Show filters
144 topics marked with the following tags:
Displaying 1-10 of 144
Sort by:
Attacker Value
Low

CVE-2020-9339

Disclosure Date: February 22, 2020 (last updated June 05, 2020)
SOPlanning 1.45 allows XSS via the Name or Comment to status.php.
Attacker Value
Very High

CVE-2020-4521

Disclosure Date: September 14, 2020 (last updated September 16, 2020)
IBM Maximo Asset Management 7.6.0 and 7.6.1 could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an unsafe deserialization in Java. By sending specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 182396.
Attacker Value
Moderate

CVE-2021-21324

Disclosure Date: March 08, 2021 (last updated March 18, 2021)
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI before version 9.5.4 there is an Insecure Direct Object Reference (IDOR) on "Solutions". This vulnerability gives an unauthorized user the ability to enumerate GLPI items names (including users logins) using the knowbase search form (requires authentication). To Reproduce: Perform a valid authentication at your GLPI instance, Browse the ticket list and select any open ticket, click on Solution form, then Search a solution form that will redirect you to the endpoint /"glpi/front/knowbaseitem.php?item_itemtype=Ticket&item_items_id=18&forcetab=Knowbase$1", and the item_itemtype=Ticket parameter present in the previous URL will point to the PHP alias of glpi_tickets table, so just replace it with "Users" to point to glpi_users table instead; in the same way, item_items_id=18 will point to the related column id, so changing it too you sh…
Attacker Value
Low

CVE-2020-14942

Disclosure Date: June 21, 2020 (last updated June 27, 2020)
Tendenci 12.0.10 allows unrestricted deserialization in apps\helpdesk\views\staff.py.
Attacker Value
Very High

CVE-2020-16875

Disclosure Date: September 11, 2020 (last updated January 15, 2021)
A remote code execution vulnerability exists in Microsoft Exchange server due to improper validation of cmdlet arguments. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user, aka 'Microsoft Exchange Server Remote Code Execution Vulnerability'. **Note:** As of January 12, 2021, the patch for CVE-2020-16875 has been bypassed twice. See [CVE-2020-17132](https://attackerkb.com/topics/sfBIO5A6Cl/cve-2020-17132#rapid7-analysis) for details.
Attacker Value
Moderate

CVE-2021-21255

Disclosure Date: March 02, 2021 (last updated March 10, 2021)
GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI version 9.5.3, it was possible to switch entities with IDOR from a logged in user. This is fixed in version 9.5.4.
Attacker Value
Very High

CVE-2020-9338

Disclosure Date: February 22, 2020 (last updated June 05, 2020)
SOPlanning 1.45 allows XSS via the "Your SoPlanning url" field.
Attacker Value
Very High

CVE-2020-11108

Disclosure Date: May 11, 2020 (last updated September 02, 2020)
The Gravity updater in Pi-hole through 4.4 allows an authenticated adversary to upload arbitrary files. This can be abused for Remote Code Execution by writing to a PHP file in the web directory. (Also, it can be used in conjunction with the sudo rule for the www-data user to escalate privileges to root.) The code error is in gravity_DownloadBlocklistFromUrl in gravity.sh.
1
Attacker Value
High

CVE-2021-31181

Disclosure Date: May 11, 2021 (last updated May 18, 2021)
Microsoft SharePoint Remote Code Execution Vulnerability
Attacker Value
Very Low

CVE-2022-0342

Last updated March 28, 2022
An authentication bypass vulnerability in the CGI program of Zyxel USG/ZyWALL series firmware versions 4.20 through 4.70, USG FLEX series firmware versions 4.50 through 5.20, ATP series firmware versions 4.32 through 5.20, VPN series firmware versions 4.30 through 5.20, and NSG series firmware versions V1.20 through V1.33 Patch 4, which could allow an attacker to bypass the web authentication and obtain administrative access of the device.
2