SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary…

Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote …

Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution through the Ve…

Cacti is an open source platform which provides a robust and extensible operational monitoring …

In WhatsUp Gold versions released before 2024.0.0, a SQL Injection vulnerability allows an unau…

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent…

An issue was discovered in rConfig 3.9.2. An attacker can directly execute system commands by s…

An issue was discovered in Webmin <=1.920. The parameter old in password_change.cgi contains a …

login/index.php in CWP (aka Control Web Panel or CentOS Web Panel) 7 before 0.9.8.1147 allows r…

A OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100(W) firmware versi…

A command injection vulnerability in the web server of some Hikvision product. Due to the insuf…

Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Executi…

Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelio…

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Softwa…

** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, was found in…

NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote c…

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to…

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent…

A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow…

Linear eMerge E3-Series devices allow Command Injections.

Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before version 7.6.1…

/vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed module for GLPI through 10.0.2 allow…

An issue was discovered in SaltStack Salt through 3002. Sending crafted web requests to the Sal…

When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and…

Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow r…

In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache…

Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote …

SolarView Compact ver.6.00 was discovered to contain a command injection vulnerability via conf…

The expandArguments function in the database abstraction API in Drupal core 7.x before 7.32 doe…

Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allo…

An issue was discovered in Aviatrix Controller before 7.1.4191 and 7.2.x before 7.2.4996. Due t…

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) …

A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX …

There was a server-side template injection vulnerability in Jira Server and Data Center, in the…

A template injection vulnerability on older versions of Confluence Data Center and Server allow…

In Flowmon versions prior to 11.1.14 and 12.3.5, an operating system command injection vulnerab…

A Remote Command Execution (RCE) vulnerability exists in all series H/W revisions D-link DIR-81…

ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and…

Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73,…

RCE-Remote Command Execution vulnerability in Apache HugeGraph-Server.This issue affects Apache…