Search Results | AttackerKB

A command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.

Attack Vector: Network Privileges: None User Interaction: None

Attacker Value

Unknown

CVE-2024-49033

Disclosure Date: November 12, 2024 (last updated November 16, 2024)

Microsoft Word Security Feature Bypass Vulnerability

Attack Vector: Network Privileges: None User Interaction: Required

Attacker Value

High

CVE-2023-28311

Disclosure Date: April 11, 2023 (last updated January 11, 2025)

Microsoft Word Remote Code Execution Vulnerability

Attack Vector: Local Privileges: None User Interaction: Required

Attacker Value

Very High

CVE-2021-3723

Disclosure Date: November 12, 2021 (last updated February 23, 2025)

A command injection vulnerability was reported in the Integrated Management Module (IMM) of legacy IBM System x 3550 M3 and IBM System x 3650 M3 servers that could allow the execution of operating system commands over an authenticated SSH or Telnet session.

Attack Vector: Network Privileges: Low User Interaction: None

Attacker Value

Low

CVE-2020-0543 CROSSTALK

Disclosure Date: June 15, 2020 (last updated February 21, 2025)

Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Attack Vector: Local Privileges: Low User Interaction: None

776 Total Results

Displaying 11-20 of 776

High

High

High

High

Unknown

Unknown

Unknown

High

Very High

Low

Quick Cookie Notification