command Injection vulnerability. Arbitrary commands can be injected through the repository name. | |
| CVE-2019-13923 | Cri | 0.62 | 9.6 | 0.01 | Sep 13, 2019 | A vulnerability has been identified in IE/WSN-PA Link WirelessHART Gateway (All versions). The integrated configuration web server of the affected device could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. User… | ||
| CVE-2019-13918 | Cri | 0.64 | 9.8 | 0.02 | Sep 13, 2019 | A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). The web interface has no means to prevent password guessing attacks. The vulnerability could be exploited by an attacker with network access to the vulnerable software, requiring no… | ||
| CVE-2019-13548 | Cri | 0.64 | 9.8 | 0.06 | Sep 13, 2019 | CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which could cause a stack overflow and create a denial-of-service condition or allow remote code execution. | ||
| CVE-2018-7081 | Cri | 0.64 | 9.8 | 0.06 | Sep 13, 2019 | A remote code execution vulnerability is present in network-listening components in some versions of ArubaOS. An attacker with the ability to transmit specially-crafted IP traffic to a mobility controller could exploit this vulnerability and cause a process crash or to execute… | ||
| CVE-2010-5333 | Cri | 0.68 | 9.8 | 0.16 | Sep 13, 2019 | The web server in Integard Pro and Home before 2.0.0.9037 and 2.2.x before 2.2.0.9037 has a buffer overflow via a long password in an administration login POST request, leading to arbitrary code execution. An SEH-overwrite buffer overflow already existed for the vulnerable… | ||
| CVE-2019-13364 | Cri | 0.63 | 9.6 | 0.01 | Sep 13, 2019 | admin.php?page=account_billing in Piwigo 2.9.5 has XSS via the vat_number, billing_name, company, or billing_address parameter. This is exploitable via CSRF. | ||
| CVE-2019-13363 | Cri | 0.63 | 9.6 | 0.01 | Sep 13, 2019 | admin.php?page=notification_by_mail in Piwigo 2.9.5 has XSS via the nbm_send_html_mail, nbm_send_mail_as, nbm_send_detailed_content, nbm_complementary_mail_content, nbm_send_recent_post_dates, or param_submit… | ||
| CVE-2016-10955 | Cri | 0.64 | 9.8 | 0.02 | Sep 13, 2019 | The cysteme-finder plugin before 1.4 for WordPress has unrestricted file upload because of incorrect session tracking. | ||
| CVE-2016-10954 | Cri | 0.64 | 9.8 | 0.02 | Sep 13, 2019 | The Neosense theme before 1.8 for WordPress has qquploader unrestricted file upload. | ||
| CVE-2016-10942 | Cri | 0.57 | 9.8 | 0.02 | Sep 13, 2019 | The podlove-podcasting-plugin-for-wordpress plugin before 2.3.16 for WordPress has SQL injection via the insert_id parameter exploitable via CSRF. | ||
| CVE-2019-8070 | Cri | 0.64 | 9.8 | 0.06 | Sep 12, 2019 | Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Use after free vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user. | ||
| CVE-2019-8069 | Cri | 0.64 | 9.8 | 0.05 | Sep 12, 2019 | Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Same Origin Method Execution vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user. | ||
| CVE-2019-11898 | Cri | 0.64 | 9.9 | 0.01 | Sep 12, 2019 | Unauthorized APE administration privileges can be achieved by reverse engineering one of the APE service tools. The service tool is discontinued with Bosch Access Professional Edition (APE) 3.8. | ||
| CVE-2019-14237 | Cri | 0.64 | 9.8 | 0.03 | Sep 12, 2019 | On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Access Controls (FAC) (a software IP protection method for execute-only access) can be defeated by observing CPU registers and the effect of code/instruction execution. | ||
| CVE-2019-14236 | Cri | 0.64 | 9.8 | 0.02 | Sep 12, 2019 | On STMicroelectronics STM32L0, STM32L1, STM32L4, STM32F4, STM32F7, and STM32H7 devices, Proprietary Code Read Out Protection (PCROP) (a software IP protection method) can be defeated by observing CPU registers and the effect of code/instruction execution. | ||
| CVE-2019-6005 | Cri | 0.64 | 9.8 | 0.02 | Sep 12, 2019 | Smart TV Box firmware version prior to 1300 allows remote attackers to bypass access restriction to conduct arbitrary operations on the device without user's intent, such as installing arbitrary software or changing the device settings via Android Debug Bridge port 5555/TCP. | ||
| CVE-2019-16261 | Cri | 0.59 | 9.1 | 0.03 | Sep 12, 2019 | Tripp Lite PDUMH15AT 12.04.0053 and SU750XL 12.04.0052 devices allow unauthenticated POST requests to the /Forms/ directory, as demonstrated by changing the manager or admin password, or shutting off power to an outlet. NOTE: the vendor's position is that a newer firmware… | ||
| CVE-2019-16257 | Cri | 0.64 | 9.8 | 0.02 | Sep 12, 2019 | Some Motorola devices include the SIMalliance Toolbox Browser (aka S@T Browser) on the UICC, which might allow remote attackers to retrieve location and IMEI information, or retrieve other data or execute certain commands, via SIM Toolkit (STK) instructions in an SMS message,… | ||
| CVE-2019-16256 | Cri | 0.76 | 9.8 | 0.05 | KEV | Sep 12, 2019 | Some Samsung devices include the SIMalliance Toolbox Browser (aka S@T Browser) on the UICC, which might allow remote attackers to retrieve location and IMEI information, or retrieve other data or execute certain commands, via SIM Toolkit (STK) instructions in an SMS message, aka… | |
| CVE-2019-1306 | Cri | 0.65 | 9.8 | 0.17 | Sep 11, 2019 | A remote code execution vulnerability exists when Azure DevOps Server (ADO) and Team Foundation Server (TFS) fail to validate input properly, aka 'Azure DevOps and Team Foundation Server Remote Code Execution Vulnerability'. |
- risk 0.64cvss 9.8epss 0.03
In WebAccess, versions 8.4.1 and prior, an improper authorization vulnerability may allow an attacker to disclose sensitive information, cause improper control of generation of code, which may allow remote code execution or cause a system crash.
- risk 0.64cvss 9.8epss 0.01
The specific fields of CGI interface of some Dahua products are not strictly verified, an attacker can cause a buffer overflow by constructing malicious packets. Affected products include: IPC-HDW1X2X,IPC-HFW1X2X,IPC-HDW2X2X,IPC-HFW2X2X,IPC-HDW4X2X,IPC-HFW4X2X,IPC-HDBW4X2X,IPC-HD…
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in the secure portal in Publisure 2.1.2. Because SQL queries are not well sanitized, there are multiple SQL injections in userAccFunctions.php functions. Using this, an attacker can access passwords and/or grant access to the user account "user" in order…
- risk 0.67cvss 9.8epss 0.07
Western Digital WD My Book World through II 1.02.12 suffers from Broken Authentication, which allows an attacker to access the /admin/ directory without credentials. An attacker can easily enable SSH from /admin/system_advanced.php?lang=en and login with the default root…
- risk 0.64cvss 9.8epss 0.02
The Tevolution plugin before 2.3.0 for WordPress has arbitrary file upload via single_upload.php or single-upload.php.
- risk 0.65cvss 9.8epss 0.13
eQ-3 Homematic CCU2 before 2.47.18 and CCU3 before 3.47.18 allow Remote Code Execution by unauthenticated attackers with access to the web interface via an HTTP POST request to certain URLs related to the ReGa core process.
- risk 0.64cvss 9.8epss 0.01
A Format String: CWE-134 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), which could allow an attacker to…
- risk 0.59cvss 9.1epss 0.01
A Server-Side Request Forgery (SSRF): CWE-918 vulnerability exists in U.motion Server (MEG6501-0001 - U.motion KNX server, MEG6501-0002 - U.motion KNX Server Plus, MEG6260-0410 - U.motion KNX Server Plus, Touch 10, MEG6260-0415 - U.motion KNX Server Plus, Touch 15), which could…
- risk 0.64cvss 9.8epss 0.01
A Credentials Management CWE-255 vulnerability exists in the APC UPS Network Management Card 2 AOS v6.5.6, which could cause Remote Monitoring Credentials to be viewed in plaintext when Remote Monitoring is enabled, and then disabled.
- risk 0.00cvss 9.8epss 0.02
OpenDMARC through 1.3.2 and 1.4.x through 1.4.0-Beta1 is prone to a signature-bypass vulnerability with multiple From: addresses, which might affect applications that consider a domain name to be relevant to the origin of an e-mail message.
- risk 0.57cvss 9.8epss 0.03
process_http_response in OpenConnect before 8.05 has a Buffer Overflow when a malicious server uses HTTP chunked encoding with crafted chunk sizes.
- risk 0.64cvss 9.8epss 0.02
In Code42 Enterprise 6.7.5 and earlier, 6.8.4 through 6.8.8, and 7.0.0 a vulnerability has been identified that may allow arbitrary files to be uploaded to Code42 servers and executed. This vulnerability could allow an attacker to create directories and save files on Code42…
- risk 0.65cvss 9.8epss 0.18
Heap buffer overflow in the TFTP protocol handler in cURL 7.19.4 to 7.65.3.
- risk 0.64cvss 9.8epss 0.07
Double-free vulnerability in the FTP-kerberos code in cURL 7.52.0 to 7.65.3.
- risk 0.64cvss 9.8epss 0.03
An issue was discovered in GitLab Omnibus 7.4 through 12.2.1. An unsafe interaction with logrotate could result in a privilege escalation
- risk 0.64cvss 9.8epss 0.09
The code which checks HMAC in form submissions used String.equals() for comparisons, which results in a timing side channel for the comparison of the HMAC signatures. This could lead to remote code execution if an attacker is able to determine the correct signature for their…
- risk 0.64cvss 9.8epss 0.01
In XS 9.0.0 in Moddable SDK OS180329, there is a heap-based buffer overflow in fxBeginHost in xsAPI.c when called from fxRunDefine in xsRun.c, as demonstrated by crafted JavaScript code to xst.
- risk 0.64cvss 9.8epss 0.09
The newspaper theme before 6.7.2 for WordPress has a lack of options access control via td_ajax_update_panel.
- risk 0.65cvss 9.8epss 0.15
Manipulating classpath asset file URLs, an attacker could guess the path to a known file in the classpath and have it downloaded. If the attacker found the file with the value of the tapestry.hmac-passphrase configuration symbol, most probably the webapp's AppModule class, the…
- risk 0.64cvss 9.8epss 0.02
In Escuela de Gestion Publica Plurinacional (EGPP) Sistema Integrado de Gestion Academica (GESAC) v1, the username parameter of the authentication form is vulnerable to SQL injection, allowing attackers to access the database.
- risk 0.64cvss 9.8epss 0.02
The MemberSonic Lite plugin before 1.302 for WordPress has incorrect login access control because only knowlewdge of an e-mail address is required.
- risk 0.89cvss 9.8epss 0.87
The login_mgr.cgi script in D-Link DNS-320 through 2.05.B10 is vulnerable to remote command injection.
- risk 0.64cvss 9.8epss 0.03
TELESTAR Bobs Rock Radio, Dabman D10, Dabman i30 Stereo, Imperial i110, Imperial i150, Imperial i200, Imperial i200-cd, Imperial i400, Imperial i450, Imperial i500-bt, and Imperial i600 TN81HH96-g102h-g102 devices have insufficient access control for the /set_dname, /mylogo,…
- risk 0.64cvss 9.8epss 0.02
The newspaper theme before 6.7.2 for WordPress has script injection via td_ads[header] to admin-ajax.php.
- risk 0.57cvss 9.8epss 0.05
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540.
- risk 0.58cvss 9.8epss 0.11
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig.
- risk 0.67cvss 9.8epss 0.39
Indexhibit 2.1.5 allows a product reinstallation, with resultant remote code execution, via /ndxzstudio/install.php?p=2.
- risk 0.64cvss 9.8epss 0.05
FlameCMS 3.3.5 has SQL injection in account/login.php via accountName.
- risk 0.57cvss 9.8epss 0.04
A class generated by the Generator in JHipster before 6.3.0 and JHipster Kotlin through 1.1.0 produces code that uses an insecure source of randomness (apache.commons.lang3 RandomStringUtils). This allows an attacker (if able to obtain their own password reset URL) to compute…
- risk 0.73cvss 10.0epss 0.60
NPM package gitlabhook version 0.0.17 is vulnerable to a Command Injection vulnerability. Arbitrary commands can be injected through the repository name.
- risk 0.62cvss 9.6epss 0.01
A vulnerability has been identified in IE/WSN-PA Link WirelessHART Gateway (All versions). The integrated configuration web server of the affected device could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. User…
- risk 0.64cvss 9.8epss 0.02
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V2.0 SP1). The web interface has no means to prevent password guessing attacks. The vulnerability could be exploited by an attacker with network access to the vulnerable software, requiring no…
- risk 0.64cvss 9.8epss 0.06
CODESYS V3 web server, all versions prior to 3.5.14.10, allows an attacker to send specially crafted http or https requests which could cause a stack overflow and create a denial-of-service condition or allow remote code execution.
- risk 0.64cvss 9.8epss 0.06
A remote code execution vulnerability is present in network-listening components in some versions of ArubaOS. An attacker with the ability to transmit specially-crafted IP traffic to a mobility controller could exploit this vulnerability and cause a process crash or to execute…
- risk 0.68cvss 9.8epss 0.16
The web server in Integard Pro and Home before 2.0.0.9037 and 2.2.x before 2.2.0.9037 has a buffer overflow via a long password in an administration login POST request, leading to arbitrary code execution. An SEH-overwrite buffer overflow already existed for the vulnerable…
- risk 0.63cvss 9.6epss 0.01
admin.php?page=account_billing in Piwigo 2.9.5 has XSS via the vat_number, billing_name, company, or billing_address parameter. This is exploitable via CSRF.
- risk 0.63cvss 9.6epss 0.01
admin.php?page=notification_by_mail in Piwigo 2.9.5 has XSS via the nbm_send_html_mail, nbm_send_mail_as, nbm_send_detailed_content, nbm_complementary_mail_content, nbm_send_recent_post_dates, or param_submit…
- risk 0.64cvss 9.8epss 0.02
The cysteme-finder plugin before 1.4 for WordPress has unrestricted file upload because of incorrect session tracking.
- risk 0.64cvss 9.8epss 0.02
The Neosense theme before 1.8 for WordPress has qquploader unrestricted file upload.
- risk 0.57cvss 9.8epss 0.02
The podlove-podcasting-plugin-for-wordpress plugin before 2.3.16 for WordPress has SQL injection via the insert_id parameter exploitable via CSRF.
- risk 0.64cvss 9.8epss 0.06
Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Use after free vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user.
- risk 0.64cvss 9.8epss 0.05
Adobe Flash Player 32.0.0.238 and earlier versions, 32.0.0.207 and earlier versions have a Same Origin Method Execution vulnerability. Successful exploitation could lead to Arbitrary Code Execution in the context of the current user.
- risk 0.64cvss 9.9epss 0.01
Unauthorized APE administration privileges can be achieved by reverse engineering one of the APE service tools. The service tool is discontinued with Bosch Access Professional Edition (APE) 3.8.
- risk 0.64cvss 9.8epss 0.03
On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Access Controls (FAC) (a software IP protection method for execute-only access) can be defeated by observing CPU registers and the effect of code/instruction execution.
- risk 0.64cvss 9.8epss 0.02
On STMicroelectronics STM32L0, STM32L1, STM32L4, STM32F4, STM32F7, and STM32H7 devices, Proprietary Code Read Out Protection (PCROP) (a software IP protection method) can be defeated by observing CPU registers and the effect of code/instruction execution.
- risk 0.64cvss 9.8epss 0.02
Smart TV Box firmware version prior to 1300 allows remote attackers to bypass access restriction to conduct arbitrary operations on the device without user's intent, such as installing arbitrary software or changing the device settings via Android Debug Bridge port 5555/TCP.
- risk 0.59cvss 9.1epss 0.03
Tripp Lite PDUMH15AT 12.04.0053 and SU750XL 12.04.0052 devices allow unauthenticated POST requests to the /Forms/ directory, as demonstrated by changing the manager or admin password, or shutting off power to an outlet. NOTE: the vendor's position is that a newer firmware…
- risk 0.64cvss 9.8epss 0.02
Some Motorola devices include the SIMalliance Toolbox Browser (aka S@T Browser) on the UICC, which might allow remote attackers to retrieve location and IMEI information, or retrieve other data or execute certain commands, via SIM Toolkit (STK) instructions in an SMS message,…
- risk 0.76cvss 9.8epss 0.05
Some Samsung devices include the SIMalliance Toolbox Browser (aka S@T Browser) on the UICC, which might allow remote attackers to retrieve location and IMEI information, or retrieve other data or execute certain commands, via SIM Toolkit (STK) instructions in an SMS message, aka…
- risk 0.65cvss 9.8epss 0.17
A remote code execution vulnerability exists when Azure DevOps Server (ADO) and Team Foundation Server (TFS) fail to validate input properly, aka 'Azure DevOps and Team Foundation Server Remote Code Execution Vulnerability'.