Vulnerabilities (CVE)

Filtered by CWE-20

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 753 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2016-1209	1 Ninjaforms	1 Ninja Forms	2016-06-23	7.5 HIGH	9.8 CRITICAL
The Ninja Forms plugin before 2.9.42.1 for WordPress allows remote attackers to conduct PHP object injection attacks via crafted serialized values in a POST request.
CVE-2016-4165	1 Adobe	1 Brackets	2016-06-17	10.0 HIGH	9.8 CRITICAL
The extension manager in Adobe Brackets before 1.7 allows attackers to have an unspecified impact via invalid input.
CVE-2016-4368	1 Hp	3 Universal Cmbd Configuration Manager, Universal Cmbd Foundation, Universal Discovery	2016-06-10	7.5 HIGH	9.8 CRITICAL
HPE Universal CMDB 10.0 through 10.21, Universal CMDB Configuration Manager 10.0 through 10.21, and Universal Discovery 10.0 through 10.21 allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library.