An issue was discovered in Moxa OnCell OnCellG3470A-LTE, AWK-1131A/3131A/4131A Series, AWK-3191 Series, AWK-5232/6232 Series, AWK-1121/1127 Series, WAC-1001 V2 Series, WAC-2004 Series, AWK-3121-M12-RT...

VMware vRealize Operations (aka vROps) 6.x before 6.4.0 allows remote authenticated users to gain privileges, or halt and remove virtual machines, via unspecified vectors.

The PasswordReset.Controllers.ResetController.ChangePasswordIndex method in PasswordReset.dll in Dovestones AD Self Password Reset before 3.0.4.0 allows remote attackers to reset arbitrary passwords v...

SearchBlox 8.3 before 8.3.1 allows remote attackers to write to the config file, and consequently cause a denial of service (application crash), via unspecified vectors.

The Data Protection component in the VMware vSphere GUI in IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware (aka Spectrum Protect for Virtual Environments) 6.3 before 6....

A vulnerability in the web console of the Cisco Cloud Services Platform (CSP) 2100 could allow an authenticated, remote attacker to interact maliciously with the services or virtual machines (VMs) ope...

Remote Command Execution in com.trend.iwss.gui.servlet.ManagePatches in Trend Micro Interscan Web Security Virtual Appliance (IWSVA) version 6.5-SP2_Build_Linux_1707 and earlier allows authenticated, ...

lshell 0.9.16 allows remote authenticated users to break out of a limited shell and execute arbitrary commands.

lshell 0.9.16 allows remote authenticated users to break out of a limited shell and execute arbitrary commands.

The portal client in IBM Tivoli Monitoring (ITM) 6.2.2 through FP9, 6.2.3 through FP5, and 6.3.0 through FP6 allows remote authenticated users to gain privileges via unspecified vectors.

A vulnerability was found in SourceCodester Best Fee Management System 1.0. It has been rated as critical. Affected by this issue is the function save_user of the file admin_class.php of the component...

Broken Access Control vulnerability in Permalink Manager Lite plugin <= 2.2.20 on WordPress.

Missing Access Control vulnerability in PHP Crafts Accommodation System plugin <= 1.0.1 at WordPress.

Missing Access Control vulnerability in About Rentals. Inc. About Rentals plugin <= 1.5 at WordPress.

Broken Access Control vulnerability in Beaver Builder plugin <= 2.5.4.3 at WordPress.

Broken Access Control vulnerability in Alessio Caiazza's About Me plugin <= 1.0.12 at WordPress.

Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Insecure Permissions.

Authentication Bypass vulnerability in miniOrange WP OAuth Server plugin <= 3.0.4 at WordPress.

Pro Features Lock Bypass vulnerability in Countdown & Clock plugin <= 2.3.2 at WordPress.

Unauthenticated Privilege Escalation vulnerability in WordPress uListing plugin (versions <= 2.0.5). Possible if WordPress configuration allows user registration.

A vulnerability in the authorization controls for the Cisco IOx application hosting infrastructure in Cisco IOS XE Software could allow an unauthenticated, remote attacker to execute Cisco IOx API com...

A vulnerability in the Cisco Common Services Platform Collector (CSPC) could allow an unauthenticated, remote attacker to access an affected device by using an account that has a default, static passw...

A vulnerability in the web-based management interface of Cisco Data Center Network Manager (DCNM) could allow an unauthenticated, remote attacker to upload arbitrary files on an affected device. The v...

AsusPTPFilter.sys on Asus Precision TouchPad 11.0.0.25 hardware has a Pool Overflow associated with the \\.\AsusTP device, leading to a DoS or potentially privilege escalation via a crafted DeviceIoCo...