Total
29206 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2009-5125 | 1 Comodo | 1 Comodo Internet Security | 2024-09-16 | N/A |
Comodo Internet Security before 3.9.95478.509 allows remote attackers to bypass malware detection in an RAR archive via an unspecified manipulation of the archive file format. | ||||
CVE-2018-10739 | 1 2345 Security Guard Project | 1 2345 Security Guard | 2024-09-16 | N/A |
An issue was discovered in Shanghai 2345 Security Guard 3.7.0. 2345MPCSafe.exe allows local users to bypass intended process protections, and consequently terminate process, because WM_SYSCOMMAND is not properly considered. | ||||
CVE-2013-5773 | 1 Oracle | 1 Fusion Middleware | 2024-09-16 | N/A |
Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Fusion Middleware 10.1.3.5.0 allows remote attackers to affect integrity via unknown vectors related to Servlet Runtime. | ||||
CVE-2018-1595 | 1 Ibm | 2 Platform Symphony, Spectrum Symphony | 2024-09-16 | N/A |
IBM Spectrum Symphony and Platform Symphony 7.1.2 and 7.2.0.2 could allow an authenticated user to execute arbitrary commands due to improper handling of user supplied input. IBM X-Force ID: 143622. | ||||
CVE-2021-29671 | 1 Ibm | 1 Spectrum Scale | 2024-09-16 | 3.3 Low |
IBM Spectrum Scale 5.1.0.1 could allow a local attacker to bypass the filesystem audit logging mechanism when file audit logging is enabled. IBM X-Force ID: 199478. | ||||
CVE-2021-1290 | 1 Cisco | 10 Rv160 Vpn Router, Rv160 Vpn Router Firmware, Rv160w Wireless-ac Vpn Router and 7 more | 2024-09-16 | 9.8 Critical |
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device. These vulnerabilities exist because HTTP requests are not properly validated. An attacker could exploit these vulnerabilities by sending a crafted HTTP request to the web-based management interface of an affected device. A successful exploit could allow the attacker to remotely execute arbitrary code on the device. | ||||
CVE-2022-23981 | 1 Quadlayers | 1 Perfect Brands For Woocommerce | 2024-09-16 | 4.3 Medium |
The vulnerability allows Subscriber+ level users to create brands in WordPress Perfect Brands for WooCommerce plugin (versions <= 2.0.4). | ||||
CVE-2018-20026 | 1 Codesys | 18 Control For Beaglebone Sl, Control For Empc-a\/imx6 Sl, Control For Iot2000 Sl and 15 more | 2024-09-16 | 7.5 High |
Improper Communication Address Filtering exists in CODESYS V3 products versions prior V3.5.14.0. | ||||
CVE-2012-2795 | 1 Ffmpeg | 1 Ffmpeg | 2024-09-16 | N/A |
Multiple unspecified vulnerabilities in libavcodec/wmalosslessdec.c in FFmpeg before 0.11 have unknown impact and attack vectors related to (1) size of "mclms arrays," (2) "a get_bits(0) in decode_ac_filter," and (3) "too many bits in decode_channel_residues()." | ||||
CVE-2018-20380 | 1 Ubeeinteractive | 8 Ambit Ddw2600, Ambit Ddw2600 Firmware, Ambit Ddw2602 and 5 more | 2024-09-16 | N/A |
Ambit DDW2600 5.100.1009, DDW2602 5.105.1003, T60C926 4.64.1012, and U10C019 5.66.1026 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests. | ||||
CVE-2022-22159 | 1 Juniper | 1 Junos | 2024-09-16 | 7.5 High |
A vulnerability in the NETISR network queue functionality of Juniper Networks Junos OS kernel allows an attacker to cause a Denial of Service (DoS) by sending crafted genuine packets to a device. During an attack, the routing protocol daemon (rpd) CPU may reach 100% utilization, yet FPC CPUs forwarding traffic will operate normally. This attack occurs when the attackers' packets are sent over an IPv4 unicast routing equal-cost multi-path (ECMP) unilist selection. Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. An indicator of compromise may be to monitor NETISR drops in the network with the assistance of JTAC. Please contact JTAC for technical support for further guidance. This issue affects: Juniper Networks Junos OS 17.3 version 17.3R3-S9 and later versions prior to 17.3R3-S12; 17.4 version 17.4R3-S3 and later versions prior to 17.4R3-S5; 18.1 version 18.1R3-S11 and later versions prior to 18.1R3-S13; 18.2 version 18.2R3-S6 and later versions; 18.3 version 18.3R3-S4 and later versions prior to 18.3R3-S5; 18.4 version 18.4R3-S5 and later versions prior to 18.4R3-S9; 19.1 version 19.1R3-S3 and later versions prior to 19.1R3-S7. This issue does not affect Juniper Networks Junos OS versions prior to 17.3R3-S9. This issue does not affect Juniper Networks Junos OS Evolved. | ||||
CVE-2009-3091 | 1 Asus | 1 Asus Wl-330ge | 2024-09-16 | N/A |
Unspecified vulnerability on the ASUS WL-330gE has unknown impact and remote attack vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.11. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | ||||
CVE-2017-13170 | 1 Google | 1 Android | 2024-09-16 | N/A |
An elevation of privilege vulnerability in the MediaTek display driver. Product: Android. Versions: Android kernel. Android ID A-36102397. References: M-ALPS03359280. | ||||
CVE-2020-5032 | 2 Ibm, Linux | 2 Qradar Security Information And Event Manager, Linux Kernel | 2024-09-16 | 4.3 Medium |
IBM QRadar SIEM 7.3 and 7.4 in some configurations may be vulnerable to a temporary denial of service attack when sent particular payloads. IBM X-Force ID: 194178. | ||||
CVE-2013-5796 | 1 Oracle | 1 Siebel Crm | 2024-09-16 | N/A |
Unspecified vulnerability in the Siebel Core - EAI component in Oracle Siebel CRM 8.1.1 and 8.2.2 allows remote attackers to affect availability via unknown vectors related to Web Services. | ||||
CVE-2020-25850 | 1 Hgiga | 2 Msr45 Isherlock-user, Ssr45 Isherlock-user | 2024-09-16 | 8.1 High |
The function, view the source code, of HGiga MailSherlock does not validate specific characters. Remote attackers can use this flaw to download arbitrary system files. | ||||
CVE-2018-17016 | 1 Tp-link | 2 Tl-wr886n, Tl-wr886n Firmware | 2024-09-16 | N/A |
An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services (e.g., inetd, HTTP, DNS, and UPnP) via long JSON data for reboot_timer name. | ||||
CVE-2018-15386 | 1 Cisco | 1 Digital Network Architecture Center | 2024-09-16 | 9.8 Critical |
A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an unauthenticated, remote attacker to bypass authentication and have direct unauthorized access to critical management functions. The vulnerability is due to an insecure default configuration of the affected system. An attacker could exploit this vulnerability by directly connecting to the exposed services. An exploit could allow the attacker to retrieve and modify critical system files. | ||||
CVE-2021-36093 | 1 Otrs | 1 Otrs | 2024-09-16 | 5.3 Medium |
It's possible to create an email which can be stuck while being processed by PostMaster filters, causing DoS. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.28 and prior versions; 8.0.x version 8.0.15 and prior versions. | ||||
CVE-2013-2939 | 1 Citrix | 1 Cloudportal Services Manager | 2024-09-16 | N/A |
Unspecified vulnerability in Citrix CloudPortal Services Manager (aka Cortex) 10.0 before Cumulative Update 3 has unknown impact and attack vectors, a different vulnerability than other CVEs listed in CTX137162. |