Searching...
Please wait while we search the database
| CVE ID | Severity | Description | Published | Actions |
|---|---|---|---|---|
|
CVE-2021-36444
|
N/A |
Cross Site Request Forgery (CSRF) vulnerability in imcat 5.4 allows remote attackers to gain escalated privileges via flaws one time token generation on the add administrator page.
|
03 Feb 2023
|
|
|
CVE-2021-36484
|
N/A |
SQL injection vulnerability in JIZHICMS 1.9.5 allows attackers to run arbitrary SQL commands via add or edit article page.
|
03 Feb 2023
|
|
|
CVE-2021-36535
|
N/A |
Buffer Overflow vulnerability in Cesanta mJS 1.26 allows remote attackers to cause a denial of service via crafted .js file to mjs_set_errorf.
|
03 Feb 2023
|
|
|
CVE-2021-36424
|
N/A |
An issue discovered in phpwcms 1.9.25 allows remote attackers to run arbitrary code via DB user field during installation.
|
03 Feb 2023
|
|
|
CVE-2021-36425
|
N/A |
Directory traversal vulnerability in phpcms 1.9.25 allows remote attackers to delete arbitrary files via unfiltered $file parameter to unlink method in include/inc_act/act_ftptakeover.php file.
|
03 Feb 2023
|
|
|
CVE-2021-36426
|
N/A |
File Upload vulnerability in phpwcms 1.9.25 allows remote attackers to run arbitrary code via crafted file upload to include/inc_lib/general.inc.php.
|
03 Feb 2023
|
|
|
CVE-2021-36431
|
N/A |
SQL injection vulnerability in jocms 0.8 allows remote attackers to run arbitrary SQL commands and view sentivie information via jo_json_check() function in jocms/apps/mask/inc/mask.php.
|
03 Feb 2023
|
|
|
CVE-2021-36432
|
N/A |
SQL injection vulnerability in jocms 0.8 allows remote attackers to run arbitrary SQL commands and view sentivie information via jo_set_mask() function in jocms/apps/mask/mask.php.
|
03 Feb 2023
|
|
|
CVE-2021-36433
|
N/A |
SQL injection vulnerability in jocms 0.8 allows remote attackers to run arbitrary SQL commands and view sentivie information via jo_delete_mask function in jocms/apps/mask/mask.php.
|
03 Feb 2023
|
|
|
CVE-2022-34138
|
N/A |
Insecure direct object references (IDOR) in the web server of Biltema IP and Baby Camera Software v124 allows attackers to access sensitive information.
|
03 Feb 2023
|
|
|
CVE-2023-20854
|
N/A |
VMware Workstation contains an arbitrary file deletion vulnerability. A malicious actor with local user privileges on the victim's machine may exploit this vulnerability to delete arbitrary files from the file system of the machine on which Workstation is installed.
|
03 Feb 2023
|
|
|
CVE-2021-37502
|
N/A |
Cross Site Scripting (XSS) vulnerability in automad 1.7.5 allows remote attackers to run arbitrary code via the user name field when adding a user.
|
03 Feb 2023
|
|
|
CVE-2021-37518
|
N/A |
Universal Cross Site Scripting (UXSS) vulnerability in Vimium Extension 1.66 and earlier allows remote attackers to run arbitrary code via omnibar feature.
|
03 Feb 2023
|
|
|
CVE-2021-37519
|
N/A |
Buffer Overflow vulnerability in authfile.c memcached 1.6.9 allows attackers to cause a denial of service via crafted authenticattion file.
|
03 Feb 2023
|
|
|
CVE-2021-36532
|
N/A |
Race condition vulnerability discovered in portfolioCMS 1.0 allows remote attackers to run arbitrary code via fileExt parameter to localhost/admin/uploads.php.
|
03 Feb 2023
|
|
|
CVE-2021-37305
|
N/A |
An Insecure Permissions issue in jeecg-boot 2.4.5 and earlier allows remote attackers to gain escalated privilege and view sensitive information via api uri: /sys/user/querySysUser?username=admin.
|
03 Feb 2023
|
|
|
CVE-2021-37306
|
N/A |
An Insecure Permissions issue in jeecg-boot 2.4.5 and earlier allows remote attackers to gain escalated privilege and view sensitive information via api uri: api uri:/sys/user/checkOnlyUser?username=admin.
|
03 Feb 2023
|
|
|
CVE-2021-37311
|
N/A |
Buffer Overflow vulnerability in fcitx5 5.0.8 allows attackers to cause a denial of service via crafted message to the application's listening port.
|
03 Feb 2023
|
|
|
CVE-2022-45491
|
N/A |
Buffer overflow vulnerability in function json_parse_value in sheredom json.h before commit 0825301a07cbf51653882bf2b153cc81fdadf41 (November 14, 2022) allows attackers to code arbitrary code and gain escalated privileges.
|
03 Feb 2023
|
|
|
CVE-2022-47762
|
N/A |
In gin-vue-admin < 2.5.5, the download module has a Path Traversal vulnerability.
|
03 Feb 2023
|
|
|
CVE-2022-48021
|
N/A |
A vulnerability in Zammad v5.3.0 allows attackers to execute arbitrary code or escalate privileges via a crafted message sent to the server.
|
03 Feb 2023
|
|
|
CVE-2022-48022
|
N/A |
An issue in the component /api/v1/mentions of Zammad v5.3.0 allows authenticated attackers with agent permissions to view information about tickets they are not authorized to see.
|
03 Feb 2023
|
|
|
CVE-2023-23086
|
N/A |
Buffer OverFlow Vulnerability in MojoJson v1.2.3 allows an attacker to execute arbitrary code via the SkipString function.
|
03 Feb 2023
|
|
|
CVE-2023-23087
|
N/A |
An issue was found in MojoJson v1.2.3 allows attackers to execute arbitary code via the destroy function.
|
03 Feb 2023
|
|
|
CVE-2023-23088
|
N/A |
Buffer OverFlow Vulnerability in Barenboim json-parser master and v1.1.0 fixed in v1.1.1 allows an attacker to execute arbitrary code via the json_value_parse function.
|
03 Feb 2023
|
CVE-2021-36444
N/A
03 Feb 2023
Cross Site Request Forgery (CSRF) vulnerability in imcat 5.4 allows remote attackers to gain escalated privileges via flaws one time token generation on the add administrator page.
CVE-2021-36484
N/A
03 Feb 2023
SQL injection vulnerability in JIZHICMS 1.9.5 allows attackers to run arbitrary SQL commands via add or edit article page.
CVE-2021-36535
N/A
03 Feb 2023
Buffer Overflow vulnerability in Cesanta mJS 1.26 allows remote attackers to cause a denial of service via crafted .js file to mjs_set_errorf.
CVE-2021-36424
N/A
03 Feb 2023
An issue discovered in phpwcms 1.9.25 allows remote attackers to run arbitrary code via DB user field during installation.
CVE-2021-36425
N/A
03 Feb 2023
Directory traversal vulnerability in phpcms 1.9.25 allows remote attackers to delete arbitrary files via unfiltered $file parameter to unlink method in include/inc_act/act_ftptakeover.php file.
CVE-2021-36426
N/A
03 Feb 2023
File Upload vulnerability in phpwcms 1.9.25 allows remote attackers to run arbitrary code via crafted file upload to include/inc_lib/general.inc.php.
CVE-2021-36431
N/A
03 Feb 2023
SQL injection vulnerability in jocms 0.8 allows remote attackers to run arbitrary SQL commands and view sentivie information via jo_json_check() function in jocms/apps/mask/inc/mask.php.
CVE-2021-36432
N/A
03 Feb 2023
SQL injection vulnerability in jocms 0.8 allows remote attackers to run arbitrary SQL commands and view sentivie information via jo_set_mask() function in jocms/apps/mask/mask.php.
CVE-2021-36433
N/A
03 Feb 2023
SQL injection vulnerability in jocms 0.8 allows remote attackers to run arbitrary SQL commands and view sentivie information via jo_delete_mask function in jocms/apps/mask/mask.php.
CVE-2022-34138
N/A
03 Feb 2023
Insecure direct object references (IDOR) in the web server of Biltema IP and Baby Camera Software v124 allows attackers to access sensitive information.
CVE-2023-20854
N/A
03 Feb 2023
VMware Workstation contains an arbitrary file deletion vulnerability. A malicious actor with local user privileges on the victim's machine may exploit this vulnerability to delete arbitrary files from the file system of the machine on which Workstation is installed.
CVE-2021-37502
N/A
03 Feb 2023
Cross Site Scripting (XSS) vulnerability in automad 1.7.5 allows remote attackers to run arbitrary code via the user name field when adding a user.
CVE-2021-37518
N/A
03 Feb 2023
Universal Cross Site Scripting (UXSS) vulnerability in Vimium Extension 1.66 and earlier allows remote attackers to run arbitrary code via omnibar feature.
CVE-2021-37519
N/A
03 Feb 2023
Buffer Overflow vulnerability in authfile.c memcached 1.6.9 allows attackers to cause a denial of service via crafted authenticattion file.
CVE-2021-36532
N/A
03 Feb 2023
Race condition vulnerability discovered in portfolioCMS 1.0 allows remote attackers to run arbitrary code via fileExt parameter to localhost/admin/uploads.php.
CVE-2021-37305
N/A
03 Feb 2023
An Insecure Permissions issue in jeecg-boot 2.4.5 and earlier allows remote attackers to gain escalated privilege and view sensitive information via api uri: /sys/user/querySysUser?username=admin.
CVE-2021-37306
N/A
03 Feb 2023
An Insecure Permissions issue in jeecg-boot 2.4.5 and earlier allows remote attackers to gain escalated privilege and view sensitive information via api uri: api uri:/sys/user/checkOnlyUser?username=admin.
CVE-2021-37311
N/A
03 Feb 2023
Buffer Overflow vulnerability in fcitx5 5.0.8 allows attackers to cause a denial of service via crafted message to the application's listening port.
CVE-2022-45491
N/A
03 Feb 2023
Buffer overflow vulnerability in function json_parse_value in sheredom json.h before commit 0825301a07cbf51653882bf2b153cc81fdadf41 (November 14, 2022) allows attackers to code arbitrary code and gain escalated privileges.
CVE-2022-47762
N/A
03 Feb 2023
In gin-vue-admin < 2.5.5, the download module has a Path Traversal vulnerability.
CVE-2022-48021
N/A
03 Feb 2023
A vulnerability in Zammad v5.3.0 allows attackers to execute arbitrary code or escalate privileges via a crafted message sent to the server.
CVE-2022-48022
N/A
03 Feb 2023
An issue in the component /api/v1/mentions of Zammad v5.3.0 allows authenticated attackers with agent permissions to view information about tickets they are not authorized to see.
CVE-2023-23086
N/A
03 Feb 2023
Buffer OverFlow Vulnerability in MojoJson v1.2.3 allows an attacker to execute arbitrary code via the SkipString function.
CVE-2023-23087
N/A
03 Feb 2023
An issue was found in MojoJson v1.2.3 allows attackers to execute arbitary code via the destroy function.
CVE-2023-23088
N/A
03 Feb 2023
Buffer OverFlow Vulnerability in Barenboim json-parser master and v1.1.0 fixed in v1.1.1 allows an attacker to execute arbitrary code via the json_value_parse function.
Page 568 of 619
Page 568 of 619