Vulnerabilities (CVE)

Total 23448 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2017-6027 1 Codesys 1 Web Server 2023-12-10 7.5 HIGH 9.8 CRITICAL
An Arbitrary File Upload issue was discovered in 3S-Smart Software Solutions GmbH CODESYS Web Server. The following versions of CODESYS Web Server, part of the CODESYS WebVisu web browser visualization software, are affected: CODESYS Web Server Versions 2.3 and prior. A specially crafted web server request may allow the upload of arbitrary files (with a dangerous type) to the CODESYS Web Server without authorization which may allow remote code execution.
CVE-2016-7931 1 Tcpdump 1 Tcpdump 2023-12-10 7.5 HIGH 9.8 CRITICAL
The MPLS parser in tcpdump before 4.9.0 has a buffer overflow in print-mpls.c:mpls_print().
CVE-2016-8749 1 Apache 1 Camel 2023-12-10 7.5 HIGH 9.8 CRITICAL
Apache Camel's Jackson and JacksonXML unmarshalling operation are vulnerable to Remote Code Execution attacks.
CVE-2014-7920 1 Google 1 Android 2023-12-10 10.0 HIGH 9.8 CRITICAL
mediaserver in Android 2.2 through 5.x before 5.1 allows attackers to gain privileges. NOTE: This is a different vulnerability than CVE-2014-7921.
CVE-2016-7935 1 Tcpdump 1 Tcpdump 2023-12-10 7.5 HIGH 9.8 CRITICAL
The RTP parser in tcpdump before 4.9.0 has a buffer overflow in print-udp.c:rtp_print().
CVE-2017-5539 1 B2evolution 1 B2evolution 2023-12-10 9.0 HIGH 9.1 CRITICAL
The patch for directory traversal (CVE-2017-5480) in b2evolution version 6.8.4-stable has a bypass vulnerability. An attacker can use ..\/ to bypass the filter rule. Then, this attacker can exploit this vulnerability to delete or read any files on the server. It can also be used to determine whether a file exists.
CVE-2017-3159 1 Apache 1 Camel 2023-12-10 7.5 HIGH 9.8 CRITICAL
Apache Camel's camel-snakeyaml component is vulnerable to Java object de-serialization vulnerability. De-serializing untrusted data can lead to security flaws.
CVE-2017-7864 1 Freetype 1 Freetype 2023-12-10 7.5 HIGH 9.8 CRITICAL
FreeType 2 before 2017-02-02 has an out-of-bounds write caused by a heap-based buffer overflow related to the tt_size_reset function in truetype/ttobjs.c.
CVE-2017-5344 1 Dotcms 1 Dotcms 2023-12-10 7.5 HIGH 9.8 CRITICAL
An issue was discovered in dotCMS through 3.6.1. The findChildrenByFilter() function which is called by the web accessible path /categoriesServlet performs string interpolation and direct SQL query execution. SQL quote escaping and a keyword blacklist were implemented in a new class, SQLUtil (main/java/com/dotmarketing/common/util/SQLUtil.java), as part of the remediation of CVE-2016-8902; however, these can be overcome in the case of the q and inode parameters to the /categoriesServlet path. Overcoming these controls permits a number of blind boolean SQL injection vectors in either parameter. The /categoriesServlet web path can be accessed remotely and without authentication in a default dotCMS deployment.
CVE-2016-5068 1 Sierrawireless 2 Aleos Firmware, Gx 440 2023-12-10 7.5 HIGH 9.8 CRITICAL
Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 do not require authentication for Embedded_Ace_Get_Task.cgi requests.
CVE-2015-0855 1 Pitivi 1 Pitivi 2023-12-10 10.0 HIGH 9.8 CRITICAL
The _mediaLibraryPlayCb function in mainwindow.py in pitivi before 0.95 allows attackers to execute arbitrary code via shell metacharacters in a file path.
CVE-2014-8704 1 Wondercms 1 Wondercms 2023-12-10 7.5 HIGH 9.8 CRITICAL
Directory traversal vulnerability in index.php in Wonder CMS 2014 allows remote attackers to include and execute arbitrary local files via a crafted theme.
CVE-2017-7925 1 Dahuasecurity 30 Ddh-hcvr4xxx, Dh-hcvr4xxx Firmware, Dh-hcvr5xxx and 27 more 2023-12-10 5.0 MEDIUM 9.8 CRITICAL
A Password in Configuration File issue was discovered in Dahua DH-IPC-HDBW23A0RN-ZS, DH-IPC-HDBW13A0SN, DH-IPC-HDW1XXX, DH-IPC-HDW2XXX, DH-IPC-HDW4XXX, DH-IPC-HFW1XXX, DH-IPC-HFW2XXX, DH-IPC-HFW4XXX, DH-SD6CXX, DH-NVR1XXX, DH-HCVR4XXX, DH-HCVR5XXX, DHI-HCVR51A04HE-S3, DHI-HCVR51A08HE-S3, and DHI-HCVR58A32S-S2 devices. The password in configuration file vulnerability was identified, which could lead to a malicious user assuming the identity of a privileged user and gaining access to sensitive information.
CVE-2016-9343 1 Rockwellautomation 32 1768 Compact Guardlogix L4xs Controller, 1768 Compact Guardlogix L4xs Controller Firmware, 1768 Compactlogix L4x Controller and 29 more 2023-12-10 7.5 HIGH 10.0 CRITICAL
An issue was discovered in Rockwell Automation Logix5000 Programmable Automation Controller FRN 16.00 through 21.00 (excluding all firmware versions prior to FRN 16.00, which are not affected). By sending malformed common industrial protocol (CIP) packet, an attacker may be able to overflow a stack-based buffer and execute code on the controller or initiate a nonrecoverable fault resulting in a denial of service.
CVE-2016-9051 1 Aerospike 1 Database Server 2023-12-10 7.5 HIGH 9.8 CRITICAL
An exploitable out-of-bounds write vulnerability exists in the batch transaction field parsing functionality of Aerospike Database Server 3.10.0.3. A specially crafted packet can cause an out-of-bounds write resulting in memory corruption which can lead to remote code execution. An attacker can simply connect to the port to trigger this vulnerability.
CVE-2017-3266 1 Oracle 1 Outside In Technology 2023-12-10 7.5 HIGH 9.8 CRITICAL
Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). Supported versions that are affected are 8.5.2 and 8.5.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in takeover of Oracle Outside In Technology. Note: Outside In Technology is a suite of software development kits (SDKs). The protocol and CVSS score depend on the software that uses the Outside In Technology code. The CVSS score assumes that the software passes data received over a network directly to Outside In Technology code, but if data is not received over a network the CVSS score may be lower. CVSS v3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts).
CVE-2017-5677 1 Pear 1 Html Ajax 2023-12-10 7.5 HIGH 9.8 CRITICAL
PEAR HTML_AJAX 0.3.0 through 0.5.7 has a PHP Object Injection Vulnerability in the PHP Serializer. It allows remote code execution. In one viewpoint, the root cause is an incorrect regular expression.
CVE-2016-10107 1 Western Digital 1 Mycloud Nas 2023-12-10 10.0 HIGH 9.8 CRITICAL
Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11.142 index.php page via a modified Cookie header.
CVE-2016-5100 1 Froxlor 1 Froxlor 2023-12-10 5.0 MEDIUM 9.8 CRITICAL
Froxlor before 0.9.35 uses the PHP rand function for random number generation, which makes it easier for remote attackers to guess the password reset token by predicting a value.
CVE-2017-8305 1 13thmonkey 1 Udfclient 2023-12-10 7.5 HIGH 9.8 CRITICAL
The UDFclient (before 0.8.8) custom strlcpy implementation has a buffer overflow. UDFclient's strlcpy is used only on systems with a C library (e.g., glibc) that lacks its own strlcpy.