Missing Authentication for Critical Function in Microsoft Bing allows an unauthorized attacker to execute code over a network

Windows NTLM V1 Elevation of Privilege Vulnerability

Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability

Windows OLE Remote Code Execution Vulnerability

In wlan service, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is ...

In wlan AP FW, there is a possible out of bounds write due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed. User interact...

In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution, if a UE has connected to a rogue base station controlled by the attacker, wit...

mySCADA myPRO does not properly neutralize POST requests sent to a specific port with email information. This vulnerability could be exploited by an attacker to execute arbitrary commands on the affec...

OS command injection vulnerability exists in network storage servers STEALTHONE D220/D340 provided by Y'S corporation. An attacker who can access the affected product may execute an arbitrary OS comma...

The Front End Users plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the file uploads field of the registration form in all versions up to, and inclu...

mySCADA myPRO does not properly neutralize POST requests sent to a specific port with version information. This vulnerability could be exploited by an attacker to execute arbitrary commands on the aff...

A maliciously crafted QPY file can potential execute arbitrary-code embedded in the payload without privilege escalation when deserialising QPY formats < 13. A python process calling Qiskit 0.18.0 thr...

A security issue was discovered in Kubernetes where under certain conditions, an unauthenticated attacker with access to the pod network can achieve arbitrary code execution in the context of the ingr...

CWE-1188: Initialization of a Resource with an Insecure Default vulnerability exists that could cause an attacker to execute unauthorized commands when a system’s default password credentials have not...

When String.toUpperCase() caused a string to get longer it was possible for uninitialized memory to be incorporated into the result string This vulnerability affects Firefox < 136 and Thunderbird < 13...

The BuddyBoss Platform Pro plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.7.01. This is due to insufficient verification on the user being supplied dur...

Instantel Micromate lacks authentication on a configuration port which could allow an attacker to execute commands if connected.

SQL injection vulnerability have been found in 101news affecting version 1.0 through the "searchtitle" parameter in search.php.

SQL injection vulnerability have been found in 101news affecting version 1.0 through the "description" parameter in admin/add-category.php.

SQL injection vulnerability have been found in 101news affecting version 1.0 through the "pagetitle" and "pagedescription" parameters in admin/contactus.php.

SQL injection vulnerability have been found in 101news affecting version 1.0 through the "sadminusername" parameter in admin/add-subadmins.php.

SQL injection vulnerability have been found in 101news affecting version 1.0 through the "category" and "subcategory" parameters in admin/add-subcategory.php.

SQL injection vulnerability have been found in 101news affecting version 1.0 through the "pagedescription" parameter in admin/aboutus.php.

SQL injection vulnerability have been found in 101news affecting version 1.0 through the "username" parameter in admin/check_avalability.php.