Check CVE Id
Check CWE Id
Landesk Management Suite 9.5 RFI / CSRF
CVEMAP Search Results
IBM Maximo for Civil Infrastructure 7.6.2 includes executable functionality (such as a library) from a source that is outside of the intended control sphere. IBM X-Force ID: 196619.
It was possible to execute a ReDoS-type attack inside CKEditor 4 before 4.16 by persuading a victim to paste crafted URL-like text into the editor, and then press Enter or Space (in the Autolink plugin).
It was possible to execute a ReDoS-type attack inside CKEditor 4 before 4.16 by persuading a victim to paste crafted text into the Styles input of specific dialogs (in the Advanced Tab for Dialogs plugin).
The Management Interface of the Teradici Cloud Access Connector and Cloud Access Connector Legacy for releases prior to April 20, 2020 (v15 and earlier for Cloud Access Connector) contains a local file inclusion vulnerability which allows an unauthenticated remote attacker to leak LDAP credentials via a specially crafted HTTP request.
An issue was discovered in Avast Antivirus before 20. The aswTask RPC endpoint for the TaskEx library in the Avast Service (AvastSvc.exe) allows attackers to make arbitrary changes to the Components section of the Stats.ini file via RPC from a Low Integrity process.
NetApp OnCommand System Manager 2.1 and earlier allows remote attackers to include arbitrary files through specially crafted requests to the "diagnostic" page using the SnapMirror log path parameter.
The (1) create_branch, (2) create_tag, (3) import_project, and (4) fork_project functions in lib/gitlab_projects.rb in GitLab 5.0 before 5.4.2, Community Edition before 6.2.4, Enterprise Edition before 6.2.1 and gitlab-shell before 1.7.8 allows remote authenticated users to include information from local files into the metadata of a Git repository via the web interface.
Gallery Plugin1.4 for WordPress has a Remote File Include Vulnerability
If an image had not loaded correctly (such as when it is not actually an image), it could be dragged and dropped cross-domain, resulting in a cross-origin information leak. This vulnerability affects Firefox < 71.
Back to Top