Vulnerabilities in n/a

159,628 results

CVE-2015-4852CRITICALThe WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0 allows remote attackers to execute arbitraryEPSS 96.0%KEV CVE-2019-10068CRITICALAn issue was discovered in Kentico 12.0.x before 12.0.15, 11.0.x before 11.0.48, 10.0.x before 10.0.52, and 9.x versions. Due to a failure tEPSS 96.0%KEV CVE-2014-6321—Schannel in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1,EPSS 96.0%CVE-2013-3182—The Windows NAT Driver (aka winnat) service in Microsoft Windows Server 2012 does not properly validate memory addresses during the processiEPSS 95.9%CVE-2020-5847CRITICALUnraid through 6.8.0 allows Remote Code Execution.EPSS 95.8%KEV CVE-2014-0114—Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requirEPSS 95.8%CVE-2021-31806—An issue was discovered in Squid before 4.15 and 5.x before 5.0.6. Due to a memory-management bug, it is vulnerable to a Denial of Service aEPSS 95.8%CVE-2016-2183HIGHThe DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of apprEPSS 95.7%CVE-2015-0313HIGHUse-after-free vulnerability in Adobe Flash Player before 13.0.0.269 and 14.x through 16.x before 16.0.0.305 on Windows and OS X and before EPSS 95.7%KEV CVE-1999-0016—Land IP denial of service.EPSS 95.7%CVE-2020-11530—A blind SQL injection vulnerability is present in Chop Slider 3, a WordPress plugin. The vulnerability is introduced in the id GET parameterEPSS 95.7%CVE-2016-0752HIGHDirectory traversal vulnerability in Action View in Ruby on Rails before 3.2.22.1, 4.0.x and 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, anEPSS 95.5%KEV CVE-2022-41352CRITICALAn issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0. An attacker can upload arbitrary files through amavis via a cpio loophEPSS 95.5%KEV CVE-2009-1151CRITICALStatic code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to injeEPSS 95.4%KEV CVE-2020-13167—Netsweeper through 6.4.3 allows unauthenticated remote code execution because webadmin/tools/unixlogin.php (with certain Referer headers) laEPSS 95.4%CVE-2011-0049—Directory traversal vulnerability in the _list_file_get function in lib/Majordomo.pm in Majordomo 2 before 20110131 allows remote attackers EPSS 95.4%CVE-2022-36537HIGHZK Framework v9.6.1, 9.6.0.1, 9.5.1.3, 9.0.1.2 and 8.6.4.1 allows attackers to access sensitive information via a crafted POST request sent EPSS 95.3%KEV CVE-2014-0224—OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, whiEPSS 95.3%CVE-2021-22911—A improper input sanitization vulnerability exists in Rocket.Chat server 3.11, 3.12 & 3.13 that could lead to unauthenticated NoSQL injectioEPSS 95.2%CVE-2018-19518—University of Washington IMAP Toolkit 2007f on UNIX, as used in imap_open() in PHP and other products, launches an rsh command (by means of EPSS 95.2%

← previouspage 12 / 7,982next →