CVE-2023-35844
|
packages/backend/src/routers in Lightdash before 0.510.3 has insecure file endpoints, e.g., they allow .. directory traversal and do not ensure... |
Lightdash |
Lightdash |
2025-07-28 12:00:42 UTC |
The Shadowserver (via CIRCL) |
CVE-2019-18393
|
PluginServlet.java in Ignite Realtime Openfire through 4.4.2 does not ensure that retrieved files are located under the Openfire home directory,... |
Ignite Realtime |
Openfire |
2025-07-28 12:00:32 UTC |
The Shadowserver (via CIRCL) |
CVE-2021-21087
|
ColdFusion Improper neutralization of web input during page generation could lead to arbitrary JavaScript execution in the browser |
Adobe |
ColdFusion |
2025-07-26 12:00:25 UTC |
The Shadowserver (via CIRCL) |
CVE-2025-20337
|
Cisco ISE API Unauthenticated Remote Code Execution Vulnerability |
Cisco |
Cisco Identity Services Engine Software, Cisco ISE Passive Identity Connector |
2025-07-26 04:40:32 UTC |
CVE |
CVE-2025-20281
|
Cisco ISE API Unauthenticated Remote Code Execution Vulnerability |
Cisco |
Cisco Identity Services Engine Software |
2025-07-26 04:40:25 UTC |
CVE |
CVE-2023-2533
|
PaperCut MF/NG 22.0.10 (Build 65996 2023-03-27) - Remote code execution via CSRF |
PaperCut |
PaperCut NG/MF |
2025-07-26 04:40:18 UTC |
CVE |
CVE-2020-26073
|
Cisco SD-WAN vManage Directory Traversal Vulnerability |
Cisco |
Cisco Catalyst SD-WAN Manager |
2025-07-25 12:00:46 UTC |
The Shadowserver (via CIRCL) |
CVE-2016-0457
|
Unspecified vulnerability in the Application Mgmt Pack for E-Business Suite component in Oracle E-Business Suite 12.1 and 12.2 allows remote... |
Oracle |
E-Business Suite |
2025-07-25 12:00:35 UTC |
The Shadowserver (via CIRCL) |
CVE-2024-10586
|
Debug Tool <= 2.2 - Unauthenticated Arbitrary File Creation |
eugenbobrowski |
Debug Tool |
2025-07-25 12:00:27 UTC |
The Shadowserver (via CIRCL) |
CVE-2024-46938
|
An issue was discovered in Sitecore Experience Platform (XP), Experience Manager (XM), and Experience Commerce (XC) 8.0 Initial Release through... |
Sitecore |
Experience Platform, Experience Manager, Experience Commerce |
2025-07-25 12:00:17 UTC |
The Shadowserver (via CIRCL) |
CVE-2020-27986
|
SonarQube 8.4.2.36762 allows remote attackers to discover cleartext SMTP, SVN, and GitLab credentials via the api/settings/values URI. NOTE:... |
SonarSource |
SonarQube |
2025-07-24 12:00:33 UTC |
The Shadowserver (via CIRCL) |
CVE-2022-23347
|
BigAnt Software BigAnt Server v5.6.06 was discovered to be vulnerable to directory traversal attacks. |
BigAnt Software |
BigAnt Server |
2025-07-24 12:00:23 UTC |
The Shadowserver (via CIRCL) |
CVE-2019-18371
|
An issue was discovered on Xiaomi Mi WiFi R3G devices before 2.28.23-stable. There is a directory traversal vulnerability to read arbitrary files... |
Xiaomi |
Mi WiFi R3G |
2025-07-24 12:00:12 UTC |
The Shadowserver (via CIRCL) |
CVE-2025-40598
|
A Reflected cross-site scripting (XSS) vulnerability exists in the SMA100 series web interface, allowing a remote unauthenticated attacker to... |
SonicWall |
SMA 100 Series |
2025-07-23 15:45:28 UTC |
SonicWall Security Advisories |
CVE-2025-40597
|
A Heap-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service... |
SonicWall |
SMA 100 Series |
2025-07-23 15:45:22 UTC |
SonicWall Security Advisories |
CVE-2025-40596
|
A Stack-based buffer overflow vulnerability in the SMA100 series web interface allows remote, unauthenticated attacker to cause Denial of Service... |
SonicWall |
SMA 100 Series |
2025-07-23 15:45:15 UTC |
SonicWall Security Advisories |
CVE-2022-22242
|
Junos OS: Cross-site Scripting (XSS) vulnerability in J-Web |
Juniper Networks |
Junos OS |
2025-07-22 12:00:57 UTC |
The Shadowserver (via CIRCL) |
CVE-2023-45878
|
GibbonEdu Gibbon version 25.0.1 and before allows Arbitrary File Write because rubrics_visualise_saveAjax.phps does not require authentication. The... |
GibbonEdu |
Gibbon |
2025-07-22 12:00:48 UTC |
The Shadowserver (via CIRCL) |
CVE-2022-29014
|
A local file inclusion vulnerability in Razer Sila Gaming Router v2.0.441_api-2.0.418 allows attackers to read arbitrary files. |
Razer |
Sila Gaming Router |
2025-07-22 12:00:39 UTC |
The Shadowserver (via CIRCL) |
CVE-2024-7097
|
Incorrect Authorization in Multiple WSO2 Products via SOAP Admin Service Allowing Unauthorized User Signup |
WSO2 |
WSO2 Open Banking AM, WSO2 Open Banking KM, WSO2 Identity Server as Key Manager, WSO2 API Manager, WSO2 Identity Server, WSO2 Open Banking IAM, WSO2 Enterprise Mobility Manager |
2025-07-22 12:00:32 UTC |
The Shadowserver (via CIRCL) |
CVE-2022-21500
|
Vulnerability in Oracle E-Business Suite (component: Manage Proxies). The supported version that is affected is 12.2. Easily exploitable... |
Oracle Corporation |
User Management |
2025-07-21 12:00:21 UTC |
The Shadowserver (via CIRCL) |
CVE-2025-49704
|
Microsoft SharePoint Remote Code Execution Vulnerability |
Microsoft |
Microsoft SharePoint Enterprise Server 2016, Microsoft SharePoint Server 2019 |
2025-07-21 05:45:20 UTC |
TheHackerNews |
CVE-2025-53771
|
Microsoft SharePoint Server Spoofing Vulnerability |
Microsoft |
Microsoft SharePoint Enterprise Server 2016, Microsoft SharePoint Server 2019, Microsoft SharePoint Server Subscription Edition |
2025-07-20 23:45:29 UTC |
BleepingComputer |
CVE-2025-49706
|
Microsoft SharePoint Server Spoofing Vulnerability |
Microsoft |
Microsoft SharePoint Enterprise Server 2016, Microsoft SharePoint Server 2019, Microsoft SharePoint Server Subscription Edition |
2025-07-20 10:15:32 UTC |
TheHackerNews |
CVE-2025-53770
|
Microsoft SharePoint Server Remote Code Execution Vulnerability |
Microsoft |
Microsoft SharePoint Enterprise Server 2016, Microsoft SharePoint Server 2019, Microsoft SharePoint Server Subscription Edition |
2025-07-20 10:15:25 UTC |
TheHackerNews |