A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect f…

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) …

The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 h…

Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expression…

Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote …

Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Executi…

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Softwa…

When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and…

A template injection vulnerability on older versions of Confluence Data Center and Server allow…

ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and…

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent…

Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an a…

Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Informatio…

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to…

A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow…

Cacti is an open source platform which provides a robust and extensible operational monitoring …

Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow r…

Atlassian has been made aware of an issue reported by a handful of customers where external att…

ServiceNow has addressed an input validation vulnerability that was identified in the Washingto…

When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting …

/vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed module for GLPI through 10.0.2 allow…

A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software co…

In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain config…

The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses…

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 …

Adobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earlier) are affected by an im…

A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and…

The Struts 1 plugin in Apache Struts 2.1.x and 2.3.x might allow remote code execution via a ma…

Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution through the Ve…

Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x be…

RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to vi…

Hitachi Vantara Pentaho Business Analytics Server prior to versions 9.4.0.1 and 9.3.0.2, includ…

The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, (7) WIN, and (8) PLT coders…

Microsoft Outlook Elevation of Privilege Vulnerability

Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and e…

A vulnerability in a specific API of Cisco ISE and Cisco ISE-PIC could allow an unauthenticated…

Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , an…

An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-mast…

A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 D…

Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote …