The Glass WordPress plugin through 1.3.2 does not sanitise or escape its "Glass Pages" setting before outputting in a page, leading to a Stored Cross-Site Scripting issue. Furthermore, the plugin did not have CSRF check in place when saving its settings, allowing the issue to be exploited via a...
6.1CVSS
6AI Score
0.001EPSS
There is a vulnerability caused by unsafe Java deserialization that allows for arbitrary command execution in a containerized environment within Airwave Glass before 1.3.3. Successful exploitation can lead to complete compromise of the underlying host operating...
9.8CVSS
9.5AI Score
0.006EPSS
There is a vulnerability caused by insufficient input validation that allows for arbitrary command execution in a containerized environment within Airwave Glass before 1.3.3. Successful exploitation can lead to complete compromise of the underlying host operating...
9.8CVSS
9.4AI Score
0.002EPSS
Multiple authenticated remote command executions are possible in Airwave Glass before 1.3.3 via the glassadmin cli. These allow for a user with glassadmin privileges to execute arbitrary code as root on the underlying host operating...
7.2CVSS
7.3AI Score
0.002EPSS
In Aruba AirWave Glass before 1.3.3, there is a Server-Side Request Forgery vulnerability through an unauthenticated endpoint that if successfully exploited can result in disclosure of sensitive information. This can be used to perform an authentication bypass and ultimately gain administrative...
7.5CVSS
7.8AI Score
0.002EPSS
A remote execution of arbitrary commands vulnerability was discovered in Aruba Airwave Software version(s): Prior to...
7.2CVSS
7.1AI Score
0.003EPSS
A remote unauthenticated arbitrary code execution vulnerability was discovered in Aruba Airwave Software version(s): Prior to...
9.8CVSS
9.6AI Score
0.004EPSS
A remote unauthenticated arbitrary code execution vulnerability was discovered in Aruba Airwave Software version(s): Prior to...
9.8CVSS
9.6AI Score
0.004EPSS
A remote execution of arbitrary commands vulnerability was discovered in Aruba Airwave Software version(s): Prior to...
7.2CVSS
7.1AI Score
0.003EPSS
A remote unauthorized access vulnerability was discovered in Aruba Airwave Software version(s): Prior to...
9.8CVSS
9.2AI Score
0.008EPSS
A remote server-side request forgery (ssrf) vulnerability was discovered in Aruba Airwave Software version(s): Prior to...
5.8CVSS
5.7AI Score
0.001EPSS
A remote escalation of privilege vulnerability was discovered in Aruba Airwave Software version(s): Prior to...
8.8CVSS
8.8AI Score
0.004EPSS
A remote execution of arbitrary commandss vulnerability was discovered in Aruba Airwave Software version(s): Prior to...
7.2CVSS
7AI Score
0.003EPSS
A potential vulnerability in the SMI callback function used in the System Lock Preinstallation driver in some Lenovo Notebook and ThinkStation models may allow arbitrary code...
6.7CVSS
7AI Score
0.0004EPSS
There is a vulnerability with the Dolby DAX2 API system services in which a low-privileged user can terminate arbitrary processes that are running at a higher privilege. The following are affected products and versions: Legion Y520T_Z370 6.0.1.8642, AIO310-20IAP 6.0.1.8642, AIO510-22ISH...
6.5CVSS
6.5AI Score
0.001EPSS
A Remote Code Execution vulnerability in HPE Aruba AirWave Glass version v1.0.0 and 1.0.1 was...
8.3CVSS
8.4AI Score
0.006EPSS
fastping.c in MRLG (aka Multi-Router Looking Glass) before 5.5.0 allows remote attackers to cause an arbitrary memory write and memory...
9.8CVSS
9.4AI Score
0.008EPSS
Google Glass before XE6 does not properly restrict the processing of QR codes, which allows physically proximate attackers to modify the configuration or redirect users to arbitrary web sites via a crafted symbol, as demonstrated by selecting a Wi-Fi access point in order to conduct a...
6.6AI Score
0.0005EPSS
Multiple cross-site scripting (XSS) vulnerabilities in Looking Glass 20040427 allow remote attackers to inject arbitrary web script or HTML via the (1) version[fullname], (2) version[homepage], or (3) version[no] parameter to footer.php, or the (4) version[fullname], (5) version[no], (6)...
5.8AI Score
0.01EPSS
Looking Glass 20040427 allows remote attackers to execute arbitrary commands via shell metacharacters in the DNS lookup query...
7.7AI Score
0.088EPSS