CWE:
 

Topic
Date
Author
High
ASUS RT-AC66U Remote Root Shell Exploit - acsd param command
28.07.2013
Jacob Holcomb/Gimppy a...
High
Adobe ColdFusion 9 / 10 Remote Root
08.05.2013
HTP
High
Cisco Security Agent Web Management Interface Bug Lets Remote Users Execute Arbitrary Code
14.04.2011
Gerry Eisenhaur
High
Sun Java Applet2ClassLoader Remote Code Execution Exploit
18.03.2011
metasploit
High
RSA, The Security Division of EMC, announces a fix for potential security vulnerability in RSA Access Manager Server
18.03.2011
EMC Product Security R...
High
FreeBSD <= 6.4 Netgraph Local Privledge Escalation Exploit
11.03.2011
zx2c4
High
Citrix Access Gateway Command Execution
07.03.2011
metasploit
High
HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
15.01.2011
HP
Med.
Palm webOS Camera Application, Unauthorized WriteAccess
03.11.2010
HP
Med.
Palm webOS, Code execution vulnerability in Palm webOSservice API
03.11.2010
HP
High
Palm webOS, webOS Doc Viewer, Execution of ArbitraryCode
03.11.2010
HP
High
HP Insight Control Server Migration for Windows, Remote Cross Site Scripting (XSS), Privilege Escalation, Unauthorized Access
03.11.2010
HP
High
Firefox 3.6.8 - 3.6.11 Interleaving document.write and appendChild Exploit (From the Wild)
03.11.2010
unknown
High
Firefox Interleaving document.write and appendChild Denial of Service
03.11.2010
Daniel Veditz
High
HP ProCurve Access Points, Access Controllers, andMobility Controllers, Privilege Escalation
20.10.2010
HP Software Security R...
Low
RSA, The Security Division of EMC, informs about potential security vulnerability in RSA enVision&#174; versions prior to 3.7 SP
11.08.2010
EMC Product Security R...
High
Micrologix 1100 and 1400 controllers multiple vulnerabilities
18.01.2010
Eyal Udassin from C4
Low
Android Denial Of Service Issues
16.10.2009
Andrea Barisani
High
Siemens Gigaset SE361 Wlan - Remote Reboot
24.09.2009
crashbrz
Low
Exploiting Chrome and Opera\'s inbuilt ATOM/RSS reader with Script Execution and more
22.09.2009
Inferno
High
Accellion File Transfer - SPAM Engine Vulnerabilities
24.08.2009
Eric BEAULIEU
Low
Crashing ZoneAlarm 8.0.020.000 by Checkpoint (Component : TrueVector)
24.08.2009
quakerdoomer
High
Solaris 9 PortBind XDR-DECODE taddr2uaddr() Remote DoS Exploit
22.10.2008
Federico L. Bossi Boni...
Med.
Adobe Acrobat 9 ActiveX Remote Denial of Service Exploit
17.09.2008
Jeremy Brown
Low
DiskCryptor Security Model bypass exploiting wrong BIOS API usage
05.09.2008
iViZ Security Advisori...
High
HPSBMA02362 SSRT080044, SSRT080045 rev.1 - HP OpenView Network Node Manager (OV
04.09.2008
HP Software Security R...
Med.
IE 5.22 on Mac Transmitting HTTP Referer from Secure Page
18.07.2008
Thor Larholm


CVEMAP Search Results

CVE
Details
Description
2018-10-16
Low
CVE-2018-3283

Vendor: Oracle
Software: Mysql
 

 
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Logging). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).

 
Low
CVE-2018-3284

Vendor: Oracle
Software: Mysql
 

 
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H).

 
2018-09-05
Medium
CVE-2018-16543

Vendor: Artifex
Software: Ghostscript
 

 
In Artifex Ghostscript before 9.24, gssetresolution and gsgetresolution allow attackers to have an unspecified impact.

 
2018-08-17
Low
CVE-2018-15352

Vendor: Kraftway
Software: 24f2xg firmware
 

 
An attacker with low privileges can cause denial of service in Kraftway 24F2XG Router firmware version 3.5.30.1118.

 
2018-08-06
Medium
CVE-2017-8990

Vendor: HP
Software: Imc wireless...
 

 
A remote code execution vulnerability was identified in HPE Intelligent Management Center (iMC) Wireless Service Manager (WSM) Software earlier than version WSM 7.3 (E0506). This issue was resolved in HPE IMC Wireless Services Manager Software IMC WSM 7.3 E0506P01 or subsequent version.

 
Medium
CVE-2018-7074

Vendor: HP
Software: Intelligent ...
 

 
A remote code execution vulnerability was identified in HPE Intelligent Management Center (iMC) PLAT 7.3 E0506P07. The vulnerability was resolved in iMC PLAT 7.3 E0605P04 or subsequent version.

 
High
CVE-2018-7078

Vendor: HP
Software: Integrated l...
 

 
A remote code execution was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than version v2.60 and HPE Integrated Lights-Out 5 (iLO 5) earlier than version v1.30.

 
2018-07-19
Medium
CVE-2018-7602

Vendor: Drupal
Software: Drupal
 

 
A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability is related to Drupal core - Highly critical - Remote Code Execution - SA-CORE-2018-002. Both SA-CORE-2018-002 and this vulnerability are being exploited in the wild.

 
2018-07-10
High
CVE-2018-8327

Updating...
 

 
A remote code execution vulnerability exists in PowerShell Editor Services, aka "PowerShell Editor Services Remote Code Execution Vulnerability." This affects PowerShell Editor, PowerShell Extension.

 
2018-06-27
High
CVE-2018-5435

Vendor: Tibco
Software: Spotfire analyst
 

 
The TIBCO Spotfire Client and TIBCO Spotfire Web Player Client components of TIBCO Software Inc.'s TIBCO Spotfire Analyst, TIBCO Spotfire Analytics Platform for AWS Marketplace, TIBCO Spotfire Deployment Kit, TIBCO Spotfire Desktop, and TIBCO Spotfire Desktop Language Packs contain multiple vulnerabilities that may allow for remote code execution. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Analyst: versions up to and including 7.8.0; 7.9.0; 7.9.1; 7.10.0; 7.10.1; 7.11.0; 7.12.0, TIBCO Spotfire Analytics Platform for AWS Marketplace: versions up to and including 7.12.0, TIBCO Spotfire Deployment Kit: versions up to and including 7.8.0; 7.9.0;7.9.1;7.10.0;7.10.1;7.11.0; 7.12.0, TIBCO Spotfire Desktop: versions up to and including 7.8.0; 7.9.0; 7.9.1; 7.10.0; 7.10.1; 7.11.0;7.12.0, TIBCO Spotfire Desktop Language Packs: versions up to and including 7.8.0; 7.9.0; 7.9.1; 7.10.0; 7.10.1; 7.11.0.

 

 


Copyright 2018, cxsecurity.com

 

Back to Top