Zeroshell 3.9.3 contains a command injection vulnerability in the /cgi-bin/kerbynet StartSessionSubmit parameter that could allow an unauthenticated attacker to execute a system command by using. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
ReadyMedia (aka MiniDLNA) before versions 1.3.0 allows remote code execution. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
File upload vulnerability exists in UCMS 1.5.0, and the attacker can take advantage of this vulnerability to obtain server management permission. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
SQL injection vulnerability in request.cgi in Synology SafeAccess before 1.2.3-0234 allows remote attackers to execute arbitrary SQL commands via the domain parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
An issue was discovered on Fujitsu Eternus Storage DX200 S4 devices through 2020-11-25. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A buffer overflow in the dlt_filter_load function in dlt_common.c from dlt-daemon through 2.18.5 (GENIVI Diagnostic Log and Trace) allows arbitrary code execution because fscanf is misused (no limit. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. Public exploit code available.
Quick Heal Total Security before 19.0 allows attackers with local admin rights to obtain access to files in the File Vault via a brute-force attack on the password. Rated medium severity (CVSS 6.7), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
Tesla Model X vehicles before 2020-11-23 have key fobs that accept firmware updates without signature verification. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Cross-site request forgery (CSRF) in PbootCMS 1.3.2 allows attackers to change the password of a user. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
The EventON plugin through 3.0.5 for WordPress allows addons/?q= XSS via the search field. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Quick Heal Total Security before version 19.0 transmits quarantine and sysinfo files via clear text. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.
An issue was discovered in PNGOUT 2020-01-15. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
The Canto plugin 1.3.0 for WordPress contains a blind SSRF vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
IBM Cloud Pak for Security 1.3.0.1(CP4S) potentially vulnerable to CVS Injection. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity.
hw/usb/hcd-ohci.c in QEMU 5.0.0 has a stack-based buffer over-read via values obtained from the host controller driver. Rated medium severity (CVSS 5.0). Public exploit code available and no vendor patch available.
In NetArt News Lister 1.0.0, the news headlines vulnerable to stored xss attacks. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Multiple cross-site scripting (XSS) vulnerabilities in Synology SafeAccess before 1.2.3-0234 allow remote attackers to inject arbitrary web script or HTML via the (1) domain or (2) profile parameter. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Tesla Model X vehicles before 2020-11-23 do not perform certificate validation during an attempt to pair a new key fob with the body control module (BCM). Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Tesla Model X vehicles before 2020-11-23 have key fobs that rely on five VIN digits for the authentication needed for a body control module (BCM) to initiate a Bluetooth wake-up action. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
The Estil Hill Lock Password Manager Safe app 2.3 for iOS has a *#06#* backdoor password. Rated medium severity (CVSS 4.6), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Quick Heal Total Security before 19.0 allows attackers with local admin rights to modify sensitive anti virus settings via a brute-attack on the settings password. Rated medium severity (CVSS 4.4), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
A privilege escalation vulnerability was reported in Lenovo PCManager prior to version 3.0.50.9162 that could allow an authenticated user to execute code with elevated privileges. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Mitsubishi MELSEC iQ-R Series PLCs with firmware 49 allow an unauthenticated attacker to halt the industrial process by sending a crafted packet over the network. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An issue was discovered on Canon MF237w 06.07 devices. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
HCL Domino is susceptible to a Login CSRF vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An issue was discovered in the Upload Widget in OutSystems Platform 10 before 10.0.1019.0. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
IBM Business Automation Workflow 19.0.0.3 stores potentially sensitive information in log files that could be read by a local user. Rated medium severity (CVSS 5.5), this vulnerability is low attack complexity.
Affected versions of Automation for Jira - Server allowed remote attackers to read and render files as mustache templates in files inside the WEB-INF/classes & <jira-installation>/jira/bin. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
IBM Cloud Pak for Security 1.3.0.1(CP4S) could allow a remote attacker to obtain sensitive information, caused by the failure to set the HTTPOnly flag. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Incorrect Permission Assignment vulnerability could allow attackers to access resources due to misconfigured permissions.
IBM Cloud Pak for Security 1.3.0.1 (CP4S) uses weaker than expected cryptographic algorithms during negotiation could allow an attacker to decrypt sensitive information. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The Canto plugin 1.3.0 for WordPress contains blind SSRF vulnerability. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
IBM Cloud Pak for Security 1.3.0.1(CP4S) does not invalidate session after logout which could allow an authenticated user to obtain sensitive information from the previous session. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.
IBM Cloud Pak for Security 1.3.0.1 (CP4S) could reveal sensitive information about the internal network to an authenticated user using a specially crafted HTTP request. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity.
In certain situations, an attacker with regular user credentials and local access to an ASE cockpit installation can access sensitive information which appears in the installation log files. Rated low severity (CVSS 3.5), this vulnerability is low attack complexity. No vendor patch available.
Audacity through 2.3.3 saves temporary files to /var/tmp/audacity-$USER by default. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.