| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The web administration server in Solar-Log 500 before 2.8.2 Build 52 does not require authentication, which allows remote attackers to gain administrative privileges by connecting to the server. As a result, the attacker can modify configuration files and change the system status. Fixed with 3.0.0-60 11.10.2013 for SL 200, 500, 1000 / not existing for SL 250, 300, 1200, 2000, SL 50 Gateway, SL Base. |
| Advantech WebAccess 8.4.2 and 8.4.4 allows XSS via the username column of the bwRoot.asp page of WADashboard. |
| An issue was discovered in CubeCoders AMP before 2.1.1.8. A lack of validation of the Java Version setting means that an unintended executable path can be set. The result is that high-privileged users can trigger code execution. |
| Apache Hive before 3.1.3 "CREATE" and "DROP" function operations does not check for necessary authorization of involved entities in the query. It was found that an unauthorized user can manipulate an existing UDF without having the privileges to do so. This allowed unauthorized or underprivileged users to drop and recreate UDFs pointing them to new jars that could be potentially malicious. |
| Windows Bluetooth Driver Elevation of Privilege Vulnerability |
| Windows MSHTML Platform Remote Code Execution Vulnerability |
| Windows Graphics Component Font Parsing Remote Code Execution Vulnerability |
| ASP.NET Core and Visual Studio Information Disclosure Vulnerability |
| Windows Graphics Component Remote Code Execution Vulnerability |
| Visual Studio Code Remote Code Execution Vulnerability |
| Visual Studio Code Remote Code Execution Vulnerability |
| Windows DNS Server Remote Code Execution Vulnerability |
| Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability |
| Microsoft Defender Remote Code Execution Vulnerability |
| Raw Image Extension Remote Code Execution Vulnerability |
| Microsoft SharePoint Server Remote Code Execution Vulnerability |
| Microsoft SharePoint Server Information Disclosure Vulnerability |
| Microsoft Excel Remote Code Execution Vulnerability |
| Microsoft SharePoint Server Spoofing Vulnerability |
| Win32k Elevation of Privilege Vulnerability |