Show filters
3,333 Total Results
Displaying 11-20 of 3,333
Sort by:
Attacker Value
Moderate

CVE-2024-47176

Disclosure Date: September 26, 2024 (last updated October 02, 2024)
CUPS is a standards-based, open-source printing system, and `cups-browsed` contains network printing functionality including, but not limited to, auto-discovering print services and shared printers. `cups-browsed` binds to `INADDR_ANY:631`, causing it to trust any packet from any source, and can cause the `Get-Printer-Attributes` IPP request to an attacker controlled URL. When combined with other vulnerabilities, such as CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177, an attacker can execute arbitrary commands remotely on the target machine without authentication when a malicious printer is printed to.
3
1
Attacker Value
Very High

CVE-2022-29110

Disclosure Date: May 10, 2022 (last updated November 29, 2024)
Microsoft Excel Remote Code Execution Vulnerability
3
1
Attacker Value
Unknown

CVE-2022-22720

Disclosure Date: March 14, 2022 (last updated February 23, 2025)
Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered discarding the request body, exposing the server to HTTP Request Smuggling
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
4
0
Attacker Value
Unknown

CVE-2021-42292

Disclosure Date: November 10, 2021 (last updated February 23, 2025)
Microsoft Excel Security Feature Bypass Vulnerability
3
1
Attacker Value
Low

CVE-2021-38406

Disclosure Date: September 09, 2021 (last updated February 23, 2025)
Delta Electronic DOPSoft 2 (Version 2.00.07 and prior) lacks proper validation of user-supplied data when parsing specific project files. This could result in multiple out-of-bounds write instances. An attacker could leverage this vulnerability to execute code in the context of the current process.
Attack Vector: LocalPrivileges: NoneUser Interaction: Required
3
1
Attacker Value
Unknown

CVE-2020-11022

Disclosure Date: April 29, 2020 (last updated February 21, 2025)
In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML from untrusted sources - even after sanitizing it - to one of jQuery's DOM manipulation methods (i.e. .html(), .append(), and others) may execute untrusted code. This problem is patched in jQuery 3.5.0.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
4
0
Attacker Value
Unknown

CVE-2024-30103

Disclosure Date: June 11, 2024 (last updated January 12, 2025)
Microsoft Outlook Remote Code Execution Vulnerability
Attack Vector: NetworkPrivileges: LowUser Interaction: None
3
0
Attacker Value
High

CVE-2023-35636

Disclosure Date: December 12, 2023 (last updated January 12, 2025)
Microsoft Outlook Information Disclosure Vulnerability
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
2
1
Attacker Value
Very High

CVE-2023-42820

Disclosure Date: September 27, 2023 (last updated February 25, 2025)
JumpServer is an open source bastion host. This vulnerability is due to exposing the random number seed to the API, potentially allowing the randomly generated verification codes to be replayed, which could lead to password resets. If MFA is enabled users are not affect. Users not using local authentication are also not affected. Users are advised to upgrade to either version 2.28.19 or to 3.6.5. There are no known workarounds or this issue.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
2
1
Attacker Value
High

CVE-2023-33148

Disclosure Date: July 11, 2023 (last updated February 25, 2025)
Microsoft Office Elevation of Privilege Vulnerability
Attack Vector: LocalPrivileges: LowUser Interaction: None
2
1
View More Topics  < Previous  Next >