RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to vi…

udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which…

client_side.cc in Squid before 3.5.18 and 4.x before 4.0.10 does not properly ignore the Host h…

<p>A remote code execution vulnerability exists in Microsoft SharePoint when the software fails…

The PDF reader in Mozilla Firefox before 39.0.3, Firefox ESR 38.x before 38.1.1, and Firefox OS…

An incorrect access control issue was discovered in Interlink PSG-5124 version 1.0.4, allows at…

Jenkins 2.217 through 2.441 (both inclusive), LTS 2.222.1 through 2.426.2 (both inclusive) does…

mime_header.cc in Squid before 3.5.18 allows remote attackers to bypass intended same-origin re…

Hawt Hawtio through 2.5.0 is vulnerable to SSRF, allowing a remote attacker to trigger an HTTP …

Langflow versions up to and including 1.6.9 contain a chained vulnerability that enables accoun…

Due to the formatting logic of the "console.table()" function it was not safe to allow user con…

An arbitrary file upload vulnerability in Trend Micro Apex Central could allow an unauthenticat…

ManageEngine ADSelfService Plus GINA Client Insufficient Verification of Data Authenticity Auth…

Inappropriate implementation in Performance API in Google Chrome prior to 88.0.4324.96 allowed …

GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss …

The upgrade functionality in Malwarebytes Anti-Malware (MBAM) consumer before 2.0.3 and Malware…

Plex media server 1.21 and before is vulnerable to ddos reflection attack via plex service.

A security feature bypass vulnerability exists in the way Key Distribution Center (KDC) determi…

In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, due to a code log…

This vulnerability, if exploited, allows an attacker to perform privileged RCE (Remote Code Exe…

User interface (ui) misrepresentation of critical information in Microsoft Exchange Server allo…

By default, DNS servers on Windows NT 4.0 and Windows 2000 Server cache glue records received f…

Apache Maven will follow repositories that are defined in a dependency’s Project Object Model (…

Flowise is a drag & drop user interface to build a customized large language model flow. In ver…

The mod_dav_svn server in Subversion 1.5.0 through 1.7.19 and 1.8.0 through 1.8.11 allows remot…

The SecurityTokenService (STS) in Apache CXF before 2.6.12 and 2.7.x before 2.7.9 does not prop…

Samba 3.x and 4.x before 4.1.22, 4.2.x before 4.2.7, and 4.3.x before 4.3.3 supports connection…

Insufficient data validation in USB in Google Chrome prior to 119.0.6045.105 allowed a remote a…

Versions of handlebars prior to 4.3.0 are vulnerable to Prototype Pollution leading to Remote C…

The CORS Filter in Apache Tomcat 9.0.0.M1 to 9.0.0.M21, 8.5.0 to 8.5.15, 8.0.0.RC1 to 8.0.44 an…

The (1) mbed_connect_step1 function in lib/vtls/mbedtls.c and (2) polarssl_connect_step1 functi…

The ParseRoster component in the Ignite Realtime Smack XMPP API before 4.0.0-rc1 does not verif…

IP address spoofing when proxying using mod_remoteip and mod_rewrite For configurations using p…

The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, …

A remote code execution vulnerability exists when the Windows font library improperly handles s…

Parity Browser 1.6.10 and earlier allows remote attackers to bypass the Same Origin Policy and …

The Solarwinds Dameware Mini Remote Client agent v12.1.0.89 supports smart card authentication …

Heimdal before 7.4 allows remote attackers to impersonate services with Orpheus' Lyre attacks b…

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serializat…

A remote code execution vulnerability was found in Shim. The Shim boot support trusts attacker-…