cve编号 |
供应商 |
产品 |
🔰漏洞名称🔰 |
🔰漏洞描述🔰 |
🔰修复措施🔰 |
CVE-2021-27104 |
Accellion |
FTA |
Accellion FTA OS Command Injection Vulnerability |
Accellion FTA 9_12_370 and earlier is affected by OS command execution via a crafted POST request to various admin endpoints. |
Apply updates per vendor instructions. |
CVE-2021-27102 |
Accellion |
FTA |
Accellion FTA OS Command Injection Vulnerability |
Accellion FTA 9_12_411 and earlier is affected by OS command execution via a local web service call. |
Apply updates per vendor instructions. |
CVE-2021-27101 |
Accellion |
FTA |
Accellion FTA SQL Injection Vulnerability |
Accellion FTA 9_12_370 and earlier is affected by SQL injection via a crafted Host header in a request to document_root.html. |
Apply updates per vendor instructions. |
CVE-2021-27103 |
Accellion |
FTA |
Accellion FTA SSRF Vulnerability |
Accellion FTA 9_12_411 and earlier is affected by SSRF via a crafted POST request to wmProgressstat.html. |
Apply updates per vendor instructions. |
CVE-2021-21017 |
Adobe |
Acrobat and Reader |
Adobe Acrobat and Reader Heap-based Buffer Overflow Vulnerability |
Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a heap-based buffer overflow vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
Apply updates per vendor instructions. |
CVE-2021-28550 |
Adobe |
Acrobat and Reader |
Adobe Acrobat and Reader Use-After-Free Vulnerability |
Acrobat Reader DC versions versions 2021.001.20150 (and earlier), 2020.001.30020 (and earlier) and 2017.011.30194 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
Apply updates per vendor instructions. |
CVE-2018-4939 |
Adobe |
ColdFusion |
Adobe ColdFusion Deserialization of Untrusted Data vulnerability |
Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Deserialization of Untrusted Data vulnerability. Successful exploitation could lead to arbitrary code execution. |
Apply updates per vendor instructions. |
CVE-2018-15961 |
Adobe |
ColdFusion |
Adobe ColdFusion RCE |
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have an unrestricted file upload vulnerability. Successful exploitation could lead to arbitrary code execution. |
Apply updates per vendor instructions. |
CVE-2018-4878 |
Adobe |
Flash Player |
Adobe Flash Player Use after Free vulnerability |
A use-after-free vulnerability was discovered in Adobe Flash Player before 28.0.0.161. This vulnerability occurs due to a dangling pointer in the Primetime SDK related to media player handling of listener objects. A successful attack can lead to arbitrary code execution. This was exploited in the wild in January and February 2018. |
Apply updates per vendor instructions. |
CVE-2020-5735 |
Amcrest |
Cameras and Network Video Recorder (NVR) |
Amcrest Camera and NVR Buffer Overflow Vulnerability |
Amcrest cameras and NVR are vulnerable to a stack-based buffer overflow over port 37777. An authenticated remote attacker can abuse this issue to crash the device and possibly execute arbitrary code. |
Apply updates per vendor instructions. |
CVE-2019-2215 |
Android |
Android OS |
Android \"AbstractEmu\" Root Access Vulnerabilities |
|
Apply updates per vendor instructions. |
CVE-2020-0041 |
Android |
Android OS |
Android \"AbstractEmu\" Root Access Vulnerabilities |
|
Apply updates per vendor instructions. |
CVE-2020-0069 |
Android |
Android OS |
Android \"AbstractEmu\" Root Access Vulnerabilities |
|
Apply updates per vendor instructions. |
CVE-2017-9805 |
Apache |
Struts |
Apache Struts Multiple Versions Remote Code Execution |
The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 contains a vulnerability which can lead to RCE. |
Apply updates per vendor instructions. |
CVE-2021-42013 |
Apache |
HTTP Server |
Apache HTTP Server 2.4.49 and 2.4.50 Path Traversal |
Apache HTTP server vulnerabilities allow an attacker to use a path traversal attack to map URLs to files outside the expected document root and perform RCE. |
Apply updates per vendor instructions. |
CVE-2021-41773 |
Apache |
HTTP Server |
Apache HTTP Server Path Traversal Vulnerability |
A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the directories configured by Alias-like directives. If files outside of these directories are not protected by the usual default configuration \"require all denied\ these requests can succeed. If CGI scripts are also enabled for these aliased pathes, this could allow for remote code execution. This issue is known to be exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions. The fix in Apache HTTP Server 2.4.50 was found to be incomplete, see CVE-2021-42013. |
Apply updates per vendor instructions. |
CVE-2019-0211 |
Apache |
HTTP Server |
Apache HTTP Server scoreboard vulnerability |
In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected. |
Apply updates per vendor instructions. |
CVE-2016-4437 |
Apache |
Shiro |
Apache Shiro 1.2.4 Cookie RememberME Deserial RCE |
Apache Shiro before 1.2.5, when a cipher key has not been configured for the \"remember me\" feature, allows remote attackers to execute arbitrary code or bypass intended access restrictions via an unspecified request parameter. |
Apply updates per vendor instructions. |
CVE-2019-17558 |
Apache |
Solr |
Apache Solr 5.0.0-8.3.1 Remote Code Execution |
Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution through the VelocityResponseWriter. A Velocity template can be provided through Velocity templates in a configset `velocity/` directory or as a parameter. A user defined configset could contain renderable, potentially malicious, templates. Parameter provided templates are disabled by default, but can be enabled by setting `params.resource.loader.enabled` by defining a response writer with that setting set to `true`. Defining a response writer requires configuration API access. Solr 8.4 removed the params resource loader entirely, and only enables the configset-provided template rendering when the configset is `trusted` (has been uploaded by an authenticated user). |
Apply updates per vendor instructions. |
CVE-2020-17530 |
Apache |
Struts |
Apache Struts Forced OGNL Double Evaluation RCE |
Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. Affected software : Apache Struts 2.0.0 - Struts 2.5.25. |
Apply updates per vendor instructions. |
CVE-2017-5638 |
Apache |
Struts |
Apache Struts Jakarta Multipart parser exception handling vulnerability |
The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 has incorrect exception handling and error-message generation during file-upload attempts, which allows remote attackers to execute arbitrary commands via a crafted Content-Type, Content-Disposition, or Content-Length HTTP header, as exploited in the wild in March 2017 with a Content-Type header containing a #cmd= string. |
Apply updates per vendor instructions. |
CVE-2018-11776 |
Apache |
Struts |
Apache Struts 2.3 to 2.3.34 and 2.5 to 2.5.16 Remote Code Execution |
Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 contain a vulnerability which can allow for remote code execution. |
Apply updates per vendor instructions. |
CVE-2021-30858 |
Apple |
iOS and iPadOS |
Apple Apple iOS and iPadOS Use-After-Free |
Apple iOS and iPadOS Arbitrary Code Execution |
Apply updates per vendor instructions. |
CVE-2019-6223 |
Apple |
FaceTime |
Apple FaceTime Vulnerability |
A logic issue existed in the handling of Group FaceTime calls. The issue was addressed with improved state management. This issue is fixed in iOS 12.1.4, macOS Mojave 10.14.3 Supplemental Update. The initiator of a Group FaceTime call may be able to cause the recipient to answer. |
Apply updates per vendor instructions. |
CVE-2021-30860 |
Apple |
iOS |
Apple iOS \"FORCEDENTRY\" Remote Code Execution |
An integer overflow was addressed with improved input validation vulnerability affecting iOS devices that allows for remote code execution. |
Apply updates per vendor instructions. |
CVE-2020-27930 |
Apple |
iOS and macOS |
Apple iOS and macOS FontParser RCE |
A memory corruption issue was addressed with improved input validation. Processing a maliciously crafted font may lead to arbitrary code execution. |
Apply updates per vendor instructions. |
CVE-2021-30807 |
Apple |
iOS and macOS |
Apple iOS and macOS IOMobileFrameBuffer Memory Corruption Vulnerability |
|
Apply updates per vendor instructions. |
CVE-2020-27950 |
Apple |
iOS and macOS |
Apple iOS and macOS Kernel Memory Initialization Vulnerability |
A malicious application may be able to disclose kernel memory. |
Apply updates per vendor instructions. |
CVE-2020-27932 |
Apple |
iOS and macOS |
Apple iOS and macOS Kernel Type Confusion Vulnerability |
A malicious application may be able to execute arbitrary code with kernel privileges. |
Apply updates per vendor instructions. |
CVE-2020-9818 |
Apple |
iOS Mail |
Apple iOS Mail OOB Vulnerability |
Processing a maliciously crafted mail message may lead to unexpected memory modification or application termination. |
Apply updates per vendor instructions. |
CVE-2020-9819 |
Apple |
iOS Mail |
Apple iOS Mail Heap Overflow Vulnerability |
Processing a maliciously crafted mail message may lead to heap corruption. |
Apply updates per vendor instructions. |
CVE-2021-30762 |
Apple |
iOS |
Apple WebKit Browser Engine Use After Free Vulnerability |
Use after free issue. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. |
Apply updates per vendor instructions. |
CVE-2021-1782 |
Apple |
iOS |
Apple iOS Privilege Escalation and Code Execution Chain |
A malicious application may be able to elevate privileges. Apple is aware of a report that this issue may have been actively exploited. |
Apply updates per vendor instructions. |
CVE-2021-1870 |
Apple |
iOS |
Apple iOS Privilege Escalation and Code Execution Chain |
A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. |
Apply updates per vendor instructions. |
CVE-2021-1871 |
Apple |
iOS |
Apple iOS Privilege Escalation and Code Execution Chain |
A remote attacker may be able to cause arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. |
Apply updates per vendor instructions. |
CVE-2021-1879 |
Apple |
iOS |
Apple iOS Webkit Browser Engine XSS |
Processing maliciously crafted web content may lead to universal cross site scripting. Apple is aware of a report that this issue may have been actively exploited. |
Apply updates per vendor instructions. |
CVE-2021-30661 |
Apple |
iOS |
Apple iOS Webkit Storage Use-After-Free RCE |
Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. |
Apply updates per vendor instructions. |
CVE-2021-30666 |
Apple |
iOS |
Apple iOS12.x Buffer Overflow |
Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. |
Apply updates per vendor instructions. |
CVE-2021-30713 |
Apple |
macOS |
Apple macOS Input Validation Error |
A malicious application may be able to bypass Privacy preferences. Apple is aware of a report that this issue may have been actively exploited. |
Apply updates per vendor instructions. |
CVE-2021-30657 |
Apple |
macOS |
Apple macOS Policy Subsystem Gatekeeper Bypass |
A malicious application may bypass Gatekeeper checks. Apple is aware of a report that this issue may have been actively exploited. |
Apply updates per vendor instructions. |
CVE-2021-30665 |
Apple |
Safari |
Apple Safari Webkit Browser Engine Buffer Overflow Vulnerability |
Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. |
Apply updates per vendor instructions. |
CVE-2021-30663 |
Apple |
Safari |
Apple Safari Webkit Browser Engine Integer Overflow Vulnerability |
Integer overflow. Processing maliciously crafted web content may lead to arbitrary code execution. |
Apply updates per vendor instructions. |
CVE-2021-30761 |
Apple |
iOS |
Apple WebKit Browser Engine Memory Corruption Vulnerability |
Memory corruption issue. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited. |
Apply updates per vendor instructions. |
CVE-2021-30869 |
Apple |
iOS, macOS, and iPadOS |
Apple XNU Kernel Type Confusion |
Apple XNU kernel contains a type confusion vulnerability which allows a malicious application to execute arbitrary code with kernel privileges. |
Apply updates per vendor instructions. |
CVE-2020-9859 |
Apple |
iOS and iPadOS |
Apple 11-13.5 XNU Kernel Vulnerability |
A memory consumption issue was addressed with improved memory handling. An application may be able to execute arbitrary code with kernel privileges. |
Apply updates per vendor instructions. |
CVE-2021-20090 |
Arcadyan |
Buffalo WSR-2533DHPL2 and WSR-2533DHP3 firmware |
Arcadyan Buffalo Firmware Multiple Versions Path Traversal |
A path traversal vulnerability in Arcadyan firmware could allow unauthenticated remote attackers to bypass authentication. It impacts many routers. |
Apply updates per vendor instructions. |
CVE-2021-27562 |
Arm |
Arm Trusted Firmware |
Arm Trusted Firmware M through 1.2 Denial of Service |
In Arm Trusted Firmware M through 1.2, the NS world may trigger a system halt, an overwrite of secure data, or the printing out of secure data when calling secure functions under the NSPE handler mode. This vulnerability has known active exploitation against Yealink Device Management servers. It is assessed this product utilizes the affected Arm firmware. |
Apply updates per vendor instructions. |
CVE-2021-28664 |
Arm |
Mali Graphics Processing Unit (GPU) |
Arm Mali GPU Kernel Boundary Error Vulnerability |
The Arm Mali GPU kernel driver allows privilege escalation or a denial of service (memory corruption) because an unprivileged user can achieve read/write access to read-only pages. This affects Bifrost r0p0 through r28p0 before r29p0, Valhall r19p0 through r28p0 before r29p0, and Midgard r8p0 through r30p0. |
Apply updates per vendor instructions. |
CVE-2021-28663 |
Arm |
Mali Graphics Processing Unit (GPU) |
Arm Mali GPU Kernel Use-After-Free Vulnerability |
The Arm Mali GPU kernel driver allows privilege escalation or information disclosure because GPU memory operations are mishandled, leading to a use-after-free. This affects Bifrost r0p0 through r28p0 before r29p0, Valhall r19p0 through r28p0 before r29p0, and Midgard r4p0 through r30p0. |
Apply updates per vendor instructions. |
CVE-2019-3398 |
Atlassian |
Confluence |
Atlassian Confluence Path Traversal Vulnerability |
Confluence Server and Data Center had a path traversal vulnerability in the downloadallattachments resource. A remote attacker who has permission to add attachments to pages and / or blogs or to create a new space or a personal space or who has 'Admin' permissions for a space can exploit this path traversal vulnerability to write files to arbitrary locations which can lead to remote code execution on systems that run a vulnerable version of Confluence Server or Data Center. All versions of Confluence Server from 2.0.0 before 6.6.13 (the fixed version for 6.6.x), from 6.7.0 before 6.12.4 (the fixed version for 6.12.x), from 6.13.0 before 6.13.4 (the fixed version for 6.13.x), from 6.14.0 before 6.14.3 (the fixed version for 6.14.x), and from 6.15.0 before 6.15.2 are affected by this vulnerability. |
Apply updates per vendor instructions. |
CVE-2021-26084 |
Atlassian |
Confluence Server |
Atlassian Confluence Server < 6.13.23, 6.14.0 - 7.12.5 Arbitrary Code Execution |
Atlassian Confluence Server The affected versions are before version 6.13.23, from version 6.14.0 before 7.4.11, from version 7.5.0 before 7.11.6, and from version 7.12.0 before 7.12.5 contains an OGNL injection vulnerability which allows an attacker to execute arbitrary code. |
Apply updates per vendor instructions. |
CVE-2019-11580 |
Atlassian |
Crowd and Crowd Data Center |
Atlassian Crowd and Crowd Data Center RCE |
Atlassian Crowd and Crowd Data Center had the pdkinstall development plugin incorrectly enabled in release builds. Attackers who can send unauthenticated or authenticated requests to a Crowd or Crowd Data Center instance can exploit this vulnerability to install arbitrary plugins, which permits remote code execution on systems running a vulnerable version of Crowd or Crowd Data Center. All versions of Crowd from version 2.1.0 before 3.0.5, from version 3.1.0 before 3.1.6, from version 3.2.0 before 3.2.8, from version 3.3.0 before 3.3.5, and from version 3.4.0 before 3.4.4 are affected by this vulnerability. |
Apply updates per vendor instructions. |
CVE-2019-3396 |
Atlassian |
Atlassian Confluence Server |
Remote code execution via Widget Connector macro Vulnerability |
Allows remote attackers to achieve path traversal and remote code execution on a Confluence Server or Data Center instance via server-side template injection. |
Apply updates per vendor instructions. |
CVE-2021-42258 |
BQE |
BillQuick Web Suite |
BQE BillQuick Web Suite Versions Prior to 22.0.9.1 (from 2018 through 2021) Remote Code Execution |
BQE BillQuick Web Suite 2018 through 2021 prior to 22.0.9.1 allows SQL injection for unauthenticated remote code execution, as exploited in the wild in October 2021 for ransomware installation. |
Apply updates per vendor instructions. |
CVE-2020-3452 |
Cisco |
Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) |
Cisco Adaptive Security Appliance and Cisco Fire Power Threat Defense directory traversal sensitive file read |
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and read sensitive files on a targeted system. The vulnerability is due to a lack of proper input validation of URLs in HTTP requests processed by an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device. The web services file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability cannot be used to obtain access to ASA or FTD system files or underlying operating system (OS) files. |
Apply updates per vendor instructions. |
CVE-2020-3580 |
Cisco |
Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) |
Cisco ASA and FTD XSS Vulnerabilities |
Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device. The vulnerabilities are due to insufficient validation of user-supplied input by the web services interface of an affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive, browser-based information. Note: These vulnerabilities affect only specific AnyConnect and WebVPN configurations. |
Apply updates per vendor instructions. |
CVE-2021-1497 |
Cisco |
HyperFlex HX |
Cisco HyperFlex HX Command Injection Vulnerabilities |
Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. |
Apply updates per vendor instructions. |
CVE-2021-1498 |
Cisco |
HyperFlex HX |
Cisco HyperFlex HX Command Injection Vulnerabilities |
Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device. |
Apply updates per vendor instructions. |
CVE-2018-0171 |
Cisco |
IOS and IOS XE |
Cisco IOS and IOS XE Software Smart Install Remote Code Execution |
A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute arbitrary code on an affected device. The vulnerability is due to improper validation of packet data. An attacker could exploit this vulnerability by sending a crafted Smart Install message to an affected device on TCP port 4786. A successful exploit could allow the attacker to cause a buffer overflow on the affected device, which could have the following impacts: Triggering a reload of the device, Allowing the attacker to execute arbitrary code on the device, Causing an indefinite loop on the affected device that triggers a watchdog crash. Cisco Bug IDs: CSCvg76186. |
Apply updates per vendor instructions. |
CVE-2020-3118 |
Cisco |
IOS XR |
Cisco IOS XR Software Cisco Discovery Protocol Format String Vulnerability |
A vulnerability in the Cisco Discovery Protocol implementation for Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a reload on an affected device. The vulnerability is due to improper validation of string input from certain fields in Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol packet to an affected device. A successful exploit could allow the attacker to cause a stack overflow, which could allow the attacker to execute arbitrary code with administrative privileges on an affected device. Cisco Discovery Protocol is a Layer 2 protocol. To exploit this vulnerability, an attacker must be in the same broadcast domain as the affected device (Layer 2 adjacent). |
Apply updates per vendor instructions. |
CVE-2020-3566 |
Cisco |
IOS XR |
Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability |
A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to exhaust process memory of an affected device. The vulnerability is due to insufficient queue management for Internet Group Management Protocol (IGMP) packets. An attacker could exploit this vulnerability by sending crafted IGMP traffic to an affected device. A successful exploit could allow the attacker to cause memory exhaustion, resulting in instability of other processes. These processes may include, but are not limited to, interior and exterior routing protocols. |
Apply updates per vendor instructions. |
CVE-2020-3569 |
Cisco |
IOS XR |
Cisco IOS XR Software DVMRP Memory Exhaustion Vulnerability |
Multiple vulnerabilities in the Distance Vector Multicast Routing Protocol (DVMRP) feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to either immediately crash the Internet Group Management Protocol (IGMP) process or make it consume available memory and eventually crash. The memory consumption may negatively impact other processes that are running on the device. These vulnerabilities are due to the incorrect handling of IGMP packets. An attacker could exploit these vulnerabilities by sending crafted IGMP traffic to an affected device. A successful exploit could allow the attacker to immediately crash the IGMP process or cause memory exhaustion, resulting in other processes becoming unstable. These processes may include, but are not limited to, interior and exterior routing protocols. |
Apply updates per vendor instructions. |
CVE-2020-3161 |
Cisco |
IP Phones |
Cisco IP Phones Web Server DoS and RCE |
A vulnerability in the web server for Cisco IP Phones could allow an unauthenticated, remote attacker to execute code with root privileges or cause a reload of an affected IP phone, resulting in a denial of service (DoS) condition. The vulnerability is due to a lack of proper input validation of HTTP requests. An attacker could exploit this vulnerability by sending a crafted HTTP request to the web server of a targeted device. A successful exploit could allow the attacker to remotely execute code with root privileges or cause a reload of an affected IP phone, resulting in a DoS condition. |
Apply updates per vendor instructions. |
CVE-2019-1653 |
Cisco |
RV320 and RV325 Routers |
Cisco RV320 and RV325 Routers Improper Access Control Vulnerability (COVID-19-CTI list) |
A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to retrieve sensitive information. The vulnerability is due to improper access controls for URLs. An attacker could exploit this vulnerability by connecting to an affected device via HTTP or HTTPS and requesting specific URLs. A successful exploit could allow the attacker to download the router configuration or detailed diagnostic information. |
Apply updates per vendor instructions. |
CVE-2018-0296 |
Cisco |
Adaptive Security Appliance (ASA) and Firepower Threat Defense (FTD) |
Cisco Adaptive Security Appliance Firepower Threat Defense DoS/Directory Traversal vulnerability |
A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029. |
Apply updates per vendor instructions. |
CVE-2019-13608 |
Citrix |
StoreFront Server |
Citrix StoreFront Server Multiple Versions XML External Entity (XXE) |
Citrix StoreFront Server contains a XXE processing vulnerability that could allow an unauthenticated attacker to retrieve potentially sensitive information. |
Apply updates per vendor instructions. |
CVE-2020-8193 |
Citrix |
Application Delivery Controller (ADC), Gateway, and SDWAN WANOP |
Citrix ADC, Citrix Gateway, Citrix SDWAN WANOP Unauthenticated Authorization Bypass |
Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 allows unauthenticated access to certain URL endpoints. |
Apply updates per vendor instructions. |
CVE-2020-8195 |
Citrix |
Application Delivery Controller (ADC), Gateway, and SDWAN WANOP |
Citrix ADC, Citrix Gateway, Citrix SDWAN WANOP Unauthenticated Authorization Bypass |
Application Delivery Controller (ADC), Gateway, and SDWAN WANOP |
Apply updates per vendor instructions. |
CVE-2020-8196 |
Citrix |
Application Delivery Controller (ADC), Gateway, and SDWAN WANOP |
Citrix ADC, Citrix Gateway, Citrix SDWAN WANOP Unauthenticated Authorization Bypass |
Improper access control in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix SDWAN WAN-OP versions before 11.1.1a, 11.0.3d and 10.2.7 resulting in limited information disclosure to low privileged users. |
Apply updates per vendor instructions. |
CVE-2019-19781 |
Citrix |
Application Delivery Controller (ADC) and Gateway |
Citrix Application Delivery Controller and Citrix Gateway Vulnerability |
Issue in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1, 12.0, 12.1, and 13.0 allowing Directory Traversal. |
Apply updates per vendor instructions. |
CVE-2019-11634 |
Citrix |
Workspace (for Windows) |
Citrix Workspace (for Windows) Prior to 1904 Improper Access Control |
Citrix Workspace app and Receiver for Windows prior to version 1904 contains an incorrect access control vulnerability which allows for code execution. |
Apply updates per vendor instructions. |
CVE-2020-29557 |
D-Link |
DIR-825 R1 |
D-Link DIR-825 R1 Through 3.0.1 Before 11/2020 Buffer Overflow |
D-Link DIR-825 R1 devices through 3.0.1 before 2020-11-20 contain a vulnerability in the web interface allowing for remote code execution. |
Apply updates per vendor instructions. |
CVE-2020-25506 |
D-Link |
DNS-320 |
D-Link DNS-320 Command Injection RCE Vulnerability |
D-Link DNS-320 FW v2.06B01 Revision Ax is affected by command injection in the system_mgr.cgi component, which can lead to remote arbitrary code execution. |
Apply updates per vendor instructions. |
CVE-2018-15811 |
DNN |
DotNetNuke |
DotNetNuke 9.2-9.2.2 Encryption Algorithm Vulnerability |
DNN (aka DotNetNuke) 9.2 through 9.2.1 uses a weak encryption algorithm to protect input parameters. |
Apply updates per vendor instructions. |
CVE-2018-18325 |
DNN |
DotNetNuke |
DotNetNuke 9.2-9.2.2 Encryption Algorithm Vulnerability |
DNN (aka DotNetNuke) 9.2 through 9.2.2 uses a weak encryption algorithm to protect input parameters. NOTE: this issue exists because of an incomplete fix for CVE-2018-15811. |
Apply updates per vendor instructions. |
CVE-2017-9822 |
DNN |
DotNetNuke (DNN) |
DotNetNuke before 9.1.1 Remote Code Execution |
DNN (aka DotNetNuke) before 9.1.1 has Remote Code Execution via a cookie, aka \"2017-08 (Critical) Possible remote code execution on DNN sites.\" |
Apply updates per vendor instructions. |
CVE-2019-15752 |
Docker |
Desktop Community Edition |
Docker Desktop Community Edition Privilege Escalation |
Docker Desktop Community Edition before 2.1.0.1 allows local users to gain privileges by placing a Trojan horse docker-credential-wincred.exe file in %PROGRAMDATA%\\DockerDesktop\\version-bin\\ as a low-privilege user, and then waiting for an admin or service user to authenticate with Docker, restart Docker, or run 'docker login' to force the command. |
Apply updates per vendor instructions. |
CVE-2020-8515 |
DrayTek |
Vigor Router(s) |
DrayTek Vigor Router Vulnerability |
DrayTek Vigor2960 1.3.1_Beta, Vigor3900 1.4.4_Beta, and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1.4.4_Beta devices allow remote code execution as root (without authentication) via shell metacharacters to the cgi-bin/mainfunction.cgi URI. |
Apply updates per vendor instructions. |
CVE-2018-7600 |
Drupal |
Drupal |
Drupal module configuration vulnerability |
Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations. |
Apply updates per vendor instructions. |
CVE-2021-22205 |
ExifTool |
ExifTool |
GitLab Community and Enterprise Editions From 11.9 Remote Code Execution |
Anyone with the ability to upload an image that goes through the GitLab Workhorse could achieve RCE via a specially crafted file. |
Apply updates per vendor instructions. |
CVE-2018-6789 |
Exim |
Exim |
Exim Buffer Overflow Vulnerability |
Issue in the base64d function in the SMTP listener in Exim before 4.90.1. By sending a handcrafted message, a buffer overflow may happen. This can be used to execute code remotely. |
Apply updates per vendor instructions. |
CVE-2020-8657 |
EyesOfNetwork |
EyesOfNetwork |
EyesOfNetwork 5.3 Insufficient Credential Protection |
Issue in EyesOfNetwork 5.3. The installation uses the same API key (hardcoded as EONAPI_KEY in include/api_functions.php for API version 2.4.2) by default for all installations, hence allowing an attacker to calculate/guess the admin access token. |
Apply updates per vendor instructions. |
CVE-2020-8655 |
EyesOfNetwork |
EyesOfNetwork |
EyesOfNetwork 5.3 Privilege Escalation Vulnerability |
Issue in EyesOfNetwork 5.3. The sudoers configuration is prone to a privilege escalation vulnerability, allowing the apache user to run arbitrary commands as root via a crafted NSE script for nmap 7. |
Apply updates per vendor instructions. |
CVE-2020-5902 |
F5 |
BIG IP |
F5 BIG IP Traffic Management User Interface RCE |
In BIG-IP versions 15.0.0-15.1.0.3, 14.1.0-14.1.2.5, 13.1.0-13.1.3.3, 12.1.0-12.1.5.1, and 11.6.1-11.6.5.1, the Traffic Management User Interface (TMUI), also referred to as the Configuration utility, has a Remote Code Execution (RCE) vulnerability in undisclosed pages. |
Apply updates per vendor instructions. |
CVE-2021-22986 |
F5 |
BIG-IP |
F5 iControl REST unauthenticated RCE |
The iControl REST interface has an unauthenticated remote command execution vulnerability. |
Apply updates per vendor instructions. |
CVE-2021-35464 |
ForgeRock |
Access Management server |
ForgeRock Access Management Remote Code Execution |
ForgeRock AM server before 7.0 has a Java deserialization vulnerability in the jato.pageSession parameter on multiple pages. The exploitation does not require authentication, and remote code execution can be triggered by sending a single crafted /ccversion/* request to the server. |
Apply updates per vendor instructions. |
CVE-2019-5591 |
Fortinet |
FortiOS |
Fortinet FortiOS Default Configuration Vulnerability |
A Default Configuration vulnerability in FortiOS may allow an unauthenticated attacker on the same subnet to intercept sensitive information by impersonating the LDAP server. |
Apply updates per vendor instructions. |
CVE-2020-12812 |
Fortinet |
FortiOS |
Fortinet FortiOS SSL VPN 2FA Authentication Vulnerability |
An improper authentication vulnerability in SSL VPN in FortiOS 6.4.0, 6.2.0 to 6.2.3, 6.0.9 and below may result in a user being able to log in successfully without being prompted for the second factor of authentication (FortiToken) if they changed the case of their username. |
Apply updates per vendor instructions. |
CVE-2018-13379 |
Fortinet |
FortiOS |
Fortinet FortiOS SSL VPN credential exposure vulnerability |
An Improper Limitation of a Pathname to a Restricted Directory (\"Path Traversal\") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 and 5.4.6 to 5.4.12 and FortiProxy 2.0.0, 1.2.0 to 1.2.8, 1.1.0 to 1.1.6, 1.0.0 to 1.0.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests. |
Apply updates per vendor instructions. |
CVE-2020-16010 |
Google |
Chrome for Android |
Google Chrome for Android Heap Overflow Vulnerability |
Heap buffer overflow in UI in Google Chrome on Android prior to 86.0.4240.185 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. |
Apply updates per vendor instructions. |
CVE-2020-15999 |
Google |
Chrome |
Google Chrome FreeType Memory Corruption |
Heap buffer overflow in Freetype in Google Chrome prior to 86.0.4240.111 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
Apply updates per vendor instructions. |
CVE-2021-21166 |
Google |
Chrome |
Google Chrome Heap Buffer Overflow in WebAudio Vulnerability |
Data race in audio in Google Chrome prior to 89.0.4389.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
Apply updates per vendor instructions. |
CVE-2020-16017 |
Google |
Chrome |
Google Chrome Site Isolation Component Use-After-Free RCE vulnerability |
Use after free in site isolation in Google Chrome prior to 86.0.4240.198 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. |
Apply updates per vendor instructions. |
CVE-2021-37976 |
Google |
Chrome |
Google Chrome Information Leakage |
Information disclosure in Google Chrome that exists due to excessive data output in core. |
Apply updates per vendor instructions. |
CVE-2020-16009 |
Google |
Chromium V8 |
Chromium V8 Implementation Vulnerability |
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.183 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
Apply updates per vendor instructions. |
CVE-2021-30632 |
Google |
Chrome |
Google Chrome Out-of-bounds write |
Google Chrome out-of-bounds write that allows to execute arbitrary code on the target system. |
Apply updates per vendor instructions. |
CVE-2020-16013 |
Google |
Chromium V8 |
Chromium V8 Engine Incorrect Implementation vulnerabililty |
Inappropriate implementation in V8 in Google Chrome prior to 86.0.4240.198 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
Apply updates per vendor instructions. |
CVE-2021-30633 |
Google |
Chrome |
Google Chrome Use-After-Free |
Google Chrome Use-After-Free vulnerability |
Apply updates per vendor instructions. |
CVE-2021-21148 |
Google |
Chromium V8 |
Chromium V8 JavaScript Rendering Engine Heap Buffer Overflow Vulnerability |
Heap buffer overflow in V8 in Google Chrome prior to 88.0.4324.150 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
Apply updates per vendor instructions. |
CVE-2021-37973 |
Google |
Chrome |
Google Chrome Use-After-Free |
Use-after-free weakness in Portals, Google's new web page navigation system for Chrome. Successful exploitation can let attackers to execute code. |
Apply updates per vendor instructions. |
CVE-2021-30551 |
Google |
Chromium V8 |
Chromium V8 Engine Type Confusion |
Type confusion in V8 in Google Chrome prior to 91.0.4472.101 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
Apply updates per vendor instructions. |
CVE-2021-37975 |
Google |
Chrome |
Google Chrome Use-After-Free |
Google Chrome use-after-free error within the V8 browser engine. |
Apply updates per vendor instructions. |
CVE-2020-6418 |
Google |
Chromium V8 |
Chromium V8 Engine Type Confusion Vulnerability |
Type confusion in V8 in Google Chrome prior to 80.0.3987.122 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
Apply updates per vendor instructions. |
CVE-2021-30554 |
Google |
Chrome |
Google Chrome WebGL Use after Free |
Use after free in WebGL in Google Chrome prior to 91.0.4472.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
Apply updates per vendor instructions. |
CVE-2021-21206 |
Google |
Chromium Blink |
Chromium Blink Use-After-Free Vulnerability |
Use after free in Blink in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
Apply updates per vendor instructions. |
CVE-2021-38000 |
Google |
Chromium V8 Engine |
Google Chromium V8 Insufficient Input Validation Vulnerability |
|
Apply updates per vendor instructions. |
CVE-2021-38003 |
Google |
Chromium V8 Engine |
Google Chromium V8 Incorrect Implementation Vulnerability |
|
Apply updates per vendor instructions. |
CVE-2021-21224 |
Google |
Chromium V8 |
Chromium V8 JavaScript Engine Remote Code Execution |
Type confusion in V8 in Google Chrome prior to 90.0.4430.85 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. |
Apply updates per vendor instructions. |
CVE-2021-21193 |
Google |
Chromium V8 |
Chromium V8 Engine Use-After-Free Vulnerability |
Use after free in Blink in Google Chrome prior to 89.0.4389.90 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
Apply updates per vendor instructions. |
CVE-2021-21220 |
Google |
Chromium V8 |
Chromium V8 Engine Input Validation Vulnerability |
Insufficient validation of untrusted input in V8 in Google Chrome prior to 89.0.4389.128 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
Apply updates per vendor instructions. |
CVE-2021-30563 |
Google |
Chrome |
Google Chrome Browser V8 Arbitrary Code Execution |
Type Confusion in V8 in Google Chrome prior to 91.0.4472.164 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. |
Apply updates per vendor instructions. |
CVE-2020-4430 |
IBM |
IBM Data Risk Manager |
IBM Data Risk Manager Arbritary File Download |
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, and 2.0.4 could allow a remote authenticated attacker to traverse directories on the system. An attacker could send a specially-crafted URL request to download arbitrary files from the system. IBM X-Force ID: 180535. |
Apply updates per vendor instructions. |
CVE-2020-4427 |
IBM |
IBM Data Risk Manager |
IBM Data Risk Manager Authentication Bypass |
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 could allow a remote attacker to bypass security restrictions when configured with SAML authentication. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to bypass the authentication process and gain full administrative access to the system. IBM X-Force ID: 180532. |
Apply updates per vendor instructions. |
CVE-2020-4428 |
IBM |
IBM Data Risk Manager |
IBM Data Risk Manager Command Injection |
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, and 2.0.4 could allow a remote authenticated attacker to execute arbitrary commands on the system. IBM X-Force ID: 180533. |
Apply updates per vendor instructions. |
CVE-2019-4716 |
IBM |
IBM Planning Analytics |
IBM Planning Analytics configuration overwrite vulnerability |
IBM Planning Analytics 2.0.0 through 2.0.8 is vulnerable to a configuration overwrite that allows an unauthenticated user to login as \"admin\ and then execute code as root or SYSTEM via TM1 scripting. IBM X-Force ID: 172094. |
Apply updates per vendor instructions. |
CVE-2016-3715 |
ImageMagick |
ImageMagick |
ImageMagick Ephemeral Coder Arbitrary File Deletion Vulnerability |
The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers to delete arbitrary files via a crafted image. |
Apply updates per vendor instructions. |
CVE-2016-3718 |
ImageMagick |
ImageMagick |
ImageMagick SSRF Vulnerability |
The (1) HTTP and (2) FTP coders in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allow remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted image. |
Apply updates per vendor instructions. |
CVE-2020-15505 |
Ivanti |
MobileIron Core & Connector |
MobileIron Core, Connector, Sentry, and RDM RCE |
A remote code execution vulnerability that allows remote attackers to execute arbitrary code via unspecified vectors. |
Apply updates per vendor instructions. |
CVE-2021-30116 |
Kaseya |
Kaseya VSA |
Kaseya VSA Remote Code Execution |
Kaseya VSA before 9.5.7 allows credential disclosure, as exploited in the wild in July 2021. |
Apply updates per vendor instructions. |
CVE-2020-7961 |
LifeRay |
Liferay Portal |
Liferay Portal prior to 7.2.1 CE GA2 RCE |
Deserialization of Untrusted Data in Liferay Portal prior to 7.2.1 CE GA2 allows remote attackers to execute arbitrary code via JSON web services (JSONWS). |
Apply updates per vendor instructions. |
CVE-2021-23874 |
McAfee |
McAfee Total Protection (MTP) |
McAfee Total Protection MTP Arbitrary Process Execution |
Arbitrary Process Execution vulnerability in McAfee Total Protection (MTP) prior to 16.0.30 allows a local user to gain elevated privileges and execute arbitrary code bypassing MTP self-defense. |
Apply updates per vendor instructions. |
CVE-2021-22506 |
Micro Focus |
Micro Focus Access Manager |
Micro Focus Access Manager Earlier Than 5.0 Information Leakage |
Micro Focus Access Manager versions prior to 5.0 contain a vulnerability which allows for information leakage. |
Apply updates per vendor instructions. |
CVE-2021-22502 |
Micro Focus |
Micro Focus Operation Bridge Reporter (OBR) |
Micro Focus Operation Bridge Report (OBR) Server RCE |
Remote Code execution vulnerability in Micro Focus Operation Bridge Reporter (OBR) product, affecting version 10.40. The vulnerability could be exploited to allow Remote Code Execution on the OBR server. |
Apply updates per vendor instructions. |
CVE-2014-1812 |
Microsoft |
Windows Group Policy |
Microsoft Windows Group Policy Privilege Escalation |
Allows remote authenticated users to obtain sensitive credential information and consequently gain privileges by leveraging access to the SYSVOL share, as exploited in the wild in May 2014, aka \"Group Policy Preferences Password Elevation of Privilege Vulnerability.\" |
Apply updates per vendor instructions. |
CVE-2021-38647 |
Microsoft |
Microsoft Azure Open Management Infrastructure (OMI) |
Microsoft Azure Open Management Infrastructure (OMI) Remote Code Execution |
Azure Open Management Infrastructure Remote Code Execution Vulnerability |
Apply updates per vendor instructions. |
CVE-2016-0167 |
Microsoft |
Windows Kernel |
Microsoft Windows Kernel 'Win32k.sys' Local Privilege Escalation Vulnerability |
The kernel-mode driver allows local users to gain privileges via a crafted application, aka \"Win32k Elevation of Privilege Vulnerability,\" a different vulnerability than CVE-2016-0143 and CVE-2016-0165. |
Apply updates per vendor instructions. |
CVE-2020-0878 |
Microsoft |
Microsoft Edge, Internet Explorer |
Microsoft Browser Memory Corruption Vulnerability |
A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory. |
Apply updates per vendor instructions. |
CVE-2021-31955 |
Microsoft |
Windows Kernel |
Microsoft Windows Kernel Information Disclosure Vulnerability |
Windows Kernel Information Disclosure Vulnerability |
Apply updates per vendor instructions. |
CVE-2021-1647 |
Microsoft |
Microsoft Defender |
Microsoft Defender RCE |
Microsoft Defender Remote Code Execution Vulnerability |
Apply updates per vendor instructions. |
CVE-2021-33739 |
Microsoft |
Microsoft Desktop Window Manager (DWM) |
Microsoft DWM Core Library Elevation of Privilege Vulnerability |
Microsoft Desktop Window Manager (DWM) Core Library Elevation of Privilege Vulnerability |
Apply updates per vendor instructions. |
CVE-2016-0185 |
Microsoft |
Windows Media Center |
Microsoft Windows Media Center RCE vulnerability |
Media Center allows remote attackers to execute arbitrary code via a crafted Media Center link (aka .mcl) file, aka \"Windows Media Center Remote Code Execution Vulnerability.\" |
Apply updates per vendor instructions. |
CVE-2020-0683 |
Microsoft |
Windows Installer |
Microsoft Elevation of Privilege Installer Vulnerability |
An elevation of privilege vulnerability exists in the Windows Installer when MSI packages process symbolic links, aka 'Windows Installer Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0686. |
Apply updates per vendor instructions. |
CVE-2020-17087 |
Microsoft |
Windows Kernel |
Windows Kernel Cryptography Driver Privilege Escalation |
Windows Kernel Local Elevation of Privilege Vulnerability |
Apply updates per vendor instructions. |
CVE-2021-33742 |
Microsoft |
Windows MSHTML Platform |
Microsoft Windows MSHTML Platform Remote Code Execution Vulnerability |
Windows MSHTML Platform Remote Code Execution Vulnerability |
Apply updates per vendor instructions. |
CVE-2021-31199 |
Microsoft |
Microsoft Enhanced Cryptographic Provider |
Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerabilities |
Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2021-31201. |
Apply updates per vendor instructions. |
CVE-2021-33771 |
Microsoft |
Windows Kernel |
Windows Kernel Elevation of Privilege |
Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2021-31979, CVE-2021-34514. |
Apply updates per vendor instructions. |
CVE-2021-31956 |
Microsoft |
Windows NTFS |
Microsoft Windows NTFS Elevation of Privilege Vulnerability |
Windows NTFS Elevation of Privilege Vulnerability |
Apply updates per vendor instructions. |
CVE-2021-31201 |
Microsoft |
Microsoft Enhanced Cryptographic Provider |
Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerabilities |
Microsoft Enhanced Cryptographic Provider Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2021-31199. |
Apply updates per vendor instructions. |
CVE-2021-31979 |
Microsoft |
Windows Kernel |
Windows Kernel Elevation of Privilege Vulnerability |
Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2021-33771, CVE-2021-34514. |
Apply updates per vendor instructions. |
CVE-2020-0938 |
Microsoft |
Windows, Windows Adobe Type Manager Library |
Microsoft Windows Type 1 Font Parsing Remote Code Execution Vulnerability |
A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format. This CVE ID is unique from CVE-2020-1020. |
Apply updates per vendor instructions. |
CVE-2020-17144 |
Microsoft |
Microsoft Exchange Server |
Microsoft Exchange RCE |
Microsoft Exchange Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2020-17117, CVE-2020-17132, CVE-2020-17141, CVE-2020-17142. |
Apply updates per vendor instructions. |
CVE-2020-0986 |
Microsoft |
Windows Kernel |
Windows Kernel Elevation of Privilege vulnerability |
An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka 'Windows Kernel Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-1237, CVE-2020-1246, CVE-2020-1262, CVE-2020-1264, CVE-2020-1266, CVE-2020-1269, CVE-2020-1273, CVE-2020-1274, CVE-2020-1275, CVE-2020-1276, CVE-2020-1307, CVE-2020-1316. |
Apply updates per vendor instructions. |
CVE-2020-1020 |
Microsoft |
Windows, Windows Adobe Type Manager Library |
Microsoft Windows Type 1 Font Parsing Remote Code Execution Vulnerability |
A remote code execution vulnerability exists in Microsoft Windows when the Windows Adobe Type Manager Library improperly handles a specially-crafted multi-master font - Adobe Type 1 PostScript format. This CVE ID is unique from CVE-2020-0938. |
Apply updates per vendor instructions. |
CVE-2021-38645 |
Microsoft |
Microsoft Azure Open Management Infrastructure (OMI) |
Microsoft Azure Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability |
Open Management Infrastructure Elevation of Privilege Vulnerability |
Apply updates per vendor instructions. |
CVE-2021-34523 |
Microsoft |
Microsoft Exchange Server |
Microsoft Exchange Server Elevation of Privilege Vulnerability |
Microsoft Exchange Server Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2021-33768, CVE-2021-34470. |
Apply updates per vendor instructions. |
CVE-2017-7269 |
Microsoft |
Internet Information Services (IIS) |
Windows Server 2003 R2 IIS WEBDAV buffer overflow RCE vulnerability (COVID-19-CTI list) |
Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Information Services (IIS) 6.0 in Microsoft Windows Server 2003 R2 allows remote attackers to execute arbitrary code via a long header beginning with \"If:
Apply updates per vendor instructions. |
|
CVE-2021-36948 |
Microsoft |
Windows Update Medic Service |
Microsoft Windows Update Medic Service Elevation of Privilege |
Windows Update Medic Service Elevation of Privilege Vulnerability |
Apply updates per vendor instructions. |
CVE-2021-38649 |
Microsoft |
Microsoft Azure Open Management Infrastructure (OMI) |
Microsoft Azure Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability |
Open Management Infrastructure Elevation of Privilege Vulnerability |
Apply updates per vendor instructions. |
CVE-2020-0688 |
Microsoft |
Microsoft Exchange Server |
Microsoft Exchange Server Key Validation Vulnerability |
A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka 'Microsoft Exchange Memory Corruption Vulnerability'. |
Apply updates per vendor instructions. |
CVE-2017-0143 |
Microsoft |
SMBv1 server |
Windows SMBv1 Remote Code Execution Vulnerability |
The SMBv1 server allows remote attackers to execute arbitrary code via crafted packets, aka \"Windows SMB Remote Code Execution Vulnerability.\" This vulnerability is different from those described in CVE-2017-0144, CVE-2017-0145, CVE-2017-0146, and CVE-2017-0148. |
Apply updates per vendor instructions. |
CVE-2016-7255 |
Microsoft |
Windows, Windows Server |
Microsoft Windows Vista, 7, 8.1, 10 and Windows Server 2008, 2012, and 2016 Win32k Privilege Escalation Vulnerability |
The kernel-mode drivers allow local users to gain privileges via a crafted application, aka \"Win32k Elevation of Privilege Vulnerability\" |
Apply updates per vendor instructions. |
CVE-2019-0708 |
Microsoft |
Remote Desktop Services |
\"BlueKeep\" Windows Remote Desktop RCE Vulnerability |
A remote code execution vulnerability exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. |
Apply updates per vendor instructions. |
CVE-2021-34473 |
Microsoft |
Microsoft Exchange Server |
Microsoft Exchange Server Remote Code Execution Vulnerability |
Microsoft Exchange Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2021-31196, CVE-2021-31206. |
Apply updates per vendor instructions. |
CVE-2020-1464 |
Microsoft |
Windows |
Windows Spoofing Vulnerability |
A spoofing vulnerability exists when Windows incorrectly validates file signatures. |
Apply updates per vendor instructions. |
CVE-2021-1732 |
Microsoft |
Windows Win32k |
Microsoft Windows Win32k Privilege Escalation |
Windows Win32k Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2021-1698. |
Apply updates per vendor instructions. |
CVE-2021-34527 |
Microsoft |
Windows |
\"PrintNightmare\" - Microsoft Windows Print Spooler Remote Code Execution Vulnerability |
Windows Print Spooler Remote Code Execution Vulnerability |
Apply updates per vendor instructions. |
CVE-2021-31207 |
Microsoft |
Microsoft Exchange Server |
Microsoft Exchange Server Security Feature Bypass Vulnerability |
Microsoft Exchange Server Security Feature Bypass Vulnerability |
Apply updates per vendor instructions. |
CVE-2019-0803 |
Microsoft |
Windows Win32k |
Windows win32k Escalation Kernel Vulnerability |
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0685, CVE-2019-0859. |
Apply updates per vendor instructions. |
CVE-2020-1040 |
Microsoft |
Hyper-V RemoteFX vGPU |
Hyper-V RemoteFX vGPU Remote Code Execution Vulnerability |
A remote code execution vulnerability exists when Hyper-V RemoteFX vGPU on a host server fails to properly validate input from an authenticated user on a guest operating system. This CVE ID is unique from CVE-2020-1032, CVE-2020-1036, CVE-2020-1041, CVE-2020-1042, CVE-2020-1043. |
Apply updates per vendor instructions. |
CVE-2021-28310 |
Microsoft |
Windows Win32k |
Microsoft Windows Win32k Privilege Escalation Vulnerability |
Win32k Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2021-27072. |
Apply updates per vendor instructions. |
CVE-2020-1350 |
Microsoft |
Windows Domain Name System Server |
\"SigRed\" - Windows DNS Server Remote Code Execution Vulnerability |
A remote code execution vulnerability exists in Windows Domain Name System servers when they fail to properly handle requests. |
Apply updates per vendor instructions. |
CVE-2021-26411 |
Microsoft |
Microsoft Edge, Internet Explorer |
Microsoft Internet Explorer and Edge Memory Corruption Vulnerability |
Internet Explorer Memory Corruption Vulnerability |
Apply updates per vendor instructions. |
CVE-2019-0859 |
Microsoft |
Windows Win32k |
Windows win32k Escalation Kernel Vulnerability |
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0685, CVE-2019-0803. |
Apply updates per vendor instructions. |
CVE-2021-40444 |
Microsoft |
Microsoft MSHTML |
Microsoft Windows, Server (spec. IE) All Arbitrary Code Execution |
Microsoft MSHTML Remote Code Execution Vulnerability |
Apply updates per vendor instructions. |
CVE-2017-8759 |
Microsoft |
Microsoft .NET Framework |
.NET Framework Remote Code Execution vulnerability |
Microsoft .NET Framework 2.0, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 4.7 allow an attacker to execute code remotely via a malicious document or application. |
Apply updates per vendor instructions. |
CVE-2018-8653 |
Microsoft |
Internet Explorer Scripting Engine |
Microsoft Internet Explorer Scripting Engine JScript Memory Corruption Vulnerability |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka \"Scripting Engine Memory Corruption Vulnerability.\" This CVE ID is unique from CVE-2018-8643. |
Apply updates per vendor instructions. |
CVE-2019-0797 |
Microsoft |
Windows Win32k |
Windows win32k.sys Driver Vulnerability |
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0808. |
Apply updates per vendor instructions. |
CVE-2021-36942 |
Microsoft |
Windows Local Security Authority (LSA) |
Microsoft LSA Spoofing |
Windows Local Security Authority (LSA) Spoofing Vulnerability \"PetitPotam\" |
Apply updates per vendor instructions. |
CVE-2019-1215 |
Microsoft |
Windows Winsock |
Windows Winsock (ws2ifsl.sys) vulnerability |
An elevation of privilege vulnerability exists in the way that ws2ifsl.sys (Winsock) handles objects in memory, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-1253, CVE-2019-1278, CVE-2019-1303. |
Apply updates per vendor instructions. |
CVE-2018-0798 |
Microsoft |
Microsoft Office |
Microsoft Office 2007 - 2016 Backdoor Exploitation Chain |
Allows a remote code execution vulnerability due to the way objects are handled in memory, aka \"Microsoft Office Memory Corruption Vulnerability\". |
Apply updates per vendor instructions. |
CVE-2018-0802 |
Microsoft |
Microsoft Office |
Microsoft Office 2007 - 2016 Backdoor Exploitation Chain |
Allows a remote code execution vulnerability due to the way objects are handled in memory, aka \"Microsoft Office Memory Corruption Vulnerability\". This CVE is unique from CVE-2018-0797 and CVE-2018-0812. |
Apply updates per vendor instructions. |
CVE-2012-0158 |
Microsoft |
MSCOMCTL.OCX |
Microsoft MSCOMCTL.OCX RCE Vulnerability |
Allows remote attackers to execute arbitrary code via a crafted (a) web site, (b) Office document, or (c) .rtf file that triggers \"system state\" corruption, as exploited in the wild in April 2012, aka \"MSCOMCTL.OCX RCE Vulnerability. |
Apply updates per vendor instructions. |
CVE-2015-1641 |
Microsoft |
Microsoft Office |
Microsoft Office Memory Corruption vulnerability |
Allows remote attackers to execute arbitrary code via a crafted RTF document, aka \"Microsoft Office Memory Corruption Vulnerability.\" |
Apply updates per vendor instructions. |
CVE-2021-27085 |
Microsoft |
Internet Explorer |
Internet Explorer 11 RCE |
Internet Explorer Remote Code Execution Vulnerability |
Apply updates per vendor instructions. |
CVE-2019-0541 |
Microsoft |
MSHTML engine |
Microsoft MSHTML Engine Remote Code Execution Vulnerability |
A remote code execution vulnerability exists in the way that the MSHTML engine improperly validates input, aka \"MSHTML Engine Remote Code Execution Vulnerability. |
Apply updates per vendor instructions. |
CVE-2017-11882 |
Microsoft |
Microsoft Office |
Microsoft Office memory corruption vulnerability |
Allows an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka \"Microsoft Office Memory Corruption Vulnerability\". This CVE ID is unique from CVE-2017-11884. |
Apply updates per vendor instructions. |
CVE-2020-0674 |
Microsoft |
Internet Explorer Scripting Engine |
Internet Explorer 9-11 Scripting Engine Memory Corruption Vulnerability |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. This CVE ID is unique from CVE-2020-0673, CVE-2020-0710, CVE-2020-0711, CVE-2020-0712, CVE-2020-0713, CVE-2020-0767. |
Apply updates per vendor instructions. |
CVE-2021-27059 |
Microsoft |
Microsoft Office |
Microsoft Office RCE |
Microsoft Office Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2021-24108, CVE-2021-27057. |
Apply updates per vendor instructions. |
CVE-2019-1367 |
Microsoft |
Internet Explorer Scripting Engine |
Internet Explorer 9-11 Scripting Engine Memory Corruption Vulnerability |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. This CVE ID is unique from CVE-2019-1221. |
Apply updates per vendor instructions. |
CVE-2017-0199 |
Microsoft |
Windows, Windows Server, Microsoft Office |
Microsoft Office/WordPad Remote Code Execution Vulnerability with Windows API |
Allows remote attackers to execute arbitrary code via a crafted document, aka \"Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API.\" |
Apply updates per vendor instructions. |
CVE-2020-1380 |
Microsoft |
Internet Explorer |
Scripting Engine Memory Corruption Vulnerability |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2020-1555, CVE-2020-1570. |
Apply updates per vendor instructions. |
CVE-2019-1429 |
Microsoft |
Internet Explorer Scripting Engine |
Internet Explorer 9-11 Scripting Engine Memory Corruption Vulnerability |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. This CVE ID is unique from CVE-2019-1426, CVE-2019-1427, CVE-2019-1428. |
Apply updates per vendor instructions. |
CVE-2017-11774 |
Microsoft |
Microsoft Outlook |
Microsoft Outlook Security Feature Bypass Vulnerability |
Allows an attacker to execute arbitrary commands, due to how Microsoft Office handles objects in memory, aka \"Microsoft Outlook Security Feature Bypass Vulnerability.\" |
Apply updates per vendor instructions. |
CVE-2020-0968 |
Microsoft |
Internet Explorer Scripting Engine |
Internet Explorer Scripting Engine Memory Corruption Vulnerability |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. This CVE ID is unique from CVE-2020-0970. |
Apply updates per vendor instructions. |
CVE-2020-1472 |
Microsoft |
Netlogon Remote Protocol (MS-NRPC) |
NetLogon Elevation of Privilege Vulnerability |
An elevation of privilege vulnerability exists when an attacker establishes a vulnerable Netlogon secure channel connection to a domain controller, using the Netlogon Remote Protocol (MS-NRPC), aka 'Netlogon Elevation of Privilege Vulnerability'. |
Apply updates per vendor instructions. |
CVE-2021-26855 |
Microsoft |
Microsoft Exchange Server |
Microsoft OWA Exchange Control Panel (ECP) Exploit Chain |
Microsoft Exchange Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26857, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078. |
Apply updates per vendor instructions. |
CVE-2021-26858 |
Microsoft |
Microsoft Exchange Server |
Microsoft OWA Exchange Control Panel (ECP) Exploit Chain |
Microsoft Exchange Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26855, CVE-2021-26857, CVE-2021-27065, CVE-2021-27078. |
Apply updates per vendor instructions. |
CVE-2021-27065 |
Microsoft |
Microsoft Exchange Server |
Microsoft OWA Exchange Control Panel (ECP) Exploit Chain |
Microsoft Exchange Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, CVE-2021-27078. |
Apply updates per vendor instructions. |
CVE-2020-1054 |
Microsoft |
Windows Win32k |
Microsoft Windows Win32k Privilege Escalation Vulnerability |
An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory |
Apply updates per vendor instructions. |
CVE-2021-1675 |
Microsoft |
Windows Print Spooler |
Microsoft Print Spooler Remote Code Execution |
Windows Print Spooler Elevation of Privilege Vulnerability |
Apply updates per vendor instructions. |
CVE-2021-34448 |
Microsoft |
Scripting Engine |
Microsoft Scripting Engine Memory Corruption Vulnerability |
Scripting Engine Memory Corruption Vulnerability |
Apply updates per vendor instructions. |
CVE-2020-0601 |
Microsoft |
Windows CryptoAPI |
Windows 10 API/ECC Vulnerability |
A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates. An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka 'Windows CryptoAPI Spoofing Vulnerability'. |
Apply updates per vendor instructions. |
CVE-2019-0604 |
Microsoft |
SharePoint |
Microsoft SharePoint Remote Code Execution Vulnerability |
A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0594. |
Apply updates per vendor instructions. |
CVE-2020-0646 |
Microsoft |
Microsoft .NET Framework |
Microsoft .NET Framework RCE |
A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka '.NET Framework Remote Code Execution Injection Vulnerability'. |
Apply updates per vendor instructions. |
CVE-2019-0808 |
Microsoft |
Windows Win32k |
Windows 7 win32k.sys Driver Vulnerability |
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2019-0797. |
Apply updates per vendor instructions. |
CVE-2021-26857 |
Microsoft |
Microsoft Exchange Server |
Microsoft Unified Messaging Deserialization Vulnerability |
Microsoft Exchange Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2021-26412, CVE-2021-26854, CVE-2021-26855, CVE-2021-26858, CVE-2021-27065, CVE-2021-27078. |
Apply updates per vendor instructions. |
CVE-2020-1147 |
Microsoft |
Microsoft .NET Framework, Microsoft SharePoint, Visual Studio |
Microsoft .NET Framework, SharePoint Server, and Visual Studio RCE |
A remote code execution vulnerability exists in .NET Framework, Microsoft SharePoint, and Visual Studio when the software fails to check the source markup of XML file input. |
Apply updates per vendor instructions. |
CVE-2019-1214 |
Microsoft |
Windows Common Log File System (CLFS) driver |
Windows CLFS vulnerability |
An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka 'Windows Common Log File System Driver Elevation of Privilege Vulnerability'. |
Apply updates per vendor instructions. |
CVE-2016-3235 |
Microsoft |
Microsoft Visio/Office |
Microsoft Visio/Office OLE DLL Side Loading vulnerability |
Allows local users to gain privileges via a crafted application, aka \"Microsoft Office OLE DLL Side Loading Vulnerability.\" |
Apply updates per vendor instructions. |
CVE-2019-0863 |
Microsoft |
Windows Error Reporting (WER) |
Windows Error Reporting Vulnerability |
An elevation of privilege vulnerability exists in the way Windows Error Reporting (WER) handles files, aka 'Windows Error Reporting Elevation of Privilege Vulnerability'. |
Apply updates per vendor instructions. |
CVE-2021-36955 |
Microsoft |
Windows Common Log File System Driver |
Microsoft Windows Common Log File System Driver Privilege Escalation |
Microsoft Windows Common Log File System Driver contains an unspecified vulnerability which allows for privilege escalation. |
Apply updates per vendor instructions. |
CVE-2021-38648 |
Microsoft |
Microsoft Azure Open Management Infrastructure (OMI) |
Microsoft Azure Open Management Infrastructure (OMI) Elevation of Privilege Vulnerability |
Open Management Infrastructure Elevation of Privilege Vulnerability |
Apply updates per vendor instructions. |
CVE-2020-6819 |
Mozilla |
nsDocShell destructor |
Mozilla Firefox 74 and Firefox ESR 68.6 nsDocShell vulnerability |
A race condition can cause a use-after-free when running the nsDocShell destructor. This vulnerability affects Thunderbird < 68.7.0, Firefox < 74.0.1, and Firefox ESR < 68.6.1. |
Apply updates per vendor instructions. |
CVE-2020-6820 |
Mozilla |
ReadableStream |
Mozilla Firefox 74 and Firefox ESR 68.6 ReadableStream vulnerability |
A race condition can cause a use-after-free when handling a ReadableStream. This vulnerability affects Thunderbird < 68.7.0, Firefox < 74.0.1, and Firefox ESR < 68.6.1. |
Apply updates per vendor instructions. |
CVE-2019-17026 |
Mozilla |
IonMonkey JIT compiler |
Mozilla Firefox IonMonkey JIT compiler Type Confusion Vulnerability |
Incorrect alias information in IonMonkey JIT compiler for setting array elements could lead to a type confusion. This vulnerability affects Firefox ESR < 68.4.1, Thunderbird < 68.4.1, and Firefox < 72.0.1 |
Apply updates per vendor instructions. |
CVE-2019-15949 |
Nagios |
Nagios XI |
Nagios XI Remote Code Execution |
The exploit requires access to the server as the nagios user, or access as the admin user via the web interface. The getprofile.sh script, invoked by downloading a system profile (profile.php?cmd=download), is executed as root via a passwordless sudo entry; the script executes check_plugin, which is owned by the nagios user |
Apply updates per vendor instructions. |
CVE-2020-26919 |
Netgear |
NETGEAR JGS516PE devices |
Netgear ProSAFE Plus JGS516PE RCE vulnerability |
NETGEAR JGS516PE devices before 2.6.0.43 are affected by lack of access control at the function level. |
Apply updates per vendor instructions. |
CVE-2019-19356 |
Netis |
Netis WF2419 |
Netis WF2419 Router Tracert RCE vulnerability |
Netis WF2419 is vulnerable to authenticated Remote Code Execution (RCE) as root through the router Web management page. The vulnerability has been found in firmware version V1.2.31805 and V2.2.36123 |
Apply updates per vendor instructions. |
CVE-2020-2555 |
Oracle |
Oracle Coherence |
Oracle Coherence Deserialization RCE |
Allows unauthenticated attacker with network access via T3 to compromise Oracle Coherence. Successful attacks of this vulnerability can result in takeover of Oracle Coherence |
Apply updates per vendor instructions. |
CVE-2012-3152 |
Oracle |
Oracle Reports Developer |
Oracle Reports Developer Arbitrary File Read and Upload vulnerability |
Allows remote attackers to affect confidentiality and integrity via unknown vectors related to Report Server Component. |
Apply updates per vendor instructions. |
CVE-2020-14871 |
Oracle |
Oracle Solaris |
Oracle Solaris Pluggable Authentication Module vulnerability |
Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Solaris. |
Apply updates per vendor instructions. |
CVE-2015-4852 |
Oracle |
Oracle WebLogic Server |
Oracle WebLogic Server RCE |
Allows remote attackers to execute arbitrary commands via a crafted serialized Java object in T3 protocol traffic to TCP port 7001, related to oracle_common/modules/com.bea.core.apache.commons.collections.jar. |
Apply updates per vendor instructions. |
CVE-2020-14750 |
Oracle |
Oracle WebLogic Server |
Oracle WebLogic Server RCE |
Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. |
Apply updates per vendor instructions. |
CVE-2020-14882 |
Oracle |
Oracle WebLogic Server |
Oracle WebLogic Server RCE |
Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. |
Apply updates per vendor instructions. |
CVE-2020-14883 |
Oracle |
Oracle WebLogic Server |
Oracle WebLogic Server RCE |
Easily exploitable vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle WebLogic Server. |
Apply updates per vendor instructions. |
CVE-2020-8644 |
PlaySMS |
PlaySMS |
PlaySMS Remote Code Execution |
PlaySMS before 1.4.3 does not sanitize inputs from a malicious string. |
Apply updates per vendor instructions. |
CVE-2019-18935 |
Progess |
ASP.NET AJAX |
Progress Telerik UI for ASP.NET deserialization bug |
Contains a .NET deserialization vulnerability in the RadAsyncUpload function that can result in remote code execution. |
Apply updates per vendor instructions. |
CVE-2021-22893 |
Pulse |
Pulse Connect Secure |
Pulse Connect Secure (PCS) Remote Code Execution |
Vulnerability to an authentication bypass vulnerability exposed by the Windows File Share Browser and Pulse Secure Collaboration features of Pulse Connect Secure that can allow an unauthenticated user to perform remote arbitrary code execution on the Pulse Connect Secure gateway. |
Apply updates per vendor instructions. |
CVE-2020-8243 |
Pulse |
Pulse Connect Secure |
Pulse Connect Secure Arbitrary Code Execution |
A vulnerability in the Pulse Connect Secure < 9.1R8.2 admin web interface could allow an authenticated attacker to upload custom template to perform an arbitrary code execution. |
Apply updates per vendor instructions. |
CVE-2021-22900 |
Pulse |
Pulse Connect Secure |
Pulse Connect Secure Arbitrary File Upload Vulnerability |
A vulnerability allowed multiple unrestricted uploads in Pulse Connect Secure before 9.1R11.4 that could lead to an authenticated administrator to perform a file write via a maliciously crafted archive upload in the administrator web interface. |
Apply updates per vendor instructions. |
CVE-2021-22894 |
Pulse |
Pulse Connect Secure |
Pulse Connect Secure Collaboration Suite Remote Code Execution |
A buffer overflow vulnerability exists in Pulse Connect Secure before 9.1R11.4 allows a remote authenticated attacker to execute arbitrary code as the root user via maliciously crafted meeting room. |
Apply updates per vendor instructions. |
CVE-2020-8260 |
Pulse |
Pulse Connect Secure |
Pulse Connect Secure RCE |
A vulnerability in the Pulse Connect Secure < 9.1R9 admin web interface could allow an authenticated attacker to perform an arbitrary code execution using uncontrolled gzip extraction. |
Apply updates per vendor instructions. |
CVE-2021-22899 |
Pulse |
Pulse Connect Secure |
Pulse Connect Secure Remote Code Execution |
Allows a remote authenticated attacker to perform remote code execution via Windows Resource Profiles Feature. |
Apply updates per vendor instructions. |
CVE-2019-11510 |
Pulse |
Pulse Secure Pulse Connect Secure (PCS) |
Pulse Secure VPN arbitrary file reading vulnerability (COVID-19-CTI list) |
An unauthenticated remote attacker can send a specially crafted URI to perform an arbitrary file reading vulnerability. |
Apply updates per vendor instructions. |
CVE-2019-11539 |
Pulse Secure |
Connect Secure, Policy Secure |
Pulse Secure Connect and Policy Secure Multiple Versions Code Execution |
Pulse Secure's Connect and Policy secure platforms contain a vulnerability in the admin web interface which allows an attacker to inject and execute commands. |
Apply updates per vendor instructions. |
CVE-2021-1906 |
Qualcomm |
Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables |
Qualcomm Improper Error Handling Vulnerability |
Improper handling of address deregistration on failure can lead to new GPU address allocation failure. |
Apply updates per vendor instructions. |
CVE-2021-1905 |
Qualcomm |
Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables |
Qualcomm Use-After-Free Vulnerability |
Possible use after free due to improper handling of memory mapping of multiple processes simultaneously |
Apply updates per vendor instructions. |
CVE-2020-10221 |
rConfig |
rConfig |
rConfig RCE |
lib/ajaxHandlers/ajaxAddTemplate.php in rConfig through 3.94 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the fileName POST parameter. |
Apply updates per vendor instructions. |
CVE-2021-35395 |
Realtek |
Jungle Software Development Kit (SDK) |
Realtek SDK Arbitrary Code Execution |
Realtek Jungle SDK version v2.x up to v3.4.14B arbitrary code execution. |
Apply updates per vendor instructions. |
CVE-2017-16651 |
Roundcube |
Roundcube Webmail |
Roundcube Webmail File Disclosure Vulnerability |
Allows unauthorized access to arbitrary files on the host's filesystem, including configuration files. The issue is related to file-based attachment plugins and _task=settings&_action=upload-display&_from=timezone requests. |
Apply updates per vendor instructions. |
CVE-2020-11652 |
SaltStack |
Salt |
SaltStack directory traversal failure to sanitize untrusted input |
The salt-master process ClearFuncs class allows access to some methods that improperly sanitize paths. These methods allow arbitrary directory access to authenticated users. |
Apply updates per vendor instructions. |
CVE-2020-11651 |
SaltStack |
Salt |
SaltStack Salt Authentication Bypass |
The salt-master process ClearFuncs class does not properly validate method calls. This allows a remote user to access some methods without authentication. |
Apply updates per vendor instructions. |
CVE-2020-16846 |
SaltStack |
Salt |
SaltStack Through 3002 Shell Injection Vulnerability |
An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can result in shell injection. |
Apply updates per vendor instructions. |
CVE-2018-2380 |
SAP |
SAP CRM |
SAP NetWeaver AS JAVA CRM RCE |
SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing \"traverse to parent directory\" are passed through to the file APIs. |
Apply updates per vendor instructions. |
CVE-2010-5326 |
SAP |
SAP NetWeaver Application Server Java platforms |
SAP NetWeaver AS JAVA RCE |
The Invoker Servlet on SAP NetWeaver Application Server Java platforms, possibly before 7.3, does not require authentication, which allows remote attackers to execute arbitrary code via an HTTP or HTTPS request. |
Apply updates per vendor instructions. |
CVE-2016-9563 |
SAP |
SAP NetWeaver AS JAVA |
SAP NetWeaver AS JAVA XXE Vulnerability |
BC-BMT-BPM-DSK in SAP NetWeaver AS JAVA 7.5 allows remote authenticated users to conduct XML External Entity (XXE) attacks via the sap.com~tc~bpem~him~uwlconn~provider~web/bpemuwlconn URI, aka SAP Security Note 2296909. |
Apply updates per vendor instructions. |
CVE-2020-6287 |
SAP |
SAP NetWeaver AS JAVA (LM Configuration Wizard) |
SAP Netweaver JAVA remote unauthenticated access vulnerability |
SAP NetWeaver AS JAVA (LM Configuration Wizard), versions - 7.30, 7.31, 7.40, 7.50, does not perform an authentication check which allows an attacker without prior authentication to execute configuration tasks to perform critical actions against the SAP Java system. |
Apply updates per vendor instructions. |
CVE-2020-6207 |
SAP |
SAP Solution Manager (User Experience Monitoring) |
SAP Solution Manager Missing Authentication Check Complete Compromise of SMD Agents vulnerability |
SAP Solution Manager (User Experience Monitoring), version- 7.2, due to Missing Authentication Check does not perform any authentication for a service resulting in complete compromise of all SMDAgents connected to the Solution Manager. |
Apply updates per vendor instructions. |
CVE-2016-3976 |
SAP |
SAP NetWeaver AS Java |
SAP NetWeaver AS Java 7.1 - 7.5 Directory Traversal Vulnerability |
Directory traversal vulnerability in SAP NetWeaver AS Java 7.1 through 7.5 allows remote attackers to read arbitrary files via a ..\\ (dot dot backslash) in the fileName parameter to CrashFileDownloadServlet, aka SAP Security Note 2234971. |
Apply updates per vendor instructions. |
CVE-2019-16256 |
SIMalliance |
SIMalliance Toolbox (S@T) Browser |
SIMalliance Toolbox (S@T) Browser Command and Control Vulnerability |
Some Samsung devices include the SIMalliance Toolbox Browser (aka S@T Browser) on the UICC, which might allow remote attackers to retrieve location and IMEI information, or retrieve other data or execute certain commands, via SIM Toolkit (STK) instructions in an SMS message, aka Simjacker. |
Apply updates per vendor instructions. |
CVE-2020-10148 |
SolarWinds |
SolarWinds Orion Platform |
SolarWinds Orion API Authentication Bypass Vulnerability |
The SolarWinds Orion API is vulnerable to an authentication bypass that could allow a remote attacker to execute API commands. SolarWinds Orion Platform versions 2019.4 HF 5, 2020.2 with no hotfix installed, and 2020.2 HF 1 are affected. |
Apply updates per vendor instructions. |
CVE-2021-35211 |
SolarWinds |
SolarWinds nServ-U |
SolarWinds Serv-U Remote Memory Escape Vulnerability |
Microsoft discovered a remote code execution (RCE) vulnerability in the SolarWinds Serv-U product utilizing a Remote Memory Escape Vulnerability. |
Apply updates per vendor instructions. |
CVE-2016-3643 |
SolarWinds |
SolarWinds Virtualization Manager |
SolarWinds Virtualization Manager Privilege Escalation Vulnerability |
SolarWinds Virtualization Manager 6.3.1 and earlier allow local users to gain privileges by leveraging a misconfiguration of sudo, as demonstrated by \"sudo cat /etc/passwd.\" |
Apply updates per vendor instructions. |
CVE-2020-10199 |
Sonatype |
Sonatype Nexus Repository |
Nexus Repository Manager 3 Remote Code Execution |
Sonatype Nexus Repository before 3.21.2 allows JavaEL Injection (issue 1 of 2). |
Apply updates per vendor instructions. |
CVE-2021-20021 |
SonicWall |
SonicWall Email Security |
SonicWall Email Security Privilege Escalation Exploit Chain |
A vulnerability in the SonicWall Email Security version 10.0.9.x allows an attacker to create an administrative account by sending a crafted HTTP request to the remote host. |
Apply updates per vendor instructions. |
CVE-2019-7481 |
SonicWall |
SMA1000 |
SonicWall SMA100 9.0.0.3 and Earlier SQL Injection |
Vulnerability in SonicWall SMA100 versions 9.0.0.3 and earlier allow an unauthenticated user to gain read-only access to unauthorized resources. |
Apply updates per vendor instructions. |
CVE-2021-20022 |
SonicWall |
SonicWall Email Security |
SonicWall Email Security Privilege Escalation Exploit Chain |
SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to upload an arbitrary file to the remote host. |
Apply updates per vendor instructions. |
CVE-2021-20023 |
SonicWall |
SonicWall Email Security |
SonicWall Email Security Privilege Escalation Exploit Chain |
SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post-authenticated attacker to read an arbitrary file on the remote host. |
Apply updates per vendor instructions. |
CVE-2021-20016 |
SonicWall |
SonicWall SSLVPN SMA100 |
SonicWall SSL VPN SMA100 SQL Injection Vulnerability |
Allows a remote unauthenticated attacker to perform SQL query to access username password and other session related information in SMA100 build version 10.x. |
Apply updates per vendor instructions. |
CVE-2020-12271 |
Sophos |
Sophos XG Firewall devices |
Sophos XG Firewall SQL Injection Vulnerability |
A SQL injection issue that causes affected devices configured with either the administration (HTTPS) service or the User Portal exposed on the WAN zone. |
Apply updates per vendor instructions. |
CVE-2020-10181 |
Sumavision |
Sumavision Enhanced Multimedia Router (EMR) |
Sumavision EMR 3.0 CSRF Vulnerability |
goform/formEMR30 in Sumavision Enhanced Multimedia Router (EMR) 3.0.4.27 allows creation of arbitrary users with elevated privileges (administrator) on a device, as demonstrated by a setString=new_user<*1*>administrator<*1*>123456 request. |
Apply updates per vendor instructions. |
CVE-2017-6327 |
Symantec |
Symantec Messaging Gateway |
Symantec Messaging Gateway RCE |
The Symantec Messaging Gateway before 10.6.3-267 can encounter an issue of remote code execution. |
Apply updates per vendor instructions. |
CVE-2019-18988 |
TeamViewer |
TeamViewer Desktop |
TeamViewer Desktop Bypass Remote Login |
Allows a bypass of remote-login access control because the same key is used for different customers' installations. |
Apply updates per vendor instructions. |
CVE-2017-9248 |
Telerik |
ASP.NET AJAX and Sitefinity |
Telerik UI for ASP.NET AJAX and Progress Sitefinity Cryptographic Weakness Vuln |
Telerik.Web.UI.dll in Progress Telerik UI for ASP.NET AJAX before R2 2017 SP1 and Sitefinity before 10.0.6412.0 does not properly protect Telerik.Web.UI.DialogParametersEncryptionKey or the MachineKey. |
Apply updates per vendor instructions. |
CVE-2021-31755 |
Tenda |
Tenda AC11 devices |
Tenda AC11 Up to 02.03.01.104_CN Stack Buffer Overflow |
Tenda AC11 devices with firmware through 02.03.01.104_CN contain a stack buffer overflow vulnerability in /goform/setmac which allows for arbitrary execution. |
Apply updates per vendor instructions. |
CVE-2020-10987 |
Tenda |
Tenda AC15 AC1900 |
Tenda Router Code Execution |
The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute arbitrary system commands via the deviceName POST parameter. |
Apply updates per vendor instructions. |
CVE-2018-14558 |
Tenda |
Tenda AC7, AC9, and AC10 devices |
Tenda Router Command Injection Vulnerability |
Issue on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9 devices with firmware through V15.03.05.19(6318)_CN(AC9), and AC10 devices with firmware through V15.03.06.23_CN(AC10). A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted goform/setUsbUnload request. This occurs because the \"formsetUsbUnload\" function executes a dosystemCmd function with untrusted input. |
Apply updates per vendor instructions. |
CVE-2018-20062 |
ThinkPHP |
NoneCms |
ThinkPHP Remote Code Execution |
Issue in NoneCms V1.3. thinkphp/library/think/App.php allows remote attackers to execute arbitrary PHP code via crafted use of the filter parameter, as demonstrated by the s=index/\\think\\Request/input&filter=phpinfo&data=1 query string. |
Apply updates per vendor instructions. |
CVE-2019-9082 |
ThinkPHP |
ThinkPHP |
ThinkPHP Remote Code Execution |
ThinkPHP before 3.2.4, as used in Open Source BMS v1.1.1 and other products, allows Remote Command Execution via public//?s=index/\\think\\app/invokefunction&function=call_user_func_array&vars[0]=system&vars[1][]= followed by the command. |
Apply updates per vendor instructions. |
CVE-2019-18187 |
Trend Micro |
Trend Micro OfficeScan |
Trend Micro Antivirus 0day Traversal Vulnerability |
Trend Micro OfficeScan versions 11.0 and XG (12.0) could be exploited by an attacker utilizing a directory traversal vulnerability to extract files from an arbitrary zip file to a specific folder on the OfficeScan server, which could potentially lead to remote code execution (RCE). |
Apply updates per vendor instructions. |
CVE-2020-8467 |
Trend Micro |
Trend Micro Apex One and OfficeScan XG |
Trend Micro Apex One (2019) and OfficeScan XG migration tool remote code execution vulnerability |
A migration tool component of Trend Micro Apex One (2019) and OfficeScan XG contains a vulnerability which could allow remote attackers to execute arbitrary code on affected installations (RCE). |
Apply updates per vendor instructions. |
CVE-2020-8468 |
Trend Micro |
Trend Micro Apex One, OfficeScan XG and Worry-Free Business Security |
Trend Micro Apex One (2019), OfficeScan XG and Worry-Free Business Security (9.0, 9.5, 10.0) agent content validation escape vulnerability |
Agents are affected by a content validation escape vulnerability which could allow an attacker to manipulate certain agent client components. |
Apply updates per vendor instructions. |
CVE-2020-24557 |
Trend Micro |
Trend Micro Apex One and Worry-Free Business Security |
Trend Micro Apex One and OfficeScan XG Improper Access Control Privilege Escalation |
A vulnerability in Trend Micro Apex One and Worry-Free Business Security 10.0 SP1 on Microsoft Windows may allow an attacker to manipulate a particular product folder to disable the security temporarily, abuse a specific Windows function and attain privilege escalation |
Apply updates per vendor instructions. |
CVE-2020-8599 |
Trend Micro |
Trend Micro Apex One and OfficeScan XG server |
Trend Micro Apex One and OfficeScan XG Vulnerability |
Server contain a vulnerable EXE file that could allow a remote attacker to write arbitrary data to an arbitrary path on affected installations and bypass ROOT login. |
Apply updates per vendor instructions. |
CVE-2021-36742 |
Trend Micro |
Trend Micro Apex One, Apex One as a Service, OfficeScan XG and Worry-Free Business Security |
Trend Micro Systems Multiple Products Buffer Overflow - Arbitrary File Upload |
An improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG and Worry-Free Business Security 10.0 SP1 allows a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. |
Apply updates per vendor instructions. |
CVE-2021-36741 |
Trend Micro |
Trend Micro Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free Business Security |
Trend Micro Systems Multiple Products Buffer Overflow - Arbitrary File Upload |
An improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free Business Security 10.0 SP1 allows a remote attached to upload arbitrary files on affected installations. Please note: an attacker must first obtain the ability to logon to the product's management console in order to exploit this vulnerability. |
Apply updates per vendor instructions. |
CVE-2019-20085 |
TVT |
NVMS-1000 |
TVT NVMS-1000 Directory Traversal |
TVT NVMS-1000 devices allow GET /.. Directory Traversal |
Apply updates per vendor instructions. |
CVE-2020-5849 |
Unraid |
Unraid |
Unraid 6.8.0 Authentication Bypass |
Unraid 6.8.0 allows authentication bypass. |
Apply updates per vendor instructions. |
CVE-2020-5847 |
Unraid |
Unraid |
Unraid 6.8.0 Remote Code Execution |
Unraid through 6.8.0 allows Remote Code Execution. |
Apply updates per vendor instructions. |
CVE-2019-16759 |
vBulletin |
vBulletin |
vBulletin PHP Module RCE |
vBulletin 5.x through 5.5.4 allows remote command execution via the widgetConfig[code] parameter in an ajax/render/widget_php routestring request. |
Apply updates per vendor instructions. |
CVE-2020-17496 |
vBulletin |
vBulletin |
vBulletin PHP Module RCE |
vBulletin 5.5.4 through 5.6.2 allows remote command execution via crafted subWidgets data in an ajax/render/widget_tabbedcontainer_tab_panel request. NOTE: this issue exists because of an incomplete fix for CVE-2019-16759. |
Apply updates per vendor instructions. |
CVE-2019-5544 |
VMWare |
ESXi, Horizon DaaS Appliances |
VMWare ESXi/Horizon DaaS Appliances Heap-Overwrite Vulnerability |
OpenSLP as used in ESXi and the Horizon DaaS appliances have a heap overwrite issue. A malicious actor with network access to port 427 on an ESXi host or on any Horizon DaaS management appliance may be able to overwrite the heap of the OpenSLP service resulting in remote code execution. |
Apply updates per vendor instructions. |
CVE-2020-3992 |
VMWare |
ESXi |
OpenSLP as used in VMware ESXi |
OpenSLP as used in VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202010401-SG, 6.5 before ESXi650-202010401-SG) has a use-after-free issue. A malicious actor residing in the management network who has access to port 427 on an ESXi machine may be able to trigger a use-after-free in the OpenSLP service resulting in remote code execution. |
Apply updates per vendor instructions. |
CVE-2020-3950 |
VMWare |
VMWare Fusion, VMware Remote Console for Mac, and Horizon Client for Mac |
VMWare Privilege escalation vulnerability |
Privilege escalation vulnerability due to improper use of setuid binaries. |
Apply updates per vendor instructions. |
CVE-2021-22005 |
VMWare |
vCenter Server |
VMWare vCenter Server File Upload |
VMWare vCenter Server file upload vulnerability in the vmware-analytics service that allows to execute code on vCenter Server. |
Apply updates per vendor instructions. |
CVE-2020-3952 |
VMWare |
vCenter Server |
VMWare vCenter Server Info Disclosure Vulnerability |
Under certain conditions, vmdir that ships with VMware vCenter Server, as part of an embedded or external Platform Services Controller (PSC), does not correctly implement access controls. |
Apply updates per vendor instructions. |
CVE-2021-21972 |
VMWare |
vCenter Server |
VMWare vCenter Server RCE |
The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. |
Apply updates per vendor instructions. |
CVE-2021-21985 |
VMWare |
vCenter Server |
VMWare vCenter Server Remote Code Execution |
The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. |
Apply updates per vendor instructions. |
CVE-2020-4006 |
VMWare |
VMWare Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector |
VMWare Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector Command Injection vulnerability |
VMWare Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a command injection vulnerability. |
Apply updates per vendor instructions. |
CVE-2020-25213 |
WordPress |
File Manager |
WordPress File Manager RCE |
The File Manager (wp-file-manager) plugin before 6.9 for WordPress allows remote attackers to upload and execute arbitrary PHP code because it renames an unsafe example elFinder connector file to have the .php extension. |
Apply updates per vendor instructions. |
CVE-2020-11738 |
WordPress |
Snap Creek Duplicator |
WordPress Snap Creek Duplicator and Duplicator Pro plugins Directory Traversal |
The Snap Creek Duplicator plugin before 1.3.28 for WordPress (and Duplicator Pro before 3.8.7.1) allows Directory Traversal via ../ in the file parameter to duplicator_download or duplicator_init. |
Apply updates per vendor instructions. |
CVE-2019-9978 |
WordPress |
Social-Warfare |
WordPress Social-Warfare plugin XSS |
The social-warfare plugin before 3.5.3 for WordPress has stored XSS via the wp-admin/admin-post.php?swp_debug=load_options swp_url parameter, as exploited in the wild in March 2019. This affects Social Warfare and Social Warfare Pro. |
Apply updates per vendor instructions. |
CVE-2021-27561 |
Yealink |
Device Management Platform |
Yealink Device Management Server Pre-Authorization SSRF |
Yealink Device Management (DM) 3.6.0.20 allows command injection as root via the /sm/api/v1/firewall/zone/services URI, without authentication |
Apply updates per vendor instructions. |
CVE-2021-40539 |
Zoho |
ManageEngine ADSelfServicePlus |
Zoho Corp. ManageEngine ADSelfService Plus Version 6113 and Earlier Authentication Bypass |
Zoho ManageEngine ADSelfService Plus versions 6113 and earlier contain an authentication bypass vulnerability which allows for RCE. |
Apply updates per vendor instructions. |
CVE-2020-10189 |
Zoho |
ManageEngine Desktop Central |
Zoho ManageEngine Desktop Central Remote Code Execution Vulnerability |
Zoho ManageEngine Desktop Central before 10.0.474 allows remote code execution because of deserialization of untrusted data in getChartImage in the FileStorage class. This is related to the CewolfServlet and MDMLogUploaderServlet servlets. |
Apply updates per vendor instructions. |
CVE-2019-8394 |
Zoho |
ManageEngine ServiceDesk Plus (SDP) |
Zoho ManageEngine ServiceDesk Plus Arbitrary File Upload Vulnerability |
Zoho ManageEngine ServiceDesk Plus (SDP) before 10.0 build 10012 allows remote attackers to upload arbitrary files via login page customization. |
Apply updates per vendor instructions. |
CVE-2020-29583 |
ZyXEL |
Unified Security Gateway (USG) |
ZyXEL Unified Security Gateway Undocumented Administrator Account with Default Credentials |
Firmware version 4.60 of ZyXEL USG devices contains an undocumented account (zyfwp) with an unchangeable password. |
Apply updates per vendor instructions. |
CVE-2021-22204 |
Perl |
Exiftool |
ExifTool Remote Code Execution |
Improper neutralization of user data in the DjVu file format in Exiftool versions 7.44 and up allows arbitrary code execution when parsing the malicious image |
Apply updates per vendor instructions. |
CVE-2021-40449 |
Microsoft |
Windows OS |
Microsoft Windows Win32k Elevation of Privilege |
Unspecified vulnerability allows for an authenticated user to escalate privileges. |
Apply updates per vendor instructions. |
CVE-2021-42321 |
Microsoft |
Exchange |
Microsoft Exchange Server Remote Code Execution |
An authenticated attacker could leverage improper validation in cmdlet arguments within Microsoft Exchange and perform remote code execution. |
Apply updates per vendor instructions. |
CVE-2021-42292 |
Microsoft |
Office |
Microsoft Excel Security Feature Bypass |
A security feature bypass vulnerability in Microsoft Excel would allow a local user to perform arbitrary code execution. |
Apply updates per vendor instructions. |
CVE-2020-11261 |
Qualcomm |
Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables |
Qualcomm Multiple Chipsets Improper Input Validation Vulnerability |
Memory corruption due to improper check to return error when user application requests memory allocation of a huge size in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables |
Apply updates per vendor instructions. |
CVE-2018-14847 |
MikroTik |
RouterOS |
MikroTik Router OS Directory Traversal Vulnerability |
MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write arbitrary files due to a directory traversal vulnerability in the WinBox interface. |
Apply updates per vendor instructions. |
CVE-2021-37415 |
Zoho |
ManageEngine ServiceDesk Plus (SDP) |
Zoho ManageEngine ServiceDesk Authentication Bypass Vulnerability |
Zoho ManageEngine ServiceDesk Plus before 11302 is vulnerable to authentication bypass that allows a few REST-API URLs without authentication |
Apply updates per vendor instructions. |
CVE-2021-40438 |
Apache |
Apache |
Apache HTTP Server-Side Request Forgery (SSRF) |
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier. |
Apply updates per vendor instructions. |
CVE-2021-44077 |
Zoho |
ManageEngine ServiceDesk Plus (SDP) / SupportCenter Plus |
Zoho ManageEngine ServiceDesk Plus Remote Code Execution |
Zoho ManageEngine ServiceDesk Plus before 11306, ServiceDesk Plus MSP before 10530, and SupportCenter Plus before 11014 are vulnerable to unauthenticated remote code execution |
Apply updates per vendor instructions. |
CVE-2021-44515 |
Zoho Corporation |
Desktop Central |
Zoho Corp. Desktop Central Authentication Bypass Vulnerability |
Zoho Desktop Central contains an authentication bypass vulnerability that could allow an attacker to execute arbitrary code in the Desktop Central MSP server. |
Apply updates per vendor instructions. |
CVE-2019-13272 |
Linux |
Kernel |
Linux Kernel Improper Privilege Management Vulnerability |
Kernel/ptrace.c in Linux kernel mishandles contains an improper privilege management vulnerability which allows local users to obtain root access. |
Apply updates per vendor instructions. |
CVE-2021-35394 |
Realtek |
Jungle Software Development Kit (SDK) |
Realtek Jungle SDK Remote Code Execution |
RealTek Jungle SDK contains multiple memory corruption vulnerabilities which can allow an attacker to perform remote code execution. |
Apply updates per vendor instructions. |
CVE-2019-7238 |
Sonatype |
Nexus Repository Manager |
Sonatype Nexus Repository Manager Incorrect Access Control Vulnerability |
Sonatype Nexus Repository Manager before 3.15.0 has an incorrect access control vulnerability. Exploitation allows for remote code execution. |
Apply updates per vendor instructions. |
CVE-2019-0193 |
Apache |
Solr |
Apache Solr DataImportHandler Code Injection Vulnerability |
The optional Apache Solr module DataImportHandler contains a code injection vulnerability. |
Apply updates per vendor instructions. |
CVE-2021-44168 |
Fortinet |
FortiOS |
Fortinet FortiOS Arbitrary File Download |
Fortinet FortiOS \"execute restore src-vis\" downloads code without integrity checking, allowing an attacker to arbitrarily download files. |
Apply updates per vendor instructions. |
CVE-2017-17562 |
Embedthis |
GoAhead |
Embedthis GoAhead Remote Code Execution |
Embedthis GoAhead before 3.6.5 allows remote code execution if CGI is enabled and a CGI program is dynamically linked. |
Apply updates per vendor instructions. |
CVE-2017-12149 |
Red Hat |
Jboss Application Server |
Red Hat Jboss Application Server Remote Code Execution |
The Jboss Application Server, shipped with Red Hat Enterprise Application Platform 5.2, allows an attacker to execute arbitrary code via crafted serialized data. |
Apply updates per vendor instructions. |
CVE-2010-1871 |
Red Hat |
JBoss Seam 2 |
Red Hat Linux JBoss Seam 2 Remote Code Execution |
JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux, allows attackers to perform remote code execution. This vulnerability can only be exploited when the Java Security Manager is not properly configured. |
Apply updates per vendor instructions. |
CVE-2020-17463 |
Fuel CMS |
|
Fuel CMS SQL Injection Vulnerability |
FUEL CMS 1.4.7 allows SQL Injection via the col parameter to /pages/items, /permissions/items, or /navigation/items. |
Apply updates per vendor instructions. |
CVE-2020-8816 |
Pi-hole |
AdminLTE |
Pi-Hole AdminLTE Remote Code Execution |
Pi-hole Web v4.3.2 (aka AdminLTE) allows Remote Code Execution by privileged dashboard users via a crafted DHCP static lease. |
Apply updates per vendor instructions. |
CVE-2019-10758 |
MongoDB |
mongo-express |
MongoDB mongo-express Remote Code Execution |
mongo-express before 0.54.0 is vulnerable to Remote Code Execution via endpoints that uses the `toBSON` method. |
Apply updates per vendor instructions. |
CVE-2021-44228 |
Apache |
Log4j2 |
Apache Log4j2 Remote Code Execution |
Apache Log4j2 contains a vulnerability where JNDI features do not protect against attacker-controlled JNDI-related endpoints, allowing for remote code execution. |
Apply updates per vendor instructions. |
CVE-2021-43890 |
Microsoft |
Windows AppX Installer |
Microsoft Windows AppX Installer Spoofing Vulnerability |
Microsoft Windows AppX Installer contains a spoofing vulnerability which has a high impacts to confidentiality, integrity, and availability. |
Apply updates per vendor instructions. |
CVE-2021-4102 |
Google |
Chromium V8 |
Google Chromium V8 Engine Use-After-Free Vulnerability |
Google Chromium V8 Engine contains a use-after-free vulnerability which can allow a remote attacker to execute arbitrary code on the target system. |
Apply updates per vendor instructions. |
CVE-2021-22017 |
VMWare |
vCenter Server |
Vmware vCenter Server Improper Access Control |
Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization. |
Apply updates per vendor instructions. |
CVE-2021-36260 |
Hikvision |
Security cameras web server |
Hikvision Improper Input Validation |
A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation. |
Apply updates per vendor instructions. |
CVE-2020-6572 |
Google |
Chrome |
Google Chrome Prior to 81.0.4044.92 Use-After-Free |
Use after free in Media in Google Chrome prior to 81.0.4044.92 allowed a Remote attacker to execute arbitrary code via a crafted HTML page. |
Apply updates per vendor instructions. |
CVE-2019-1458 |
Windows |
Win32K |
Microsoft Win32K Elevation of Privilege |
An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka 'Win32k EoP. |
Apply updates per vendor instructions. |
CVE-2013-3900 |
Windows |
WinVerifyTrust function |
Microsoft WinVerifyTrust function Remote Code Execution |
A remote code execution vulnerability exists in the way that the WinVerifyTrust function handles Windows Authenticode signature verification for PE files. |
Apply updates per vendor instructions. |
CVE-2019-2725 |
Oracle |
WebLogic Server |
Oracle WebLogic Server, Injection |
Injection vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). |
Apply updates per vendor instructions. |
CVE-2019-9670 |
Synacor |
Zimbra Collaboration Suite |
Synacor Zimbra Collaboration Suite Improper Restriction of XML External Entity Reference |
Improper Restriction of XML External Entity Reference vulnerability affecting Synacor Zimbra Collaboration Suite. |
Apply updates per vendor instructions. |
CVE-2018-13382 |
Fortinet |
FortiOS and FortiProxy |
Fortinet FortiOS and FortiProxy Improper Authorization |
An Improper Authorization vulnerability in Fortinet FortiOS and FortiProxy under SSL VPN web portal allows an unauthenticated attacker to modify the password. |
Apply updates per vendor instructions. |
CVE-2018-13383 |
Fortinet |
FortiOS and FortiProxy |
Fortinet FortiOS and FortiProxy Out-of-bounds Write |
A heap buffer overflow in Fortinet FortiOS and FortiProxy may cause the SSL VPN web service termination for logged in users. |
Apply updates per vendor instructions. |
CVE-2019-1579 |
Palo Alto Networks |
PAN-OS |
Palo Alto Networks PAN-OS Remote Code Execution |
Remote Code Execution in PAN-OS with GlobalProtect Portal or GlobalProtect Gateway Interface enabled. |
Apply updates per vendor instructions. |
CVE-2019-10149 |
Exim |
Mail Transfer Agent (MTA) |
Exim Mail Transfer Agent (MTA)Improper Input Validation |
Improper validation of recipient address in deliver_message() function in /src/deliver.c may lead to remote command execution. |
Apply updates per vendor instructions. |
CVE-2015-7450 |
IBM |
WebSphere Application Server and Server Hypervisor Edition |
IBM WebSphere Application Server and Server Hypervisor Edition Code Injection. |
Serialized-object interfaces in certain IBM analytics, business solutions, cognitive, IT infrastructure, and mobile and social products allow remote attackers to execute arbitrary commands |
Apply updates per vendor instructions. |
CVE-2017-1000486 |
Primetek |
Primefaces Application |
Primetek Primefaces Remote Code Execution |
Primetek Primefaces is vulnerable to a weak encryption flaw resulting in remote code execution |
Apply updates per vendor instructions. |
CVE-2019-7609 |
Elastic |
Kibana |
Kibana Arbitrary Code Execution |
Kibana contain an arbitrary code execution flaw in the Timelion visualizer. |
Apply updates per vendor instructions. |
CVE-2021-27860 |
FatPipe |
WARP, IPVPN, and MPVPN software |
FatPipe WARP, IPVPN, and MPVPN Configuration Upload exploit |
A vulnerability in the web management interface of FatPipe WARP, IPVPN, and MPVPN software allows a remote, unauthenticated attacker to upload a file to any location on the filesystem. |
Apply updates per vendor instructions. |
CVE-2021-32648 |
October CMS |
October CMS |
October CMS Improper Authentication |
In affected versions of the october/system package an attacker can request an account password reset and then gain access to the account using a specially crafted request. |
Apply updates per vendor instructions. |
CVE-2021-25296 |
Nagios |
Nagios XI |
Nagios XI OS Command Injection |
Nagios XI contains a vulnerability which can lead to OS command injection on the Nagios XI server. |
Apply updates per vendor instructions. |
CVE-2021-25297 |
Nagios |
Nagios XI |
Nagios XI OS Command Injection |
Nagios XI contains a vulnerability which can lead to OS command injection on the Nagios XI server. |
Apply updates per vendor instructions. |
CVE-2021-25298 |
Nagios |
Nagios XI |
Nagios XI OS Command Injection |
Nagios XI contains a vulnerability which can lead to OS command injection on the Nagios XI server. |
Apply updates per vendor instructions. |
CVE-2021-40870 |
Aviatrix |
Aviatrix Controller |
Aviatrix Controller Unrestricted Upload of File |
Unrestricted upload of a file with a dangerous type is possible, which allows an unauthenticated user to execute arbitrary code via directory traversal. |
Apply updates per vendor instructions. |
CVE-2021-33766 |
Microsoft |
Exchange Servers |
Microsoft Exchange Server Information Disclosure |
Microsoft Exchange Servers contain an information disclosure vulnerability which can allow an unauthenticated attacker to steal email traffic from target. |
Apply updates per vendor instructions. |
CVE-2021-21975 |
VMware |
vRealize Operations Manager API |
VMware Server Side Request Forgery in vRealize Operations Manager API |
Server Side Request Forgery (SSRF) in vRealize Operations Manager API prior to 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API to perform a SSRF attack to steal administrative credentials. |
Apply updates per vendor instructions. |
CVE-2021-21315 |
Npm package |
System Information Library for Node.JS |
System Information Library for Node.JS Command Injection |
In this vulnerability, an attacker can send a malicious payload that will exploit the name parameter. After successful exploitation, attackers can execute remote. |
Apply updates per vendor instructions. |
CVE-2021-22991 |
F5 |
BIG-IP Traffic Management Microkernel |
F5 BIG-IP Traffic Management Microkernel Buffer Overflow |
The Traffic Management Microkernel of BIG-IP ASM Risk Engine has a buffer overflow vulnerability, leading to a bypassing of URL-based access controls. |
Apply updates per vendor instructions. |
CVE-2020-14864 |
Oracle Corporation |
Intelligence Enterprise Edition |
Oracle Corporation Business Intelligence Enterprise Edition Path Transversal |
Path traversal vulnerability, where an attacker can target the preview FilePath parameter of the getPreviewImage function to get access to arbitrary system file. |
Apply updates per vendor instructions. |
CVE-2020-13671 |
Drupal |
Drupal core |
Drupal core Un-restricted Upload of File |
Improper sanitization in the extension file names is present in Drupal core. |
Apply updates per vendor instructions. |
CVE-2020-11978 |
Apache |
Airflow |
Apache Airflow Command Injection |
A remote code/command injection vulnerability was discovered in one of the example DAGs shipped with Airflow. |
Apply updates per vendor instructions. |
CVE-2020-13927 |
Apache |
Airflow's Experimental API |
Apache Airflow's Experimental API Authentication Bypass |
The previous default setting for Airflow's Experimental API was to allow all API requests without authentication. |
Apply updates per vendor instructions. |
CVE-2006-1547 |
Apache |
Struts 1 |
Apache Struts 1 ActionForm Denial of Service Vulnerability |
ActionForm in Apache Struts versions before 1.2.9 with BeanUtils 1.7 contains a vulnerability which allows for denial-of-service. |
Apply updates per vendor instructions. |
CVE-2012-0391 |
Apache |
Struts 2 |
Apache Struts 2 Improper Input Validation Vulnerability |
The ExceptionDelegator component in Apache Struts 2 before 2.2.3.1 contains an improper input validation vulnerability which allows for remote code execution. |
Apply updates per vendor instructions. |
CVE-2018-8453 |
Microsoft |
Win32K |
Microsoft Windows Win32k Privilege Escalation Vulnerability |
Microsoft Windows Win32k contains a vulnerability which allows an attacker to escalate privileges. |
Apply updates per vendor instructions. |
CVE-2021-35247 |
SolarWinds |
Serv-U |
SolarWinds Serv-U Improper Input Validation Vulnerability |
SolarWinds Serv-U versions 15.2.5 and earlier contain an improper input validation vulnerability which allows attackers to build and send queries without sanitization. |
Apply updates per vendor instructions. |
CVE-2022-22587 |
Apple |
IOMobileFrameBuffer |
Apple IOMobileFrameBuffer Memory Corruption Vulnerability |
Apple IOMobileFrameBuffer contains a memory corruption vulnerability which can allow a malicious application to execute arbitrary code with kernel privileges. |
Apply updates per vendor instructions. |
CVE-2021-20038 |
SonicWall |
SMA 100 Appliances |
SonicWall SMA 100 Appliances Stack-Based Buffer Overflow Vulnerability |
SonicWall SMA 100 devies are vulnerable to an unauthenticated stack-based buffer overflow vulnerability where exploitation can result in code execution. |
Apply updates per vendor instructions. |
CVE-2020-5722 |
Grandstream |
UCM6200 |
Grandstream Networks UCM6200 Series SQL Injection Vulnerability |
Grandstream UCM6200 series is vulnerable to an unauthenticated remote SQL injection via crafted HTTP request. Exploitation can allow for code execution as root. |
Apply updates per vendor instructions. |
CVE-2020-0787 |
Microsoft |
Windows Background Intelligent Transfer Service (BITS) |
Microsoft Windows Background Intelligent Transfer Service (BITS) Improper Privilege Management Vulnerability |
Microsoft Windows BITS is vulnerable to to a privilege elevation vulnerability if it improperly handles symbolic links. An actor can exploit this vulnerability to execute arbitrary code with system-level privileges. |
Apply updates per vendor instructions. |
CVE-2017-5689 |
Intel |
Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageability |
Intel Active Management Technology (AMT), Small Business Technology (SBT), and Standard Manageability Privilege Escalation Vulnerability |
Intel products contain a vulnerability which can allow attackers to perform privilege escalation. |
Apply updates per vendor instructions. |
CVE-2014-1776 |
Microsoft |
Internet Explorer |
Microsoft Internet Explorer Use-After-Free Vulnerability |
Microsoft Internet Explorer 6 - 11 contains a use-after-free vulnerability which can allow for arbitrary code execution or denial of service. |
Apply updates per vendor instructions. |
CVE-2014-6271 |
GNU |
Bourne-Again Shell (Bash) |
GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability |
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute code. |
Apply updates per vendor instructions. |
CVE-2014-7169 |
GNU |
Bourne-Again Shell (Bash) |
GNU Bourne-Again Shell (Bash) Arbitrary Code Execution Vulnerability |
GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute code. This CVE correctly remediates the vulnerability in CVE-2014-6271. |
Apply updates per vendor instructions. |
CVE-2022-21882 |
Microsoft |
Win32k |
Microsoft Win32k Privilege Escalation Vulnerability |
Microsoft Win32k contains an unspecified vulnerability which allows for privilege escalation. |
Apply updates per vendor instructions. |
CVE-2021-36934 |
Microsoft |
Windows SAM |
Microsoft Windows SAM Local Privilege Escalation Vulnerability |
If a Volume Shadow Copy (VSS) shadow copy of the system drive is available, users can read the SAM file which would allow any user to escalate privileges to SYSTEM level. |
Apply updates per vendor instructions. |
CVE-2020-0796 |
Microsoft |
SMBv3 |
Microsoft SMBv3 Remote Code Execution Vulnerability |
A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests. An attacker who successfully exploited the vulnerability could gain the ability to execute code on the target server or client. |
Apply updates per vendor instructions. |
CVE-2018-1000861 |
Jenkins |
Jenkins Stapler Web Framework |
Jenkins Stapler Web Framework Deserialization of Untrusted Data Vulnerability |
A code execution vulnerability exists in the Stapler web framework used by Jenkins |
Apply updates per vendor instructions. |
CVE-2017-9791 |
Apache |
Struts 1 |
Apache Struts 1 Improper Input Validation Vulnerability |
The Struts 1 plugin in Apache Struts might allow remote code execution via a malicious field value passed in a raw message to the ActionMessage. |
Apply updates per vendor instructions. |
CVE-2017-8464 |
Microsoft |
Windows Shell (.lnk) |
Microsoft Windows Shell (.lnk) Remote Code Execution Vulnerability |
Windows Shell in multiple versions of Microsoft Windows allows local users or remote attackers to execute arbitrary code via a crafted .LNK file |
Apply updates per vendor instructions. |
CVE-2017-10271 |
Oracle |
WebLogic Server |
Oracle Corporation WebLogic Server Remote Code Execution Vulnerability |
Oracle Corporation WebLogic Server contains a vulnerability that allows for remote code execution. |
Apply updates per vendor instructions. |
CVE-2017-0263 |
Microsoft |
Win32k |
Microsoft Win32k Privilege Escalation Vulnerability |
Microsoft Win32k contains a privilege escalation vulnerability due to the Windows kernel-mode driver failing to properly handle objects in memory. |
Apply updates per vendor instructions. |
CVE-2017-0262 |
Microsoft |
Office |
Microsoft Office Remote Code Execution Vulnerability |
A remote code execution vulnerability exists in Microsoft Office. |
Apply updates per vendor instructions. |
CVE-2017-0145 |
Microsoft |
SMBv1 |
Microsoft SMBv1 Remote Code Execution Vulnerability |
The SMBv1 server in multiple Microsoft Windows versions allows remote attackers to execute arbitrary code via crafted packets. |
Apply updates per vendor instructions. |
CVE-2017-0144 |
Microsoft |
SMBv1 |
Microsoft SMBv1 Remote Code Execution Vulnerability |
The SMBv1 server in multiple Microsoft Windows versions allows remote attackers to execute arbitrary code via crafted packets. |
Apply updates per vendor instructions. |
CVE-2016-3088 |
Apache |
ActiveMQ |
Apache ActiveMQ Improper Input Validation Vulnerability |
The Fileserver web application in Apache ActiveMQ allows remote attackers to upload and execute arbitrary files via an HTTP PUT followed by an HTTP MOVE request |
Apply updates per vendor instructions. |
CVE-2015-2051 |
D-Link |
DIR-645 Router |
D-Link DIR-645 Router Remote Code Execution |
D-Link DIR-645 Wired/Wireless Router allows remote attackers to execute arbitrary commands via a GetDeviceSettings action to the HNAP interface. |
The impacted product is end-of-life and should be disconnected if still in use. |
CVE-2015-1635 |
Microsoft |
HTTP.sys |
Microsoft HTTP.sys Remote Code Execution Vulnerability |
Microsoft HTTP protocol stack (HTTP.sys) contains a vulnerability which allows for remote code execution. |
Apply updates per vendor instructions. |
CVE-2015-1130 |
Apple |
OS X |
Apple OS X Authentication Bypass Vulnerability |
The XPC implementation in Admin Framework in Apple OS X before 10.10.3 allows local users to bypass authentication and obtain admin privileges. |
Apply updates per vendor instructions. |
CVE-2014-4404 |
Apple |
OS X |
Apple OS X Heap-Based Buffer Overflow Vulnerability |
Heap-based buffer overflow in IOHIDFamily in Apple OS X, which affects, iOS before 8 and Apple TV before 7, allows attackers to execute arbitrary code in a privileged context. |
Apply updates per vendor instructions. |
CVE-2022-22620 |
Apple |
Webkit |
Apple Webkit Remote Code Execution Vulnerability |
Apple Webkit, which impacts iOS, iPadOS, and macOS, contains a vulnerability which allows for remote code execution. |
Apply updates per vendor instructions. |
CVE-2022-24086 |
Adobe |
Commerce and Magento Open Source |
Adobe Commerce and Magento Open Source Improper Input Validation Vulnerability |
Adobe Commerce and Magento Open Source contain an improper input validation vulnerability which can allow for arbitrary code execution. |
Apply updates per vendor instructions. |
CVE-2022-0609 |
Google |
Chrome |
Google Chrome Use-After-Free Vulnerability |
The vulnerability exists due to a use-after-free error within the Animation component in Google Chrome. |
Apply updates per vendor instructions. |
CVE-2019-0752 |
Microsoft |
Internet Explorer |
Microsoft Internet Explorer Type Confusion Vulnerability |
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer |
Apply updates per vendor instructions. |
CVE-2018-8174 |
Microsoft |
Windows VBScript Engine |
Microsoft Windows VBScript Engine Out-of-Bounds Write Vulnerability |
A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka \"Windows VBScript Engine Remote Code Execution\" |
Apply updates per vendor instructions. |
CVE-2018-20250 |
RARLAB |
WinRAR |
WinRAR Absolute Path Traversal Vulnerability |
WinRAR Absolute Path Traversal vulnerability leads to Remote Code Execution |
Apply updates per vendor instructions. |
CVE-2018-15982 |
Adobe |
Flash Player |
Adobe Flash Player Use-After-Free Vulnerability |
Adobe Flash Player com.adobe.tvsdk.mediacore.metadata Use After Free Vulnerability |
Apply updates per vendor instructions. |
CVE-2017-9841 |
PHPUnit |
PHPUnit |
PHPUnit Command Injection Vulnerability |
PHPUnit allows remote attackers to execute arbitrary PHP code via HTTP POST data beginning with a \"
| Apply updates per vendor instructions. |
CVE-2014-1761 |
Microsoft |
Word |
Microsoft Word Memory Corruption Vulnerability |
Microsoft Word contains a memory corruption vulnerability which when exploited could allow for remote code execution. |
Apply updates per vendor instructions. |
CVE-2013-3906 |
Microsoft |
Graphics Component |
Microsoft Graphics Component Memory Corruption Vulnerability |
Microsoft Graphics Component contains a memory corruption vulnerability which can allow for remote code execution. |
Apply updates per vendor instructions. |