Vulnerabilidades en N/A
159.602 resultadosCVE-2020-15505CRITICALA remote code execution vulnerability in MobileIron Core & Connector versions 10.3.0.3 and earlier, 10.4.0.0, 10.4.0.1, 10.4.0.2, 10.4.0.3, EPSS 99.7%KEVCVE-2019-18935CRITICALProgress Telerik UI for ASP.NET AJAX through 2019.3.1023 contains a .NET deserialization vulnerability in the RadAsyncUpload function. This EPSS 99.7%KEVCVE-2012-1446—The ELF file parser in Quick Heal (aka Cat QuickHeal) 11.00, McAfee Anti-Virus Scanning Engine 5.400.0.1158, AVEngine 20101.3.0.103 in SymanEPSS 99.7%CVE-2019-16759CRITICALvBulletin 5.x through 5.5.4 allows remote command execution via the widgetConfig[code] parameter in an ajax/render/widget_php routestring reEPSS 99.7%KEVCVE-2010-2861CRITICALMultiple directory traversal vulnerabilities in the administrator console in Adobe ColdFusion 9.0.1 and earlier allow remote attackers to reEPSS 99.7%KEVCVE-2016-10033CRITICALThe mailSend function in the isMail transport in PHPMailer before 5.2.18 might allow remote attackers to pass extra parameters to the mail cEPSS 99.7%KEVCVE-2008-2938—Directory traversal vulnerability in Apache Tomcat 4.1.0 through 4.1.37, 5.5.0 through 5.5.26, and 6.0.0 through 6.0.16, when allowLinking aEPSS 99.7%CVE-2020-13927CRITICALThe previous default setting for Airflow's Experimental API was to allow all API requests without authentication, but this poses security riEPSS 99.7%KEVCVE-2017-1000353CRITICALJenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an unauthenticated remote code execution. An unauthentEPSS 99.7%KEVCVE-2020-10220—An issue was discovered in rConfig through 3.9.4. The web interface is prone to a SQL injection via the commands.inc.php searchColumn parameEPSS 99.7%CVE-2022-22965CRITICALA Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specificEPSS 99.7%KEVCVE-2023-27372CRITICALSPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions arEPSS 99.7%CVE-2012-1443—The RAR file parser in ClamAV 0.96.4, Rising Antivirus 22.83.00.03, Quick Heal (aka Cat QuickHeal) 11.00, G Data AntiVirus 21, AVEngine 2010EPSS 99.6%CVE-2014-6278HIGHGNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attEPSS 99.6%KEVCVE-2022-37061—All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are vulnerable to Remote Command Injection. This can be exploited toEPSS 99.6%CVE-2014-0094—The ParametersInterceptor in Apache Struts before 2.3.16.2 allows remote attackers to "manipulate" the ClassLoader via the class parameter, EPSS 99.6%CVE-2020-16846CRITICALAn issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Salt API, with the SSH client enabled, can resulEPSS 99.6%KEVCVE-2021-21972CRITICALThe vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access EPSS 99.6%KEVCVE-2021-33045CRITICALThe identity authentication bypass vulnerability found in some Dahua products during the login process. Attackers can bypass device identityEPSS 99.6%KEVCVE-2018-20062CRITICALAn issue was discovered in NoneCms V1.3. thinkphp/library/think/App.php allows remote attackers to execute arbitrary PHP code via crafted usEPSS 99.5%KEV