Description anji-plus AJ-Report is affected by an authentication bypass vulnerability. A remote and unauthenticated attacker can append “;swagger-ui” to HTTP
Description Improper Control of Generation of Code (‘Code Injection’) vulnerability in Apache InLong. This issue affects Apache InLong: from 1.10.0
Description The specific API in TCBServiSign Windows Version from CHANGING Information Technology does not properly validate server-side input. When a
Description Improper Privilege Management vulnerability in Revmakx Backup and Staging by WP Time Capsule allows Privilege Escalation, Authentication Bypass. This
Description Improper Privilege Management vulnerability in IdeaBox PowerPack for Beaver Builder allows Privilege Escalation.This issue affects PowerPack for Beaver Builder:
Description A vulnerability exists in Rockwell Automation affected products that allows a threat actor to bypass the Trusted® Slot feature
Description Elektra is an opinionated Openstack Dashboard for Operators and Consumers of Openstack Services. A code injection vulnerability was found
Description REXML is an XML toolkit for Ruby. The REXML gem before 3.3.2 has some DoS vulnerabilities when it parses
Description There is a MEDIUM severity vulnerability affecting CPython. The email module didn’t properly quote newlines for email headers when
Description Dell InsightIQ, Verion 5.0.0, contains a use of a broken or risky cryptographic algorithm vulnerability. An unauthenticated remote attacker
Description A vulnerability was found in SourceCodester Tracking Monitoring Management System 1.0. It has been classified as critical. This affects
Description A vulnerability was found in Point B Ltd Getscreen Agent 2.19.6 on Windows. It has been declared as critical.
Description ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DIR-600 up to 2.18. It has been rated
Description An issue in beego v.2.2.0 and before allows a remote attacker to escalate privileges via the getCacheFileName function in
Description A command injection vulnerability could allow an authenticated user to execute operating system commands as root via a specially
Description OS command injection vulnerability exists in ELECOM wireless LAN routers. A specially crafted request may be sent to the
Description slpd-lite is a unicast SLP UDP server. Any OpenBMC system that includes the slpd-lite package is impacted. Installing this
Description Stack-based buffer overflow vulnerability in Tenda AC18 V15.03.3.10_EN allows a remote attacker to execute arbitrary code via the ssid
Description FOG is a cloning/imaging/rescue suite/inventory management system. An improperly restricted file upload feature allows authenticated users to execute arbitrary
Description Remote Code Execution in Cato Windows SDP client via crafted URLs. This issue affects Windows SDP Client before 5.10.34.
Description The Weave server API allows remote users to fetch files from a specific directory, but due to a lack
Description XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user
Description A “CWE-732: Incorrect Permission Assignment for Critical Resource” in the ThermoscanIP installation folder allows a local attacker to perform
Description A vulnerability was found in TOTOLINK CP450 4.1.0cu.747_B20191224. It has been classified as critical. This affects an unknown part