A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect f…

Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect f…

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) …

The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 h…

Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote …

Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Executi…

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Softwa…

When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and…

ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and…

The expandArguments function in the database abstraction API in Drupal core 7.x before 7.32 doe…

SQL injection vulnerability in Joomla! 3.2 before 3.4.4 allows remote attackers to execute arbi…

Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an a…

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allo…

Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Informatio…

In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 202…

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to…

Vulnerability in SonicWall SMA100 allow unauthenticated user to gain read-only access to unauth…

A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow…

SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary…

Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow r…

Atlassian has been made aware of an issue reported by a handful of customers where external att…

An issue was discovered in rConfig through 3.9.4. The web interface is prone to a SQL injection…

When running on Windows with enableCmdLineArguments enabled, the CGI Servlet in Apache Tomcat 9…

SnakeYaml's Constructor() class does not restrict types which can be instantiated during deseri…

When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting …

Insufficient data validation in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote atta…

An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attac…

A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software co…

In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain config…

The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses…

active_support/core_ext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19…

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 …

A security issue was discovered in Kubernetes where under certain conditions, an unauthenticate…

Adobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earlier) are affected by an im…

A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and…

VMware View Planner 4.x prior to 4.6 Security Patch 1 contains a remote code execution vulnerab…

The Struts 1 plugin in Apache Struts 2.1.x and 2.3.x might allow remote code execution via a ma…

Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution through the Ve…

A improper neutralization of special elements used in an sql command ('sql injection') in Forti…

Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x be…