Vulnerabilities (CVE)

Filtered by CWE-264
Total 5300 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2012-2928 2 Atlassian, Gliffy 3 Confluence Server, Jira, Gliffy 2022-05-14 6.4 MEDIUM N/A
The Gliffy plugin before 3.7.1 for Atlassian JIRA, and before 4.2 for Atlassian Confluence, does not properly restrict the capabilities of third-party XML parsers, which allows remote attackers to read arbitrary files or cause a denial of service (resource consumption) via unspecified vectors.
CVE-2016-5573 1 Oracle 2 Jdk, Jre 2022-05-13 6.8 MEDIUM 8.3 HIGH
Unspecified vulnerability in Oracle Java SE 6u121, 7u111, 8u102; and Java SE Embedded 8u101 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Hotspot, a different vulnerability than CVE-2016-5582.
CVE-2022-29444 1 Cloudways 1 Breeze 2022-05-09 3.5 LOW 5.4 MEDIUM
Plugin Settings Change leading to Cross-Site Scripting (XSS) vulnerability in Cloudways Breeze plugin <= 2.0.2 on WordPress allows users with a subscriber or higher user role to execute any of the wp_ajax_* actions in the class Breeze_Configuration which includes the ability to change any of the plugin's settings including CDN setting which could be further used for XSS attack.
CVE-2007-6424 1 Netfortris 1 Trixbox 2022-04-18 4.3 MEDIUM N/A in Fonality Trixbox 2.0 PBX products, when running in certain environments, reads and executes a set of commands from a remote web site without sufficiently validating the origin of the commands, which allows remote attackers to disable trixbox and execute arbitrary commands via a DNS spoofing attack.
CVE-2016-8561 1 Siemens 2 Simatic Cp 1543-1, Simatic Cp 1543-1 Firmware 2022-04-12 6.0 MEDIUM 6.6 MEDIUM
A vulnerability has been identified in SIMATIC CP 1543-1 (All versions < V2.0.28), SIPLUS NET CP 1543-1 (All versions < V2.0.28). Users with elevated privileges to TIA-Portal and project data on the engineering station could possibly get privileged access on affected devices.
CVE-2013-4152 2 Springsource, Vmware 2 Spring Framework, Spring Framework 2022-04-11 6.8 MEDIUM N/A
The Spring OXM wrapper in Spring Framework before 3.2.4 and 4.0.0.M1, when using the JAXB marshaller, does not disable entity resolution, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via an XML external entity declaration in conjunction with an entity reference in a (1) DOMSource, (2) StAXSource, (3) SAXSource, or (4) StreamSource, aka an XML External Entity (XXE) issue.
CVE-2013-7315 2 Springsource, Vmware 2 Spring Framework, Spring Framework 2022-04-11 6.8 MEDIUM N/A
The Spring MVC in Spring Framework before 3.2.4 and 4.0.0.M1 through 4.0.0.M2 does not disable external entity resolution for the StAX XMLInputFactory, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML with JAXB, aka an XML External Entity (XXE) issue, and a different vulnerability than CVE-2013-4152. NOTE: this issue was SPLIT from CVE-2013-4152 due to different affected versions.
CVE-2016-5007 2 Pivotal Software, Vmware 3 Spring Framework, Spring Framework, Spring Security 2022-04-11 5.0 MEDIUM 7.5 HIGH
Both Spring Security 3.2.x, 4.0.x, 4.1.0 and the Spring Framework 3.2.x, 4.0.x, 4.1.x, 4.2.x rely on URL pattern mappings for authorization and for mapping requests to controllers respectively. Differences in the strictness of the pattern matching mechanisms, for example with regards to space trimming in path segments, can lead Spring Security to not recognize certain paths as not protected that are in fact mapped to Spring MVC controllers that should be protected. The problem is compounded by the fact that the Spring Framework provides richer features with regards to pattern matching as well as by the fact that pattern matching in each Spring Security and the Spring Framework can easily be customized creating additional differences.
CVE-2011-2581 1 Cisco 3 Nexus 3000, Nexus 5000, Nx-os 2022-04-05 5.0 MEDIUM N/A
The ACL implementation in Cisco NX-OS 5.0(2) and 5.0(3) before 5.0(3)N2(1) on Nexus 5000 series switches, and NX-OS before 5.0(3)U1(2a) on Nexus 3000 series switches, does not properly handle comments in conjunction with deny statements, which allows remote attackers to bypass intended access restrictions in opportunistic circumstances by sending packets, aka Bug IDs CSCto09813 and CSCtr61490.
CVE-2012-1250 1 Logitech 4 Lan-w300n\/r, Lan-w300n\/rs, Lan-w300n\/ru2 and 1 more 2022-02-25 10.0 HIGH N/A
Logitec LAN-W300N/R routers with firmware before 2.27 do not properly restrict login access, which allows remote attackers to obtain administrative privileges and modify settings via vectors related to PPPoE authentication.
CVE-2010-1171 1 Redhat 1 Satellite 2022-02-19 5.5 MEDIUM N/A
Red Hat Network (RHN) Satellite 5.3 and 5.4 exposes a dangerous, obsolete XML-RPC API, which allows remote authenticated users to access arbitrary files and cause a denial of service (failed yum operations) via vectors related to configuration and package group (comps.xml) files for channels.
CVE-2016-2408 2 Microsoft, Pulsesecure 5 Windows, Odyssey Access Client, Pulse Secure Desktop and 2 more 2022-02-18 7.2 HIGH 7.8 HIGH
Pulse Secure Desktop before 5.2R2 and Pulse Secure Installer Service before 8.2R2 and below for Windows allow restricted users to gain privileges via unspecified vectors.
CVE-2014-9304 1 Plex 1 Media Server 2021-12-10 7.5 HIGH N/A
Plex Media Server before allows remote attackers to bypass the web server whitelist, conduct SSRF attacks, and execute arbitrary administrative actions via multiple crafted X-Plex-Url headers to system/proxy, which are inconsistently processed by the request handler in the backend web server.
CVE-2015-5600 1 Openbsd 1 Openssh 2021-11-17 8.5 HIGH N/A
The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a single connection, which makes it easier for remote attackers to conduct brute-force attacks or cause a denial of service (CPU consumption) via a long and duplicative list in the ssh -oKbdInteractiveDevices option, as demonstrated by a modified client that provides a different password for each pam element on this list.
CVE-2013-0337 1 F5 1 Nginx 2021-11-10 7.5 HIGH N/A
The default configuration of nginx, possibly 1.3.13 and earlier, uses world-readable permissions for the (1) access.log and (2) error.log files, which allows local users to obtain sensitive information by reading the files.
CVE-2014-0107 2 Apache, Oracle 2 Xalan-java, Webcenter Sites 2021-10-20 7.5 HIGH N/A
The TransformerFactory in Apache Xalan-Java before 2.7.2 does not properly restrict access to certain properties when FEATURE_SECURE_PROCESSING is enabled, which allows remote attackers to bypass expected restrictions and load arbitrary classes or access external resources via a crafted (1) xalan:content-header, (2) xalan:entities, (3) xslt:content-header, or (4) xslt:entities property, or a Java property that is bound to the XSLT 1.0 system-property function.
CVE-2012-1248 1 Basercms 1 Basercms 2021-09-14 5.1 MEDIUM N/A
app/config/core.php in baserCMS 1.6.15 and earlier does not properly handle installations in shared-hosting environments, which allows remote attackers to hijack sessions by leveraging administrative access to a different domain.
CVE-2014-5070 1 Microsemi 2 S350i, S350i Firmware 2021-09-13 6.5 MEDIUM 8.8 HIGH
Symmetricom s350i 2.70.15 allows remote authenticated users to gain privileges via vectors related to pushing unauthenticated users to the login page.
CVE-2015-2889 1 Summerinfant 2 Baby Zoom Wifi Monitor, Baby Zoom Wifi Monitor Firmware 2021-09-10 6.5 MEDIUM 8.8 HIGH
Summer Baby Zoom Wifi Monitor & Internet Viewing System allows remote attackers to gain privileges via manual entry of a Settings URL.
CVE-2016-6268 1 Trendmicro 1 Smart Protection Server 2021-09-09 7.2 HIGH 7.8 HIGH
Trend Micro Smart Protection Server 2.5 before build 2200, 2.6 before build 2106, and 3.0 before build 1330 allows local webserv users to execute arbitrary code with root privileges via a Trojan horse .war file in the Solr webapps directory.