Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : [1] 2 3 4 5 6 7 8 9 10 11 ...Result(s) : 144481

Alerts Feed Alerts

DateNameCategoriesDetail
N/A2019-04-22CVE-2019-6157cve In various firmware versions of Lenovo System x, the integrated management module II (IMM2)'s first failure data capture (FFDC) includes the web server's private key i...
N/A2019-04-22CVE-2019-6155cve A potential vulnerability was found in an SMI handler in various BIOS versions of certain legacy IBM System x and IBM BladeCenter systems that could lead to denial of service.
N/A2019-04-22CVE-2019-3902cve A flaw was found in Mercurial before 4.9. It was possible to use symlinks and subrepositories to defeat Mercurial's path-checking logic and write files outside a repository.
N/A2019-04-22CVE-2019-3901cve A race condition in perf_event_open() allows local attackers to leak sensitive data from setuid programs. As no relevant locks (in particular the cred_guard_mutex) are held duri...
N/A2019-04-22CVE-2019-3899cve It was found that default configuration of Heketi does not require any authentication potentially exposing the management interface to misuse. This isue only affects heketi as s...
N/A2019-04-22CVE-2019-11456cve Gila CMS 1.10.1 allows fm/save CSRF for executing arbitrary PHP code.
N/A2019-04-22CVE-2019-11455cve A buffer over-read in Util_urlDecode in util.c in Tildeslash Monit before 5.25.3 allows a remote authenticated attacker to retrieve the contents of adjacent memory via manipulat...
N/A2019-04-22CVE-2019-11454cve Persistent cross-site scripting (XSS) in http/cervlet.c in Tildeslash Monit before 5.25.3 allows a remote unauthenticated attacker to introduce arbitrary JavaScript via manipula...
6.52019-04-22CVE-2019-11452cve whatsns 4.0 allows index.php?admin_category/remove.html cid[] SQL injection.
6.52019-04-22CVE-2019-11451cve whatsns 4.0 allows index.php?inform/add.html qid SQL injection.
7.52019-04-22CVE-2019-11450cve whatsns 4.0 allows index.php?question/ajaxadd.html title SQL injection.
N/A2019-04-22CVE-2019-11449cve I, Librarian 4.10 has XSS via the notes.php notes parameter.
N/A2019-04-22CVE-2019-11448cve An issue was discovered in Zoho ManageEngine Applications Manager 11.0 through 14.0. An unauthenticated user can gain the authority of SYSTEM on the server due to a Popup_SLA.js...
N/A2019-04-22CVE-2019-11447cve An issue was discovered in CutePHP CuteNews 2.1.2. An attacker can infiltrate the server through the avatar upload process in the profile area via the avatar_file field to index...
N/A2019-04-22CVE-2019-11446cve An issue was discovered in ATutor through 2.2.4. It allows the user to run commands on the server with the teacher user privilege. The Upload Files section in the File Manager f...
N/A2019-04-22CVE-2019-11445cve OpenKM 6.3.2 through 6.3.7 allows an attacker to upload a malicious JSP file into the /okm:root directories and move that file to the home directory of the site, via frontend/Fi...
N/A2019-04-22CVE-2019-11444cve An issue was discovered in Liferay Portal CE 7.1.2 GA3. An attacker can use Liferay's Groovy script console to execute OS commands. Commands can be executed via a [command]...
4.32019-04-22CVE-2019-11428cve I, Librarian 4.10 has XSS via the export.php export_files parameter.
4.32019-04-22CVE-2019-11427cve An XSS issue was discovered in app/search/search.app.php in idreamsoft iCMS 7.0.14 via the public/api.php?app=search q parameter.
4.32019-04-22CVE-2019-11426cve An XSS issue was discovered in app/admincp/template/admincp.header.php in idreamsoft iCMS 7.0.14 via the admincp.php?app=config tab parameter.
Page(s) : [1] 2 3 4 5 6 7 8 9 10 11 ...Result(s) : 144481