A stack-based buffer overflow in the upnpd binary running on NETGEAR WNDR3400v3 routers with firmware version 1.0.1.18_1.0.63 allows an attacker to remotely execute arbitrary code via a crafted UPnP. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
EspoCRM 5.6.4 is vulnerable to user password hash enumeration. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
The Simple Membership plugin before 3.8.5 for WordPress has CSRF affecting the Bulk Operation section. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
An issue was discovered in image_save_png in image/image-png.cpp in Free Lossless Image Format (FLIF) 0.3. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Exiv2 0.27.99.0 has a heap-based buffer over-read in Exiv2::RafImage::readMetadata() in rafimage.cpp. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
In Joget Workflow 6.0.20, CSV Injection, also known as Formula Injection, exists, as demonstrated by jw/web/userview/crm_community/crm_userview_sales/_/account_new with the Account ID or Account Name. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
SSDP Responder 1.x through 1.5 mishandles incoming network messages, leading to a stack-based buffer overflow by 1 byte. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
In Pallets Werkzeug before 0.15.5, SharedDataMiddleware mishandles drive names (such as C:) in Windows pathnames. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
In Libav 12.3, there is an infinite loop in the function wv_read_block_header() in the file wvdec.c. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
An issue was discovered in Libav 12.3. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
In Exiv2 0.27.99.0, there is an out-of-bounds read in Exiv2::MrwImage::readMetadata() in mrwimage.cpp. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Exiv2::PngImage::readMetadata() in pngimage.cpp in Exiv2 0.27.99.0 allows attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
EspoCRM 5.6.4 is vulnerable to stored XSS due to lack of filtration of user-supplied data in the Knowledge base. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
EspoCRM version 5.6.4 is vulnerable to stored XSS due to lack of filtration of user-supplied data in the api/v1/Document functionality for storing documents in the account tab. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
An issue was discovered in EspoCRM before 5.6.6. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
An issue was discovered in EspoCRM before 5.6.6. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
An issue was discovered in EspoCRM before 5.6.6. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available.
A cross-site scripting (XSS) vulnerability in upload.php in SunHater KCFinder 3.20-test1, 3.20-test2, 3.12, and earlier allows remote attackers to inject arbitrary web script or HTML via the. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Openbravo ERP before 3.0PR19Q1.3 is affected by Directory Traversal. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
An XSS vulnerability in the "Email Subscribers & Newsletters" plugin 4.1.6 for WordPress allows an attacker to inject malicious JavaScript code through a publicly available subscription form using. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.