Show filters
509 topics marked with the following tags:
Displaying 1-10 of 509
Sort by:
Attacker Value
High

CVE-2024-31819

Disclosure Date: April 10, 2024 (last updated April 11, 2024)
An issue in WWBN AVideo v.12.4 through v.14.2 allows a remote attacker to execute arbitrary code via the systemRootPath parameter of the submitIndex.php component.
1
Attacker Value
Moderate

CVE-2024-27199

Disclosure Date: March 04, 2024 (last updated March 05, 2024)
In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions was possible
3
Attacker Value
Very Low

CVE-2020-17482

Disclosure Date: October 02, 2020 (last updated October 07, 2023)
An issue has been found in PowerDNS Authoritative Server before 4.3.1 where an authorized user with the ability to insert crafted records into a zone might be able to leak the content of uninitialized memory.
Attacker Value
High

CVE-2023-0339

Last updated April 19, 2023
Relative Path Traversal vulnerability in ForgeRock Access Management Web Policy Agent allows Authentication Bypass. This issue affects Access Management Web Policy Agent: all versions up to 5.10.1
4
Attacker Value
High

CVE-2020-35846

Disclosure Date: December 30, 2020 (last updated October 07, 2023)
Agentejo Cockpit before 0.11.2 allows NoSQL injection via the Controller/Auth.php check function.
Attacker Value
Very High

CVE-2023-47218

Disclosure Date: February 13, 2024 (last updated February 13, 2024)
An OS command injection vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow users to execute commands via a network. We have already fixed the vulnerability in the following versions: QTS 5.1.5.2645 build 20240116 and later QuTS hero h5.1.5.2647 build 20240118 and later QuTScloud c5.1.5.2651 and later
3
Attacker Value
Very High

CVE-2023-42820

Disclosure Date: September 27, 2023 (last updated October 08, 2023)
JumpServer is an open source bastion host. This vulnerability is due to exposing the random number seed to the API, potentially allowing the randomly generated verification codes to be replayed, which could lead to password resets. If MFA is enabled users are not affect. Users not using local authentication are also not affected. Users are advised to upgrade to either version 2.28.19 or to 3.6.5. There are no known workarounds or this issue.
Attacker Value
High

CVE-2020-5344

Disclosure Date: March 26, 2020 (last updated October 06, 2023)
Dell EMC iDRAC7, iDRAC8 and iDRAC9 versions prior to 2.65.65.65, 2.70.70.70, 4.00.00.00 contain a stack-based buffer overflow vulnerability. An unauthenticated remote attacker may exploit this vulnerability to crash the affected process or execute arbitrary code on the system by sending specially crafted input data.
Attacker Value
Very High

CVE-2022-29110

Disclosure Date: May 10, 2022 (last updated December 21, 2023)
Microsoft Excel Remote Code Execution Vulnerability
Attacker Value
Moderate

CVE-2020-2040

Disclosure Date: September 09, 2020 (last updated October 07, 2023)
A buffer overflow vulnerability in PAN-OS allows an unauthenticated attacker to disrupt system processes and potentially execute arbitrary code with root privileges by sending a malicious request to the Captive Portal or Multi-Factor Authentication interface. This issue impacts: All versions of PAN-OS 8.0; PAN-OS 8.1 versions earlier than PAN-OS 8.1.15; PAN-OS 9.0 versions earlier than PAN-OS 9.0.9; PAN-OS 9.1 versions earlier than PAN-OS 9.1.3.