CVE Vulnerabilities

The 404-to-301 plugin before 2.0.3 for WordPress has SQL injection.

Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.

D-Link DIR-865L has PHP File Inclusion in the router xml file.

Milesight IP security cameras through 2016-11-14 have a default root password in /etc/shadow that is the same across different customers' installations.

Milesight IP security cameras through 2016-11-14 allow remote attackers to bypass authentication and access a protected resource by simultaneously making a request for the unprotected vb.htm resource.

Milesight IP security cameras through 2016-11-14 have a default set of 10 privileged accounts with hardcoded credentials. They are accessible if the customer has not configured 10 actual user accounts...

Milesight IP security cameras through 2016-11-14 have a hardcoded SSL private key under the /etc/config directory.

Milesight IP security cameras through 2016-11-14 have a buffer overflow in a web application via a long username or password.

Zend Framework before 2.2.10 and 2.3.x before 2.3.5 has Potential SQL injection in PostgreSQL Zend\Db adapter.

clonos.php in ClonOS WEB control panel 19.09 allows remote attackers to gain full access via change password requests because there is no session management.

In Craft CMS through 3.1.7, the elevated session password prompt was not being rate limited like normal login forms, leading to the possibility of a brute force attempt on them.

An issue was discovered on Fujitsu Wireless Keyboard Set LX390 GK381 devices. Because of the lack of proper encryption of 2.4 GHz communication, they are prone to keystroke injection attacks.

TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow triggerPort OS Command Injection (issue 5 of 5).

TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow serviceName OS Command Injection (issue 4 of 5).

TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow portMappingProtocol OS Command Injection (issue 3 of 5).

TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow internalPort OS Command Injection (issue 2 of 5).

TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n allow externalPort OS Command Injection (issue 1 of 5).

A remote code execution vulnerability exists in MapR CLDB code, specifically in the JSON framework that is used in the CLDB code that handles login and ticket issuance. An attacker can use the 'class'...

A Server Side Request Forgery (SSRF) vulnerability in FaviconServlet.java in Ignite Realtime Openfire through 4.4.2 allows attackers to send arbitrary HTTP GET requests.

Sourcecodester Hotel and Lodge Management System 1.0 is vulnerable to unauthenticated SQL injection and can allow remote attackers to execute arbitrary SQL commands via the id parameter to the edit pa...

Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and ear...

Creative Cloud Desktop Application version 4.6.1 and earlier versions have Security Bypass vulnerability. Successful exploitation could lead to Privilege Escalation in the context of the current user.

An issue was discovered on Xiaomi Mi WiFi R3G devices before 2.28.23-stable. The backup file is in tar.gz format. After uploading, the application uses the tar zxf command to decompress, so one can co...

AdPlug 2.3.1 has a double free in the Cu6mPlayer class in u6m.h.

A heap buffer overflow bug in libpl_droidsonroids_gif before 1.2.19, as used in WhatsApp for Android before version 2.19.291 could allow remote attackers to execute arbitrary code or cause a denial of...

Sourcecodester Online Grading System 1.0 is vulnerable to unauthenticated SQL injection and can allow remote attackers to execute arbitrary SQL commands via the student, instructor, department, room, ...

In JetBrains Space through 2020-04-22, the password authentication implementation was insecure.

Adobe Download Manager versions 2.0.0.363 have an insecure file permissions vulnerability. Successful exploitation could lead to privilege escalation.

The uppy npm package < 1.9.3 is vulnerable to a Server-Side Request Forgery (SSRF) vulnerability, which allows an attacker to scan local or external network or otherwise interact with internal systems...

Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusion Middleware (component: ADF Faces). Supported versions that are affected are 11.1.1.9.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploi...

ThinVNC 1.0b1 is vulnerable to arbitrary file read, which leads to a compromise of the VNC server. The vulnerability exists even when authentication is turned on during the deployment of the VNC serve...

HP LaserJet, PageWide, OfficeJet Enterprise, and LaserJet Managed Printers have a solution to check application signature that may allow potential execution of arbitrary code.

ReportLab through 3.5.26 allows remote code execution because of toColor(eval(arg)) in colors.py, as demonstrated by a crafted XML document with '<span color="' followed by arbitrary Python code.

NETGEAR JNR1010 devices before 1.0.0.32 have Incorrect Access Control because the ok value of the auth cookie is a special case.

qibosoft 7 allows remote code execution because do/jf.php makes eval calls. The attacker can use the Point Introduction Management feature to supply PHP code to be evaluated. Alternatively, the attack...

Live555 before 2019.08.16 has a Use-After-Free because GenericMediaServer::createNewClientSessionWithId can generate the same client session ID in succession, which is mishandled by the MPEG1or2 and M...

In the Rapid Gator application 0.7.1 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat.

An issue was discovered in Zoho ManageEngine OpManager before 12.4 build 124089. The OPMDeviceDetailsServlet servlet is prone to SQL injection. Depending on the configuration, this vulnerability could...

In MiniShare 1.4.1, there is a stack-based buffer overflow via an HTTP CONNECT request, which allows an attacker to achieve arbitrary code execution, a similar issue to CVE-2018-19862 and CVE-2018-198...

In the Dark Horse Comics application 1.3.21 for Android, token information (equivalent to the username and password) is stored in the log during authentication, and may be available to attackers via l...

In the PowerSchool Mobile application 1.1.8 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat.

In the Seesaw Parent and Family application 6.2.5 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat.

Calibre-Web 0.6.6 allows authentication bypass because of the 'A0Zr98j/3yX R~XHH!jmN]LWX/,?RT' hardcoded secret key.

In the DoorDash application through 11.5.2 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat.

Intelbras IWR 1000N 1.6.4 devices allow disclosure of the administrator login name and password because v1/system/user is mishandled.

Connect2id Nimbus JOSE+JWT before v7.9 can throw various uncaught exceptions while parsing a JWT, which could result in an application crash (potential information disclosure) or a potential authentic...

AutoPi Wi-Fi/NB and 4G/LTE devices before 2019-10-15 allows an attacker to perform a brute-force attack or dictionary attack to gain access to the WiFi network, which provides root access to the devic...

Certain D-Link products are affected by: Buffer Overflow. This affects DIR-880L 1.08B04 and DIR-895 L/R 1.13b03. The impact is: execute arbitrary code (remote). The component is: htdocs/fileaccess.cgi...

tonyy dormsystem through 1.3 allows SQL Injection in admin.php.

In the Orbitz application 19.31.1 for Android, the username and password are stored in the log during authentication, and may be available to attackers via logcat.