Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 2 3 4 5 6 7 8 9 [10] 11 12 13 14 15 16 17 18 19 20 ...Result(s) : 145970

Alerts Feed Alerts

DateNameCategoriesDetail
2.62019-05-21USN-3991-1Ubuntu Firefox vulnerabilities
5.82019-05-21CVE-2019-12253cve my little forum before 2.4.20 allows CSRF to delete posts, as demonstrated by mode=posting&delete_posting.
6.52019-05-21CVE-2019-12251cve sadmin/ceditpost.php in UCMS 1.4.7 allows SQL Injection via the index.php?do=sadmin_ceditpost cvalue parameter.
4.32019-05-21CVE-2019-12250cve IdentityServer IdentityServer4 through 2.4 has stored XSS via the httpContext to the host/Extensions/RequestLoggerMiddleware.cs LogForErrorContext method, which can be triggered...
42019-05-21CVE-2019-10320cve Jenkins Credentials Plugin 2.1.18 and earlier allowed users with permission to create or update credentials to confirm the existence of files on the Jenkins master with an attac...
N/A2019-05-21CVE-2019-10319cve A missing permission check in Jenkins PAM Authentication Plugin 1.5 and earlier, except 1.4.1 in PamSecurityRealm.DescriptorImpl#doTest allowed users with Overall/Read permissio...
52019-05-21USN-3990-1Ubuntu urllib3 vulnerabilities
7.82019-05-21USN-3989-1Ubuntu LibRaw vulnerabilities
7.52019-05-20CVE-2019-12241cve The Carts Guru plugin 1.4.5 for WordPress allows Insecure Deserialization via a cartsguru-source cookie to classes/wc-cartsguru-event-handler.php.
7.52019-05-20CVE-2019-12240cve The Virim plugin 0.4 for WordPress allows Insecure Deserialization via s_values, t_values, or c_values in graph.php.
6.52019-05-20CVE-2019-12239cve The WP Booking System plugin 1.5.1 for WordPress has no CSRF protection, which allows attackers to reach certain SQL injection issues that require administrative access.
6.52019-05-20CVE-2019-11816cve Incorrect access control in the WebUI in OPNsense before version 19.1.8, and pfsense before 2.4.4-p3 allows remote authenticated users to escalate privileges to administrator vi...
4.32019-05-20CVE-2019-10078cve A carefully crafted plugin link invocation could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking. Initial reporting indi...
4.32019-05-20CVE-2019-10077cve A carefully crafted InterWiki link could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking.
4.32019-05-20CVE-2019-10076cve A carefully crafted malicious attachment could trigger an XSS vulnerability on Apache JSPWiki 2.9.0 to 2.11.0.M3, which could lead to session hijacking.
7.52019-05-20CVE-2019-8352cve By default, BMC PATROL Agent through 11.3.01 uses a static encryption key for encrypting/decrypting user credentials sent over the network to managed PATROL Agent services. If a...
52019-05-20CVE-2019-4293cve IBM Storwize V7000 Unified (2073) 1.6 configuration may allow an attacker to reveal the server version in default installation, which could be used in further attacks against th...
42019-05-20CVE-2019-4058cve IBM BigFix Platform 9.2 and 9.5 could allow a low-privilege user to manipulate the UI into exposing interface elements and information normally restricted to administrators. IBM...
3.52019-05-20CVE-2019-4011cve IBM BigFix Platform 9.2 and 9.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intende...
2.12019-05-20CVE-2018-2005cve IBM BigFix Platform 9.2 and 9.5 stores potentially sensitive information in process memory that could be read by a local attacker with elevated permissions. IBM X-Force ID: 155007
Page(s) : 1 2 3 4 5 6 7 8 9 [10] 11 12 13 14 15 16 17 18 19 20 ...Result(s) : 145970