Vulnerabilidades en N/A

159.602 resultados

CVE-2022-35914CRITICAL/vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed module for GLPI through 10.0.2 allows PHP code injection.EPSS 99.5%KEV CVE-2018-0171HIGHA vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attackerEPSS 99.5%KEV CVE-2017-1000028—Oracle, GlassFish Server Open Source Edition 4.1 is vulnerable to both authenticated and unauthenticated Directory Traversal vulnerability, EPSS 99.5%CVE-2013-0156—active_support/core_ext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19, 3.1.x before 3.1.10, and 3.2.x before 3.2.1EPSS 99.4%CVE-2011-0611HIGHAdobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and earlier on Android; Adobe AIR before 2.6.EPSS 99.4%KEV CVE-2023-34960—A command injection vulnerability in the wsConvertPpt component of Chamilo v1.11.* up to v1.11.18 allows attackers to execute arbitrary commEPSS 99.4%CVE-2021-32030CRITICALThe administrator application on ASUS GT-AC2900 devices before 3.0.0.4.386.42643 and Lyra Mini before 3.0.0.4_384_46630 allows authenticatioEPSS 99.4%KEV CVE-2015-5119HIGHUse-after-free vulnerability in the ByteArray class in the ActionScript 3 (AS3) implementation in Adobe Flash Player 13.x through 13.0.0.296EPSS 99.3%KEV CVE-2014-6287CRITICALThe findMacroMarker function in parserLib.pas in Rejetto HTTP File Server (aks HFS or HttpFileServer) 2.3x before 2.3c allows remote attackeEPSS 99.3%KEV CVE-2021-3156HIGHSudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root EPSS 99.3%KEV CVE-2023-23333CRITICALThere is a command injection vulnerability in SolarView Compact through 6.00, attackers can execute commands by bypassing internal restrictiEPSS 99.3%CVE-2022-40300—Zoho ManageEngine Password Manager Pro through 12120 before 12121, PAM360 through 5550 before 5600, and Access Manager Plus through 4304 befEPSS 99.3%CVE-2021-42237CRITICALSitecore XP 7.5 Initial Release to Sitecore XP 8.2 Update-7 is vulnerable to an insecure deserialization attack where it is possible to achiEPSS 99.2%KEV CVE-2022-24637—Open Web Analytics (OWA) before 1.7.4 allows an unauthenticated remote attacker to obtain sensitive user information, which can be used to gEPSS 99.1%CVE-2021-44529CRITICALA code injection vulnerability in the Ivanti EPM Cloud Services Appliance (CSA) allows an unauthenticated user to execute arbitrary code witEPSS 99.1%KEV CVE-2020-10199HIGHSonatype Nexus Repository before 3.21.2 allows JavaEL Injection (issue 1 of 2).EPSS 99.1%KEV CVE-2015-1538—Integer overflow in the SampleTable::setSampleToChunkParams function in SampleTable.cpp in libstagefright in Android before 5.1.1 LMY48I allEPSS 99.1%CVE-2019-16278CRITICALDirectory Traversal in the function http_verify in nostromo nhttpd through 1.9.6 allows an attacker to achieve remote code execution via a cEPSS 99.1%KEV CVE-2017-3881CRITICALA vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an unautheEPSS 99.0%KEV CVE-2022-30333HIGHRARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstEPSS 99.0%KEV

← anteriorpágina 5 / 7981siguiente →