| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-18728 | Cri | 0.64 | 9.8 | 0.03 | Oct 29, 2018 | An issue was discovered on Tenda AC9 V15.03.05.19(6318)_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. They allow remote code execution via shell metacharacters in the usbName field to the __fastcall function with a POST request. | ||
| CVE-2018-18705 | Cri | 0.64 | 9.8 | 0.02 | Oct 29, 2018 | PhpTpoint hospital management system suffers from multiple SQL injection vulnerabilities via the index.php user parameter associated with LOGIN.php, or the rno parameter to ALIST.php, DUNDEL.php, PDEL.php, or PUNDEL.php. | ||
| CVE-2018-18704 | Cri | 0.64 | 9.8 | 0.02 | Oct 29, 2018 | PhpTpoint Pharmacy Management System suffers from a SQL injection vulnerability in the index.php username parameter. | ||
| CVE-2018-18702 | Cri | 0.64 | 9.8 | 0.01 | Oct 29, 2018 | spider.admincp.php in iCMS v7.0.11 allows SQL injection via admincp.php?app=spider&do=import_rule because the upfile content is base64 decoded, deserialized, and used for database insertion. | ||
| CVE-2016-10734 | Cri | 0.64 | 9.8 | 0.02 | Oct 29, 2018 | ProjectSend (formerly cFTP) r582 allows Insecure Direct Object Reference via includes/actions.log.export.php. | ||
| CVE-2016-10733 | Cri | 0.64 | 9.8 | 0.02 | Oct 29, 2018 | ProjectSend (formerly cFTP) r582 allows directory traversal via file=../ in the process-zip-download.php query string. | ||
| CVE-2016-10732 | Cri | 0.64 | 9.8 | 0.02 | Oct 29, 2018 | ProjectSend (formerly cFTP) r582 allows authentication bypass via a direct request for users.php, home.php, edit-file.php?file_id=1, or process-zip-download.php, or add_user_form_* parameters to users-add.php. | ||
| CVE-2016-10731 | Cri | 0.64 | 9.8 | 0.01 | Oct 29, 2018 | ProjectSend (formerly cFTP) r582 allows SQL injection via manage-files.php with the request parameter status, manage-files.php with the request parameter files, clients.php with the request parameter selected_clients, clients.php with the request parameter status,… | ||
| CVE-2018-8955 | Cri | 0.64 | 9.8 | 0.04 | Oct 24, 2018 | The installer for BitDefender GravityZone relies on an encoded string in a filename to determine the URL for installation metadata, which allows remote attackers to execute arbitrary code by changing the filename while leaving the file's digital signature unchanged. | ||
| CVE-2018-17903 | — | Cri | 0.59 | 9.1 | 0.02 | Oct 24, 2018 | SAGA1-L8B with any firmware versions prior to A0.10 are vulnerable to a replay attack and command forgery. | |
| CVE-2018-15751 | — | Cri | 0.57 | 9.8 | 0.05 | Oct 24, 2018 | SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allow remote attackers to bypass authentication and execute arbitrary commands via salt-api(netapi). | |
| CVE-2018-13342 | Cri | 0.64 | 9.8 | 0.01 | Oct 24, 2018 | The server API in the Anda app relies on hardcoded credentials. | ||
| CVE-2018-18476 | — | Cri | 0.57 | 9.8 | 0.02 | Oct 24, 2018 | mysql-binuuid-rails 1.1.0 and earlier allows SQL Injection because it removes default string escaping for affected database columns. | |
| CVE-2018-11792 | Cri | 0.64 | 9.8 | 0.02 | Oct 24, 2018 | In Apache Impala before 3.0.1, ALTER TABLE/VIEW RENAME required ALTER on the old table. This may pose a potential security risk, such as having ALTER on a table and ALL on a particular database allows a user to move the table to a database with ALL, which will automatically… | ||
| CVE-2018-18475 | Cri | 0.65 | 9.8 | 0.22 | Oct 23, 2018 | Zoho ManageEngine OpManager before 12.3 build 123214 allows Unrestricted Arbitrary File Upload. | ||
| CVE-2018-17448 | Cri | 0.64 | 9.8 | 0.02 | Oct 23, 2018 | An Incorrect Access Control issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4. | ||
| CVE-2018-17446 | Cri | 0.64 | 9.8 | 0.02 | Oct 23, 2018 | A SQL Injection issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4. | ||
| CVE-2018-17445 | Cri | 0.65 | 9.8 | 0.11 | Oct 23, 2018 | A Command Injection issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4. | ||
| CVE-2018-15497 | Cri | 0.64 | 9.8 | 0.05 | Oct 23, 2018 | The Mitel MiVoice 5330e VoIP device is affected by memory corruption flaws in the SIP/SDP packet handling functionality. An attacker can exploit this issue remotely, by sending a particular pattern of SIP/SDP packets, to cause a denial of service state in the affected devices… | ||
| CVE-2018-18628 | — | Cri | 0.57 | 9.8 | 0.05 | Oct 23, 2018 | An issue was discovered in Pippo 1.11.0. The function SerializationSessionDataTranscoder.decode() calls ObjectInputStream.readObject() to deserialize a SessionData object without checking the object types. An attacker can create a malicious object, base64 encode it, and place it… | |
| CVE-2018-14816 | Cri | 0.64 | 9.8 | 0.04 | Oct 23, 2018 | Advantech WebAccess 8.3.1 and earlier has several stack-based buffer overflow vulnerabilities that have been identified, which may allow an attacker to execute arbitrary code. | ||
| CVE-2018-14806 | Cri | 0.64 | 9.8 | 0.05 | Oct 23, 2018 | Advantech WebAccess 8.3.1 and earlier has a path traversal vulnerability which may allow an attacker to execute arbitrary code. | ||
| CVE-2017-18349 | — | Cri | 0.60 | 9.8 | 0.39 | Oct 23, 2018 | parseObject in Fastjson before 1.2.25, as used in FastjsonEngine in Pippo 1.11.0 and other products, allows remote attackers to execute arbitrary code via a crafted JSON request, as demonstrated by a crafted rmi:// URI in the dataSourceName field of HTTP POST data to the Pippo… | |
| CVE-2018-13114 | Cri | 0.64 | 9.8 | 0.02 | Oct 22, 2018 | Missing authentication and improper input validation in KERUI Wifi Endoscope Camera (YPC99) allow an attacker to execute arbitrary commands (with a length limit of 19 characters) via the "ssid" value, as demonstrated by ssid:;ping 192.168.1.2 in the body of a SETSSID command. | ||
| CVE-2018-18546 | — | Cri | 0.57 | 9.8 | 0.02 | Oct 21, 2018 | ThinkPHP 3.2.4 has SQL Injection via the order parameter because the Library/Think/Db/Driver.class.php parseOrder function mishandles the key variable. | |
| CVE-2018-12671 | — | Cri | 0.64 | 9.8 | 0.01 | Oct 19, 2018 | An attacker with remote access to the SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B) web interface can disclose information about the camera including all password sets set within the camera. This information can then be used to gain… | |
| CVE-2018-12670 | — | Cri | 0.64 | 9.8 | 0.03 | Oct 19, 2018 | SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices allow OS Command Injection. | |
| CVE-2018-12668 | — | Cri | 0.64 | 9.8 | 0.02 | Oct 19, 2018 | SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices have a Hard-coded Password. | |
| CVE-2018-12667 | — | Cri | 0.64 | 9.8 | 0.01 | Oct 19, 2018 | The SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B) is affected by an improper authentication vulnerability that allows requests to be made to back-end CGI scripts without a valid session. This vulnerability could be used to read and… | |
| CVE-2018-12666 | — | Cri | 0.64 | 9.8 | 0.02 | Oct 19, 2018 | SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B devices improperly identifies users only by the authentication level sent in the cookies, which allow remote attackers to bypass authentication and gain administrator access by setting the authLevel cookie to 255. | |
| CVE-2018-18531 | — | Cri | 0.64 | 9.8 | 0.01 | Oct 19, 2018 | text/impl/DefaultTextCreator.java, text/impl/ChineseTextProducer.java, and text/impl/FiveLetterFirstNameTextCreator.java in kaptcha 2.3.2 use the Random (rather than SecureRandom) function for generating CAPTCHA values, which makes it easier for remote attackers to bypass… | |
| CVE-2018-18530 | — | Cri | 0.64 | 9.8 | 0.01 | Oct 19, 2018 | ThinkPHP 5.1.25 has SQL Injection via the count parameter because the library/think/db/Query.php aggregate function mishandles the aggregate variable. NOTE: a backquote character is required in the attack URI. | |
| CVE-2018-18529 | — | Cri | 0.64 | 9.8 | 0.01 | Oct 19, 2018 | ThinkPHP 3.2.4 has SQL Injection via the count parameter because the Library/Think/Db/Driver/Mysql.class.php parseKey function mishandles the key variable. NOTE: a backquote character is not required in the attack URI. | |
| CVE-2018-18527 | Cri | 0.64 | 9.8 | 0.02 | Oct 19, 2018 | OwnTicket 2018-05-23 allows SQL Injection via the showTicketId or editTicketStatusId parameter. | ||
| CVE-2018-18396 | Cri | 0.64 | 9.8 | 0.02 | Oct 19, 2018 | Remote Code Execution in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1. | ||
| CVE-2018-18395 | Cri | 0.64 | 9.8 | 0.02 | Oct 19, 2018 | Hidden Token Access in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1. | ||
| CVE-2018-18394 | Cri | 0.64 | 9.8 | 0.01 | Oct 19, 2018 | Sensitive Information Stored in Clear Text in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1. | ||
| CVE-2018-18393 | Cri | 0.64 | 9.8 | 0.01 | Oct 19, 2018 | Password Management Issue in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1. | ||
| CVE-2018-4013 | Cri | 0.64 | 9.8 | 0.09 | Oct 19, 2018 | An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library version 0.92. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger… | ||
| CVE-2018-15758 | — | Cri | 0.56 | 9.6 | 0.02 | Oct 18, 2018 | Spring Security OAuth, versions 2.3 prior to 2.3.4, and 2.2 prior to 2.2.3, and 2.1 prior to 2.1.3, and 2.0 prior to 2.0.16, and older unsupported versions could be susceptible to a privilege escalation under certain conditions. A malicious user or attacker can craft a request… | |
| CVE-2018-18488 | Cri | 0.64 | 9.8 | 0.01 | Oct 18, 2018 | In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, SQL Injection exists via the ids[] parameter. | ||
| CVE-2018-18486 | Cri | 0.64 | 9.8 | 0.01 | Oct 18, 2018 | An issue was discovered in PHPSHE 1.7. SQL injection exists via the admin.php?mod=user&act=del user_id[] parameter. | ||
| CVE-2018-14807 | Cri | 0.64 | 9.8 | 0.03 | Oct 18, 2018 | A stack-based buffer overflow vulnerability in Opto 22 PAC Control Basic and PAC Control Professional versions R10.0a and prior may allow remote code execution. | ||
| CVE-2015-4633 | Cri | 0.67 | 9.8 | 0.06 | Oct 18, 2018 | Multiple SQL injection vulnerabilities in Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, 3.18.x before 3.18.08, and 3.20.x before 3.20.1 allow (1) remote attackers to execute arbitrary SQL commands via the number parameter to opac-tags_subject.pl in the OPAC interface or (2)… | ||
| CVE-2018-1822 | Cri | 0.64 | 9.8 | 0.03 | Oct 18, 2018 | IBM FlashSystem 900 product GUI allows a specially crafted attack to bypass the authentication requirements of the system, resulting in the ability to remotely change the superuser password. This can be used by an attacker to gain administrative control or to deny service. IBM… | ||
| CVE-2018-5188 | Cri | 0.64 | 9.8 | 0.04 | Oct 18, 2018 | Memory safety bugs present in Firefox 60, Firefox ESR 60, and Firefox ESR 52.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird <… | ||
| CVE-2018-5187 | Cri | 0.64 | 9.8 | 0.03 | Oct 18, 2018 | Memory safety bugs present in Firefox 60 and Firefox ESR 60. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60, Firefox ESR <… | ||
| CVE-2018-5186 | Cri | 0.64 | 9.8 | 0.02 | Oct 18, 2018 | Memory safety bugs present in Firefox 60. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 61. | ||
| CVE-2018-5156 | Cri | 0.64 | 9.8 | 0.04 | Oct 18, 2018 | A vulnerability can occur when capturing a media stream when the media source type is changed as the capture is occurring. This can result in stream data being cast to the wrong type causing a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Firefox… | ||
| CVE-2018-12387 | Cri | 0.60 | 9.1 | 0.10 | Oct 18, 2018 | A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory address to the calling function which can be used as part of an exploit inside the… |
- risk 0.64cvss 9.8epss 0.03
An issue was discovered on Tenda AC9 V15.03.05.19(6318)_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. They allow remote code execution via shell metacharacters in the usbName field to the __fastcall function with a POST request.
- risk 0.64cvss 9.8epss 0.02
PhpTpoint hospital management system suffers from multiple SQL injection vulnerabilities via the index.php user parameter associated with LOGIN.php, or the rno parameter to ALIST.php, DUNDEL.php, PDEL.php, or PUNDEL.php.
- risk 0.64cvss 9.8epss 0.02
PhpTpoint Pharmacy Management System suffers from a SQL injection vulnerability in the index.php username parameter.
- risk 0.64cvss 9.8epss 0.01
spider.admincp.php in iCMS v7.0.11 allows SQL injection via admincp.php?app=spider&do=import_rule because the upfile content is base64 decoded, deserialized, and used for database insertion.
- risk 0.64cvss 9.8epss 0.02
ProjectSend (formerly cFTP) r582 allows Insecure Direct Object Reference via includes/actions.log.export.php.
- risk 0.64cvss 9.8epss 0.02
ProjectSend (formerly cFTP) r582 allows directory traversal via file=../ in the process-zip-download.php query string.
- risk 0.64cvss 9.8epss 0.02
ProjectSend (formerly cFTP) r582 allows authentication bypass via a direct request for users.php, home.php, edit-file.php?file_id=1, or process-zip-download.php, or add_user_form_* parameters to users-add.php.
- risk 0.64cvss 9.8epss 0.01
ProjectSend (formerly cFTP) r582 allows SQL injection via manage-files.php with the request parameter status, manage-files.php with the request parameter files, clients.php with the request parameter selected_clients, clients.php with the request parameter status,…
- risk 0.64cvss 9.8epss 0.04
The installer for BitDefender GravityZone relies on an encoded string in a filename to determine the URL for installation metadata, which allows remote attackers to execute arbitrary code by changing the filename while leaving the file's digital signature unchanged.
- risk 0.59cvss 9.1epss 0.02
SAGA1-L8B with any firmware versions prior to A0.10 are vulnerable to a replay attack and command forgery.
- risk 0.57cvss 9.8epss 0.05
SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allow remote attackers to bypass authentication and execute arbitrary commands via salt-api(netapi).
- risk 0.64cvss 9.8epss 0.01
The server API in the Anda app relies on hardcoded credentials.
- risk 0.57cvss 9.8epss 0.02
mysql-binuuid-rails 1.1.0 and earlier allows SQL Injection because it removes default string escaping for affected database columns.
- risk 0.64cvss 9.8epss 0.02
In Apache Impala before 3.0.1, ALTER TABLE/VIEW RENAME required ALTER on the old table. This may pose a potential security risk, such as having ALTER on a table and ALL on a particular database allows a user to move the table to a database with ALL, which will automatically…
- risk 0.65cvss 9.8epss 0.22
Zoho ManageEngine OpManager before 12.3 build 123214 allows Unrestricted Arbitrary File Upload.
- risk 0.64cvss 9.8epss 0.02
An Incorrect Access Control issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.
- risk 0.64cvss 9.8epss 0.02
A SQL Injection issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.
- risk 0.65cvss 9.8epss 0.11
A Command Injection issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.
- risk 0.64cvss 9.8epss 0.05
The Mitel MiVoice 5330e VoIP device is affected by memory corruption flaws in the SIP/SDP packet handling functionality. An attacker can exploit this issue remotely, by sending a particular pattern of SIP/SDP packets, to cause a denial of service state in the affected devices…
- risk 0.57cvss 9.8epss 0.05
An issue was discovered in Pippo 1.11.0. The function SerializationSessionDataTranscoder.decode() calls ObjectInputStream.readObject() to deserialize a SessionData object without checking the object types. An attacker can create a malicious object, base64 encode it, and place it…
- risk 0.64cvss 9.8epss 0.04
Advantech WebAccess 8.3.1 and earlier has several stack-based buffer overflow vulnerabilities that have been identified, which may allow an attacker to execute arbitrary code.
- risk 0.64cvss 9.8epss 0.05
Advantech WebAccess 8.3.1 and earlier has a path traversal vulnerability which may allow an attacker to execute arbitrary code.
- risk 0.60cvss 9.8epss 0.39
parseObject in Fastjson before 1.2.25, as used in FastjsonEngine in Pippo 1.11.0 and other products, allows remote attackers to execute arbitrary code via a crafted JSON request, as demonstrated by a crafted rmi:// URI in the dataSourceName field of HTTP POST data to the Pippo…
- risk 0.64cvss 9.8epss 0.02
Missing authentication and improper input validation in KERUI Wifi Endoscope Camera (YPC99) allow an attacker to execute arbitrary commands (with a length limit of 19 characters) via the "ssid" value, as demonstrated by ssid:;ping 192.168.1.2 in the body of a SETSSID command.
- risk 0.57cvss 9.8epss 0.02
ThinkPHP 3.2.4 has SQL Injection via the order parameter because the Library/Think/Db/Driver.class.php parseOrder function mishandles the key variable.
- risk 0.64cvss 9.8epss 0.01
An attacker with remote access to the SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B) web interface can disclose information about the camera including all password sets set within the camera. This information can then be used to gain…
- risk 0.64cvss 9.8epss 0.03
SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices allow OS Command Injection.
- risk 0.64cvss 9.8epss 0.02
SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices have a Hard-coded Password.
- risk 0.64cvss 9.8epss 0.01
The SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B) is affected by an improper authentication vulnerability that allows requests to be made to back-end CGI scripts without a valid session. This vulnerability could be used to read and…
- risk 0.64cvss 9.8epss 0.02
SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B devices improperly identifies users only by the authentication level sent in the cookies, which allow remote attackers to bypass authentication and gain administrator access by setting the authLevel cookie to 255.
- risk 0.64cvss 9.8epss 0.01
text/impl/DefaultTextCreator.java, text/impl/ChineseTextProducer.java, and text/impl/FiveLetterFirstNameTextCreator.java in kaptcha 2.3.2 use the Random (rather than SecureRandom) function for generating CAPTCHA values, which makes it easier for remote attackers to bypass…
- risk 0.64cvss 9.8epss 0.01
ThinkPHP 5.1.25 has SQL Injection via the count parameter because the library/think/db/Query.php aggregate function mishandles the aggregate variable. NOTE: a backquote character is required in the attack URI.
- risk 0.64cvss 9.8epss 0.01
ThinkPHP 3.2.4 has SQL Injection via the count parameter because the Library/Think/Db/Driver/Mysql.class.php parseKey function mishandles the key variable. NOTE: a backquote character is not required in the attack URI.
- risk 0.64cvss 9.8epss 0.02
OwnTicket 2018-05-23 allows SQL Injection via the showTicketId or editTicketStatusId parameter.
- risk 0.64cvss 9.8epss 0.02
Remote Code Execution in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1.
- risk 0.64cvss 9.8epss 0.02
Hidden Token Access in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1.
- risk 0.64cvss 9.8epss 0.01
Sensitive Information Stored in Clear Text in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1.
- risk 0.64cvss 9.8epss 0.01
Password Management Issue in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1.
- risk 0.64cvss 9.8epss 0.09
An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library version 0.92. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger…
- risk 0.56cvss 9.6epss 0.02
Spring Security OAuth, versions 2.3 prior to 2.3.4, and 2.2 prior to 2.2.3, and 2.1 prior to 2.1.3, and 2.0 prior to 2.0.16, and older unsupported versions could be susceptible to a privilege escalation under certain conditions. A malicious user or attacker can craft a request…
- risk 0.64cvss 9.8epss 0.01
In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, SQL Injection exists via the ids[] parameter.
- risk 0.64cvss 9.8epss 0.01
An issue was discovered in PHPSHE 1.7. SQL injection exists via the admin.php?mod=user&act=del user_id[] parameter.
- risk 0.64cvss 9.8epss 0.03
A stack-based buffer overflow vulnerability in Opto 22 PAC Control Basic and PAC Control Professional versions R10.0a and prior may allow remote code execution.
- risk 0.67cvss 9.8epss 0.06
Multiple SQL injection vulnerabilities in Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, 3.18.x before 3.18.08, and 3.20.x before 3.20.1 allow (1) remote attackers to execute arbitrary SQL commands via the number parameter to opac-tags_subject.pl in the OPAC interface or (2)…
- risk 0.64cvss 9.8epss 0.03
IBM FlashSystem 900 product GUI allows a specially crafted attack to bypass the authentication requirements of the system, resulting in the ability to remotely change the superuser password. This can be used by an attacker to gain administrative control or to deny service. IBM…
- risk 0.64cvss 9.8epss 0.04
Memory safety bugs present in Firefox 60, Firefox ESR 60, and Firefox ESR 52.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird <…
- risk 0.64cvss 9.8epss 0.03
Memory safety bugs present in Firefox 60 and Firefox ESR 60. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60, Firefox ESR <…
- risk 0.64cvss 9.8epss 0.02
Memory safety bugs present in Firefox 60. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 61.
- risk 0.64cvss 9.8epss 0.04
A vulnerability can occur when capturing a media stream when the media source type is changed as the capture is occurring. This can result in stream data being cast to the wrong type causing a potentially exploitable crash. This vulnerability affects Thunderbird < 60, Firefox…
- risk 0.60cvss 9.1epss 0.10
A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory address to the calling function which can be used as part of an exploit inside the…