Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-9425 | 1 Tats | 1 W3m | 2023-12-29 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Heap-based buffer overflow in the addMultirowsForm function in w3m allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML page. | |||||
| CVE-2016-9424 | 1 Tats | 1 W3m | 2023-12-29 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. w3m doesn't properly validate the value of tag attribute, which allows remote attackers to cause a denial of service (heap buffer overflow crash) and possibly execute arbitrary code via a crafted HTML page. | |||||
| CVE-2016-9423 | 1 Tats | 1 W3m | 2023-12-29 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. Heap-based buffer overflow in w3m allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted HTML page. | |||||
| CVE-2016-9422 | 1 Tats | 1 W3m | 2023-12-29 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in the Tatsuya Kinoshita w3m fork before 0.5.3-31. The feed_table_tag function in w3m doesn't properly validate the value of table span, which allows remote attackers to cause a denial of service (stack and/or heap buffer overflow) and possibly execute arbitrary code via a crafted HTML page. | |||||
| CVE-2023-31455 | 1 Pexip | 1 Pexip Infinity | 2023-12-29 | N/A | 7.5 HIGH |
| Pexip Infinity before 31.2 has Improper Input Validation for RTCP, allowing remote attackers to trigger an abort. | |||||
| CVE-2023-31289 | 1 Pexip | 1 Pexip Infinity | 2023-12-29 | N/A | 7.5 HIGH |
| Pexip Infinity before 31.2 has Improper Input Validation for signalling, allowing remote attackers to trigger an abort. | |||||
| CVE-2023-49088 | 1 Cacti | 1 Cacti | 2023-12-29 | N/A | 4.8 MEDIUM |
| Cacti is an open source operational monitoring and fault management framework. The fix applied for CVE-2023-39515 in version 1.2.25 is incomplete as it enables an adversary to have a victim browser execute malicious code when a victim user hovers their mouse over the malicious data source path in `data_debug.php`. To perform the cross-site scripting attack, the adversary needs to be an authorized cacti user with the following permissions: `General Administration>Sites/Devices/Data`. The victim of this attack could be any account with permissions to view `http://<HOST>/cacti/data_debug.php`. As of time of publication, no complete fix has been included in Cacti. | |||||
| CVE-2023-49790 | 1 Nextcloud | 1 Nextcloud | 2023-12-29 | N/A | 4.3 MEDIUM |
| The Nextcloud iOS Files app allows users of iOS to interact with Nextcloud, a self-hosted productivity platform. Prior to version 4.9.2, the application can be used without providing the 4 digit PIN code. Nextcloud iOS Files app should be upgraded to 4.9.2 to receive the patch. No known workarounds are available. | |||||
| CVE-2023-49070 | 1 Apache | 1 Ofbiz | 2023-12-29 | N/A | 9.8 CRITICAL |
| Pre-auth RCE in Apache Ofbiz 18.12.09. It's due to XML-RPC no longer maintained still present. This issue affects Apache OFBiz: before 18.12.10. Users are recommended to upgrade to version 18.12.10 | |||||
| CVE-2023-5056 | 1 Redhat | 2 Enterprise Linux, Service Interconnect | 2023-12-29 | N/A | 4.1 MEDIUM |
| A flaw was found in the Skupper operator, which may permit a certain configuration to create a service account that would allow an authenticated attacker in the adjacent cluster to view deployments in all namespaces in the cluster. This issue permits unauthorized viewing of information outside of the user's purview. | |||||
| CVE-2015-1239 | 3 Debian, Google, Uclouvain | 4 Debian Linux, Chrome, Pdfium and 1 more | 2023-12-29 | 4.3 MEDIUM | 6.5 MEDIUM |
| Double free vulnerability in the j2k_read_ppm_v3 function in OpenJPEG before r2997, as used in PDFium in Google Chrome, allows remote attackers to cause a denial of service (process crash) via a crafted PDF. | |||||
| CVE-2023-30754 | 1 Wp Foxly | 1 Adfoxly | 2023-12-29 | N/A | 6.1 MEDIUM |
| Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in AdFoxly AdFoxly – Ad Manager, AdSense Ads & Ads.Txt plugin <= 1.8.5 versions. | |||||
| CVE-2023-5115 | 2 Debian, Redhat | 5 Debian Linux, Ansible Automation Platform, Ansible Developer and 2 more | 2023-12-29 | N/A | 6.3 MEDIUM |
| An absolute path traversal attack exists in the Ansible automation platform. This flaw allows an attacker to craft a malicious Ansible role and make the victim execute the role. A symlink can be used to overwrite a file outside of the extraction path. | |||||
| CVE-2020-14297 | 1 Redhat | 6 Amq, Jboss-ejb-client, Jboss Enterprise Application Platform Continuous Delivery and 3 more | 2023-12-29 | 4.0 MEDIUM | 6.5 MEDIUM |
| A flaw was discovered in Wildfly's EJB Client as shipped with Red Hat JBoss EAP 7, where some specific EJB transaction objects may get accumulated over the time and can cause services to slow down and eventaully unavailable. An attacker can take advantage and cause denial of service attack and make services unavailable. | |||||
| CVE-2023-44481 | 1 Projectworlds | 1 Leave Management System | 2023-12-29 | N/A | 8.8 HIGH |
| Leave Management System Project v1.0 is vulnerable to multiple Authenticated SQL Injection vulnerabilities. The 'setearnleave' parameter of the admin/setleaves.php resource does not validate the characters received and they are sent unfiltered to the database. | |||||
| CVE-2021-27085 | 1 Microsoft | 3 Internet Explorer, Windows 10, Windows Server 2019 | 2023-12-29 | 7.6 HIGH | 8.8 HIGH |
| Internet Explorer Remote Code Execution Vulnerability | |||||
| CVE-2021-27084 | 1 Microsoft | 1 Visual Studio Code | 2023-12-29 | 9.3 HIGH | 7.8 HIGH |
| Visual Studio Code Java Extension Pack Remote Code Execution Vulnerability | |||||
| CVE-2021-27083 | 1 Microsoft | 1 Remote Development | 2023-12-29 | 9.3 HIGH | 7.8 HIGH |
| Remote Development Extension for Visual Studio Code Remote Code Execution Vulnerability | |||||
| CVE-2021-27082 | 1 Microsoft | 1 Quantum Development Kit | 2023-12-29 | 9.3 HIGH | 7.8 HIGH |
| Quantum Development Kit for Visual Studio Code Remote Code Execution Vulnerability | |||||
| CVE-2021-27081 | 1 Microsoft | 1 Visual Studio Code Eslint Extension | 2023-12-29 | 9.3 HIGH | 7.8 HIGH |
| Visual Studio Code ESLint Extension Remote Code Execution Vulnerability | |||||
| CVE-2021-27080 | 1 Microsoft | 1 Azure Sphere | 2023-12-29 | 7.2 HIGH | 9.3 CRITICAL |
| Azure Sphere Unsigned Code Execution Vulnerability | |||||
| CVE-2021-27076 | 1 Microsoft | 3 Business Productivity Servers, Sharepoint Foundation, Sharepoint Server | 2023-12-29 | 6.5 MEDIUM | 8.8 HIGH |
| Microsoft SharePoint Server Remote Code Execution Vulnerability | |||||
| CVE-2021-27075 | 1 Microsoft | 5 Azure Container Instances, Azure Container Registry, Azure Kubernetes Service and 2 more | 2023-12-29 | 2.7 LOW | 6.8 MEDIUM |
| Azure Virtual Machine Information Disclosure Vulnerability | |||||
| CVE-2021-27074 | 1 Microsoft | 1 Azure Sphere | 2023-12-29 | 4.9 MEDIUM | 6.2 MEDIUM |
| Azure Sphere Unsigned Code Execution Vulnerability | |||||
| CVE-2021-27066 | 1 Microsoft | 1 Windows Admin Center | 2023-12-29 | 4.0 MEDIUM | 4.3 MEDIUM |
| Windows Admin Center Security Feature Bypass Vulnerability | |||||
| CVE-2021-27062 | 1 Microsoft | 1 High Efficiency Video Coding | 2023-12-29 | 6.8 MEDIUM | 7.8 HIGH |
| HEVC Video Extensions Remote Code Execution Vulnerability | |||||
| CVE-2021-27061 | 1 Microsoft | 1 High Efficiency Video Coding | 2023-12-29 | 6.8 MEDIUM | 7.8 HIGH |
| HEVC Video Extensions Remote Code Execution Vulnerability | |||||
| CVE-2021-27060 | 1 Microsoft | 1 Visual Studio Code | 2023-12-29 | 6.8 MEDIUM | 7.8 HIGH |
| Visual Studio Code Remote Code Execution Vulnerability | |||||
| CVE-2021-27059 | 1 Microsoft | 1 Office | 2023-12-29 | 8.5 HIGH | 7.6 HIGH |
| Microsoft Office Remote Code Execution Vulnerability | |||||
| CVE-2021-27058 | 1 Microsoft | 1 365 Apps | 2023-12-29 | 9.3 HIGH | 7.8 HIGH |
| Microsoft Office ClickToRun Remote Code Execution Vulnerability | |||||
| CVE-2021-27057 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2023-12-29 | 6.8 MEDIUM | 7.8 HIGH |
| Microsoft Office Remote Code Execution Vulnerability | |||||
| CVE-2021-27056 | 1 Microsoft | 3 365 Apps, Office, Powerpoint | 2023-12-29 | 6.8 MEDIUM | 7.8 HIGH |
| Microsoft PowerPoint Remote Code Execution Vulnerability | |||||
| CVE-2021-27055 | 1 Microsoft | 3 365 Apps, Office, Visio | 2023-12-29 | 6.8 MEDIUM | 7.0 HIGH |
| Microsoft Visio Security Feature Bypass Vulnerability | |||||
| CVE-2021-27054 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2023-12-29 | 6.8 MEDIUM | 7.8 HIGH |
| Microsoft Excel Remote Code Execution Vulnerability | |||||
| CVE-2021-27053 | 1 Microsoft | 5 365 Apps, Excel, Office and 2 more | 2023-12-29 | 6.8 MEDIUM | 7.8 HIGH |
| Microsoft Excel Remote Code Execution Vulnerability | |||||
| CVE-2021-27052 | 1 Microsoft | 2 Sharepoint Enterprise Server, Sharepoint Server | 2023-12-29 | 4.0 MEDIUM | 5.3 MEDIUM |
| Microsoft SharePoint Server Information Disclosure Vulnerability | |||||
| CVE-2021-27051 | 1 Microsoft | 1 High Efficiency Video Coding | 2023-12-29 | 6.8 MEDIUM | 7.8 HIGH |
| HEVC Video Extensions Remote Code Execution Vulnerability | |||||
| CVE-2021-27050 | 1 Microsoft | 1 High Efficiency Video Coding | 2023-12-29 | 6.8 MEDIUM | 7.8 HIGH |
| HEVC Video Extensions Remote Code Execution Vulnerability | |||||
| CVE-2021-27049 | 1 Microsoft | 1 High Efficiency Video Coding | 2023-12-29 | 6.8 MEDIUM | 7.8 HIGH |
| HEVC Video Extensions Remote Code Execution Vulnerability | |||||
| CVE-2021-27048 | 1 Microsoft | 1 High Efficiency Video Coding | 2023-12-29 | 6.8 MEDIUM | 7.8 HIGH |
| HEVC Video Extensions Remote Code Execution Vulnerability | |||||
| CVE-2021-27047 | 1 Microsoft | 1 High Efficiency Video Coding | 2023-12-29 | 6.8 MEDIUM | 7.8 HIGH |
| HEVC Video Extensions Remote Code Execution Vulnerability | |||||
| CVE-2021-26902 | 1 Microsoft | 1 High Efficiency Video Coding | 2023-12-29 | 6.8 MEDIUM | 7.8 HIGH |
| HEVC Video Extensions Remote Code Execution Vulnerability | |||||
| CVE-2021-26859 | 1 Microsoft | 1 Power Bi Report Server | 2023-12-29 | 4.0 MEDIUM | 7.7 HIGH |
| Microsoft Power BI Information Disclosure Vulnerability | |||||
| CVE-2021-27078 | 1 Microsoft | 1 Exchange Server | 2023-12-29 | 6.5 MEDIUM | 9.1 CRITICAL |
| Microsoft Exchange Server Remote Code Execution Vulnerability | |||||
| CVE-2021-27065 | 1 Microsoft | 1 Exchange Server | 2023-12-29 | 6.8 MEDIUM | 7.8 HIGH |
| Microsoft Exchange Server Remote Code Execution Vulnerability | |||||
| CVE-2021-26858 | 1 Microsoft | 1 Exchange Server | 2023-12-29 | 6.8 MEDIUM | 7.8 HIGH |
| Microsoft Exchange Server Remote Code Execution Vulnerability | |||||
| CVE-2021-26857 | 1 Microsoft | 1 Exchange Server | 2023-12-29 | 6.8 MEDIUM | 7.8 HIGH |
| Microsoft Exchange Server Remote Code Execution Vulnerability | |||||
| CVE-2021-26855 | 1 Microsoft | 1 Exchange Server | 2023-12-29 | 7.5 HIGH | 9.1 CRITICAL |
| Microsoft Exchange Server Remote Code Execution Vulnerability | |||||
| CVE-2021-26854 | 1 Microsoft | 1 Exchange Server | 2023-12-29 | 6.5 MEDIUM | 6.6 MEDIUM |
| Microsoft Exchange Server Remote Code Execution Vulnerability | |||||
| CVE-2021-26701 | 2 Fedoraproject, Microsoft | 5 Fedora, .net, .net Core and 2 more | 2023-12-29 | 7.5 HIGH | 8.1 HIGH |
| .NET Core Remote Code Execution Vulnerability | |||||