DedeCMS v5.7 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /src/dede/member_scores.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
File Upload vulnerability in lepton v.7.1.0 allows a remote authenticated attackers to execute arbitrary code via uploading a crafted PHP file. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Buffer Overflow vulnerability in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute arbitrary code via the AP4_MemoryByteStream::WritePartial at Ap4ByteStream.cpp. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Server Side Request Forgery (SSRF) vulnerability in 71cms v1.0.0, allows remote unauthenticated attackers to obtain sensitive information via getweather.html. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
An issue in Bento4 Bento v.1.6.0-641 allows a remote attacker to execute arbitrary code via the Ap4MdhdAtom.cpp,AP4_MdhdAtom::AP4_MdhdAtom,mp4fragment. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.
An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
An issue was discovered in Bento4 v1.6.0-641-2-g1529b83. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
in OpenHarmony v3.2.4 and prior versions allow a local attacker arbitrary code execution in any apps through improper input. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.
in OpenHarmony v3.2.4 and prior versions allow a local attacker arbitrary code execution in any apps through use after free. Rated high severity (CVSS 8.8), this vulnerability is low attack complexity. No vendor patch available.
A vulnerability, which was classified as critical, has been found in DedeCMS 5.7.112.php. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
An issue in the system image upload interface of Alldata v0.4.6 allows attackers to execute a directory traversal when uploading a file. Rated high severity (CVSS 8.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Foxit PDF Reader PDF File Parsing Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Foxit PDF Reader AcroForm 3D Out-Of-Bounds Read Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Foxit PDF Reader AcroForm User-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Foxit PDF Reader AcroForm Annotation Type Confusion Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Foxit PDF Reader AcroForm Out-Of-Bounds Write Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Foxit PDF Reader AcroForm Out-Of-Bounds Read Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Foxit PDF Reader U3D File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Foxit PDF Reader Annotation Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Foxit PDF Reader Doc Object Out-Of-Bounds Read Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Foxit PDF Reader AcroForm Use-After-Free Remote Code Execution Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through use after free. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix RCU use in TDLS fast-xmit This looks up the link under RCU protection, but isn't guaranteed to actually have. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
in OpenHarmony v4.0.0 and prior versions allow a local attacker arbitrary code execution through out-of-bounds write. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Out-of-bound Write vulnerability in chunk parsing implementation of libsdffextractor prior to SMR Apr-2023 Release 1 allows local attackers to execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Improper Input Validation vulnerability in text parsing implementation of libsdffextractor prior to SMR Apr-2024 Release 1 allows local attackers to write out-of-bounds memory. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Out-of-bounds write vulnerability while decoding hcr of libsavsac.so prior to SMR Apr-2024 Release 1 allows local attacker to execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Out-of-bounds write vulnerability while releasing memory in libsavsac.so prior to SMR Apr-2024 Release 1 allows local attacker to execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Out-of-bounds write vulnerability while parsing remaining codewords in libsavsac.so prior to SMR Apr-2024 Release 1 allows local attacker to execute arbitrary code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Piccolo Admin is an admin interface/content management system for Python, built on top of Piccolo. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable. No vendor patch available.
Alldata V0.4.6 is vulnerable to Insecure Permissions. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
in OpenHarmony v4.0.0 and prior versions allow a remote attacker cause DOS through improper input. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
VMware SD-WAN Edge contains an unauthenticated command injection vulnerability potentially leading to remote code execution. Rated high severity (CVSS 7.4), this vulnerability is no authentication required. No vendor patch available.
in OpenHarmony v3.2.4 and prior versions allow a remote attacker bypass permission verification to install apps, although these require user action. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.