High · CVSS 7.8 · CISA KEV
In ep_loop_check_proc of eventpoll.c, there is a possible way to corrupt memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-204573007References: Upstream kernel
Published Dec 15, 2021 · Updated Oct 21, 2025
High · CVSS 8.1 · CISA KEV
Acclaim USAHERDS through 7.4.0.1 uses hard-coded credentials.
Published Dec 21, 2021 · Updated Oct 21, 2025
Medium · CVSS 6.3
A buffer overflow [CWE-121] in the TFTP client library of FortiOS before 6.4.7 and FortiOS 7.0.0 through 7.0.2, may allow an authenticated local attacker to achieve arbitrary code execution via specially crafted command line arguments.
Published Dec 8, 2021 · Updated Oct 16, 2025
Critical · CVSS 9.8
A remote code execution vulnerability in the BMP image codec of BlackBerry QNX SDP version(s) 6.4 to 7.1 could allow an attacker to potentially execute code in the context of the affected process.
Published Dec 13, 2021 · Updated Sep 9, 2025
High · CVSS 8.8
Improper neutralization of special elements in the SMA100 management interface '/cgi-bin/viewcert' POST http method allows a remote authenticated attacker to inject arbitrary commands as a 'nobody' user. This vulnerability affected SMA 200, 210, 400, 410 and 500v appliances.
Published Dec 8, 2021 · Updated Sep 5, 2025
Medium · CVSS 6.7
This affects versions of the package unisharp/laravel-filemanager before 2.6.2. The upload() function does not sufficiently validate the file type when uploading.
An attacker may be able to reproduce the following steps:
1. Install a package with a web Laravel application.
2. Navigate to the Upload window
3. Upload an image file, then capture the request
4. Edit the request contents with a malicious file (webshell)
5. Enter the path of file uploaded on URL - Remote Code Execution
**Note:** Prevention for bad extensions can be done by using a whitelist in the config file(lfm.php). Corresponding document can be found in [here](https://unisharp.github.io/laravel-filemanager/configfolder-categories).
Published Dec 17, 2021 · Updated Jun 17, 2025
High · CVSS 7.1
Allegro WIndows 3.3.4152.0, embeds software administrator database credentials into its binary files, which allows users to access and modify data using the same credentials.
Published Dec 8, 2021 · Updated May 30, 2025
Medium · CVSS 4.4
Wolters Kluwer TeamMate AM 12.4 Update 1 mishandles attachment uploads, such that an authenticated user may download and execute malicious files.
Published Dec 17, 2021 · Updated May 30, 2025
High · CVSS 7.1
An issue was discovered in Allegro Windows (formerly Popsy Windows) before 3.3.4156.1. A standard user can escalate privileges to SYSTEM if the FTP module is installed, because of DLL hijacking.
Published Dec 8, 2021 · Updated May 30, 2025
High · CVSS 8.8
An issue was discovered in BeyondTrust Privilege Management for Mac before 5.7. An authenticated, unprivileged user can elevate privileges by running a malicious script (that executes as root from a temporary directory) during install time. (This applies to macOS before 10.15.5, or Security Update 2020-003 on Mojave and High Sierra, Later versions of macOS are not vulnerable.)
Published Dec 11, 2023 · Updated May 27, 2025
Medium · CVSS 5.4
In CKAN, versions 2.9.0 to 2.9.3 are affected by a stored XSS vulnerability via SVG file upload of users’ profile picture. This allows low privileged application users to store malicious scripts in their profile picture. These scripts are executed in a victim’s browser when they open the malicious profile picture
Published Dec 1, 2021 · Updated Apr 30, 2025
Medium · CVSS 5.4
In “ifme”, versions 1.0.0 to v7.31.4 are vulnerable against stored XSS vulnerability (notifications section) which can be directly triggered by sending an ally request to the admin.
Published Dec 29, 2021 · Updated Apr 30, 2025
Medium · CVSS 5.4
In “ifme”, versions 1.0.0 to v7.31.4 are vulnerable against stored XSS vulnerability in the markdown editor. It can be exploited by making a victim a Leader of a group which triggers the payload for them.
Published Dec 29, 2021 · Updated Apr 30, 2025
Medium · CVSS 5.4
In “ifme”, versions v7.22.0 to v7.31.4 are vulnerable against self-stored XSS in the contacts field as it allows loading XSS payloads fetched via an iframe.
Published Dec 29, 2021 · Updated Apr 30, 2025
Medium · CVSS 5.7
In Ifme, versions v5.0.0 to v7.32 are vulnerable against an improper access control, which makes it possible for admins to ban themselves leading to their deactivation from Ifme account and complete loss of admin access to Ifme.
Published Dec 29, 2021 · Updated Apr 30, 2025
Medium · CVSS 5.4
In Requarks wiki.js, versions 2.0.0-beta.147 to 2.5.255 are affected by Stored XSS vulnerability, where a low privileged (editor) user can upload a SVG file that contains malicious JavaScript while uploading assets in the page. That will send the JWT tokens to the attacker’s server and will lead to account takeover when accessed by the victim.
Published Dec 29, 2021 · Updated Apr 30, 2025
Medium · CVSS 6.5
Prior to Apache Commons Net 3.9.0, Net's FTP client trusts the host from PASV response by default. A malicious server can redirect the Commons Net code to use a different host, but the user has to connect to the malicious server in the first place. This may lead to leakage of information about services running on the private network of the client. The default in version 3.9.0 is now false to ignore such hosts, as cURL does. See https://issues.apache.org/jira/browse/NET-711.
Published Dec 3, 2022 · Updated Apr 24, 2025
High · CVSS 7.5
A default username and password for an administrator account was discovered in ZKTeco ZKTime 10.0 through 11.1.0, builds 20180901, 20190510.1, 20200309.3, 20200930, 20201231, and 20210220.
Published Dec 5, 2022 · Updated Apr 24, 2025
Medium · CVSS 6.1
Cross Site Scripting (XSS) vulnerability in TomExam 3.0 via p_name parameter to list.thtml.
Published Dec 5, 2022 · Updated Apr 24, 2025
Low · CVSS 3.3
Adobe Bridge version 11.1.2 (and earlier) and version 12.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious SGI file.
Published Dec 7, 2021 · Updated Apr 23, 2025
Low · CVSS 3.3
Adobe Bridge version 11.1.2 (and earlier) and version 12.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious SGI file.
Published Dec 7, 2021 · Updated Apr 23, 2025
Low · CVSS 3.3
Adobe Bridge version 11.1.2 (and earlier) and version 12.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious RGB file.
Published Dec 7, 2021 · Updated Apr 23, 2025
High · CVSS 7.8
Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious MXF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
Published Dec 20, 2021 · Updated Apr 23, 2025
High · CVSS 7.8
Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious WAV file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
Published Dec 20, 2021 · Updated Apr 23, 2025
High · CVSS 7.8
Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious M4A file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
Published Dec 20, 2021 · Updated Apr 23, 2025
High · CVSS 7.8
Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious M4A file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
Published Dec 20, 2021 · Updated Apr 23, 2025
High · CVSS 7.8
Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious EXR file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
Published Dec 20, 2021 · Updated Apr 23, 2025
High · CVSS 7.8
Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious WAV file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
Published Dec 20, 2021 · Updated Apr 23, 2025
High · CVSS 7.8
Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious PNG file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
Published Dec 20, 2021 · Updated Apr 23, 2025
High · CVSS 7.8
Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious WAV file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
Published Dec 20, 2021 · Updated Apr 23, 2025
Medium · CVSS 5.5
Adobe Premiere Rush versions 1.5.16 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Published Dec 20, 2021 · Updated Apr 23, 2025
High · CVSS 7.8
Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious WAV file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
Published Dec 20, 2021 · Updated Apr 23, 2025
Medium · CVSS 5.5
Adobe Premiere Rush versions 1.5.16 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Published Dec 20, 2021 · Updated Apr 23, 2025
Low · CVSS 3.3
Adobe Premiere Rush versions 1.5.16 (and earlier) allows access to an uninitialized pointer vulnerability that allows remote attackers to disclose arbitrary data on affected installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of MP4 files. The issue results from the lack of proper initialization of memory prior to accessing it.
Published Dec 20, 2021 · Updated Apr 23, 2025
High · CVSS 7.8
Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious SVG file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
Published Dec 20, 2021 · Updated Apr 23, 2025
High · CVSS 7.8
Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious EPS/TIFF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
Published Dec 20, 2021 · Updated Apr 23, 2025
Medium · CVSS 5.5
Adobe Premiere Rush versions 1.5.16 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
Published Dec 20, 2021 · Updated Apr 23, 2025
Medium · CVSS 5.5
Adobe Premiere Rush versions 1.5.16 (and earlier) allows access to an uninitialized pointer vulnerability that allows remote attackers to disclose sensitive information on affected installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of MP4 files. The issue results from the lack of proper initialization of memory prior to accessing it.
Published Dec 20, 2021 · Updated Apr 23, 2025
High · CVSS 7.8
Adobe Dimension versions 3.4.3 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious GIF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.
Published Dec 20, 2021 · Updated Apr 23, 2025
Low · CVSS 3.3
Adobe Dimension versions 3.4.3 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious TIF file.
Published Dec 20, 2021 · Updated Apr 23, 2025
Low · CVSS 3.3
Adobe Dimension versions 3.4.3 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious SVG file.
Published Dec 20, 2021 · Updated Apr 23, 2025
Low · CVSS 3.3
Adobe Dimension versions 3.4.3 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious TIF file.
Published Dec 20, 2021 · Updated Apr 23, 2025
High · CVSS 7.8
Adobe Dimension versions 3.4.3 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious GIF file.
Published Dec 20, 2021 · Updated Apr 23, 2025
High · CVSS 7.8
Adobe Dimension versions 3.4.3 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious GIF file.
Published Dec 20, 2021 · Updated Apr 23, 2025
Low · CVSS 3.3
Adobe Audition versions 14.4 (and earlier), and 22.0 (and earlier)are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious MP4 file.
Published Dec 20, 2021 · Updated Apr 23, 2025
Low · CVSS 3.3
Adobe Audition versions 14.4 (and earlier), and 22.0 (and earlier)are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious MP4 file.
Published Dec 20, 2021 · Updated Apr 23, 2025
Low · CVSS 3.3
Adobe Audition versions 14.4 (and earlier), and 22.0 (and earlier)are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious MOV file.
Published Dec 20, 2021 · Updated Apr 23, 2025
Medium · CVSS 5.4
IBM API Connect V10.0.0.0 through V10.0.5.0, V10.0.1.0 through V10.0.1.7, and V2018.4.1.0 through 2018.4.1.19 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 213212.
Published Dec 1, 2022 · Updated Apr 23, 2025
Medium · CVSS 6.1
Logrhythm Web Console 7.4.9 allows for HTML tag injection through Contextualize Action -> Create a new Contextualize Action -> Inject your HTML tag in the name field.
Published Dec 12, 2022 · Updated Apr 22, 2025
High · CVSS 7
In TBD of TBD, there is a possible way to archive arbitrary code execution in kernel due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-254742984
Published Dec 13, 2022 · Updated Apr 22, 2025