A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity.
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 SP1). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. This Unrestricted File Upload vulnerability could allow attackers to upload malicious files that can be executed on the server.
A vulnerability has been identified in RUGGEDCOM RMC30 (All versions < V4.3.10), RUGGEDCOM RMC30NC (All versions < V4.3.10), RUGGEDCOM RP110 (All versions < V4.3.10), RUGGEDCOM RP110NC (All versions. Rated high severity (CVSS 8.7), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 HF1). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 HF1). Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.
phonenumber is a library for parsing, formatting and validating international phone numbers. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Longse model LBH30FE200W cameras, as well as products based on this device, make use of telnet passwords which follow a specific pattern. Rated high severity (CVSS 8.6), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Airbyte is a data integration platform for ELT pipelines. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.
A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 HF1). Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.
A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 HF1). Rated high severity (CVSS 8.5), this vulnerability is low attack complexity. No vendor patch available.
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in PluginsWare Advanced Classifieds & Directory Pro allows Path Traversal.1.3. Rated high severity (CVSS 8.5), this vulnerability is remotely exploitable. No vendor patch available.
Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length heap-based buffer. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Delta Electronics CNCSoft-G2 lacks proper validation of user-supplied data, which can result in a memory corruption condition. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Delta Electronics CNCSoft-G2 lacks proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
Secure Boot Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.4), this vulnerability is no authentication required, low attack complexity.
The DN Footer Contacts WordPress plugin before 1.6.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
Clipboard code failed to check the index on an array access. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
In Spring Cloud Function framework, versions 4.1.x prior to 4.1.2, 4.0.x prior to 4.0.8 an application is vulnerable to a DOS attack when attempting to compose functions with non-existing functions. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A vulnerability has been identified in SIPROTEC 5 6MD84 (CP300) (All versions < V9.64), SIPROTEC 5 6MD85 (CP200) (All versions), SIPROTEC 5 6MD85 (CP300) (All versions < V9.64), SIPROTEC 5 6MD86. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
A vulnerability has been identified in SIMATIC PCS 7 V9.1 (All versions < V9.1 SP2 UC05), SIMATIC WinCC Runtime Professional V18 (All versions < V18 Update 5), SIMATIC WinCC Runtime Professional V19. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A vulnerability was discovered in Samsung Mobile Processor, Wearable Processor, and Modems with versions Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Windows Distributed Transaction Coordinator Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required.
Secure Boot Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity.
Secure Boot Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity.
Secure Boot Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity.
Secure Boot Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity.
Secure Boot Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity.
Secure Boot Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity.
Secure Boot Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity.
Secure Boot Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity.
Secure Boot Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity.
Secure Boot Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity.
Secure Boot Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity.
Secure Boot Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity.
Secure Boot Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity.
Secure Boot Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity.
Secure Boot Security Feature Bypass Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is no authentication required, low attack complexity.
An issue in ifood Order Manager v3.35.5 'Gestor de Peddios.exe' allows attackers to execute arbitrary code via a DLL hijacking attack. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
In PVRSRV_MMap of pvr_bridge_k.c, there is a possible arbitrary code execution due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In onTransact of ParcelableListBinder.java , there is a possible way to steal mAllowlistToken to launch an app from background due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
In com_android_internal_os_ZygoteCommandBuffer_nativeForkRepeatedly of com_android_internal_os_ZygoteCommandBuffer.cpp, there is a possible method to perform arbitrary code execution in any app. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
In multiple functions of StatsService.cpp, there is a possible memory corruption due to a use after free. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
In DevmemIntChangeSparse2 of devicemem_server.c, there is a possible arbitrary code execution due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In DevmemIntFreeDefBackingPage of devicemem_server.c, there is a possible arbitrary code execution due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
In multiple locations, there is a possible way to bypass a restriction on adding new Wi-Fi connections due to a missing permission check. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Missing Authorization vulnerability could allow attackers to access resources or perform actions without proper authorization checks.
In multiple locations, there is a possible way in which policy migration code will never be executed due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
In multiple locations, there is a possible way to reveal images across users data due to a logic error in the code. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.
In onCreate of multiple files, there is a possible way to trick the user into granting health permissions due to tapjacking. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity.
In updateServicesLocked of AccessibilityManagerService.java, there is a possible way for an app to be hidden from the Setting while retaining Accessibility Service due to improper input validation. Rated high severity (CVSS 7.8), this vulnerability is no authentication required, low attack complexity. This Improper Privilege Management vulnerability could allow attackers to escalate privileges to gain unauthorized elevated access.