| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Windows Network File System Remote Code Execution Vulnerability |
| Windows Hyper-V Security Feature Bypass Vulnerability |
| Windows Console Driver Denial of Service Vulnerability |
| Windows TCP/IP Information Disclosure Vulnerability |
| Windows Hyper-V Information Disclosure Vulnerability |
| Windows Installer Elevation of Privilege Vulnerability |
| Windows TCP/IP Driver Denial of Service Vulnerability |
| Windows Console Driver Denial of Service Vulnerability |
| Windows Installer Information Disclosure Vulnerability |
| Windows Speech Runtime Elevation of Privilege Vulnerability |
| Windows Event Tracing Information Disclosure Vulnerability |
| Remote Procedure Call Runtime Remote Code Execution Vulnerability |
| Integer overflow vulnerability in av_timecode_make_string in libavutil/timecode.c in FFmpeg version 4.3.2, allows local attackers to cause a denial of service (DoS) via crafted .mov file. |
| File upload vulnerability in HorizontCMS before 1.0.0-beta.3 via uploading a .htaccess and *.hello files using the Media Files upload functionality. The original file upload vulnerability (CVE-2020-27387) was remediated by restricting the PHP extensions; however, we confirmed that the filter was bypassed via uploading an arbitrary .htaccess and *.hello files in order to execute PHP code to gain RCE. |
| Buffer Overflow vulnerability in XNView version 2.49.3, allows local attackers to execute arbitrary code via crafted TIFF file. |
| A stored cross-site scripting (XSS) vulnerability in Teachers Record Management System 1.0 allows remote authenticated users to inject arbitrary web script or HTML via the 'email' POST parameter in adminprofile.php. |
| A cross-site scripting (XSS) issue in Seo Panel 4.8.0 allows remote attackers to inject JavaScript via alerts.php and the "from_time" parameter. |
| The "order_col" parameter in archive.php of SEO Panel 4.8.0 is vulnerable to time-based blind SQL injection, which leads to the ability to retrieve all databases. |
| A cross-site scripting (XSS) issue in Seo Panel 4.8.0 allows remote attackers to inject JavaScript via settings.php and the "category" parameter. |
| A cross-site scripting (XSS) issue in Seo Panel 4.8.0 allows remote attackers to inject JavaScript via archive.php and the "search_name" parameter. |
