Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote …

Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution through the Ve…

Cacti is an open source platform which provides a robust and extensible operational monitoring …

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent…

The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle …

Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Executi…

Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelio…

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Softwa…

A remote code execution vulnerability exists in the way that the Microsoft Server Message Block…

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to…

Buffer overflow in the ScStoragePathFromUrl function in the WebDAV service in Internet Informat…

A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow…

/vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed module for GLPI through 10.0.2 allow…

When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and…

Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow r…

Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote …

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) …

A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX …

There was a server-side template injection vulnerability in Jira Server and Data Center, in the…

A template injection vulnerability on older versions of Confluence Data Center and Server allow…

Microsoft Office 2007 Service Pack 3, Microsoft Office 2010 Service Pack 2, Microsoft Office 20…

ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and…

Sensitive information disclosure in NetScaler ADC and NetScaler Gateway when configured as a Ga…

Atlassian has been made aware of an issue reported by a handful of customers where external att…

Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expression…

The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses…

A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect f…

It is possible to inject malicious OGNL or MVEL scripts into the /context.json public endpoint.…

A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and…

The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 h…

An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-mast…

When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting …

In Apache Struts 2.0.0 through 2.3.33 and 2.5 through 2.5.10.1, using an unintentional expressi…

A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX …

When running on Windows with enableCmdLineArguments enabled, the CGI Servlet in Apache Tomcat 9…

vBulletin 5.5.4 through 5.6.2 allows remote command execution via crafted subWidgets data in an…

Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Informatio…

The Struts 1 plugin in Apache Struts 2.1.x and 2.3.x might allow remote code execution via a ma…

OleAut32.dll in OLE in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 200…

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 …