Page(s) : [1] 2 3 4 5 6 7 8 9 10 11 ... | Result(s) : 272187 |
Alerts
DATE | NAME | CATEGORIES | DETAIL | |
---|---|---|---|---|
N/A | 2024-04-25 | CVE-2024-31609 | cve | Cross Site Scripting (XSS) vulnerability in BOSSCMS v3.10 allows attackers to run arbitrary code via the header code and footer code fields in code configuration. |
N/A | 2024-04-25 | CVE-2024-31610 | cve | File Upload vulnerability in the function for employees to upload avatars in Code-Projects Simple School Management System v1.0 allows attackers to run arbitrary code via upload... |
N/A | 2024-04-25 | CVE-2024-3265 | cve | The Advanced Search WordPress plugin through 1.1.6 does not properly escape parameters appended to an SQL query, making it possible for users with the administrator role to cond... |
N/A | 2024-04-25 | CVE-2024-0916 | cve | Unauthenticated file upload allows remote code execution. This issue affects UvDesk Community: from 1.0.0 through 1.1.3. |
N/A | 2024-04-25 | CVE-2024-2905 | cve | A security vulnerability has been discovered within rpm-ostree, pertaining to the /etc/shadow file in default builds having the world-readable bit enabled. This issue arises fro... |
N/A | 2024-04-25 | CVE-2024-32645 | cve | Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions 0.3.10 and prior, incorrect values can be logged when `raw_log` builtin is called with ... |
N/A | 2024-04-25 | CVE-2024-32646 | cve | Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions 0.3.10 and prior, using the `slice` builtin can result in a double eval vulnerability w... |
N/A | 2024-04-25 | CVE-2024-32647 | cve | Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions 0.3.10 and prior, using the `create_from_blueprint` builtin can result in a double eval... |
N/A | 2024-04-25 | CVE-2024-32648 | cve | Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. Prior to version 0.3.0, default functions don't respect nonreentrancy keys and the lock isn... |
N/A | 2024-04-25 | CVE-2024-32649 | cve | Vyper is a pythonic Smart Contract Language for the Ethereum virtual machine. In versions 0.3.10 and prior, using the `sqrt` builtin can result in double eval vulnerability when... |
N/A | 2024-04-25 | CVE-2024-3508 | cve | A flaw was found in Bombastic, which allows authenticated users to upload compressed (bzip2 or zstd) SBOMs. The API endpoint verifies the presence of some fields and values in t... |
N/A | 2024-04-25 | CVE-2024-3622 | cve | A flaw was found when using mirror-registry to install Quay. It uses a default secret, which is stored in plain-text format in one of the configuration template files. This issu... |
N/A | 2024-04-25 | CVE-2024-3623 | cve | A flaw was found when using mirror-registry to install Quay. It uses a default database secret key, which is stored in plain-text format in one of the configuration template fil... |
N/A | 2024-04-25 | CVE-2024-3624 | cve | A flaw was found in how Quay's database is stored in plain-text in mirror-registry on the jinja's config.yaml file. This flaw allows a malicious actor with access to t... |
N/A | 2024-04-25 | CVE-2024-3625 | cve | A flaw was found in Quay, where Quay's database is stored in plain text in mirror-registry on Jinja's config.yaml file. This issue leaves the possibility of a maliciou... |
N/A | 2024-04-25 | CVE-2024-30939 | cve | An issue discovered in Yealink VP59 Teams Editions with firmware version 91.15.0.118 allows a physically proximate attacker to gain control of an account via a flaw in the facto... |
N/A | 2024-04-25 | CVE-2024-31615 | cve | ThinkCMF 6.0.9 is vulnerable to File upload via UeditorController.php. |
N/A | 2024-04-25 | CVE-2024-32324 | cve | Buffer Overflow vulnerability in Shenzhen Libituo Technology Co., Ltd LBT-T300-T400 v.3.2 allows a local attacker to execute arbitrary code via the vpn_client_ip variable of the... |
N/A | 2024-04-25 | CVE-2022-36028 | cve | Greenlight is an end-user interface for BigBlueButton servers. Versions prior to 2.13.0 have an open redirect vulnerability in the Login page due to unchecked the value of the `... |
N/A | 2024-04-25 | CVE-2022-36029 | cve | Greenlight is an end-user interface for BigBlueButton servers. Versions prior to 2.13.0 have an open redirect vulnerability in the Login page due to unchecked the value of the `... |
Page(s) : [1] 2 3 4 5 6 7 8 9 10 11 ... | Result(s) : 272187 |