Aggregator

CVE-2021-47830 | Get-Simple My SMTP Contact Plugin 1.1.1 cross-site request forgery (Exploit 49774 / EDB-49774)

VulDB Recent Entries
2 months 2 weeks ago
A vulnerability, which was classified as problematic, has been found in Get-Simple My SMTP Contact Plugin 1.1.1. The impacted element is an unknown function. This manipulation causes cross-site request forgery. This vulnerability is tracked as CVE-2021-47830. The attack is possible to be carried out remotely. Moreover, an exploit is present.
vuldb.com

CVE-2021-47873 | VestaCP up to 0.9.8-25 IP Interface add/ip/ v_interface cross site scripting (Exploit 49662 / EDB-49662)

VulDB Recent Entries
2 months 2 weeks ago
A vulnerability classified as problematic was found in VestaCP up to 0.9.8-25. The affected element is an unknown function of the file add/ip/ of the component IP Interface. The manipulation of the argument v_interface results in cross site scripting. This vulnerability is identified as CVE-2021-47873. The attack can be executed remotely. Additionally, an exploit exists. Upgrading the affected component is advised.
vuldb.com

CVE-2021-47887 | OKI Print Job Accounting 4.4.10 OkiJaSvc Service unquoted search path (Exploit 49623 / EDB-49623)

VulDB Recent Entries
2 months 2 weeks ago
A vulnerability described as problematic has been identified in OKI Print Job Accounting 4.4.10. This issue affects some unknown processing of the file C:\Program Files\OKIdata\Print Job Accounting\ of the component OkiJaSvc Service. Executing a manipulation can lead to unquoted search path. The identification of this vulnerability is CVE-2021-47887. The attack can only be executed locally. Furthermore, there is an exploit available.
vuldb.com

CVE-2021-47886 | Fyrolabs Pingzapper 2.3.1 PingzapperSvc Service PZService.exe unquoted search path (Exploit 49626 / EDB-49626)

VulDB Recent Entries
2 months 2 weeks ago
A vulnerability marked as problematic has been reported in Fyrolabs Pingzapper 2.3.1. This vulnerability affects unknown code of the file C:\Program Files (x86)\Pingzapper\PZService.exe of the component PingzapperSvc Service. Performing a manipulation results in unquoted search path. This vulnerability was named CVE-2021-47886. The attack needs to be approached locally. In addition, an exploit is available.
vuldb.com

CVE-2021-47884 | OKI Configuration Tool 1.6.53 Port Manager Service portmgrsrv.exe unquoted search path (Exploit 49624 / EDB-49624)

VulDB Recent Entries
2 months 2 weeks ago
A vulnerability labeled as problematic has been found in OKI Configuration Tool 1.6.53. This affects an unknown part of the file C:\Program Files\OKIdata\Common\extend3\portmgrsrv.exe of the component Port Manager Service. Such manipulation leads to unquoted search path. This vulnerability is uniquely identified as CVE-2021-47884. Local access is required to approach this attack. Moreover, an exploit is present.
vuldb.com

CVE-2021-47883 | Sandboxie-Plus Sandboxie Plus 0.7.2 SbieSvc Service unquoted search path (Exploit 49631 / EDB-49631)

VulDB Recent Entries
2 months 2 weeks ago
A vulnerability identified as problematic has been detected in Sandboxie-Plus Sandboxie Plus 0.7.2. Affected by this issue is some unknown functionality of the component SbieSvc Service. This manipulation causes unquoted search path. This vulnerability is handled as CVE-2021-47883. It is possible to launch the attack on the local host. Additionally, an exploit exists.
vuldb.com

CVE-2021-47879 | Luidia eBeam Interactive Suite 3.6 eBeam Stylus Driver Service unquoted search path (Exploit 49648 / EDB-49648)

VulDB Recent Entries
2 months 2 weeks ago
A vulnerability categorized as problematic has been discovered in Luidia eBeam Interactive Suite 3.6. Affected by this vulnerability is an unknown functionality of the component eBeam Stylus Driver Service. The manipulation results in unquoted search path. This vulnerability is known as CVE-2021-47879. Attacking locally is a requirement. Furthermore, an exploit is available.
vuldb.com

CVE-2021-47874 | Vfsforgit VFS for Git 1.0.21014.1 Windows Service unquoted search path (Exploit 49661 / EDB-49661)

VulDB Recent Entries
2 months 2 weeks ago
A vulnerability was found in Vfsforgit VFS for Git 1.0.21014.1. It has been declared as problematic. This impacts an unknown function of the component Windows Service. Executing a manipulation can lead to unquoted search path. This vulnerability appears as CVE-2021-47874. The attack requires local access. In addition, an exploit is available.
vuldb.com

Zoom fixed critical Node Multimedia Routers flaw

Security Affairs
2 months 2 weeks ago
Zoom addressed a critical security vulnerability, tracked as CVE-2026-22844, that could result in remote code execution. Cloud-based video conferencing and online collaboration platform Zoom released security updates to address multiple vulnerabilities, including command injection, tracked as CVE-2026-22844 (CVSS score of 9.9), in Zoom Node Multimedia Routers (MMRs) that could result in remote code execution. “A […]
Pierluigi Paganini

RCE flaw in Cisco enterprise communications products probed by attackers (CVE-2026-20045)

Help Net Security
2 months 2 weeks ago

Cisco has fixed a critical remote code execution vulnerability (CVE-2026-20045) in some of its unified communications solutions that’s being targeted by attackers in the wild, the company announced on Wednesday via a security advisory. About CVE-2026-20045 CVE-2026-20045 is a code injection vulnerability stemming from improper validation of user-supplied input in HTTP requests. “An attacker could exploit this vulnerability by sending a sequence of crafted HTTP requests to the web-based management interface of an affected device. … More →

The post RCE flaw in Cisco enterprise communications products probed by attackers (CVE-2026-20045) appeared first on Help Net Security.

Zeljka Zorz

Managed ad