DiskBoss Enterprise version 8.4.16 suffers from an import command buffer overflow vulnerability.
d7c0ede8c236e11bbaad0ae423654cad914ee3e9daac54527d87d869ba12f6a9
DiskBoss Enterprise version 8.4.16 buffer overflow proof of concept exploit.
a6fdae67ed7fbf00f947fcf9d2978c0118c03da4e4413bceed8fb193d9da5b1d
WordPress Content Audit plugin version 1.9.1 suffers from cross site request forgery and cross site scripting vulnerabilities.
dc984adf5f9d9543aacd7fed916439032c04082b190d496601317b59fad3d41e
The git subcommand cvsserver is a Perl script which makes excessive use of the backtick operator to invoke git. Unfortunately user input is used within some of those invocations and it allows for OS command injection. Versions before before 2.14.2, 2.13.6, 2.12.5, 2.11.4 and 2.10.5 are affected.
2de6037444f7b5a4cba7811fd7636e3e1a89d1b61face8188b179e5a4d83797b
AMC Master suffers from a remote file upload vulnerability.
d8c56989489d6767cf46523127ad0b96a3a247621fafe99f3d208e650a26717e
WordPress Church extension suffers from a remote SQL injection vulnerability.
36bf734ab48c6942174029b95d47c1a17ece6c239dfe6d152f7609acbd263081
OpenText Documentum Administrator version 7.2.0180.0055 and Documentum Webtop version 6.8.0160.0073 suffer from XML external entity injection vulnerabilities.
9447f70c1cfba534cf62cd68923f8cb3c42fb6f8ccf56f0f659927fcf0c4317e
OpenText Documentum Administrator version 7.2.0180.0055 and Documentum Webtop version 6.8.0160.0073 suffer from an open redirection vulnerability.
0398ff275466563cb7b556e656861a4cce90efc78f0844fe8ed3b226382eab70
Sitefinity CMS version 9.2 suffers from a cross site scripting vulnerability.
5a521e2a5d7b62d6d670eb99caa0f8e02a086662a27527256e6eae4a7fcc822b
WordPress Apartment Management System extension suffers from a remote SQL injection vulnerability.
002a3736f35165f27d436158d977314b06faa829c566c2756ff55f4fee8ccbd6
Fibaro Home Center 2 suffers from a remote command execution vulnerability.
11548002a8f3c0fd1ddc06f983086682510f784d6894bcba3fc8b83307255164
WordPress Hospital Management System extension suffers from a remote SQL injection vulnerability.
40ead3ade91d7b615cce1d3227bd3c3f2d4c2bc405783359380f4cd69e3108d8
WordPress School Management System extension suffers from a remote SQL injection vulnerability.
e817b43e8ca7655a2629e011082235e6601d28c409eba2796ca264fb95cca9c8
WordPress Gym Management System extension suffers from a remote SQL injection vulnerability.
052d648adb46fd7ba11ffd9d1a782e432d4de85708492539e0ec408c2bf20df1
This Metasploit module uses the "evaluate" request type of the NodeJS V8 debugger protocol (version 1) to evaluate arbitrary JS and call out to other system commands. The port (default 5858) is not exposed non-locally in default configurations, but may be exposed either intentionally or via misconfiguration.
adadef46d17f23a8273875e47105d4c982677c671f4c6a529a53ced4c60f4c7a
Adobe Flash suffers from an out-of-bounds read in applyToRange.
5e0bd97867ee024b64d5b21e7b16d1b5b79eb64bc8157ffbfb7124ffb02f80c2
Adobe Flash suffers from an out-of-bounds write vulnerability in MP4 Edge Processing.
6a0ec7b291326f89c01175887700ac01309acd9de42118c3db6c61b84cbe77fc
Adobe Flash suffers from an out-of-bounds memory read vulnerability in MP4 parsing.
f7d793f8cf0aa2a5d67b77d14544b392ce57bd7068e9f531d5568ffdd3041d83
Broadcom suffers from an out-of-bounds write when handling 802.11k Neighbor Report Response.
82fc971e12c2491131ffec544a1ec8c4c1c02697141d693f357d4951ceab15ce
CyberLink LabelPrint versions prior to 2.5 SEH unicode buffer overflow exploit.
38a22e671f25d00ad5c85db271ec90594e8f7dfbb16305379d99e2185f8a26cd
JitBit Helpdesk versions 9.0.2 and below suffer from a broken authentication vulnerability.
5a8b981a7137a51ecb068371a6339f09239659eb8f9f9c8e7c532a66e9e3bc4b
Oracle 9i XDB version 9.2.0.1 HTTP PASS buffer overflow exploit.
c3cbbb2ab10205e64ab02e00aa07202452c7cff903104fa689d7c7cb11d92a46
Disk Pulse Enterprise version 10.0.12 GET buffer overflow SEH exploit.
2ec52d52a2d7920391601670f498eac12a8d4246552fdb38dcfc0a43511bb00a
FLIR utilizes hard-coded credentials within its Linux distribution image. These sets of credentials are never exposed to the end-user and cannot be changed through any normal operation of the camera.
75e0671d0c3d8cb4c2eea54cc9f20428149297685efb1fdfa262ad4af9e2edf9
FLIR suffers from an unauthenticated and unauthorized live stream disclosure.
234db5e006c3b2bd0b1c91a7661fea2d0c8182eb089812961158121737f86d7d