| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2014-6436 | Cri | 0.70 | 9.8 | 0.42 | Jan 12, 2018 | Aztech ADSL DSL5018EN (1T1R), DSL705E, and DSL705EU devices improperly manage sessions, which allows remote attackers to bypass authentication in opportunistic circumstances and execute arbitrary commands with administrator privileges by leveraging an existing web portal login. | ||
| CVE-2018-5377 | Cri | 0.64 | 9.8 | 0.02 | Jan 12, 2018 | Discuz! DiscuzX X3.4 allows remote attackers to bypass intended access restrictions via the archiver\index.php action parameter. | ||
| CVE-2018-5347 | Cri | 0.71 | 9.8 | 0.54 | Jan 12, 2018 | Seagate Media Server in Seagate Personal Cloud has unauthenticated command injection in the uploadTelemetry and getLogs functions in views.py because .psp URLs are handled by the fastcgi.server component and shell metacharacters are mishandled. | ||
| CVE-2018-0007 | Cri | 0.64 | 9.8 | 0.02 | Jan 10, 2018 | An unauthenticated network-based attacker able to send a maliciously crafted LLDP packet to the local segment, through a local segment broadcast, may be able to cause a Junos device to enter an improper boundary check condition allowing a memory corruption to occur, leading to a… | ||
| CVE-2018-0001 | Cri | 0.64 | 9.8 | 0.06 | Jan 10, 2018 | A remote, unauthenticated attacker may be able to execute code by exploiting a use-after-free defect found in older versions of PHP through injection of crafted data via specific PHP URLs within the context of the J-Web process. Affected releases are Juniper Networks Junos OS:… | ||
| CVE-2017-11079 | Cri | 0.64 | 9.8 | 0.00 | Jan 10, 2018 | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing sparse image, uninitialized heap memory can potentially be flashed due to the lack of validation of sparse image block header size. | ||
| CVE-2017-17946 | Cri | 0.64 | 9.8 | 0.03 | Jan 10, 2018 | A buffer overflow in Handy Password 4.9.3 allows remote attackers to execute arbitrary code via a long "Title name" field in "mail box" data that is mishandled in an "Open from mail box" action. | ||
| CVE-2017-17485 | — | Cri | 0.61 | 9.8 | 0.50 | Jan 10, 2018 | FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the… | |
| CVE-2017-16740 | Cri | 0.66 | 10.0 | 0.07 | Jan 9, 2018 | A Buffer Overflow issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1400 Controllers, Series B and C Versions 21.002 and earlier. The stack-based buffer overflow vulnerability has been identified, which may allow remote code execution. | ||
| CVE-2017-1670 | Cri | 0.64 | 9.8 | 0.02 | Jan 9, 2018 | IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 133637. | ||
| CVE-2018-5211 | Cri | 0.67 | 9.8 | 0.02 | Jan 9, 2018 | PHP Melody version 2.7.1 suffer from SQL Injection Time-based attack on the page ajax.php with the parameter playlist. | ||
| CVE-2017-18025 | Cri | 0.64 | 9.8 | 0.03 | Jan 9, 2018 | cgi-bin/drknow.cgi in Innotube ITGuard-Manager 0.0.0.1 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the username field, as demonstrated by a username beginning with "admin|" to use the '|' metacharacter. | ||
| CVE-2017-7997 | — | Cri | 0.68 | 9.8 | 0.19 | Jan 8, 2018 | Multiple SQL injection vulnerabilities in Gespage before 7.4.9 allow remote attackers to execute arbitrary SQL commands via the (1) show_prn parameter to webapp/users/prnow.jsp or show_month parameter to (2) webapp/users/blhistory.jsp or (3) webapp/users/prhistory.jsp. | |
| CVE-2017-15883 | Cri | 0.64 | 9.8 | 0.02 | Jan 8, 2018 | Sitefinity 5.1, 5.2, 5.3, 5.4, 6.x, 7.x, 8.x, 9.x, and 10.x allow remote attackers to bypass authentication and consequently cause a denial of service on load balanced sites or gain privileges via vectors related to weak cryptography. | ||
| CVE-2015-2320 | Cri | 0.57 | 9.8 | 0.04 | Jan 8, 2018 | The TLS stack in Mono before 3.12.1 allows remote attackers to have unspecified impact via vectors related to client-side SSLv2 fallback. | ||
| CVE-2014-5334 | Cri | 0.64 | 9.8 | 0.05 | Jan 8, 2018 | FreeNAS before 9.3-M3 has a blank admin password, which allows remote attackers to gain root privileges by leveraging a WebGui login. | ||
| CVE-2014-5071 | Cri | 0.64 | 9.8 | 0.02 | Jan 8, 2018 | SQL injection vulnerability in the checkPassword function in Symmetricom s350i 2.70.15 allows remote attackers to execute arbitrary SQL commands via vectors involving a username. | ||
| CVE-2014-4972 | Cri | 0.64 | 9.8 | 0.05 | Jan 8, 2018 | Unrestricted file upload vulnerability in the Gravity Upload Ajax plugin 1.1 and earlier for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file under… | ||
| CVE-2017-5971 | Cri | 0.64 | 9.8 | 0.02 | Jan 8, 2018 | SQL injection vulnerability in NewsBee CMS allow remote attackers to execute arbitrary SQL commands. | ||
| CVE-2018-5267 | Cri | 0.64 | 9.8 | 0.03 | Jan 8, 2018 | Cobham Sea Tel 121 build 222701 devices allow remote attackers to bypass authentication via a direct request to MenuDealerGx.html, MenuDealer.html, MenuEuNCGx.html, MenuEuNC.html, MenuSysGx.html, or MenuSys.html. | ||
| CVE-2018-5208 | Cri | 0.64 | 9.8 | 0.02 | Jan 6, 2018 | In Irssi before 1.0.6, a calculation error in the completion code could cause a heap buffer overflow when completing certain strings. | ||
| CVE-2018-5206 | Cri | 0.64 | 9.8 | 0.02 | Jan 6, 2018 | When the channel topic is set without specifying a sender, Irssi before 1.0.6 may dereference a NULL pointer. | ||
| CVE-2017-18021 | Cri | 0.64 | 9.8 | 0.02 | Jan 5, 2018 | It was discovered that QtPass before 1.2.1, when using the built-in password generator, generates possibly predictable and enumerable passwords. This only applies to the QtPass GUI. | ||
| CVE-2017-15548 | Cri | 0.64 | 9.8 | 0.05 | Jan 5, 2018 | An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote unauthenticated malicious user can potentially bypass application authentication… | ||
| CVE-2014-8579 | Cri | 0.64 | 9.8 | 0.02 | Jan 5, 2018 | TRENDnet TEW-823DRU devices with firmware before 1.00b36 have a hardcoded password of kcodeskcodes for the root account, which makes it easier for remote attackers to obtain access via an FTP session. | ||
| CVE-2017-16724 | Cri | 0.64 | 9.8 | 0.03 | Jan 5, 2018 | A Stack-based Buffer Overflow issue was discovered in Advantech WebAccess versions prior to 8.3. There are multiple instances of a vulnerability that allows too much data to be written to a location on the stack. | ||
| CVE-2017-16720 | Cri | 0.71 | 9.8 | 0.50 | Jan 5, 2018 | A Path Traversal issue was discovered in WebAccess versions 8.3.2 and earlier. An attacker has access to files within the directory structure of the target device. | ||
| CVE-2017-16716 | Cri | 0.67 | 9.8 | 0.06 | Jan 5, 2018 | A SQL Injection issue was discovered in WebAccess versions prior to 8.3. WebAccess does not properly sanitize its inputs for SQL commands. | ||
| CVE-2014-7862 | Cri | 0.73 | 9.8 | 0.81 | Jan 4, 2018 | The DCPluginServelet servlet in ManageEngine Desktop Central and Desktop Central MSP before build 90109 allows remote attackers to create administrator accounts via an addPlugInUser action. | ||
| CVE-2017-15714 | Cri | 0.64 | 9.8 | 0.03 | Jan 4, 2018 | The BIRT plugin in Apache OFBiz 16.11.01 to 16.11.03 does not escape user input property passed. This allows for code injection by passing that code through the URL. For example by appending this code "__format=%27;alert(%27xss%27)" to the URL an alert window would execute. | ||
| CVE-2018-0104 | Cri | 0.63 | 9.6 | 0.04 | Jan 4, 2018 | A vulnerability in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) files could allow a remote attacker to execute arbitrary code on the system of a targeted user. The attacker could exploit this vulnerability by sending the user a link or email… | ||
| CVE-2017-8046 | — | Cri | 0.73 | 9.8 | 0.74 | Jan 4, 2018 | Malicious PATCH requests submitted to servers using Spring Data REST versions prior to 2.6.9 (Ingalls SR9), versions prior to 3.0.1 (Kay SR1) and Spring Boot versions prior to 1.5.9, 2.0 M6 can use specially crafted JSON data to run arbitrary Java code. | |
| CVE-2017-1000487 | — | Cri | 0.57 | 9.8 | 0.07 | Jan 3, 2018 | Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings. | |
| CVE-2017-1000486 | — | Cri | 0.86 | 9.8 | 0.94 | KEV | Jan 3, 2018 | Primetek Primefaces 5.x is vulnerable to a weak encryption flaw resulting in remote code execution |
| CVE-2017-1000471 | Cri | 0.64 | 9.8 | 0.09 | Jan 3, 2018 | EmbedThis GoAhead Webserver version 4.0.0 is vulnerable to a NULL pointer dereference in the CGI handler resulting in memory corruption or denial of service. | ||
| CVE-2017-1000469 | — | Cri | 0.57 | 9.8 | 0.06 | Jan 3, 2018 | Cobbler version up to 2.8.2 is vulnerable to a command injection vulnerability in the "add repo" component resulting in arbitrary code execution as root user. | |
| CVE-2017-1000480 | — | Cri | 0.64 | 9.8 | 0.03 | Jan 3, 2018 | Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when calling fetch() or display() functions on custom resources that does not sanitize template name. | |
| CVE-2017-1000501 | Cri | 0.00 | 9.8 | 0.04 | Jan 3, 2018 | Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the "config" and "migrate" parameters resulting in unauthenticated remote code execution. | ||
| CVE-2017-1000497 | Cri | 0.64 | 9.8 | 0.03 | Jan 3, 2018 | Pepperminty-Wiki version 0.15 is vulnerable to XXE attacks in the getsvgsize function resulting in denial of service and possibly remote code execution | ||
| CVE-2017-18017 | Cri | 0.04 | 9.8 | 0.53 | Jan 3, 2018 | The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the… | ||
| CVE-2017-1000493 | Cri | 0.00 | 9.8 | 0.02 | Jan 3, 2018 | Rocket.Chat Server version 0.59 and prior is vulnerable to a NoSQL injection leading to administrator account takeover | ||
| CVE-2017-1000437 | Cri | 0.64 | 9.8 | 0.04 | Jan 2, 2018 | Creolabs Gravity 1.0 contains a stack based buffer overflow in the operator_string_add function, resulting in remote code execution. | ||
| CVE-2017-1000430 | — | Cri | 0.57 | 9.8 | 0.02 | Jan 2, 2018 | rust-base64 version <= 0.5.1 is vulnerable to a buffer overflow when calculating the size of a buffer to use when encoding base64 using the 'encode_config_buf' and 'encode_config' functions | |
| CVE-2017-1000423 | Cri | 0.00 | 9.8 | 0.02 | Jan 2, 2018 | b2evolution version 6.6.0 - 6.8.10 is vulnerable to input validation (backslash and single quote escape) in basic install functionality resulting in unauthenticated attacker gaining PHP code execution on the victim's setup. | ||
| CVE-2017-1000421 | Cri | 0.64 | 9.8 | 0.03 | Jan 2, 2018 | Gifsicle gifview 1.89 and older is vulnerable to a use-after-free in the read_gif function resulting potential code execution | ||
| CVE-2017-1000458 | Cri | 0.00 | 9.8 | 0.02 | Jan 2, 2018 | Bro before Bro v2.5.2 is vulnerable to an out of bounds write in the ContentLine analyzer allowing remote attackers to cause a denial of service (crash) and possibly other exploitation. | ||
| CVE-2017-1000453 | Cri | 0.64 | 9.8 | 0.02 | Jan 2, 2018 | CMS Made Simple version 2.1.6 and 2.2 are vulnerable to Smarty templating injection in some core modules, resulting in unauthenticated PHP code execution. | ||
| CVE-2017-17098 | Cri | 0.67 | 9.8 | 0.07 | Jan 2, 2018 | The writeLog function in fn_common.php in gps-server.net GPS Tracking Software (self hosted) through 3.0 allows remote attackers to inject arbitrary PHP code via a crafted request that is mishandled during admin log viewing, as demonstrated by <?php system($_GET[cmd]); ?> in a… | ||
| CVE-2017-17097 | Cri | 0.67 | 9.8 | 0.07 | Jan 2, 2018 | gps-server.net GPS Tracking Software (self hosted) 2.x has a password reset procedure that immediately resets passwords upon an unauthenticated request, and then sends e-mail with a predictable (date-based) password to the admin, which makes it easier for remote attackers to… | ||
| CVE-2017-1000444 | Cri | 0.00 | 9.8 | 0.03 | Jan 2, 2018 | Eleix Openhacker version 0.1.47 is vulnerable to an SQL injection in the account registration and login component resulting in information disclosure and remote code execution |
- risk 0.70cvss 9.8epss 0.42
Aztech ADSL DSL5018EN (1T1R), DSL705E, and DSL705EU devices improperly manage sessions, which allows remote attackers to bypass authentication in opportunistic circumstances and execute arbitrary commands with administrator privileges by leveraging an existing web portal login.
- risk 0.64cvss 9.8epss 0.02
Discuz! DiscuzX X3.4 allows remote attackers to bypass intended access restrictions via the archiver\index.php action parameter.
- risk 0.71cvss 9.8epss 0.54
Seagate Media Server in Seagate Personal Cloud has unauthenticated command injection in the uploadTelemetry and getLogs functions in views.py because .psp URLs are handled by the fastcgi.server component and shell metacharacters are mishandled.
- risk 0.64cvss 9.8epss 0.02
An unauthenticated network-based attacker able to send a maliciously crafted LLDP packet to the local segment, through a local segment broadcast, may be able to cause a Junos device to enter an improper boundary check condition allowing a memory corruption to occur, leading to a…
- risk 0.64cvss 9.8epss 0.06
A remote, unauthenticated attacker may be able to execute code by exploiting a use-after-free defect found in older versions of PHP through injection of crafted data via specific PHP URLs within the context of the J-Web process. Affected releases are Juniper Networks Junos OS:…
- risk 0.64cvss 9.8epss 0.00
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing sparse image, uninitialized heap memory can potentially be flashed due to the lack of validation of sparse image block header size.
- risk 0.64cvss 9.8epss 0.03
A buffer overflow in Handy Password 4.9.3 allows remote attackers to execute arbitrary code via a long "Title name" field in "mail box" data that is mishandled in an "Open from mail box" action.
- risk 0.61cvss 9.8epss 0.50
FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the…
- risk 0.66cvss 10.0epss 0.07
A Buffer Overflow issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1400 Controllers, Series B and C Versions 21.002 and earlier. The stack-based buffer overflow vulnerability has been identified, which may allow remote code execution.
- risk 0.64cvss 9.8epss 0.02
IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 133637.
- risk 0.67cvss 9.8epss 0.02
PHP Melody version 2.7.1 suffer from SQL Injection Time-based attack on the page ajax.php with the parameter playlist.
- risk 0.64cvss 9.8epss 0.03
cgi-bin/drknow.cgi in Innotube ITGuard-Manager 0.0.0.1 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the username field, as demonstrated by a username beginning with "admin|" to use the '|' metacharacter.
- risk 0.68cvss 9.8epss 0.19
Multiple SQL injection vulnerabilities in Gespage before 7.4.9 allow remote attackers to execute arbitrary SQL commands via the (1) show_prn parameter to webapp/users/prnow.jsp or show_month parameter to (2) webapp/users/blhistory.jsp or (3) webapp/users/prhistory.jsp.
- risk 0.64cvss 9.8epss 0.02
Sitefinity 5.1, 5.2, 5.3, 5.4, 6.x, 7.x, 8.x, 9.x, and 10.x allow remote attackers to bypass authentication and consequently cause a denial of service on load balanced sites or gain privileges via vectors related to weak cryptography.
- risk 0.57cvss 9.8epss 0.04
The TLS stack in Mono before 3.12.1 allows remote attackers to have unspecified impact via vectors related to client-side SSLv2 fallback.
- risk 0.64cvss 9.8epss 0.05
FreeNAS before 9.3-M3 has a blank admin password, which allows remote attackers to gain root privileges by leveraging a WebGui login.
- risk 0.64cvss 9.8epss 0.02
SQL injection vulnerability in the checkPassword function in Symmetricom s350i 2.70.15 allows remote attackers to execute arbitrary SQL commands via vectors involving a username.
- risk 0.64cvss 9.8epss 0.05
Unrestricted file upload vulnerability in the Gravity Upload Ajax plugin 1.1 and earlier for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file under…
- risk 0.64cvss 9.8epss 0.02
SQL injection vulnerability in NewsBee CMS allow remote attackers to execute arbitrary SQL commands.
- risk 0.64cvss 9.8epss 0.03
Cobham Sea Tel 121 build 222701 devices allow remote attackers to bypass authentication via a direct request to MenuDealerGx.html, MenuDealer.html, MenuEuNCGx.html, MenuEuNC.html, MenuSysGx.html, or MenuSys.html.
- risk 0.64cvss 9.8epss 0.02
In Irssi before 1.0.6, a calculation error in the completion code could cause a heap buffer overflow when completing certain strings.
- risk 0.64cvss 9.8epss 0.02
When the channel topic is set without specifying a sender, Irssi before 1.0.6 may dereference a NULL pointer.
- risk 0.64cvss 9.8epss 0.02
It was discovered that QtPass before 1.2.1, when using the built-in password generator, generates possibly predictable and enumerable passwords. This only applies to the QtPass GUI.
- risk 0.64cvss 9.8epss 0.05
An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integrated Data Protection Appliance 2.0. A remote unauthenticated malicious user can potentially bypass application authentication…
- risk 0.64cvss 9.8epss 0.02
TRENDnet TEW-823DRU devices with firmware before 1.00b36 have a hardcoded password of kcodeskcodes for the root account, which makes it easier for remote attackers to obtain access via an FTP session.
- risk 0.64cvss 9.8epss 0.03
A Stack-based Buffer Overflow issue was discovered in Advantech WebAccess versions prior to 8.3. There are multiple instances of a vulnerability that allows too much data to be written to a location on the stack.
- risk 0.71cvss 9.8epss 0.50
A Path Traversal issue was discovered in WebAccess versions 8.3.2 and earlier. An attacker has access to files within the directory structure of the target device.
- risk 0.67cvss 9.8epss 0.06
A SQL Injection issue was discovered in WebAccess versions prior to 8.3. WebAccess does not properly sanitize its inputs for SQL commands.
- risk 0.73cvss 9.8epss 0.81
The DCPluginServelet servlet in ManageEngine Desktop Central and Desktop Central MSP before build 90109 allows remote attackers to create administrator accounts via an addPlugInUser action.
- risk 0.64cvss 9.8epss 0.03
The BIRT plugin in Apache OFBiz 16.11.01 to 16.11.03 does not escape user input property passed. This allows for code injection by passing that code through the URL. For example by appending this code "__format=%27;alert(%27xss%27)" to the URL an alert window would execute.
- risk 0.63cvss 9.6epss 0.04
A vulnerability in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) files could allow a remote attacker to execute arbitrary code on the system of a targeted user. The attacker could exploit this vulnerability by sending the user a link or email…
- risk 0.73cvss 9.8epss 0.74
Malicious PATCH requests submitted to servers using Spring Data REST versions prior to 2.6.9 (Ingalls SR9), versions prior to 3.0.1 (Kay SR1) and Spring Boot versions prior to 1.5.9, 2.0 M6 can use specially crafted JSON data to run arbitrary Java code.
- risk 0.57cvss 9.8epss 0.07
Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.
- risk 0.86cvss 9.8epss 0.94
Primetek Primefaces 5.x is vulnerable to a weak encryption flaw resulting in remote code execution
- risk 0.64cvss 9.8epss 0.09
EmbedThis GoAhead Webserver version 4.0.0 is vulnerable to a NULL pointer dereference in the CGI handler resulting in memory corruption or denial of service.
- risk 0.57cvss 9.8epss 0.06
Cobbler version up to 2.8.2 is vulnerable to a command injection vulnerability in the "add repo" component resulting in arbitrary code execution as root user.
- risk 0.64cvss 9.8epss 0.03
Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when calling fetch() or display() functions on custom resources that does not sanitize template name.
- risk 0.00cvss 9.8epss 0.04
Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the "config" and "migrate" parameters resulting in unauthenticated remote code execution.
- risk 0.64cvss 9.8epss 0.03
Pepperminty-Wiki version 0.15 is vulnerable to XXE attacks in the getsvgsize function resulting in denial of service and possibly remote code execution
- risk 0.04cvss 9.8epss 0.53
The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other impact by leveraging the…
- risk 0.00cvss 9.8epss 0.02
Rocket.Chat Server version 0.59 and prior is vulnerable to a NoSQL injection leading to administrator account takeover
- risk 0.64cvss 9.8epss 0.04
Creolabs Gravity 1.0 contains a stack based buffer overflow in the operator_string_add function, resulting in remote code execution.
- risk 0.57cvss 9.8epss 0.02
rust-base64 version <= 0.5.1 is vulnerable to a buffer overflow when calculating the size of a buffer to use when encoding base64 using the 'encode_config_buf' and 'encode_config' functions
- risk 0.00cvss 9.8epss 0.02
b2evolution version 6.6.0 - 6.8.10 is vulnerable to input validation (backslash and single quote escape) in basic install functionality resulting in unauthenticated attacker gaining PHP code execution on the victim's setup.
- risk 0.64cvss 9.8epss 0.03
Gifsicle gifview 1.89 and older is vulnerable to a use-after-free in the read_gif function resulting potential code execution
- risk 0.00cvss 9.8epss 0.02
Bro before Bro v2.5.2 is vulnerable to an out of bounds write in the ContentLine analyzer allowing remote attackers to cause a denial of service (crash) and possibly other exploitation.
- risk 0.64cvss 9.8epss 0.02
CMS Made Simple version 2.1.6 and 2.2 are vulnerable to Smarty templating injection in some core modules, resulting in unauthenticated PHP code execution.
- risk 0.67cvss 9.8epss 0.07
The writeLog function in fn_common.php in gps-server.net GPS Tracking Software (self hosted) through 3.0 allows remote attackers to inject arbitrary PHP code via a crafted request that is mishandled during admin log viewing, as demonstrated by <?php system($_GET[cmd]); ?> in a…
- risk 0.67cvss 9.8epss 0.07
gps-server.net GPS Tracking Software (self hosted) 2.x has a password reset procedure that immediately resets passwords upon an unauthenticated request, and then sends e-mail with a predictable (date-based) password to the admin, which makes it easier for remote attackers to…
- risk 0.00cvss 9.8epss 0.03
Eleix Openhacker version 0.1.47 is vulnerable to an SQL injection in the account registration and login component resulting in information disclosure and remote code execution