On unix-like systems, the temporary directory is shared between all user. As such, writing to this directory using APIs that do not explicitly set the file/directory permissions can lead to information disclosure. Of note, this does not impact modern MacOS Operating Systems. The method...
5.5CVSS
5AI Score
0.0004EPSS
A maliciously crafted PNG file in Autodesk Image Processing component may be used to attempt to free an object that has already been freed while parsing them. This vulnerability may be exploited by attackers to execute arbitrary...
7.8CVSS
7.8AI Score
0.001EPSS
A Memory Corruption vulnerability may lead to code execution through maliciously crafted DLL files through Autodesk Image Processing...
7.8CVSS
7.8AI Score
0.001EPSS
A maliciously crafted TIF, PICT, TGA, or RLC files in Autodesk Image Processing component may be forced to read beyond allocated boundaries when parsing the TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary...
7.8CVSS
7.7AI Score
0.001EPSS
A heap-based buffer overflow could occur while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary...
7.8CVSS
8AI Score
0.001EPSS
A maliciously crafted TIFF, PICT, TGA, or RLC file in Autodesk Image Processing component may be used to write beyond the allocated buffer while parsing TIFF, PICT, TGA, or RLC files. This vulnerability may be exploited to execute arbitrary...
7.8CVSS
7.9AI Score
0.001EPSS
Stack-based buffer overflow in medialib.dll in BaoFeng Storm 3.9.62 allows remote attackers to execute arbitrary code via a long pathname in the source attribute of an item element in a .smpl playlist...
8.2AI Score
0.057EPSS
The Storm module 6.x before 6.x-1.25 for Drupal does not enforce privilege requirements for storminvoiceitem nodes, which allows remote attackers to read node titles via unspecified...
6.7AI Score
0.003EPSS
Multiple cross-site scripting (XSS) vulnerabilities in the Storm module 5.x and 6.x before 6.x-1.33 for Drupal allow remote authenticated users, with certain module privileges, to inject arbitrary web script or HTML via the (1) fullname, (2) phone, or (3) im parameter in a stormperson action to...
5.4AI Score
0.001EPSS
The BreakingPoint Storm appliance before 3.0 requires cleartext credentials for establishing a session from a GUI administrative client, which allows remote attackers to obtain sensitive information by sniffing the network for XML...
6.4AI Score
0.004EPSS
The administrative interface in the embedded web server on the BreakingPoint Storm appliance before 3.0 does not require authentication for the gwt/BugReport script, which allows remote attackers to obtain sensitive information by downloading a .tgz...
6.6AI Score
0.004EPSS
Specially crafted string in OTRS system configuration can allow the execution of any system...
8.8CVSS
9.1AI Score
0.001EPSS
An Unsafe Deserialization vulnerability exists in the worker services of the Apache Storm supervisor server allowing pre-auth Remote Code Execution (RCE). Apache Storm 2.2.x users should upgrade to version 2.2.1 or 2.3.0. Apache Storm 2.1.x users should upgrade to version 2.1.1. Apache Storm 1.x...
9.8CVSS
9.5AI Score
0.015EPSS
A Command Injection vulnerability exists in the getTopologyHistory service of the Apache Storm 2.x prior to 2.2.1 and Apache Storm 1.x prior to 1.2.4. A specially crafted thrift request to the Nimbus server allows Remote Code Execution (RCE) prior to...
9.8CVSS
9.6AI Score
0.809EPSS
The official storm Docker images before 1.2.1 contain a blank password for a root user. Systems using the Storm Docker container deployed by affected versions of the Docker image may allow an remote attacker to achieve root access with a blank...
9.8CVSS
9.5AI Score
0.007EPSS
The Apache Storm Logviewer daemon exposes HTTP-accessible endpoints to read/search log files on hosts running Storm. In Apache Storm versions 0.9.1-incubating to 1.2.2, it is possible to read files off the host's file system that were not intended to be accessible via these...
7.5CVSS
7.4AI Score
0.001EPSS
In Apache Storm versions 1.1.0 to 1.2.2, when the user is using the storm-kafka-client or storm-kafka modules, it is possible to cause the Storm UI daemon to deserialize user provided bytes into a Java...
9.8CVSS
9.3AI Score
0.003EPSS
An issue was discovered on the ENTTEC Datagate MK2, Storm 24, Pixelator, and E-Streamer MK2 with firmware 70044_update_05032019-482. They include a hard-coded SSH backdoor for remote SSH and SCP access as the root user. A command in the relocate and relocate_revB scripts copies the hardcoded key...
9.8CVSS
9.6AI Score
0.007EPSS
An issue was discovered on the ENTTEC Datagate MK2, Storm 24, Pixelator, and E-Streamer MK2 with firmware 70044_update_05032019-482. They replace secure and protected directory permissions (set as default by the underlying operating system) with highly insecure read, write, and execute directory...
7.8CVSS
7.5AI Score
0.001EPSS
An issue was discovered on the ENTTEC Datagate MK2, Storm 24, Pixelator, and E-Streamer MK2 with firmware 70044_update_05032019-482. They allow high-privileged root access by www-data via sudo without requiring appropriate access control. (Furthermore, the user account that controls the web...
8.8CVSS
8.9AI Score
0.001EPSS
A number of stored XSS vulnerabilities have been identified in the web configuration feature in ENTTEC Datagate Mk2 70044_update_05032019-482 that could allow an unauthenticated threat actor to inject malicious code directly into the application. This affects, for example, the Profile Description.....
6.1CVSS
6.3AI Score
0.001EPSS
ENTTEC Datagate MK2, Storm 24, Pixelator all firmware versions prior to (70044,70050,70060)_update_05032019-482 allows an unauthenticated user to initiate a remote reboot, which may be used to cause a denial of service...
7.5CVSS
7.4AI Score
0.001EPSS
In Apache Storm 0.10.0 through 0.10.2, 1.0.0 through 1.0.6, 1.1.0 through 1.1.2, and 1.2.0 through 1.2.1, an attacker with access to a secure storm cluster in some cases could execute arbitrary code as a different...
8.8CVSS
8.8AI Score
0.01EPSS
Apache Storm version 1.0.6 and earlier, 1.2.1 and earlier, and version 1.1.2 and earlier expose an arbitrary file write vulnerability, that can be achieved using a specially crafted zip archive (affects other archives as well, bzip2, tar, xz, war, cpio, 7z), that holds path traversal filenames. So....
5.5CVSS
5.8AI Score
0.0005EPSS
Apache Storm version 1.0.6 and earlier, 1.2.1 and earlier, and version 1.1.2 and earlier expose a vulnerability that could allow a user to impersonate another user when communicating with some Storm...
6.5CVSS
6.2AI Score
0.001EPSS
Directory traversal vulnerability in the log viewer in Apache Storm 0.9.0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter to...
7.5CVSS
7.4AI Score
0.002EPSS
It was found that under some situations and configurations of Apache Storm 1.x before 1.0.4 and 1.1.x before 1.1.1, it is theoretically possible for the owner of a topology to trick the supervisor to launch a worker as a different, non-root, user. In the worst case this could lead to secure...
8.8CVSS
8.5AI Score
0.004EPSS
The UI daemon in Apache Storm 0.10.0 before 0.10.0-beta1 allows remote attackers to execute arbitrary code via unspecified...
9.8CVSS
9.7AI Score
0.02EPSS
Multiple cross-site scripting (XSS) vulnerabilities in the Storm module 5.x and 6.x before 6.x-1.33 for Drupal allow remote authenticated users, with certain module privileges, to inject arbitrary web script or HTML via the (1) fullname, (2) address, (3) city, (4) provstate (aka state), (5) phone,....
5.6AI Score
0.001EPSS
Unspecified vulnerability in Config.dll in Baofeng products 3.09.04.17 and earlier allows remote attackers to execute arbitrary code by calling the SetAttributeValue method, as exploited in the wild in April and May...
7.9AI Score
0.061EPSS
Stack-based buffer overflow in the MPS.StormPlayer.1 ActiveX control in mps.dll 3.9.4.27 in Baofeng Storm allows remote attackers to execute arbitrary code via a long argument to the OnBeforeVideoDownload method, as exploited in the wild in April and May 2009. NOTE: some of these details are...
8.2AI Score
0.936EPSS
SQL injection vulnerability in SpeedTech Organization and Resource Manager (Storm) 5.x before 5.x-1.14 and 6.x before 6.x-1.18, a module for Drupal, allows remote authenticated users with storm project access to execute arbitrary SQL commands via unspecified...
8.2AI Score
0.001EPSS
Multiple buffer overflows in a certain ActiveX control in sparser.dll in Baofeng Storm 2.8 and earlier allow remote attackers to execute arbitrary code via malformed input in an unknown set of arguments or property values, a different DLL than CVE-2007-4816. NOTE: the provenance of this...
7.6AI Score
0.359EPSS
Multiple integer overflows in Media Player Classic (MPC) 6.4.9.0 and earlier, as used standalone and in mympc (aka CD-Storm) 1.0.0.1, StormPlayer 1.0.4, and possibly other products, allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a...
7.9AI Score
0.021EPSS
Heap-based buffer overflow in mplayerc.exe in Media Player Classic (MPC) 6.4.9.0 and earlier, as used standalone and in mympc (aka CD-Storm) 1.0.0.1, StormPlayer 1.0.4, and possibly other products, allows remote attackers to cause a denial of service (application crash) or possibly execute...
8.4AI Score
0.256EPSS
Multiple buffer overflows in the BaoFeng2 storm ActiveX control in Mps.dll allow remote attackers to have an unknown impact via a long (1) URL, (2) backImage, or (3) titleImage property value; (4) a long first argument to the advancedOpen method; a long argument to the (5) isDVDPath or (6)...
6.9AI Score
0.359EPSS
profile.php in Silent Storm Portal 2.1 and 2.2 allows remote attackers to gain privileges by setting the mail parameter to 1, which is the value for an...
7AI Score
0.051EPSS
Cross-site scripting (XSS) vulnerability in index.php in Silent Storm Portal 2.1 and 2.2 allows remote attackers to execute arbitrary web script or HTML via the module...
6.1AI Score
0.011EPSS