[Forgot Password]
Login  Register Subscribe

25354

 
 

132811

 
 

146584

 
 

909

 
 

117281

 
 

156

 
 
Paid content will be excluded from the download.

Filter
Matches : 146586 Download | Alert*

SolarWinds Serv-U FTP server before 15.2.1 allows remote command execution.

In Redgate SQL Monitor 7.1.4 through 10.1.6 (inclusive), the scope for disabling some TLS security certificate checks can extend beyond that defined by various options on the Configuration > Notifications pages to disable certificate checking for alert notifications. These TLS security checks are also ignored during monitoring of VMware machines. This would make SQL Monitor vulnerable to potential ...

LibRaw before 0.20-RC1 lacks a thumbnail size range check. This affects decoders/unpack_thumb.cpp, postprocessing/mem_image.cpp, and utils/thumb_utils.cpp. For example, malloc(sizeof(libraw_processed_image_t)+T.tlength) occurs without validating T.tlength.

A remote code execution vulnerability in MobileIron Core and Connector versions 10.6 and earlier, and Sentry versions 9.8 and earlier that allows remote attackers to execute arbitrary code via unspecified vectors.

An Authentication Bypass vulnerability in MobileIron Core and Connector versions 10.6 and earlier that allows remote attackers to bypass authentication mechanisms via unspecified vectors.

An arbitrary file reading vulnerability in MobileIron Core and Connector versions 10.6 and earlier that allows remote attackers to read files on the system via unspecified vectors.

An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices. Multiple shell metacharacter injection vulnerabilities exist in CGI scripts, leading to remote code execution with root privileges.

An issue was discovered on Wavlink WL-WN530HG4 M30HG4.V5030.191116 devices. Multiple buffer overflow vulnerabilities exist in CGI scripts, leading to remote code execution with root privileges. (The set of affected scripts is similar to CVE-2020-12266.)

AsrDrv103.sys in the ASRock RGB Driver does not properly restrict access from user space, as demonstrated by triggering a triple fault via a request to zero CR3.

A reflected Cross-Site Scripting (XSS) Vulnerability in the KingComposer plugin through 2.9.4 for WordPress allows remote attackers to trick a victim into submitting an install_online_preset AJAX request containing base64-encoded JavaScript (in the kc-online-preset-data POST parameter) that is executed in the victim's browser.


Pages:      Start    1    2    3    4    5    6    7    8    9    10    11    12    13    14    ..   14658

© SecPod Technologies