| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-7066 | Cri | 0.59 | 9.0 | 0.03 | Dec 7, 2018 | An unauthenticated remote command execution exists in Aruba ClearPass Policy Manager on linked devices. The ClearPass OnConnect feature permits administrators to link other network devices into ClearPass for the purpose of collecting enhanced information about connected… | ||
| CVE-2018-18314 | Cri | 0.00 | 9.8 | 0.06 | Dec 7, 2018 | Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations. | ||
| CVE-2018-18313 | Cri | 0.01 | 9.1 | 0.10 | Dec 7, 2018 | Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory. | ||
| CVE-2018-18311 | Cri | 0.01 | 9.8 | 0.12 | Dec 7, 2018 | Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. | ||
| CVE-2018-15362 | Cri | 0.59 | 9.1 | 0.03 | Dec 7, 2018 | XXE in GE Proficy Cimplicity GDS versions 9.0 R2, 9.5, 10.0 | ||
| CVE-2018-7364 | Cri | 0.65 | 9.8 | 0.10 | Dec 7, 2018 | All versions up to ZXINOS-RESV1.01.43 of the ZTE ZXIN10 product European region are impacted by improper access control vulnerability. Due to improper access control to devcomm process, an unauthorized remote attacker can exploit this vulnerability to execute arbitrary code with… | ||
| CVE-2018-11905 | Cri | 0.64 | 9.8 | 0.01 | Dec 7, 2018 | In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Possible buffer overflow in WLAN function due to lack of input validation in values received from firmware. | ||
| CVE-2018-19925 | Cri | 0.64 | 9.8 | 0.01 | Dec 6, 2018 | An issue was discovered in Sales & Company Management System (SCMS) through 2018-06-06. It has SQL injection via the member/member_order.php type parameter, related to the O_state parameter. | ||
| CVE-2018-9556 | Cri | 0.64 | 9.8 | 0.02 | Dec 6, 2018 | In ParsePayloadHeader of payload_metadata.cc, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android.… | ||
| CVE-2018-19893 | Cri | 0.64 | 9.8 | 0.01 | Dec 6, 2018 | SearchController.php in PbootCMS 1.2.1 has SQL injection via the index.php/Search/index.html query string. | ||
| CVE-2018-18312 | Cri | 0.65 | 9.8 | 0.12 | Dec 5, 2018 | Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. | ||
| CVE-2018-16792 | Cri | 0.59 | 9.1 | 0.01 | Dec 5, 2018 | SolarWinds SFTP/SCP server through 2018-09-10 is vulnerable to XXE via a world readable and writable configuration file that allows an attacker to exfiltrate data. | ||
| CVE-2018-16791 | Cri | 0.64 | 9.8 | 0.02 | Dec 5, 2018 | In SolarWinds SFTP/SCP Server through 2018-09-10, the configuration file is world readable and writable, and stores user passwords in an insecure manner, allowing an attacker to determine passwords for potentially privileged accounts. This also grants the attacker an ability to… | ||
| CVE-2018-1002105 | Cri | 0.03 | 9.8 | 0.87 | Dec 5, 2018 | In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upgrade requests in the kube-apiserver allowed specially crafted requests to establish a connection through the Kubernetes API server to backend servers, then… | ||
| CVE-2018-19864 | Cri | 0.69 | 9.8 | 0.25 | Dec 5, 2018 | NUUO NVRmini2 Network Video Recorder firmware through 3.9.1 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow), resulting in ability to read camera feeds or reconfigure the device. | ||
| CVE-2018-19857 | Cri | 0.59 | 9.1 | 0.04 | Dec 5, 2018 | The CAF demuxer in modules/demux/caf.c in VideoLAN VLC media player 3.0.4 may read memory from an uninitialized pointer when processing magic cookies in CAF files, because a ReadKukiChunk() cast converts a return value to an unsigned int even if that value is negative. This… | ||
| CVE-2018-18843 | Cri | 0.65 | 10.0 | 0.02 | Dec 4, 2018 | The Kubernetes integration in GitLab Enterprise Edition 11.x before 11.2.8, 11.3.x before 11.3.9, and 11.4.x before 11.4.4 has SSRF. | ||
| CVE-2018-18641 | Cri | 0.64 | 9.8 | 0.01 | Dec 4, 2018 | An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It has Cleartext Storage of Sensitive Information. | ||
| CVE-2018-17160 | Cri | 0.65 | 10.0 | 0.03 | Dec 4, 2018 | In FreeBSD before 11.2-STABLE(r341486) and 11.2-RELEASE-p6, insufficient bounds checking in one of the device models provided by bhyve can permit a guest operating system to overwrite memory in the bhyve host possibly permitting arbitrary code execution. A guest OS using a… | ||
| CVE-2018-6152 | Cri | 0.63 | 9.6 | 0.01 | Dec 4, 2018 | The implementation of the Page.downloadBehavior backend unconditionally marked downloaded files as safe, regardless of file type in Google Chrome prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox… | ||
| CVE-2018-12313 | Cri | 0.64 | 9.8 | 0.04 | Dec 4, 2018 | OS command injection in snmp.cgi in ASUSTOR ADM version 3.1.1 allows attackers to execute system commands without authentication via the "rocommunity" URL parameter. | ||
| CVE-2018-17157 | Cri | 0.66 | 9.8 | 0.24 | Dec 4, 2018 | In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, an integer overflow error when handling opcodes can cause memory corruption by sending a specially crafted NFSv4 request. Unprivileged remote users with access to the NFS server may be able to execute arbitrary code. | ||
| CVE-2018-14709 | Cri | 0.64 | 9.8 | 0.02 | Dec 3, 2018 | Incorrect access control in the Dashboard API on Drobo 5N2 NAS version 4.0.5-13.28.96115 allows attackers to bypass authentication due to insecure token generation. | ||
| CVE-2018-14708 | Cri | 0.64 | 9.8 | 0.01 | Dec 3, 2018 | An insecure transport protocol used by Drobo Dashboard API on Drobo 5N2 NAS version 4.0.5-13.28.96115 allows attackers to intercept network traffic. | ||
| CVE-2018-14706 | Cri | 0.65 | 9.8 | 0.17 | Dec 3, 2018 | System command injection in the /DroboPix/api/drobopix/demo endpoint on Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to execute system commands via the payload in a POST request. | ||
| CVE-2018-14703 | Cri | 0.64 | 9.8 | 0.01 | Dec 3, 2018 | Incorrect access control in the /mysql/api/droboapp/data endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to retrieve the MySQL database root password. | ||
| CVE-2018-14701 | Cri | 0.65 | 9.8 | 0.20 | Dec 3, 2018 | System command injection in the /DroboAccess/delete_user endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to execute system commands via the "username" URL parameter. | ||
| CVE-2018-14699 | Cri | 0.66 | 9.8 | 0.29 | Dec 3, 2018 | System command injection in the /DroboAccess/enable_user endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to execute system commands via the "username" URL parameter. | ||
| CVE-2018-6440 | Cri | 0.59 | 9.1 | 0.02 | Dec 3, 2018 | A vulnerability in the proxy service of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow remote unauthenticated attackers to obtain sensitive information and possibly cause a denial of service attack. | ||
| CVE-2018-7114 | Cri | 0.66 | 9.8 | 0.33 | Dec 3, 2018 | HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P06) is vulnerable to remote buffer overflow in dbman leading to code execution. This problem is resolved in IMC PLAT 7.3 (E0605P06) or subsequent versions. | ||
| CVE-2018-15715 | Cri | 0.64 | 9.8 | 0.03 | Nov 30, 2018 | Zoom clients on Windows (before version 4.1.34814.1119), Mac OS (before version 4.1.34801.1116), and Linux (2.4.129780.0915 and below) are vulnerable to unauthorized message processing. A remote unauthenticated attacker can spoof UDP messages from a meeting attendee or Zoom… | ||
| CVE-2018-7811 | Cri | 0.64 | 9.8 | 0.04 | Nov 30, 2018 | An Unverified Password Change vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 which could allow an unauthenticated remote user to access the change password function of the web server | ||
| CVE-2018-7809 | Cri | 0.64 | 9.8 | 0.02 | Nov 30, 2018 | An Unverified Password Change vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 which could allow an unauthenticated remote user to access the password delete function of the web server. | ||
| CVE-2018-19290 | Cri | 0.64 | 9.8 | 0.04 | Nov 30, 2018 | In modules/HELPBOT_MODULE in Budabot 0.6 through 4.0, lax syntax validation allows remote attackers to perform a command injection attack against the PHP daemon with a crafted command, resulting in a denial of service or possibly unspecified other impact, as demonstrated by the… | ||
| CVE-2018-18619 | Cri | 0.67 | 9.8 | 0.04 | Nov 29, 2018 | internal/advanced_comment_system/admin.php in Advanced Comment System 1.0 is prone to an SQL injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query, allowing remote attackers to execute the sqli attack via a URL in… | ||
| CVE-2018-15981 | Cri | 0.65 | 9.8 | 0.12 | Nov 29, 2018 | Flash Player versions 31.0.0.148 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution. | ||
| CVE-2018-8788 | Cri | 0.01 | 9.8 | 0.07 | Nov 29, 2018 | FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds Write of up to 4 bytes in function nsc_rle_decode() that results in a memory corruption and possibly even a remote code execution. | ||
| CVE-2018-8787 | Cri | 0.01 | 9.8 | 0.08 | Nov 29, 2018 | FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function gdi_Bitmap_Decompress() and results in a memory corruption and probably even a remote code execution. | ||
| CVE-2018-8786 | Cri | 0.01 | 9.8 | 0.08 | Nov 29, 2018 | FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update() and results in a memory corruption and probably even a remote code execution. | ||
| CVE-2018-8785 | Cri | 0.01 | 9.8 | 0.07 | Nov 29, 2018 | FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress() that results in a memory corruption and probably even a remote code execution. | ||
| CVE-2018-8784 | Cri | 0.01 | 9.8 | 0.07 | Nov 29, 2018 | FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress_segment() that results in a memory corruption and probably even a remote code execution. | ||
| CVE-2018-19692 | Cri | 0.64 | 9.8 | 0.02 | Nov 29, 2018 | An issue was discovered in tp5cms through 2017-05-25. admin.php/upload/picture.html allows remote attackers to execute arbitrary PHP code by uploading a .php file with the image/jpeg content type. | ||
| CVE-2018-18649 | Cri | 0.64 | 9.8 | 0.07 | Nov 29, 2018 | An issue was discovered in the wiki API in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It allows for remote code execution. | ||
| CVE-2018-17930 | Cri | 0.64 | 9.8 | 0.07 | Nov 28, 2018 | A stack-based buffer overflow vulnerability has been identified in Teledyne DALSA Sherlock Version 7.2.7.4 and prior, which may allow remote code execution. | ||
| CVE-2018-19646 | Cri | 0.64 | 9.8 | 0.03 | Nov 28, 2018 | The Python CGI scripts in PWS in Imperva SecureSphere 13.0.10, 13.1.10, and 13.2.10 allow remote attackers to execute arbitrary OS commands because command-line arguments are mishandled. | ||
| CVE-2018-15441 | Cri | 0.61 | 9.4 | 0.04 | Nov 28, 2018 | A vulnerability in the web framework code of Cisco Prime License Manager (PLM) could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. The vulnerability is due to a lack of proper validation of user-supplied input in SQL queries. An attacker could… | ||
| CVE-2018-14749 | Cri | 0.64 | 9.8 | 0.01 | Nov 28, 2018 | Buffer Overflow vulnerability in QTS 4.3.5 build 20181013, QTS 4.3.4 build 20181008, QTS 4.3.3 build 20180829, QTS 4.2.6 build 20180829 and earlier versions could have unspecified impact on the NAS. | ||
| CVE-2018-14746 | Cri | 0.64 | 9.8 | 0.03 | Nov 28, 2018 | Command Injection vulnerability in QTS 4.3.5 build 20181013, QTS 4.3.4 build 20181008, QTS 4.3.3 build 20180829, QTS 4.2.6 build 20180829 and earlier versions could allow remote attackers to run arbitrary commands on the NAS. | ||
| CVE-2017-18318 | Cri | 0.64 | 9.8 | 0.01 | Nov 28, 2018 | Missing validation check on CRL issuer name in Snapdragon Automobile, Snapdragon Mobile in versions MSM8996AU, SD 410/12, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 810, SD 820, SD 820A. | ||
| CVE-2018-13354 | Cri | 0.66 | 9.8 | 0.23 | Nov 27, 2018 | System command injection in logtable.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "Event" parameter. |
- risk 0.59cvss 9.0epss 0.03
An unauthenticated remote command execution exists in Aruba ClearPass Policy Manager on linked devices. The ClearPass OnConnect feature permits administrators to link other network devices into ClearPass for the purpose of collecting enhanced information about connected…
- risk 0.00cvss 9.8epss 0.06
Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
- risk 0.01cvss 9.1epss 0.10
Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory.
- risk 0.01cvss 9.8epss 0.12
Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
- risk 0.59cvss 9.1epss 0.03
XXE in GE Proficy Cimplicity GDS versions 9.0 R2, 9.5, 10.0
- risk 0.65cvss 9.8epss 0.10
All versions up to ZXINOS-RESV1.01.43 of the ZTE ZXIN10 product European region are impacted by improper access control vulnerability. Due to improper access control to devcomm process, an unauthorized remote attacker can exploit this vulnerability to execute arbitrary code with…
- risk 0.64cvss 9.8epss 0.01
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Possible buffer overflow in WLAN function due to lack of input validation in values received from firmware.
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in Sales & Company Management System (SCMS) through 2018-06-06. It has SQL injection via the member/member_order.php type parameter, related to the O_state parameter.
- risk 0.64cvss 9.8epss 0.02
In ParsePayloadHeader of payload_metadata.cc, there is a possible out of bounds write due to an integer overflow. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android.…
- risk 0.64cvss 9.8epss 0.01
SearchController.php in PbootCMS 1.2.1 has SQL injection via the index.php/Search/index.html query string.
- risk 0.65cvss 9.8epss 0.12
Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
- risk 0.59cvss 9.1epss 0.01
SolarWinds SFTP/SCP server through 2018-09-10 is vulnerable to XXE via a world readable and writable configuration file that allows an attacker to exfiltrate data.
- risk 0.64cvss 9.8epss 0.02
In SolarWinds SFTP/SCP Server through 2018-09-10, the configuration file is world readable and writable, and stores user passwords in an insecure manner, allowing an attacker to determine passwords for potentially privileged accounts. This also grants the attacker an ability to…
- risk 0.03cvss 9.8epss 0.87
In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upgrade requests in the kube-apiserver allowed specially crafted requests to establish a connection through the Kubernetes API server to backend servers, then…
- risk 0.69cvss 9.8epss 0.25
NUUO NVRmini2 Network Video Recorder firmware through 3.9.1 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow), resulting in ability to read camera feeds or reconfigure the device.
- risk 0.59cvss 9.1epss 0.04
The CAF demuxer in modules/demux/caf.c in VideoLAN VLC media player 3.0.4 may read memory from an uninitialized pointer when processing magic cookies in CAF files, because a ReadKukiChunk() cast converts a return value to an unsigned int even if that value is negative. This…
- risk 0.65cvss 10.0epss 0.02
The Kubernetes integration in GitLab Enterprise Edition 11.x before 11.2.8, 11.3.x before 11.3.9, and 11.4.x before 11.4.4 has SSRF.
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It has Cleartext Storage of Sensitive Information.
- risk 0.65cvss 10.0epss 0.03
In FreeBSD before 11.2-STABLE(r341486) and 11.2-RELEASE-p6, insufficient bounds checking in one of the device models provided by bhyve can permit a guest operating system to overwrite memory in the bhyve host possibly permitting arbitrary code execution. A guest OS using a…
- risk 0.63cvss 9.6epss 0.01
The implementation of the Page.downloadBehavior backend unconditionally marked downloaded files as safe, regardless of file type in Google Chrome prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox…
- risk 0.64cvss 9.8epss 0.04
OS command injection in snmp.cgi in ASUSTOR ADM version 3.1.1 allows attackers to execute system commands without authentication via the "rocommunity" URL parameter.
- risk 0.66cvss 9.8epss 0.24
In FreeBSD before 11.2-STABLE(r340854) and 11.2-RELEASE-p5, an integer overflow error when handling opcodes can cause memory corruption by sending a specially crafted NFSv4 request. Unprivileged remote users with access to the NFS server may be able to execute arbitrary code.
- risk 0.64cvss 9.8epss 0.02
Incorrect access control in the Dashboard API on Drobo 5N2 NAS version 4.0.5-13.28.96115 allows attackers to bypass authentication due to insecure token generation.
- risk 0.64cvss 9.8epss 0.01
An insecure transport protocol used by Drobo Dashboard API on Drobo 5N2 NAS version 4.0.5-13.28.96115 allows attackers to intercept network traffic.
- risk 0.65cvss 9.8epss 0.17
System command injection in the /DroboPix/api/drobopix/demo endpoint on Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to execute system commands via the payload in a POST request.
- risk 0.64cvss 9.8epss 0.01
Incorrect access control in the /mysql/api/droboapp/data endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to retrieve the MySQL database root password.
- risk 0.65cvss 9.8epss 0.20
System command injection in the /DroboAccess/delete_user endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to execute system commands via the "username" URL parameter.
- risk 0.66cvss 9.8epss 0.29
System command injection in the /DroboAccess/enable_user endpoint in Drobo 5N2 NAS version 4.0.5-13.28.96115 allows unauthenticated attackers to execute system commands via the "username" URL parameter.
- risk 0.59cvss 9.1epss 0.02
A vulnerability in the proxy service of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow remote unauthenticated attackers to obtain sensitive information and possibly cause a denial of service attack.
- risk 0.66cvss 9.8epss 0.33
HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P06) is vulnerable to remote buffer overflow in dbman leading to code execution. This problem is resolved in IMC PLAT 7.3 (E0605P06) or subsequent versions.
- risk 0.64cvss 9.8epss 0.03
Zoom clients on Windows (before version 4.1.34814.1119), Mac OS (before version 4.1.34801.1116), and Linux (2.4.129780.0915 and below) are vulnerable to unauthorized message processing. A remote unauthenticated attacker can spoof UDP messages from a meeting attendee or Zoom…
- risk 0.64cvss 9.8epss 0.04
An Unverified Password Change vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 which could allow an unauthenticated remote user to access the change password function of the web server
- risk 0.64cvss 9.8epss 0.02
An Unverified Password Change vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 which could allow an unauthenticated remote user to access the password delete function of the web server.
- risk 0.64cvss 9.8epss 0.04
In modules/HELPBOT_MODULE in Budabot 0.6 through 4.0, lax syntax validation allows remote attackers to perform a command injection attack against the PHP daemon with a crafted command, resulting in a denial of service or possibly unspecified other impact, as demonstrated by the…
- risk 0.67cvss 9.8epss 0.04
internal/advanced_comment_system/admin.php in Advanced Comment System 1.0 is prone to an SQL injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query, allowing remote attackers to execute the sqli attack via a URL in…
- risk 0.65cvss 9.8epss 0.12
Flash Player versions 31.0.0.148 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.
- risk 0.01cvss 9.8epss 0.07
FreeRDP prior to version 2.0.0-rc4 contains an Out-Of-Bounds Write of up to 4 bytes in function nsc_rle_decode() that results in a memory corruption and possibly even a remote code execution.
- risk 0.01cvss 9.8epss 0.08
FreeRDP prior to version 2.0.0-rc4 contains an Integer Overflow that leads to a Heap-Based Buffer Overflow in function gdi_Bitmap_Decompress() and results in a memory corruption and probably even a remote code execution.
- risk 0.01cvss 9.8epss 0.08
FreeRDP prior to version 2.0.0-rc4 contains an Integer Truncation that leads to a Heap-Based Buffer Overflow in function update_read_bitmap_update() and results in a memory corruption and probably even a remote code execution.
- risk 0.01cvss 9.8epss 0.07
FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress() that results in a memory corruption and probably even a remote code execution.
- risk 0.01cvss 9.8epss 0.07
FreeRDP prior to version 2.0.0-rc4 contains a Heap-Based Buffer Overflow in function zgfx_decompress_segment() that results in a memory corruption and probably even a remote code execution.
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in tp5cms through 2017-05-25. admin.php/upload/picture.html allows remote attackers to execute arbitrary PHP code by uploading a .php file with the image/jpeg content type.
- risk 0.64cvss 9.8epss 0.07
An issue was discovered in the wiki API in GitLab Community and Enterprise Edition before 11.2.7, 11.3.x before 11.3.8, and 11.4.x before 11.4.3. It allows for remote code execution.
- risk 0.64cvss 9.8epss 0.07
A stack-based buffer overflow vulnerability has been identified in Teledyne DALSA Sherlock Version 7.2.7.4 and prior, which may allow remote code execution.
- risk 0.64cvss 9.8epss 0.03
The Python CGI scripts in PWS in Imperva SecureSphere 13.0.10, 13.1.10, and 13.2.10 allow remote attackers to execute arbitrary OS commands because command-line arguments are mishandled.
- risk 0.61cvss 9.4epss 0.04
A vulnerability in the web framework code of Cisco Prime License Manager (PLM) could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. The vulnerability is due to a lack of proper validation of user-supplied input in SQL queries. An attacker could…
- risk 0.64cvss 9.8epss 0.01
Buffer Overflow vulnerability in QTS 4.3.5 build 20181013, QTS 4.3.4 build 20181008, QTS 4.3.3 build 20180829, QTS 4.2.6 build 20180829 and earlier versions could have unspecified impact on the NAS.
- risk 0.64cvss 9.8epss 0.03
Command Injection vulnerability in QTS 4.3.5 build 20181013, QTS 4.3.4 build 20181008, QTS 4.3.3 build 20180829, QTS 4.2.6 build 20180829 and earlier versions could allow remote attackers to run arbitrary commands on the NAS.
- risk 0.64cvss 9.8epss 0.01
Missing validation check on CRL issuer name in Snapdragon Automobile, Snapdragon Mobile in versions MSM8996AU, SD 410/12, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 810, SD 820, SD 820A.
- risk 0.66cvss 9.8epss 0.23
System command injection in logtable.php in TerraMaster TOS version 3.1.03 allows attackers to execute system commands via the "Event" parameter.