Show filters
650 topics marked with the following tags:
Displaying 41-50 of 650
Sort by:
Attacker Value
High
CVE-2021-25646
Disclosure Date: January 29, 2021 (last updated November 08, 2023)
Apache Druid includes the ability to execute user-provided JavaScript code embedded in various types of requests. This functionality is intended for use in high-trust environments, and is disabled by default. However, in Druid 0.20.0 and earlier, it is possible for an authenticated user to send a specially-crafted request that forces Druid to run user-provided JavaScript code for that request, regardless of server configuration. This can be leveraged to execute code on the target machine with the privileges of the Druid server process.
1
Attacker Value
Low
CVE-2023-41474
Disclosure Date: January 25, 2024 (last updated February 01, 2024)
Directory Traversal vulnerability in Ivanti Avalanche 6.3.4.153 allows a remote authenticated attacker to obtain sensitive information via the javax.faces.resource component.
2
Attacker Value
High
CVE-2023-1133
Disclosure Date: March 27, 2023 (last updated October 08, 2023)
Delta Electronics InfraSuite Device Master versions prior to 1.0.5 contain a vulnerability in which the Device-status service listens on port 10100/ UDP by default. The service accepts the unverified UDP packets and deserializes the content, which could allow an unauthenticated attacker to remotely execute arbitrary code.
3
Attacker Value
High
CVE-2024-20656
Disclosure Date: January 09, 2024 (last updated January 18, 2024)
Visual Studio Elevation of Privilege Vulnerability
2
Attacker Value
High
CVE-2020-10225
Disclosure Date: March 08, 2020 (last updated November 14, 2023)
An unauthenticated file upload vulnerability has been identified in admin/gallery.php in PHPGurukul Job Portal 1.0. The vulnerability could be exploited by an unauthenticated remote attacker to upload content to the server, including PHP files, which could result in command execution.
0
Attacker Value
Very High
Exim Unauthenticated Remote Code Execution via SNI Trailing Backslash
Disclosure Date: September 06, 2019 (last updated March 03, 2020)
Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash. If the Exim server accepts TLS connections, the vulnerability is exploitable by sending a SNI ending in a backslash-null sequence during the initial TLS handshake.
3
Attacker Value
High
CVE-2020-10924
Disclosure Date: July 28, 2020 (last updated October 07, 2023)
This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6700 V1.0.4.84_10.0.58 routers. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the UPnP service, which listens on TCP port 5000 by default. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length, stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-9643.
1
Attacker Value
Very High
CVE-2024-20767
Disclosure Date: March 18, 2024 (last updated April 01, 2024)
ColdFusion versions 2023.6, 2021.12 and earlier are affected by an Improper Access Control vulnerability that could lead to arbitrary file system read. An attacker could leverage this vulnerability to bypass security measures and gain unauthorized access to sensitive files and perform arbitrary file system write. Exploitation of this issue does not require user interaction.
3
Attacker Value
Very Low
CVE-2020-9340
Disclosure Date: February 22, 2020 (last updated October 06, 2023)
fauzantrif eLection 2.0 has SQL Injection via the admin/ajax/op_kandidat.php id parameter.
0
Attacker Value
Moderate
CVE-2023-37679
Disclosure Date: August 03, 2023 (last updated October 08, 2023)
A remote command execution (RCE) vulnerability in NextGen Mirth Connect v4.3.0 allows attackers to execute arbitrary commands on the hosting server.
2
