Show filters
632 topics marked with the following tags:
Displaying 1-10 of 632
Sort by:
Attacker Value
Moderate

CVE-2018-0952

Disclosure Date: August 15, 2018 (last updated October 06, 2023)
An Elevation of Privilege vulnerability exists when Diagnostics Hub Standard Collector allows file creation in arbitrary locations, aka "Diagnostic Hub Standard Collector Elevation Of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Microsoft Visual Studio, Windows 10 Servers.
Attacker Value
Very High

CVE-2020-9463

Disclosure Date: February 28, 2020 (last updated October 06, 2023)
Centreon 19.10 allows remote authenticated users to execute arbitrary OS commands via shell metacharacters in the server_ip field in JSON data in an api/internal.php?object=centreon_configuration_remote request.
Attacker Value
Low

CVE-2022-1471

Disclosure Date: December 01, 2022 (last updated October 08, 2023)
SnakeYaml's Constructor() class does not restrict types which can be instantiated during deserialization. Deserializing yaml content provided by an attacker can lead to remote code execution. We recommend using SnakeYaml's SafeConsturctor when parsing untrusted content to restrict deserialization. We recommend upgrading to version 2.0 and beyond.
Attacker Value
Moderate

CVE-2019-20361

Disclosure Date: January 08, 2020 (last updated October 06, 2023)
There was a flaw in the WordPress plugin, Email Subscribers & Newsletters before 4.3.1, that allowed SQL statements to be passed to the database in the hash parameter (a blind SQL injection vulnerability).
Attacker Value
Very High

CVE-2019-5596

Disclosure Date: February 12, 2019 (last updated October 06, 2023)
In FreeBSD 11.2-STABLE after r338618 and before r343786, 12.0-STABLE before r343781, and 12.0-RELEASE before 12.0-RELEASE-p3, a bug in the reference count implementation for UNIX domain sockets can cause a file structure to be incorrectly released potentially allowing a malicious local user to gain root privileges or escape from a jail.
Attacker Value
Moderate

CVE-2020-3158

Disclosure Date: February 20, 2020 (last updated October 06, 2023)
A vulnerability in the High Availability (HA) service of Cisco Smart Software Manager On-Prem could allow an unauthenticated, remote attacker to access a sensitive part of the system with a high-privileged account. The vulnerability is due to a system account that has a default and static password and is not under the control of the system administrator. An attacker could exploit this vulnerability by using this default account to connect to the affected system. A successful exploit could allow the attacker to obtain read and write access to system data, including the configuration of an affected device. The attacker would gain access to a sensitive portion of the system, but the attacker would not have full administrative rights to control the device.
Attacker Value
High

CVE-2023-28879

Disclosure Date: March 31, 2023 (last updated October 08, 2023)
In Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte less than full, and one then tries to write an escaped character, two bytes are written.
Attacker Value
Moderate

CVE-2023-38548

Disclosure Date: November 07, 2023 (last updated November 10, 2023)
A vulnerability in Veeam ONE allows an unprivileged user who has access to the Veeam ONE Web Client the ability to acquire the NTLM hash of the account used by the Veeam ONE Reporting Service.
6
Attacker Value
Moderate

CVE-2020-12004

Disclosure Date: June 09, 2020 (last updated October 06, 2023)
The affected product lacks proper authentication required to query the server on the Ignition 8 Gateway (versions prior to 8.0.10) and Ignition 7 Gateway (versions prior to 7.9.14), allowing an attacker to obtain sensitive information.
Attacker Value
Low

CVE-2022-0739

Disclosure Date: March 21, 2022 (last updated October 07, 2023)
The BookingPress WordPress plugin before 1.0.11 fails to properly sanitize user supplied POST data before it is used in a dynamically constructed SQL query via the bookingpress_front_get_category_services AJAX action (available to unauthenticated users), leading to an unauthenticated SQL Injection