CVE-2021-41293
|
ECOA BAS controller - Path Traversal-3 |
ECOA |
ECS Router Controller ECS (FLASH), RiskBuster Terminator E6L45, RiskBuster System RB 3.0.0, RiskBuster System TRANE 1.0, Graphic Control Software, SmartHome II E9246, RiskTerminator |
2025-06-21 12:00:50 UTC |
The Shadowserver (via CIRCL) |
CVE-2025-0868
|
Remote Code Execution in DocsGPT |
Arc53 |
DocsGPT |
2025-06-21 12:00:43 UTC |
The Shadowserver (via CIRCL) |
CVE-2020-11455
|
LimeSurvey before 4.1.12+200324 contains a path traversal vulnerability in application/controllers/admin/LimeSurveyFileManager.php. |
LimeSurvey |
LimeSurvey |
2025-06-21 12:00:35 UTC |
The Shadowserver (via CIRCL) |
CVE-2018-14912
|
cgit_clone_objects in CGit before 1.2.1 has a directory traversal vulnerability when `enable-http-clone=1` is not turned off, as demonstrated by a... |
CGit |
CGit |
2025-06-21 12:00:25 UTC |
The Shadowserver (via CIRCL) |
CVE-2018-11222
|
Local File Inclusion (LFI) in Artica Pandora FMS through version 7.23 allows an attacker to call any php file via the /pandora_console/ajax.php... |
Artica |
Pandora FMS |
2025-06-21 12:00:14 UTC |
The Shadowserver (via CIRCL) |
CVE-2025-4322
|
Motors <= 5.6.67 - Unauthenticated Privilege Escalation via Password Update/Account Takeover |
StylemixThemes |
Motors - Car Dealer, Rental & Listing WordPress theme |
2025-06-20 12:10:36 UTC |
Wordfence |
CVE-2024-7120
|
Raisecom MSG1200/MSG2100E/MSG2200/MSG2300 Web Interface list_base_config.php os command injection |
Raisecom |
MSG1200, MSG2100E, MSG2200, MSG2300 |
2025-06-20 12:00:18 UTC |
The Shadowserver (via CIRCL) |
CVE-2024-9644
|
Four-Faith F3x36 bapply.cgi Auth Bypass |
Four-Faith |
F3x36 |
2025-06-19 12:00:28 UTC |
The Shadowserver (via CIRCL) |
CVE-2022-39960
|
The Netic Group Export add-on before 1.0.3 for Atlassian Jira does not perform authorization checks. This might allow an unauthenticated user to... |
Netic Group |
Group Export add-on for Atlassian Jira |
2025-06-18 12:00:41 UTC |
The Shadowserver (via CIRCL) |
CVE-2022-31847
|
A vulnerability in /cgi-bin/ExportAllSettings.sh of WAVLINK WN579 X3 M79X3.V5030.180719 allows attackers to obtain sensitive router information via... |
WAVLINK |
WN579 X3 |
2025-06-18 12:00:31 UTC |
The Shadowserver (via CIRCL) |
CVE-2022-48164
|
An access control issue in the component /cgi-bin/ExportLogs.sh of Wavlink WL-WN533A8 M33A8.V5030.190716 allows unauthenticated attackers to... |
Wavlink |
WL-WN533A8 |
2025-06-18 12:00:21 UTC |
The Shadowserver (via CIRCL) |
CVE-2023-0386
|
A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux... |
Linux |
Kernel |
2025-06-17 17:30:12 UTC |
CISA |
CVE-2025-43200
|
This issue was addressed with improved checks. This issue is fixed in watchOS 11.3.1, macOS Ventura 13.7.4, iOS 15.8.4 and iPadOS 15.8.4, iOS... |
Apple |
iOS and iPadOS, macOS, iPadOS, watchOS, visionOS |
2025-06-16 22:40:18 UTC |
CVE |
CVE-2023-33538
|
TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to contain a command injection vulnerability via the component... |
TP-Link |
TL-WR940N, TL-WR841N, TL-WR740N |
2025-06-16 17:15:14 UTC |
CISA |
CVE-2020-8191
|
Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18, 12.0-63.21, 11.1-64.14 and 10.5-70.18 and Citrix... |
Citrix |
ADC, Gateway, SDWAN WAN-OP |
2025-06-13 12:00:19 UTC |
The Shadowserver (via CIRCL) |
CVE-2023-1020
|
Steveas WP Live Chat Shoutbox <= 1.4.2 - Unauthenticated SQLi |
Unknown |
Steveas WP Live Chat Shoutbox |
2025-06-13 12:00:12 UTC |
The Shadowserver (via CIRCL) |
CVE-2021-29203
|
A security vulnerability has been identified in the HPE Edgeline Infrastructure Manager, also known as HPE Edgeline Infrastructure Management... |
HPE |
Edgeline Infrastructure Manager |
2025-06-12 12:00:33 UTC |
The Shadowserver (via CIRCL) |
CVE-2021-34624
|
ProfilePress 3.0 - 3.1.3 - Arbitrary File Upload in File Uploader Component |
ProfilePress |
ProfilePress |
2025-06-12 12:00:25 UTC |
The Shadowserver (via CIRCL) |
CVE-2024-32735
|
CyberPower PowerPanel Enterprise Missing Authentication |
CyberPower |
CyberPower PowerPanel Enterprise |
2025-06-11 12:00:35 UTC |
The Shadowserver (via CIRCL) |
CVE-2009-0545
|
cgi-bin/kerbynet in ZeroShell 1.0beta11 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the type... |
ZeroShell |
ZeroShell |
2025-06-11 12:00:26 UTC |
The Shadowserver (via CIRCL) |
CVE-2025-32433
|
Erlang/OTP SSH Vulnerable to Pre-Authentication RCE |
erlang |
otp |
2025-06-11 08:45:31 UTC |
CISA |
CVE-2024-42009
|
A Cross-Site Scripting vulnerability in Roundcube through 1.5.7 and 1.6.x through 1.6.7 allows a remote attacker to steal and send emails of a... |
Roundcube |
Roundcube Webmail |
2025-06-11 08:45:23 UTC |
CISA |
CVE-2025-33053
|
Internet Shortcut Files Remote Code Execution Vulnerability |
Microsoft |
Windows 10 Version 1809, Windows Server 2019, Windows Server 2019 (Server Core installation), Windows Server 2022, Windows 10 Version 21H2, Windows 11 version 22H2, Windows 10 Version 22H2, Windows Server 2025 (Server Core installation), Windows 11 version 22H3, Windows 11 Version 23H2, Windows Server 2022, 23H2 Edition (Server Core installation), Windows 11 Version 24H2, Windows Server 2025, Windows 10 Version 1507, Windows 10 Version 1607, Windows Server 2016, Windows Server 2016 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 Service Pack 2 (Server Core installation), Windows Server 2008 Service Pack 2, Windows Server 2008 R2 Service Pack 1, Windows Server 2008 R2 Service Pack 1 (Server Core installation), Windows Server 2012, Windows Server 2012 (Server Core installation), Windows Server 2012 R2, Windows Server 2012 R2 (Server Core installation) |
2025-06-11 08:45:15 UTC |
CISA |
CVE-2019-1821
|
Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerabilities |
Cisco |
Cisco Prime Infrastructure |
2025-06-09 12:00:22 UTC |
The Shadowserver (via CIRCL) |
CVE-2020-11546
|
SuperWebMailer 7.21.0.01526 is susceptible to a remote code execution vulnerability in the Language parameter of mailingupgrade.php. An... |
SuperWebMailer |
SuperWebMailer |
2025-06-09 12:00:13 UTC |
The Shadowserver (via CIRCL) |