Yi IOT XY-3820 6.0.24.10 is vulnerable to Remote Command Execution via the "cmd_listen" function located in the "cmd" binary. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
An arbitrary file upload vulnerability in the ueditor component of MCMS v5.4.3 allows attackers to execute arbitrary code via uploading a crafted file. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability exists in the daemon process of the Yi IOT XY-3820 v6.0.24.10, which exposes a TCP service on port 6789. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Incorrect access control in laskBlog v2.6.1 allows attackers to access all usernames via a crafted input. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
mojoPortal <=2.9.0.1 is vulnerable to Directory Traversal via BetterImageGallery API Controller - ImageHandler Action. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 12.7%.
The quarantine - restore function in Qi-ANXIN Tianqing Endpoint Security Management System v10.0 allows user to restore a malicious file to an arbitrary file path. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
ManageWiki is a MediaWiki extension allowing users to manage wikis. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available.
Cross Site Scripting vulnerability in Create/Modify article function in Alkacon OpenCMS 17.0 allows remote attacker to inject javascript payload via image title sub-field in the image field. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and no vendor patch available.
code-projects Online Exam Mastering System 1.0 is vulnerable to Cross Site Scripting (XSS) in feedback.php via the "q" parameter allowing remote attackers to execute arbitrary code. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
A cross-site scripting (XSS) vulnerability in flaskBlog v2.6.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the postContent parameter at /createpost. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Adept is a language for general purpose programming. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Local File Inclusion (LFI) vulnerability in a Render function of Formulatrix Rock Maker Web (RMW) allows a remote attacker to obtain sensitive data via arbitrary code execution. Rated critical severity (CVSS 9.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A stored cross-site scripting (XSS) vulnerability in Alkacon OpenCMS v17.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the image parameter under the. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was found in panhainan DS-Java 1.0 and classified as critical.action of the file src/com/phn/action/FileUpload.java. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was found in panhainan DS-Java 1.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Traefik (pronounced traffic) is an HTTP reverse proxy and load balancer. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.
A vulnerability, which was classified as problematic, was found in wix-incubator jam up to e87a6fd85cf8fb5ff37b62b2d68f917219d07ae9. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
When reading binary Ion data through Amazon.IonDotnet using the RawBinaryReader class, Amazon.IonDotnet does not check the number of bytes read from the underlying stream while deserializing the. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An issue was discovered in GoBGP before 3.35.0. Rated high severity (CVSS 8.6), this vulnerability is remotely exploitable, no authentication required, low attack complexity.
An improper authorization vulnerability in Dremio Software allows authenticated users to delete arbitrary files that the system has access to, including system files and files stored in remote. Rated high severity (CVSS 8.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
opencms V2.3 is vulnerable to Arbitrary file read in src/main/webapp/view/admin/document/dataPage.jsp,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability in the HPE Performance Cluster Manager (HPCM) GUI could allow an attacker to bypass authentication. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
The FileWave Windows client before 16.0.0, in some non-default configurations, allows an unprivileged local user to escalate privileges to SYSTEM. Rated high severity (CVSS 8.1), this vulnerability is no authentication required. No vendor patch available.
CWE-200: Exposure of Sensitive Information to an Unauthorized Actor. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
open-webui v0.5.16 is vulnerable to SSRF in routers/ollama.py in function verify_connection. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
A vulnerability was found in markparticle WebServer up to 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A vulnerability classified as critical has been found in markparticle WebServer up to 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
A vulnerability was found in markparticle WebServer up to 1.0. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
libheif before 1.19.6 has a NULL pointer dereference in ImageItem_Grid::get_decoder in image-items/grid.cc because a grid image can reference a nonexistent image item. Rated low severity (CVSS 2.9), this vulnerability is no authentication required. Public exploit code available.
An issue was discovered in GoBGP before 3.35.0. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required.
An issue was discovered in GoBGP before 3.35.0. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication required.
Incorrect access control in laskBlog v2.6.1 allows attackers to arbitrarily delete user accounts via a crafted request. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
An improper input validation vulnerability is identified in the End of Life (EOL) OVA based connect component which is deployed for installation purposes in the customer internal network. Rated medium severity (CVSS 6.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
An Improper Authorization vulnerability was identified in the EOL OVA based connect component which is deployed for installation purposes in the customer internal network. Rated medium severity (CVSS 6.1), this vulnerability is no authentication required. No vendor patch available.
Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. Rated medium severity (CVSS 6.0), this vulnerability is low attack complexity. No vendor patch available.
User Enumeration and Data Integrity in Barcode functionality in OpenText Content Management versions 24.3-25.1on Windows and Linux allows a malicous authenticated attacker to potentially alter. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable. No vendor patch available.
Stored XSS in Discussions in OpenText Content Management CE 20.2 to 25.1 on Windows and Linux allows authenticated malicious users to inject code into the system. Rated medium severity (CVSS 5.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Incorrect Authorization vulnerability in the OpenText Content Server REST API on Windows, Linux allows users without the appropriate permissions to remove external collaborators.2-24.4. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable. No vendor patch available.
An issue was discovered in GoBGP before 3.35.0. Rated medium severity (CVSS 4.3), this vulnerability is no authentication required, low attack complexity.
Cilium is a networking, observability, and security solution with an eBPF-based dataplane. Rated medium severity (CVSS 4.0), this vulnerability is remotely exploitable, no authentication required.
A SQL injection in VirtueMart component 1.0.0 - 4.4.7 for Joomla allows authenticated attackers (administrator) to execute arbitrary SQL commands in the product management area in backend. Rated low severity (CVSS 3.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
Sonos api.sonos.com through 2025-04-21, when the /login/v3/oauth endpoint is used, accepts a redirect_uri containing userinfo in the authority component, which is not consistent with RFC 6819 section. Rated low severity (CVSS 3.4), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp allows out-of-buffer access because split_col and split_row values are not checked in 0x041f tag processing. Rated low severity (CVSS 2.9), this vulnerability is no authentication required. This Out-of-bounds Read vulnerability could allow attackers to read data from memory outside the intended buffer boundaries.
In LibRaw before 0.21.4, phase_one_correct in decoders/load_mfbacks.cpp has out-of-bounds reads for tag 0x412 processing, related to large w0 or w1 values or the frac and mult calculations. Rated low severity (CVSS 2.9), this vulnerability is no authentication required.
In LibRaw before 0.21.4, metadata/tiff.cpp has an out-of-bounds read in the Fujifilm 0xf00c tag parser. Rated low severity (CVSS 2.9), this vulnerability is no authentication required.
In LibRaw before 0.21.4, tag 0x412 processing in phase_one_correct in decoders/load_mfbacks.cpp does not enforce minimum w0 and w1 values. Rated low severity (CVSS 2.9), this vulnerability is no authentication required.
libheif before 1.19.6 has a NULL pointer dereference in ImageItem_iden in image-items/iden.cc. Rated low severity (CVSS 2.9), this vulnerability is no authentication required.
In Soffid Console 3.6.31 before 3.6.32, authorization to use the pam service is mishandled. Rated low severity (CVSS 2.5). No vendor patch available.
Reference to Expired Domain Vulnerability in OpenText™ ArcSight Enterprise Security Manager. Rated low severity (CVSS 2.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
An improper neutralization of input vulnerability was identified in the End of Life (EOL) OVA based connect installer component which is deployed for installation purposes in a customer network. Rated low severity (CVSS 2.1), this vulnerability is no authentication required, low attack complexity. No vendor patch available.