A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect f…

Apache Log4j2 versions 2.0-alpha1 through 2.16.0 (excluding 2.12.3 and 2.3.1) did not protect f…

Apache Log4j2 2.0-beta9 through 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) …

The Jakarta Multipart parser in Apache Struts 2 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 h…

Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote …

Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Executi…

A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Softwa…

When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and…

ServiceNow has addressed an input validation vulnerability that was identified in Vancouver and…

Improper escaping of output in mod_rewrite in Apache HTTP Server 2.4.59 and earlier allows an a…

Path Equivalence: 'file.Name' (Internal Dot) leading to Remote Code Execution and/or Informatio…

A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to…

A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow…

Multiple Zoho ManageEngine on-premise products, such as ServiceDesk Plus through 14003, allow r…

Atlassian has been made aware of an issue reported by a handful of customers where external att…

When running on Windows with enableCmdLineArguments enabled, the CGI Servlet in Apache Tomcat 9…

ServiceNow has addressed an input validation vulnerability that was identified in the Washingto…

SnakeYaml's Constructor() class does not restrict types which can be instantiated during deseri…

When running Apache Tomcat 7.0.0 to 7.0.79 on Windows with HTTP PUTs enabled (e.g. via setting …

Insufficient data validation in V8 in Google Chrome prior to 87.0.4280.88 allowed a remote atta…

A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software co…

In PHP versions 7.1.x below 7.1.33, 7.2.x below 7.2.24 and 7.3.x below 7.3.11 in certain config…

The REST Plugin in Apache Struts 2.1.1 through 2.3.x before 2.3.34 and 2.5.x before 2.5.13 uses…

active_support/core_ext/hash/conversions.rb in Ruby on Rails before 2.3.15, 3.0.x before 3.0.19…

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 …

A security issue was discovered in Kubernetes where under certain conditions, an unauthenticate…

Adobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earlier) are affected by an im…

A vulnerability in the Cisco Cluster Management Protocol (CMP) processing code in Cisco IOS and…

VMware View Planner 4.x prior to 4.6 Security Patch 1 contains a remote code execution vulnerab…

The Struts 1 plugin in Apache Struts 2.1.x and 2.3.x might allow remote code execution via a ma…

Apache Solr 5.0.0 to Apache Solr 8.3.1 are vulnerable to a Remote Code Execution through the Ve…

A sandbox bypass vulnerability exists in Script Security Plugin 1.49 and earlier in src/main/ja…

Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x be…

Joomla! 1.5.x, 2.x, and 3.x before 3.4.6 allow remote attackers to conduct PHP object injection…

A vulnerability in the web-based management interface of Cisco Prime Infrastructure (PI) and Ci…

Apache Log4j2 versions 2.0-beta7 through 2.17.0 (excluding security fix releases 2.3.2 and 2.12…

RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code when a user attempts to vi…

The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows remote attackers to …

The (1) EPHEMERAL, (2) HTTPS, (3) MVG, (4) MSL, (5) TEXT, (6) SHOW, (7) WIN, and (8) PLT coders…

The register method in the UsersModelRegistration class in controllers/user.php in the Users co…