Каталог уязвимостей Сканер-ВС

CVE-2022-44877

EPSS Score

0.9443

CVSS 3.x

Score: 9.8

login/index.php in CWP (aka Control Web Panel or CentOS Web Panel) 7 before 0.9.8.1147 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the logi...

Click to view details

CVE-2022-29464

CRITICAL 9.8

EPSS Score

0.9443

CVSS 3.x

Score: 9.8

Sources

nvd

Определенные продукты WSO2 допускают неограниченную загрузку файлов с последующим удаленным выпол...

Click to view details

CVE-2020-11978

HIGH 8.8

EPSS Score

0.9443

CVSS 3.x

Score: 8.8

Sources

nvd

An issue was found in Apache Airflow versions 1.10.10 and below. A remote code/command injection vulnerability was discovered in one of the example DAGs shipped with Airflow which ...

Click to view details

CVE-2021-40438

CRITICAL 9.0

EPSS Score

0.9443

CVSS 3.x

Score: 9.0

Sources

astradebiannvdredhatubuntu

A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.

Click to view details

CVE-2019-9670

CRITICAL 9.8

EPSS Score

0.9443

CVSS 3.x

Score: 9.8

Sources

nvd

Компонент mailboxd в Synacor Zimbra Collaboration Suite 8.7.x до 8.7.11p10 имеет уязвимость XML External Entity injection (XXE), как это демон...

Click to view details

CVE-2022-36804

HIGH 8.8

EPSS Score

0.9443

CVSS 3.x

Score: 8.8

Sources

nvd

Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before version 7.6.17, from version 7.7.0 before version 7.17.10, from version 7.18.0 before version 7.21...

Click to view details

CVE-2019-16759

CRITICAL 9.8

EPSS Score

0.9443

CVSS 3.x

Score: 9.8

Sources

nvd

vBulletin 5.x through 5.5.4 allows remote command execution via the widgetConfig[code] parameter in an ajax/render/widget_php routestring request.

Click to view details

CVE-2018-11776

HIGH 8.1

EPSS Score

0.9443

CVSS 3.x

Score: 8.1

Sources

debiannvdubuntu

Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention...

Click to view details

CVE-2021-42013

CRITICAL 9.8

EPSS Score

0.9443

CVSS 3.x

Score: 9.8

Sources

debiannvdubuntu

Было обнаружено, что исправление для CVE-2021-41773 в Apache HTTP Server 2.4.50 было недостаточным. Злоумышленник мо...

Click to view details

CVE-2022-40684

CRITICAL 9.8

EPSS Score

0.9443

CVSS 3.x

Score: 9.8

Sources

nvd

An authentication bypass using an alternate path or channel [CWE-288] in Fortinet FortiOS version 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy version 7.2.0 and version ...

Click to view details

CVE-2022-47966

CRITICAL 9.8

EPSS Score

0.9443

CVSS 3.x

Score: 9.8

Sources

nvd

Множественные локальные продукты Zoho ManageEngine, такие как ServiceDesk Plus до версии 14003, позволяют удаленное ...

Click to view details

CVE-2022-26134

CRITICAL 9.8

EPSS Score

0.9443

CVSS 3.x

Score: 9.8

Sources

nvd

In affected versions of Confluence Server and Data Center, an OGNL injection vulnerability exists that would allow an unauthenticated attacker to execute arbitrary code on a Conflu...

Click to view details

CVE-2017-3506

HIGH 7.4

EPSS Score

0.9442

CVSS 3.x

Score: 7.4

Sources

nvd

Уязвимость в компоненте Oracle WebLogic Server приложения Oracle Fusion Middleware (подкомпонент: Web Services). Поддерживаем...

Click to view details

CVE-2021-40539

CRITICAL 9.8

EPSS Score

0.9442

CVSS 3.x

Score: 9.8

Sources

nvd

Zoho ManageEngine ADSelfService Plus версии 6113 и более ранних версий уязвим для обхода аутентификации REST API с после�...

Click to view details

CVE-2022-1040

CRITICAL 9.8

EPSS Score

0.9442

CVSS 3.x

Score: 9.8

Sources

nvd

An authentication bypass vulnerability in the User Portal and Webadmin allows a remote attacker to execute code in Sophos Firewall version v18.5 MR3 and older.

Click to view details

CVE-2019-7609

CRITICAL 10.0

EPSS Score

0.9442

CVSS 3.x

Score: 10.0

Sources

nvdredhat

Версии Kibana до 5.6.15 и 6.6.1 содержат недостаток в выполнении произвольного кода в компоненте визуализ�...

Click to view details

CVE-2018-2628

CRITICAL 9.8

EPSS Score

0.9442

CVSS 3.x

Score: 9.8

Sources

nvd

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, ...

Click to view details

CVE-2022-24706

CRITICAL 9.8

EPSS Score

0.9442

CVSS 3.x

Score: 9.8

Sources

debiannvd

В Apache CouchDB до 3.2.2 злоумышленник может получить доступ к неправильно защищенной установке по умолча...

Click to view details

CVE-2020-0796

CRITICAL 10.0

EPSS Score

0.9442

CVSS 3.x

Score: 10.0

Sources

msrcnvd

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block 3.1.1 (SMBv3) protocol handles certain requests, aka 'Windows SMBv3 Client/Server Re...

Click to view details

CVE-2020-0688

HIGH 8.8

EPSS Score

0.9442

CVSS 3.x

Score: 8.8

Sources

msrcnvd

Существует уязвимость удаленного выполнения кода в программном обеспечении Microsoft Exchange, когда про�...

Click to view details

CVE-2024-21887

CRITICAL 9.1

EPSS Score

0.9442

CVSS 3.x

Score: 9.1

Sources

nvd

A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and Ivanti Policy Secure (9.x, 22.x) allows an authenticated administrator to send special...

Click to view details

Page 3 of 20358

427498 total vulnerabilities

Russian Vulnerability Scanner Database

Vulnerabilities

Filters & Sorting

Sort by

Score Filters

Sources

CVE-2022-44877

CVE-2022-29464

CVE-2020-11978

CVE-2021-40438

CVE-2019-9670

CVE-2022-36804

CVE-2019-16759

CVE-2018-11776

CVE-2021-42013

CVE-2022-40684

CVE-2022-47966

CVE-2022-26134

CVE-2017-3506

CVE-2021-40539

CVE-2022-1040

CVE-2019-7609

CVE-2018-2628

CVE-2022-24706

CVE-2020-0796

CVE-2020-0688

CVE-2024-21887