All Vulnerabilities

SQL injection vulnerability in WordPress MailPoet Newsletter Plugin allows attackers to execute arbitrary SQL commands via unspecified vectors.

A cross-site scripting (XSS) vulnerability exists in Link Library plugin, used in WordPress, allow remote attackers to execute same-origin JavaScript functions via crafted parameter.

A cross-site scripting (XSS) vulnerability exists in PhpMyAdmin, allows remote attackers to execute same-origin JavaScript functions via crafted parameter.

A cross-site scripting (XSS) vulnerability exists in PhpMyAdmin, allow remote attackers to execute same-origin JavaScript functions via crafted parameter.

SQL injection vulnerability in Joomla! allows attackers to execute arbitrary SQL commands via unspecified vectors.

VMware vCenter Server contains a remotely accessible JMX RMI service that is not securely configured. An unauthenticated remote attacker that is able to connect to the service may be able use it to execute arbitrary code on the vCenter server. By exploiting known methods, it is possible to remotely load an MLet file from an attacker controlled web server that points at a jar file.

The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service (traffic amplification) via forged (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_1 requests, as exploited in the wild in December 2013.

Cross-site scripting (XSS) vulnerability in admin/home/homepage/search in the web app in Adobe Connect before 9.4 allows remote attackers to inject arbitrary web script or HTML via the query parameter.

Microsoft Internet Explorer and Edge are prone to a memory corruption vulnerability. Attackers can exploit this issue to execute arbitrary code in the context of the user running the application.

LANDesk Management Suite is vulnerable to multiple remote file inclusion vulnerabilities. The vulnerabilities are due to insufficient input validation in frm_coremainfrm.aspx, sm_actionfrm.asp and frm_splitfrm.aspx files. Successful exploitation could lead to arbitrary code execution.