| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-8856 | Cri | 0.64 | 9.8 | 0.01 | Sep 26, 2018 | Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software contains hard-coded cryptographic key, which it uses for encryption of internal data. | ||
| CVE-2018-8850 | Cri | 0.64 | 9.8 | 0.04 | Sep 26, 2018 | Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software does not validate input properly, allowing an attacker to craft the input in a form that is not expected by the rest of the application. This would lead to parts of the unit receiving unintended… | ||
| CVE-2018-3972 | Cri | 0.64 | 9.8 | 0.04 | Sep 26, 2018 | An exploitable code execution vulnerability exists in the Levin deserialization functionality of the Epee library, as used in Monero 'Lithium Luna' (v0.12.2.0-master-ffab6700) and other cryptocurrencies. A specially crafted network packet can cause a logic flaw, resulting in… | ||
| CVE-2018-17538 | Cri | 0.64 | 9.8 | 0.02 | Sep 26, 2018 | Axon (formerly TASER International) Evidence Sync 3.15.89 is vulnerable to process injection. NOTE: the vendor's position is that this CVE is not associated with information that supports any finding of any type of vulnerability | ||
| CVE-2018-15965 | Cri | 0.66 | 9.8 | 0.26 | Sep 25, 2018 | Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution. | ||
| CVE-2018-15961 | Cri | 0.87 | 9.8 | 1.00 | KEV | Sep 25, 2018 | Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have an unrestricted file upload vulnerability. Successful exploitation could lead to arbitrary code execution. | |
| CVE-2018-15959 | Cri | 0.66 | 9.8 | 0.26 | Sep 25, 2018 | Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution. | ||
| CVE-2018-15958 | Cri | 0.66 | 9.8 | 0.26 | Sep 25, 2018 | Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution. | ||
| CVE-2018-15957 | Cri | 0.66 | 9.8 | 0.28 | Sep 25, 2018 | Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution. | ||
| CVE-2018-12848 | Cri | 0.66 | 9.8 | 0.35 | Sep 25, 2018 | Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011.30099 and earlier, and 2015.006.30448 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. | ||
| CVE-2018-17107 | — | Cri | 0.57 | 9.8 | 0.02 | Sep 24, 2018 | In Tgstation tgstation-server 3.2.4.0 through 3.2.1.0 (fixed in 3.2.5.0), active logins would be cached, allowing subsequent logins to succeed with any username or password. | |
| CVE-2018-16283 | Cri | 0.72 | 9.8 | 0.63 | Sep 24, 2018 | The Wechat Broadcast plugin 1.2.0 and earlier for WordPress allows Directory Traversal via the Image.php url parameter. | ||
| CVE-2015-8298 | Cri | 0.64 | 9.8 | 0.03 | Sep 24, 2018 | Multiple SQL injection vulnerabilities in the login page in RXTEC RXAdmin UPDATE 06 / 2012 allow remote attackers to execute arbitrary SQL commands via the (1) loginpassword, (2) loginusername, (3) zusatzlicher, or (4) groupid parameter to index.htm, or the (5) rxtec cookie to… | ||
| CVE-2018-17334 | Cri | 0.64 | 9.8 | 0.02 | Sep 22, 2018 | An issue was discovered in libsvg2 through 2012-10-19. A stack-based buffer overflow in the svgGetNextPathField function in svg_string.c allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact because a strncpy copy… | ||
| CVE-2018-17333 | Cri | 0.64 | 9.8 | 0.02 | Sep 22, 2018 | An issue was discovered in libsvg2 through 2012-10-19. A stack-based buffer overflow in svgStringToLength in svg_types.c allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact because sscanf is misused. | ||
| CVE-2018-17317 | Cri | 0.64 | 9.8 | 0.04 | Sep 21, 2018 | FruityWifi (aka PatatasFritas/PatataWifi) 2.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the io_mode, ap_mode, io_action, io_in_iface, io_in_set, io_in_ip, io_in_mask, io_in_gw, io_out_iface, io_out_set, io_out_mask, io_out_gw, iface, or… | ||
| CVE-2018-17174 | Cri | 0.64 | 9.8 | 0.03 | Sep 21, 2018 | A stack-based buffer overflow was discovered in the xtimor NMEA library (aka nmealib) 0.5.3. nmea_parse() in parser.c allows an attacker to trigger denial of service (even arbitrary code execution in a certain context) in a product using this library via malformed data. | ||
| CVE-2018-17173 | Cri | 0.71 | 9.8 | 0.56 | Sep 21, 2018 | LG SuperSign CMS allows remote attackers to execute arbitrary code via the sourceUri parameter to qsr_server/device/getThumbnail. | ||
| CVE-2018-17141 | Cri | 0.64 | 9.8 | 0.06 | Sep 21, 2018 | HylaFAX 6.0.6 and HylaFAX+ 5.6.0 allow remote attackers to execute arbitrary code via a dial-in session that provides a FAX page with the JPEG bit enabled, which is mishandled in FaxModem::writeECMData() in the faxd/CopyQuality.c++ file. | ||
| CVE-2018-16822 | Cri | 0.64 | 9.8 | 0.01 | Sep 21, 2018 | SeaCMS 6.64 allows SQL Injection via the upload/admin/admin_video.php order parameter. | ||
| CVE-2013-4451 | Cri | 0.57 | 9.8 | 0.03 | Sep 21, 2018 | gitolite commit fa06a34 through 3.5.3 might allow attackers to have unspecified impact via vectors involving world-writable permissions when creating (1) ~/.gitolite.rc, (2) ~/.gitolite, or (3) ~/repositories/gitolite-admin.git on fresh installs. | ||
| CVE-2018-16281 | Cri | 0.64 | 9.8 | 0.01 | Sep 21, 2018 | The DEISER "Profields - Project Custom Fields" app before 6.0.2 for Jira has Incorrect Access Control. | ||
| CVE-2018-11241 | Cri | 0.64 | 9.8 | 0.04 | Sep 21, 2018 | An issue was discovered on SoftCase T-Router build 20112017 devices. A remote attacker can read and write to arbitrary files on the system as root, as demonstrated by code execution after writing to a crontab file. This is fixed in production builds as of Spring 2018. | ||
| CVE-2018-11240 | Cri | 0.64 | 9.8 | 0.02 | Sep 21, 2018 | An issue was discovered on SoftCase T-Router build 20112017 devices. There are no restrictions on the 'exec command' feature of the T-Router protocol. If the command syntax is correct, there is code execution both on the other modem and on the main servers. This is fixed in… | ||
| CVE-2018-3877 | Cri | 0.64 | 9.9 | 0.02 | Sep 21, 2018 | An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 160 bytes. An attacker can send an… | ||
| CVE-2018-3874 | Cri | 0.64 | 9.9 | 0.02 | Sep 21, 2018 | An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 32 bytes. An attacker can send an… | ||
| CVE-2018-3873 | Cri | 0.64 | 9.9 | 0.02 | Sep 21, 2018 | An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 128 bytes. An attacker can send an… | ||
| CVE-2018-14643 | — | Cri | 0.00 | 9.8 | 0.06 | Sep 21, 2018 | An authentication bypass flaw was found in the smart_proxy_dynflow component used by Foreman. A malicious attacker can use this flaw to remotely execute arbitrary commands on machines managed by vulnerable Foreman instances, in a highly privileged context. | |
| CVE-2018-17298 | Cri | 0.64 | 9.8 | 0.02 | Sep 21, 2018 | An issue was discovered in Enalean Tuleap before 10.5. Reset password links are not invalidated after a user changes its password. | ||
| CVE-2018-14592 | Cri | 0.67 | 9.8 | 0.03 | Sep 20, 2018 | The CWJoomla CW Article Attachments PRO extension before 2.0.7 and CW Article Attachments FREE extension before 1.0.6 for Joomla! allow SQL Injection within download.php. | ||
| CVE-2018-14829 | Cri | 0.65 | 9.8 | 0.16 | Sep 20, 2018 | Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. This vulnerability may allow a remote threat actor to intentionally send a malformed CIP packet to Port 44818, causing the software application to stop responding and crash. This vulnerability also has the potential… | ||
| CVE-2018-17254 | Cri | 0.73 | 9.8 | 0.83 | Sep 20, 2018 | The JCK Editor component 6.4.4 for Joomla! allows SQL Injection via the jtreelink/dialogs/links.php parent parameter. | ||
| CVE-2018-11287 | Cri | 0.64 | 9.8 | 0.01 | Sep 20, 2018 | In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660,… | ||
| CVE-2017-18314 | Cri | 0.64 | 9.8 | 0.01 | Sep 20, 2018 | In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A,… | ||
| CVE-2018-17243 | Cri | 0.70 | 9.8 | 0.74 | Sep 20, 2018 | Global Search in Zoho ManageEngine OpManager before 12.3 123205 allows SQL Injection. | ||
| CVE-2018-17232 | Cri | 0.64 | 9.8 | 0.02 | Sep 20, 2018 | SQL injection vulnerability in archivebot.py in docmarionum1 Slack ArchiveBot (aka slack-archive-bot) before 2018-09-19 allows remote attackers to execute arbitrary SQL commands via the text parameter to cursor.execute(). | ||
| CVE-2018-17228 | Cri | 0.64 | 9.8 | 0.02 | Sep 19, 2018 | nmap4j 1.1.0 allows attackers to execute arbitrary commands via shell metacharacters in an includeHosts call. | ||
| CVE-2017-2877 | Cri | 0.64 | 9.8 | 0.02 | Sep 19, 2018 | A missing error check exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted request on port 10001 could allow an attacker to reset the user accounts to factory defaults, without authentication. | ||
| CVE-2018-17207 | Cri | 0.71 | 9.8 | 0.58 | Sep 19, 2018 | An issue was discovered in Snap Creek Duplicator before 1.2.42. By accessing leftover installer files (installer.php and installer-backup.php), an attacker can inject PHP code into wp-config.php during the database setup step, achieving arbitrary code execution. | ||
| CVE-2017-2875 | Cri | 0.59 | 9.1 | 0.01 | Sep 19, 2018 | An exploitable buffer overflow vulnerability exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted request on port 10000 can cause a buffer overflow resulting in overwriting arbitrary data. | ||
| CVE-2018-12242 | Cri | 0.64 | 9.8 | 0.03 | Sep 19, 2018 | The Symantec Messaging Gateway product prior to 10.6.6 may be susceptible to an authentication bypass exploit, which is a type of issue that can allow attackers to potentially circumvent security mechanisms currently in place and gain access to the system or network. | ||
| CVE-2018-1149 | Cri | 0.65 | 9.8 | 0.15 | Sep 19, 2018 | cgi_system in NUUO's NVRMini2 3.8.0 and below allows remote attackers to execute arbitrary code via crafted HTTP requests. | ||
| CVE-2018-17111 | Cri | 0.64 | 9.8 | 0.01 | Sep 18, 2018 | The onlyOwner modifier of a smart contract implementation for Coinlancer (CL), an Ethereum ERC20 token, has a potential access control vulnerability. All contract users can access functions that use this onlyOwner modifier, because the comparison between msg.sender and owner is… | ||
| CVE-2018-16669 | Cri | 0.64 | 9.8 | 0.02 | Sep 18, 2018 | An issue was discovered in CIRCONTROL Open Charge Point Protocol (OCPP) before 1.5.0, as used in CirCarLife, PowerStudio, and other products. Due to storage of credentials in XML files, an unprivileged user can look at /services/config/config.xml for the admin credentials of the… | ||
| CVE-2018-1000802 | Cri | 0.02 | 9.8 | 0.21 | Sep 18, 2018 | Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via… | ||
| CVE-2018-17153 | Cri | 0.74 | 9.8 | 0.87 | Sep 18, 2018 | It was discovered that the Western Digital My Cloud device before 2.30.196 is affected by an authentication bypass vulnerability. An unauthenticated attacker can exploit this vulnerability to authenticate as an admin user without needing to provide a password, thereby gaining… | ||
| CVE-2018-16957 | Cri | 0.64 | 9.8 | 0.03 | Sep 18, 2018 | The Oracle WebCenter Interaction 10.3.3 search service queryd.exe binary is compiled with the i1g2s3c4 hardcoded password. Authentication to the Oracle WCI search service uses this hardcoded password and cannot be customised by customers. An adversary able to access this service… | ||
| CVE-2018-11780 | Cri | 0.65 | 9.8 | 0.11 | Sep 17, 2018 | A potential Remote Code Execution bug exists with the PDFInfo plugin in Apache SpamAssassin before 3.4.2. | ||
| CVE-2018-17137 | Cri | 0.64 | 9.8 | 0.01 | Sep 17, 2018 | Prezi Next 1.3.101.11 has a documented purpose of creating HTML5 presentations but has SE_DEBUG_PRIVILEGE on Windows, which might allow attackers to bypass intended access restrictions. | ||
| CVE-2018-17136 | Cri | 0.64 | 9.8 | 0.01 | Sep 17, 2018 | zzcms 8.3 contains a SQL Injection vulnerability in /user/check.php via a Client-Ip HTTP header. |
- risk 0.64cvss 9.8epss 0.01
Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software contains hard-coded cryptographic key, which it uses for encryption of internal data.
- risk 0.64cvss 9.8epss 0.04
Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The software does not validate input properly, allowing an attacker to craft the input in a form that is not expected by the rest of the application. This would lead to parts of the unit receiving unintended…
- risk 0.64cvss 9.8epss 0.04
An exploitable code execution vulnerability exists in the Levin deserialization functionality of the Epee library, as used in Monero 'Lithium Luna' (v0.12.2.0-master-ffab6700) and other cryptocurrencies. A specially crafted network packet can cause a logic flaw, resulting in…
- risk 0.64cvss 9.8epss 0.02
Axon (formerly TASER International) Evidence Sync 3.15.89 is vulnerable to process injection. NOTE: the vendor's position is that this CVE is not associated with information that supports any finding of any type of vulnerability
- risk 0.66cvss 9.8epss 0.26
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.
- risk 0.87cvss 9.8epss 1.00
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have an unrestricted file upload vulnerability. Successful exploitation could lead to arbitrary code execution.
- risk 0.66cvss 9.8epss 0.26
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.
- risk 0.66cvss 9.8epss 0.26
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.
- risk 0.66cvss 9.8epss 0.28
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.
- risk 0.66cvss 9.8epss 0.35
Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011.30099 and earlier, and 2015.006.30448 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.
- risk 0.57cvss 9.8epss 0.02
In Tgstation tgstation-server 3.2.4.0 through 3.2.1.0 (fixed in 3.2.5.0), active logins would be cached, allowing subsequent logins to succeed with any username or password.
- risk 0.72cvss 9.8epss 0.63
The Wechat Broadcast plugin 1.2.0 and earlier for WordPress allows Directory Traversal via the Image.php url parameter.
- risk 0.64cvss 9.8epss 0.03
Multiple SQL injection vulnerabilities in the login page in RXTEC RXAdmin UPDATE 06 / 2012 allow remote attackers to execute arbitrary SQL commands via the (1) loginpassword, (2) loginusername, (3) zusatzlicher, or (4) groupid parameter to index.htm, or the (5) rxtec cookie to…
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in libsvg2 through 2012-10-19. A stack-based buffer overflow in the svgGetNextPathField function in svg_string.c allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact because a strncpy copy…
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in libsvg2 through 2012-10-19. A stack-based buffer overflow in svgStringToLength in svg_types.c allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact because sscanf is misused.
- risk 0.64cvss 9.8epss 0.04
FruityWifi (aka PatatasFritas/PatataWifi) 2.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the io_mode, ap_mode, io_action, io_in_iface, io_in_set, io_in_ip, io_in_mask, io_in_gw, io_out_iface, io_out_set, io_out_mask, io_out_gw, iface, or…
- risk 0.64cvss 9.8epss 0.03
A stack-based buffer overflow was discovered in the xtimor NMEA library (aka nmealib) 0.5.3. nmea_parse() in parser.c allows an attacker to trigger denial of service (even arbitrary code execution in a certain context) in a product using this library via malformed data.
- risk 0.71cvss 9.8epss 0.56
LG SuperSign CMS allows remote attackers to execute arbitrary code via the sourceUri parameter to qsr_server/device/getThumbnail.
- risk 0.64cvss 9.8epss 0.06
HylaFAX 6.0.6 and HylaFAX+ 5.6.0 allow remote attackers to execute arbitrary code via a dial-in session that provides a FAX page with the JPEG bit enabled, which is mishandled in FaxModem::writeECMData() in the faxd/CopyQuality.c++ file.
- risk 0.64cvss 9.8epss 0.01
SeaCMS 6.64 allows SQL Injection via the upload/admin/admin_video.php order parameter.
- risk 0.57cvss 9.8epss 0.03
gitolite commit fa06a34 through 3.5.3 might allow attackers to have unspecified impact via vectors involving world-writable permissions when creating (1) ~/.gitolite.rc, (2) ~/.gitolite, or (3) ~/repositories/gitolite-admin.git on fresh installs.
- risk 0.64cvss 9.8epss 0.01
The DEISER "Profields - Project Custom Fields" app before 6.0.2 for Jira has Incorrect Access Control.
- risk 0.64cvss 9.8epss 0.04
An issue was discovered on SoftCase T-Router build 20112017 devices. A remote attacker can read and write to arbitrary files on the system as root, as demonstrated by code execution after writing to a crontab file. This is fixed in production builds as of Spring 2018.
- risk 0.64cvss 9.8epss 0.02
An issue was discovered on SoftCase T-Router build 20112017 devices. There are no restrictions on the 'exec command' feature of the T-Router protocol. If the command syntax is correct, there is code execution both on the other modem and on the main servers. This is fixed in…
- risk 0.64cvss 9.9epss 0.02
An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 160 bytes. An attacker can send an…
- risk 0.64cvss 9.9epss 0.02
An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 32 bytes. An attacker can send an…
- risk 0.64cvss 9.9epss 0.02
An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 128 bytes. An attacker can send an…
- risk 0.00cvss 9.8epss 0.06
An authentication bypass flaw was found in the smart_proxy_dynflow component used by Foreman. A malicious attacker can use this flaw to remotely execute arbitrary commands on machines managed by vulnerable Foreman instances, in a highly privileged context.
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in Enalean Tuleap before 10.5. Reset password links are not invalidated after a user changes its password.
- risk 0.67cvss 9.8epss 0.03
The CWJoomla CW Article Attachments PRO extension before 2.0.7 and CW Article Attachments FREE extension before 1.0.6 for Joomla! allow SQL Injection within download.php.
- risk 0.65cvss 9.8epss 0.16
Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. This vulnerability may allow a remote threat actor to intentionally send a malformed CIP packet to Port 44818, causing the software application to stop responding and crash. This vulnerability also has the potential…
- risk 0.73cvss 9.8epss 0.83
The JCK Editor component 6.4.4 for Joomla! allows SQL Injection via the jtreelink/dialogs/links.php parent parameter.
- risk 0.64cvss 9.8epss 0.01
In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660,…
- risk 0.64cvss 9.8epss 0.01
In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A,…
- risk 0.70cvss 9.8epss 0.74
Global Search in Zoho ManageEngine OpManager before 12.3 123205 allows SQL Injection.
- risk 0.64cvss 9.8epss 0.02
SQL injection vulnerability in archivebot.py in docmarionum1 Slack ArchiveBot (aka slack-archive-bot) before 2018-09-19 allows remote attackers to execute arbitrary SQL commands via the text parameter to cursor.execute().
- risk 0.64cvss 9.8epss 0.02
nmap4j 1.1.0 allows attackers to execute arbitrary commands via shell metacharacters in an includeHosts call.
- risk 0.64cvss 9.8epss 0.02
A missing error check exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted request on port 10001 could allow an attacker to reset the user accounts to factory defaults, without authentication.
- risk 0.71cvss 9.8epss 0.58
An issue was discovered in Snap Creek Duplicator before 1.2.42. By accessing leftover installer files (installer.php and installer-backup.php), an attacker can inject PHP code into wp-config.php during the database setup step, achieving arbitrary code execution.
- risk 0.59cvss 9.1epss 0.01
An exploitable buffer overflow vulnerability exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted request on port 10000 can cause a buffer overflow resulting in overwriting arbitrary data.
- risk 0.64cvss 9.8epss 0.03
The Symantec Messaging Gateway product prior to 10.6.6 may be susceptible to an authentication bypass exploit, which is a type of issue that can allow attackers to potentially circumvent security mechanisms currently in place and gain access to the system or network.
- risk 0.65cvss 9.8epss 0.15
cgi_system in NUUO's NVRMini2 3.8.0 and below allows remote attackers to execute arbitrary code via crafted HTTP requests.
- risk 0.64cvss 9.8epss 0.01
The onlyOwner modifier of a smart contract implementation for Coinlancer (CL), an Ethereum ERC20 token, has a potential access control vulnerability. All contract users can access functions that use this onlyOwner modifier, because the comparison between msg.sender and owner is…
- risk 0.64cvss 9.8epss 0.02
An issue was discovered in CIRCONTROL Open Charge Point Protocol (OCPP) before 1.5.0, as used in CirCarLife, PowerStudio, and other products. Due to storage of credentials in XML files, an unprivileged user can look at /services/config/config.xml for the admin credentials of the…
- risk 0.02cvss 9.8epss 0.21
Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via…
- risk 0.74cvss 9.8epss 0.87
It was discovered that the Western Digital My Cloud device before 2.30.196 is affected by an authentication bypass vulnerability. An unauthenticated attacker can exploit this vulnerability to authenticate as an admin user without needing to provide a password, thereby gaining…
- risk 0.64cvss 9.8epss 0.03
The Oracle WebCenter Interaction 10.3.3 search service queryd.exe binary is compiled with the i1g2s3c4 hardcoded password. Authentication to the Oracle WCI search service uses this hardcoded password and cannot be customised by customers. An adversary able to access this service…
- risk 0.65cvss 9.8epss 0.11
A potential Remote Code Execution bug exists with the PDFInfo plugin in Apache SpamAssassin before 3.4.2.
- risk 0.64cvss 9.8epss 0.01
Prezi Next 1.3.101.11 has a documented purpose of creating HTML5 presentations but has SE_DEBUG_PRIVILEGE on Windows, which might allow attackers to bypass intended access restrictions.
- risk 0.64cvss 9.8epss 0.01
zzcms 8.3 contains a SQL Injection vulnerability in /user/check.php via a Client-Ip HTTP header.