Show filters
464 topics marked with the following tags:
Displaying 41-50 of 464
Sort by:
Attacker Value
Low
CVE-2018-1211
Disclosure Date: March 23, 2018 (last updated October 06, 2023)
Dell EMC iDRAC7/iDRAC8, versions prior to 2.52.52.52, contain a path traversal vulnerability in its Web server's URI parser which could be used to obtain specific sensitive data without authentication. A remote unauthenticated attacker may be able to read configuration settings from the iDRAC by querying specific URI strings.
2
Attacker Value
Very High
CTX276688: Citrix Application Delivery Controller, Citrix Gateway, and Citrix S…
Last updated July 09, 2020
Multiple vulnerabilities have been discovered in Citrix ADC (formerly known as NetScaler ADC), Citrix Gateway (formerly known as NetScaler Gateway) and Citrix SD-WAN WANOP appliance models 4000-WO, 4100-WO, 5000-WO, and 5100-WO. These vulnerabilities, if exploited, could result in a number of security issues .
5
Attacker Value
Very Low
CVE-2018-1000116
Disclosure Date: March 07, 2018 (last updated October 06, 2023)
NET-SNMP version 5.7.2 contains a heap corruption vulnerability in the UDP protocol handler that can result in command execution.
2
Attacker Value
High
CVE-2023-50164
Disclosure Date: December 07, 2023 (last updated December 21, 2023)
An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution.
Users are recommended to upgrade to versions Struts 2.5.33 or Struts 6.3.0.2 or greater to fix this issue.
6
Attacker Value
Moderate
CVE-2020-2040
Disclosure Date: September 09, 2020 (last updated October 07, 2023)
A buffer overflow vulnerability in PAN-OS allows an unauthenticated attacker to disrupt system processes and potentially execute arbitrary code with root privileges by sending a malicious request to the Captive Portal or Multi-Factor Authentication interface. This issue impacts: All versions of PAN-OS 8.0; PAN-OS 8.1 versions earlier than PAN-OS 8.1.15; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9; PAN-OS 9.1 versions earlier than PAN-OS 9.1.3.
0
Attacker Value
Low
CVE-2024-21306
Disclosure Date: January 09, 2024 (last updated January 13, 2024)
Microsoft Bluetooth Driver Spoofing Vulnerability
2
Attacker Value
High
CVE-2020-3956: VMware Cloud Director Code Injection Vulnerability
Disclosure Date: May 20, 2020 (last updated July 24, 2020)
VMware Cloud Director 10.0.x before 10.0.0.2, 9.7.0.x before 9.7.0.5, 9.5.0.x before 9.5.0.6, and 9.1.0.x before 9.1.0.4 do not properly handle input leading to a code injection vulnerability. An authenticated actor may be able to send malicious traffic to VMware Cloud Director which may lead to arbitrary remote code execution. This vulnerability can be exploited through the HTML5- and Flex-based UIs, the API Explorer interface and API access.
1
Attacker Value
Moderate
CVE-2019-7548
Disclosure Date: February 06, 2019 (last updated October 06, 2023)
SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled.
0
Attacker Value
Low
CVE-2020-7065
Disclosure Date: March 17, 2020 (last updated October 06, 2023)
In PHP versions 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while using mb_strtolower() function with UTF-32LE encoding, certain invalid strings could cause PHP to overwrite stack-allocated buffer. This could lead to memory corruption, crashes and potentially code execution.
0
Attacker Value
High
CVE-2020-5135
Disclosure Date: October 12, 2020 (last updated October 07, 2023)
A buffer overflow vulnerability in SonicOS allows a remote attacker to cause Denial of Service (DoS) and potentially execute arbitrary code by sending a malicious request to the firewall. This vulnerability affected SonicOS Gen 6 version 6.5.4.7, 6.5.1.12, 6.0.5.3, SonicOSv 6.5.4.v and Gen 7 version 7.0.0.0.
3