Vulnerabilites CVE

An issue in IIT Bombay, Mumbai, India Bodhitree of cs101 version allows a remote attacker to execute arbitrary code.

An attacker sending specially crafted data packets to the Mobile Device Server can cause memory corruption which could result to a Denial of Service (DoS) or code execution.

A template injection vulnerability in the Dashboard of NASA Fprime v3.4.3 allows attackers to execute arbitrary code via uploading a crafted Vue file.

An issue in BL-AC2100 <=V1.0.4 allows a remote attacker to execute arbitrary code via the time1 and time2 parameters in the set_LimitClient_cfg of the goahead webservice.

Redpanda before 23.1.21 and 23.2.x before 23.2.18 has missing authorization checks in the Transactions API.

In Indo-Sol PROFINET-INspektor NT through 2.4.0, a command injection vulnerability in the gedtupdater service of the firmware allows remote attackers to execute arbitrary system commands with root pri...

Hitron CODA-4582 and CODA-4589 devices have default PSKs that are generated from 5-digit hex values concatenated with a "Hitron" substring, resulting in insufficient entropy (only about one million po...

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight Syst...

A Heap Overflow vulnerability in WLInfoRailService component of Ivanti Avalanche before 6.4.3 allows a remote unauthenticated attacker to execute arbitrary commands

Nagios XI before version 5.11.3 was discovered to contain a remote code execution (RCE) vulnerability via the component command_test.php.

ESPCMS P8.21120101 was discovered to contain a remote code execution (RCE) vulnerability in the component UPFILE_PIC_ZOOM_HIGHT.

ESPCMS P8.21120101 was discovered to contain a remote code execution (RCE) vulnerability in the component INPUT_ISDESCRIPTION.

ESPCMS P8.21120101 was discovered to contain a remote code execution (RCE) vulnerability in the component IS_GETCACHE.

A JQuery Unrestricted Arbitrary File Upload vulnerability was discovered in Hospital Management System V4.0 which allows an unauthenticated attacker to upload any file to the server.

AyaCMS v3.1.2 was discovered to contain an arbitrary file upload vulnerability via the component /admin/fst_upload.inc.php. This vulnerability allows attackers to execute arbitrary code via a crafted ...

An issue in flusity CMS v2.33 allows a remote attacker to execute arbitrary code via the add_addon.php component.

VMware Aria Operations for Logs contains an authentication bypass vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can resul...

Pi-Star_DV_Dash (for Pi-Star DV) before 5aa194d mishandles the module parameter.

D-Link DIR-822+ V1.0.5 was found to contain a command injection in ftext function of upload_firmware.cgi, which allows remote attackers to execute arbitrary commands via shell.

SQL Injection vulnerability in /event-management-master/backend/register.php in PuneethReddyHC Event Management 1.0 allows attackers to run arbitrary SQL commands via the event_id parameter in a craft...

Zoho ManageEngine Password Manager Pro before 12122, PAM360 before 5711, and Access Manager Plus before 4306 allow SQL Injection.

File Upload vulnerability index.php in Pichome v.1.1.01 allows a remote attacker to execute arbitrary code via crafted POST request.

Zoho ManageEngine Password Manager Pro before 12122, PAM360 before 5711, and Access Manager Plus before 4306 allow SQL Injection (in a different software component relative to CVE-2022-43671.

A security filter misconfiguration exists in VMware Hyperic Server 5.8.6. Exploitation of this vulnerability enables a malicious party to bypass some authentication requirements when issuing requests ...

janryWang products depath v1.0.6 and cool-path v1.1.2 were discovered to contain a prototype pollution via the set() method at setIn (lib/index.js:90). This vulnerability allows attackers to execute a...

libmodbus v3.1.10 has a heap-based buffer overflow vulnerability in read_io_status function in src/modbus.c.

Memory safety bugs present in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could ...

If Windows failed to duplicate a handle during process creation, the sandbox code may have inadvertently freed a pointer twice, resulting in a use-after-free and a potentially exploitable crash. *This...

A hashtable in the Ion Engine could have been mutated while there was a live interior reference, leading to a potential use-after-free and exploitable crash. This vulnerability affects Firefox < 118.

A compromised content process could have provided malicious data to `FilterNodeD2D1` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. *This bug ...

During process shutdown, it was possible that an `ImageBitmap` was created that would later be used after being freed from a different codepath, leading to a potentially exploitable crash. This vulner...

Netgear DC112A V1.0.0.64 has an OS command injection vulnerability in the usb_adv.cgi, which allows remote attackers to execute arbitrary commands via parameter "deviceName" passed to the binary throu...

The Texas Instruments (TI) WiLink WL18xx MCP driver does not limit the number of information elements (IEs) of type XCC_EXT_1_IE_ID or XCC_EXT_2_IE_ID that can be parsed in a management frame. Using a...

PaperCut NG and PaperCut MF before 22.1.3 on Windows allow path traversal, enabling attackers to upload, read, or delete arbitrary files. This leads to remote code execution when external device integ...

The tagDiv Composer WordPress plugin before 3.5, required by the Newspaper WordPress theme before 12.1 and Newsmag WordPress theme before 5.2.2, does not properly implement the Facebook login feature,...

An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/smb2pdu.c in ksmbd has an integer underflow and out-of-bounds read in deassemble_neg_contexts.

A SQL injection vulnerability in the Boxtal (envoimoinscher) module for PrestaShop, after version 3.1.10, allows remote attackers to execute arbitrary SQL commands via the `key` GET parameter.

The WPForms Pro WordPress plugin before 1.7.7 does not validate its form data when generating the exported CSV, which could lead to CSV injection.

A deserialization of untrusted data exists in EPM 2022 Su3 and all prior versions that allows an unauthenticated user to elevate rights. This exploit could potentially be used in conjunction with othe...

An Eval Injection issue was discovered in Znuny through 7.1.3. A user with write access to the configuration file can use this to execute a command executed by the user running the backup.pl script.

Memory safety bugs present in Firefox 113. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code....

In the PrestaShop < 2.4.3 module "Length, weight or volume sell" (ailinear) there is a SQL injection vulnerability.

SQL Injection vulnerability in Employee Management System v1.0 allows attackers to run arbitrary SQL commands via the admin_id parameter in update-admin.php.

patrickfuller camp up to and including commit bbd53a256ed70e79bd8758080936afbf6d738767 is vulnerable to Incorrect Access Control. Access to the password.txt file is not properly restricted as it is in...

In Spring Boot versions 3.0.0 - 3.0.5, 2.7.0 - 2.7.10, and older unsupported versions, an application that is deployed to Cloud Foundry could be susceptible to a security bypass. Users of affected ver...

Command injection vulnerability found in Tenda G103 v.1.0.0.5 allows attacker to execute arbitrary code via a the language parameter.

Certain Lexmark devices through 2023-02-19 mishandle Input Validation (issue 2 of 4).

A Java insecure deserialization vulnerability in Adobe LiveCycle ES4 version 11.0 and earlier allows unauthenticated remote attackers to gain operating system code execution by submitting specially cr...

An issue in the component /network_config/nsg_masq.cgi of DCN (Digital China Networks) DCBI-Netlog-LAB v1.0 allows attackers to bypass authentication and execute arbitrary commands via a crafted reque...

Tasmota before commit 066878da4d4762a9b6cb169fdf353e804d735cfd was discovered to contain a stack overflow via the ClientPortPtr parameter at lib/libesp32/rtsp/CRtspSession.cpp.