Page(s) : [1] 2 3 4 5 6 7 8 9 10 11 ... | Result(s) : 272328 |
Alerts
DATE | NAME | CATEGORIES | DETAIL | |
---|---|---|---|---|
N/A | 2024-04-27 | CVE-2024-2859 | cve | By default, SANnav OVA is shipped with root user login enabled. While protected by a password, access to root could expose SANnav to a remote attacker should they gain access t... |
4.4 | 2024-04-27 | CVE-2024-2258 | cve | The Form Maker by 10Web – Mobile-Friendly Drag & Drop Contact Form Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a user's display name autof... |
6.4 | 2024-04-27 | CVE-2024-2838 | cve | The WPC Composite Products for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wooco_components[0][name]' parameter in all versi... |
N/A | 2024-04-26 | CVE-2024-28322 | cve | SQL Injection vulnerability in /event-management-master/backend/register.php in PuneethReddyHC Event Management 1.0 allows attackers to run arbitrary SQL commands via the event_... |
N/A | 2024-04-26 | CVE-2024-30804 | cve | An issue discovered in the DeviceIoControl component in ASUS Fan_Xpert before v.10013 allows an attacker to execute arbitrary code via crafted IOCTL requests. |
N/A | 2024-04-26 | CVE-2024-31551 | cve | Directory Traversal vulnerability in lib/admin/image.admin.php in cmseasy v7.7.7.9 20240105 allows attackers to delete arbitrary files via crafted GET request. |
N/A | 2024-04-26 | CVE-2024-31741 | cve | Cross Site Scripting vulnerability in MiniCMS v.1.11 allows a remote attacker to run arbitrary code via crafted string in the URL after login. |
N/A | 2024-04-26 | CVE-2024-31828 | cve | Cross Site Scripting vulnerability in Lavalite CMS v.10.1.0 allows attackers to execute arbitrary code and obtain sensitive information via a crafted payload to the URL. |
N/A | 2024-04-26 | CVE-2024-3051 | cve | Malformed Device Reset Locally command classes can be sent to temporarily deny service to an end device. Any frames sent by the end device will not be acknowledged by the gatewa... |
N/A | 2024-04-26 | CVE-2024-3052 | cve | Malformed S2 Nonce Get command classes can be sent to crash the gateway. A hard reset is required to recover the gateway. |
N/A | 2024-04-26 | CVE-2024-4243 | cve | A vulnerability classified as critical has been found in Tenda W9 1.0.0.7(4456). Affected is the function formwrlSSIDset of the file /goform/wifiSSIDset. The manipulation of the... |
N/A | 2024-04-26 | CVE-2024-4244 | cve | A vulnerability classified as critical was found in Tenda W9 1.0.0.7(4456). Affected by this vulnerability is the function fromDhcpSetSer of the file /goform/DhcpSetSer. The man... |
N/A | 2024-04-26 | CVE-2024-32880 | cve | pyload is an open-source Download Manager written in pure Python. An authenticated user can change the download folder and upload a crafted template to the specified folder lead... |
N/A | 2024-04-26 | CVE-2024-32884 | cve | gitoxide is a pure Rust implementation of Git. `gix-transport` does not check the username part of a URL for text that the external `ssh` program would interpret as an option. A... |
N/A | 2024-04-26 | CVE-2024-33342 | cve | D-Link DIR-822+ V1.0.5 was found to contain a command injection in SetPlcNetworkpwd function of prog.cgi, which allows remote attackers to execute arbitrary commands via shell. |
N/A | 2024-04-26 | CVE-2024-33343 | cve | D-Link DIR-822+ V1.0.5 was found to contain a command injection in ChgSambaUserSettings function of prog.cgi, which allows remote attackers to execute arbitrary commands via shell. |
N/A | 2024-04-26 | CVE-2024-33344 | cve | D-Link DIR-822+ V1.0.5 was found to contain a command injection in ftext function of upload_firmware.cgi, which allows remote attackers to execute arbitrary commands via shell. |
N/A | 2024-04-26 | CVE-2024-4235 | cve | A vulnerability classified as problematic was found in Netgear DG834Gv5 1.6.01.34. This vulnerability affects unknown code of the component Web Management Interface. The manipul... |
N/A | 2024-04-26 | CVE-2024-4236 | cve | A vulnerability, which was classified as critical, has been found in Tenda AX1803 1.0.0.1. This issue affects the function formSetSysToolDDNS of the file /goform/SetDDNSCfg. The... |
N/A | 2024-04-26 | CVE-2024-28325 | cve | Asus RT-N12+ B1 router stores credentials in cleartext, which could allow local attackers to obtain unauthorized access and modify router settings. |
Page(s) : [1] 2 3 4 5 6 7 8 9 10 11 ... | Result(s) : 272328 |