Vulnerabilities in n/a

159,628 results

CVE-2018-6530CRITICALOS command injection vulnerability in soap.cgi (soapcgi_main in cgibin) in D-Link DIR-880L DIR-880L_REVA_FIRMWARE_PATCH_1.08B04 and previousEPSS 96.6%KEV CVE-2009-0927HIGHStack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , and 7 before 7.1.1 allows remote attackers to eEPSS 96.6%KEV CVE-2020-28188—Remote Command Execution (RCE) vulnerability in TerraMaster TOS <= 4.2.06 allow remote unauthenticated attackers to inject OS commands via /EPSS 96.6%CVE-2021-30497—Ivanti Avalanche (Premise) 6.3.2 allows remote unauthenticated users to read arbitrary files via Absolute Path Traversal. The imageFilePath EPSS 96.6%CVE-2020-8260HIGHA vulnerability in the Pulse Connect Secure < 9.1R9 admin web interface could allow an authenticated attacker to perform an arbitrary code eEPSS 96.5%KEV CVE-2006-3747—Off-by-one error in the ldap scheme handling in the Rewrite module (mod_rewrite) in Apache 1.3 from 1.3.28, 2.0.46 and other versions beforeEPSS 96.4%CVE-2020-11651CRITICALAn issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-master process ClearFuncs class does not properlyEPSS 96.4%KEV CVE-2017-17562HIGHEmbedthis GoAhead before 3.6.5 allows remote code execution if CGI is enabled and a CGI program is dynamically linked. This is a result of iEPSS 96.3%KEV CVE-2000-0573—The lreply function in wu-ftpd 2.6.0 and earlier does not properly cleanse an untrusted format string, which allows remote attackers to execEPSS 96.3%CVE-2023-52163HIGHDigiever DS-2105 Pro 3.1.0.71-11 devices allow time_tzsetup.cgi Command Injection. NOTE: This vulnerability only affects products that are nEPSS 96.3%KEV CVE-2012-2122—sql/password.c in Oracle MySQL 5.1.x before 5.1.63, 5.5.x before 5.5.24, and 5.6.x before 5.6.6, and MariaDB 5.1.x before 5.1.62, 5.2.x befoEPSS 96.2%CVE-2010-0840CRITICALUnspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 18, 5.0 Update 23, and EPSS 96.2%KEV CVE-2012-1431—The ELF file parser in Bitdefender 7.2, Command Antivirus 5.2.11.5, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Prot Antivirus 4.6.2.117, F-SecEPSS 96.1%CVE-2012-1430—The ELF file parser in Bitdefender 7.2, Comodo Antivirus 7424, eSafe 7.0.17.0, F-Secure Anti-Virus 9.0.16160.0, McAfee Anti-Virus Scanning EEPSS 96.1%CVE-2018-14847CRITICALMikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files and remote authenticated attackers to write aEPSS 96.1%KEV CVE-2015-3105—Adobe Flash Player before 13.0.0.292 and 14.x through 18.x before 18.0.0.160 on Windows and OS X and before 11.2.202.466 on Linux, Adobe AIREPSS 96.1%CVE-2019-20085HIGHTVT NVMS-1000 devices allow GET /.. Directory TraversalEPSS 96.1%KEV CVE-2017-6090—Unrestricted file upload vulnerability in clients/editclient.php in PhpCollab 2.5.1 and earlier allows remote authenticated users to executeEPSS 96.1%CVE-2019-20500HIGHD-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability via the Save Configuration functionality iEPSS 96.1%KEV CVE-2022-36446—software/apt-lib.pl in Webmin before 1.997 lacks HTML escaping for a UI command.EPSS 96.0%

← previouspage 11 / 7,982next →