Monstra Cms versions up to 3.0.4 is affected by unrestricted upload of file with dangerous type (CVSS 8.8).
Jizhicms versions up to 1.6.7 is affected by unrestricted upload of file with dangerous type (CVSS 8.8).
Axigen Mail Server before 10.5.57 and 10.6.x before 10.6.26 contains a Cross-Site Request Forgery (CSRF) vulnerability in the WebAdmin interface through improper handling of the _s (breadcrumb) parameter. The application accepts state-changing requests via the GET method and automatically processes base64-encoded commands queued in the _s parameter immediately after administrator authentication. Attackers can craft malicious URLs that, when clicked by administrators, execute arbitrary adminis...
10-Strike Network Inventory Explorer 8.54 contains a structured exception handler buffer overflow vulnerability that allows attackers to execute arbitrary code by overwriting SEH records. [CVSS 8.4 HIGH]
Odin Secure FTP Expert 7.6.3 contains a local denial of service vulnerability that allows attackers to crash the application by manipulating site information fields. [CVSS 8.4 HIGH]
phpMyChat Plus 1.98 contains a SQL injection vulnerability in the deluser.php page through the pmc_username parameter that allows attackers to manipulate database queries. [CVSS 8.2 HIGH]
Ew-7438Rpn Mini Firmware versions up to 1.27 is affected by cross-site request forgery (csrf) (CVSS 8.1).
NETGATE Data Backup 3.0.620 contains an unquoted service path vulnerability in its NGDatBckpSrv Windows service configuration. Attackers can exploit the unquoted path to inject and execute malicious code with LocalSystem privileges by placing executable files in specific directory locations. [CVSS 7.8 HIGH]
Amiti Antivirus 25.0.640 contains an unquoted service path vulnerability in its Windows service configurations. Attackers can exploit the unquoted path to inject and execute malicious code with elevated LocalSystem privileges by placing executable files in specific directory locations. [CVSS 7.8 HIGH]
Wacom WTabletService 6.6.7-3 contains an unquoted service path vulnerability that allows local attackers to execute malicious code with elevated privileges. Attackers can insert an executable file in the service path to run unauthorized code when the service restarts or the system reboots. [CVSS 7.8 HIGH]
WCAssistantService contains a vulnerability that allows attackers to potentially execute code with elevated privileges (CVSS 7.8).
Shrew Soft VPN Client 2.2.2 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with elevated system privileges. Attackers can place malicious executables in the unquoted service path to gain elevated access during service startup or system reboot. [CVSS 7.8 HIGH]
ScsiAccess service contains a vulnerability that allows attackers to potentially execute arbitrary code (CVSS 7.8).
EasyRedirect service contains a vulnerability that allows attackers to potentially execute arbitrary code (CVSS 7.8).
CCSrvProxy service contains a vulnerability that allows attackers to execute arbitrary code (CVSS 7.8).
gbClientService contains a vulnerability that allows attackers to potentially execute arbitrary code with elevated privileges (CVSS 7.8).
ApHidMonitorService contains a vulnerability that allows attackers to execute code with elevated privileges (CVSS 7.8).
multiple Windows services contains a vulnerability that allows attackers to potentially execute arbitrary code (CVSS 7.8).
BartVPNService contains a vulnerability that allows attackers to potentially execute arbitrary code with elevated system privileges (CVSS 7.8).
Wing Ftp Server versions up to 6.0.7 contains a vulnerability that allows attackers to potentially execute arbitrary code with elevated system privileges (CVSS 7.8).
FactoryTalk Activation Service contains a vulnerability that allows attackers to potentially execute code with elevated privileges (CVSS 7.8).
Ew-7438Rpn Mini Firmware versions up to 1.27 contains a vulnerability that allows attackers to access the /wizard_reboot (CVSS 7.5).
ProficySCADA for iOS 5.0.25920 contains a denial of service vulnerability that allows attackers to crash the application by manipulating the password input field. [CVSS 7.5 HIGH]
ZOC Terminal 7.25.5 contains a denial of service vulnerability in the private key file input field that allows attackers to crash the application. [CVSS 7.5 HIGH]
UltraVNC Viewer 1.2.4.0 contains a denial of service vulnerability that allows attackers to crash the application by manipulating VNC Server input. Attackers can generate a malformed 256-byte payload and paste it into the VNC Server connection dialog to trigger an application crash. [CVSS 7.5 HIGH]
UltraVNC Launcher 1.2.4.0 contains a denial of service vulnerability in the Repeater Host configuration field that allows attackers to crash the application. Attackers can paste an overly long string of 300 characters into the Repeater Host property to trigger an application crash. [CVSS 7.5 HIGH]
An issue in ChestnutCMS v.1.5.8 and before allows a remote attacker to execute arbitrary code via the template creation function [CVSS 7.2 HIGH]
Tanium addressed an improper input validation vulnerability in Deploy. [CVSS 8.8 HIGH]
An Improper Certificate Validation vulnerability in TP-Link Tapo H100 v1 and Tapo P100 v1 allows an on-path attacker on the same network segment to intercept and modify encrypted device-cloud communications. [CVSS 8.8 HIGH]
Incorrect Default Permissions vulnerability in Mitsubishi Electric Corporation FREQSHIP-mini for Windows versions 8.0.0 to 8.0.2 allows a local attacker to execute arbitrary code with system privileges by replacing service executable files (EXE) or DLLs in the installation directory with specially crafted files. As a result, the attacker may be able to disclose, tamper with, delete, or destroy information stored on the PC where the affected product is installed, or cause a Denial of Service (...
IBM Aspera Console 3.4.0 through 3.4.8 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify, or delete information in the back-end database. [CVSS 8.6 HIGH]
Azure Arc Elevation of Privilege Vulnerability [CVSS 8.6 HIGH]
A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary. [CVSS 8.6 HIGH]
The Popup builder with Gamification, Multi-Step Popups, Page-Level Targeting, and WooCommerce Triggers plugin for WordPress is vulnerable to generic SQL Injection via the multiple REST API endpoints in all versions up to, and including, 2.2.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. [CVSS 8.2 HIGH]
Azure Function Information Disclosure Vulnerability [CVSS 8.2 HIGH]
Axigen Mail Server before 10.5.57 contains an improper access control vulnerability in the WebAdmin interface. A delegated admin account with zero permissions can bypass access control checks and gain unauthorized access to the SSL Certificates management endpoint (page=sslcerts). [CVSS 8.1 HIGH]
Tanium addressed an unauthorized code execution vulnerability in Tanium Appliance. [CVSS 7.8 HIGH]
Command execution in pgAdmin 4 server mode allows authenticated attackers to bypass restore operation restrictions by extracting the restrict key during PLAIN-format dump file operations and injecting malicious payloads to re-enable meta-commands. An attacker with web interface access can race the restore process in real time to achieve reliable code execution on the pgAdmin host. No patch is currently available for this vulnerability.
A post‑authentication command injection vulnerability in the Dynamic DNS (DDNS) configuration CLI command in Zyxel ATP series firmware versions from V5.35 through V5.41, USG FLEX series firmware versions from V5.35 through V5.41, USG FLEX 50(W) series firmware versions from V5.35 through V5.41, and USG20(W)-VPN series firmware versions from V5.35 through V5.41 could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on an affected device by supplying a specially crafted string as an argument to the CLI command. [CVSS 7.2 HIGH]
Improper access control in TeamViewer clients (Windows, macOS, Linux) before version 15.74.5 permits authenticated remote users to circumvent confirmation-based access restrictions during active sessions. An attacker with valid remote session credentials can gain unauthorized access without triggering the expected local confirmation prompt, requiring only prior authentication via ID/password, session link, or Easy Access.
All In One Image Viewer Block (WordPress plugin) is affected by server-side request forgery (ssrf) (CVSS 7.2).