EMC Unisphere for VMAX Virtual Appliance (vApp) versions prior to 8.4.0.15, EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.15, EMC VA...
EMC AppSync Server prior to 3.5.0.1 contains database accounts with hardcoded passwords that could potentially be exploited by malicious users to comp...
MongoDB 3.4.x before 3.4.10, and 3.5.x-development, has a disabled-by-default configuration setting, networkMessageCompressors (aka wire protocol comp...
Cross-Site Request Forgery exists in OctoberCMS 1.0.426 (aka Build 426) due to improper validation of CSRF tokens for postback handling, allowing an a...
The Catalyst-Plugin-Static-Simple module before 0.34 for Perl allows remote attackers to read arbitrary files if there is a '.' character anywhere in ...
A Use of Hard-coded Cryptographic Key issue was discovered in Korenix JetNet JetNet5018G version 1.4, JetNet5310G version 1.4a, JetNet5428G-2G-2FX ver...
A Use of Hard-coded Credentials issue was discovered in Korenix JetNet JetNet5018G version 1.4, JetNet5310G version 1.4a, JetNet5428G-2G-2FX version 1...
Jenkins Git Client Plugin 2.4.2 and earlier creates temporary file with insecure permissions resulting in information disclosure
Jenkins Favorite Plugin 2.1.4 and older does not perform permission checks when changing favorite status, allowing any user to set any other user's fa...
Jenkins Favorite Plugin version 2.2.0 and older is vulnerable to CSRF resulting in data modification
The SSH Plugin stores credentials which allow jobs to access remote servers via the SSH protocol. User passwords and passphrases for encrypted SSH key...
Apache Hive 2.1.x before 2.1.2, 2.2.x before 2.2.1, and 2.3.x before 2.3.1 expose an interface through which masking policies can be defined on tables...
GraphicsMagick 1.3.26 is vulnerable to a heap-based buffer overflow vulnerability found in the "Display visual image directory" feature of the Describ...
GraphicsMagick 1.3.26 is vulnerable to a memory information disclosure vulnerability found in the DescribeImage function of the magick/describe.c file...
PluXml version 5.6 is vulnerable to stored cross-site scripting vulnerability, within the article creation page, which can result in escalation of pri...
Lack of content verification in Docker-CE (Also known as Moby) versions 1.12.6-0, 1.10.3, 17.03.0, 17.03.1, 17.03.2, 17.06.0, 17.06.1, 17.06.2, 17.09....
Insecure SPANK environment variable handling exists in SchedMD Slurm before 16.05.11, 17.x before 17.02.9, and 17.11.x before 17.11.0rc2, allowing pri...
Sera 1.2 stores the user's login password in plain text in their home directory. This makes privilege escalation trivial and also exposes the user and...
In radare 2.0.1, a memory corruption vulnerability exists in store_versioninfo_gnu_verdef() and store_versioninfo_gnu_verneed() in libr/bin/format/elf...
In radare 2.0.1, an out-of-bounds read vulnerability exists in string_scan_range() in libr/bin/bin.c when doing a string search.
In radare 2.0.1, a pointer wraparound vulnerability exists in store_versioninfo_gnu_verdef() in libr/bin/format/elf/elf.c.
IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code...
The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate message size metadata, allowing a compromised secondary...
The UNIX IPC layer in WebKit, including WebKitGTK+ prior to 2.16.3, does not properly validate certain message metadata, allowing a compromised second...
IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code...
IBM OpenPages GRC Platform 7.2 and 7.3 with OpenPages Loss Event Entry (LEE) application could allow a user to obtain sensitive information including ...
IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code...
IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauth...
IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 could allow an unauthenticated user to obtain sensitive information about the server that could be used i...
IBM Jazz Reporting Service (JRS) 6.0.4 could allow an authenticated user to obtain information on another server that the current report builder inter...
IBM Infosphere BigInsights 4.2.0 and 4.2.5 is vulnerable to link injection. By persuading a victim to click on a specially-crafted URL link, a remote ...
IBM Infosphere BigInsights 4.2.0 and 4.2.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code i...
IBM Infosphere BigInsights 4.2.0 and 4.2.5 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit ...
Untrusted search path vulnerability in Installer of Flets Easy Setup Tool Ver1.2.0 and earlier allows an attacker to gain privileges via a Trojan hors...
Memory corruption vulnerability in Rakuraku Hagaki (Rakuraku Hagaki 2018, Rakuraku Hagaki 2017, Rakuraku Hagaki 2016) and Rakuraku Hagaki Select for I...
OpenAM (Open Source Edition) allows an attacker to bypass authentication and access unauthorized contents via unspecified vectors. Note that this vuln...
A vulnerability in the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series Next-Generation Firewall (NGFW), and Cisco Firepower ...
A vulnerability in the restricted shell of the Cisco Identity Services Engine (ISE) that is accessible via SSH could allow an authenticated, local att...
A vulnerability within the firewall configuration of the Cisco Application Policy Infrastructure Controller Enterprise Module (APIC-EM) could allow an...
A vulnerability in 802.11 association request frame processing for the Cisco Aironet 1560, 2800, and 3800 Series Access Points could allow an unauthen...
A vulnerability in Extensible Authentication Protocol (EAP) ingress frame processing for the Cisco Aironet 1560, 2800, and 3800 Series Access Points c...
A vulnerability in the implementation of 802.11v Basic Service Set (BSS) Transition Management functionality in Cisco Wireless LAN Controllers could a...
A vulnerability in the web framework code for the SQL database interface of the Cisco Prime Collaboration Provisioning application could allow an auth...
A vulnerability in the Smart Licensing Manager service of the Cisco Firepower 4100 Series Next-Generation Firewall (NGFW) and Firepower 9300 Security ...
A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco Wireless LAN Controllers could allow an authenticated, remote atta...
A vulnerability in the packet processing code of Cisco IOS Software for Cisco Aironet Access Points could allow an unauthenticated, adjacent attacker ...
A vulnerability in the Control and Provisioning of Wireless Access Points (CAPWAP) Discovery Request parsing functionality of Cisco Wireless LAN Contr...
A vulnerability in the implementation of Protected Extensible Authentication Protocol (PEAP) functionality for standalone configurations of Cisco Airo...
A vulnerability in the Access Network Query Protocol (ANQP) ingress frame processing functionality of Cisco Wireless LAN Controllers could allow an un...
A vulnerability in the handling of 802.11w Protected Management Frames (PAF) by Cisco Aironet 3800 Series Access Points could allow an unauthenticated...
A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a ...
A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access sensitive data about the application. An atta...
WordPress before 4.8.3 is affected by an issue where $wpdb->prepare() can create unexpected and unsafe queries leading to potential SQL injection (SQL...
SecurityCenter versions 5.5.0, 5.5.1 and 5.5.2 contain a SQL Injection vulnerability that could be exploited by an authenticated user with sufficient ...
There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are af...
ChakraCore allows an attacker to gain the same user rights as the current user, due to the way that the ChakraCore scripting engine handles objects in...
In Vir.IT eXplorer Anti-Virus before 8.5.42, the driver file (VIAGLT64.SYS) contains an Arbitrary Write vulnerability because of not validating input ...
Ipswitch WS_FTP Professional before 12.6.0.3 has buffer overflows in the local search field and the backup locations field, aka WSCLT-1729.
In the yajl-ruby gem 1.3.0 for Ruby, when a crafted JSON file is supplied to Yajl::Parser.new.parse, the whole ruby process crashes with a SIGABRT in ...
MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ES_113WJY0b16 devices allow remote authenticated users to obtain root access by specifying ...
MitraStar GPT-2541GNAC (HGU) 1.00(VNJ0)b1 and DSL-100HN-T1 ES_113WJY0b16 devices have a zyad1234 password for the zyad1234 account, which is equivalen...
Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before 16.04.2 are vulnerable to users staying logged in to their Mahara account even w...
Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 and 15.04 before 15.04.0 are vulnerable to a maliciously created .swf files that c...
Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before 16.04.2 are vulnerable to a user - in some circumstances causing another user's ...
Mahara 1.8 before 1.8.6 and 1.9 before 1.9.4 and 1.10 before 1.10.1 and 15.04 before 15.04.0 are vulnerable because group members can lose access to t...
Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 and 15.04 before 15.04.0 are vulnerable as logged-in users can stay logged in afte...
Mahara 1.8 before 1.8.6 and 1.9 before 1.9.4 and 1.10 before 1.10.1 and 15.04 before 15.04.0 are vulnerable to old sessions not being invalidated afte...
Mahara 1.10 before 1.10.0 and 15.04 before 15.04.0 are vulnerable to possible cross site scripting when adding a text block to a page via the keyboard...
Mahara 1.10 before 1.10.0 and 15.04 before 15.04.0 are vulnerable to possible cross site scripting when dragging/dropping files into a collection if t...
Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 and 15.04 before 15.04.0 are vulnerable to server-side request forgery attacks as ...
Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 and 15.04 before 15.04.0 are vulnerable to a maliciously created .xml file that ca...
Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 and 15.04 before 15.04.0 are vulnerable to users being able to delete their submit...
Mahara 1.8 before 1.8.7 and 1.9 before 1.9.5 and 1.10 before 1.10.3 and 15.04 before 15.04.0 are vulnerable to users receiving watchlist notifications...
Mahara 1.9 before 1.9.6 and 1.10 before 1.10.4 and 15.04 before 15.04.1 are vulnerable to a site admin or institution admin being able to place HTML a...
Mahara 1.9 before 1.9.7 and 1.10 before 1.10.5 and 15.04 before 15.04.2 are vulnerable to anonymous comments being able to be placed on artefact detai...
Mahara 1.9 before 1.9.7 and 1.10 before 1.10.5 and 15.04 before 15.04.2 are vulnerable to the arbitrary execution of Javascript in the browser of a lo...
Mahara 1.9 before 1.9.8 and 1.10 before 1.10.6 and 15.04 before 15.04.3 are vulnerable to perform a cross-site request forgery (CSRF) attack on the up...
Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before 16.04.2 are vulnerable to PHP code execution as Mahara would pass portions of th...
Mahara 1.10 before 1.10.9 and 15.04 before 15.04.6 and 15.10 before 15.10.2 are vulnerable to XSS due to window.opener (target="_blank" and window.ope...
Mahara 15.04 before 15.04.7 and 15.10 before 15.10.3 are vulnerable to prevent session IDs from being regenerated on login or logout. This makes users...
Mahara 15.04 before 15.04.9 and 15.10 before 15.10.5 and 16.04 before 16.04.3 are vulnerable to passwords or other sensitive information being passed ...
Mahara 15.04 before 15.04.7 and 15.10 before 15.10.3 running PHP 5.3 are vulnerable to one user being logged in as another user on a separate computer...
Mahara 15.04 before 15.04.10 and 15.10 before 15.10.6 and 16.04 before 16.04.4 are vulnerable to incorrect access control after the password reset lin...
Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before 16.04.2 are vulnerable to some authentication methods, which do not use Mahara's...
Mahara 15.04 before 15.04.8 and 15.10 before 15.10.4 and 16.04 before 16.04.2 are vulnerable to profile pictures being accessed without any access con...
Mahara 15.04 before 15.04.9 and 15.10 before 15.10.5 and 16.04 before 16.04.3 are vulnerable to a group's configuration page being editable by any gro...
Mahara 15.04 before 15.04.13 and 16.04 before 16.04.7 and 16.10 before 16.10.4 and 17.04 before 17.04.2 are vulnerable to recording plain text passwor...
Mahara Mobile before 1.2.1 is vulnerable to passwords being sent to the Mahara access log in plain text.
A potential security vulnerability has been identified in HPE Performance Center versions 12.20. The vulnerability could be remotely exploited to allo...
The usb_serial_console_disconnect function in drivers/usb/serial/console.c in the Linux kernel before 4.13.8 allows local users to cause a denial of s...
drivers/uwb/uwbd.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (general protection fault and system crash) or po...
sound/usb/mixer.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (snd_usb_mixer_interrupt use-after-free and system...
sound/core/seq_device.c in the Linux kernel before 4.13.4 allows local users to cause a denial of service (snd_rawmidi_dev_seq_free use-after-free and...
The snd_usb_create_streams function in sound/usb/card.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-boun...
The uas driver in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly hav...
drivers/usb/core/config.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out-of-bounds read and system crash) or p...
The get_endpoints function in drivers/usb/misc/usbtest.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL poi...
The usbhid_parse function in drivers/hid/usbhid/hid-core.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (out-of-b...
The cdc_parse_cdc_header function in drivers/usb/core/message.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (out...
The usb_get_bos_descriptor function in drivers/usb/core/config.c in the Linux kernel before 4.13.10 allows local users to cause a denial of service (o...
The cx231xx_usb_probe function in drivers/media/usb/cx231xx/cx231xx-cards.c in the Linux kernel through 4.13.11 allows local users to cause a denial o...
The imon_probe function in drivers/media/rc/imon.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer d...
drivers/media/usb/dvb-usb-v2/lmedm04.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (general protection fault a...
The DefaultLinuxSpec function in oci/defaults.go in Docker Moby through 17.03.2-ce does not block /proc/scsi pathnames, which allows attackers to trig...
Tor Browser before 7.0.9 on macOS and Linux allows remote attackers to bypass the intended anonymity feature and discover a client IP address via vect...
OpenEMR before 5.0.0 Patch 5 allows unauthenticated remote database copying because setup.php exposes functionality for cloning an existing OpenEMR si...
Zoho ManageEngine Applications Manager 13 before build 13500 allows Post-authentication SQL injection via the name parameter in a manageApplications.d...
Zoho ManageEngine Applications Manager 13 before build 13500 allows SQL injection via GraphicalView.do, as demonstrated by a crafted viewProps yCanvas...
The ReadWPGImage function in coders/wpg.c in GraphicsMagick 1.3.26 does not properly validate colormapped images, which allows remote attackers to cau...
The ReadWPGImage function in coders/wpg.c in ImageMagick 7.0.7-9 does not properly validate the colormap index in a WPG palette, which allows remote a...
The DrawImage function in magick/render.c in GraphicsMagick 1.3.26 does not properly look for pop keywords that are associated with push keywords, whi...
The receive_xattr function in xattrs.c in rsync 3.1.2 and 3.1.3-development does not check for a trailing '\0' character in an xattr name, which allow...
Cross-site scripting (XSS) exists in Zurmo 3.2.1.57987acc3018 via a data: URL in the redirectUrl parameter to app/index.php/meetings/default/createMee...
Web Viewer 1.0.0.193 on Samsung SRN-1670D devices suffers from an Unrestricted file upload vulnerability: 'network_ssl_upload.php' allows remote authe...
Cross-Site Request Forgery (CSRF) in the Basic Settings screen on Vonage (Grandstream) HT802 devices allows attackers to modify settings, related to c...
Stored Cross-site scripting (XSS) vulnerability in /cgi-bin/config2 on Vonage (Grandstream) HT802 devices allows remote authenticated users to inject ...
Cross-Site Request Forgery (CSRF) in /cgi-bin/login on Vonage (Grandstream) HT802 devices allows attackers to authenticate a user via the login screen...
An Open URL Redirect issue exists in Zurmo 3.2.1.57987acc3018 via an http: URL in the redirectUrl parameter to app/index.php/meetings/default/createMe...
KeystoneJS before 4.0.0-beta.7 allows application-wide CSRF bypass by removing the CSRF parameter and value, aka SecureLayer7 issue number SL7_KEYJS_0...
sosreport in SoS 3.x allows local users to obtain sensitive information from sosreport files or gain privileges via a symlink attack on an archive fil...
Cross-site scripting (XSS) vulnerability in the Taxonomy Find module 6.x-2.x through 6.x-1.2 and 7.x-2.x through 7.x-1.0 in Drupal allows remote authe...
TRITON AP-EMAIL 8.2 before 8.2 IB does not properly restrict file access in an unspecified directory.
The read_header function in libavcodec/ffv1dec.c in FFmpeg 2.4 and 3.3.4 and possibly earlier allows remote attackers to have unspecified impact via a...
In HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 5.0.1, a local attacker or malware can silently subvert the plugin update proces...
Multiple potential reflected XSS issues exist in NetIQ iManager versions before 2.7.7 Patch 10 HF2 and 3.0.3.2.
The kvm_vm_ioctl_check_extension function in arch/powerpc/kvm/powerpc.c in the Linux kernel before 4.13.11 allows local users to cause a denial of ser...
An Untrusted Pointer Dereference issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. A remote attacker is able to execute cod...
A Stack-based Buffer Overflow issue was discovered in Advantech WebAccess versions prior to V8.2_20170817. The application lacks proper validation of ...
An Improper Input Validation issue was discovered in Siemens SIMATIC PCS 7 V8.1 prior to V8.1 SP1 with WinCC V7.3 Upd 13, and V8.2 all versions. The i...
An Improper Input Validation issue was discovered in ABB FOX515T release 1.0. An improper input validation vulnerability has been identified, allowing...
An Uncontrolled Search Path Element issue was discovered in Trihedral VTScada 11.3.03 and prior. The program will execute specially crafted malicious ...
An Improper Access Control issue was discovered in Trihedral VTScada 11.3.03 and prior. A local, non-administrator user has privileges to read and wri...
In TinyWebGallery v2.4, an XSS vulnerability is located in the `mkname`, `mkitem`, and `item` parameters of the `Add/Create` module. Remote attackers ...
In Bludit v1.5.2 and v2.0.1, an XSS vulnerability is located in the new page, new category, and edit post function body message context. Remote attack...
In Vectura Perfect Privacy VPN Manager v1.10.10 and v1.10.11, when resetting the network data via the software client, with a running VPN connection, ...
Prior to SEP 12.1 RU6 MP9 & SEP 14 RU1 Symantec Endpoint Protection Windows endpoint can encounter a situation whereby an attacker could use the produ...
Symantec Endpoint Protection prior to SEP 12.1 RU6 MP9 could be susceptible to a privilege escalation vulnerability, which is a type of issue that all...
The Gentoo net-misc/vde package before version 2.3.2-r4 may allow members of the "qemu" group to gain root privileges by creating a hard link in a dir...
Prior to SEP 14 RU1 Symantec Endpoint Protection product can encounter an issue of Tamper-Protection Bypass, which is a type of attack that bypasses t...
An improper restriction of excessive authentication attempts vulnerability in /principals in Synology CardDAV Server before 6.0.7-0085 allows remote a...
An exploitable information disclosure vulnerability exists in the apid daemon of the Circle with Disney running firmware 2.0.1. A specially crafted se...
A backdoor vulnerability exists in remote control functionality of Circle with Disney running firmware 2.0.1. A specific set of network packets can re...
An exploitable routing vulnerability exists in the Circle with Disney cloud infrastructure. A specially crafted packet can make the Circle cloud route...
An exploitable vulnerability exists in the WiFi Channel parsing of Circle with Disney running firmware 2.0.1. A specially crafted SSID can cause the d...
An exploitable vulnerability exists in the WiFi management of Circle with Disney. A crafted Access Point with the same name as the legitimate one can ...
An exploitable vulnerability exists in the generation of authentication token functionality of Circle with Disney. Specially crafted network packets c...
An exploitable vulnerability exists in the firmware update functionality of Circle with Disney. Specially crafted network packets can cause the produc...
An exploitable vulnerability exists in the /api/CONFIG/backup functionality of Circle with Disney. Specially crafted network packets can cause an OS c...
An exploitable vulnerability exists in the torlist update functionality of Circle with Disney running firmware 2.0.1. Specially crafted network packet...
An exploitable vulnerability exists in the servers update functionality of Circle with Disney running firmware 2.0.1. Specially crafted network packet...
An exploitable vulnerability exists in the database update functionality of Circle with Disney running firmware 2.0.1. Specially crafted network packe...
An exploitable vulnerability exists in the user photo update functionality of Circle with Disney running firmware 2.0.1. A repeated set of specially c...
An exploitable Denial of Service vulnerability exists in the API daemon of Circle with Disney running firmware 2.0.1. A large amount of simultaneous T...
An exploitable vulnerability exists in the /api/CONFIG/restore functionality of Circle with Disney running firmware 2.0.1. Specially crafted network p...
An exploitable use-after-free vulnerability exists in the HTTP server implementation of Cesanta Mongoose 6.8. An ordinary HTTP POST request with a CGI...
An exploitable arbitrary memory read vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT p...
An exploitable NULL pointer dereference vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. An MQTT SUBSCRIBE packe...
An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT S...
An exploitable arbitrary memory read vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT S...
An exploitable vulnerability exists in the signature verification of the firmware update functionality of Circle with Disney. Specially crafted networ...
An infinite loop programming error exists in the DNS server functionality of Cesanta Mongoose 6.8 library. A specially crafted DNS request can cause a...
An exploitable vulnerability exists in the remote control functionality of Circle with Disney running firmware 2.0.1. SSL certificates for specific do...
An exploitable vulnerability exists in the remote control functionality of Circle with Disney running firmware 2.0.1. SSL certificates for specific do...
An exploitable vulnerability exists in the filtering functionality of Circle with Disney. SSL certificates for specific domain names can cause the Blu...
An exploitable authentication bypass vulnerability exists in the API daemon of Circle with Disney running firmware 2.0.1. A specially crafted token ca...
An exploitable vulnerability exists in the WiFi configuration functionality of Circle with Disney running firmware 2.0.1. A specially crafted SSID can...
An exploitable vulnerability exists in the /api/CONFIG/restore functionality of Circle with Disney running firmware 2.0.1. Specially crafted network p...
An exploitable vulnerability exists in the notifications functionality of Circle with Disney running firmware 2.0.1. Specially crafted network packets...
An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. A specially crafted websocket ...
An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. A specially crafted websocket ...
lib/rrd.php in Cacti 1.1.27 allows remote authenticated administrators to execute arbitrary OS commands via the path_rrdtool parameter in an action=sa...
The Net::Ping::External extension through 0.15 for Perl does not properly sanitize arguments (e.g., invalid hostnames) containing shell metacharacters...
A Plaintext Storage of a Password issue was discovered in Kabona AB WebDatorCentral (WDC) versions prior to Version 3.4.0. WDC stores password credent...
In PHP before 5.6.32, 7.x before 7.0.25, and 7.1.x before 7.1.11, an error in the date extension's timelib_meridian handling of 'front of' and 'back o...
/view/friend_profile.php in Ingenious School Management System 2.3.0 is vulnerable to Boolean-based and Time-based SQL injection in the 'friend_index'...
The parse_hid_report_descriptor function in drivers/input/tablet/gtco.c in the Linux kernel before 4.13.11 allows local users to cause a denial of ser...
The hdpvr_probe function in drivers/media/usb/hdpvr/hdpvr-core.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (...
The ims_pcu_get_cdc_union_desc function in drivers/input/misc/ims-pcu.c in the Linux kernel through 4.13.11 allows local users to cause a denial of se...
drivers/media/usb/dvb-usb/dib0700_devices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (BUG and system crash)...
drivers/net/usb/asix_devices.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and syste...
The dvb_frontend_free function in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel through 4.13.11 allows local users to cause a denial of se...
The usbnet_generic_cdc_bind function in drivers/net/usb/cdc_ether.c in the Linux kernel through 4.13.11 allows local users to cause a denial of servic...
The qmi_wwan_bind function in drivers/net/usb/qmi_wwan.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (divide-b...
An exploitable vulnerability exists in the YAML parsing functionality in the parse_yaml_query method in parser.py in MLAlchemy before 0.2.2. When proc...
An exploitable vulnerability exists in the YAML parsing functionality in the YAMLParser method in Interfaces.py in PyAnyAPI before 0.6.1. A YAML parse...
An exploitable vulnerability exists in the YAML loading functionality of util.py in OwlMixin before 2.0.0a12. A "Load YAML" string or file (aka load_y...
The Gentoo mail-filter/assp package 1.9.8.13030 and earlier allows local users to gain privileges by leveraging access to the assp user account to ins...
Cacti 1.1.27 allows remote authenticated administrators to conduct Remote Code Execution attacks by placing the Log Path under the web root, and then ...
Cacti 1.1.27 allows remote authenticated administrators to read arbitrary files by placing the Log Path into a private directory, and then making a cl...
In sam2p 0.49.4, there are integer overflows (with resultant heap-based buffer overflows) in input-bmp.ci in the function ReadImage, because "width * ...
Special crafted InPage document leads to arbitrary code execution in InPage reader.
A potential security vulnerability has been identified in HPE Content Manager Workgroup Service v9.00. The vulnerability could be remotely exploited t...
Multiple SQL injection vulnerabilities in inc/lib/User.class.php in MetalGenix GeniXCMS before 0.0.3-patch allow remote attackers to execute arbitrary...
The XML parsers in iText before 5.5.12 and 7.x before 7.0.3 do not disable external entities, which might allow remote attackers to conduct XML extern...
RemObjects Remoting SDK 9 1.0.0.0 for Delphi is vulnerable to a reflected Cross Site Scripting (XSS) attack via the service parameter to the /soap URI...
backintime (aka Back in Time) before 1.1.24 did improper escaping/quoting of file paths used as arguments to the 'notify-send' command, leading to som...
It was discovered that the fix for CVE-2017-12150 was not properly shipped in erratum RHSA-2017:2858 for Red Hat Gluster Storage 3.3 for RHEL 6.
It was discovered that the fix for CVE-2017-12151 was not properly shipped in erratum RHSA-2017:2858 for Red Hat Gluster Storage 3.3 for RHEL 6.
It was discovered that the fix for CVE-2017-12163 was not properly shipped in erratum RHSA-2017:2858 for Red Hat Gluster Storage 3.3 for RHEL 6.
bgpd in FRRouting (FRR) before 2.0.2 and 3.x before 3.0.2, as used in Cumulus Linux before 3.4.3 and other products, allows remote attackers to obtain...
The ManageEngine ServiceDesk 9.3.9328 is vulnerable to arbitrary file downloads due to improper restrictions of the pathname used in the filepath para...
The ManageEngine ServiceDesk 9.3.9328 is vulnerable to arbitrary file downloads due to improper restrictions of the pathname used in the name paramete...
coders/wpg.c in GraphicsMagick 1.3.26 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possi...
A Buffer Overflow issue was discovered in Asterisk Open Source 13 before 13.18.1, 14 before 14.7.1, and 15 before 15.1.1 and Certified Asterisk 13.13 ...
An issue was discovered in Asterisk Open Source 13 before 13.18.1, 14 before 14.7.1, and 15 before 15.1.1 and Certified Asterisk 13.13 before 13.13-ce...
Datto Backup Agent 1.0.6.0 and earlier does not authenticate incoming connections. This allows an attacker to impersonate a Datto Backup Appliance to ...
Datto Windows Agent allows unauthenticated remote command execution via a modified command in conjunction with CVE-2017-16673 exploitation, aka an att...
Roundcube Webmail before 1.1.10, 1.2.x before 1.2.7, and 1.3.x before 1.3.3 allows unauthorized access to arbitrary files on the host's filesystem, in...
Red Hat JBoss A-MQ 6.x; BPM Suite (BPMS) 6.x; BRMS 6.x and 5.x; Data Grid (JDG) 6.x; Data Virtualization (JDV) 6.x and 5.x; Enterprise Application Pla...
The swf_DefineLosslessBitsTagToImage function in lib/modules/swfbits.c in SWFTools 0.9.2 mishandles an uncompress failure, which allows remote attacke...
Hola VPN 1.34 has weak permissions (Everyone:F) under %PROGRAMFILES%, which allows local users to gain privileges via a Trojan horse 7za.exe or hola.e...
Cross-site scripting (XSS) vulnerability in admin/partials/uif-access-token-display.php in the Ultimate Instagram Feed plugin before 1.3 for WordPress...
The installation process in LibreNMS before 2017-08-18 allows remote attackers to read arbitrary files, related to html/install.php.
Buffer overflow in the SoftConsole client in Avaya IP Office before 10.1.1 allows remote servers to execute arbitrary code via a long response.
NetApp OnCommand Unified Manager for 7-mode (core package) versions prior to 5.2.1 are susceptible to a clickjacking or "UI redress attack" which coul...
The Node_GetData function in corec/corec/node/node.c in mkvalidator 0.5.1 allows remote attackers to cause a denial of service (Null pointer dereferen...
The ReadData function in ebmlstring.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (invalid free and applicatio...
The EBML_BufferToID function in ebmlelement.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (Null pointer derefe...
The ReadData function in ebmlmaster.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (assert fault) via a crafted...
The ReadDataFloat function in ebmlnumber.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (assert fault) via a cr...
The EBML_FindNextElement function in ebmlmain.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (Null pointer dere...
The UpdateDataSize function in ebmlmaster.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (assert fault) via a c...
The EBML_IntegerValue function in ebmlnumber.c in libebml2 through 2012-08-26 allows remote attackers to cause a denial of service (assert fault) via ...
The Node_ValidatePtr function in corec/corec/node/node.c in mkclean 0.8.9 allows remote attackers to cause a denial of service (assert fault) via a cr...
Buffer overflow in the ViewerCtrlLib.ViewerCtrl ActiveX control in Avaya IP Office Contact Center before 10.1.1 allows remote attackers to cause a den...
The SuSEfirewall2 package before 3.6.312-2.13.1 in SUSE Linux Enterprise (SLE) Desktop 12 SP2, Server 12 SP2, and Server for Raspberry Pi 12 SP2; befo...
The Debut embedded http server contains a remotely exploitable denial of service where a single malformed HTTP POST request can cause the server to ha...
The UserPro plugin before 4.9.17.1 for WordPress, when used on a site with the "admin" username, allows remote attackers to bypass authentication and ...
Persistent Cross-Site Scripting (XSS) vulnerability in Logitech Media Server 7.9.0, affecting the "Favorites" feature. This vulnerability allows remot...
Persistent Cross-Site Scripting (XSS) vulnerability in Logitech Media Server 7.9.0, affecting the "Radio" functionality. This vulnerability allows att...
In Joomla! before 3.8.2, a logic bug in com_fields exposed read-only information about a site's custom fields to unauthorized users.
In Joomla! before 3.8.2, a bug allowed third parties to bypass a user's 2-factor authentication method.
Bolt before 3.3.6 does not properly restrict access to _profiler routes, related to EventListener/ProfilerListener.php and Provider/EventListenerServi...
NetApp Clustered Data ONTAP before 8.3.2P8 and 9.0 before P2 allow remote authenticated users to obtain sensitive cluster and tenant information via u...
Savitech driver packages for Windows silently install a self-signed certificate into the Trusted Root Certification Authorities store, aka "Inaudible ...
In Inedo BuildMaster before 5.8.2, XslTransform was used where XslCompiledTransform should have been used.
Inedo BuildMaster before 5.8.2 has XSS.
An Open Redirect vulnerability in Inedo BuildMaster before 5.8.2 allows remote attackers to redirect users to arbitrary web sites.
Sanic before 0.5.1 allows reading arbitrary files with directory traversal, as demonstrated by the /static/..%2f substring.
An exploitable vulnerability exists in the YAML parsing functionality in config.py in Confire 0.2.0. Due to the user-specific configuration being load...
An exploitable vulnerability exists in the YAML parsing functionality in the read_yaml_file method in io_utils.py in django_make_app 0.1.3. A YAML par...
XSS exists on D-Link DWR-933 1.00(WW)B17 devices via cgi-bin/gui.cgi.
The installer in MyBB before 1.8.13 allows remote attackers to execute arbitrary code by writing to the configuration file.
The installer in MyBB before 1.8.13 has XSS.
In Home Assistant before 0.57, it is possible to inject JavaScript code into a persistent notification via crafted Markdown text, aka XSS.
In CMS Made Simple 2.1.6, there is Server-Side Template Injection via the cntnt01detailtemplate parameter.
In CMS Made Simple 2.2.2, there is Reflected XSS via the cntnt01detailtemplate parameter.
Cacti 1.1.27 has reflected XSS via the PATH_INFO to host.php.
Inedo BuildMaster before 5.8.2 does not properly restrict creation of RequireManageAllPrivileges event listeners.
The wav_convert2mono function in lib/wav.c in SWFTools 0.9.2 does not properly validate WAV data, which allows remote attackers to cause a denial of s...
The png_load function in lib/png.c in SWFTools 0.9.2 does not properly validate a multiplication of width and bits-per-pixel values, which allows remo...
In SWFTools 0.9.2, the png_load function in lib/png.c does not check the return value of a realloc call, which allows remote attackers to cause a deni...
In SWFTools 0.9.2, the png_load function in lib/png.c does not properly validate an alloclen_64 multiplication of width and height values, which allow...
In CMS Made Simple 2.2.3.1, the is_file_acceptable function in modules/FileManager/action.upload.php only blocks file extensions that begin or end wit...
In CMS Made Simple 2.2.3.1, in modules/New/action.addcategory.php, stored XSS is possible via the m1_name parameter to admin/moduleinterface.php durin...
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to...
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affe...
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affe...
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affe...
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "APFS" component. It does not properly res...
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affe...
An issue was discovered in certain Apple products. Safari before 11.0.1 is affected. The issue involves the "Safari" component. It allows remote attac...
An issue was discovered in certain Apple products. Safari before 11.0.1 is affected. The issue involves the "Safari" component. It allows remote attac...
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affe...
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affe...
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affe...
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affe...
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affe...
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affe...
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affe...
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affe...
An issue was discovered in certain Apple products. iOS before 11.1 is affected. macOS before 10.13.1 is affected. tvOS before 11.1 is affected. watchO...
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "APFS" component. It allows attackers to e...
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Dictionary Widget" component. It allows a...
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affe...
An issue was discovered in certain Apple products. iOS before 11.1 is affected. Safari before 11.0.1 is affected. iCloud before 7.1 on Windows is affe...
An issue was discovered in certain Apple products. iOS before 11.1 is affected. macOS before 10.13.1 is affected. tvOS before 11.1 is affected. watchO...
An issue was discovered in certain Apple products. iOS before 11.1 is affected. The issue involves the "Siri" component. It allows physically proximat...
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Audio" component. It allows remote attack...
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Remote Management" component. It allows a...
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "AppleScript" component. It allows remote ...
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows local users ...
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "fsck_msdos" component. It allows attacker...
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "libarchive" component. It allows remote a...
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "libarchive" component. It allows remote a...
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "ImageIO" component. It allows remote atta...
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the third-party "file" product. Versions befor...
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "libarchive" component. It allows remote a...
An out-of-bounds read issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It ...
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to...
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "HelpViewer" component. A cross-site scrip...
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "ATS" component. It allows remote attacker...
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "CFString" component. It allows attackers ...
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Quick Look" component. It allows attacker...
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "QuickTime" component. It allows attackers...
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Open Scripting Architecture" component. I...
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "CoreText" component. It allows remote att...
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Fonts" component. It allows remote attack...
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "CFNetwork" component. It allows attackers...
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "HFS" component. It allows attackers to ex...
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "ImageIO" component. It allows remote atta...
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "802.1X" component. It allows attackers to...
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "CFNetwork" component. It allows attackers...
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows remote attac...
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to...
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Sandbox" component. It allows attackers t...
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to...
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to...
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to...
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Kernel" component. It allows attackers to...
An issue was discovered in certain Apple products. iOS before 11.1 is affected. The issue involves the "Messages" component. It allows physically prox...
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the third-party "PCRE" product. Versions befor...
An issue was discovered in certain Apple products. iOS before 11.1 is affected. tvOS before 11.1 is affected. watchOS before 4.1 is affected. The issu...
An issue was discovered in certain Apple products. iOS before 11.1 is affected. macOS before 10.13.1 is affected. tvOS before 11.1 is affected. watchO...
An issue was discovered in certain Apple products. iOS before 11.1 is affected. The issue involves the "UIKit" component. It allows attackers to bypas...
An issue was discovered in certain Apple products. macOS before 10.13.1 is affected. The issue involves the "Quick Look" component. It allows remote a...
Privilege Escalation on iBall iB-WRA300N3GT iB-WRA300N3GT_1.1.1 devices allows remote authenticated users to obtain root privileges by leveraging a gu...
The Kickbase GmbH "Kickbase Bundesliga Manager" app before 2.2.1 -- aka kickbase-bundesliga-manager/id678241305 -- for iOS is vulnerable to a credenti...
Stored cross-site scripting (XSS) vulnerability in "geminabox" (Gem in a Box) before 0.13.10 allows attackers to inject arbitrary web script via the "...
Cross-site scripting (XSS) vulnerability in Octopus Deploy 3.7.0-3.17.13 (fixed in 3.17.14) allows remote authenticated users to inject arbitrary web ...
The Debian pg_ctlcluster, pg_createcluster, and pg_upgradecluster scripts, as distributed in the Debian postgresql-common package before 181+deb9u1 fo...
An installer defect known as an "unquoted Windows search path vulnerability" affected the Apache OpenOffice before 4.1.3 installers for Windows. The P...
Buffer overflow in NTT DOCOMO Wi-Fi STATION L-02F Software version L02F-MDM9625-V10h-JUN-23-2017-DCM-JP and earlier allows an attacker to execute arbi...
I-O DATA DEVICE LAN DISK Connect Ver2.02 and earlier allows an attacker to cause a denial of service in the application via unspecified vectors.
Untrusted search path vulnerability in HYPER SBI Ver. 2.2 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified d...
In Apache Hadoop versions 2.6.1 to 2.6.5, 2.7.0 to 2.7.3, and 3.0.0-alpha1, if a file in an encryption zone with access permissions that make it world...
A reflected Cross-site Scripting (XSS) vulnerability in web proxy disclaimer response web pages in Fortinet FortiOS 5.6.0, 5.4.0 to 5.4.5, 5.2.0 to 5....
In the sharingGroupPopulateOrganisations function in app/webroot/js/misp.js in MISP 2.4.82, there is XSS via a crafted organisation name that is manua...
A local privilege escalation vulnerability was identified in the Realtek audio driver versions prior to 6.0.1.8224 in some Lenovo ThinkPad products. A...
Authentication vulnerability found in Dahua NVR models NVR50XX, NVR52XX, NVR54XX, NVR58XX with software before DH_NVR5xxx_Eng_P_V2.616.0000.0.R.201711...
Paperclip ruby gem version 3.1.4 and later suffers from a Server-SIde Request Forgery (SSRF) vulnerability in the Paperclip::UriAdapter class. Attacke...
The private_address_check ruby gem before 0.4.0 is vulnerable to a bypass due to use of Ruby's Resolv.getaddresses method, which is OS-dependent and s...
The Recurly Client Ruby Library before 2.0.13, 2.1.11, 2.2.5, 2.3.10, 2.4.11, 2.5.4, 2.6.3, 2.7.8, 2.8.2, 2.9.2, 2.10.4, 2.11.3 is vulnerable to a Ser...
The Recurly Client Python Library before 2.0.5, 2.1.16, 2.2.22, 2.3.1, 2.4.5, 2.5.1, 2.6.2 is vulnerable to a Server-Side Request Forgery vulnerabilit...
The Recurly Client .NET Library before 1.0.1, 1.1.10, 1.2.8, 1.3.2, 1.4.14, 1.5.3, 1.6.2, 1.7.1, 1.8.1 is vulnerable to a Server-Side Request Forgery ...
Cloud Foundry Foundation GrootFS release 0.3.x versions prior to 0.30.0 do not validate DiffIDs, allowing specially crafted images to poison the groot...
In Libav through 11.11 and 12.x through 12.1, the smacker_decode_tree function in libavcodec/smacker.c does not properly restrict tree recursion, whic...
In AutomationDirect CLICK Programming Software (Part Number C0-PGMSW) Versions 2.10 and prior; C-More Programming Software (Part Number EA9-PGMSW) Ver...
A Stack-based Buffer Overflow issue was discovered in Schneider Electric InduSoft Web Studio v8.0 SP2 Patch 1 and prior versions, and InTouch Machine ...
In Redmine before 3.2.7 and 3.3.x before 3.3.4, the reminders function in app/models/mailer.rb does not check whether an issue is visible, which allow...
In radare2 2.0.1, libr/bin/dwarf.c allows remote attackers to cause a denial of service (invalid read and application crash) via a crafted ELF file, r...
The Process function in RemoteTaskServer/WebServer/HttpServer.cs in Ulterius before 1.9.5.0 allows HTTP server directory traversal.
A cross-site Scripting (XSS) vulnerability in Kirby Panel before 2.3.3, 2.4.x before 2.4.2, and 2.5.x before 2.5.7 exists when displaying a specially ...
tcpdump before 4.9.3 has a heap-based buffer over-read related to aoe_print in print-aoe.c and lookup_emem in addrtoname.c.
A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALER...
Prior to SEE v11.1.3MP1, Symantec Endpoint Encryption can be susceptible to a denial of service (DoS) attack, which is a type of attack whereby the pe...
Prior to SEE v11.1.3MP1, Symantec Endpoint Encryption can be susceptible to a null pointer de-reference issue, which can result in a NullPointerExcept...
IBM Tivoli Endpoint Manager (IBM BigFix 9.2 and 9.5) does not require that users should have strong passwords by default, which makes it easier for at...
IBM Tivoli Endpoint Manager (IBM BigFix 9.2 and 9.5) could allow a remote attacker to obtain sensitive information, caused by the failure to properly ...
IBM Security Access Manager Appliance 9.0.3 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a spec...
IBM Security Access Manager Appliance 9.0.3 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker ...
A vulnerability in the Service Assistant GUI in IBM Storwize V7000 (2076) 8.1 could allow a remote attacker to perform a privilege escalation. IBM X-F...
Cross-site scripting (XSS) vulnerability in the All Variables tab in Octopus Deploy 3.4.0-3.13.6 (fixed in 3.13.7) allows remote attackers to inject a...
Apache CXF supports sending and receiving attachments via either the JAX-WS or JAX-RS specifications. It is possible to craft a message attachment hea...
An elevation of Privilege vulnerability exists in the Thermal Driver, where a missing bounds checks in the thermal throttle driver can cause an out-of...
An information disclosure vulnerability exists in the Thermal Driver, where a missing bounds checking in the thermal driver could allow a read from an...
In OpenStack Nova through 14.0.9, 15.x through 15.0.7, and 16.x through 16.0.2, by rebuilding an instance, an authenticated user may be able to circum...
An elevation of privilege vulnerability exists in the NVIDIA GPU driver (gm20b_clk_throt_set_cdev_state), where an out of bound memory read is used as...
Multiple cross-site scripting (XSS) vulnerabilities in Kodak InSite 6.5 to 8.0 allow remote attackers to inject arbitrary web script via the (1) "para...
installer.php in the Snap Creek Duplicator (WordPress Site Migration & Backup) plugin before 1.2.30 for WordPress has XSS because the values "url_new"...
Due to differences in the Erlang-based JSON parser and JavaScript-based JSON parser, it is possible in Apache CouchDB before 1.7.0 and 2.x before 2.1....
CouchDB administrative users can configure the database server via HTTP(S). Some of the configuration options include paths for operating system-level...
The csnmp_read_table function in snmp.c in the SNMP plugin in collectd before 5.6.3 is susceptible to a double free in a certain error case, which cou...
In BlackBerry QNX Software Development Platform (SDP) 6.6.0, an elevation of privilege vulnerability in the default configuration of the QNX SDP with ...
In BlackBerry QNX Software Development Platform (SDP) 6.6.0, an information disclosure vulnerability in the default configuration of the QNX SDP could...
In BlackBerry QNX Software Development Platform (SDP) 6.6.0, the default configuration of the QNX SDP system did not in all circumstances prevent atta...
In BlackBerry QNX Software Development Platform (SDP) 6.6.0 and 6.5.0 SP1 and earlier, an information disclosure vulnerability in the default configur...
In BlackBerry QNX Software Development Platform (SDP) 6.6.0 and 6.5.0 SP1 and earlier, a loss of integrity vulnerability in the default configuration ...
A stored cross-site scripting vulnerability in CA Identity Governance 12.6 allows remote authenticated attackers to display HTML or execute script in ...
Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Core). Supported versions that are affected are 11.1.1, 12.1.1...
Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Core). Supported versions that are affected are 11.1.1, 12.1.1...
Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Core). Supported versions that are affected are 11.1.1, 12.1.1...
Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Core). Supported versions that are affected are 11.1.1, 12.1.1...
Vulnerability in the Oracle Tuxedo component of Oracle Fusion Middleware (subcomponent: Security). Supported versions that are affected are 11.1.1, 12...
Windows Media Player in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, ...
.NET Core 1.0, 1.1, and 2.0 allow an unauthenticated attacker to remotely cause a denial of service attack against a .NET Core web application by impr...
Windows Search in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, ...
ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 a...
Microsoft Edge in Microsoft Windows 10 1703, 1709 and Windows Server, version 1709 allows an attacker to obtain information to further compromise the ...
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Ed...
Device Guard in Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows Server, version 1709 allows an attacker to make an unsig...
Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, ...
The Microsoft Windows embedded OpenType (EOT) font engine in Windows 7 SP1, Windows Server 2008 SP2 and 2008 R2 SP1, and Windows Server 2012 allows an...
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to determ...
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Wind...
Microsoft graphics in Windows 7 SP1 and Windows Server 2008 SP2 and R2 SP1 allows an attacker to potentially read data that was not intended to be dis...
ChakraCore, and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an at...
ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and M...
ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, and M...
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to take control of ...
ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to g...
ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to g...
Windows kernel in Windows 8.1 and RT 8.1, Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016, and Windows Server, ve...
ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, a...
Microsoft Edge in Microsoft Windows 10 1703, 1709 and Windows Server, version 1709 allows an attacker to obtain information to further compromise the ...
Microsoft Edge in Microsoft Windows 10 1703 allows an attacker to execute arbitrary code in the context of the current user, due to how Microsoft Edge...
ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R...
Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 170...
Internet Explorer in Microsoft Microsoft Windows 7 SP1, Windows Server 2008 SP2, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 1...
Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, an...
Microsoft Graphics Component in Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 a...
The Windows kernel component on Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold...
Microsoft GDI Component in Windows 7 SP1 and Windows Server 2008 SP2 and R2 SP1 allows an attacker to log on to an affected system and run a specially...
Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, an...
Microsoft Word 2007 Service Pack 3, Microsoft Word 2010 Service Pack 2, Microsoft Office 2010 Service Pack 2, and Microsoft Office Compatibility Pack ...
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows ...
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 R2, Windows 10 G...
ChakraCore and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R...
Microsoft Edge in Windows 10 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain the same user rights as...
ChakraCore and Microsoft Edge in Windows 10 1709 and Windows Server, version 1709 allows an attacker to gain the same user rights as the current user,...
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to trick ...
ChakraCore and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to g...
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 G...
ChakraCore and Microsoft Edge in Windows 10 1703, 1709, and Windows Server, version 1709 allows an attacker to gain the same user rights as the curren...
ChakraCore and Microsoft Edge in Windows 10 1703, 1709, and Windows Server, version 1709 allows an attacker to gain the same user rights as the curren...
Microsoft Edge in Microsoft Windows 10 1607, 1703, and Windows Server 2016 allows an attacker to force the browser to send data that would otherwise b...
ChakraCore and Microsoft Edge in Windows 10 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows an attacker to gain th...
Microsoft Edge in Microsoft Windows 10 1703, 1709, Windows Server, version 1709, and ChakraCore allows an attacker to bypass Control Flow Guard (CFG) ...
Microsoft Project Server and Microsoft SharePoint Enterprise Server 2016 allow an attacker to use cross-site forgery to read content that they are not...
Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1,...
Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1,...
ASP.NET Core 2.0 allows an attacker to steal log-in session information such as cookies or authentication tokens via a specially crafted URL aka "ASP....
Windows kernel in Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, ...
Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 2013 Service Pack 1, and Microsoft Office 2016 allow an a...
.NET Core 1.0, 1.1, and 2.0 allow an unauthenticated attacker to remotely cause a denial of service attack against a .NET Core web application by impr...
Microsoft Excel 2016 Click-to-Run (C2R) allows an attacker to run arbitrary code in the context of the current user by failing to properly handle obje...
b3log Symphony (aka Sym) 2.2.0 has XSS in processor/AdminProcessor.java in the admin console, as demonstrated by a crafted X-Forwarded-For HTTP header...
ASP.NET Core 1.0, 1.1, and 2.0 allow an attacker to bypass Cross-origin Resource Sharing (CORS) configurations and retrieve normally restricted conten...
An issue was discovered on Siemens SICAM RTUs SM-2556 COM Modules with the firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, and DNPi00. The int...
An issue was discovered on Siemens SICAM RTUs SM-2556 COM Modules with the firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, and DNPi00. The int...
An issue was discovered on Siemens SICAM RTUs SM-2556 COM Modules with the firmware variants ENOS00, ERAC00, ETA2, ETLS00, MODi00, and DNPi00. The int...
The coff_slurp_line_table function in coffcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, allo...
The aout_get_external_symbols function in aoutx.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, all...
The display_debug_frames function in dwarf.c in GNU Binutils 2.29.1 allows remote attackers to cause a denial of service (integer overflow and heap-ba...
The _bfd_elf_parse_gnu_properties function in elf-properties.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutil...
The print_gnu_property_note function in readelf.c in GNU Binutils 2.29.1 does not have integer-overflow protection on 32-bit platforms, which allows r...
coffgen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate the symbol count, which a...
The pe_bfd_read_buildid function in peicode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does no...
D-Link DCS-936L devices with firmware before 1.05.07 have an inadequate CSRF protection mechanism that requires the device's IP address to be a substr...
MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 has XSS when the $wgShowExceptionDetails setting is false and the browser send...
api.php in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 has a Reflected File Download vulnerability.
MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2, when a private wiki is configured, provides different error messages for fail...
The implementation of raw message parameter expansion in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 allows HTML mangling ...
MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 allows remote attackers to inject > (greater than) characters via the id attri...
The language converter in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 allows attackers to replace text inside tags via a r...
The language converter in MediaWiki before 1.27.4, 1.28.x before 1.28.3, and 1.29.x before 1.29.2 allows attribute injection attacks via glossary rule...
Stored cross-site scripting (XSS) vulnerability in Gemirro before 0.16.0 allows attackers to inject arbitrary web script via a crafted javascript: URL...
The camel-hessian component in Apache Camel 2.x before 2.19.4 and 2.20.x before 2.20.1 is vulnerable to Java object de-serialisation vulnerability. De...
The camel-castor component in Apache Camel 2.x before 2.19.4 and 2.20.x before 2.20.1 is vulnerable to Java object de-serialisation vulnerability. De-...
Cacti before 1.0.0 allows remote authenticated users to conduct PHP object injection attacks and execute arbitrary PHP code via a crafted serialized o...
In IKARUS anti.virus 2.16.7, the ntguard.sys driver contains an Arbitrary Write vulnerability because of not validating input values from IOCtl 0x8300...
The PSFTPd 10.0.4 Build 729 server does not prevent FTP bounce scans by default. These can be performed using "nmap -b" and allow performing scans via...
The PSFTPd 10.0.4 Build 729 server does not properly escape data before writing it into a Comma Separated Values (CSV) file. This can be used by attac...
A use-after-free issue could be triggered remotely in the SFTP component of PSFTPd 10.0.4 Build 729. This issue could be triggered prior to authentica...
The PSFTPd 10.0.4 Build 729 server stores its configuration inside PSFTPd.dat. This file is a Microsoft Access Database and can be extracted. The appl...
The compilation daemon in Scala before 2.10.7, 2.11.x before 2.11.12, and 2.12.x before 2.12.4 uses weak permissions for private files in /tmp/scala-d...
The send function in the ezcMailMtaTransport class in Zeta Components Mail before 1.8.2 does not properly restrict the set of characters used in the e...
Konversation 1.4.x, 1.5.x, 1.6.x, and 1.7.x before 1.7.3 allow remote attackers to cause a denial of service (crash) via vectors related to parsing of...
Apache Karaf before 4.0.10 enables a shutdown port on the loopback interface, which allows local users to cause a denial of service (shutdown) by send...
Cyberduck before 4.4.4 on Windows does not properly validate X.509 certificate chains, which allows man-in-the-middle attackers to spoof FTP-SSL serve...
Livebox 1.1 allows remote authenticated users to upload arbitrary configuration files, download the configuration file, or obtain sensitive informatio...
The tower_probe function in drivers/usb/misc/legousbtower.c in the Linux kernel before 4.8.1 allows local users (who are physically proximate for inse...
The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel before 4.14 does not check whether the intended netns is used in a peel-off acti...
A vulnerability in the report renderer component of TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Serv...
A vulnerability in the server content cache of TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server fo...
PNP4Nagios through 0.6.26 has /usr/bin/npcd and npcd.cfg owned by an unprivileged account but root code execution depends on these files, which allows...
Arris TG1682G devices with Comcast TG1682_2.0s7_PRODse 10.0.59.SIP.PC20.CT software allow Unauthenticated Stored XSS via the actionHandler/ajax_manage...
Certain function pointers in Trusted Boot (tboot) through 1.9.6 are not validated and can cause arbitrary code execution, which allows local users to ...
vbf_stp_error in bin/varnishd/cache/cache_fetch.c in Varnish HTTP Cache 4.1.x before 4.1.9 and 5.x before 5.2.1 allows remote attackers to obtain sens...
LanSweeper 6.0.100.75 has XSS via the description parameter to /Calendar/CalendarActions.aspx.
Cross-site scripting (XSS) vulnerability in admin/google_search_console/class-gsc-table.php in the Yoast SEO plugin before 5.8.0 for WordPress allows ...
A NULL Pointer Dereference exists in VideoLAN x265, as used in libbpg 0.9.7 and other products, because the CUData::initialize function in common/cuda...
The image_alloc function in bpgenc.c in libbpg 0.9.7 has an integer overflow, with a resultant invalid malloc and NULL pointer dereference.
The restore_tqb_pixels function in hevc_filter.c in libavcodec, as used in libbpg 0.9.7 and other products, miscalculates a memcpy destination address...
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service (a cloud-based service) could allow an unauthenticated, remote ...
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service (a cloud-based service) could allow an unauthenticated, remote ...
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service (a cloud-based service) could allow an unauthenticated, remote ...
A vulnerability exists in the process of creating default IP blocks during device initialization for Cisco ASA Next-Generation Firewall Services that ...
A vulnerability in the SNORT detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a file poli...
A vulnerability in the Cisco Unified Communications Manager SQL database interface could allow an authenticated, remote attacker to impact the confide...
A vulnerability in the Advanced Malware Protection (AMP) file filtering feature of Cisco AsyncOS Software for Cisco Web Security Appliance (WSA) could...
A vulnerability in the IOS daemon (IOSd) web-based management interface of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attack...
A vulnerability in the debug interface of Cisco IP Phone 8800 series could allow an authenticated, local attacker to execute arbitrary commands, aka D...
A vulnerability in the upgrade process of Cisco Spark Board could allow an authenticated, local attacker to install an unverified upgrade package, aka...
A vulnerability in the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to conduct a HTTP response splitting attac...
A vulnerability in the H.264 decoder function of Cisco Meeting Server could allow an unauthenticated, remote attacker to cause a Cisco Meeting Server ...
An untrusted search path (aka DLL Preloading) vulnerability in the Cisco Immunet antimalware installer could allow an authenticated, local attacker to...
An untrusted search path (aka DLL Preload) vulnerability in the Cisco Network Academy Packet Tracer software could allow an authenticated, local attac...
A vulnerability in the Cisco FindIT Network Discovery Utility could allow an authenticated, local attacker to perform a DLL preloading attack, potenti...
A vulnerability in system logging when replication is being configured with the Cisco HyperFlex System could allow an authenticated, local attacker to...
A vulnerability in the Guest Portal login page of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to perform mult...
A vulnerability in the TCP state machine of Cisco RF Gateway 1 devices could allow an unauthenticated, remote attacker to prevent an affected device f...
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service (a cloud-based service) could allow an unauthenticated, remote ...
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service (a cloud-based service) could allow an unauthenticated, remote ...
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service (a cloud-based service) could allow an unauthenticated, remote ...
Multiple vulnerabilities in the web interface of the Cisco Registered Envelope Service (a cloud-based service) could allow an unauthenticated, remote ...
A vulnerability in the upgrade mechanism of Cisco collaboration products based on the Cisco Voice Operating System software platform could allow an un...
A vulnerability in Cisco Umbrella Insights Virtual Appliances 2.1.0 and earlier could allow an authenticated, local attacker to log in to an affected ...
Escalation of privilege vulnerability in admin portal for Intel Unite App versions 3.1.32.12, 3.1.41.18 and 3.1.45.26 allows an attacker with network ...
In the Agent Frontend in Open Ticket Request System (OTRS) 3.3.x through 3.3.18, with a crafted URL it is possible to gain information like database u...
SanDisk Secure Access 3.01 vault decrypts and copies encrypted files to a temporary folder, where they can remain indefinitely in certain situations, ...
If HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 5.0.3 is installed but VMware Fusion is not, a local attacker can create a fake ...
Heap-based buffer overflow in the loadbuf function in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (appl...
Zoho ManageEngine Applications Manager 13 before build 13530 allows SQL injection via the /manageApplications.do?method=AddSubGroup haid parameter.
Zoho ManageEngine Applications Manager 13 before build 13530 allows SQL injection via the /showresource.do resourceid parameter in a showPlasmaView ac...
Zoho ManageEngine Applications Manager 13 allows SQL injection via the /manageConfMons.do groupname parameter.
Zoho ManageEngine Applications Manager 13 before build 13530 allows SQL injection via the /MyPage.do?method=viewDashBoard forpage parameter.
Zoho ManageEngine Applications Manager 13 before build 13530 allows SQL injection via the /showresource.do resourceid parameter in a getResourceProfil...
Zoho ManageEngine Applications Manager 13 before build 13530 allows SQL injection via the /MyPage.do widgetid parameter.
shibsp/metadata/DynamicMetadataProvider.cpp in the Dynamic MetadataProvider plugin in Shibboleth Service Provider before 2.6.1 fails to properly confi...
The DynamicMetadataProvider class in saml/saml2/metadata/impl/DynamicMetadataProvider.cpp in OpenSAML-C in OpenSAML before 2.6.1 fails to properly con...
In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p4, 11.0-RELEASE-p15, 10.4-STABLE, 10.4-RELEASE-p3, and 10.3-RELEASE-p24, not all information in the struc...
In FreeBSD 10.x before 10.4-STABLE, 10.4-RELEASE-p3, and 10.3-RELEASE-p24 named paths are globally scoped, meaning a process located in one jail can r...
In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p4, 11.0-RELEASE-p15, 10.4-STABLE, 10.4-RELEASE-p3, and 10.3-RELEASE-p24, the kernel does not properly cle...
A Resource Exhaustion issue was discovered in Moxa NPort 5110 Version 2.2, NPort 5110 Version 2.4, NPort 5110 Version 2.6, NPort 5110 Version 2.7, NPo...
An Information Exposure issue was discovered in Moxa NPort 5110 Version 2.2, NPort 5110 Version 2.4, NPort 5110 Version 2.6, NPort 5110 Version 2.7, N...
An Injection issue was discovered in Moxa NPort 5110 Version 2.2, NPort 5110 Version 2.4, NPort 5110 Version 2.6, NPort 5110 Version 2.7, NPort 5130 V...
Vonage VDV-23 115 3.2.11-0.9.40 devices have stored XSS via the NewKeyword or NewDomain field to /goform/RgParentalBasic.
dayrui FineCms 5.2.0 before 2017.11.16 has Cross Site Scripting (XSS) in core/M_Controller.php via the DR_URI field.
Amazon Key through 2017-11-16 mishandles Cloud Cam 802.11 deauthentication frames during the delivery process, which makes it easier for (1) delivery ...
VMware AirWatch Console 9.x prior to 9.2.0 contains a vulnerability that could allow an authenticated AWC user to add a malicious URL to an enrolled d...
VMware AirWatch Console 9.x prior to 9.2.0 contains a vulnerability that could allow an authenticated AWC user to add malicious data to an enrolled de...
VMware AirWatch Launcher for Android prior to 3.2.2 contains a vulnerability that could allow an escalation of privilege from the launcher UI context ...
An elevation of privilege vulnerability in the Direct rendering infrastructure of the NVIDIA Tegra X1 where an unchecked input from userspace is passe...
The private_address_check ruby gem before 0.4.1 is vulnerable to a bypass due to an incomplete blacklist of common private/local network addresses use...
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when processing a specially crafted QC...
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, countOffset (in function UnpackCore) i...
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while parsing a Measurement Request IE...
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, currently, the value of SIR_MAC_AUTH_C...
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while flashing a specially crafted UBI...
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, array access out of bounds may occur i...
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, the probe requests originated from use...
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a possibility of out-of-bound...
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition in the rmnet USB cont...
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, due to a race condition in the functio...
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while flashing FRP partition using ref...
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while flashing UBI image, size is not ...
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the ISP Camera driver, the contents...
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, camera application triggers "user-memo...
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a double free can occur when kmalloc f...
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, possible buffer overflow or informatio...
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing the boot image header...
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a specially crafted c...
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, the qcacld pktlog allows mapping memor...
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, an integer overflow leading to a buffe...
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in nl802...
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a buffer overread is observed in __wla...
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the function mdss_rotator_ioctl in ...
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the KGSL driver function kgsl_ioctl...
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, buffer Over-read in Display due to the...
NetApp SnapCenter Server versions 1.1 through 2.x are susceptible to a Cross-Site Request Forgery (CSRF) vulnerability which could be used to cause an...
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, missing race condition protection whil...
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in a qbt1000 ioctl handler, an incorre...
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, buffer over-read is possible in camera...
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing OEM unlock/unlock-go ...
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a user-space pointer is directly acces...
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the kernel driver MDSS, a buffer ov...
In android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the boot loader, a buffer overflow ...
An elevation of privilege vulnerability in the Android framework (device policy client). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8....
An elevation of privilege vulnerability in the Android framework (window manager). Product: Android. Versions: 8.0. Android ID: A-37442941.
A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Andro...
A remote code execution vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android...
A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Andro...
A remote code execution vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Andro...
A remote code execution vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1....
An elevation of privilege vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-...
An information disclosure vulnerability in the Android media framework (libeffects). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1,...
An information disclosure vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7....
A remote code execution vulnerability in the Android system (libutils). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. ...
An elevation of privilege vulnerability in the Android system (bluetooth). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Android ID:...
An elevation of privilege vulnerability in the MediaTek ccci. Product: Android. Versions: Android kernel. Android ID: A-62670819. References: M-ALPS03...
A denial of service vulnerability in the Android framework (syncstorageengine). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1....
An elevation of privilege vulnerability in the Android media framework (mediaanalytics). Product: Android. Versions: 8.0. Android ID: A-65540999.
An information disclosure vulnerability in the Android media framework (libeffects). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1,...
An information disclosure vulnerability in the Android media framework (libavc). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Andro...
An information disclosure vulnerability in the Android media framework (libstagefright). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-...
An information disclosure vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7....
A denial of service vulnerability in the Android media framework (libhevc). Product: Android. Versions: 5.0.2, 5.1.1, 6.0. Android ID: A-62815506.
An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-631216...
An information disclosure vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-638738...
Another vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-65122447.
Another vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-64836894.
Another vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2. Android ID: A-36075131.
An elevation of privilege vulnerability in the Android system (inputdispatcher). Product: Android. Versions: 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1...
Use-after-free vulnerability in the snd_pcm_info function in the ALSA subsystem in the Linux kernel allows attackers to gain privileges via unspecifie...
An elevation of privilege vulnerability in the Upstream kernel kernel. Product: Android. Versions: Android kernel. Android ID: A-36006779.
An elevation of privilege vulnerability in the Upstream kernel video driver. Product: Android. Versions: Android kernel. Android ID: A-37950620.
An elevation of privilege vulnerability in the MediaTek ioctl (flashlight). Product: Android. Versions: Android kernel. Android ID: A-37277147. Refere...
An elevation of privilege vulnerability in the MediaTek soc driver. Product: Android. Versions: Android kernel. Android ID: A-65025090. References: M-...
LightFTP version 1.1 is vulnerable to a buffer overflow in the "writelogentry" function resulting a denial of services or a remote code execution.
npm/KyleRoss windows-cpu all versions vulnerable to command injection resulting in code execution as Node.js user
CSRF in YouTube (WordPress plugin) could allow unauthenticated attacker to change any setting within the plugin
AltaVault OST Plug-in versions prior to 1.2.2 may allow attackers to obtain sensitive information via unspecified vectors. All users are urged to move...
In SWFTools, an address access exception was found in swfdump swf_GetBits().
In SWFTools, a memcpy buffer overflow was found in swfc.
In SWFTools, a memory leak was found in wav2swf.
In SWFTools, a memcpy buffer overflow was found in gif2swf.
In SWFTools, a stack overflow was found in pdf2swf.
In SWFTools, an address access exception was found in pdf2swf. FoFiTrueType::writeTTF()
picoTCP (versions 1.7.0 - 1.5.0) is vulnerable to stack buffer overflow resulting in code execution or denial of service attack
WBCE v1.1.11 is vulnerable to reflected XSS via the "begriff" POST parameter in /admin/admintools/tool.php?tool=user_search
soyuka/pidusage <=1.1.4 is vulnerable to command injection in the module resulting in arbitrary command execution
October CMS build 412 is vulnerable to stored WCI (a.k.a XSS) in brand logo image name resulting in JavaScript code execution in the victim's browser.
October CMS build 412 is vulnerable to Apache configuration modification via file upload functionality resulting in site compromise and possibly other...
October CMS build 412 is vulnerable to PHP object injection in asset move functionality resulting in ability to delete files limited by file permissio...
October CMS build 412 is vulnerable to PHP code execution in the asset manager functionality resulting in site compromise and possibly other applicati...
October CMS build 412 is vulnerable to file path modification in asset move functionality resulting in creating creating malicious files on the server...
tcmu-runner daemon version 0.9.0 to 1.2.0 is vulnerable to invalid memory references in the handler_glfs.so handler resulting in denial of service
tcmu-runner version 0.91 up to 1.20 is vulnerable to information disclosure in handler_qcow.so resulting in non-privileged users being able to check f...
tcmu-runner version 1.0.5 to 1.2.0 is vulnerable to a dbus triggered NULL pointer dereference in the tcmu-runner daemon's on_unregister_handler() func...
The tcmu-runner daemon in tcmu-runner version 1.0.5 to 1.2.0 is vulnerable to a local denial of service attack
A vulnerability in Swagger-Parser's (version <= 1.0.30) yaml parsing functionality results in arbitrary code being executed when a maliciously crafted...
The Java WebSocket client nv-websocket-client does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subj...
Creolabs Gravity Version: 1.0 Use-After-Free Possible code execution. An example of a Heap-Use-After-Free after the 'sublexer' pointer has been freed....
Creolabs Gravity Version: 1.0 Heap Overflow Potential Code Execution. By creating a large loop whiling pushing data to a buffer, we can break out of t...
nodejs ejs version older than 2.5.5 is vulnerable to a Cross-site-scripting in the ejs.renderFile() resulting in code injection
nodejs ejs version older than 2.5.5 is vulnerable to a denial-of-service due to weak input validation in the ejs.renderFile()
nodejs ejs versions older than 2.5.3 is vulnerable to remote code execution due to weak input validation in ejs.renderFile() function
InvoicePlane version 1.4.10 is vulnerable to a Arbitrary File Upload resulting in an authenticated user can upload a malicious file to the webserver. ...
InvoicePlane version 1.4.10 is vulnerable to a Stored Cross Site Scripting resulting in allowing an authenticated user to inject malicious client side...
The application OpenEMR is affected by multiple reflected & stored Cross-Site Scripting (XSS) vulnerabilities affecting version 5.0.0 and prior versio...
The application OpenEMR version 5.0.0, 5.0.1-dev and prior is affected by vertical privilege escalation vulnerability. This vulnerability can allow an...
A double-free vulnerability in parse.c in ldns 1.7.0 have unspecified impact and attack vectors.
A double-free vulnerability in str2host.c in ldns 1.7.0 have unspecified impact and attack vectors.
I, Librarian version <=4.6 & 4.7 is vulnerable to Directory Enumeration in the jqueryFileTree.php resulting in attacker enumerating directories simply...
I, Librarian version <=4.6 & 4.7 is vulnerable to OS Command Injection in batchimport.php resulting the web server being fully compromised.
I, Librarian version <=4.6 & 4.7 is vulnerable to Reflected Cross-Site Scripting in the temp.php resulting in an attacker being able to inject malicio...
I, Librarian version <=4.6 & 4.7 is vulnerable to Server-Side Request Forgery in the ajaxsupplement.php resulting in the attacker being able to reset ...
Python package pysaml2 version 4.4.0 and earlier reuses the initialization vector across encryptions in the IDP server, resulting in weak encryption o...
British Columbia Institute of Technology CodeIgniter 3.1.3 is vulnerable to HTTP Header Injection in the set_status_header() common function under Apa...
Redis-store <=v1.3.0 allows unsafe objects to be loaded from redis
Codiad(full version) is vulnerable to write anything to configure file in the installation resulting upload a webshell.
Serendipity 2.0.3 is vulnerable to a SQL injection in the blog component resulting in information disclosure
CPython (aka Python) up to 2.7.13 is vulnerable to an integer overflow in the PyString_DecodeEscape function in stringobject.c, resulting in heap-base...
EllisLab ExpressionEngine 3.4.2 is vulnerable to cross-site scripting resulting in PHP code injection
Tine 2.0 version 2017.02.4 is vulnerable to XSS in the Addressbook resulting code execution and privilege escalation
A stored web content injection vulnerability (WCI, a.k.a XSS) is present in MODX Revolution CMS version 2.5.6 and earlier. An authenticated user with ...
Reflected XSS in Relevanssi Premium version 1.14.8 when using relevanssi_didyoumean() could allow unauthenticated attacker to do almost anything an ad...
Stop User Enumeration 1.3.8 allows user enumeration via the REST API
Integer overflow bug in function minitiff_read_info() of optipng 0.7.6 allows an attacker to remotely execute code or cause denial of service.
In SWFTools 0.9.2, the wav_convert2mono function in lib/wav.c does not properly restrict a multiplication within a malloc call, which allows remote at...
p_mach.cpp in UPX 3.94 allows remote attackers to cause a denial of service (invalid memory access and application crash) or possibly have unspecified...
The UpdraftPlus plugin through 1.13.12 for WordPress has SSRF in the updraft_ajax_handler function in /wp-content/plugins/updraftplus/admin.php via an...
The UpdraftPlus plugin through 1.13.12 for WordPress allows remote PHP code execution because the plupload_action function in /wp-content/plugins/updr...
An issue was discovered in Teluu pjproject (pjlib and pjlib-util) in PJSIP before 2.7.1. Parsing the numeric header fields in a SIP message (like cseq...
Cross-site scripting vulnerability in CS-Cart Japanese Edition v4.3.10 and earlier (excluding v2 and v3), CS-Cart Multivendor Japanese Edition v4.3.10...
Untrusted search path vulnerability in BOOK WALKER for Windows Ver.1.2.9 and earlier allows an attacker to gain privileges via a Trojan horse DLL in a...
BOOK WALKER for Windows Ver.1.2.9 and earlier, BOOK WALKER for Mac Ver.1.2.5 and earlier allow an attacker to access local files via unspecified vecto...
TablePress prior to version 1.8.1 allows an attacker to conduct XML External Entity (XXE) attacks via unspecified vectors.
Session management issue in RX-V200 firmware versions prior to 09.87.17.09, RX-V100 firmware versions prior to 03.29.17.09, RX-CLV1-P firmware version...
VMware vCenter Server (6.5 prior to 6.5 U1 and 6.0 prior to 6.0 U3c) does not correctly handle specially crafted LDAP network packets which may allow ...
The flash-based vSphere Web Client (6.0 prior to 6.0 U3c and 5.5 prior to 5.5 U3f) i.e. not the new HTML5-based vSphere Client, contains SSRF and CRLF...
VMware NSX Edge (6.2.x before 6.2.9 and 6.3.x before 6.3.5) contains a moderate Cross-Site Scripting (XSS) issue which may lead to information disclos...
VMware Workstation (12.x before 12.5.8) and Fusion (8.x before 8.5.9) contain a heap buffer-overflow vulnerability in VMNAT device. This issue may all...
VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) contain an out-of-bounds write vulnerability in JPEG200...
VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) contain an out-of-bounds read vulnerability in JPEG2000...
VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) contain an out-of-bounds read vulnerability in JPEG2000...
VMware Workstation (12.x before 12.5.8) and Fusion (8.x before 8.5.9) contain a guest RPC NULL pointer dereference vulnerability. Successful exploitat...
ROOT version 6.9.03 and below is vulnerable to an authenticated shell metacharacter injection in the rootd daemon resulting in remote code execution
samtools htslib library version 1.4.0 and earlier is vulnerable to buffer overflow in the CRAM rANS codec resulting in potential arbitrary code execut...
Lynx before 2.8.9dev.16 is vulnerable to a use after free in the HTML parser resulting in memory disclosure, because HTML_put_string() can append a ch...
Elixir's vim plugin, alchemist.vim is vulnerable to remote code execution in the bundled alchemist-server. A malicious website can execute requests ag...
An issue was discovered in Teluu pjproject (pjlib and pjlib-util) in PJSIP before 2.7.1. The ioqueue component may issue a double key unregistration a...
Jool 3.5.0-3.5.1 is vulnerable to a kernel crashing packet resulting in a DOS.
Cygnux sysPass version 2.1.7 and older is vulnerable to a Local File Inclusion in the functionality of javascript files inclusion. The attacker can re...
A stored cross-site scripting vulnerability in the Icon Time Systems RTC-1000 v2.5.7458 and earlier time clock allows remote attackers to inject arbit...
ZEIT Next.js before 2.4.1 has directory traversal under the /_next and /static request namespace, allowing attackers to obtain sensitive information.
sodiumoxide 0.0.13 and older scalarmult() vulnerable to degenerate public keys
QuickerBB version <= 0.7.2 is vulnerable to arbitrary file writes which can lead to remote code execution. This can lead to the complete takeover of t...
jqueryFileTree 2.1.5 and older Directory Traversal
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. There is XSS in the administration interface.
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. Cookies can be stolen, manipulated, and reused.
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. A denial of service may occur.
On BIG-IP versions 11.6.0-11.6.2 (fixed in 11.6.2 HF1), 12.0.0-12.1.2 HF1 (fixed in 12.1.2 HF2), or 13.0.0-13.0.0 HF2 (fixed in 13.0.0 HF3) a virtual ...
ROOT xrootd version 4.6.0 and below is vulnerable to an unauthenticated shell command injection resulting in remote code execution
The workstation logging function in Philips IntelliSpace Cardiovascular (ISCV) 2.3.0 and earlier and Xcelera R4.1L1 and earlier records domain authent...
hw/input/ps2.c in Qemu does not validate 'rptr' and 'count' values during guest migration, leading to out-of-bounds access.
The Phoenix Framework versions 1.0.0 through 1.0.4, 1.1.0 through 1.1.6, 1.2.0, 1.2.2 and 1.3.0-rc.0 are vulnerable to unvalidated URL redirection, wh...
SimpleXML (latest version 2.7.1) is vulnerable to an XXE vulnerability resulting SSRF, information disclosure, DoS and so on.
Stored XSS in Salutation Responsive WordPress + BuddyPress Theme version 3.0.15 could allow logged-in users to do almost anything an admin can
The Snap7 Server version 1.4.1 can be crashed when the ItemCount field of the ReadVar or WriteVar functions of the S7 protocol implementation in Snap7...
The dump function in Util/TemplateHelper.php in filp whoops before 2.1.13 has XSS.
VMware Workstation (12.x before 12.5.8) installer contains a DLL hijacking issue that exists due to some DLL files loaded by the application improperl...
exiv2 0.26 contains a Stack out of bounds read in webp parser
Exiv2 0.26 contains a heap buffer overflow in tiff parser
Exiv2 0.26 contains a stack out of bounds read in JPEG2000 parser
Opencast 2.3.2 and older versions are vulnerable to script injections through media and metadata in the player and media module resulting in arbitrary...
In Opencast 2.2.3 and older if user names overlap, the Opencast search service used for publication to the media modules and players will handle the a...
On Jooan IP Camera A5 2.3.36 devices, an insecure FTP server does not require authentication, which allows remote attackers to read or replace core sy...
HTML Injection in Securimage 3.6.4 and earlier allows remote attackers to inject arbitrary HTML into an e-mail message body via the $_SERVER['HTTP_USE...
b3log Symphony (aka Sym) 2.2.0 does not properly address XSS in JSON objects, as demonstrated by a crafted userAvatarURL value to /settings/avatar, re...
Icinga Core through 1.14.0 initially executes bin/icinga as root but supports configuration options in which this file is owned by a non-root account ...
The outputSWF_TEXT_RECORD function in util/outputscript.c in libming <= 0.4.8 is vulnerable to a NULL pointer dereference, which may allow attackers t...
In Bftpd before 4.7, there is a memory leak in the file rename function.
In Laravel framework through 5.5.21, remote attackers can obtain sensitive information (such as externally usable passwords) via a direct request for ...
In Moodle 3.x, students can find out email addresses of other students in the same course. Using search on the Participants page, students could searc...
The Apache OpenOffice installer (versions prior to 4.1.3, including some branded as OpenOffice.org) for Windows contains a defective operation that al...
An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00. An incomplete firmware signature allows a local ...
An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00. Improper handling of the mbap.length field of Mo...
An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00. Design flaws in OPC classic and in custom netfil...
In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in...
A SQL injection in classes/handler/public.php in the forgotpass component of Tiny Tiny RSS 17.4 exists via the login parameter.
The printMP3Headers function in util/listmp3.c in libming v0.4.8 or earlier is vulnerable to a global buffer overflow, which may allow attackers to ca...
A vulnerability in the OpenOffice Writer DOC file parser before 4.1.4, and specifically in the WW8Fonts Constructor, allows attackers to craft malicio...
An array index error in the fig2dev program in Xfig 3.2.6a allows remote attackers to cause a denial-of-service attack or information disclosure with ...
On the Vonage VDV-23 115 3.2.11-0.9.40 home router, sending a long string of characters in the loginPassword and/or loginUsername field to goform/logi...
A vulnerability in OpenOffice's PPT file parser before 4.1.4, and specifically in PPTStyleSheet, allows attackers to craft malicious documents that ca...
Prior to ITMS 8.1 RU4, the Symantec Management Console can be susceptible to a directory traversal exploit, which is a type of attack that can occur w...
LvyeCMS through 3.1 allows remote attackers to upload and execute arbitrary PHP code via directory traversal sequences in the dir parameter, in conjun...
The Public tologin feature in admin.php in LvyeCMS through 3.1 allows XSS via a crafted username that is mishandled during later log viewing by an adm...
A vulnerability in Apache OpenOffice Writer DOC file parser before 4.1.4, and specifically in ImportOldFormatStyles, allows attackers to craft malicio...
In Horde Groupware 5.2.19-5.2.22, there is XSS via the URL field in a "Calendar -> New Event" action.
In Horde Groupware 5.2.19 and 5.2.21, there is XSS via the Color field in a Create Task List action.
In Horde Groupware 5.2.19, there is XSS via the Name field during creation of a new Resource. This can be leveraged for remote code execution after co...
By exploiting the way Apache OpenOffice before 4.1.4 renders embedded objects, an attacker could craft a document that allows reading in a file from t...
An exploitable integer overflow vulnerability exists in the xls_appendSST function of libxls 1.4.A specially crafted XLS file can cause memory corrupt...
An exploitable out-of-bounds vulnerability exists in the xls_addCell function of libxls 1.4. A specially crafted XLS file with a formula record can ca...
An exploitable out-of-bounds write vulnerability exists in the xls_mergedCells function of libxls 1.4. . A specially crafted XLS file can cause a memo...
An exploitable out-of-bounds write vulnerability exists in the read_MSAT function of libxls 1.4. A specially crafted XLS file can cause a memory corru...
An exploitable stack based buffer overflow vulnerability exists in the xls_getfcell function of libxls 1.3.4. A specially crafted XLS file can cause a...
The VC-2 Video Compression encoder in FFmpeg 3.0 and 3.4 allows remote attackers to cause a denial of service (out-of-bounds read) because of incorrec...
MapOS 3.1.11 and earlier has a Stored Cross-site Scripting (XSS) vulnerability in /clientes/visualizar, which allows remote attackers to inject arbitr...
The default installation of DocuWare Fulltext Search server through 6.11 allows remote users to connect to and download searchable text from the embed...
An issue was discovered in middleware.py in OpenStack Swauth through 1.2.0 when used with OpenStack Swift through 2.15.1. The Swift object store and p...
v5/config/system.php in dayrui FineCms 5.2.0 has a default SYS_KEY value and does not require key regeneration for each installation, which allows rem...
Code injection exists in Kernel/System/Spelling.pm in Open Ticket Request System (OTRS) 5 before 5.0.24, 4 before 4.0.26, and 3.3 before 3.3.20. In th...
Command Injection vulnerability in app_data_center on Shenzhen Tenda Ac9 US_AC9V1.0BR_V15.03.05.14_multi_TD01, Ac9 ac9_kf_V15.03.05.19(6318_)_cn, Ac15...
Multiple buffer overflows in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11.10/11.20 allow attacker with local access to the sys...
Multiple buffer overflows in kernel in Intel Server Platform Services Firmware 4.0 allow attacker with local access to the system to execute arbitrary...
Multiple buffer overflows in kernel in Intel Trusted Execution Engine Firmware 3.0 allow attacker with local access to the system to execute arbitrary...
Multiple privilege escalations in kernel in Intel Manageability Engine Firmware 11.0/11.5/11.6/11.7/11.10/11.20 allow unauthorized process to access p...
Multiple privilege escalations in kernel in Intel Server Platform Services Firmware 4.0 allows unauthorized process to access privileged content via u...
Multiple privilege escalations in kernel in Intel Trusted Execution Engine Firmware 3.0 allows unauthorized process to access privileged content via u...
Multiple buffer overflows in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 al...
Buffer overflow in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10.x/11.0/11.5/11.6/11.7/11.10/11.20 allows attac...
A vulnerability in the Intel Deep Learning Training Tool Beta 1 allows a network attacker to remotely execute code as a local user.
Frame replay vulnerability in Wi-Fi subsystem in Intel Dual-Band and Tri-Band Wireless-AC Products allows remote attacker to replay frames via channel...
Multiple SQL injection vulnerabilities in Fiyo CMS 2.0_1.9.1 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to apps...
A flaw was found in the way Ansible (2.3.x before 2.3.3, and 2.4.x before 2.4.1) passed certain parameters to the jenkins_plugin module. Remote attack...
Ohcount 3.0.0 is prone to a command injection via specially crafted filenames containing shell metacharacters, which can be exploited by an attacker (...
Information disclosure through directory listing on the Cohu 3960HD allows an attacker to view and download source code, log files, and other sensitiv...
Missing authentication for the remote configuration port 1236/tcp on the Cohu 3960HD allows an attacker to change configuration parameters such as IP ...
The webupgrade function on the Cohu 3960HD does not verify the firmware upgrade files or process, allowing an attacker to upload a specially crafted p...
Information disclosure of .esp source code on the Cohu 3960 allows an attacker to view sensitive information such as application logic with a simple w...
Client-side enforcement using JavaScript of server-side security options on the Cohu 3960HD allows an attacker to manipulate options sent to the camer...
In BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and WebSafe software 12.0.0 to 12.1.1, in some cases the Traffic Management M...
QNAP has already patched this vulnerability. This security concern allows a remote attacker to run arbitrary commands on the QNAP Video Station 5.1.3 ...
Invalid json_populate_recordset or jsonb_populate_recordset function calls in PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9....
A stored Cross-site Scripting (XSS) vulnerability in Fortinet FortiWeb webUI Certificate View page in 5.8.0, 5.7.1 and earlier, allows attackers to in...
The bio_map_user_iov and bio_unmap_user functions in block/bio.c in the Linux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O vector ha...
The assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel before 4.13.11 mishandles node splitting, which allows loc...
INSERT ... ON CONFLICT DO UPDATE commands in PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, and 9.5.x before 9.5.10 disclose table contents that the...
Prior to v 7.6, the Install Norton Security (INS) product can be susceptible to a certificate spoofing vulnerability, which is a type of attack whereb...
PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, 9.3.x before 9.3.20, and 9.2.x before 9.2.24 runs under a n...
SoftCo with software V200R003C20,eSpace U1910 with software V200R003C00, V200R003C20 and V200R003C30,eSpace U1911 with software V200R003C20, V200R003C...
Huawei P9 versions earlier before EVA-AL10C00B373, versions earlier before EVA-CL00C92B373, versions earlier before EVA-DL00C17B373, versions earlier ...
The Keyguard application in ALE-L02C635B140 and earlier versions,ALE-L02C636B140 and earlier versions,ALE-L21C10B150 and earlier versions,ALE-L21C185B...
ALE-L02C635B140 and earlier versions,ALE-L02C636B140 and earlier versions,ALE-L21C10B150 and earlier versions,ALE-L21C185B200 and earlier versions,ALE...
The AlarmService component in HwVmall with software earlier than 1.5.2.0 versions has no control over calling permissions, allowing any third party to...
TIT-AL00C583B211 has a directory traversal vulnerability which allows an attacker to obtain the files in email application.
The emerg_data driver in CAM-L21C10B130 and earlier versions, CAM-L21C185B141 and earlier versions has a buffer overflow vulnerability. An attacker wi...
The goldeneye driver in NMO-L31C432B120 and earlier versions,NEM-L21C432B100 and earlier versions,NEM-L51C432B120 and earlier versions,KNT-AL10C746B16...
The ddr_devfreq driver in versions earlier than GRA-UL00C00B197 has buffer overflow vulnerability. An attacker with the root privilege of the Android ...
The Huawei Themes APP in versions earlier than PLK-UL00C17B385, versions earlier than CRR-L09C432B380, versions earlier than LYO-L21C577B128 has a pri...
AC6005 with software V200R006C10, AC6605 with software V200R006C10 have a DoS Vulnerability. An attacker can send malformed packets to the device, whi...
Mate 9 with software MHA-AL00AC00B125 has a denial of service (DoS) vulnerability. An attacker tricks a user into installing a malicious application. ...
Phone Finder in versions earlier before MHA-AL00C00B170 can be bypass. An attacker can bypass the Phone Finder by special steps and obtain the owner o...
Phone Finder in versions earlier before MHA-AL00BC00B156,Versions earlier before MHA-CL00BC00B156,Versions earlier before MHA-DL00BC00B156,Versions ea...
Smarthome 1.0.2.364 and earlier versions,HiAPP 7.3.0.303 and earlier versions,HwParentControl 2.0.0 and earlier versions,HwParentControlParent 5.1.0.1...
Huawei P9 smartphones with software versions earlier before EVA-AL10C00B365, versions earlier before EVA-AL00C00B365, versions earlier before EVA-CL00...
Mate 9 smartphones with software MHA-AL00AC00B125 have a directory traversal vulnerability in Push module. Since the system does not verify the file n...
Mate 9 smartphones with software MHA-AL00AC00B125 have a privilege escalation vulnerability in Push module. An attacker tricks a user to save a rich m...
The 'Find Phone' function in Nice smartphones with software versions earlier before Nice-AL00C00B0135 has an authentication bypass vulnerability. An u...
HiGame with software earlier than 7.3.0 versions, SkyTone with software earlier than 8.1.1 versions have a DoS Vulnerability. An attacker tricks a use...
BTV-W09C229B002CUSTC229D005,BTV-W09C233B029, earlier than BTV-W09C100B006CUSTC100D002 versions, earlier than BTV-W09C128B003CUSTC128D002 versions, ear...
P9 Plus smartphones with software earlier than VIE-AL10C00B352 versions have an input validation vulnerability in the touchscreen Driver. An attacker ...
S3300 V100R006C05 have an Ethernet in the First Mile (EFM) flapping vulnerability due to the lack of type-length-value (TLV) consistency check. An att...
HUAWEI P9 smartphones with software versions earlier before EVA-L09C432B383, versions earlier before EVA-L09C636B380, versions earlier before VIE-L09C...
The GaussDB in FusionSphere OpenStack V100R005C10SPC705 and earlier versions has a buffer overflow vulnerability. An authenticated attacker on the LAN...
The Files APP 7.1.1.309 and earlier versions in some Huawei mobile phones has a brute-force password cracking vulnerability due to the improper design...
The camerafs driver in Mate 9 Versions earlier than MHA-AL00BC00B173 has buffer overflow vulnerability. An attacker tricks a user into installing a ma...
honor 8 Pro with software Duke-L09C10B120 and earlier versions,Duke-L09C432B120 and earlier versions,Duke-L09C636B120 and earlier versions has an inte...
FusionSphere OpenStack with software V100R006C00 and V100R006C10RC2 has two command injection vulnerabilities due to the insufficient input validation...
FusionSphere OpenStack with software V100R006C00 and V100R006C10RC2 has two command injection vulnerabilities due to the insufficient input validation...
FusionSphere OpenStack V100R006C00 has an information exposure vulnerability. The software uses hard-coded cryptographic key to encrypt messages betwe...
Some Huawei smart phones with software Berlin-L21C10B130,Berlin-L21C185B133,Berlin-L21HNC10B131,Berlin-L21HNC185B140,Berlin-L21HNC432B151,Berlin-L22C6...
DP300 V500R002C00,TE60 with software V100R001C01, V100R001C10, V100R003C00, V500R002C00 and V600R006C00,TP3106 with software V100R001C06 and V100R002C...
The Files APP 7.1.1.308 and earlier versions in some Huawei mobile phones has a vulnerability of plaintext storage of users' Safe passwords. An attack...
Bastet in P10 Plus and P10 smart phones with software earlier than VKY-AL00C00B123 versions, earlier than VTR-AL00C00B123 versions have a buffer overf...
Bastet in P10 Plus and P10 smart phones with software earlier than VKY-AL00C00B123 versions, earlier than VTR-AL00C00B123 versions have a buffer overf...
Bastet in P10 Plus and P10 smart phones with software earlier than VKY-AL00C00B123 versions, earlier than VTR-AL00C00B123 versions have a buffer overf...
Huawei P9 smart phones with software versions earlier before EVA-AL00C00B365, versions earlier before EVA-AL10C00B365,Versions earlier before EVA-CL00...
Some Huawei mobile phones Honor 6X Berlin-L22C636B150 and earlier versions have a Bluetooth unlock bypassing vulnerability. If a user has enabled the ...
The boot loaders in Honor 5A smart phones with software Versions earlier than CAM-TL00C01B193,Versions earlier than CAM-TL00HC00B193,Versions earlier ...
HUAWEI HiLink APP (for IOS) versions earlier before 5.0.25.306 and HUAWEI Tech Support APP (for IOS) versions earlier before 5.0.0 have an information...
The vibrator service in P9 Plus smart phones with software versions earlier before VIE-AL10C00B386 has DoS vulnerability. An attacker can tricks a use...
Huawei Hilink APP Versions earlier before 5.0.25.306 has an information leak vulnerability. An attacker may trick a user into installing a malicious a...
Honor 6X smartphones with software versions earlier than BLN-AL10C00B357 and versions earlier than BLN-AL20C00B357 have an information leak vulnerabil...
P9 Plus smartphones with software versions earlier before VIE-AL10BC00B386 have a denial of service (DoS) vulnerability. An attacker tricks a user int...
TIT-AL00 smartphones with software versions earlier before TIT-AL00C583B214 have a exposed system interface vulnerability. The software provides a sys...
VCM5010 with software versions earlier before V100R002C50SPC100 has a command injection vulnerability. This is due to insufficient validation of user'...
VCM5010 with software versions earlier before V100R002C50SPC100 has an arbitrary file upload vulnerability. The software does not validate the files t...
VCM5010 with software versions earlier before V100R002C50SPC100 has an authentication bypass vulnerability. This is due to improper implementation of ...
The upgrade package of Huawei Vmall APP Earlier than HwVmall 1.5.3.0 versions is transferred through HTTP. A man in the middle (MITM) can tamper with ...
The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of p...
The UMA product with software V200R001 and V300R001 has an information leak vulnerability. An attacker could exploit them to obtain some sensitive inf...
The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of p...
The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of p...
The UMA product with software V200R001 and V300R001 has an information leak vulnerability. An attacker could exploit them to obtain some sensitive inf...
The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An...
The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An...
The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An...
The UMA product with software V200R001 and V300R001 has a cross-site scripting (XSS) vulnerability due to insufficient input validation. An attacker c...
The UMA product with software V200R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of parameters. An...
The UMA product with software V200R001 has a cross-site scripting (XSS) vulnerability due to insufficient input validation. An attacker could craft ma...
The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of p...
The UMA product with software V200R001 and V300R001 has a privilege elevation vulnerability due to insufficient validation or improper processing of p...
The UMA product with software V200R001 and V300R001 has an information leak vulnerability. An attacker could exploit them to obtain some sensitive inf...
The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on...
The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on...
Huawei iManager NetEco with software V600R008C00 and V600R008C10 has a command injection vulnerability. An authenticated, remote attacker could exploi...
The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on...
The FusionSphere OpenStack with software V100R006C00 and V100R006C10 has a command injection vulnerability due to the insufficient input validation on...
HedEx Earlier than V200R006C00 versions has an arbitrary file download vulnerability. An attacker could exploit it to download arbitrary files on a ta...
HedEx Earlier than V200R006C00 versions has a dynamic link library (DLL) hijacking vulnerability due to calling the DDL file by accessing a relative p...
HedEx Earlier than V200R006C00 versions has a cross-site request forgery (CSRF) vulnerability. An attacker could trick a user into accessing a website...
HedEx Earlier than V200R006C00 versions have the stored cross-site scripting (XSS) vulnerability. Attackers can exploit the vulnerability to plant mal...
The soundtrigger driver in P9 Plus smart phones with software versions earlier than VIE-AL10BC00B353 has a memory double free vulnerability. An attack...
The Touch Panel (TP) driver in P10 Plus smart phones with software versions earlier than VKY-AL00C00B153 has a memory double free vulnerability. An at...
The Trusted Execution Environment (TEE) module driver of Mate 9 and Mate 9 Pro smart phones with software versions earlier than MHA-AL00BC00B221 and v...
Wi-Fi driver of Honor 5C and P9 Lite Huawei smart phones with software versions earlier than NEM-L21C432B351 and versions earlier than VNS-L21C10B381 ...
Honor 5A,Honor 8 Lite,Mate9,Mate9 Pro,P10,P10 Plus Huawei smartphones with software the versions before CAM-L03C605B143CUSTC605D003,the versions befor...
The call module of P10 and P10 Plus smartphones with software versions before VTR-AL00C00B167, versions before VTR-TL00C01B167, versions before VKY-AL...
The call module of P10 and P10 Plus smartphones with software versions before VTR-AL00C00B167, versions before VTR-TL00C01B167, versions before VKY-AL...
AC6005 V200R006C10SPC200,AC6605 V200R006C10SPC200,AR1200 with software V200R005C10CP0582T, V200R005C10HP0581T, V200R005C20SPC026T,AR200 with software ...
Audio driver in P9 smartphones with software The versions before EVA-AL10C00B389 has a denial of service (DoS) vulnerability. An attacker tricks a use...
The boot loaders of P10 and P10 Plus Huawei mobile phones with software the versions before Victoria-L09AC605B162, the versions before Victoria-L29AC6...
The boot loaders of P10 and P10 Plus Huawei mobile phones with software the versions before Victoria-L09AC605B162, the versions before Victoria-L29AC6...
Huawei Honor 5S smart phones with software the versions before TAG-TL00C01B173 have an authentication bypass vulnerability due to the improper design ...
Huawei Honor 5S smart phones with software the versions before TAG-TL00C01B173 have a Factory Reset Protection (FRP) bypass security vulnerability due...
Huawei VMall (for Android) with the versions before 1.5.8.5 have a privilege elevation vulnerability due to improper design. An attacker can trick use...
The outdoor unit of Customer Premise Equipment (CPE) product B2338-168 V100R001C00 has a no authentication vulnerability on a certain port. After acce...
The outdoor unit of Customer Premise Equipment (CPE) product B2338-168 V100R001C00 has a no authentication vulnerability on the serial port. An attack...
OceanStor 5800 V3 with software V300R002C00 and V300R002C10, OceanStor 6900 V3 V300R001C00 has an information leakage vulnerability. Products use TLS1...
FusionCompute V100R005C00 and V100R005C10 have an improper authorization vulnerability due to improper permission settings for a certain file on the h...
Some Huawei smartphones with software AGS-L09C233B019,AGS-W09C233B019,KOB-L09C233B017,KOB-W09C233B012 have a type confusion vulnerability. The program...
The Madapt Driver of some Huawei smart phones with software Earlier than Vicky-AL00AC00B172 versions,Vicky-AL00CC768B122,Vicky-TL00AC01B167,Earlier th...
EVA-L09 smartphones with software Earlier than EVA-L09C25B150CUSTC25D003 versions,Earlier than EVA-L09C440B140 versions,Earlier than EVA-L09C464B361 v...
AR120-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR1200 with software V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200...
AR120-S with software V200R006C10, V200R007C00, V200R008C20, V200R008C30,AR1200 with software V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200...
Huawei mobile phones Honor V9 with the software versions before Duke-AL20C00B195 have an App Lock bypass vulnerability. An attacker could perform spec...
Huawei firewall products USG9500 V500R001C50 has a DoS vulnerability.A remote attacker who controls the peer device could exploit the vulnerability by...
FusionSphere OpenStack with software V100R006C00SPC102(NFV) and V100R006C10 have an information leak vulnerability. Due to an incorrect configuration ...
Huawei smart phones with software earlier than VIE-L09C40B360 versions have a buffer overflow vulnerability due to the lack of parameter validation. A...
Huawei smart phones with software earlier than VIE-L09C40B360 versions have a buffer overflow vulnerability due to the lack of parameter validation. A...
Huawei smart phones with software earlier than Vicky-AL00AC00B172D versions have a Factory Reset Protection (FRP) bypass security vulnerability. When ...
Isub service in P10 Plus and P10 smart phones with earlier than VKY-AL00C00B157 versions and earlier than VTR-AL00C00B157 versions has a denial of ser...
Maya-L02,VKY-L09,VTR-L29,Vicky-AL00A,Victoria-AL00A,Warsaw-AL00 smart phones with software of earlier than Maya-L02C636B126 versions,earlier than VKY-...
Huawei USG6300 V100R001C30SPC300 and USG6600 with software of V100R001C30SPC500,V100R001C30SPC600,V100R001C30SPC700,V100R001C30SPC800 have a weak algo...
The Bastet of some Huawei mobile phones with software earlier than Vicky-AL00AC00B167 versions, earlier than Victoria-AL00AC00B167 versions, earlier t...
Huawei APP HiWallet earlier than 5.0.3.100 versions do not support signature verification for APK file. An attacker could exploit this vulnerability t...
Huawei Email APP Vicky-AL00 smartphones with software of earlier than VKY-AL00C00B171 versions has a stored cross-site scripting vulnerability. A remo...
The camera driver of MTK platform in Huawei smart phones with software of versions earlier than Nice-AL00C00B155 has a buffer overflow vulnerability.D...
The camera driver of MTK platform in Huawei smart phones with software of versions earlier than Nice-AL00C00B155 has a buffer overflow vulnerability.D...
The camera driver of MTK platform in Huawei smart phones with software of versions earlier than Nice-AL00C00B155 has a arbitrary memory write vulnerab...
MTK platform in Huawei smart phones with software of earlier than Nice-AL00C00B160 versions, earlier than Nice-AL10C00B140 versions has a out-of-bound...
MTK platform in Huawei smart phones with software of earlier than Nice-AL00C00B160 versions, earlier than Nice-AL10C00B140 versions has a any memory a...
MTK platform in Huawei smart phones with software of earlier than Nice-AL00C00B160 versions, earlier than Nice-AL10C00B140 versions has a any memory a...
ME906s-158 earlier than ME906S_Installer_13.1805.10.3 versions has a privilege elevation vulnerability. An attacker could exploit this vulnerability t...
The Bastet of some Huawei mobile phones with software of earlier than MHA-AL00BC00B231 versions has a DOS vulnerability due to the lack of parameter v...
FusionSphere OpenStack V100R006C00SPC102(NFV)has a command injection vulnerability. Due to lack of validation, an attacker with high privilege may inj...
FusionSphere OpenStack V100R006C00SPC102(NFV)has a path traversal vulnerability. Due to insufficient path validation, an attacker with high privilege ...
FusionSphere OpenStack V100R006C00SPC102(NFV)has an improper verification of cryptographic signature vulnerability. The software does not verify the c...
FusionSphere OpenStack V100R006C00SPC102(NFV)has a week cryptographic algorithm vulnerability. Attackers may exploit the vulnerability to crack the ci...
FusionSphere OpenStack V100R006C00 has an improper authorization vulnerability. Due to improper authorization, an attacker with low privilege may expl...
The FusionSphere OpenStack V100R006C00SPC102(NFV) has a command injection vulnerability. Due to the insufficient input validation on one port, an auth...
The FusionSphere OpenStack V100R006C00SPC102(NFV) has an improper authentication vulnerability. Due to improper authentication on one port, an authent...
The FusionSphere OpenStack V100R006C00SPC102(NFV) has an improper authentication vulnerability. Due to improper authentication on one port, an authent...
FusionSphere V100R006C00SPC102(NFV) has an incorrect authorization vulnerability. An authenticated attacker could execute commands that he/she should ...
FusionSphere V100R006C00SPC102(NFV) has a command injection vulnerability. An authenticated, remote attacker could craft packets with malicious string...
FusionSphere V100R006C00SPC102(NFV) has an SQL injection vulnerability. An authenticated, remote attacker could craft interface messages carrying mali...
MAX PRESENCE V100R001C00, TP3106 V100R002C00, TP3206 V100R002C00 have an out-of-bounds read vulnerability in H323 protocol. An attacker logs in to the...
MAX PRESENCE V100R001C00, TP3106 V100R002C00, TP3206 V100R002C00 have an out-of-bounds read vulnerability in H323 protocol. An attacker logs in to the...
MAX PRESENCE V100R001C00, TP3106 V100R002C00, TP3206 V100R002C00 have an a memory leak vulnerability in H323 protocol. An attacker logs in to the syst...
The CameraISP driver of some Huawei smart phones with software of versions earlier than Prague-AL00AC00B205,versions earlier than Prague-AL00BC00B205,...
The Bastet Driver of Nova 2 Plus,Nova 2 Huawei smart phones with software of Versions earlier than BAC-AL00C00B173,Versions earlier than PIC-AL00C00B1...
The Bastet driver of Honor 9 Huawei smart phones with software of versions earlier than Stanford-AL10C00B175 has a buffer overflow vulnerability due t...
The Bastet driver of Honor 9 Huawei smart phones with software of versions earlier than Stanford-AL10C00B175 has integer overflow vulnerability due to...
HONOR 7 Lite mobile phones with software of versions earlier than NEM-L21C432B352 have an App Lock bypass vulnerability. An attacker could perform spe...
The driver of honor 5C, honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B36...
The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360...
The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360...
The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360...
The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360...
The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, versions earlier than Berlin-L21HNC432B360...
Huawei SMC2.0 with software of V100R003C10, V100R005C00SPC100, V100R005C00SPC101B001T, V100R005C00SPC102, V100R005C00SPC103, V100R005C00SPC200, V100R0...
Honor 8,Honor V8,Honor 9,Honor V9,Nova 2,Nova 2 Plus,P9,P10 Plus,Toronto Huawei smart phones with software of versions earlier than FRD-AL00C00B391, v...
Honor 8,Honor V8,Honor 9,Honor V9,Nova 2,Nova 2 Plus,P9,P10 Plus,Toronto Huawei smart phones with software of versions earlier than FRD-AL00C00B391, v...
Warsaw Huawei Smart phones with software of versions earlier than Warsaw-AL00C00B180, versions earlier than Warsaw-TL10C01B180 have a permission contr...
Stack-based buffer overflow in the _nc_write_entry function in tinfo/write_entry.c in ncurses 6.0 allows attackers to cause a denial of service (appli...
It was found that versions of rpm before 4.13.0.2 use temporary files with predictable names when installing an RPM. An attacker with ability to write...
The scp_v0s_accept function in sesman/libscp/libscp_v0.c in the session manager in xrdp through 0.9.4 uses an untrusted integer as a write length, whi...
plugins/preauth/pkinit/pkinit_crypto_openssl.c in MIT Kerberos 5 (aka krb5) through 1.15.2 mishandles Distinguished Name (DN) fields, which allows rem...
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. An attacker could extract public and private keys from the firmware image availa...
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. The password encryption method can be retrieved from the firmware. This encrypti...
An issue was discovered on MOXA EDS-G512E 5.1 build 16072215 devices. The backup file contains sensitive information in a insecure way. There is no sa...
parser.c in libxml2 before 2.9.5 mishandles parameter-entity references because the NEXTL macro calls the xmlParserHandlePEReference function in the c...
parser.c in libxml2 before 2.9.5 does not prevent infinite recursion in parameter entities.
auth_login.php in Cacti before 1.0.0 allows remote authenticated users who use web authentication to bypass intended access restrictions by logging in...
etc/initsystem/prepare-dirs in Icinga 2.x through 2.8.1 has a chown call for a filename in a user-writable directory, which allows local users to gain...
The web server on DBL DBLTek devices allows remote attackers to execute arbitrary OS commands by obtaining the admin password via a frame.html?content...
Ametys before 4.0.3 requires authentication only for URIs containing a /cms/ substring, which allows remote attackers to bypass intended access restri...
Directory Traversal vulnerability in app_data_center on Shenzhen Tenda Ac9 US_AC9V1.0BR_V15.03.05.14_multi_TD01, Ac9 ac9_kf_V15.03.05.19(6318_)_cn, Ac...
A global buffer overflow in OptiPNG 0.7.6 allows remote attackers to cause a denial-of-service attack or other unspecified impact with a maliciously c...
The XFRM dump policy implementation in net/xfrm/xfrm_user.c in the Linux kernel before 4.13.11 allows local users to gain privileges or cause a denial...
October CMS through 1.0.428 does not prevent use of .htaccess in themes, which allows remote authenticated users to execute arbitrary PHP code by down...
In libsndfile 1.0.25 (fixed in 1.0.26), a divide-by-zero error exists in the function wav_w64_read_fmt_chunk() in wav_w64.c, which may lead to DoS whe...
The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to execute arbitrary code or cause a denial of ...
The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to cause a denial of service (infinite loop and...
The admin_edit function in app/Controller/UsersController.php in MISP 2.4.82 mishandles the enable_password field, which allows admins to discover a h...
TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impa...
Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash charac...
In Cloud Foundry Foundation cf-deployment v0.35.0, a misconfiguration with Loggregator and syslog-drain causes logs to be drained to unintended locati...
SQL injection vulnerability in the InLinks plugin through 1.1 for WordPress allows authenticated users to execute arbitrary SQL commands via the "keyw...
b3log Symphony (aka Sym) 2.2.0 allows an XSS attack by sending a private letter with a certain /article URI, and a second private letter with a modifi...
TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the iface f...
TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the t_bindi...
The locale feature in cgi-bin/luci on TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allows remote authenticated users to test for the existence of a...
TP-Link TL-WVR, TL-WAR, TL-ER, and TL-R devices allow remote authenticated users to execute arbitrary commands via shell metacharacters in the t_bindi...
A SQL injection vulnerability in core/inc/auto-modules.php in BigTree CMS through 4.2.19 allows remote authenticated attackers to obtain information i...
The WebMail components (Crystal, pronto, and pronto4) in CommuniGate Pro before 6.2.1 have stored XSS vulnerabilities via (1) the location or details ...
An issue was discovered in Pivotal Spring Security 4.2.0.RELEASE through 4.2.2.RELEASE, and Spring Security 5.0.0.M1. When configured to enable defaul...
In Pivotal Spring-LDAP versions 1.3.0 - 2.3.1, when connected to some LDAP servers, when no additional attributes are bound, and when using LDAP BindA...
An issue was discovered in Cloud Foundry Foundation cf-release (all versions prior to v279) and UAA (30.x versions prior to 30.6, 45.x versions prior ...
In Cloud Foundry Foundation Credhub-release version 1.1.0, access control lists (ACLs) enforce whether an authenticated user can perform an operation ...
An issue was discovered in Pivotal Spring Web Flow through 2.4.5. Applications that do not change the value of the MvcViewFactoryCreator useSpringBind...
In Pivotal Single Sign-On for PCF (1.3.x versions prior to 1.3.4 and 1.4.x versions prior to 1.4.3), certain pages allow code to be injected into the ...
In Pivotal Spring AMQP versions prior to 1.7.4, 1.6.11, and 1.5.7, an org.springframework.amqp.core.Message may be unsafely deserialized when being co...
GitPHP by xiphux is vulnerable to OS Command Injections
math.js before 3.17.0 had an arbitrary code execution in the JavaScript engine. Creating a typed function with JavaScript code in the name could resul...
math.js before 3.17.0 had an issue where private properties such as a constructor could be replaced by using unicode characters when creating an objec...
typed-function before 0.10.6 had an arbitrary code execution in the JavaScript engine. Creating a typed function with JavaScript code in the name coul...
An attacker submitting facts to the Foreman server containing HTML can cause a stored XSS on certain pages: (1) Facts page, when clicking on the "char...
Command injection in evince via filename when printing to PDF. This affects versions earlier than 3.25.91.
A vulnerability in Swagger-Parser's version <= 1.0.30 and Swagger codegen version <= 2.2.2 yaml parsing functionality results in arbitrary code being ...
In Zulip Server before 1.7.1, on a server with multiple realms, a vulnerability in the invitation system lets an authorized user of one realm on the s...
A Server Side Request Forgery (SSRF) vulnerability could lead to remote code execution for authenticated administrators. This issue was introduced in ...
The Hipchat for Mac desktop client is vulnerable to client-side remote code execution via video call link parsing. Hipchat for Mac desktop clients at ...
When libvirtd is configured by OSP director (tripleo-heat-templates) to use the TLS transport it defaults to the same certificate authority as all non...
Firmware upgrade authentication bypass vulnerability was found in Dahua IPC-HDW4300S and some IP products. The vulnerability was caused by internal De...
Multiple stored cross-site scripting (XSS) vulnerabilities in TeamPass before 2.1.27.9 allow authenticated remote attackers to inject arbitrary web sc...
TeamPass before 2.1.27.9 does not properly enforce manager access control when requesting users.queries.php. It is then possible for a manager user to...
TeamPass before 2.1.27.9 does not properly enforce manager access control when requesting roles.queries.php. It is then possible for a manager user to...
An arbitrary file upload vulnerability, present in TeamPass before 2.1.27.9, allows remote authenticated users to upload arbitrary files leading to Re...
TeamPass before 2.1.27.9 does not properly enforce item access control when requesting items.queries.php. It is then possible to copy any arbitrary it...
The walk_hugetlb_range function in mm/pagewalk.c in the Linux kernel before 4.14.2 mishandles holes in hugetlb ranges, which allows local users to obt...
IBM Jazz technology based products might divulge information that might be useful in helping attackers through error messages. IBM X-Force ID: 116868.
IBM Rhapsody DM products could reveal sensitive information in HTTP 500 Internal Server Error responses. IBM X-Force ID: 124359.
An undisclosed vulnerability in CLM applications may result in some administrative deployment parameters being shown to an attacker. IBM X-Force ID: 1...
IBM WebSphere MQ 8.0 and 9.0 could allow an authenticated user to cause a shared memory leak by MQ applications using dynamic queues, which can lead t...
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaSc...
IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 7.0 and 8.0 could allow an authenticated attacker to obtain information such a...
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaSc...
IBM Jazz Foundation products could allow an authenticated user to obtain sensitive information from stack traces. IBM X-Force ID: 131852.
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaSc...
IBM DOORS Next Generation (DNG/RRC) 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in t...
IBM Business Process Manager 8.6.0.0 allows authenticated users to stop and resume the Event Manager by calling a REST API with incorrect authorizatio...
IBM DOORS Next Generation (DNG/RRC) 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in t...
IBM DOORS Next Generation (DNG/RRC) 4.0, 5.0, and 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaSc...
IBM DOORS Next Generation (DNG/RRC) 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in t...
IBM DOORS Next Generation (DNG/RRC) 6.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in t...
Samsung 850 Pro and PM851 solid-state drives and Seagate ST500LT015 and ST500LT025 hard disk drives, when in sleep mode and operating in Opal or eDriv...
Samsung 850 Pro and PM851 solid-state drives and Seagate ST500LT015 and ST500LT025 hard disk drives, when used on Windows and operating in Opal mode o...
Seagate ST500LT015 hard disk drives, when operating in eDrive mode on Lenovo ThinkPad W541 laptops with BIOS 2.21, allow physically proximate attacker...
Use-after-free vulnerability in Samba 4.x before 4.7.3 allows remote attackers to execute arbitrary code via a crafted SMB1 request.
Samba before 4.7.3 might allow remote attackers to obtain sensitive information by leveraging failure of the server to clear allocated heap memory.
In Hitachi Vantara Pentaho BA Platform through 8.0, a CSRF issue exists in the Business Analytics application.
Pebble Smartwatch devices through 4.3 mishandle UUID storage, which allows attackers to read an arbitrary application's flash storage, and access an a...
EMC RSA Authentication Manager before 8.2 SP1 P6 has a cross-site scripting vulnerability that could potentially be exploited by malicious users to co...
An issue was discovered in Cloud Foundry Foundation capi-release (all versions prior to 1.45.0), cf-release (all versions prior to v280), and cf-deplo...
An issue was discovered in EMC ScaleIO 2.0.1.x. In a Linux environment, one of the support scripts saves the credentials of the ScaleIO MDM user who e...
An issue was discovered in EMC ScaleIO 2.0.1.x. A vulnerability in message parsers (MDM, SDS, and LIA) could potentially allow an unauthenticated remo...
An issue was discovered in EMC ScaleIO 2.0.1.x. A buffer overflow vulnerability in the SDBG service may potentially allow a remote unauthenticated att...
The files function in the administration section in CS-Cart 4.6.2 and earlier allows attackers to execute arbitrary PHP code via vectors involving a c...
Winamp Pro 5.66 Build 3512 allows remote attackers to cause a denial of service via a crafted WAV, WMV, AU, ASF, AIFF, or AIF file.
KMPlayer 4.2.2.4 allows remote attackers to cause a denial of service via a crafted NSV file.
Customer of Dahua IP camera or IP PTZ could submit relevant device information to receive a time limited temporary password from Dahua authorized deal...
lib/yard/core_ext/file.rb in the server in YARD before 0.9.11 does not block relative paths with an initial ../ sequence, which allows attackers to co...
The Emag Marketplace Connector plugin 1.0.0 for WordPress has reflected XSS because the parameter "post" to /wp-content/plugins/emag-marketplace-conne...
An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to cause a denial of service (infinite loop and host OS hang) by leveraging t...
An issue was discovered in Xen through 4.9.x allowing HVM guest OS users to gain privileges on the host OS, obtain sensitive information, or cause a d...
An issue was discovered in Xen through 4.9.x on the ARM platform allowing guest OS users to obtain sensitive information from DRAM after a reboot, bec...
TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impa...
TG Soft Vir.IT eXplorer Lite 8.5.42 allows local users to cause a denial of service (NULL pointer dereference) or possibly have unspecified other impa...
The mm_init function in kernel/fork.c in the Linux kernel before 4.12.10 does not clear the ->exe_file member of a new process's mm_struct, allowing a...
The init_new_context function in arch/x86/include/asm/mmu_context.h in the Linux kernel before 4.12.10 does not correctly handle errors from LDT table...
In aubio 0.4.6, a divide-by-zero error exists in the function new_aubio_source_wavread() in source_wavread.c, which may lead to DoS when playing a cra...
The WooCommerce plugin through 3.x for WordPress has a Directory Traversal Vulnerability via a /wp-content/plugins/woocommerce/templates/emails/plain/...
An issue was discovered in certain Apple products. macOS High Sierra before Security Update 2017-001 is affected. The issue involves the "Directory Ut...
XSS exists in the amtyThumb amty-thumb-recent-post (aka amtyThumb posts or wp-thumb-post) plugin 8.1.3 for WordPress via the query string to amtyThumb...
EMC RSA Authentication Agent for Web: Apache Web Server version 8.0 and RSA Authentication Agent for Web: Apache Web Server version 8.0.1 prior to Bui...
EMC RSA Authentication Agent API 8.5 for C and RSA Authentication Agent SDK 8.6 for C allow attackers to bypass authentication, aka an "Error Handling...
The NTLM authentication feature in curl and libcurl before 7.57.0 on 32-bit platforms allows attackers to cause a denial of service (integer overflow ...
The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service (out-of-bounds read and application c...
curl and libcurl before 7.57.0 on 32-bit platforms allow attackers to cause a denial of service (out-of-bounds access and application crash) or possib...
A Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, 5.4 and below versions under SSL VPN web portal allows ...
An improper access control vulnerability in Fortinet FortiWebManager 5.8.0 allows anyone that can access the admin webUI to successfully log-in regard...
Atlassian Fisheye and Crucible versions less than 4.4.3 and version 4.5.0 are vulnerable to argument injection through filenames in Mercurial reposito...
An issue was discovered in Squiz Matrix from 5.3 through to 5.3.6.1 and 5.4.1.3. An information disclosure caused by a Path Traversal issue in the 'Fi...
An issue was discovered in Squiz Matrix before 5.3.6.1 and 5.4.x before 5.4.1.3. There are multiple reflected Cross-Site Scripting (XSS) issues in Mat...
An issue was discovered in Squiz Matrix before 5.3.6.1 and 5.4.x before 5.4.1.3. Authenticated users with permissions to edit design assets can cause ...
Splunk Web in Splunk Enterprise 7.0.x before 7.0.0.1, 6.6.x before 6.6.3.2, 6.5.x before 6.5.6, 6.4.x before 6.4.9, and 6.3.x before 6.3.12, when the ...
A vulnerability in Cisco WebEx Meeting Center could allow an authenticated, remote attacker to initiate connections to arbitrary hosts, aka a "URL Red...
A vulnerability in Session Initiation Protocol (SIP) call handling in Cisco IP Phone 8800 Series devices could allow an unauthenticated, remote attack...
A vulnerability in the CLI of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System Software could allow an authenticated, local attacke...
A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vuln...
A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to bypass signature verification when loading a software p...
A vulnerability in Cisco NX-OS System Software patch installation could allow an authenticated, local attacker to write a file to arbitrary locations....
A vulnerability in Cisco NX-OS System Software could allow an authenticated, local attacker to bypass signature verification when loading a software i...
A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. An attac...
A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vuln...
A vulnerability in the TCL scripting subsystem of Cisco NX-OS System Software could allow an authenticated, local attacker to escape the interactive T...
A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to read the contents of arbitrary files. The vu...
A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. The vuln...
A vulnerability in Cisco NX-OS System Software running on Cisco MDS Multilayer Director Switches, Cisco Nexus 7000 Series Switches, and Cisco Nexus 77...
A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local attacker to perform a command injection attack. An attac...
A vulnerability in the Open Agent Container (OAC) feature of Cisco Nexus Series Switches could allow an unauthenticated, local attacker to read and se...
Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) Software could allow a remote attacker to inject arbitrary values into DCNM confi...
Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) Software could allow a remote attacker to inject arbitrary values into DCNM confi...
Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) Software could allow a remote attacker to inject arbitrary values into DCNM confi...
Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) Software could allow a remote attacker to inject arbitrary values into DCNM confi...
Multiple vulnerabilities in Cisco Data Center Network Manager (DCNM) Software could allow a remote attacker to inject arbitrary values into DCNM confi...
Multiple vulnerabilities in the web-based management interface of Cisco UCS Central Software could allow a remote attacker to conduct a cross-site scr...
Multiple vulnerabilities in the web-based management interface of Cisco UCS Central Software could allow a remote attacker to conduct a cross-site scr...
A vulnerability in the guest shell feature of Cisco NX-OS System Software could allow an authenticated, local attacker to read and send packets outsid...
A vulnerability in certain system script files that are installed at boot time on Cisco Application Policy Infrastructure Controllers could allow an a...
A vulnerability in the Multipurpose Internet Mail Extensions (MIME) scanner of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could ...
A vulnerability in the web-based interface of Cisco Secure Access Control System (ACS) could allow an unauthenticated, remote attacker to view sensiti...
A vulnerability in the Local Packet Transport Services (LPTS) ingress frame-processing functionality of Cisco IOS XR Software could allow an unauthent...
A vulnerability in the web-based management interface of Cisco Jabber for Windows, Mac, Android, and iOS could allow an unauthenticated, remote attack...
A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an authenticated, remote attacker to conduct...
A vulnerability in the web-based management interface of Cisco Jabber for Windows, Mac, Android, and iOS could allow an authenticated, remote attacker...
A Buffer Overflow vulnerability in Cisco WebEx Network Recording Player for Advanced Recording Format (.arf) files could allow an attacker to execute ...
A vulnerability in Cisco WebEx Network Recording Player for WebEx Recording Format (WRF) files could allow an attacker to cause a denial of service (D...
A vulnerability in Cisco Jabber for Windows could allow an unauthenticated, local attacker to access sensitive communications made by the Jabber clien...
A vulnerability in Cisco Meeting Server versions prior to 2.2.2 could allow an authenticated, remote attacker to cause the system to reload, resulting...
A vulnerability in Cisco WebEx Meeting Server could allow an unauthenticated, remote attacker to modify the welcome message of a meeting on an affecte...
A SQL Injection vulnerability in the web framework of Cisco Prime Service Catalog could allow an unauthenticated, remote attacker to execute unauthori...
A vulnerability in Cisco WebEx Event Center could allow an authenticated, remote attacker to view unlisted meeting information. The vulnerability is d...
A vulnerability in Cisco WebEx Meeting Center could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a...
A "Cisco WebEx Network Recording Player Denial of Service Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording Format ...
A "Cisco WebEx Network Recording Player Remote Code Execution Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording For...
A "Cisco WebEx Network Recording Player Out-of-Bounds Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF...
A "Cisco WebEx Network Recording Player Remote Code Execution Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording For...
A "Cisco WebEx Network Recording Player Remote Code Execution Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording For...
A "Cisco WebEx Network Recording Player Remote Code Execution Vulnerability" exists in Cisco WebEx Network Recording Player for Advanced Recording For...
Apache CXF Fediz ships with a number of container-specific plugins to enable WS-Federation for applications. A CSRF (Cross Style Request Forgery) styl...
An issue was discovered on D-Link DIR-605L Model B before FW2.11betaB06_hbrf devices, related to the code that handles the authentication values for H...
Restlet Framework before 2.3.11, when using SimpleXMLProvider, allows remote attackers to access arbitrary files via an XXE attack in a REST API HTTP ...
Restlet Framework before 2.3.12 allows remote attackers to access arbitrary files via a crafted REST API HTTP request that conducts an XXE attack, bec...
The rngapi_reset function in crypto/rng.c in the Linux kernel before 4.2 allows attackers to cause a denial of service (NULL pointer dereference).
A vulnerability was identified in Lenovo XClarity Administrator (LXCA) before 1.4.0 where LXCA user account names may be exposed to unauthenticated us...
OpenDaylight Karaf 0.6.1-Carbon fails to clear the cache after a password change, allowing the old password to be used until the Karaf cache is manual...
elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, does not validate sizes of core notes, which al...
The gmc_mmx function in libavcodec/x86/mpegvideodsp.c in FFmpeg 2.3 and 3.4 does not properly validate widths and heights, which allows remote attacke...
The Linux Kernel versions 2.6.38 through 4.14 have a problematic use of pmd_mkdirty() in the touch_pmd() function inside the THP implementation. touch...