Page(s) : [1] 2 3 4 5 6 7 8 9 10 11 ... | Result(s) : 271666 |
Alerts
DATE | NAME | CATEGORIES | DETAIL | |
---|---|---|---|---|
N/A | 2024-04-18 | CVE-2024-27306 | cve | aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. A XSS vulnerability exists on index pages for static file handling. This vulnerability is fixed i... |
N/A | 2024-04-18 | CVE-2024-28185 | cve | Judge0 is an open-source online code execution system. The application does not account for symlinks placed inside the sandbox directory, which can be leveraged by an attacker t... |
N/A | 2024-04-18 | CVE-2024-28189 | cve | Judge0 is an open-source online code execution system. The application uses the UNIX chown command on an untrusted file within the sandbox. An attacker can abuse this by creatin... |
N/A | 2024-04-18 | CVE-2024-29021 | cve | Judge0 is an open-source online code execution system. The default configuration of Judge0 leaves the service vulnerable to a sandbox escape via Server Side Request Forgery (SSR... |
N/A | 2024-04-18 | CVE-2024-2796 | cve | A server-side request forgery (SSRF) was discovered in the Akana Community Manager Developer Portal in versions prior to and including 2022.1.3. Reported by Jakob Antonsson. |
N/A | 2024-04-18 | CVE-2024-30257 | cve | 1Panel is an open source Linux server operation and maintenance management panel. The password verification in the source code uses the != symbol instead hmac.Equal. This may le... |
N/A | 2024-04-18 | CVE-2024-30564 | cve | An issue inandrei-tatar nora-firebase-common between v.1.0.41 and v.1.12.2 allows a remote attacker to execute arbitrary code via a crafted script to the updateState parameter o... |
N/A | 2024-04-18 | CVE-2024-32466 | cve | Tolgee is an open-source localization platform. For the `/v2/projects/translations` and `/v2/projects/{projectId}/translations` endpoints, translation data was returned even whe... |
N/A | 2024-04-18 | CVE-2024-32470 | cve | Tolgee is an open-source localization platform. When API key created by admin user is used it bypasses the permission check at all. This error was introduced in v3.57.2 and imme... |
N/A | 2024-04-18 | CVE-2024-32475 | cve | Envoy is a cloud-native, open source edge and service proxy. When an upstream TLS cluster is used with `auto_sni` enabled, a request containing a `host`/`:authority` header long... |
N/A | 2024-04-18 | CVE-2024-32325 | cve | TOTOLINK EX200 V4.0.3c.7646_B20201211 contains a Cross-site scripting (XSS) vulnerability through the ssid parameter in the setWiFiExtenderConfig function. |
N/A | 2024-04-18 | CVE-2024-32326 | cve | TOTOLINK EX200 V4.0.3c.7646_B20201211 contains a Cross-site scripting (XSS) vulnerability through the key parameter in the setWiFiExtenderConfig function. |
N/A | 2024-04-18 | CVE-2024-32327 | cve | TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in Port Forwarding under the Firewall Page. |
N/A | 2024-04-18 | CVE-2024-32332 | cve | TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in WDS Settings under the Wireless Page. |
N/A | 2024-04-18 | CVE-2024-32333 | cve | TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in MAC Filtering under the Firewall Page. |
N/A | 2024-04-18 | CVE-2024-32334 | cve | TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in IP/Port Filtering under the Firewall Page. |
N/A | 2024-04-18 | CVE-2024-32335 | cve | TOTOLINK N300RT V2.1.8-B20201030.1539 contains a Store Cross-site scripting (XSS) vulnerability in Access Control under the Wireless Page. |
N/A | 2024-04-18 | CVE-2024-26921 | cve | In the Linux kernel, the following vulnerability has been resolved: inet: inet_defrag: prevent sk release while still in use ip_local_out() and other functions can pass skb->s... |
7.5 | 2024-04-18 | CVE-2024-29003 | cve | The SolarWinds Platform was susceptible to a XSS vulnerability that affects the maps section of the user interface. This vulnerability requires authentication and requires user ... |
N/A | 2024-04-18 | CVE-2024-2833 | cve | The Jobs for WordPress plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘job-search’ parameter in all versions up to, and including, 2.7.5 due to ins... |
Page(s) : [1] 2 3 4 5 6 7 8 9 10 11 ... | Result(s) : 271666 |