In Pluck-4.7.15 admin background a remote command execution vulnerability exists when uploading files. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.
Session Fixation vulnerability in login.php in Pluck-CMS Pluck 4.7.15 allows an attacker to sustain unauthorized access to the platform. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
An issue was discovered on Digi TransPort devices through 2021-07-21. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
A malicious hypervisor in conjunction with an unprivileged attacker process inside an SEV/SEV-ES guest VM may fail to flush the Translation Lookaside Buffer (TLB) resulting in unexpected behavior. Rated high severity (CVSS 8.4), this vulnerability is low attack complexity. No vendor patch available.
OpenOlat is a web-basedlearning management system. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.
An information disclosure vulnerability in the login page of Huntflow Enterprise before 3.10.4 could allow an unauthenticated, remote user to get information about the domain name of the configured. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An issue was discovered on Digi TransPort Gateway devices through 5.2.13.4. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Next.js is a React framework. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
A security vulnerability has been identified in HPE StoreServ Management Console (SSMC). Rated high severity (CVSS 7.2), this vulnerability is remotely exploitable, low attack complexity.