netpub/server.np in Extensis Portfolio NetPublish has XSS in the quickfind parameter, aka Open Bug Bounty ID OBB-290447.
Authentication Bypass vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to inser...
SQL Injection vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to execute SQL q...
In ImageMagick 7.0.7-17 Q16, there is a Memory Leak in ReadPWPImage in coders/pwp.c.
In OpenCV 3.3.1, a heap-based buffer over-read exists in the function cv::HdrDecoder::checkSignature in modules/imgcodecs/src/grfmt_hdr.cpp.
The E-goi Smart Marketing SMS and Newsletters Forms plugin before 2.0.0 for WordPress has XSS via the admin/partials/custom/egoi-for-wp-form_egoi.php ...
The MyCBGenie Affiliate Ads for Clickbank Products plugin through 1.6 for WordPress has XSS via the text_ads_ajax.php border_color parameter.
The Z-URL Preview plugin 1.6.1 for WordPress has XSS via the class.zlinkpreview.php url parameter.
In LibTIFF 4.0.9, there is a Null-Pointer Dereference in the tif_print.c TIFFPrintDirectory function, as demonstrated by a tiffinfo crash.
getConfigExportFile.cgi on FLIR Brickstream 2300 devices 2.0 4.1.53.166 has Incorrect Access Control, as demonstrated by reading the AVI_USER_ID and A...
Craft CMS 2.6.3000 allows remote attackers to execute arbitrary PHP code by using the "Assets->Upload files" screen and then the "Replace it" option, ...
The ILLID Share This Image plugin before 1.04 for WordPress has XSS via the sharer.php url parameter.
A Path Traversal issue was discovered in Schneider Electric Pelco VideoXpert Enterprise all versions prior to 2.1. By sniffing communications, an unau...
An exposure of sensitive information vulnerability exists in Schneider Electric's Pelco VideoXpert Enterprise versions 2.0 and prior. Using a director...
A privilege escalation vulnerability exists in Schneider Electric's Pelco VideoXpert Enterprise versions 2.0 and prior. By replacing certain files, an...
Passbolt API version 1.6.4 and older are vulnerable to a XSS in the url field on the password workspace
Eleix Openhacker version 0.1.47 is vulnerable to a XSS vulnerability in the bank transactions component resulting in arbitrary code execution in the b...
Eleix Openhacker version 0.1.47 is vulnerable to an SQL injection in the account registration and login component resulting in information disclosure ...
ImageMagick 7.0.7-1 and older version are vulnerable to null pointer dereference in the MagickCore component and might lead to denial of service
gps-server.net GPS Tracking Software (self hosted) 2.x has a password reset procedure that immediately resets passwords upon an unauthenticated reques...
The writeLog function in fn_common.php in gps-server.net GPS Tracking Software (self hosted) through 3.0 allows remote attackers to inject arbitrary P...
Linaro's open source TEE solution called OP-TEE, version 2.4.0 (and older) is vulnerable to the bellcore attack in the LibTomCrypt code resulting in c...
Linaro's open source TEE solution called OP-TEE, version 2.4.0 (and older) is vulnerable a timing attack in the Montgomery parts of libMPA in OP-TEE r...
Structured Data Linter versions 2.4.1 and older are vulnerable to a directory traversal attack in the URL input field resulting in the possibility of ...
In opencv/modules/imgcodecs/src/utils.cpp, functions FillUniColor and FillUniGray do not check the input length, which can lead to integer overflow. I...
fs-git is a file system like api for git repository. The fs-git version 1.0.1 module relies on child_process.exec, however, the buildCommand method us...
An XML Signature Wrapping vulnerability exists in Samlify 2.2.0 and earlier, and in predecessor Express-saml2 which could allow attackers to impersona...
CMS Made Simple version 2.1.6 and 2.2 are vulnerable to Smarty templating injection in some core modules, resulting in unauthenticated PHP code execut...
CMS Made Simple 2.1.6, 2.2, 2.2.1 are vulnerable to Smarty Template Injection in some core components, resulting in local file read before 2.2, and lo...
GuixSD prior to Git commit 5e66574a128937e7f2fcf146d146225703ccfd5d used POSIX hard links incorrectly, leading the creation of setuid executables in "...
IBM WebSphere MQ 8.0 and 9.0 could allow an authenticated user with authority to send a specially crafted request that could cause a channel process t...
The WildMidi_Open function in WildMIDI since commit d8a466829c67cacbb1700beded25c448d99514e5 allows remote attackers to cause a denial of service (hea...
freedesktop.org libpoppler 0.60.1 fails to validate boundaries in TextPool::addWord, leading to overflow in subsequent calculations.
Cross-site scripting (XSS) vulnerability in Help.aspx in mojoPortal version 2.5.0.0 allows remote attackers to inject arbitrary web script or HTML via...
Bro before Bro v2.5.2 is vulnerable to an out of bounds write in the ContentLine analyzer allowing remote attackers to cause a denial of service (cras...
phpBB version 3.2.0 is vulnerable to SSRF in the Remote Avatar function resulting allowing an attacker to perform port scanning, requesting internal c...
Syncthing version 0.14.33 and older is vulnerable to symlink traversal resulting in arbitrary file overwrite
Gifsicle gifview 1.89 and older is vulnerable to a use-after-free in the read_gif function resulting potential code execution
Gnome gdk-pixbuf 2.36.8 and older is vulnerable to several integer overflow in the gif_get_lzw function resulting in memory corruption and potential c...
b2evolution version 6.6.0 - 6.8.10 is vulnerable to input validation (backslash and single quote escape) in basic install functionality resulting in u...
Github Electron version 1.6.4 - 1.6.11 and 1.7.0 - 1.7.5 is vulnerable to a URL Spoofing problem when opening PDFs in PDFium resulting loading arbitra...
rust-base64 version <= 0.5.1 is vulnerable to a buffer overflow when calculating the size of a buffer to use when encoding base64 using the 'encode_co...
eZ Systems eZ Publish version 5.4.0 to 5.4.9, and 5.3.12 and older, is vulnerable to an XSS issue in the search module, resulting in a risk of attacke...
MapProxy version 1.10.3 and older is vulnerable to a Cross Site Scripting attack in the demo service resulting in possible information disclosure.
Cross-site scripting (XSS) vulnerability in the /html/portal/flash.jsp page in Liferay Portal CE 7.0 GA4 and older allows remote attackers to inject a...
marked version 0.3.6 and earlier is vulnerable to an XSS attack in the data: URI parser.
Vanilla Forums below 2.1.5 are affected by CSRF leading to Deleting topics and comments from forums Admin access
pysaml2 version 4.4.0 and older accept any password when run with python optimizations enabled. This allows attackers to log in as any user without kn...
Wordpress plugin Furikake version 0.1.0 is vulnerable to an Open Redirect The furikake-redirect parameter on a page allows for a redirect to an attack...
Creolabs Gravity 1.0 contains a stack based buffer overflow in the operator_string_add function, resulting in remote code execution.
In OMERO 5.3.3 or earlier a user could create an OriginalFile and adjust its path such that it now points to another user's file on the underlying fil...
Leanote version <= 2.5 is vulnerable to XSS due to not sanitized input in markdown notes
Leafpub version 1.2.0-beta6 is vulnerable to stored cross-site scripting vulnerability, within the edit blog post page, which can result in disruption...
Invoice Ninja version 3.8.1 is vulnerable to stored cross-site scripting vulnerability, within the invoice creation page, which can result in disrupti...
Shiba markdown live preview app version 1.1.0 is vulnerable to XSS which leads to code execution due to enabled node integration.
Leanote-desktop version v2.5 is vulnerable to a XSS which leads to code execution due to enabled node integration
Rocket.Chat Server version 0.59 and prior is vulnerable to a NoSQL injection leading to administrator account takeover
The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to ca...
In Octopus Deploy versions 3.2.11 - 4.1.5 (fixed in 4.1.6), an authenticated user with ProcessEdit permission could reference an Azure account in such...
The Exiv2::Jp2Image::readMetadata function in jp2image.cpp in Exiv2 0.26 allows remote attackers to cause a denial of service (excessive memory alloca...
Uninitialized stack variable vulnerability in NameValueParserEndElt (upnpreplyparse.c) in miniupnpd < 2.0 allows an attacker to cause Denial of Servic...
QuickApps CMS version 2.0.0 is vulnerable to Stored Cross-site Scripting in the user's real name field resulting in denial of service and performing u...
Commsy version 9.0.0 is vulnerable to XXE attacks in the configuration import functionality resulting in denial of service and possibly remote executi...
Pepperminty-Wiki version 0.15 is vulnerable to XXE attacks in the getsvgsize function resulting in denial of service and possibly remote code executio...
AndroidSVG version 1.2.2 is vulnerable to XXE attacks in the SVG parsing component resulting in denial of service and possibly remote code execution
phpMyAdmin versions 4.7.x (prior to 4.7.6.1/4.7.7) are vulnerable to a CSRF weakness. By deceiving a user to click on a crafted URL, it is possible to...
LavaLite version 5.2.4 is vulnerable to stored cross-site scripting vulnerability, within the blog creation page, which can result in disruption of se...
Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the "config" and "migrate" parameters resulting in unauthent...
Mautic version 2.1.0 - 2.11.0 is vulnerable to an inline JS XSS attack when using Mautic forms on a Mautic landing page using GET parameters to pre-po...
Mautic versions 2.0.0 - 2.11.0 with a SSO plugin installed could allow a disabled user to still login using email address
Mautic versions 1.0.0 - 2.11.0 are vulnerable to allowing any authorized Mautic user session (must be logged into Mautic) to use the Filemanager to do...
ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a deni...
XMLBundle version 0.1.7 is vulnerable to XXE attacks which can result in denial of service attacks.
ELabftw version 1.7.8 is vulnerable to stored cross-site scripting in the experiment infos component resulting in arbitrary execution of JavaScript an...
pfSense versions 2.4.1 and lower are vulnerable to clickjacking attacks in the CSRF error page resulting in privileged execution of arbitrary code, be...
Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when calling fetch() or display() functions on custom resources that does not sanitize te...
When you visit a page where you need to login, Plone 2.5-5.1rc1 sends you to the login form with a 'came_from' parameter set to the previous url. Afte...
A member of the Plone 2.5-5.1rc1 site could set javascript in the home_page property of his profile, and have this executed when a visitor click the h...
Accessing private content via str.format in through-the-web templates and scripts in Plone 2.5-5.1rc1. This improves an earlier hotfix. Since the form...
In line libavcodec/h264dec.c:500 in libav(v13_dev0), ffmpeg(n3.4), chromium(56 prior Feb 13, 2017), the return value of init_get_bits is ignored and g...
Brave Software's Brave Browser, version 0.19.73 (and earlier) is vulnerable to an incorrect access control issue in the "JS fingerprinting blocking" c...
BookStack version 0.18.4 is vulnerable to stored cross-site scripting, within the page creation page, which can result in disruption of service and ex...
Cobbler version up to 2.8.2 is vulnerable to a command injection vulnerability in the "add repo" component resulting in arbitrary code execution as ro...
EmbedThis GoAhead Webserver versions 4.0.0 and earlier is vulnerable to an integer overflow in the HTTP listener resulting in denial of service.
EmbedThis GoAhead Webserver version 4.0.0 is vulnerable to a NULL pointer dereference in the CGI handler resulting in memory corruption or denial of s...
The ZipCommon::isValidPath() function in Zip/src/ZipCommon.cpp in POCO C++ Libraries before 1.8 does not properly restrict the filename value in the Z...
Linux Dash up to version v2 is vulnerable to multiple command injection vulnerabilities in the way module names are parsed and then executed resulting...
By linking to a specific url in Plone 2.5-5.1rc1 with a parameter, an attacker could send you to his own website. On its own this is not so bad: the a...
Nylas Mail Lives 2.2.2 uses 0755 permissions for $HOME/.nylas-mail, which allows local users to obtain sensitive authentication information via standa...
Primetek Primefaces 5.x is vulnerable to a weak encryption flaw resulting in remote code execution
Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings.
Online Ticket Booking has XSS via the admin/sitesettings.php keyword parameter.
Online Ticket Booking has CSRF via admin/movieedit.php.
Online Ticket Booking has XSS via the admin/manageownerlist.php contact parameter.
Online Ticket Booking has XSS via the admin/snacks_edit.php snacks_name parameter.
Online Ticket Booking has XSS via the admin/newsedit.php newstitle parameter.
Online Ticket Booking has XSS via the admin/movieedit.php moviename parameter.
Online Ticket Booking has XSS via the admin/eventlist.php cast parameter.
In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other im...
In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other im...
In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other im...
In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other im...
In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other im...
In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other im...
In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other im...
In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other im...
In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other im...
In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other im...
In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R...
In K7 Total Security before 15.1.0.305, user-controlled input to the K7Sentry device is not sufficiently sanitized: the user-controlled input can be u...
In Dell EMC VNX2 versions prior to Operating Environment for File 8.1.9.217 and VNX1 versions prior to Operating Environment for File 7.1.80.8, a web ...
On Samsung mobile devices with L(5.x), M(6.x), and N(7.x) software and Exynos chipsets, attackers can execute arbitrary code in the bootloader because...
Malicious PATCH requests submitted to servers using Spring Data REST versions prior to 2.6.9 (Ingalls SR9), versions prior to 3.0.1 (Kay SR1) and Spri...
A Buffer Overflow vulnerability in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) files could allow a local attacker to exec...
A vulnerability in Cisco WebEx Network Recording Player for Advanced Recording Format (ARF) files could allow a remote attacker to execute arbitrary c...
A vulnerability in the Cisco node-jose open source library before 0.11.0 could allow an unauthenticated, remote attacker to re-sign tokens using a key...
An issue was discovered in these Pivotal Cloud Foundry products: all versions prior to cf-release v270, UAA v3.x prior to v3.20.2, and UAA bosh v30.x ...
On Samsung mobile devices with N(7.x) software and Exynos chipsets, attackers can conduct a Trustlet stack overflow attack for arbitrary TEE code exec...
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an att...
Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker wit...
Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an att...
The Color Management Module (Icm32.dll) in Windows 7 SP1 and Windows Server 2008 SP2 and R2 SP1 allows an information disclosure vulnerability due to ...
Windows Subsystem for Linux in Windows 10 version 1703, Windows 10 version 1709, and Windows Server, version 1709 allows an elevation of privilege vul...
The Windows kernel in Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows ...
The Windows kernel in Windows 10 version 1703. Windows 10 version 1709, and Windows Server, version 1709 allows an information disclosure vulnerabilit...
The Windows kernel in Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows ...
The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 16...
The Windows kernel in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 16...
The Microsoft Server Message Block (SMB) Server in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and ...
The Windows GDI component in Windows 7 SP1 and Windows Server 2008 SP2 and R2 SP1 allows an information disclosure vulnerability due to the way object...
The Windows Kernel API in Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Wind...
The Windows Kernel API in Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Wind...
Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 a...
The Windows Adobe Type Manager Font Driver (Atmfd.dll) in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 20...
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the ...
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet...
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to obtain information to further compr...
Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to obtain information to further compromise ...
Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine han...
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the ...
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the ...
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet...
Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine han...
Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine han...
Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine han...
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the ...
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the ...
Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine han...
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to obtain information to further compr...
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the ...
The Windows Adobe Type Manager Font Driver (Atmfd.dll) in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, and Windows Serve...
Microsoft Edge in Microsoft Windows 10 1709 allows an attacker to obtain information to further compromise the user's system, due to how the scripting...
Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to access information from one domain ...
The BIRT plugin in Apache OFBiz 16.11.01 to 16.11.03 does not escape user input property passed. This allows for code injection by passing that code t...
The Apache DeltaSpike-JSF 1.8.0 module has a XSS injection leak in the windowId handling. The default size of the windowId get's cut off after 10 char...
The DCPluginServelet servlet in ManageEngine Desktop Central and Desktop Central MSP before build 90109 allows remote attackers to create administrato...
xDashboard in OpenText Document Sciences xPression (formerly EMC Document Sciences xPression) v4.5SP1 Patch 13 has SQL Injection.
IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly s...
IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly s...
IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 stores sensitive information in URL parameters. This may lead to information disclosure if unauthor...
IBM Tivoli Key Lifecycle Manager 2.6 and 2.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauth...
IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScrip...
IBM MQ Managed File Transfer Agent 8.0 and 9.0 sets insecure permissions on certain files it creates. A local attacker could exploit this vulnerabilit...
IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 discloses sensitive information in error messages that could aid an attacker in further attacks aga...
The Simple Download Monitor plugin before 3.5.4 for WordPress has XSS via the sdm_upload_thumbnail (aka File Thumbnail) parameter in an edit action to...
The Simple Download Monitor plugin before 3.5.4 for WordPress has XSS via the sdm_upload (aka Downloadable File) parameter in an edit action to wp-adm...
The "Add Link to Facebook" plugin through 2.3 for WordPress has XSS via the al2fb_facebook_id parameter to wp-admin/profile.php.
Inteno iopsys 2.0-3.14 and 4.0 devices allow remote authenticated users to execute arbitrary OS commands by modifying the leasetrigger field in the od...
Fork CMS 5.0.7 has XSS in /private/en/pages/edit via the title parameter.
Radiant CMS 1.1.4 has XSS via crafted Markdown input in the part_body_content parameter to an admin/pages/*/edit resource.
In K7 Antivirus 15.1.0306, the driver file (K7Sentry.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other im...
In K7 Antivirus 15.1.0306, the driver file (K7Sentry.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other im...
In K7 Antivirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other im...
In K7 Antivirus 15.1.0306, the driver file (K7Sentry.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other im...
A SQL Injection issue was discovered in WebAccess versions prior to 8.3. WebAccess does not properly sanitize its inputs for SQL commands.
A Path Traversal issue was discovered in WebAccess versions 8.3.2 and earlier. An attacker has access to files within the directory structure of the t...
A Stack-based Buffer Overflow issue was discovered in Advantech WebAccess versions prior to 8.3. There are multiple instances of a vulnerability that ...
An Untrusted Pointer Dereference issue was discovered in Advantech WebAccess versions prior to 8.3. There are multiple vulnerabilities that may allow ...
An Improper Input Validation issue was discovered in Advantech WebAccess versions prior to 8.3. WebAccess allows some inputs that may cause the progra...
The DuoLingo TinyCards application before 1.0 for Android has one use of unencrypted HTTP, which allows remote attackers to spoof content, and consequ...
VMware Workstation (14.x and 12.x) and Fusion (10.x and 8.x) contain a guest access control vulnerability. This issue may allow program execution via ...
The VMware V4H and V4PA desktop agents (6.x before 6.5.1) contain a privilege escalation vulnerability. Successful exploitation of this issue could re...
VMware Workstation (14.x before 14.1.0 and 12.x) and Horizon View Client (4.x before 4.7.0) contain an out-of-bounds read vulnerability in TPView.dll....
(1) wp-dbmanager.php and (2) database-manage.php in the WP-DBManager (aka Database Manager) plugin before 2.7.2 for WordPress place credentials on the...
The "Sql Run Query" panel in WP-DBManager (aka Database Manager) plugin before 2.7.2 for WordPress allows remote attackers to read arbitrary files by ...
The groups API in GitLab 6.x and 7.x before 7.4.3 allows remote authenticated guest users to modify ownership of arbitrary groups by leveraging improp...
TRENDnet TEW-823DRU devices with firmware before 1.00b36 have a hardcoded password of kcodeskcodes for the root account, which makes it easier for rem...
Xplico before 1.2.1 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the name of an uploaded PCAP file. NO...
An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integ...
An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integ...
An issue was discovered in EMC Avamar Server 7.1.x, 7.2.x, 7.3.x, 7.4.x, 7.5.0; EMC NetWorker Virtual Edition (NVE) 9.0.x, 9.1.x, 9.2.x; and EMC Integ...
In Xen 4.10, new infrastructure was introduced as part of an overhaul to how MSR emulation happens for guests. Unfortunately, one tracking structure i...
It was discovered that QtPass before 1.2.1, when using the built-in password generator, generates possibly predictable and enumerable passwords. This ...
In ImageMagick 7.0.7-12 Q16, there are memory leaks in MontageImageCommand in MagickWand/montage.c.
In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadPATTERNImage in coders/pattern.c.
In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadRLAImage in coders/rla.c.
In ImageMagick 7.0.7-17 Q16, there is a heap-based buffer over-read in coders/sixel.c in the ReadSIXELImage function, related to the sixel_decode func...
Cross-site scripting (XSS) vulnerability in Shaarli before 0.8.5 and 0.9.x before 0.9.3 allows remote attackers to inject arbitrary code via the login...
In libming 0.4.8, there is an integer signedness error vulnerability (left shift of a negative value) in the readSBits function (util/read.c). Remote ...
libimageworsener.a in ImageWorsener 1.3.2, when libjpeg 8d is used, has a large loop in the get_raw_sample_int function in imagew-main.c.
The AP4_FtypAtom class in Core/Ap4FtypAtom.cpp in Bento4 1.5.1.0 has an Infinite loop via a crafted MP4 file that triggers size mishandling.
When using incomplete escape codes, Irssi before 1.0.6 may access data beyond the end of the string.
When the channel topic is set without specifying a sender, Irssi before 1.0.6 may dereference a NULL pointer.
When using an incomplete variable argument, Irssi before 1.0.6 may access data beyond the end of the string.
In Irssi before 1.0.6, a calculation error in the completion code could cause a heap buffer overflow when completing certain strings.
Hitron CVE-30360 devices use a 578A958E3DD933FC DES key that is shared across different customers' installations, which makes it easier for attackers ...
The Installer in Whale allows DLL hijacking.
Persistent XSS exists in the web server on Cobham Sea Tel 116 build 222429 satellite communication system devices: remote attackers can inject malicio...
Cobham Sea Tel 121 build 222701 devices allow remote attackers to obtain potentially sensitive information about valid usernames by reading the loginN...
Cobham Sea Tel 121 build 222701 devices allow remote attackers to bypass authentication via a direct request to MenuDealerGx.html, MenuDealer.html, Me...
SQL injection vulnerability in NewsBee CMS allow remote attackers to execute arbitrary SQL commands.
The "XML Interface to Messaging, Scheduling, and Signaling" (XIMSS) protocol implementation in CommuniGate Pro (CGP) 6.2 suffers from a Missing XIMSS ...
In OpenCV 3.3.1, a heap-based buffer overflow happens in cv::Jpeg2KDecoder::readComponent8u in modules/imgcodecs/src/grfmt_jpeg2000.cpp when parsing a...
In OpenCV 3.3.1, an assertion failure happens in cv::RBaseStream::setPos in modules/imgcodecs/src/bitstrm.cpp because of an incorrect integer cast.
In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified o...
In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified o...
In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified o...
In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified o...
In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified o...
In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified o...
In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified o...
In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified o...
In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified o...
In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified o...
The ImageInject plugin 1.15 for WordPress has XSS via the flickr_appid parameter to wp-admin/options-general.php.
The ImageInject plugin 1.15 for WordPress has CSRF via wp-admin/options-general.php.
The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin/admin.php panel parameter for the gd-rating-system-about page.
The GD Rating System plugin 2.3 for WordPress has Directory Traversal in the wp-admin/admin.php panel parameter for the gd-rating-system-about page.
The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin/admin.php panel parameter for the gd-rating-system-transfer page.
The GD Rating System plugin 2.3 for WordPress has Directory Traversal in the wp-admin/admin.php panel parameter for the gd-rating-system-information p...
The GD Rating System plugin 2.3 for WordPress has Directory Traversal in the wp-admin/admin.php panel parameter for the gd-rating-system-transfer page...
The GD Rating System plugin 2.3 for WordPress has Directory Traversal in the wp-admin/admin.php panel parameter for the gd-rating-system-tools page.
The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin/admin.php panel parameter for the gd-rating-system-information page.
The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin/admin.php panel parameter for the gd-rating-system-tools page.
In libming 0.4.8, there is an integer overflow (caused by an out-of-range left shift) in the readUInt32 function (util/read.c). Remote attackers could...
In PoDoFo 0.9.5, there is an integer overflow in the PdfXRefStreamParserObject::ParseStream function (base/PdfXRefStreamParserObject.cpp). Remote atta...
In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PdfParser::ReadXRefSubsection function (base/PdfParser.cpp). Remote attackers could...
In the Procter & Gamble "Oral-B App" (aka com.pg.oralb.oralbapp) application 5.0.0 for Android, AES encryption with static parameters is used to secur...
Discuz! DiscuzX X3.4 allows remote authenticated users to bypass intended attachment-deletion restrictions via a modified aid parameter.
SonicWall SonicOS on Network Security Appliance (NSA) 2016 Q4 devices has XSS via the Configure SSO screens.
SonicWall SonicOS on Network Security Appliance (NSA) 2017 Q4 devices has XSS via the CFS Custom Category and Cloud AV DB Exclusion Settings screens.
Kentico 9.0 through 11.0 has a stack-based buffer overflow via the SqlName, SqlPswd, Database, UserName, or Password field in a SilentInstall XML docu...
The Photos in Wifi application 1.0.1 for iOS has directory traversal via the ext parameter to assets-library://asset/asset.php.
(1) oo-analytics-export and (2) oo-analytics-import in the openshift-origin-broker-util package in Red Hat OpenShift Enterprise 1 and 2 allow local us...
__init__.py in f2py in NumPy before 1.8.1 allows local users to write to arbitrary files via a symlink attack on a temporary file.
(1) core/tests/test_memmap.py, (2) core/tests/test_multiarray.py, (3) f2py/f2py2e.py, and (4) lib/tests/test_io.py in NumPy before 1.8.1 allow local u...
Aruba Networks ClearPass Policy Manager 6.1.x, 6.2.x before 6.2.5.61640 and 6.3.x before 6.3.0.61712, when configured to use tunneled and non-tunneled...
DefaultHostnameVerifier in Ldaptive (formerly vt-ldap) does not properly verify that the server hostname matches a domain name in the subject's Common...
Unrestricted file upload vulnerability in the Gravity Upload Ajax plugin 1.1 and earlier for WordPress allows remote attackers to execute arbitrary co...
Cross-site scripting (XSS) vulnerability in Symmetricom s350i 2.70.15 allows remote attackers to inject arbitrary web script or HTML via vectors invol...
SQL injection vulnerability in the checkPassword function in Symmetricom s350i 2.70.15 allows remote attackers to execute arbitrary SQL commands via v...
FreeNAS before 9.3-M3 has a blank admin password, which allows remote attackers to gain root privileges by leveraging a WebGui login.
Multiple Huawei Campus switches allow remote attackers to enumerate usernames via vectors involving use of SSH by the maintenance terminal.
clipedit in the Clipboard module for Perl allows local users to delete arbitrary files via a symlink attack on /tmp/clipedit$$.
TeamSpeak Client 3.0.14 and earlier allows remote authenticated users to cause a denial of service (buffer overflow and application crash) by connecti...
Buffer overflow in TeamSpeak Client 3.0.14 and earlier allows remote authenticated users to cause a denial of service (application crash) by connectin...
The TLS stack in Mono before 3.12.1 allows man-in-the-middle attackers to conduct message skipping attacks and consequently impersonate clients by lev...
The TLS stack in Mono before 3.12.1 makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS tra...
The TLS stack in Mono before 3.12.1 allows remote attackers to have unspecified impact via vectors related to client-side SSLv2 fallback.
Sitefinity 5.1, 5.2, 5.3, 5.4, 6.x, 7.x, 8.x, 9.x, and 10.x allow remote attackers to bypass authentication and consequently cause a denial of service...
Multiple SQL injection vulnerabilities in Gespage before 7.4.9 allow remote attackers to execute arbitrary SQL commands via the (1) show_prn parameter...
Multiple cross-site scripting (XSS) vulnerabilities in Gespage before 7.4.9 allow remote attackers to inject arbitrary web script or HTML via the (1) ...
Magento Community Edition and Enterprise Edition before 2.0.10 and 2.1.x before 2.1.2 have CSRF resulting in deletion of a customer address from an ad...
The StackIdeas EasyDiscuss (aka com_easydiscuss) extension before 4.0.21 for Joomla! allows XSS.
The Apache Sling JCR ContentLoader 2.1.4 XmlReader used in the Sling JCR content loader module makes it possible to import arbitrary files in the cont...
cgi-bin/drknow.cgi in Innotube ITGuard-Manager 0.0.0.1 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the userna...
PoDoFo 0.9.5 does not properly validate memcpy arguments in the PdfMemoryOutputStream::Write function (base/PdfOutputStream.cpp). Remote attackers cou...
In PoDoFo 0.9.5, there is an integer overflow in the PdfObjectStreamParserObject::ReadObjectsFromStream function (base/PdfObjectStreamParserObject.cpp...
In the "Media from FTP" plugin before 9.85 for WordPress, Directory Traversal exists via the searchdir parameter to the wp-admin/admin.php?page=mediaf...
The Easy Custom Auto Excerpt plugin 2.4.6 for WordPress has XSS via the tonjoo_ecae_options[custom_css] parameter to the wp-admin/admin.php?page=tonjo...
The tabs-responsive plugin 1.8.0 for WordPress has XSS via the post_title parameter to wp-admin/post.php.
SAP Startup Service, SAP KERNEL 7.45, 7.49, and 7.52, is missing an authentication check for functionalities that require user identity and cause cons...
In SAP Solution Manager 7.20, the role SAP_BPO_CONFIG gives the Business Process Operations (BPO) configuration user more authorization than required ...
A remote unauthenticated attacker, SAP HANA 1.00 and 2.00, could send specially crafted SOAP requests to the SAP Startup Service and disclose informat...
SAP NetWeaver, SAP BASIS from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.52, contains code that allows you to execute arbitrary...
Integer underflow in the mov_read_default function in libavformat/mov.c in FFmpeg before 2.4.6 allows remote attackers to obtain sensitive information...
The Google V8 engine, as used in Google Chrome before 44.0.2403.89 and QtWebEngineCore in Qt before 5.5.1, allows remote attackers to cause a denial o...
PHP Melody version 2.7.1 suffer from SQL Injection Time-based attack on the page ajax.php with the parameter playlist.
Multiple buffer overflows in BarCodeWiz BarCode before 6.7 ActiveX control (BarcodeWiz.DLL) allow remote attackers to execute arbitrary code via a lon...
A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function get_net_ns_by_id() in net/...
MatrixSSL version 3.7.2 has an incorrect UTCTime date range validation in its X.509 certificate validation process resulting in some certificates have...
IBM UrbanCode Deploy (UCD) 6.1 and 6.2 could allow an authenticated user to edit objects that they should not have access to due to improper access co...
IBM WebSphere MQ 7.0, 7.1, 7.5, 8.0, and 9.0 service trace module could be used to execute untrusted code under 'mqm' user. IBM X-Force ID: 132953.
IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote at...
IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persua...
IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, whic...
IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 could allow a remote attacker to traverse directories on the system. An attacker could send a speci...
rui Li finecms 5.0.10 is vulnerable to a reflected XSS in the file Weixin.php.
An Improper Authentication issue was discovered in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1. Successful exploitation of this v...
A Man-in-the-Middle issue was discovered in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1. Successful exploitation of this vulnerab...
VNC server implementation in Quick Emulator (QEMU) 2.11.0 and older was found to be vulnerable to an unbounded memory allocation issue, as it did not ...
It was found that system umask policy is not being honored when creating XDG user directories, since Xsession sources xdg-user-dirs.sh before setting ...
A Buffer Overflow issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1400 Controllers, Series B and C Versions 21.002 and earlier. T...
An Cleartext Storage of Sensitive Information issue was discovered in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1. Successful exp...
SEMA driver in Intel Driver and Support Assistant before version 3.1.1 allows a local attacker the ability to read and writing to Memory Status regist...
An Out-of-bounds Read issue was discovered in Adobe Flash Player before 28.0.0.137. This vulnerability occurs because of computation that reads data t...
Sulu-standard version 1.6.6 is vulnerable to stored cross-site scripting vulnerability, within the page creation page, which can result in disruption ...
The "SagePay Server Gateway for WooCommerce" plugin before 1.0.9 for WordPress has XSS via the includes/pages/redirect.php page parameter.
Microsoft .NET Framework 1.1, 2.0, 3.0, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 5.7 and .NET Core 1.0. 1.1 and 2.0 allow a denial of s...
ASP.NET Core 1.0. 1.1, and 2.0 allow an elevation of privilege vulnerability due to the ASP.NET Core project templates, aka "ASP.NET Core Elevation Of...
ASP.NET Core 1.0. 1.1, and 2.0 allow a cross site request forgery vulnerability due to the ASP.NET Core project templates, aka "ASP.NET Core Cross Sit...
Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, .NET Core 1.0 and 2.0, and PowerShell Core 6.0.0 allow a ...
Microsoft SharePoint Foundation 2010, Microsoft SharePoint Server 2013 and Microsoft SharePoint Server 2016 allow an elevation of privilege vulnerabil...
Microsoft SharePoint Foundation 2010, Microsoft SharePoint Server 2013 and Microsoft SharePoint Server 2016 allow an elevation of privilege vulnerabil...
Microsoft Outlook 2007, Microsoft Outlook 2010, Microsoft Outlook 2013, and Microsoft Outlook 2016 allow a remote code execution vulnerability due to ...
Microsoft Word 2016 in Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft...
Microsoft Outlook 2007, Microsoft Outlook 2010 and Microsoft Outlook 2013 allow a remote code execution vulnerability due to the way email messages ar...
Microsoft Word in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulner...
Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled...
Microsoft Excel in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulne...
Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way RTF content is hand...
Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulne...
Microsoft Access in Microsoft SharePoint Enterprise Server 2013 and Microsoft SharePoint Enterprise Server 2016 allows a cross-site-scripting (XSS) vu...
Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulne...
Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulner...
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remo...
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remo...
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remo...
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remo...
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remo...
Microsoft ChakraCore allows an attacker to bypass Control Flow Guard (CFG) in conjunction with another vulnerability to run arbitrary code on a target...
Microsoft Office 2016 for Mac allows an attacker to send a specially crafted email attachment to a user in an attempt to launch a social engineering a...
The Symantec ProxySG 6.5 (prior to 6.5.10.6), 6.6, and 6.7 (prior to 6.7.2.1) management console is susceptible to a reflected XSS vulnerability. A re...
The Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 (prior to 6.7.2.1), ProxySG 6.5 (prior to 6.5.10.6), ProxySG 6.6, and ProxySG 6.7 (prior to 6....
flatCore-CMS 1.4.6 is vulnerable to reflected XSS in user_management.php due to the use of $_SERVER['PHP_SELF'] to build links and a stored XSS in the...
When an Apache Geode cluster before v1.3.0 is operating in secure mode and an authenticated user connects to a Geode cluster using the gfsh tool with ...
When an Apache Geode cluster before v1.3.0 is operating in secure mode, a user with read access to specific regions within a Geode cluster may execute...
When an Apache Geode cluster before v1.3.0 is operating in secure mode, a user with read access to specific regions within a Geode cluster may execute...
Redmine before 3.2.9, 3.3.x before 3.3.6, and 3.4.x before 3.4.4 does not block the --config and --debugger flags to the Mercurial hg program, which a...
Discuz! DiscuzX X3.4 has XSS via the view parameter to include/space/space_poll.php, as demonstrated by a mod=space do=poll request to home.php.
A flaw in the way URLs are escaped and encoded in the org.apache.sling.xss.impl.XSSAPIImpl#getValidHref and org.apache.sling.xss.impl.XSSFilterImpl#is...
In Apache ActiveMQ 5.x before 5.14.2, an instance of a cross-site scripting vulnerability was identified to be present in the web based administration...
It was found that FreeIPA 4.2.0 and later could disclose password hashes to users having the 'System: Read Stage Users' permission. A remote, authenti...
In Hibernate Validator 5.2.x before 5.2.5 final, 5.3.x, and 5.4.x, it was found that when the security manager's reflective permissions, which allows ...
In Undertow 2.x before 2.0.0.Alpha2, 1.4.x before 1.4.17.Final, and 1.3.x before 1.3.31.Final, it was found that the fix for CVE-2017-2666 was incompl...
IBM QRadar 7.2 and 7.3 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended ...
IBM Security Access Manager Appliance 8.0.0 and 9.0.0 specifies permissions for a security-critical resource in a way that allows that resource to be ...
IBM Security Access Manager Appliance 9.0.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code ...
IBM Security Access Manager Appliance 8.0.0 and 9.0.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By per...
IBM QRadar 7.2 and 7.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus al...
Multiple persistent stored Cross-Site-Scripting (XSS) vulnerabilities in the files /wb/admin/admintools/tool.php (Droplet Description) and /install/in...
(1) lib/dataset/database/mysql.rb and (2) lib/dataset/database/postgresql.rb in the codders-dataset gem 1.3.2.1 for Ruby place credentials on the mysq...
lib/cap-strap/helpers.rb in the cap-strap gem 0.1.5 for Ruby places credentials on the useradd command line, which allows local users to obtain sensit...
(1) lib/backup/cli/utility.rb in the backup-agoddard gem 3.0.28 and (2) lib/backup/cli/utility.rb in the backup_checksum gem 3.0.23 for Ruby place cre...
lib/gyazo/client.rb in the gyazo gem 1.0.0 for Ruby allows local users to write to arbitrary files via a symlink attack on a temporary file, related t...
Race condition in lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allows local users to obtain sensitive information by reading the ...
lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allows local users to write to arbitrary files via a symlink attack on /tmp/my.cnf.#...
lib/commands/setup.rb in the point-cli gem 0.0.1 for Ruby places credentials on the curl command line, which allows local users to obtain sensitive in...
test/tc_database.rb in the lean-ruport gem 0.3.8 for Ruby places the mysql user password on the mysqldump command line, which allows local users to ob...
vendor/plugins/dataset/lib/dataset/database/mysql.rb in the kajam gem 1.0.3.rc2 for Ruby places the mysql user password on the (1) mysqldump command l...
The login function in lib/lawn.rb in the lawn-login gem 0.0.7 for Ruby places credentials on the curl command line, which allows local users to obtain...
lib/ksymfony1.rb in the kcapifony gem 2.1.6 for Ruby places database user passwords on the (1) mysqldump, (2) pg_dump, (3) mysql, and (4) psql command...
The lynx gem before 1.0.0 for Ruby places the configured password on command lines, which allows local users to obtain sensitive information by listin...
chef/travis-cookbooks/ci_environment/perlbrew/recipes/default.rb in the ciborg gem 3.0.0 for Ruby allows local users to write to arbitrary files and g...
lib/brbackup.rb in the brbackup gem 0.1.1 for Ruby places the database password on the mysql command line, which allows local users to obtain sensitiv...
In Flexense VX Search Enterprise v10.1.12, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVER_...
In Flexense Disk Pulse Enterprise v10.1.18, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVER...
In Flexense Sync Breeze Enterprise v10.1.16, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVE...
In Flexense DiskBoss Enterprise 8.5.12, the Control Protocol suffers from a denial of service vulnerability. The attack vector is a crafted SERVER_GET...
Cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.7,...
Cross-site scripting (XSS) vulnerability in the Captive Portal function in Palo Alto Networks PAN-OS before 8.0.7 allows remote attackers to inject ar...
FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CV...
Directory traversal in the HTTP server on Yawcam 0.2.6 through 0.6.0 devices allows attackers to read arbitrary files through a sequence of the form '...
Palo Alto Networks PAN-OS 6.1, 7.1, and 8.0.x before 8.0.7, when an interface implements SSL decryption with RSA enabled or hosts a GlobalProtect port...
Office Tracker 11.2.5 has XSS via the logincount parameter to the /otweb/OTPClientLogin URI.
AvantFAX 3.3.3 has XSS via an arbitrary parameter name to the default URI, as demonstrated by a parameter whose name contains a SCRIPT element and who...
In Enterprise Networking Operating System (ENOS) in Lenovo and IBM RackSwitch and BladeCenter products, an authentication bypass known as "HP Backdoor...
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, manipulation of SafeSwitch Image data ...
It was discovered that the jboss init script as used in Red Hat JBoss Enterprise Application Platform 7.0.7.GA performed unsafe file handling which co...
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a LayerStack can be destroyed in betwe...
A buffer overflow in Handy Password 4.9.3 allows remote attackers to execute arbitrary code via a long "Title name" field in "mail box" data that is m...
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while updating a firmware image, data ...
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while flashing ubi image an uninitiali...
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing sparse image, uniniti...
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a user supplied spars...
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a potential buffer overflow v...
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while performing update of FOTA partit...
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while updating the recovery message fo...
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the pp_pgc_get_config() graphics dr...
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, by calling an IPA ioctl and searching ...
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, an invalid input of firmware size (neg...
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the SPCom kernel driver, a race con...
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the fastrpc kernel driver, a buffer...
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, userspace can read values from audio c...
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a specially-crafted HDMI CEC message c...
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, concurrent rx notifications and read()...
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, if userspace provides a too-large IE l...
A remote, unauthenticated attacker may be able to execute code by exploiting a use-after-free defect found in older versions of PHP through injection ...
On SRX Series and MX Series devices with a Service PIC with any ALG enabled, a crafted TCP/IP response packet processed through the device results in ...
A specially crafted MPLS packet received or processed by the system, on an interface configured with MPLS, will store information in the system memory...
A sustained sequence of different types of normal transit traffic can trigger a high CPU consumption denial of service condition in the Junos OS regis...
QFX and EX Series switches configured to drop traffic when the MAC move limit is exceeded will forward traffic instead of dropping traffic. This can l...
A high rate of VLAN authentication attempts sent from an adjacent host on the local broadcast domain can trigger high memory utilization by the BBE su...
An unauthenticated network-based attacker able to send a maliciously crafted LLDP packet to the local segment, through a local segment broadcast, may ...
An unauthenticated root login may allow upon reboot when a commit script is used. A commit script allows a device administrator to execute certain ins...
On Juniper Networks SRX series devices, firewall rules configured to match custom application UUIDs starting with zeros can match all TCP traffic. Due...
A vulnerability in the Juniper Networks Junos Space Security Director allows a user who does not have SSH access to a device to reuse the URL that was...
A reflected cross site scripting (XSS) vulnerability in Junos Space may potentially allow a remote authenticated user to inject web script or HTML and...
Junos Space is affected by a privilege escalation vulnerability that may allow a local authenticated attacker to gain root privileges.
A local file inclusion vulnerability in Juniper Networks Junos Space Network Management Platform may allow an authenticated user to retrieve files fro...
Juniper Networks ScreenOS devices do not pad Ethernet packets with zeros, and thus some packets can contain fragments of system memory or data from pr...
In the Linux kernel through 3.2, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a ...
In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is...
A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to perfo...
VMware Workstation and Fusion contain a use-after-free vulnerability in VMware NAT service when IPv6 mode is enabled. This issue may allow a guest to ...
VMware Workstation and Fusion contain an integer overflow vulnerability in VMware NAT service when IPv6 mode is enabled. This issue may lead to an out...
Cross-site scripting (XSS) vulnerability in vbshout.php in DragonByte Technologies vBShout module for vBulletin allows remote attackers to inject arbi...
The check_privileges method in vmdb/app/controllers/application_controller.rb in ManageIQ, as used in Red Hat CloudForms Management Engine (CFME), all...
Directory traversal vulnerability in the web application in Symmetricom s350i 2.70.15 allows remote attackers to read arbitrary files via a (1) ../ (d...
Symmetricom s350i 2.70.15 allows remote authenticated users to gain privileges via vectors related to pushing unauthenticated users to the login page.
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface var...
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-outif variabl...
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the lcpechointerval v...
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface var...
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the iface variable in...
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variab...
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the pptphellointerval...
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-zone variable...
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the olmode variable i...
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryptio...
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variab...
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-authtype vari...
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-olmode variab...
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-bindif variab...
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-pns variable ...
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the lcpechointerval v...
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-tunnelname va...
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-remotesubnet ...
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-workmode vari...
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryptio...
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-ipgroup varia...
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the name variable in ...
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the max_conn variable...
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-time variable...
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the pptphellointerval...
Parity Browser 1.6.10 and earlier allows remote attackers to bypass the Same Origin Policy and obtain sensitive information by requesting other websit...
Race condition in Jungo Windriver 12.5.1 allows local users to cause a denial of service (buffer overflow) or gain system privileges by flipping pool ...
IBM Security Access Manager Appliance 9.0.0 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 128...
IBM WebSphere Application Server (IBM Liberty for Java for Bluemix 3.15) could allow a local attacker to obtain sensitive information, caused by impro...
IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, and 7.0.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arb...
IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting. This vulnerability allows users to em...
IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web ...
Multiple cross-site request forgery (CSRF) vulnerabilities in Family Connections CMS (aka FCMS) 2.9 and earlier allow remote attackers to hijack the a...
Multiple cross-site scripting (XSS) vulnerabilities in the Shout Reports in the DragonByte Technologies vBShout module before 6.0.6 for vBulletin allo...
Multiple cross-site scripting (XSS) vulnerabilities in the DragonByte Technologies vbActivity module before 3.0.1 for vBulletin allow remote attackers...
Multiple cross-site scripting (XSS) vulnerabilities in actions/main.php in the DragonByte Technologies Forumon RPG module before 1.0.8 for vBulletin w...
Cross-site scripting (XSS) vulnerability in downloads/actions/editdownload.php in the DragonByte Technologies vBDownloads module 1.3.2 and earlier for...
In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the IxVeriWave file parser could crash. This was addressed in wiretap/vwr.c by correcting the signatu...
In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the WCP dissector could crash. This was addressed in epan/dissectors/packet-wcp.c by validating the a...
In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the JSON, XML, NTP, XMPP, and GDB dissectors could crash. This was addressed in epan/tvbparse.c by li...
A stack-based buffer overflow within GNOME gcab through 0.7.4 can be exploited by malicious attackers to cause a crash or, potentially, execute arbitr...
Seagate Media Server in Seagate Personal Cloud has unauthenticated command injection in the uploadTelemetry and getLogs functions in views.py because ...
A use-after-free issue was discovered in Advantech WebAccess versions prior to 8.3. WebAccess allows an unauthenticated attacker to specify an arbitra...
An Unrestricted Upload Of File With Dangerous Type issue was discovered in Advantech WebAccess versions prior to 8.3. WebAccess allows a remote attack...
Cheetah Mobile CM Browser 5.22.06.0012, when installed on unspecified "older" Android platforms, allows Same Origin Policy Bypass.
Cheetah Mobile Armorfly Browser & Downloader 1.1.05.0010, when installed on unspecified "older" Android platforms, allows Same Origin Policy Bypass.
In the Linux kernel through 4.14.13, drivers/block/loop.c mishandles lo_release serialization, which allows attackers to cause a denial of service (__...
ImageMagick 7.0.7-22 Q16 has memory leaks in the ReadDCMImage function in coders/dcm.c.
ImageMagick 7.0.7-22 Q16 has memory leaks in the EncodeImageAttributes function in coders/json.c, as demonstrated by the ReadPSDLayersInternal functio...
The WPGlobus plugin 1.9.6 for WordPress has CSRF via wp-admin/options.php.
The WPGlobus plugin 1.9.6 for WordPress has XSS via the wpglobus_option[post_type][page] parameter to wp-admin/options.php.
The WPGlobus plugin 1.9.6 for WordPress has XSS via the wpglobus_option[enabled_languages][en] or wpglobus_option[enabled_languages][fr] (or any other...
The WPGlobus plugin 1.9.6 for WordPress has XSS via the wpglobus_option[browser_redirect][redirect_by_language] parameter to wp-admin/options.php.
The WPGlobus plugin 1.9.6 for WordPress has XSS via the wpglobus_option[selector_wp_list_pages][show_selector] parameter to wp-admin/options.php.
The WPGlobus plugin 1.9.6 for WordPress has XSS via the wpglobus_option[more_languages] parameter to wp-admin/options.php.
The WPGlobus plugin 1.9.6 for WordPress has XSS via the wpglobus_option[post_type][post] parameter to wp-admin/options.php.
The SrbTransLatin plugin 1.46 for WordPress has CSRF via an srbtranslatoptions action to wp-admin/options-general.php.
The SrbTransLatin plugin 1.46 for WordPress has XSS via an srbtranslatoptions action to wp-admin/options-general.php with a lang_identificator paramet...
diag_ping.cmd on D-Link DSL-2640U devices with firmware IM_1.00 and ME_1.00, and DSL-2540U devices with firmware ME_1.00, allows authenticated remote ...
The Testimonial Slider plugin through 1.2.4 for WordPress has SQL Injection via settings\sliders.php (current_slider_id parameter).
The Smooth Slider plugin through 2.8.6 for WordPress has SQL Injection via smooth-slider.php (trid parameter).
The Dbox 3D Slider Lite plugin through 1.2.2 for WordPress has SQL Injection via settings\sliders.php (current_slider_id parameter).
Discuz! DiscuzX X3.4 has XSS via the include\spacecp\spacecp_space.php appid parameter in a delete action.
Discuz! DiscuzX X3.4 has XSS via the include\spacecp\spacecp_upload.php op parameter.
Discuz! DiscuzX X3.4 allows remote attackers to bypass intended access restrictions via the archiver\index.php action parameter.
The printable searchrequest issue resource in Atlassian Jira before version 7.2.12 and from version 7.3.0 before 7.6.1 allows remote attackers to inje...
The IncomingMailServers resource in Atlassian Jira before version 7.6.2 allows remote attackers to modify the "incoming mail" whitelist setting via a ...
The issue search resource in Atlassian Jira before version 7.4.2 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scrip...
Improper verification when expanding ZIP64 archives in Lhaplus versions 1.73 and earlier may lead to unintended contents to be extracted from a specia...
NVIDIA driver contains an integer overflow vulnerability which could cause a use after free and possibly lead to an elevation of privilege enabling co...
Use-after-free vulnerability in hw/pci/pcie.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (QEMU instance cra...
cgi-bin/AZ_Retrain.cgi in Aztech ADSL DSL5018EN (1T1R), DSL705E, and DSL705EU devices does not check for authentication, which allows remote attackers...
Aztech ADSL DSL5018EN (1T1R), DSL705E, and DSL705EU devices improperly manage sessions, which allows remote attackers to bypass authentication in oppo...
Aztech ADSL DSL5018EN (1T1R), DSL705E, and DSL705EU devices allow remote attackers to obtain sensitive device configuration information via vectors in...
The backup mechanism in the adb tool in Android might allow attackers to inject additional applications (APKs) and execute arbitrary code by leveragin...
The browsing feature in the server in CUPS does not filter ANSI escape sequences from shared printer names, which might allow remote attackers to exec...
node/utils/ExportEtherpad.js in Etherpad 1.5.x before 1.5.2 might allow remote attackers to obtain sensitive information by leveraging an improper sub...
The Yodobashi App for Android 1.2.1.0 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spo...
Jolla Sailfish OS before 1.1.2.16 allows remote attackers to spoof phone numbers and trigger calls to arbitrary numbers via spaces in a tel: URL.
IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.0 before 7.0.1-ISS-SIM-FP0001 allows remote authenticated users to execut...
IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.0 before 7.0.1-ISS-SIM-FP0001 allows local users to gain administrator pr...
IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.0 before 7.0.1-ISS-SIM-FP0001 do not properly restrict failed login attem...
Cross-site request forgery (CSRF) vulnerability in IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.0 before 7.0.1-ISS-SIM...
Cross-site scripting (XSS) vulnerability in IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.0 before 7.0.1-ISS-SIM-FP0001...
Improper Permissions Handling in the Portal on FiberHome LM53Q1 VH519R05C01S38 devices (intended for obtaining information about Internet Usage, Chang...
The portal on FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38 uses SOAP based web services in order to interact with the portal. Unauthorized...
The portal on FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38 uses SOAP based web services in order to interact with the portal. Unauthorized...
Multiple SQL injection vulnerabilities in Muviko 1.1 allow remote attackers to execute arbitrary SQL commands via the (1) email parameter to login.php...
An NC-25986 issue was discovered in the Logging subsystem of Sophos XG Firewall with SFOS before 17.0.3 MR3. An unauthenticated user can trigger a per...
A stack-based buffer overflow in Flexense DiskBoss 8.8.16 and earlier allows unauthenticated remote attackers to execute arbitrary code in the context...
The Wachipi WP Events Calendar plugin 1.0 for WordPress has SQL Injection via the event_id parameter to event.php.
The Jetpack plugin before 4.0.4 for WordPress has XSS via the Likes module.
The Jetpack plugin before 4.0.3 for WordPress has XSS via a crafted Vimeo link.
An issue was discovered in Moxa MXview v2.8 and prior. The unquoted service path escalation vulnerability could allow an authorized user with file acc...
An issue was discovered in WECON Technology LEVI Studio HMI Editor v1.8.29 and prior. A specially-crafted malicious file may be able to cause a heap-b...
An issue was discovered in WECON Technology LEVI Studio HMI Editor v1.8.29 and prior. Specially-crafted malicious files may be able to cause stack-bas...
An Information Exposure issue was discovered in PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, and 48xxx Series products running firmware Version 1.0 to 1.32. ...
An Improper Authorization issue was discovered in PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, and 48xxx Series products running firmware Version 1.0 to 1.32...
In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause ...
In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allow remote attackers t...
In ImageMagick 7.0.6-10 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause...
An issue was discovered in Skybox Platform before 7.5.201. Remote Unauthenticated Code Execution exists via a WAR archive containing a JSP file. The W...
An issue was discovered in Skybox Platform before 7.5.401. Reflected cross-site scripting vulnerabilities exist in /skyboxview/webservice/services/Ver...
An issue was discovered in Skybox Platform before 7.5.201. Stored cross-site scripting vulnerabilities exist in the title, Comments, or Description fi...
An issue was discovered in Skybox Platform before 7.5.201. SQL Injection exists in /skyboxview/webservice/services/VersionWebService via a soapenv:Bod...
An issue was discovered in Skybox Platform before 7.5.201. Directory Traversal exists in /skyboxview/webskybox/attachmentdownload and /skyboxview/webs...
In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the unzip_match function in runzip.c. Remote attackers could le...
An information disclosure vulnerability in the Android framework (clipboardservice). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2,...
In MPEG4Extractor.cpp, there are several places where functions return early without cleaning up internal buffers which could lead to memory leaks. Th...
In the parseURL function of URLStreamHandler, there is improper input validation of the host field. This could lead to a remote elevation of privilege...
In several functions of libhevc, NEON registers are not preserved. This could lead to remote code execution as a privileged process with no additional...
In the initDecoder function of SoftAVCDec, there is a possible out-of-bounds write to mCodecCtx due to a use after free when buffer allocation fails. ...
In the ihevcd_allocate_static_bufs and ihevcd_create functions of SoftHEVC, there is a possible out-of-bounds write due to a use after free. Both ps_c...
In the onQueueFilled function of SoftAVCDec, there is a possible out-of-bounds write due to a use after free if a bad header causes the decoder to get...
In the doGetThumb and getThumbnail functions of MtpServer, there is a possible double free due to not NULLing out a freed pointer. This could lead to ...
In the sendFormatChange function of ACodec, there is a possible integer overflow which could lead to an out-of-bounds write. This could lead to a loca...
In the OMXNodeInstance::useBuffer and IOMX::freeBuffer functions, there is a possible use after free due to a race condition if the user frees the buf...
In the enableVSyncInjections function of SurfaceFlinger, there is a possible use after free of mVSyncInjector. This could lead to a local elevation of...
An information disclosure vulnerability in the Android media framework (libhevc). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. Android ID: A-65...
A vulnerability in the Android media framework (libavc) related to incorrect use of mmco parameters. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8....
An information disclosure vulnerability in the Android media framework (libhevc). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID:...
An information disclosure vulnerability in the Android media framework (aac). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: A-6...
A vulnerability in the Android media framework (libavc) related to handling dec_hdl memory allocation failures. Product: Android. Versions: 7.0, 7.1.1...
A vulnerability in the Android media framework (libhevc) related to handling ps_codec_obj memory allocation failures. Product: Android. Versions: 7.0,...
In the ihevcd_decode function of ihevcd_decode.c, there is an infinite loop due to an incomplete frame error. This could lead to a remote denial of se...
In the ihevcd_parse_slice_header function of ihevcd_parse_slice_header.c a slice address of zero after the first slice could result in an infinite loo...
In ihevcd_decode.c there is a possible infinite loop due to bytes for an sps of unsupported resolution resulting in the same sps being fed in over and...
A vulnerability in the Android media framework (libvpx) related to odd frame width. Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android I...
In the ihevcd_parse_sps function of ihevcd_parse_headers.c, several parameter values could be negative which could lead to negative indexes which coul...
In several places in ihevcd_decode.c, a dead loop could occur due to incomplete frames which could lead to memory leaks. This could lead to a remote d...
In the ihevcd_parse_slice.c function, slave threads are not joined if there is an error. This could lead to a remote denial of service of a critical s...
A vulnerability in the Android media framework (ex) related to composition of frames lacking a color map. Product: Android. Versions: 7.0, 7.1.1, 7.1....
In Bitmap.ccp if Bitmap.nativeCreate fails an out of memory exception is not thrown leading to a java.io.IOException later on. This could lead to a re...
An information disclosure vulnerability in the Android media framework (av) related to id3 unsynchronization. Product: Android. Versions: 7.0, 7.1.1, ...
An information disclosure vulnerability in the Android media framework (mediadrm). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8...
An information disclosure vulnerability in the Android media framework (libeffects). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2,...
An information disclosure vulnerability in the Android media framework (libavc). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: ...
An information disclosure vulnerability in the Android media framework (libavc). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID: ...
An information disclosure vulnerability in the Android media framework (libmpeg2). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. Android ID...
An information disclosure vulnerability in the Android media framework (aacdec). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0...
An information disclosure vulnerability in the Android media framework (stagefright mpeg4writer). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0. ...
In receive_packet of libnetutils/packet.c, there is a possible out-of-bounds write due to a missing bounds check on the DHCP response. This could lead...
In the ServiceManager::add function in the hardware service manager, there is an insecure permissions check based on the PID of the caller which could...
In CameraDeviceClient::submitRequestList of CameraDeviceClient.cpp, there is an out-of-bounds write if metadataSize is too small. This could lead to a...
In bta_scan_results_cb_impl of btif_ble_scanner.cc, there is possible resource exhaustion if a large number of repeated BLE scan results are received....
An elevation of privilege vulnerability in the Android system (systemui). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. Andro...
An elevation of privilege vulnerability in the Broadcom bcmdhd driver. Product: Android. Versions: Android kernel. Android ID: A-63374465. References:...
In the hardware HEVC decoder, some media files could cause a page fault. This could lead to a remote denial of service of a critical system process wi...
A elevation of privilege vulnerability in the Upstream kernel skcipher. Product: Android. Versions: Android kernel. Android ID: A-64386293. References...
In ashmem_ioctl of ashmem.c, there is an out-of-bounds write due to insufficient locking when accessing asma. This could lead to a local elevation of ...
In DisplayFtmItem in the bootloader, there is an out-of-bounds write due to reading a string without verifying that it's null-terminated. This could l...
Access to CNTVCT_EL0 in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear could be used for side channel attacks and this c...
A denial of service vulnerability in the Upstream kernel synaptics touchscreen controller. Product: Android. Versions: Android kernel. Android ID: A-6...
An elevation of privilege vulnerability in the Upstream kernel bluez. Product: Android. Versions: Android kernel. Android ID: A-63527053.
An elevation of privilege vulnerability in the Upstream kernel wifi driver. Product: Android. Versions: Android kernel. Android ID: A-64709938.
An information disclosure vulnerability in the Upstream kernel kernel. Product: Android. Versions: Android kernel. Android ID: A-38159576.
In libMtkOmxVdec.so there is a possible heap buffer overflow. This could lead to a remote elevation of privilege enabling code execution as a privileg...
An elevation of privilege vulnerability in the MediaTek mtk. Product: Android. Versions: Android kernel. Android ID: A-32591194. References: M-ALPS031...
An issue was discovered in the dark-mode plugin 1.6 for WordPress. XSS exists via the wp-admin/profile.php dark_mode_start parameter.
An issue was discovered in the dark-mode plugin 1.6 for WordPress. XSS exists via the wp-admin/profile.php dark_mode_end parameter.
An issue was discovered in the weblizar-pinterest-feeds plugin 1.1.1 for WordPress. XSS exists via the wp-admin/admin-ajax.php weblizar_pffree_setting...
An issue was discovered in the weblizar-pinterest-feeds plugin 1.1.1 for WordPress. XSS exists via the wp-admin/admin-ajax.php PFFREE_Access_Token par...
An issue was discovered in the weblizar-pinterest-feeds plugin 1.1.1 for WordPress. XSS exists via the wp-admin/admin-ajax.php security parameter.
An issue was discovered in the weblizar-pinterest-feeds plugin 1.1.1 for WordPress. CSRF exists via wp-admin/admin-ajax.php.
An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress. XSS exists via the wp-admin/admin.php counter_title_icon param...
An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress. CSRF exists via wp-admin/admin.php.
An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress. XSS exists via the wp-admin/admin.php coming-soon_title parame...
An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress. XSS exists via the wp-admin/admin.php coming-soon_sub_title pa...
An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress. XSS exists via the wp-admin/admin.php logo_width parameter.
An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress. XSS exists via the wp-admin/admin.php counter_title parameter.
An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress. XSS exists via the wp-admin/admin.php button_text_link paramet...
An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress. XSS exists via the wp-admin/admin.php social_icon_1 parameter.
An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress. XSS exists via the wp-admin/admin.php logo_height parameter.
An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress. XSS exists via the wp-admin/admin.php bg_color parameter.
An issue was discovered in the read-and-understood plugin 2.1 for WordPress. XSS exists via the wp-admin/options-general.php rnu_username_validation_p...
An issue was discovered in the read-and-understood plugin 2.1 for WordPress. XSS exists via the wp-admin/options-general.php rnu_username_validation_t...
An issue was discovered in the read-and-understood plugin 2.1 for WordPress. CSRF exists via wp-admin/options-general.php.
An issue was discovered in the booking-calendar plugin 2.1.7 for WordPress. XSS exists via the wp-admin/admin.php sale_conditions[count][] parameter.
An issue was discovered in the booking-calendar plugin 2.1.7 for WordPress. XSS exists via the wp-admin/admin.php extra_field1[items][field_item1][pri...
An issue was discovered in the booking-calendar plugin 2.1.7 for WordPress. XSS exists via the wp-admin/admin.php form_field5[label] parameter.
An issue was discovered in the booking-calendar plugin 2.1.7 for WordPress. CSRF exists via wp-admin/admin.php.
PrestaShop 1.7.2.4 has XSS via source-code editing on the "Pages > Edit page" screen.
PrestaShop 1.7.2.4 allows user enumeration via the Reset Password feature, by noticing which reset attempts do not produce a "This account does not ex...
Shibboleth XMLTooling-C before 1.6.3, as used in Shibboleth Service Provider before 2.6.0 on Windows and other products, mishandles digital signatures...
LibTIFF before 4.0.6 mishandles the reading of TIFF files, as demonstrated by a heap-based buffer over-read in the ReadTIFFImage function in coders/ti...
In Libav through 12.2, there is an invalid memcpy call in the ff_mov_read_stsd_entries function of libavformat/mov.c. Remote attackers could leverage ...
In GraphicsMagick 1.3.27, there is an infinite loop and application hang in the ReadBMPImage function (coders/bmp.c). Remote attackers could leverage ...
In MuPDF 1.12.0, there is an infinite loop vulnerability and application hang in the pdf_parse_array function (pdf/pdf-parse.c) because EOF is not con...
NewsBee allows XSS via the Company Name field in the Settings under admin/admin.php.
Cross-site scripting (XSS) vulnerability in admin/auth.php in Dotclear 2.12.1 allows remote authenticated users to inject arbitrary web script or HTML...
Cross-site scripting (XSS) vulnerability in admin/users.php in Dotclear 2.12.1 allows remote authenticated users to inject arbitrary web script or HTM...
SonicWall Global Management System (GMS) 8.1 has XSS via the `newName` and `Name` values of the `/sgms/TreeControl` module.
Piwigo v2.8.2 has XSS via the `tab`, `to`, `section`, `mode`, `installstatus`, and `display` parameters of the `admin.php` file.
The LinuxMagic MagicSpam extension before 2.0.14-1 for Plesk allows local users to discover mailbox names by reading /var/log/magicspam/mslog.
The callforward module in User Control Panel (UCP) in Nicolas Gudino (aka Asternic) Flash Operator Panel (FOP) 2.31.03 allows remote authenticated use...
The WpJobBoard plugin 4.4.4 for WordPress allows SQL injection via the order or sort parameter to the wpjb-job or wpjb-alerts module, with a request t...
The iJoomla com_adagency plugin 6.0.9 for Joomla! allows SQL injection via the `advertiser_status` and `status_select` parameters to index.php.
Icy Phoenix 2.2.0.105 allows SQL injection via an unapprove request to admin_kb_art.php or the order parameter to admin_jr_admin.php, related to funct...
libreadstat.a in WizardMac ReadStat 0.1.1 has a heap-based buffer over-read via an unterminated string.
A use-after-free flaw was found in fs/userfaultfd.c in the Linux kernel before 4.13.6. The issue is related to the handling of fork failure when deali...
A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13. A superfluous implicit page unlock for VM_S...
A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13.12. A lack of size check could cause a denia...
ILIAS before 5.2.4 has XSS via the cmd parameter to the displayHeader function in setup/classes/class.ilSetupGUI.php in the Setup component.
Winmail Server through 6.2 allows remote code execution by authenticated users who leverage directory traversal in a netdisk.php copy_folder_file call...
FoxSash ImgHosting 1.5 (according to footer information) is vulnerable to XSS attacks. The affected function is its search engine via the search param...
Transmission through 2.92 relies on X-Transmission-Session-Id (which is not a forbidden header for Fetch) for access control, which allows remote atta...
ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 allows access to various /UserManagement/ privileged modules without authenticating the user; an attacker can ...
ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 is vulnerable to Cross-Site Request Forgery (CSRF) on /CWEBNET/* authenticated pages. A successful CSRF attack...
The download-manager plugin before 2.9.52 for WordPress has XSS via the id parameter in a wpdm_generate_password action to wp-admin/admin-ajax.php.
The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.14.11 allows attackers to cause a denial of service (slab out-o...
Open On-Chip Debugger (OpenOCD) 0.10.0 does not block attempts to use HTTP POST for sending data to 127.0.0.1 port 4444, which allows remote attackers...
An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16...
An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The pre-defined function "strlen" is getting a "NULL" string as a parameter value i...
gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, ha...
An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404...
An issue was discovered in Octopus Deploy before 4.1.9. Any user with user editing permissions can modify teams to give themselves Administer System p...
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while calculating CRC for GPT header f...
Multiple cross-site scripting (XSS) vulnerabilities in TorrentFlux 2.4 allow (1) remote attackers to inject arbitrary web script or HTML by leveraging...
jQuery 1.4.2 allows remote attackers to conduct cross-site scripting (XSS) attacks via vectors related to use of the text method inside after.
Use-after-free vulnerability in dwarfdump in libdwarf 20130126 through 20140805 might allow remote attackers to cause a denial of service (program cra...
Directory traversal vulnerability in the do_extract_currentfile function in miniunz.c in miniunzip in minizip before 1.1-5 might allow remote attacker...
Cross-site scripting (XSS) vulnerability in Jazz Foundation in IBM Rational Engineering Lifecycle Manager 3.0 before 3.0.1.6 iFix7 Interim Fix 1, 4.0 ...
IBM Rational Engineering Lifecycle Manager 3.0 before 3.0.1.6 iFix7 Interim Fix 1 and 4.0 before 4.0.7 iFix10 allow remote authenticated users with ac...
Cross-site scripting (XSS) vulnerability in IBM Rational Engineering Lifecycle Manager 3.0 before 3.0.1.6 iFix7 Interim Fix 1, 4.0 before 4.0.7 iFix10...
Cross-site scripting (XSS) vulnerability in IBM Rational Engineering Lifecycle Manager 3.0 before 3.0.1.6 iFix7 Interim Fix 1, 4.0 before 4.0.7 iFix10...
IBM Algorithmics One-Algo Risk Application (ARA) 4.9.1 through 5.1.0 allows remote authenticated users to conduct clickjacking attacks via unspecified...
IBM DB2 9.7, 10.1 before FP6, and 10.5 before FP8 on AIX, Linux, HP, Solaris and Windows allow remote authenticated users to cause a denial of service...
XML external entity (XXE) vulnerability in IBM Rational Team Concert 3.0 before 3.0.1.6 iFix7 Interim Fix 1, 4.0 before 4.0.7 iFix10, 5.0 before 5.0.2...
K7 Antivirus Premium before 15.1.0.53 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a specific set ...
K7 Antivirus Premium before 15.1.0.53 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a specific set ...
K7 Antivirus Premium before 15.1.0.53 allows local users to gain privileges by sending a specific IOCTL after setting the memory in a particular way.
K7 Antivirus Premium before 15.1.0.53 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a specific set ...
K7 Antivirus Premium before 15.1.0.53 allows local users to gain privileges by sending a specific IOCTL after setting the memory in a particular way.
K7 Antivirus Premium before 15.1.0.53 allows local users to write to arbitrary memory locations, and consequently gain privileges, via a specific set ...
K7 Antivirus Premium before 15.1.0.53 allows local users to gain privileges by sending a specific IOCTL after setting the memory in a particular way.
In K7 Antivirus Premium before 15.1.0.53, user-controlled input can be used to allow local users to write to arbitrary memory locations.
K7 Antivirus Premium before 15.1.0.53 allows local users to gain privileges by sending a specific IOCTL after setting the memory in a particular way.
In K7 Antivirus Premium before 15.1.0.53, user-controlled input to the K7Sentry device is not sufficiently authenticated: a local user with a LOW inte...
Cross-site scripting (XSS) vulnerability in Zimbra Collaboration Suite (aka ZCS) before 8.8.0 Beta2 might allow remote attackers to inject arbitrary w...
ZyXEL P-660HW v3 devices allow remote attackers to cause a denial of service (router unreachable/unresponsive) via a flood of fragmented UDP packets.
BizLogic xnami 1.0 has XSS via the comment parameter in an addComment action to the /media/ajax URI.
In Malwarefox Anti-Malware 2.72.169, the driver file (zam64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified o...
In Malwarefox Anti-Malware 2.72.169, the driver file (zam64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified o...
In the Linux kernel 4.12, 3.10, 2.6 and possibly earlier versions a race condition vulnerability exists in the sound system, this can lead to a deadlo...
phprint.php in SugarCRM 3.5.1 has XSS via a parameter name in the query string (aka a $key variable).
A cross site scripting issue has been found in custompage.cgi in Pulse Secure Pulse Connect Secure (PCS) before 8.0R17.0, 8.1.x before 8.1R13, 8.2.x b...
A stack-based Buffer Overflow Vulnerability exists in the web server in Pulse Secure Pulse Connect Secure (PCS) before 8.3R4 and Pulse Policy Secure (...
MASTER IPCAMERA01 3.3.4.2103 devices have a hardcoded password of cat1029 for the root account.
MASTER IPCAMERA01 3.3.4.2103 devices allow Unauthenticated Configuration Download and Upload, as demonstrated by restore.cgi.
MASTER IPCAMERA01 3.3.4.2103 devices allow Unauthenticated Configuration Change, as demonstrated by the port number of the web server.
MASTER IPCAMERA01 3.3.4.2103 devices allow remote attackers to obtain sensitive information via a crafted HTTP request, as demonstrated by the usernam...
In OpenJPEG 2.3.0, there is an integer overflow vulnerability in the opj_t1_encode_cblks function (openjp2/t1.c). Remote attackers could leverage this...
Cobham Sea Tel 121 build 222701 devices allow remote attackers to obtain potentially sensitive information via a /cgi-bin/getSysStatus request, as dem...
Stack-based buffer overflow in the ej_update_variables function in router/httpd/web.c on ASUS routers (when using software from https://github.com/RMe...
The Trello importer in Atlassian Jira before version 7.6.1 allows remote attackers to access the content of internal network resources via a Server Si...
Hancom NEO versions 9.6.1.5183 and earlier have a buffer Overflow vulnerability that leads remote attackers to execute arbitrary commands when perform...
The Neon app 1.6.14 iOS does not verify X.509 certificates from SSL servers, which allows remote attackers to spoof servers and obtain sensitive infor...
In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the ucompthread function (stream.c). Remote attackers could leverage this vulnerabil...
The parse_arguments function in options.c in rsyncd in rsync before 3.1.3 does not prevent multiple --protect-args uses, which allows remote attackers...
Untrusted search path in Intel Graphics Driver 15.40.x.x, 15.45.x.x, and 21.20.x.x allows unprivileged user to elevate privileges via local access.
Vulnerability in the Oracle Business Intelligence Enterprise Edition component of Oracle Fusion Middleware (subcomponent: Analytics Web Dashboards). T...
Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Web Server Plugin). The supported version that is affe...
Vulnerability in the Oracle JDeveloper component of Oracle Fusion Middleware (subcomponent: Deployment). Supported versions that are affected are 11.1...
Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 12.1.0.2 and 12.2.0.1. Easily exploitabl...
Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub component of Oracle PeopleSoft Products (subcomponent: Enterprise Portal). The support...
Input validation error in Intel MinnowBoard 3 Firmware versions prior to 0.65 allow local attacker to cause denial of service via UEFI APIs.
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11.3. Di...
Vulnerability in the Oracle HTTP Server component of Oracle Fusion Middleware (subcomponent: Web Listener). Supported versions that are affected are 1...
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). Supported versions that are affected are 5.5.58 and pr...
Vulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware (subcomponent: Content Server). The supported version that is affe...
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.7.20 and prior....
Vulnerability in the Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: Remote Console Application). S...
Vulnerability in the Oracle Communications Order and Service Management component of Oracle Communications Applications (subcomponent: Portal). Suppor...
Vulnerability in the Integrated Lights Out Manager (ILOM) component of Oracle Sun Systems Products Suite (subcomponent: Remote Console Application). S...
Vulnerability in the Java ME SDK component of Oracle Java Micro Edition (subcomponent: Installer). The supported version that is affected is 8.3. Easi...
Vulnerability in the Oracle Communications Unified Inventory Management component of Oracle Communications Applications (subcomponent: Portal). Suppor...
Vulnerability in the Oracle Communications Unified Inventory Management component of Oracle Communications Applications (subcomponent: Portal). Suppor...
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: GIS). Supported versions that are affected are 5.6.38 and prior and...
Vulnerability in the Siebel CRM Desktop component of Oracle Siebel CRM (subcomponent: Outlook Client). Supported versions that are affected are 16.0 a...
Vulnerability in the Core RDBMS component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, and 12.2.0.1. Diffic...
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.20 and prior. Ea...
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11.3. Ea...
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 11.3. Di...
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected ar...
Vulnerability in the Oracle Applications DBA component of Oracle E-Business Suite (subcomponent: ADPatch). Supported versions that are affected are 12...
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u161, 8u152 and 9....
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: ...
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Stored Procedure). Supported versions that are affected are 5.6.38 and prio...
Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Advanced UI). The supported version that is affected ...
Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/Net). Supported versions that are affected are 6.9.9 and prio...
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.20 and prior. Ea...
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: LDAP). Supported versions that are affected are Jav...
Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Enterprise Server). Supported versions th...
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Supported versions that are affected are 5.6.3...
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Partition). Supported versions that are affected are 5.6.38 and pr...
Vulnerability in the Oracle Financial Services Balance Sheet Planning component of Oracle Financial Services Applications (subcomponent: User Interfac...
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: PIA Core Technology). Supported versions...
Vulnerability in the Hyperion BI+ component of Oracle Hyperion (subcomponent: Foundation UI & Servlets). The supported version that is affected is 11....
Vulnerability in the Hyperion BI+ component of Oracle Hyperion (subcomponent: Foundation UI & Servlets). The supported version that is affected is 11....
Vulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware (subcomponent: Content Server). Supported versions that are affect...
Vulnerability in the Oracle Hospitality Cruise Dining Room Management component of Oracle Hospitality Applications (subcomponent: SilverWhere). The su...
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Jav...
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.20 and pri...
Vulnerability in the Oracle Internet Directory component of Oracle Fusion Middleware (subcomponent: Oracle Directory Services Manager). Supported vers...
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: I18n). Supported versions that are affected are Java SE: 6u1...
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected ar...
Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications (subcomponent: Base). The supported version that is ...
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Integration Broker). Supported versions ...
Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications (subcomponent: Base). Supported versions that are af...
Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications (subcomponent: Base). The supported version that is ...
Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Security). The supported version that is ...
Vulnerability in the Oracle Agile PLM component of Oracle Supply Chain Products Suite (subcomponent: Security). Supported versions that are affected a...
Vulnerability in the Hyperion Data Relationship Management component of Oracle Hyperion (subcomponent: Access and security). The supported version tha...
Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: Core Services). The supported ve...
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.38 and prior and 5.7....
Vulnerability in the Oracle Argus Safety component of Oracle Health Sciences Applications (subcomponent: Login). Supported versions that are affected ...
Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported v...
Vulnerability in the OSS Support Tools component of Oracle Support Tools (subcomponent: Diagnostic Assistant). The supported version that is affected ...
Vulnerability in the OSS Support Tools component of Oracle Support Tools (subcomponent: Diagnostic Assistant). The supported version that is affected ...
Vulnerability in the OSS Support Tools component of Oracle Support Tools (subcomponent: Diagnostic Assistant). The supported version that is affected ...
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java...
Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Security). The supported version that is ...
Vulnerability in the Primavera Unifier component of Oracle Construction and Engineering Suite (subcomponent: Platform). Supported versions that are af...
Vulnerability in the Oracle Hospitality Cruise Shipboard Property Management System component of Oracle Hospitality Applications (subcomponent: Mobile...
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.58 and prior, 5....
Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: User Interface). The supported v...
Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: User Interface). The supported v...
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected a...
Vulnerability in the Oracle Financial Services Balance Sheet Planning component of Oracle Financial Services Applications (subcomponent: User Interfac...
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Installer). Supported versions that are affected are Java SE: 8u152 and 9.0.1....
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JGSS). Supported versions that are affected are Jav...
Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Security Management System)....
Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: Security). Supported versions tha...
Vulnerability in the Siebel Engineering - Installer and Deployment component of Oracle Siebel CRM (subcomponent: Siebel Approval Manager). Supported v...
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Jav...
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JGSS). Supported versions that are affected are Java SE: 7u1...
Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Login). Supported versions that are affecte...
Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Security). Supported versions that are af...
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). Supported versions that are affected are Java...
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u152 and 9.0.1...
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u152 and 9.0.1...
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and pri...
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u17...
Vulnerability in the Oracle Argus Safety component of Oracle Health Sciences Applications (subcomponent: File Upload). Supported versions that are aff...
Vulnerability in the Oracle Argus Safety component of Oracle Health Sciences Applications (subcomponent: Case Selection). Supported versions that are ...
Vulnerability in the Oracle Argus Safety component of Oracle Health Sciences Applications (subcomponent: Worklist). Supported versions that are affect...
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Supported versions that are affected are 5.6.3...
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). Supported versions that are affected are 5.7.20 and prior. Ea...
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.38 and p...
Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported v...
Vulnerability in the Oracle FLEXCUBE Universal Banking component of Oracle Financial Services Applications (subcomponent: Infrastructure). Supported v...
Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications (subcomponent: Report). Supported version...
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: XML Publisher). Supported versions that ...
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Integration Broker). Supported versions ...
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Connected Query). Supported versions tha...
Vulnerability in the PeopleSoft Enterprise HCM Human Resources component of Oracle PeopleSoft Products (subcomponent: Company Dir / Org Chart Viewer)....
Vulnerability in the Oracle Work in Process component of Oracle E-Business Suite (subcomponent: Assemble/Configure to Order). Supported versions that ...
Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Data Manager Server). Supported versions that are affec...
Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u1...
Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products (subcomponent: Web Runtime SEC). The supported version tha...
Vulnerability in the JD Edwards EnterpriseOne Tools component of Oracle JD Edwards Products (subcomponent: Web Runtime SEC). The supported version tha...
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure component of Oracle Financial Services Applications (subcomponen...
Vulnerability in the Oracle Financial Services Analytical Applications Infrastructure component of Oracle Financial Services Applications (subcomponen...
Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: Security). Supported versions tha...
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected ar...
Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: User Interface). The supported v...
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and pri...
Vulnerability in the Oracle Hospitality Labor Management component of Oracle Hospitality Applications (subcomponent: Webservice Endpoint). Supported v...
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.7.20 and pri...
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.5.58 and pri...
Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications (subcomponent: Report). Supported version...
Vulnerability in the Oracle Financial Services Profitability Management component of Oracle Financial Services Applications (subcomponent: User Interf...
Vulnerability in the PeopleSoft Enterprise SCM Purchasing component of Oracle PeopleSoft Products (subcomponent: Supplier Registration). The supported...
Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: POS). Supported versions that are affecte...
Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: POS). Supported versions that are affecte...
Vulnerability in the Oracle FLEXCUBE Direct Banking component of Oracle Financial Services Applications (subcomponent: Logoff). Supported versions tha...
Vulnerability in the Java Advanced Management Console component of Oracle Java SE (subcomponent: Server). The supported version that is affected is Ja...
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5...
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u17...
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Jav...
Vulnerability in the Oracle Financial Services Profitability Management component of Oracle Financial Services Applications (subcomponent: User Interf...
Vulnerability in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2 and 12.2.0.1. Difficult ...
Vulnerability in the PeopleSoft Enterprise HCM Human Resources component of Oracle PeopleSoft Products (subcomponent: Security). The supported version...
Vulnerability in the Oracle Financial Services Liquidity Risk Management component of Oracle Financial Services Applications (subcomponent: User Inter...
Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: POS). Supported versions that are affecte...
Vulnerability in the Oracle User Management component of Oracle E-Business Suite (subcomponent: Registration Process). Supported versions that are aff...
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5...
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5...
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5...
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5...
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5...
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5...
Vulnerability in the Oracle User Management component of Oracle E-Business Suite (subcomponent: Proxy User Delegation). Supported versions that are af...
Vulnerability in the Oracle Financial Services Asset Liability Management component of Oracle Financial Services Applications (subcomponent: User Inte...
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Guest Additions). Supported versions that are affected are...
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5...
Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Query). Supported versions that are affe...
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5...
Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications (subcomponent: Emergency Response System)...
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5...
Vulnerability in the Application Express component of Oracle Database Server. The supported version that is affected is Prior to 5.1.4.00.08. Easily e...
Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications (subcomponent: Emergency Response System)...
Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications (subcomponent: Emergency Response System)...
Vulnerability in the PeopleSoft Enterprise FSCM component of Oracle PeopleSoft Products (subcomponent: Strategic Sourcing). The supported version that...
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). Supported versions that are affected are 5...
Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Supported versions tha...
Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Supported versions tha...
Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Supported versi...
Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Supported versi...
Vulnerability in the Oracle Banking Payments component of Oracle Financial Services Applications (subcomponent: Payments Core). Supported versions tha...
Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). Supported versi...
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). The supported version that is affected is 10. Easi...
Vulnerability in the Oracle JDeveloper component of Oracle Fusion Middleware (subcomponent: Security Framework). Supported versions that are affected ...
Vulnerability in the Oracle Financial Services Loan Loss Forecasting and Provisioning component of Oracle Financial Services Applications (subcomponen...
Vulnerability in the Oracle WebCenter Portal component of Oracle Fusion Middleware (subcomponent: WebCenter Spaces Application). Supported versions th...
Vulnerability in the Oracle Financial Services Market Risk component of Oracle Financial Services Applications (subcomponent: User Interface). The sup...
Vulnerability in the Oracle Business Intelligence Enterprise Edition component of Oracle Fusion Middleware (subcomponent: BI Platform Security). Suppo...
Vulnerability in the Oracle Financial Services Market Risk Measurement and Management component of Oracle Financial Services Applications (subcomponen...
Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: SPARC Platform). Supported versions that are affected are 1...
Vulnerability in the Oracle Financial Services Hedge Management and IFRS Valuations component of Oracle Financial Services Applications (subcomponent:...
Vulnerability in the Oracle Financial Services Liquidity Risk Management component of Oracle Financial Services Applications (subcomponent: User Inter...
Vulnerability in the Oracle Financial Services Price Creation and Discovery component of Oracle Financial Services Applications (subcomponent: User In...
Vulnerability in the Oracle Financial Services Price Creation and Discovery component of Oracle Financial Services Applications (subcomponent: User In...
Vulnerability in the Oracle Financial Services Asset Liability Management component of Oracle Financial Services Applications (subcomponent: User Inte...
Vulnerability in the Oracle Financial Services Loan Loss Forecasting and Provisioning component of Oracle Financial Services Applications (subcomponen...
Vulnerability in the Oracle Financial Services Hedge Management and IFRS Valuations component of Oracle Financial Services Applications (subcomponent:...
Vulnerability in the Oracle Financial Services Market Risk component of Oracle Financial Services Applications (subcomponent: User Interface). The sup...
Vulnerability in the Oracle Financial Services Market Risk Measurement and Management component of Oracle Financial Services Applications (subcomponen...
Vulnerability in the Oracle Financial Services Funds Transfer Pricing component of Oracle Financial Services Applications (subcomponent: User Interfac...
Vulnerability in the Oracle Financial Services Funds Transfer Pricing component of Oracle Financial Services Applications (subcomponent: User Interfac...
Vulnerability in the Oracle Retail Merchandising System component of Oracle Retail Applications (subcomponent: Cross Pillar). The supported version th...
Vulnerability in the PeopleSoft Enterprise SCM eProcurement component of Oracle PeopleSoft Products (subcomponent: Manage Requisition Status). Support...
Vulnerability in the Oracle Financial Services Analytical Applications Reconciliation Framework component of Oracle Financial Services Applications (s...
Vulnerability in the Oracle Hyperion Planning component of Oracle Hyperion (subcomponent: Security). The supported version that is affected is 11.1.2....
A vulnerability in the web framework of Cisco Small Business Managed Switches software could allow an unauthenticated, remote attacker to conduct a re...
A vulnerability in the web framework of Cisco Small Business Managed Switches software could allow an unauthenticated, remote attacker to conduct an H...
A vulnerability in the application server of the Cisco Unified Customer Voice Portal (CVP) could allow an unauthenticated, remote attacker to cause a ...
A vulnerability in one of the diagnostic test CLI commands on Cisco Industrial Ethernet 4010 Series Switches running Cisco IOS Software could allow an...
A vulnerability in the Policy and Charging Rules Function (PCRF) of the Cisco Policy Suite (CPS) could allow an unauthenticated, remote attacker to ac...
A vulnerability in management interface access control list (ACL) configuration of Cisco NX-OS System Software could allow an unauthenticated, remote ...
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to condu...
A vulnerability in the network-operator user role implementation for Cisco NX-OS System Software could allow an authenticated, local attacker to impro...
A vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct...
A vulnerability in IPv6 ingress packet processing for Cisco UCS Central Software could allow an unauthenticated, remote attacker to cause a denial of ...
A vulnerability in the administrative shell of Cisco AsyncOS on Cisco Email Security Appliance (ESA) and Content Security Management Appliance (SMA) c...
A vulnerability in the role-based access control (RBAC) functionality of Cisco Prime Infrastructure could allow an authenticated, remote attacker to p...
A vulnerability in the web interface of Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to redirect a user to a malicious w...
A vulnerability in the web-based management interface of Cisco WAP150 Wireless-AC/N Dual Radio Access Point with Power over Ethernet (PoE) and WAP361 ...
A vulnerability in the web management GUI of the Cisco D9800 Network Transport Receiver could allow an authenticated, remote attacker to perform a com...
A vulnerability in the Profile Editor of the Cisco AnyConnect Secure Mobility Client could allow an unauthenticated, local attacker to have read and w...
A vulnerability in the Pong tool of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a reload of an affected device, re...
A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view sensitive data. T...
A vulnerability in the ConfD server of the Cisco Elastic Services Controller (ESC) could allow an unauthenticated, local attacker to access sensitive ...
A vulnerability in the web framework of Cisco Prime Service Catalog could allow an unauthenticated, remote attacker to execute unwanted actions on an ...
A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to collect customer files via an out-of-band XML Extern...
A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to access sensitive data about the application. An attack...
A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to access the remote support account even after it has be...
A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access sensitive data about the application. An atta...
A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series routers could allow an authenticated, local attacker to exec...
In Libav through 12.2, there is an invalid memcpy in the av_packet_ref function of libavcodec/avpacket.c. Remote attackers could leverage this vulnera...
In Exiv2 0.26, there is a segmentation fault caused by uncontrolled recursion in the Exiv2::Image::printIFDStructure function in the image.cpp file. R...
CRLF injection vulnerability in OXID eShop Professional Edition before 4.7.11 and 4.8.x before 4.8.4, Enterprise Edition before 5.0.11 and 5.1.x befor...
Cross-site scripting (XSS) vulnerability in knowledgebase.php in LiveZilla before 7.0.8.9 allows remote attackers to inject arbitrary web script or HT...
The Jira-importers-plugin in Atlassian Jira before version 7.6.1 allows remote attackers to create new projects and abort an executing external system...
When an application with unsupported Codehaus versions of Groovy from 1.7.0 to 2.4.3, Apache Groovy 2.4.4 to 2.4.7 on classpath uses standard Java ser...
The PieChart gadget in Atlassian Jira before version 7.5.3 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (...
A SQL Injection issue was discovered in Moxa SoftCMS Live Viewer through 1.6. An improper neutralization of special elements used in an SQL command ('...
An Uncontrolled Search Path Element issue was discovered in Moxa SoftNVR-IA Live Viewer, Version 3.30.3122 and prior versions. An uncontrolled search ...
A race condition in Guacamole's terminal emulator in versions 0.9.5 through 0.9.10-incubating could allow writes of blocks of printed data to overlap....
It was found that libpam4j up to and including 1.8 did not properly validate user accounts when authenticating. A user with a valid password for a dis...
An issue was discovered in markdown2 (aka python-markdown2) through 2.3.5. The safe_mode feature, which is supposed to sanitize user input against XSS...
In Samsung Gear products, Bluetooth link key is updated to the different key which is same with attacker's link key. It can be attacked without user's...
WordPress before 4.9.2 has XSS in the Flash fallback files in MediaElement (under wp-includes/js/mediaelement).
jQuery before 1.9.0 is vulnerable to Cross-site Scripting (XSS) attacks. The jQuery(strInput) function does not differentiate selectors from HTML in a...
jQuery before 3.0.0 is vulnerable to Cross-site Scripting (XSS) attacks when a cross-domain Ajax request is performed without the dataType option, cau...
jQuery 3.0.0-rc.1 is vulnerable to Denial of Service (DoS) due to removing a logic that lowercased attribute names. Any attribute getter using a mixed...
In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PoDoFo::PdfVecObjects::Reserve function (base/PdfVecObjects.h). Remote attackers co...
In LibTIFF 4.0.9, there is an uncontrolled resource consumption in the TIFFSetDirectory function of tif_dir.c. Remote attackers could leverage this vu...
In OpenJPEG 2.3.0, there is an integer overflow caused by an out-of-bounds left shift in the opj_j2k_setup_encoder function (openjp2/j2k.c). Remote at...
In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the get_fileinfo function (lrzip.c). Remote attackers could lev...
IBM Integration Bus 9.0 and 10.0 could allow an attacker that has captured a valid session id to hijack another users session during a small timeframe...
X509 certificate verification was not correctly implemented in the early access "user id" feature in the F5 BIG-IP Advanced Firewall Manager versions ...
IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, and 7.0.1 within Citizen Portal could allow an authenticated user to withdraw other user's su...
OXID eShop Professional Edition before 4.7.13 and 4.8.x before 4.8.7, Enterprise Edition before 5.0.13 and 5.1.x before 5.1.7, and Community Edition b...
The OpenID Single Sign-On authentication functionality in OXID eShop before 4.5.0 allows remote attackers to impersonate users via the email address i...
Vulnerability in Apache Hadoop 0.23.x, 2.x before 2.7.5, 2.8.x before 2.8.3, and 3.0.0-alpha through 3.0.0-beta1 allows a cluster user to expose priva...
A Command Injection issue was discovered in ContentStore/Base/CVDataPipe.dll in Commvault before v11 SP6. A certain message parsing function inside th...
Yandex Browser before 16.9.0 allows remote attackers to spoof the address bar via window.open.
Race condition issue in Yandex Browser for Android before 17.4.0.16 allowed a remote attacker to potentially exploit memory corruption via a crafted H...
Yandex Browser installer for Desktop before 17.4.1 has a DLL Hijacking Vulnerability because an untrusted search path is used for dnsapi.dll, winmm.dl...
A session hijacking via log disclosure vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an unauthe...
An exploitable cross site scripting (XSS) vulnerability exists in the add filter functionality of the rails_admin rails gem version 1.2.0. A specially...
An uninitialized pointer information disclosure vulnerability in Trend Micro Mobile Security (Enterprise) versions 9.7 and below could allow an unauth...
A vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an attacker to perform remote command execution...
A vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an attacker to perform remote command execution...
A stored cross site scripting (XSS) vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an attacker t...
An improper access control vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.2 and below could allow an attacker to decrypt...
An exploitable cross site scripting (XSS) vulnerability exists in the filter functionality of the delayed_job_web rails gem version 1.4. A specially c...
An exploitable improper authorization vulnerability exists in admin_addPeer API of cpp-ethereum's JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c0...
An exploitable improper authorization vulnerability exists in admin_peers API of cpp-ethereum's JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c073...
An exploitable improper authorization vulnerability exists in miner_setEtherbase API of cpp-ethereum's JSON-RPC (commit 4e1015743b95821849d001618a7ce8...
An exploitable improper authorization vulnerability exists in miner_start API of cpp-ethereum's JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c073...
An exploitable improper authorization vulnerability exists in admin_nodeInfo API of cpp-ethereum's JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c...
An exploitable improper authorization vulnerability exists in miner_setGasPrice API of cpp-ethereum's JSON-RPC (commit 4e1015743b95821849d001618a7ce82...
An exploitable improper authorization vulnerability exists in miner_stop API of cpp-ethereum's JSON-RPC (commit 4e1015743b95821849d001618a7ce82c7c0737...
An exploitable unhandled exception vulnerability exists in multiple APIs of CPP-Ethereum JSON-RPC. Specially crafted JSON requests can cause an unhand...
An exploitable information leak/denial of service vulnerability exists in the libevm (Ethereum Virtual Machine) `create2` opcode handler of CPP-Ethere...
An exploitable overly permissive cross-domain (CORS) whitelist vulnerability exists in JSON-RPC of Parity Ethereum client version 1.7.8. An automatica...
An exploitable NULL pointer dereference vulnerability exists in the tinysvcmdns library version 2017-11-05. A specially crafted packet can make the li...
In NetIQ Access Manager 4.3 and 4.4, a bug exists in Identity Server when accessing a basic SSO connector and downloading the BasicSSO connector plugi...
spice-vdagent up to and including 0.17.0 does not properly escape save directory before passing to shell, allowing local attacker with access to the s...
keycloak-httpd-client-install versions before 0.8 insecurely creates temporary file allowing local attackers to overwrite other files via symbolic lin...
keycloak-httpd-client-install versions before 0.8 allow users to insecurely pass password through command line, leaking it via command history and pro...
JBMC DirectAdmin before 1.52, when the email_ftp_password_change setting is nonzero, allows remote attackers to obtain access or cause a denial of ser...
sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEW...
Buffer overflow on Dasan GPON ONT WiFi Router H640X 12.02-01121 2.77p1-1124 and 3.03p2-1146 devices allows remote attackers to execute arbitrary code ...
An issue was discovered in GitStack through 2.3.10. User controlled input is not sufficiently filtered, allowing an unauthenticated attacker to add a ...
In Zillya! Antivirus 3.0.2230.0, the driver file (zef.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other i...
In Zillya! Antivirus 3.0.2230.0, the driver file (zef.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other i...
In Zillya! Antivirus 3.0.2230.0, the driver file (zef.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other i...
Zenario v7.1 - v7.6 has SQL injection via the `Name` input field of organizer.php or admin_boxes.ajax.php in the `Categories - Edit` module.
CentOS-WebPanel.com (aka CWP) CentOS Web Panel through v0.9.8.12 has XSS via the `module` value of the `index.php` file.
index.php in CentOS-WebPanel.com (aka CWP) CentOS Web Panel through v0.9.8.12 has XSS via the id parameter to the phpini_editor module or the email_ad...
pfSense before 2.3 allows remote authenticated users to execute arbitrary OS commands via a '|' character in the status_rrd_graph_img.php graph parame...
Buffer Overflow in the FTP client in LabF nfsAxe 3.7 allows remote FTP servers to execute arbitrary code via a long reply.
FasterXML jackson-databind through 2.8.11 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CV...
Moodle 3.x has Server Side Request Forgery in the filepicker.
In Moodle 3.x, the setting for blocked hosts list can be bypassed with multiple A record hostnames.
In Moodle 3.x, quiz web services allow students to see quiz results when it is prohibited in the settings.
In Moodle 3.x, there is XSS via a calendar event name.
Heap-based buffer overflow in the ensure_solid_xref function in pdf/pdf-xref.c in Artifex MuPDF 1.12.0 allows a remote attacker to potentially execute...
A man-in-the-middle vulnerability related to vCenter access was found in Rubrik CDM 3.x and 4.x before 4.0.4-p2. This vulnerability might expose Rubri...
Improper input validation bugs in DNSSEC validators components in Knot Resolver (prior version 1.5.2) allow attacker in man-in-the-middle position to ...
Improper input validation bugs in DNSSEC validators components in PowerDNS version 4.1.0 allow attacker in man-in-the-middle position to deny existenc...
An issue was discovered in AsusWRT before 3.0.0.4.384_10007. In the handle_request function in router/httpd/httpd.c, processing of POST requests conti...
An issue was discovered in AsusWRT before 3.0.0.4.384_10007. The do_vpnupload_post function in router/httpd/web.c in vpnupload.cgi provides functional...
The Soundy Audio Playlist plugin 4.6 and below for WordPress has Cross-Site Scripting via soundy-audio-playlist\templates\front-end.php (war_sdy_pl_pr...
The Soundy Background Music plugin 3.9 and below for WordPress has Cross-Site Scripting via soundy-background-music\templates\front-end.php (war_sound...
An issue was discovered in the _asn1_decode_simple_ber function in decoding.c in GNU Libtasn1 before 4.13. Unlimited recursion in the BER decoder lead...
In Yii Framework 2.x before 2.0.14, the switchIdentity function in web/User.php did not regenerate the CSRF token upon a change of identity.
In Yii Framework 2.x before 2.0.14, remote attackers could obtain potentially sensitive information from exception messages, or exploit reflected XSS ...
axTLS version 1.5.3 has a coding error in the ASN.1 parser resulting in the year (19)50 of UTCTime being misinterpreted as 2050.
MatrixSSL version 3.7.2 adopts a collision-prone OID comparison logic resulting in possible spoofing of OIDs (e.g. in ExtKeyUsage extension) on X.509 ...
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remo...
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remo...
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remo...
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remo...
Cross-site scripting (XSS) in BigTree 4.2.19 allows any remote users to inject arbitrary web script or HTML via the directory parameter. This issue ex...
Subsonic v6.1.3 has an insecure allow-access-from domain="*" Flash cross-domain policy that allows an attacker to retrieve sensitive user information ...
Buffer overflow in the Qualcomm radio driver in Android before 2017-01-05 on Android One devices allows local users to gain privileges via a crafted a...
This vulnerability allows remote attackers to bypass authentication on vulnerable installations of NetGain Systems Enterprise Manager 7.2.699 build 10...
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of NetGain Systems Enterprise Manager 7.2.699...
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730...
This vulnerability allows remote attackers to delete arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1...
This vulnerability allows remote attackers to create arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1...
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730...
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730...
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1...
This vulnerability allows remote attackers to execute code by overwriting arbitrary files on vulnerable installations of NetGain Systems Enterprise Ma...
This vulnerability allows remote attackers to delete arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1...
This vulnerability allows remote attackers to overwrite files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Al...
This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 buil...
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1...
This vulnerability allows remote attackers to execute code by creating arbitrary files on vulnerable installations of NetGain Systems Enterprise Manag...
This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 buil...
This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 buil...
This vulnerability allows remote attackers to execute code by creating arbitrary files on vulnerable installations of NetGain Systems Enterprise Manag...
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Netgain Enterprise Manager. Authentication...
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Netgain Enterprise Manager. Authentication is not ...
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Netgain Enterprise Manager. Authentication...
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Netgain Enterprise Manager. Authentication is not ...
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Netgain Enterprise Manager. Authentication is not ...
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of NetGain Systems Enterprise Manager v7.2.699 build ...
Monstra CMS 3.0.4 allows users to upload arbitrary files, which leads to remote command execution on the server, for example because .php (lowercase) ...
In the CSV export feature of SilverStripe before 3.5.6, 3.6.x before 3.6.3, and 4.x before 4.0.1, it's possible for the output to contain macros and s...
Directory traversal vulnerability in application/admin/controller/Main.php in NoneCms through 1.3.0 allows remote authenticated users to delete arbitr...
The copy function in application/admin/controller/Article.php in NoneCms 1.3.0 allows remote attackers to access the content of internal and external ...
On multiple SR-IOV cars it is possible for VF's assigned to guests to send ethernet flow control pause frames via the PF. This includes Linux kernel i...
Jenkins PMD Plugin 3.49 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user perm...
Jenkins Checkstyle Plugin 3.49 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with us...
Jenkins DRY Plugin 2.49 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user perm...
Jenkins FindBugs Plugin 4.71 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user...
Jenkins Warnings Plugin 4.64 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user...
Jenkins Release Plugin 2.9 and earlier did not require form submissions to be submitted via POST, resulting in a CSRF vulnerability allowing attackers...
Jenkins Translation Assistance Plugin 1.15 and earlier did not require form submissions to be submitted via POST, resulting in a CSRF vulnerability al...
On Jenkins instances with Authorize Project plugin, the authentication associated with a build may lack the Computer/Build permission on some agents. ...
An issue has been found in the DNSSEC validation component of PowerDNS Recursor from 4.0.0 and up to and including 4.0.6, where the signatures might h...
An issue has been found in the API component of PowerDNS Authoritative 4.x up to and including 4.0.4 and 3.x up to and including 3.4.11, where some op...
A cross-site scripting issue has been found in the web interface of PowerDNS Recursor from 4.0.0 up to and including 4.0.6, where the qname of DNS que...
When api-config-dir is set to a non-empty value, which is not the case by default, the API in PowerDNS Recursor 4.x up to and including 4.0.6 and 3.x ...
An issue has been found in the DNSSEC parsing code of PowerDNS Recursor from 4.0.0 up to and including 4.0.6 leading to a memory leak when parsing spe...
A flaw was found in the way unbound before 1.6.8 validated wildcard-synthesized NSEC records. An improperly validated wildcard NSEC record could be us...
A vulnerability was found in the implementation of DNSSEC in Dnsmasq up to and including 2.78. Wildcard synthesized NSEC records could be improperly i...
A potential security vulnerability has been identified with the command line shell of the HP ThinPro operating system 6.1, 5.2.1, 5.2, 5.1, 5.0, and 4...
A potential security vulnerability has been identified with HP PageWide Printers, HP OfficeJet Pro Printers, with firmware before 1708D. This vulnerab...
A potential security vulnerability has been identified with HP Web Jetadmin before 10.4 SR2. This vulnerability could potentially be exploited to crea...
HP has identified a potential security vulnerability with HP Enterprise LaserJet Printers and MFPs, HP OfficeJet Enterprise Color Printers and MFP, HP...
The vulnerability allows attacker to extract binaries into protected file system locations in HP Support Assistant before 12.7.26.1.
Potential security vulnerabilities have been identified with HP JetAdvantage Security Manager before 3.0.1. The vulnerabilities could potentially be e...
Potential security vulnerabilities have been identified with HP JetAdvantage Security Manager before 3.0.1. The vulnerabilities could potentially be e...
HP has identified a potential security vulnerability before IG_11_00_00.10 for DesignJet T790, T795, T1300, T2300, before MRY_04_05_00.5 for DesignJet...
Insufficient Solution DLL Signature Validation allows potential execution of arbitrary code in HP LaserJet Enterprise printers, HP PageWide Enterprise...
Cross-site scripting (XSS) vulnerability in the web UI in Mailman before 2.1.26 allows remote attackers to inject arbitrary web script or HTML via a u...
SQL injection vulnerability in RISE Ultimate Project Manager 1.9 allows remote attackers to execute arbitrary SQL commands via the search parameter to...
The cirrus_invalidate_region function in hw/display/cirrus_vga.c in Qemu allows local OS guest privileged users to cause a denial of service (out-of-b...
The server in Flexense SysGauge 3.6.18 operating on port 9221 can be exploited remotely with the attacker gaining system-level access because of a Buf...
The vga_draw_text function in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) by ...
install.php in Minecraft Servers List Lite before commit c1cd164 and Premium Minecraft Servers List before 2.0.4 does not sanitize input before saving...
Symantec Reporter 9.5 prior to 9.5.4.1 and 10.1 prior to 10.1.5.5 does not restrict excessive authentication attempts for management interface users. ...
A malicious host header in an incoming HTTP request could cause NiFi to load resources from an external server. The fix to sanitize host headers and c...
A malicious X-ProxyContextPath or X-Forwarded-Context header containing external resources or embedded code could cause remote code execution. The fix...
crypto/pcrypt.c in the Linux kernel before 4.14.13 mishandles freeing instances, allowing a local user able to access the AF_ALG-based AEAD interface ...
Cross Site Request Forgery (CSRF) exists in Photography CMS 1.0 via clients/resources/ajax/ajax_new_admin.php, as demonstrated by adding an admin acco...
SQL Injection exists in Classified Ads CMS Quickad 4.0 via the keywords, placeid, cat, or subcat parameter to the listing URI.
Cross Site Request Forgery (CSRF) exists in RSVP Invitation Online 1.0 via function/account.php, as demonstrated by modifying the admin password.
SQL Injection exists in Affiligator Affiliate Webshop Management System 2.1.0 via a search/?q=&price_type=range&price= request.
SQL Injection exists in Facebook Style Php Ajax Chat Zechat 1.5 via the login.php User field.
SQL Injection exists in Wchat Fully Responsive PHP AJAX Chat Script 1.5 via the login.php User field.
SQL Injection exists in the Tumder (An Arcade Games Platform) 2.1 component for Joomla! via the PATH_INFO to the category/ URI.
SQL Injection exists in the LiveCRM SaaS Cloud 1.0 component for Joomla! via an r=site/login&company_id= request.
SQL Injection exists in Easy Car Script 2014 via the s_order or s_row parameter to site_search.php.
SQL Injection exists in Flexible Poll 1.2 via the id parameter to mobile_preview.php or index.php.
ZEIT Next.js 4 before 4.2.3 has Directory Traversal under the /_next request namespace.
In Artifex MuPDF 1.12.0, there is a heap-based buffer overflow vulnerability in the do_pdf_save_document function in the pdf/pdf-write.c file. Remote ...
FreeSSHd 1.3.1 version is vulnerable to an Unquoted Path Service allowing local users to launch processes with elevated privileges.
The YARN NodeManager in Apache Hadoop 2.7.3 and 2.7.4 can leak the password for credential store provider used by the NodeManager to YARN Applications...
IBM Business Process Manager 8.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actio...
An information disclosure in ovirt-hosted-engine-setup prior to 2.2.7 reveals the root user's password in the log file.
xorg-x11-server before 1.19.5 was missing extra length validation in ProcEstablishConnection function allowing malicious X client to cause X server to...
xorg-x11-server before 1.19.5 was vulnerable to integer overflow in ProcDbeGetVisualInfo function allowing malicious X client to cause X server to cra...
xorg-x11-server before 1.19.5 had wrong extra length check in ProcXIChangeHierarchy function allowing malicious X client to cause X server to crash or...
xorg-x11-server before 1.19.5 was vulnerable to integer overflow in (S)ProcXIBarrierReleasePointer functions allowing malicious X client to cause X se...
xorg-x11-server before 1.19.5 was missing length validation in XFree86 VidModeExtension allowing malicious X client to cause X server to crash or poss...
xorg-x11-server before 1.19.5 was missing length validation in XFree86 DGA extension allowing malicious X client to cause X server to crash or possibl...
xorg-x11-server before 1.19.5 was missing length validation in XFree86 DRI extension allowing malicious X client to cause X server to crash or possibl...
xorg-x11-server before 1.19.5 was missing length validation in XFIXES extension allowing malicious X client to cause X server to crash or possibly exe...
xorg-x11-server before 1.19.5 was missing length validation in XINERAMA extension allowing malicious X client to cause X server to crash or possibly e...
xorg-x11-server before 1.19.5 was missing length validation in MIT-SCREEN-SAVER extension allowing malicious X client to cause X server to crash or po...
xorg-x11-server before 1.19.5 was missing length validation in X-Resource extension allowing malicious X client to cause X server to crash or possibly...
xorg-x11-server before 1.19.5 was missing length validation in RENDER extension allowing malicious X client to cause X server to crash or possibly exe...
A buffer overflow vulnerability lies in the web server component of Dup Scout Enterprise 9.9.14, Disk Savvy Enterprise 9.9.14, Sync Breeze Enterprise ...
It was found that 389-ds-base since 1.3.6.1 up to and including 1.4.0.3 did not always handle internal hash comparison operations correctly during the...
RAVPower FileHub 2.000.056 allows remote users to steal sensitive information via a crafted HTTP request.
An issue was discovered in Ipswitch WhatsUp Gold before 2017 Plus SP1 (17.1.1). Remote clients can take advantage of a misconfiguration in the TFTP se...
An issue was discovered in Ipswitch WhatsUp Gold before 2017 Plus SP1 (17.1.1). Multiple SQL injection vulnerabilities are present in the legacy .ASP ...
Unencrypted transmission of images in Tinder iOS app and Tinder Android app allows an attacker to extract private sensitive information by sniffing ne...
Fixed sizes of HTTPS responses in Tinder iOS app and Tinder Android app allow an attacker to extract private sensitive information by sniffing network...
A vulnerability has been identified in Desigo PXC00-E.D V4.10 (All versions < V4.10.111), Desigo PXC00-E.D V5.00 (All versions < V5.0.171), Desigo PXC...
Reservo Image Hosting 1.6 is vulnerable to XSS attacks. The affected function is its search engine (the t parameter to the /search URI). Since there i...
jsparse.c in Artifex MuJS through 1.0.2 does not properly maintain the AST depth for binary expressions, which allows remote attackers to cause a deni...
Netis WF2419 V3.2.41381 devices allow XSS via the Description field on the MAC Filtering page.
The js_strtod function in jsdtoa.c in Artifex MuJS through 1.0.2 has an integer overflow because of incorrect exponent validation.
In Artifex MuPDF 1.12.0, the pdf_read_new_xref function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation violation...
A Cross-Site Scripting (XSS) vulnerability was found in Routers2 2.24, affecting the 'rtr' GET parameter in a page=graph action to cgi-bin/routers2.pl...
Soyket Chowdhury Vehicle Sales Management System version 2017-07-30 is vulnerable to multiple SQL Injecting in login/vehicle.php, login/profile.php, l...
libcurl 7.49.0 to and including 7.57.0 contains an out bounds read in code handling HTTP/2 trailers. It was reported (https://github.com/curl/curl/pul...
libcurl 7.1 through 7.57.0 might accidentally leak authentication data to third parties. When asked to send custom headers in its HTTP requests, libcu...
Users with permission to create or configure agents in Jenkins 1.37 and earlier could configure an EC2 agent to run arbitrary shell commands on the ma...
A race condition during Jenkins 2.81 through 2.94 (inclusive); 2.89.1 startup could result in the wrong order of execution of commands during initiali...
A race condition during Jenkins 2.94 and earlier; 2.89.1 and earlier startup could result in the wrong order of execution of commands during initializ...
GitHub Electron versions 1.8.2-beta.3 and earlier, 1.7.10 and earlier, 1.6.15 and earlier has a vulnerability in the protocol handler, specifically El...
A flaw was found in Wildfly 9.x. A path traversal vulnerability through the org.wildfly.extension.undertow.deployment.ServletResourceManager.getResour...
It was found that the AJP connector in undertow, as shipped in Jboss EAP 7.1.0.GA, does not use the ALLOW_ENCODED_SLASH option and thus allow the the ...
The Security Console in EMC RSA Authentication Manager 8.2 SP1 P6 and earlier is affected by a blind SQL injection vulnerability. Authenticated malici...
A SQL Injection issue was discovered in Advantech WebAccess/SCADA versions prior to V8.2_20170817. WebAccess/SCADA does not properly sanitize its inpu...
A Path Traversal issue was discovered in Advantech WebAccess/SCADA versions prior to V8.2_20170817. An attacker has read access to files within the di...
w3m through 0.5.3 is prone to an infinite recursion flaw in HTMLlineproc0 because the feed_table_block_tag function in table.c does not prevent a nega...
w3m through 0.5.3 is prone to a NULL pointer dereference flaw in formUpdateBuffer in form.c.
w3m through 0.5.3 does not properly handle temporary files when the ~/.w3m directory is unwritable, which allows a local attacker to craft a symlink a...
vBulletin 3.x.x and 4.2.x through 4.2.5 has an open redirect via the redirector.php url parameter.
In eScan Antivirus 14.0.1400.2029, the driver file (econceal.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified ...
In eScan Antivirus 14.0.1400.2029, the driver file (econceal.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified ...
In eScan Antivirus 14.0.1400.2029, the driver file (econceal.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified ...
In Max Secure Anti Virus 19.0.3.019,, the driver file (SDActMon.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecifi...
In Max Secure Anti Virus 19.0.3.019,, the driver file (MaxProtector32.sys) allows local users to cause a denial of service (BSOD) or possibly have uns...
In Max Secure Anti Virus 19.0.3.019,, the driver file (MaxProtector32.sys) allows local users to cause a denial of service (BSOD) or possibly have uns...
In Max Secure Anti Virus 19.0.3.019,, the driver file (MaxProtector32.sys) allows local users to cause a denial of service (BSOD) or possibly have uns...
In Max Secure Anti Virus 19.0.3.019,, the driver file (MaxProtector32.sys) allows local users to cause a denial of service (BSOD) or possibly have uns...
In Max Secure Anti Virus 19.0.3.019,, the driver file (MaxCryptMon.sys) allows local users to cause a denial of service (BSOD) or possibly have unspec...
Netis WF2419 V2.2.36123 devices allow XSS via the Description parameter on the Bandwidth Control Rule Settings page.
The WStr::_alloc_iostr_data() function in kso.dll in Kingsoft WPS Office 10.1.0.7106 and 10.2.0.5978 allows remote attackers to cause a denial of serv...
Multiple SQL injections exist in SugarCRM Community Edition 6.5.26 and below via the track parameter to modules\Campaigns\Tracker.php and modules\Camp...
A vulnerability has been identified in TeleControl Server Basic < V3.1. An attacker with network access to the TeleControl Server Basic's port 8000/tc...
A vulnerability has been identified in TeleControl Server Basic < V3.1. An authenticated attacker with a low-privileged account to the TeleControl Ser...
A vulnerability has been identified in TeleControl Server Basic < V3.1. An attacker with access to the TeleControl Server Basic's webserver (port 80/t...
ImpulseAdventure JPEGsnoop version 1.7.5 is vulnerable to a division by zero in the JFIF decode handling resulting denial of service.
sql/event_data_objects.cc in MariaDB before 10.1.30 and 10.2.x before 10.2.10 and Percona XtraDB Cluster before 5.6.37-26.21-3 and 5.7.x before 5.7.19...
qemu/qemu_monitor.c in libvirt allows attackers to cause a denial of service (memory consumption) via a large QEMU reply.
phpFreeChat 1.7 and earlier allows remote attackers to cause a denial of service by sending a large number of connect commands.
CMS Made Simple (CMSMS) 2.2.5 has XSS in admin/addbookmark.php via the title parameter.
CMS Made Simple (CMSMS) 2.2.5 has XSS in admin/moduleinterface.php via the m1_messages parameter.
CMS Made Simple (CMSMS) 2.2.5 has XSS in admin/moduleinterface.php via the m1_errors parameter.
SQL Injection exists in Professional Local Directory Script 1.0 via the sellers_subcategories.php IndustryID parameter, or the suppliers.php IndustryI...
An issue was discovered in the HTTP Server in RAVPower Filehub 2.000.056. Due to an unrestricted upload feature and a path traversal vulnerability, it...
In Jenkins Script Security Plugin version 1.36 and earlier, users with the ability to configure sandboxed Groovy scripts are able to use a type coerci...
A flaw was found in dovecot 2.0 up to 2.2.33 and 2.3.0. An abort of SASL authentication results in a memory leak in dovecot's auth client used by logi...
It was found that the fix for CVE-2016-9606 in versions 3.0.22 and 3.1.2 was incomplete and Yaml unmarshalling in Resteasy is still possible via `Yaml...
Any authenticated user (valid client certificate but without ACL permissions) could upload a template which contained malicious code and caused a deni...
An Improper Input Validation issue was discovered in Nari PCS-9611 relay. An improper input validation vulnerability has been identified that affects ...
Cross-site scripting (XSS) in WBCE CMS 1.3.1 allows remote authenticated administrators to inject arbitrary web script or HTML via the Modify Page scr...
The outputSWF_TEXT_RECORD function (util/outputscript.c) in libming through 0.4.8 is vulnerable to an integer overflow and resultant out-of-bounds rea...
Biscom Secure File Transfer (SFT) 5.0.1000 through 5.0.1048 does not validate the dataFieldId value, and uses sequential numbers, which allows remote ...
Sensitive data stored by Lenovo Fingerprint Manager Pro, version 8.01.86 and earlier, including users' Windows logon credentials and fingerprint data,...
Jenkins Active Choices plugin version 1.5.3 and earlier allowed users with Job/Configure permission to provide arbitrary HTML to be shown on the 'Buil...
Jenkins Build-Publisher plugin version 1.21 and earlier stores credentials to other Jenkins instances in the file hudson.plugins.build_publisher.Build...
Jenkins Dependency Graph Viewer plugin 0.12 and earlier did not perform permission checks for the API endpoint that modifies the dependency graph, all...
Some URLs provided by Jenkins global-build-stats plugin version 1.4 and earlier returned a JSON response that contained request parameters. These resp...
Jenkins Multijob plugin version 1.25 and earlier did not check permissions in the Resume Build action, allowing anyone with Job/Read permission to res...
Jenkins versions 2.88 and earlier and 2.73.2 and earlier stores metadata related to 'people', which encompasses actual user accounts, as well as users...
Jenkins 2.88 and earlier; 2.73.2 and earlier Autocompletion suggestions for text fields were not escaped, resulting in a persisted cross-site scriptin...
Jenkins 2.73.1 and earlier, 2.83 and earlier users with permission to create or configure agents in Jenkins could configure a launch method called 'La...
Jenkins 2.73.1 and earlier, 2.83 and earlier bundled a version of the commons-fileupload library with the denial-of-service vulnerability known as CVE...
Jenkins 2.73.1 and earlier, 2.83 and earlier provides information about Jenkins user accounts which is generally available to anyone with Overall/Read...
Jenkins 2.73.1 and earlier, 2.83 and earlier bundled a version of the commons-httpclient library with the vulnerability CVE-2012-6153 that incorrectly...
Jenkins Maven Plugin 2.17 and earlier bundled a version of the commons-httpclient library with the vulnerability CVE-2012-6153 that incorrectly verifi...
The remote API in Jenkins 2.73.1 and earlier, 2.83 and earlier at /computer/(agent-name)/api showed information about tasks (typically builds) current...
The Jenkins 2.73.1 and earlier, 2.83 and earlier remote API at /queue/item/(ID)/api showed information about tasks in the queue (typically builds wait...
The Jenkins 2.73.1 and earlier, 2.83 and earlier remote API at /job/(job-name)/api contained information about upstream and downstream projects. This ...
The Jenkins 2.73.1 and earlier, 2.83 and earlier default form control for passwords and other secrets, <f:password/>, supports form validation (e.g. f...
Jenkins Swarm Plugin Client 3.4 and earlier bundled a version of the commons-httpclient library with the vulnerability CVE-2012-6153 that incorrectly ...
Jenkins Speaks! Plugin, all current versions, allows users with Job/Configure permission to run arbitrary Groovy code inside the Jenkins JVM, effectiv...
The Jenkins Delivery Pipeline Plugin version 1.0.7 and earlier used the unescaped content of the query parameter 'fullscreen' in its JavaScript, resul...
Sourcetree for macOS had several argument and command injection bugs in Mercurial and Git repository handling. An attacker with permission to commit t...
Sourcetree for Windows had several argument and command injection bugs in Mercurial and Git repository handling. An attacker with permission to commit...
A Vulnerability exists on Admin Console where an attacker can upload files to the Admin Console server, and potentially execute them. This impacts Net...
The elf_object_p function in elfcode.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.29.1, has an unsigne...
Open redirect vulnerability in GroupSession version 4.7.0 and earlier allows an attacker to redirect users to arbitrary web sites and conduct phishing...
Nootka 1.4.4 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.
Untrusted search path vulnerability in FLET'S VIRUS CLEAR Easy Setup & Application Tool ver.11 and earlier versions, FLET'S VIRUS CLEAR v6 Easy Setup ...
In strategy.rb in OmniAuth before 1.3.2, the authenticity_token value is improperly protected because POST (in addition to GET) parameters are stored ...
An unprivileged attacker with connectivity to the IMM2 could cause a denial of service attack on the IMM2 (Versions earlier than 4.4 for Lenovo System...
The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel through 4.14.15 allows local users to obtain sensitive address information ...
Cross-site scripting (XSS) vulnerability in Sophos PureMessage for UNIX before 6.3.2 allows remote attackers to inject arbitrary web script or HTML vi...
The ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial...
The ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial...
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of ...
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of ...
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of ...
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of ...
ClamAV AntiVirus software versions 0.99.2 and prior contain a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of ...
In WonderCMS 2.3.1, the upload functionality accepts random application extensions and leads to malicious File Upload.
In WonderCMS 2.3.1, the application's input fields accept arbitrary user input resulting in execution of malicious JavaScript. NOTE: the vendor disput...
WonderCMS 2.3.1 is vulnerable to an HTTP Host header injection attack. It uses user-entered values to redirect pages. NOTE: the vendor reports that ex...
In Utilities.php in Perfex CRM 1.9.7, Unrestricted file upload can lead to remote code execution.
An issue was discovered in the "Email Subscribers & Newsletters" plugin before 3.4.8 for WordPress. Sending an HTTP POST request to a URI with /?es=ex...
IBM Tealeaf Customer Experience 8.7, 8.8, and 9.0.2 could allow a remote attacker under unusual circumstances to read operational data or TLS session ...
IBM Tealeaf Customer Experience 8.7, 8.8, and 9.0.2 contains hard-coded credentials. A remote attacker could exploit this vulnerability to gain access...
IBM Tealeaf Customer Experience 8.7, 8.8, and 9.0.2 could allow a remote attacker to traverse directories on the system. An attacker could send a spec...
IBM Cognos TM1 10.2 and 10.2.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI...
IBM Doors Web Access 9.5 and 9.6 could allow an authenticated user to obtain sensitive information from HTTP internal server error responses. IBM X-Fo...
IBM Doors Web Access 9.5 and 9.6 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a maliciou...
IBM DOORS 9.5 and 9.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus alt...
IBM Doors Web Access 9.5 and 9.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web ...
IBM Doors Web Access 9.5 and 9.6 could allow an attacker with physical access to the system to log into the application using previously stored creden...
IBM Doors Web Access 9.5 and 9.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web ...
IBM Doors Web Access 9.5 and 9.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web ...
IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 6.0.x) is vulnerable to cross-site scripting. This vulnerability allows users to ...
index.js in brace-expansion before 1.1.7 is vulnerable to Regular Expression Denial of Service (ReDoS) attacks, as demonstrated by an expand argument ...
In PoDoFo 0.9.5, there is an Excessive Iteration in the PdfParser::ReadObjectsInternal function of base/PdfParser.cpp. Remote attackers could leverage...
The Python console in Electrum through 2.9.4 and 3.x through 3.0.5 supports arbitrary Python code without considering (1) social-engineering attacks i...
templates/forms/thanks.html in Formspree before 2018-01-23 allows XSS related to the _next parameter.
The acx_asmw_saveorder_callback function in function.php in the acurax-social-media-widget plugin before 3.2.6 for WordPress has CSRF via the recordsA...
The printDefineFont2 function (util/listfdb.c) in libming through 0.4.8 is vulnerable to a heap-based buffer overflow, which may allow attackers to ca...
The decompileIF function (util/decompile.c) in libming through 0.4.8 is vulnerable to a use-after-free, which may allow attackers to cause a denial of...
mpv through 0.28.0 allows remote attackers to execute arbitrary code via a crafted web site, because it reads HTML documents containing VIDEO elements...
systemd-tmpfiles in systemd before 237 attempts to support ownership/permission changes on hardlinked files even if the fs.protected_hardlinks sysctl ...
drivers/input/serio/i8042.c in the Linux kernel before 4.12.4 allows attackers to cause a denial of service (NULL pointer dereference and system crash...
An issue was discovered on DODOCOOL DC38 3-in-1 N300 Mini Wireless Range Extend RTN2-AW.GD.R3465.1.20161103 devices. A Cross-site request forgery (CSR...
CSRF exists in the JS Support Ticket 1.1.0 component for Joomla! and allows attackers to inject HTML or edit a ticket.
Arbitrary File Download exists in the Jtag Members Directory 5.3.7 component for Joomla! via the download_file parameter.
SQL Injection exists in Task Rabbit Clone 1.0 via the single_blog.php id parameter.
SQL Injection exists in Multilanguage Real Estate MLM Script through 3.0 via the /product-list.php srch parameter.
SQL Injection exists in TSiteBuilder 1.0 via the id parameter to /site.php, /pagelist.php, or /page_new.php.
SQL Injection exists in Vastal I-Tech Buddy Zone Facebook Clone 2.9.9 via the /chat_im/chat_window.php request_id parameter or the /search_events.php ...
A Cross-site Scripting vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.7, 5.2 and earlier, allows attacker to inject arbitrary web scri...
ASUS DSL-AC51, DSL-AC52U, DSL-AC55U, DSL-N55U C1, DSL-N55U D1, DSL-AC56U, DSL-N10_C1, DSL-N12U C1, DSL-N12E C1, DSL-N14U, DSL-N14U-B1, DSL-N16, DSL-N1...
Multiple XML external entity (XXE) vulnerabilities in the AiCloud feature on ASUS DSL-AC51, DSL-AC52U, DSL-AC55U, DSL-N55U C1, DSL-N55U D1, DSL-AC56U,...
IBM Cognos Analytics 11.0 could store cached credentials locally that could be obtained by a local user. IBM X-Force ID: 136824.
IBM Cognos Analytics 11.0 could allow a local user to change parameters set from the Cognos Analytics menus without proper authentication. IBM X-Force...
IBM Cognos Analytics 11.0 could produce results in temporary files that contain highly sensitive information that can be read by a local user. IBM X-F...
VMware vRealize Automation (7.3 and 7.2) and vSphere Integrated Containers (1.x before 1.3) contain a deserialization vulnerability via Xenon. Success...
VMware AirWatch Console (9.2.x before 9.2.2 and 9.1.x before 9.1.5) contains a Cross Site Request Forgery vulnerability when accessing the App Catalog...
IBM Content Navigator 2.0 and 3.0 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could expl...
Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an unauthenticated remote code execution. An unauthenticated rem...
Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to a login command which allowed impersonating any Jenkins user. Th...
Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an XStream: Java crash when trying to instantiate void/Void.
Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an issue in the Jenkins user database authentication realm: crea...
Apache POI in versions prior to release 3.17 are vulnerable to Denial of Service Attacks: 1) Infinite Loops while parsing crafted WMF, EMF, MSG and ma...
In ZZIPlib 0.13.67, 0.13.66, 0.13.65, 0.13.64, 0.13.63, 0.13.62, 0.13.61, 0.13.60, 0.13.59, 0.13.58, 0.13.57 and 0.13.56 there is a segmentation fault...
Monstra CMS through 3.0.4 has an incomplete "forbidden types" list that excludes .php (and similar) file extensions but not the .pht or .phar extensio...
iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices have a hardcoded password of admin for the admin account, a hardcoded password of support for t...
iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices allow remote authenticated users to execute arbitrary OS commands via shell metacharacters in t...
A denial of service flaw was found in miekg-dns before 1.0.4. A remote attacker could use carefully timed TCP packets to block the DNS server from acc...
Several rest inline action resources of Atlassian Activity Streams before version 6.3.0 allows remote authenticated attackers to watch any Confluence ...
The WStr::assign function in kso.dll in Kingsoft WPS Office 10.1.0.7106 and 10.2.0.5978 does not validate the size of the source memory block before a...
A cross-site request forgery web vulnerability has been discovered on Netis WF2419 V2.2.36123 devices. A remote attacker is able to delete Address Res...
The filter_slice function in libavfilter/vf_transpose.c in FFmpeg through 3.4.1 allows remote attackers to cause a denial of service (out-of-array acc...
Apsis Pound before 2.8a allows request smuggling via crafted headers, a different vulnerability than CVE-2005-3751.
A vulnerability in the Secure Sockets Layer (SSL) VPN functionality of the Cisco Adaptive Security Appliance (ASA) Software could allow an unauthentic...
An exploitable out of bounds write vulnerability exists in version 2.2 of the Per Face Texture mapping application known as PTEX. The vulnerability is...
FreePBX 10.13.66-32bit and 14.0.1.24 (SNG7-PBX-64bit-1712-2) allow post-authentication SQL injection via the order parameter. NOTE: the vendor dispute...
MantisBT 2.10.0 allows local users to conduct SQL Injection attacks via the vendor/adodb/adodb-php/server.php sql parameter in a request to the 127.0....
SQL Injection exists in the Visual Calendar 3.1.3 component for Joomla! via the id parameter in a view=load action.
Directory Traversal exists in the Picture Calendar 3.1.4 component for Joomla! via the list.php folder parameter.
SQL Injection exists in the CP Event Calendar 3.0.1 component for Joomla! via the id parameter in a task=load action.
Heap-based buffer overflow in the NCompress::NShrink::CDecoder::CodeReal method in 7-Zip before 18.00 and p7zip allows remote attackers to cause a den...
Multiple heap-based buffer overflows in the eSap software platform in Huawei Campus S9300, S7700, S9700, S5300, S5700, S6300, and S6700 series switche...
/goform/setLang on iBall 300M devices with "iB-WRB302N_1.0.1-Sep 8 2017" firmware has Unauthenticated Stored Cross Site Scripting via the lang paramet...
In Joomla! before 3.8.4, the lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the Hathor postinstall me...
In Joomla! before 3.8.4, inadequate input filtering in com_fields leads to an XSS vulnerability in multiple field types, i.e., list, radio, and checkb...
In Joomla! before 3.8.4, inadequate input filtering in the Uri class (formerly JUri) leads to an XSS vulnerability.
In Joomla! before 3.8.4, lack of escaping in the module chromes leads to XSS vulnerabilities in the module system.
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could provide weaker than expected security when using the Administrative Console. An authenti...
An issue was discovered in Mahara before 18.10.0. It mishandled user requests that could discontinue a user's ability to maintain their own account (c...
zxpdf in xpdf before 3.02-19 as packaged in Debian unstable and 3.02-12+squeeze1 as packaged in Debian squeeze deletes temporary files insecurely, whi...
BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting file storage service (FileStorageService) on port 9010. This service conta...
BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting configuration service (ConfigurationService) on port 9010. This service co...
An Improper Validation of Integrity Check Value issue was discovered in PHOENIX CONTACT mGuard firmware versions 7.2 to 8.6.0. mGuard devices rely on ...
A cross-site scripting (XSS) vulnerability in admin/partials/wp-splashing-admin-sidebar.php in the Splashing Images plugin (wp-splashing-images) befor...
admin/partials/wp-splashing-admin-main.php in the Splashing Images plugin (wp-splashing-images) before 2.1.1 for WordPress allows authenticated (admin...
In the ReadDCMImage function in coders/dcm.c in ImageMagick before 7.0.7-23, each redmap, greenmap, and bluemap variable can be overwritten by a new p...
The function ParseVP9SuperFrameIndex in common/libwebm_util.cc in libwebm through 2018-01-30 does not validate the child_frame_length data obtained fr...
An issue was discovered on Conceptronic CIPCAMPTIWL V3 0.61.30.21 devices. An unauthenticated attacker can crash a device by sending a POST request wi...
An issue was discovered on Conceptronic CIPCAMPTIWL V3 0.61.30.21 devices. CSRF exists in hy-cgi/user.cgi, as demonstrated by changing an administrato...
In the function sbusfb_ioctl_helper() in drivers/video/fbdev/sbuslib.c in the Linux kernel through 4.15, an integer signedness error allows arbitrary ...
OpenFlow Plugin and OpenDayLight Controller versions Nitrogen, Carbon, Boron, Robert Varga, Anil Vishnoi contain a flaw when multiple 'expired' flows ...
When parsing the AIA-Extension field of a client certificate, Apache Tomcat Native Connector 1.2.0 to 1.2.14 and 1.1.23 to 1.1.34 did not correctly ha...
As part of the fix for bug 61201, the documentation for Apache Tomcat 9.0.0.M22 to 9.0.1, 8.5.16 to 8.5.23, 8.0.45 to 8.0.47 and 7.0.79 to 7.0.82 incl...
The 'crowd-application' plugin module (notably used by the Google Apps plugin) in Atlassian Crowd from version 1.5.0 before version 3.1.2 allowed an a...
In glibc 2.26 and earlier there is confusion in the usage of getcwd() by realpath() which can be used to write before the destination buffer leading t...
IBM Remote Control v9 could allow a local user to use the component to replace files to which he does not have write access and which he can cause to ...
IBM DataPower Gateways 7.1, 7,2, 7.5, and 7.6 could allow an attacker using man-in-the-middle techniques to spoof DNS responses to perform DNS cache p...
In Center for Internet Security CIS-CAT Pro Dashboard before 1.0.4, an authenticated user is able to change an administrative user's e-mail address an...
Unquoted Windows search path vulnerability in NSClient++ before 0.4.1.73 allows non-privileged local users to execute arbitrary code with elevated pri...
Hotspot Shield runs a webserver with a static IP address 127.0.0.1 and port 895. The web server uses JSONP and hosts sensitive information including c...
Eventum before 2.3.5 allows remote attackers to reinstall the application via direct request to /setup/index.php.
htdocs/setup/index.php in Eventum before 2.3.5 allows remote attackers to inject and execute arbitrary PHP code via the hostname parameter.
In Iolo System Shield AntiVirus and AntiSpyware 5.0.0.136, the amp.sys driver file contains an Arbitrary Write vulnerability due to not validating inp...
Insufficient exception handling in the method NCompress::NRar3::CDecoder::Code of 7-Zip before 18.00 and p7zip can lead to multiple memory corruptions...
Tracker PDF-XChange Viewer and Viewer AX SDK before 2.5.322.8 mishandle conversion from YCC to RGB colour spaces by calculating on the basis of 1 bpc ...
Simditor v2.3.11 allows XSS via crafted use of svg/onload=alert in a TEXTAREA element, as demonstrated by Firefox 54.0.1.
The PropertyHive plugin before 1.4.15 for WordPress has XSS via the body parameter to includes/admin/views/html-preview-applicant-matches-email.php.
In SUPERAntiSpyware Professional Trial 6.0.1254, the driver file (SASKUTIL.SYS) allows local users to cause a denial of service (BSOD) or possibly hav...
In SUPERAntiSpyware Professional Trial 6.0.1254, the driver file (SASKUTIL.SYS) allows local users to cause a denial of service (BSOD) or possibly hav...
In SUPERAntiSpyware Professional Trial 6.0.1254, the driver file (SASKUTIL.SYS) allows local users to cause a denial of service (BSOD) or possibly hav...
In SUPERAntiSpyware Professional Trial 6.0.1254, the driver file (SASKUTIL.SYS) allows local users to cause a denial of service (BSOD) or possibly hav...
In SUPERAntiSpyware Professional Trial 6.0.1254, SUPERAntiSpyware.exe allows DLL hijacking, leading to Escalation of Privileges.
In SUPERAntiSpyware Professional Trial 6.0.1254, the SASKUTIL.SYS driver allows privilege escalation to NT AUTHORITY\SYSTEM because of not validating ...
Improper administrator IP validation after his login in the HTTPd server in all current versions (<= 3.0.0.4.380.7743) of Asus asuswrt allows an unaut...
Highly predictable session tokens in the HTTPd server in all current versions (<= 3.0.0.4.380.7743) of Asus asuswrt allow gaining administrative route...
Multiple buffer overflow vulnerabilities exist in the HTTPd server in Asus asuswrt version <=3.0.0.4.376.X. All have been fixed in version 3.0.0.4.378...
Password are stored in plaintext in nvram in the HTTPd server in all current versions (<= 3.0.0.4.380.7743) of Asus asuswrt.
The arq_updater binary in Arq 5.10 and earlier for Mac allows local users to write to arbitrary files and consequently gain root privileges via a craf...
The standardrestorer binary in Arq 5.10 and earlier for Mac allows local users to write to arbitrary files and consequently gain root privileges via a...
Integer overflow in the macro ROUND_UP (n, d) in Quick Emulator (Qemu) allows a user to cause a denial of service (Qemu process crash).
A vulnerability in the IPv6 subsystem of Cisco IOS XR Software Release 5.3.4 for the Cisco Aggregation Services Router (ASR) 9000 Series could allow a...
An issue was discovered on Netwave IP Camera devices. An unauthenticated attacker can crash a device by sending a POST request with a huge body size t...
A type confusion issue was discovered in CCN-lite 2, leading to a memory access violation and a failure of the nonce feature (which, for example, help...
The GUI component (aka PulseUI) in Pulse Secure Desktop Linux clients before PULSE5.2R9.2 and 5.3.x before PULSE5.3R4.2 does not perform strict SSL Ce...
The vhci_hcd driver in the Linux Kernel before version 4.14.8 and 4.4.114 allows allows local attackers to disclose kernel memory addresses. Successfu...
The "get_pipe()" function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 allows attackers to cause a den...
The "stub_recv_cmd_submit()" function (drivers/usb/usbip/stub_rx.c) in the Linux Kernel before version 4.14.8, 4.9.71, and 4.4.114 when handling CMD_S...
The "stub_send_ret_submit()" function (drivers/usb/usbip/stub_tx.c) in the Linux Kernel before version 4.14.8, 4.9.71, 4.1.49, and 4.4.107 allows atta...