CVE-2019-12211
Summary: When FreeImage 3.18.0 reads a tiff file, it will be handed to the Load function of the PluginTIFF.cpp file,...
exploit
CVE-2020-18032
Summary: Buffer Overflow in Graphviz Graph Visualization Tools from commit ID f8b9e035 and earlier allows remote attackers to execute arbitrary...
CVE-2021-35448
Summary: Emote Interactive Remote Mouse 3.008 on Windows allows attackers to execute arbitrary programs as Administrator by using the Image...
CVE-2021-25923
Summary: In OpenEMR, versions 5.0.0 to 6.0.0.1 are vulnerable to weak password requirements as it does not enforce a maximum...
CVE-2021-31769
Summary: MyQ Server in MyQ X Smart before 8.2 allows remote code execution by unprivileged users because administrative session data...
CVE-2021-31152
Summary: Multilaser Router AC1200 V02.03.01.45_pt contains a cross-site request forgery (CSRF) vulnerability. An attacker can enable remote access, change passwords,...
CVE-2021-22543
Summary: An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks...
CVE-2021-22543
Summary: An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks...
CVE-2021-32243
Summary: FOGProject v1.5.9 is affected by a File Upload RCE (Authenticated). Reference Links(if available): https://github.com/FOGProject/fogproject/issues/422 CVSS Score (if available) v2:...
CVE-2021-22173
Summary: Memory leak in USB HID dissector in Wireshark 3.4.0 to 3.4.2 allows denial of service via packet injection or...
CVE-2021-32924
Summary: Invision Community (aka IPS Community Suite) before 4.6.0 allows eval-based PHP code injection by a moderator because the IPS\cms\modules\front\pages\_builder::previewBlock...
CVE-2020-36008
Summary: OBottle 2.0 in \c\t.php contains an arbitrary file write vulnerability. Reference Links(if available): https://github.com/SomeBottle/OBottle/issues/7 CVSS Score (if available) v2:...
CVE-2020-36009
Summary: OBottle 2.0 in \c\g.php contains an arbitrary file download vulnerability. Reference Links(if available): https://github.com/SomeBottle/OBottle/issues/6 CVSS Score (if available) v2:...
CVE-2018-6383
Summary: Monstra CMS through 3.0.4 has an incomplete "forbidden types" list that excludes .php (and similar) file extensions but not...
Vcenter Server CVE-2021-21985 – RCE PAYLOAD – POC
Note: Vsphere UI is Tomcat middleware by default, so arbitrary code can be executed in the manner of Tomcat RMI...
CVE-2019-10081
Summary: HTTP/2 (2.4.20 through 2.4.39) very early pushes, for example configured with "H2PushResource", could lead to an overwrite of memory...
CVE-2021-33558
Summary: Boa 0.94.13 allows remote attackers to obtain sensitive information via a misconfiguration involving backup.html, preview.html, js/log.js, log.html, email.html, online-users.html,...
CVE-2020-27815
Summary: A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with...
CVE-2020-18395
Summary: A NULL-pointer deference issue was discovered in GNU_gama::set() in ellipsoid.h in Gama 2.04 which can lead to a denial...
CVE-2021-20095
Summary: Relative Path Traversal in Babel 2.9.0 allows an attacker to load arbitrary locale files on disk and execute arbitrary...
CVE-2021-29350
Summary: SQL injection in the getip function in conn/function.php in ??100-???????? 1.1 allows remote attackers to inject arbitrary SQL commands...
CVE-2021-23343
Summary: All versions of package path-parse are vulnerable to Regular Expression Denial of Service (ReDoS) via splitDeviceRe, splitTailRe, and splitPathRe...
CVE-2020-27216
Summary: In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the...
CVE-2020-27216
Summary: In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the...
