π¨ NEW: CVE-2022-34916 π¨ Apache Flume versions 1.4.0 through 1.10.0 are vulnerable to a remote code execution () attack when a configuration uses a JMS Source with a JNDI LDAP data source URI when an attacker has... (click for more) Severity: CRITICAL
Posted 1 year ago (21 December 2022)
π¨ NEW: CVE-2021-26392 π¨ Insufficient verification of missing size check in '' may lead to an out-of-bounds write potentially allowing an attacker with privileges to gain code execution of the OS/kernel by... (click for more) Severity: HIGH
Posted 1 year ago (23 November 2022)
Emerging Vulnerability Found CVE-2022-30768 - A Stored Cross Site Scripting () issue in ZoneMinder 1.36.12 allows an attacker to execute HTML or JavaScript code via the Username field when an Admin (or non-Admin users that can see other use... See
Posted 1 year ago (18 November 2022)
Emerging Vulnerability Found CVE-2022-42468 - Apache Flume versions 1.4.0 through 1.10.1 are vulnerable to a remote code execution () attack when a configuration uses a JMS Source with an unsafe providerURL. This issue is fixed by limiting ... See
Posted 1 year ago (29 October 2022)
Emerging Vulnerability Found CVE-2022-29823 - Feather-Sequalize cleanQuery method uses insecure recursive logic to filter unsupported keys from the query object. This results in a Remote Code Execution () with privileges of application. See
Posted 1 year ago (26 October 2022)
Emerging Vulnerability Found CVE-2022-3586 - A flaw was found in the Linux kernelβs networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer () cb field after the same had been enqueu... See
Posted 2 years ago (20 October 2022)
π¨ NEW: CVE-2020-27814 π¨ A heap-buffer overflow was found in the way handled certain PNG format files. An attacker could use this flaw to cause an application crash or in some cases execute arbitrary code ... (click for more) Severity: HIGH
Posted 2 years ago (06 October 2022)
π¨ NEW: CVE-2022-21504 π¨ The code in U3 was missing an appropiate file descriptor count to be missing. This resulted in a use count error that allowed a file descriptor to a socket to be closed and freed while ... (click for more) Severity: MEDIUM
Posted 2 years ago (14 June 2022)
π¨ NEW: CVE-2022-30234 π¨ A CWE-798: Use of Hard-coded Credentials vulnerability exists that could allow arbitrary code to be executed when root level access is obtained. Affected Products: Wiser Smart, & EE... (click for more) Severity: CRITICAL
Posted 2 years ago (13 June 2022)
π¨ NEW: CVE-2021-21772 π¨ A use-after-free vulnerability exists in the NMR::COpcPackageReader::releaseZIP functionality of 3MF Consortium 2.0.0. A specially crafted 3MF file can lead to code execution. An at... (click for more) Severity: HIGH
Posted 2 years ago (27 May 2022)
π¨ NEW: CVE-2020-12279 π¨ An issue was discovered in before 0.28.4 and 0.9x before 0.99.0. checkout.c mishandles equivalent filenames that exist because of NTFS short names. This may allow remote code executi... (click for more) Severity: CRITICAL
Posted 2 years ago (20 March 2022)
π¨ NEW: CVE-2022-25325 π¨ Use after free vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution b... (click for more) Severity: HIGH
Posted 2 years ago (14 March 2022)
π¨ NEW: CVE-2022-25230 π¨ Use after free vulnerability in CX-Programmer v9.76.1 and earlier which is a part of CX-One (v4.60) suite allows an attacker to cause information disclosure and/or arbitrary code execution b... (click for more) Severity: HIGH
Posted 2 years ago (14 March 2022)
π¨ NEW: CVE-2021-33852 π¨ A cross-site scripting (XSS) attack can cause arbitrary code () to run in a user's browser and can use an application as the vehicle for the attack. The XSS payload given in the "D... (click for more) Severity: MEDIUM
Posted 2 years ago (11 March 2022)
π¨ NEW: CVE-2021-33851 π¨ A cross-site scripting (XSS) attack can cause arbitrary code () to run in a user's browser and can use an application as the vehicle for the attack. The XSS payload given in the "C... (click for more) Severity: MEDIUM
Posted 2 years ago (11 March 2022)
π¨ NEW: CVE-2021-46319 π¨ Remote Code Execution () vulnerability exists in D-Link Router DIR-846 DIR846A1_FW100A43.bin and DIR846enFW100A53DLA-Retail.bin. Malicious users can use this vulnerability to use "\ " or ... (click for more)
Posted 2 years ago (17 February 2022)
π¨ NEW: CVE-2021-43269 π¨ In Code42 app before 8.8.0, eval injection allows an attacker to change a deviceβs proxy configuration to use a malicious proxy auto-config () file, leading to arbitrary code execution. T... (click for more) Severity: HIGH
Posted 2 years ago (25 January 2022)
π¨ NEW: CVE-2021-44116 π¨ Cross Site Scripting () vulnerability exits in Anchor CMS <=0.12.7 in posts.php. Attackers can use the posts column to upload the title and content containing malicious code to achieve th... (click for more) Severity: MEDIUM
Posted 2 years ago (20 December 2021)
π¨ NEW: CVE-2019-17571 π¨ Included in 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deseriali... (click for more) Severity: CRITICAL
Posted 3 years ago (06 October 2021)
New vulnerability on the NVD: CVE-2012-0941 Multiple cross-site scripting () vulnerabiliβ¦
Posted 6 years ago (08 February 2018)