|
CVE-2015-2419
|
JScript 9 in Microsoft Internet Explorer 10 and 11 allows remote attackers to execute arbitrary code or cause a denial of service (memory... |
n/a |
n/a |
2022-03-28 00:00:00 UTC |
CISA |
|
CVE-2015-1770
|
Microsoft Office 2013 SP1 and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office... |
n/a |
n/a |
2022-03-28 00:00:00 UTC |
CISA |
|
CVE-2013-3660
|
The EPATHOBJ::pprFlattenRec function in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows... |
n/a |
n/a |
2022-03-28 00:00:00 UTC |
CISA |
|
CVE-2013-2729
|
Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to execute arbitrary... |
n/a |
n/a |
2022-03-28 00:00:00 UTC |
CISA |
|
CVE-2013-2551
|
Use-after-free vulnerability in Microsoft Internet Explorer 6 through 10 allows remote attackers to execute arbitrary code via a crafted web site... |
n/a |
n/a |
2022-03-28 00:00:00 UTC |
CISA |
|
CVE-2013-2465
|
Unspecified vulnerability in the Java Runtime Environment (JRE) component in Oracle Java SE 7 Update 21 and earlier, 6 Update 45 and earlier, and... |
n/a |
n/a |
2022-03-28 00:00:00 UTC |
CISA |
|
CVE-2013-1690
|
Mozilla Firefox before 22.0, Firefox ESR 17.x before 17.0.7, Thunderbird before 17.0.7, and Thunderbird ESR 17.x before 17.0.7 do not properly... |
n/a |
n/a |
2022-03-28 00:00:00 UTC |
CISA |
|
CVE-2013-5223
|
Multiple cross-site scripting (XSS) vulnerabilities in D-Link DSL-2760U Gateway (Rev. E1) allow remote authenticated users to inject arbitrary web... |
n/a |
n/a |
2022-03-25 00:00:00 UTC |
CISA |
|
CVE-2019-1003030
|
A sandbox bypass vulnerability exists in Jenkins Pipeline: Groovy Plugin 2.63 and earlier in pom.xml,... |
Jenkins project |
Jenkins Pipeline: Groovy Plugin |
2022-03-25 00:00:00 UTC |
CISA |
|
CVE-2019-0903
|
A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka 'GDI+... |
Microsoft |
Windows, Windows Server, Windows 10 Version 1903 for 32-bit Systems, Windows 10 Version 1903 for x64-based Systems, Windows 10 Version 1903 for ARM64-based Systems, Windows Server, version 1903 (Server Core installation) |
2022-03-25 00:00:00 UTC |
CISA |
|
CVE-2018-8414
|
A remote code execution vulnerability exists when the Windows Shell does not properly validate file paths, aka "Windows Shell Remote Code Execution... |
Microsoft |
Windows 10 Servers, Windows 10 |
2022-03-25 00:00:00 UTC |
CISA |
|
CVE-2018-8373
|
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting... |
Microsoft |
Internet Explorer 9, Internet Explorer 11, Internet Explorer 10 |
2022-03-25 00:00:00 UTC |
CISA |
|
CVE-2018-6961
|
VMware NSX SD-WAN Edge by VeloCloud prior to version 3.1.0 contains a command injection vulnerability in the local web UI component. This component... |
VMware |
NSX SD-WAN by VeloCloud |
2022-03-25 00:00:00 UTC |
CISA |
|
CVE-2018-14839
|
LG N1A1 NAS 3718.510 is affected by: Remote Command Execution. The impact is: execute arbitrary code (remote). The attack vector is: HTTP POST with... |
n/a |
n/a |
2022-03-25 00:00:00 UTC |
CISA |
|
CVE-2018-1273
|
Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability... |
Spring by Pivotal |
Spring Framework |
2022-03-25 00:00:00 UTC |
CISA |
|
CVE-2018-11138
|
The '/common/download_agent_installer.php' script in the Quest KACE System Management Appliance 8.0.318 is accessible by anonymous users and can be... |
n/a |
n/a |
2022-03-25 00:00:00 UTC |
CISA |
|
CVE-2018-0147
|
A vulnerability in Java deserialization used by Cisco Secure Access Control System (ACS) prior to release 5.8 patch 9 could allow an... |
n/a |
Cisco Secure Access Control System |
2022-03-25 00:00:00 UTC |
CISA |
|
CVE-2018-0125
|
A vulnerability in the web interface of the Cisco RV132W ADSL2+ Wireless-N VPN and RV134W VDSL2 Wireless-AC VPN Routers could allow an... |
n/a |
Cisco RV132W and RV134W |
2022-03-25 00:00:00 UTC |
CISA |
|
CVE-2017-6334
|
dnslookup.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote authenticated users to execute arbitrary OS commands via... |
n/a |
n/a |
2022-03-25 00:00:00 UTC |
CISA |
|
CVE-2017-6316
|
Citrix NetScaler SD-WAN devices through v9.1.2.26.561201 allow remote attackers to execute arbitrary shell commands as root via a CGISESSID cookie.... |
n/a |
n/a |
2022-03-25 00:00:00 UTC |
CISA |
|
CVE-2017-3881
|
A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and Cisco IOS XE Software could allow an... |
n/a |
Cisco IOS and IOS XE Software |
2022-03-25 00:00:00 UTC |
CISA |
|
CVE-2017-12617
|
When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled (e.g. via... |
Apache Software Foundation |
Apache Tomcat |
2022-03-25 00:00:00 UTC |
CISA |
|
CVE-2017-12615
|
When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting the readonly initialisation parameter of the Default... |
Apache Software Foundation |
Apache Tomcat |
2022-03-25 00:00:00 UTC |
CISA |
|
CVE-2017-0146
|
The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2;... |
Microsoft Corporation |
Windows SMB |
2022-03-25 00:00:00 UTC |
CISA |
|
CVE-2016-7892
|
Adobe Flash Player versions 23.0.0.207 and earlier, 11.2.202.644 and earlier have an exploitable use after free vulnerability in the TextField... |
n/a |
Adobe Flash Player 23.0.0.207 and earlier, 11.2.202.644 and earlier |
2022-03-25 00:00:00 UTC |
CISA |