Total
28799 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-3689 | 1 Xmb Forum | 1 Xmb | 2024-02-14 | 5.0 MEDIUM | N/A |
| post.php in XMB 1.9.2 allows remote attackers to obtain the installation path via an invalid fid parameter in a newthread action. | |||||
| CVE-2004-2418 | 1 Whitsoft Development | 1 Slimftpd | 2024-02-14 | 7.2 HIGH | N/A |
| Buffer overflow in SlimFTPd 3.15 and earlier allows local users to execute arbitrary code via a long command, such as (1) CWD, (2) STOR, (3) MKD, and (4) STAT. | |||||
| CVE-2002-2217 | 1 Comscripts | 1 Web Server Creator | 2024-02-14 | 7.5 HIGH | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Web Server Creator - Web Portal (WSC-WebPortal) 0.1 allow remote attackers to execute arbitrary PHP code via a URL in the (1) l parameter to customize.php or the (2) pg parameter to index.php. | |||||
| CVE-2006-1668 | 1 Crafty Syntax Image Gallery | 1 Crafty Syntax Image Gallery | 2024-02-14 | 9.0 HIGH | N/A |
| newimage.php in Eric Gerdes Crafty Syntax Image Gallery (CSIG) (aka PHP thumbnail Photo Gallery) 3.1g and earlier allows remote authenticated users to upload and execute arbitrary PHP code via a multipart/form-data POST with a .jpg filename in the fullimage parameter and the ext parameter set to .php. | |||||
| CVE-2001-1367 | 1 Phpslice | 1 Phpslice | 2024-02-14 | 10.0 HIGH | N/A |
| The checkAccess function in PHPSlice 0.1.4, and all other versions between 0.1.1 and 0.1.6, does not properly verify the administrative access level, which could allow remote attackers to gain privileges. | |||||
| CVE-2006-2332 | 1 Mozilla | 1 Firefox | 2024-02-14 | 2.6 LOW | N/A |
| Mozilla Firefox 1.5.0.3 allows remote attackers to cause a denial of service via a web page with a large number of IMG elements in which the SRC attribute is a mailto URI. NOTE: another researcher found that the web page caused a temporary browser slowdown instead of a crash. | |||||
| CVE-2005-2868 | 1 Ziptorrent | 1 Ziptorrent | 2024-02-14 | 2.1 LOW | N/A |
| ZipTorrent 1.3.7.3 stores sensitive information in plaintext in the pref.txt file, which allows local users to obtain sensitive information such as proxy server information and passwords. | |||||
| CVE-2006-1073 | 1 Simplog | 1 Simplog | 2024-02-14 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in index.php in Daverave Simplog 1.0.2 and earlier allows remote attackers to include or read arbitrary .txt files via the (1) act and (2) blogid parameters. | |||||
| CVE-2006-6712 | 1 Sugarcrm | 1 Sugarcrm | 2024-02-14 | 6.8 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in SugarCRM Open Source 4.5.0f and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors in crafted email messages. | |||||
| CVE-2023-32479 | 2 Dell, Microsoft | 4 Encryption, Endpoint Security Suite Enterprise, Security Management Server and 1 more | 2024-02-13 | N/A | 7.8 HIGH |
| Dell Encryption, Dell Endpoint Security Suite Enterprise, and Dell Security Management Server versions prior to 11.9.0 contain privilege escalation vulnerability due to improper ACL of the non-default installation directory. A local malicious user could potentially exploit this vulnerability by replacing binaries in installed directory and taking reverse shell of the system leading to Privilege Escalation. | |||||
| CVE-2024-20826 | 1 Samsung | 1 Uphelper Library | 2024-02-13 | N/A | 5.5 MEDIUM |
| Implicit intent hijacking vulnerability in UPHelper library prior to version 4.0.0 allows local attackers to access sensitive information via implicit intent. | |||||
| CVE-2024-20827 | 1 Samsung | 1 Gallery | 2024-02-13 | N/A | 4.6 MEDIUM |
| Improper access control vulnerability in Samsung Gallery prior to version 14.5.04.4 allows physical attackers to access the picture using physical keyboard on the lockscreen. | |||||
| CVE-2022-23821 | 1 Amd | 214 Athlon 3015ce, Athlon 3015ce Firmware, Athlon 3015e and 211 more | 2024-02-13 | N/A | 9.8 CRITICAL |
| Improper access control in System Management Mode (SMM) may allow an attacker to write to SPI ROM potentially leading to arbitrary code execution. | |||||
| CVE-2020-12931 | 1 Amd | 215 Amd 3015ce, Amd 3015ce Firmware, Amd 3015e and 212 more | 2024-02-13 | N/A | 7.8 HIGH |
| Improper parameters handling in the AMD Secure Processor (ASP) kernel may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity. | |||||
| CVE-2020-12930 | 1 Amd | 219 Amd 3015ce, Amd 3015ce Firmware, Amd 3015e and 216 more | 2024-02-13 | N/A | 7.8 HIGH |
| Improper parameters handling in AMD Secure Processor (ASP) drivers may allow a privileged attacker to elevate their privileges potentially leading to loss of integrity. | |||||
| CVE-2023-47354 | 1 Binhdrm26 | 1 Super Reboot | 2024-02-13 | N/A | 7.8 HIGH |
| An issue in the PowerOffWidgetReceiver function of Super Reboot (Root) Recovery v1.0.3 allows attackers to arbitrarily reset or power off the device via a crafted intent | |||||
| CVE-2023-47889 | 1 Binhdrm26 | 1 Super Reboot | 2024-02-13 | N/A | 7.8 HIGH |
| The Android application BINHDRM26 com.bdrm.superreboot 1.0.3, exposes several critical actions through its exported broadcast receivers. These exposed actions can allow any app on the device to send unauthorized broadcasts, leading to unintended consequences. The vulnerability is particularly concerning because these actions include powering off, system reboot & entering recovery mode. | |||||
| CVE-2023-43183 | 1 Reprise | 1 License Manager | 2024-02-13 | N/A | 8.8 HIGH |
| Incorrect access control in Reprise License Management Software Reprise License Manager v15.1 allows read-only users to arbitrarily change the password of an admin and hijack their account. | |||||
| CVE-2023-44031 | 1 Reprise | 1 License Manager | 2024-02-13 | N/A | 7.5 HIGH |
| Incorrect access control in Reprise License Management Software Reprise License Manager v15.1 allows attackers to arbitrarily save sensitive files in insecure locations via a crafted POST request. | |||||
| CVE-2021-46903 | 1 Meinbergglobal | 1 Lantime Firmware | 2024-02-13 | N/A | 6.5 MEDIUM |
| An issue was discovered in LTOS-Web-Interface in Meinberg LANTIME-Firmware before 6.24.029 MBGID-9343 and 7 before 7.04.008 MBGID-6303. An admin can delete required user accounts (in violation of expected access control). | |||||