Search
Total
17685 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-6170 | 1 Genexis | 2 Platinum-4410, Platinum-4410 Firmware | 2022-01-01 | 5.0 MEDIUM | 9.8 CRITICAL |
| An authentication bypass vulnerability on Genexis Platinum-4410 v2.1 P4410-V2 1.28 devices allows attackers to obtain cleartext credentials from the HTML source code of the cgi-bin/index2.asp URI. | |||||
| CVE-2019-18609 | 4 Canonical, Debian, Fedoraproject and 1 more | 4 Ubuntu Linux, Debian Linux, Fedora and 1 more | 2022-01-01 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in amqp_handle_input in amqp_connection.c in rabbitmq-c 0.9.0. There is an integer overflow that leads to heap memory corruption in the handling of CONNECTION_STATE_HEADER. A rogue server could return a malicious frame header that leads to a smaller target_size value than needed. This condition is then carried on to a memcpy function that copies too much data into a heap buffer. | |||||
| CVE-2020-8515 | 1 Draytek | 6 Vigor2960, Vigor2960 Firmware, Vigor300b and 3 more | 2022-01-01 | 10.0 HIGH | 9.8 CRITICAL |
| DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices allow remote code execution as root (without authentication) via shell metacharacters to the cgi-bin/mainfunction.cgi URI. This issue has been fixed in Vigor3900/2960/300B v1.5.1. | |||||
| CVE-2020-3934 | 1 Secom | 2 Dr.id Access Control, Dr.id Attendance System | 2022-01-01 | 7.5 HIGH | 9.8 CRITICAL |
| TAIWAN SECOM CO., LTD., a Door Access Control and Personnel Attendance Management system, contains a vulnerability of Pre-auth SQL Injection, allowing attackers to inject a specific SQL command. | |||||
| CVE-2020-8656 | 1 Eyesofnetwork | 1 Eyesofnetwork | 2022-01-01 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in EyesOfNetwork 5.3. The EyesOfNetwork API 2.4.2 is prone to SQL injection, allowing an unauthenticated attacker to perform various tasks such as authentication bypass via the username field to getApiKey in include/api_functions.php. | |||||
| CVE-2020-8657 | 1 Eyesofnetwork | 1 Eyesofnetwork | 2022-01-01 | 5.0 MEDIUM | 9.8 CRITICAL |
| An issue was discovered in EyesOfNetwork 5.3. The installation uses the same API key (hardcoded as EONAPI_KEY in include/api_functions.php for API version 2.4.2) by default for all installations, hence allowing an attacker to calculate/guess the admin access token. | |||||
| CVE-2020-8518 | 3 Debian, Fedoraproject, Horde | 3 Debian Linux, Fedora, Groupware | 2022-01-01 | 7.5 HIGH | 9.8 CRITICAL |
| Horde Groupware Webmail Edition 5.2.22 allows injection of arbitrary PHP code via CSV data, leading to remote code execution. | |||||
| CVE-2020-8427 | 1 Unitrends | 1 Backup | 2022-01-01 | 7.5 HIGH | 9.8 CRITICAL |
| In Unitrends Backup before 10.4.1, an HTTP request parameter was not properly sanitized, allowing for SQL injection that resulted in an authentication bypass. | |||||
| CVE-2020-7209 | 1 Hp | 1 Linuxki | 2022-01-01 | 7.5 HIGH | 9.8 CRITICAL |
| LinuxKI v6.0-1 and earlier is vulnerable to an remote code execution which is resolved in release 6.0-2. | |||||
| CVE-2020-4213 | 1 Ibm | 1 Spectrum Protect | 2022-01-01 | 10.0 HIGH | 9.8 CRITICAL |
| IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the system. IBM X-Force ID: 175024. | |||||
| CVE-2020-4212 | 2 Ibm, Linux | 2 Spectrum Protect, Linux Kernel | 2022-01-01 | 10.0 HIGH | 9.8 CRITICAL |
| IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the system. IBM X-Force ID: 175023. | |||||
| CVE-2020-4211 | 2 Ibm, Linux | 2 Spectrum Protect, Linux Kernel | 2022-01-01 | 10.0 HIGH | 9.8 CRITICAL |
| IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the system. IBM X-Force ID: 175022. | |||||
| CVE-2020-4210 | 2 Ibm, Linux | 2 Spectrum Protect, Linux Kernel | 2022-01-01 | 10.0 HIGH | 9.8 CRITICAL |
| IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the system. IBM X-Force ID: 175020. | |||||
| CVE-2019-18183 | 2 Fedoraproject, Pacman Project | 2 Fedora, Pacman | 2022-01-01 | 6.8 MEDIUM | 9.8 CRITICAL |
| pacman before 5.2 is vulnerable to arbitrary command injection in lib/libalpm/sync.c in the apply_deltas() function. This can be exploited when unsigned databases are used. To exploit the vulnerability, the user must enable the non-default delta feature and retrieve an attacker-controlled crafted database and delta file. | |||||
| CVE-2020-9355 | 2 Debian, Networkmanager-ssh Project | 2 Debian Linux, Networkmanager-ssh | 2022-01-01 | 7.5 HIGH | 9.8 CRITICAL |
| danfruehauf NetworkManager-ssh before 1.2.11 allows privilege escalation because extra options are mishandled. | |||||
| CVE-2020-9039 | 1 Couchbase | 1 Couchbase Server | 2022-01-01 | 7.5 HIGH | 9.8 CRITICAL |
| Couchbase Server 4.0.0, 4.1.0, 4.1.1, 4.5.0, 4.5.1, 4.6.0 through 4.6.5, 5.0.0, 5.1.1, 5.5.0 and 5.5.1 have Insecure Permissions for the projector and indexer REST endpoints (they allow unauthenticated access).The /settings REST endpoint exposed by the projector process is an endpoint that administrators can use for various tasks such as updating configuration and collecting performance profiles. The endpoint was unauthenticated and has been updated to only allow authenticated users to access these administrative APIs. | |||||
| CVE-2019-20477 | 2 Fedoraproject, Pyyaml | 2 Fedora, Pyyaml | 2022-01-01 | 7.5 HIGH | 9.8 CRITICAL |
| PyYAML 5.1 through 5.1.2 has insufficient restrictions on the load and load_all functions because of a class deserialization issue, e.g., Popen is a class in the subprocess module. NOTE: this issue exists because of an incomplete fix for CVE-2017-18342. | |||||
| CVE-2020-8768 | 1 Phoenixcontact | 4 Ilc 2050 Bi, Ilc 2050 Bi-l, Ilc 2050 Bi-l Firmware and 1 more | 2022-01-01 | 7.5 HIGH | 9.4 CRITICAL |
| An issue was discovered on Phoenix Contact Emalytics Controller ILC 2050 BI before 1.2.3 and BI-L before 1.2.3 devices. There is an insecure mechanism for read and write access to the configuration of the device. The mechanism can be discovered by examining a link on the website of the device. | |||||
| CVE-2020-9374 | 1 Tp-link | 2 Tl-wr849n, Tl-wr849n Firmware | 2022-01-01 | 7.5 HIGH | 9.8 CRITICAL |
| On TP-Link TL-WR849N 0.9.1 4.16 devices, a remote command execution vulnerability in the diagnostics area can be exploited when an attacker sends specific shell metacharacters to the panel's traceroute feature. | |||||
| CVE-2020-9366 | 1 Gnu | 1 Screen | 2022-01-01 | 7.5 HIGH | 9.8 CRITICAL |
| A buffer overflow was found in the way GNU Screen before 4.8.0 treated the special escape OSC 49. Specially crafted output, or a special program, could corrupt memory and crash Screen or possibly have unspecified other impact. | |||||
| CVE-2020-4222 | 1 Ibm | 1 Spectrum Protect | 2022-01-01 | 10.0 HIGH | 9.8 CRITICAL |
| IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary code on the system. By using a specially crafted HTTP command, an attacker could exploit this vulnerability to execute arbitrary command on the system. IBM X-Force ID: 175091. | |||||
| CVE-2020-24186 | 1 Gvectors | 1 Wpdiscuz | 2022-01-01 | 7.5 HIGH | 10.0 CRITICAL |
| A Remote Code Execution vulnerability exists in the gVectors wpDiscuz plugin 7.0 through 7.0.4 for WordPress, which allows unauthenticated users to upload any type of file, including PHP files via the wmuUploadFiles AJAX action. | |||||
| CVE-2020-5377 | 1 Dell | 1 Emc Openmanage Server Administrator | 2022-01-01 | 6.4 MEDIUM | 9.1 CRITICAL |
| Dell EMC OpenManage Server Administrator (OMSA) versions 9.4 and prior contain multiple path traversal vulnerabilities. An unauthenticated remote attacker could potentially exploit these vulnerabilities by sending a crafted Web API request containing directory traversal character sequences to gain file system access on the compromised management station. | |||||
| CVE-2020-15922 | 1 Midasolutions | 1 Eframework | 2022-01-01 | 10.0 HIGH | 9.8 CRITICAL |
| There is an OS Command Injection in Mida eFramework 2.9.0 that allows an attacker to achieve Remote Code Execution (RCE) with administrative (root) privileges. Authentication is required. | |||||
| CVE-2020-10938 | 3 Debian, Graphicsmagick, Opensuse | 4 Debian Linux, Graphicsmagick, Backports and 1 more | 2022-01-01 | 7.5 HIGH | 9.8 CRITICAL |
| GraphicsMagick before 1.3.35 has an integer overflow and resultant heap-based buffer overflow in HuffmanDecodeImage in magick/compress.c. | |||||
| CVE-2020-25412 | 1 Gnuplot Project | 1 Gnuplot | 2022-01-01 | 7.5 HIGH | 9.8 CRITICAL |
| com_line() in command.c in gnuplot 5.4 leads to an out-of-bounds-write from strncpy() that may lead to arbitrary code execution. | |||||
| CVE-2020-14315 | 1 Daemonology | 1 Bsdiff | 2022-01-01 | 7.5 HIGH | 9.8 CRITICAL |
| A memory corruption vulnerability is present in bspatch as shipped in Colin Percival’s bsdiff tools version 4.3. Insufficient checks when handling external inputs allows an attacker to bypass the sanity checks in place and write out of a dynamically allocated buffer boundaries. | |||||
| CVE-2020-25213 | 1 Webdesi9 | 1 File Manager | 2022-01-01 | 7.5 HIGH | 9.8 CRITICAL |
| The File Manager (wp-file-manager) plugin before 6.9 for WordPress allows remote attackers to upload and execute arbitrary PHP code because it renames an unsafe example elFinder connector file to have the .php extension. This, for example, allows attackers to run the elFinder upload (or mkfile and put) command to write PHP code into the wp-content/plugins/wp-file-manager/lib/files/ directory. This was exploited in the wild in August and September 2020. | |||||
| CVE-2020-26892 | 2 Fedoraproject, Linuxfoundation | 2 Fedora, Nats-server | 2022-01-01 | 7.5 HIGH | 9.8 CRITICAL |
| The JWT library in NATS nats-server before 2.1.9 has Incorrect Access Control because of how expired credentials are handled. | |||||
| CVE-2020-11800 | 3 Debian, Opensuse, Zabbix | 4 Debian Linux, Backports Sle, Leap and 1 more | 2022-01-01 | 7.5 HIGH | 9.8 CRITICAL |
| Zabbix Server 2.2.x and 3.0.x before 3.0.31, and 3.2 allows remote attackers to execute arbitrary code. | |||||
| CVE-2020-24217 | 3 Jtechdigital, Provideoinstruments, Szuray | 105 H.264 Iptv Encoder 1080p\@60hz, H.264 Iptv Encoder 1080p\@60hz Firmware, Vecaster-4k-hevc and 102 more | 2022-01-01 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the box application on HiSilicon based IPTV/H.264/H.265 video encoders. The file-upload endpoint does not enforce authentication. Attackers can send an unauthenticated HTTP request to upload a custom firmware component, possibly in conjunction with command injection, to achieve arbitrary code execution. | |||||
| CVE-2021-32305 | 1 Websvn | 1 Websvn | 2022-01-01 | 10.0 HIGH | 9.8 CRITICAL |
| WebSVN before 2.6.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the search parameter. | |||||
| CVE-2021-43907 | 1 Microsoft | 1 Windows Subsystem For Linux | 2022-01-01 | 10.0 HIGH | 9.8 CRITICAL |
| Visual Studio Code WSL Extension Remote Code Execution Vulnerability | |||||
| CVE-2021-43905 | 1 Microsoft | 1 Office | 2022-01-01 | 6.8 MEDIUM | 9.6 CRITICAL |
| Microsoft Office app Remote Code Execution Vulnerability | |||||
| CVE-2020-1731 | 1 Redhat | 1 Keycloak Operator | 2022-01-01 | 7.5 HIGH | 9.8 CRITICAL |
| A flaw was found in all versions of the Keycloak operator, before version 8.0.2,(community only) where the operator generates a random admin password when installing Keycloak, however the password remains the same when deployed to the same OpenShift namespace. | |||||
| CVE-2019-18182 | 2 Fedoraproject, Pacman Project | 2 Fedora, Pacman | 2021-12-30 | 6.8 MEDIUM | 9.8 CRITICAL |
| pacman before 5.2 is vulnerable to arbitrary command injection in conf.c in the download_with_xfercommand() function. This can be exploited when unsigned databases are used. To exploit the vulnerability, the user must enable a non-default XferCommand and retrieve an attacker-controlled crafted database and package. | |||||
| CVE-2021-36779 | 1 Linuxfoundation | 1 Longhorn | 2021-12-30 | 8.3 HIGH | 9.6 CRITICAL |
| A Improper Access Control vulnerability inf SUSE Longhorn allows any workload in the cluster to execute any binary present in the image on the host without authentication. This issue affects: SUSE Longhorn longhorn versions prior to 1.1.3; longhorn versions prior to 1.2.3. | |||||
| CVE-2021-43527 | 1 Mozilla | 2 Nss, Nss Esr | 2021-12-29 | 7.5 HIGH | 9.8 CRITICAL |
| NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or RSA-PSS signatures. Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS \#7, or PKCS \#12 are likely to be impacted. Applications using NSS for certificate validation or other TLS, X.509, OCSP or CRL functionality may be impacted, depending on how they configure NSS. *Note: This vulnerability does NOT impact Mozilla Firefox.* However, email clients and PDF viewers that use NSS for signature verification, such as Thunderbird, LibreOffice, Evolution and Evince are believed to be impacted. This vulnerability affects NSS < 3.73 and NSS < 3.68.1. | |||||
| CVE-2021-22657 | 1 Myscada | 1 Mypro | 2021-12-29 | 7.5 HIGH | 9.8 CRITICAL |
| mySCADA myPRO: Versions 8.20.0 and prior has a feature where the API password can be specified, which may allow an attacker to inject arbitrary operating system commands through a specific parameter. | |||||
| CVE-2021-43981 | 1 Myscada | 1 Mypro | 2021-12-29 | 7.5 HIGH | 9.8 CRITICAL |
| mySCADA myPRO: Versions 8.20.0 and prior has a feature to send emails, which may allow an attacker to inject arbitrary operating system commands through a specific parameter. | |||||
| CVE-2021-23198 | 1 Myscada | 1 Mypro | 2021-12-29 | 7.5 HIGH | 9.8 CRITICAL |
| mySCADA myPRO: Versions 8.20.0 and prior has a feature where the password can be specified, which may allow an attacker to inject arbitrary operating system commands through a specific parameter. | |||||
| CVE-2021-43984 | 1 Myscada | 1 Mypro | 2021-12-29 | 7.5 HIGH | 9.8 CRITICAL |
| mySCADA myPRO: Versions 8.20.0 and prior has a feature where the firmware can be updated, which may allow an attacker to inject arbitrary operating system commands through a specific parameter. | |||||
| CVE-2021-43985 | 1 Myscada | 1 Mypro | 2021-12-29 | 7.5 HIGH | 9.8 CRITICAL |
| An unauthenticated remote attacker can access mySCADA myPRO Versions 8.20.0 and prior without any form of authentication or authorization. | |||||
| CVE-2021-43987 | 1 Myscada | 1 Mypro | 2021-12-29 | 7.5 HIGH | 9.8 CRITICAL |
| An additional, nondocumented administrative account exists in mySCADA myPRO Versions 8.20.0 and prior that is not exposed through the web interface, which cannot be deleted or changed through the regular web interface. | |||||
| CVE-2021-44732 | 1 Arm | 1 Mbed Tls | 2021-12-29 | 7.5 HIGH | 9.8 CRITICAL |
| Mbed TLS before 3.0.1 has a double free in certain out-of-memory conditions, as demonstrated by an mbedtls_ssl_set_session() failure. | |||||
| CVE-2018-12584 | 2 Debian, Resiprocate | 2 Debian Linux, Resiprocate | 2021-12-29 | 7.5 HIGH | 9.8 CRITICAL |
| The ConnectionBase::preparseNewBytes function in resip/stack/ConnectionBase.cxx in reSIProcate through 1.10.2 allows remote attackers to cause a denial of service (buffer overflow) or possibly execute arbitrary code when TLS communication is enabled. | |||||
| CVE-2021-43466 | 1 Thymeleaf | 1 Thymeleaf | 2021-12-28 | 6.8 MEDIUM | 9.8 CRITICAL |
| In the thymeleaf-spring5:3.0.12 component, thymeleaf combined with specific scenarios in template injection may lead to remote code execution. | |||||
| CVE-2019-7653 | 1 Rdflib Project | 1 Rdflib | 2021-12-28 | 7.5 HIGH | 9.8 CRITICAL |
| The Debian python-rdflib-tools 4.2.2-1 package for RDFLib 4.2.2 has CLI tools that can load Python modules from the current working directory, allowing code injection, because "python -m" looks in this directory, as demonstrated by rdf2dot. This issue is specific to use of the debian/scripts directory. | |||||
| CVE-2021-44031 | 1 Quest | 1 Kace Desktop Authority | 2021-12-28 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Quest KACE Desktop Authority before 11.2. /dacomponentui/profiles/profileitems/outlooksettings/Insertimage.aspx contains a vulnerability that could allow pre-authentication remote code execution. An attacker could upload a .ASP file to reside at /images/{GUID}/{filename}. | |||||
| CVE-2021-43157 | 1 Projectworlds | 1 Online Shopping System In Php | 2021-12-28 | 7.5 HIGH | 9.8 CRITICAL |
| Projectsworlds Online Shopping System PHP 1.0 is vulnerable to SQL injection via the id parameter in cart_remove.php. | |||||