High
CVSS: 8.7
Improper Input Validation vulnerability in Avid Avid NEXIS E-series on Linux, Avid Avid NEXIS F-series on Linux, Avid Avid NEXIS PRO+ on Linux, Avid System Director Appliance (SDA+) on Linux allows code execution on underlying operating sys…
High
CVSS: 8.6
A vulnerability in the Layer 3 multicast feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 9903 Compact High-Performance Routers could allow an unauth…
High
CVSS: 8.6
A vulnerability in the IPv4 access control list (ACL) feature and quality of service (QoS) policy feature of Cisco IOS XR Software for Cisco ASR 9000 Series Aggregation Services Routers, ASR 9902 Compact High-Performance Routers, and ASR 99…
Critical
CVSS: 9.4
A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions < V6.4.9), SiPass integrated ACC-AP (All versions < V6.4.9). Affected devices improperly sanitize input for the pubkey endpoint of the REST API. This cou…
Critical
CVSS: 9.3
A vulnerability has been identified in SiPass integrated AC5102 (ACC-G2) (All versions < V6.4.9), SiPass integrated ACC-AP (All versions < V6.4.9). Affected devices improperly sanitize user input for specific commands on the telnet command…
Medium
CVSS: 4.9
Improper Input Validation vulnerability in ZTE GoldenDB allows Input Data Manipulation.This issue affects GoldenDB: from 6.1.03 through 6.1.03.04.
Medium
CVSS: 4.8
Concrete CMS versions 9.0.0 through 9.3.9 are affected by a stored XSS in Folder Function.The "Add Folder" functionality lacks input sanitization, allowing a rogue admin to inject XSS payloads as folder names. The Concrete CMS security tea…
Medium
CVSS: 5.1
A vulnerability was found in LinZhaoguan pb-cms 1.0.0 and classified as critical. This issue affects some unknown processing of the file /admin#themes of the component Add New Topic Handler. The manipulation of the argument Topic Key leads…
Medium
CVSS: 6.3
Improper Input Validation vulnerability in Apache Traffic Server.
This issue affects Apache Traffic Server: from 8.0.0 through 8.1.11, from 9.0.0 through 9.2.8, from 10.0.0 through 10.0.3.
Users are recommended to upgrade to version 9.2.9…
Critical
CVSS: 9.3
Volt is an elegantly crafted functional API for Livewire. Malicious, user-crafted request payloads could potentially lead to remote code execution within Volt components. This vulnerability is fixed in 1.7.0.
High
CVSS: 8.1
The WooCommerce Recover Abandoned Cart plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 24.3.0 via deserialization of untrusted input from the 'raccookie_guest_email' cookie. This makes it pos…
High
CVSS: 7.2
LibreOffice supports Office URI Schemes to enable browser integration of LibreOffice with MS SharePoint server. An additional scheme 'vnd.libreoffice.command' specific to LibreOffice was added. In the affected versions of LibreOffice a link…
Medium
CVSS: 5.4
The Ultimate WordPress Auction Plugin plugin for WordPress is vulnerable to unauthorized access to functionality in all versions up to, and including, 4.2.9. This makes it possible for authenticated attackers, with Contributor-level access…
High
CVSS: 8.4
Permission verification bypass vulnerability in the notification module
Impact: Successful exploitation of this vulnerability may affect availability.
High
CVSS: 7.8
Memory corruption while reading a type value from a buffer controlled by the Guest Virtual Machine.
High
CVSS: 7.8
Memory corruption while processing input message passed from FE driver.
High
CVSS: 7.8
Memory corruption while reading a value from a buffer controlled by the Guest Virtual Machine.
High
CVSS: 7.8
Memory corruption may occur during communication between primary and guest VM.
High
CVSS: 7.8
Memory corruption may occur due to improper input validation in clock device.
Medium
CVSS: 6.5
The wpForo Forum plugin for WordPress is vulnerable to arbitrary file read due to insufficient input validation in the 'update' method of the 'Members' class in all versions up to, and including, 2.4.1. This makes it possible for authentica…