Windows Remote Access Connection Manager Elevation of Privilege Vulnerability

Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability

Windows Line Printer Daemon (LPD) Service Remote Code Execution Vulnerability

An improper access control vulnerability in GroupMe allows an a unauthenticated attacker to elevate privileges over a network.

Weak authentication in Microsoft Dynamics 365 allows an unauthenticated attacker to elevate privileges over a network.

HashiCorp’s go-getter library is vulnerable to argument injection when executing Git to discover remote branches. This vulnerability does not affect the go-getter/v2 branch and package.

Sites managed in S@M CMS (Concept Intermedia) might be vulnerable to a blind SQL Injection executed using the search bar. Only a part of observed services is vulnerable, but since vendor has not inves...

Windows Reliable Multicast Transport Driver (RMCAST) Remote Code Execution Vulnerability

Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability

Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability

Windows Remote Desktop Licensing Service Remote Code Execution Vulnerability

Windows TCP/IP Remote Code Execution Vulnerability

The Porto theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 7.1.0 via the 'porto_ajax_posts' function. This makes it possible for unauthenticated attacker...

A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V5.40), SICORE Base system (All versions < V1.4.0). The password of administrative accounts of the affect...

Microsoft SQL Server Elevation of Privilege Vulnerability

A vulnerability was found in SourceCodester QR Code Bookmark System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /endpoint/delete-bookmark.php?bookmark=1....

Improper Control of Generation of Code ('Code Injection') vulnerability in Saturday Drive Ninja Forms allows Code Injection.This issue affects Ninja Forms: from n/a through 3.8.4.

Improper Privilege Management vulnerability in NooTheme Jobmonster allows Privilege Escalation.This issue affects Jobmonster: from n/a through 4.7.0.

SQL injection vulnerability in processscore.php in Learning Management System Project In PHP With Source Code 1.0 allows attackers to execute arbitrary SQL commands via the id parameter.

Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a buffer overflow via the nav2_amcl process. This vulnerability is triggered via sending a crafted ....

Open Robotics Robotic Operating System 2 (ROS2) and Nav2 humble versions were discovered to contain a buffer overflow via the nav2_amcl process. This vulnerability is triggered via sending a crafted ....

SQL Injection vulnerability in Lost and Found Information System 1.0 allows a remote attacker to escalate privileges via the id parameter to php-lfis/admin/categories/manage_category.php.

A SQL Injection vulnerability in itsourcecode Billing System 1.0 allows a local attacker to execute arbitrary code in process.php via the username parameter.

An arbitrary file upload vulnerability in MangoOS before 5.1.4 and Mango API before 4.5.5 allows attackers to execute arbitrary code via a crafted file.