SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary…

Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote …

Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution through the Ve…

Cacti is an open source platform which provides a robust and extensible operational monitoring …

In WhatsUp Gold versions released before 2024.0.0, a SQL Injection vulnerability allows an unau…

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent…

Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Executi…

Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelio…

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Softwa…

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to…

A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow…

/vendor/htmlawed/htmlawed/htmLawedTest.php in the htmlawed module for GLPI through 10.0.2 allow…

When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and…

Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow r…

Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote …

The expandArguments function in the database abstraction API in Drupal core 7.x before 7.32 doe…

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) …

A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX …

There was a server-side template injection vulnerability in Jira Server and Data Center, in the…

A template injection vulnerability on older versions of Confluence Data Center and Server allow…

ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and…

Vulnerability in SonicWall SMA100 allow unauthenticated user to gain read-only access to unauth…

Atlassian has been made aware of an issue reported by a handful of customers where external att…

Apache Struts 2.0.0 through 2.3.15 allows remote attackers to execute arbitrary OGNL expression…

The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses…

A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect f…

It is possible to inject malicious OGNL or MVEL scripts into the /context.json public endpoint.…

An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attac…

A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and…

The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 h…

An issue was discovered in rConfig through 3.9.4. The web interface is prone to a SQL injection…

In Progress MOVEit Transfer before 2021.0.6 (13.0.6), 2021.1.4 (13.1.4), 2022.0.4 (14.0.4), 202…

An issue was discovered in SaltStack Salt before 2019.2.4 and 3000 before 3000.2. The salt-mast…

When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting …

In Apache Struts 2.0.0 through 2.3.33 and 2.5 through 2.5.10.1, using an unintentional expressi…

A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX …

When running on Windows with enableCmdLineArguments enabled, the CGI Servlet in Apache Tomcat 9…

vBulletin 5.5.4 through 5.6.2 allows remote command execution via crafted subWidgets data in an…

Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Informatio…

The Struts 1 plugin in Apache Struts 2.1.x and 2.3.x might allow remote code execution via a ma…