| Page(s) : 1 2 3 4 5 6 7 8 9 [10] 11 12 13 14 15 16 17 18 19 20 ... | Result(s) : 21379 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| N/A | 2024-04-22 | CVE-2024-32459 | cve | FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based clients and servers that use a version of FreeRDP prior to 3.5.0 or 2.11.6 are vulnerable to out-o... |
| N/A | 2024-04-22 | CVE-2024-32460 | cve | FreeRDP is a free implementation of the Remote Desktop Protocol. FreeRDP based based clients using `/bpp:32` legacy `GDI` drawing path with a version of FreeRDP prior to 3.5.0 o... |
| N/A | 2024-04-22 | CVE-2024-32461 | cve | LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A SQL injection vulnerability in POST /search/search=packages in LibreNMS prior to version 24.4.0 all... |
| N/A | 2024-04-22 | CVE-2024-32479 | cve | LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. Prior to version 24.4.0, there is improper sanitization on the `Service` template name, which can lea... |
| N/A | 2024-04-22 | CVE-2024-32480 | cve | LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. Versions prior to 24.4.0 are vulnerable to SQL injection. The `order` parameter is obtained from `$re... |
| N/A | 2024-04-22 | CVE-2024-32653 | cve | jadx is a Dex to Java decompiler. Prior to version 1.5.0, the package name is not filtered before concatenation. This can be exploited to inject arbitrary code into the packag... |
| N/A | 2024-04-22 | CVE-2024-32656 | cve | Ant Media Server is live streaming engine software. A local privilege escalation vulnerability in present in versions 2.6.0 through 2.8.2 allows any unprivileged operating syste... |
| N/A | 2024-04-22 | CVE-2024-32657 | cve | Hydra is a Continuous Integration service for Nix based projects. Attackers can execute arbitrary code in the browser context of Hydra and execute authenticated HTTP requests. T... |
| N/A | 2024-04-22 | CVE-2024-3177 | cve | A security issue was discovered in Kubernetes where users may be able to launch containers that bypass the mountable secrets policy enforced by the ServiceAccount admission plug... |
| N/A | 2024-04-22 | CVE-2022-46897 | cve | An issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. The CapsuleIFWUSmm driver does not check the return value from a method or function. This can prevent it... |
| N/A | 2024-04-22 | CVE-2024-31666 | cve | An issue in flusity-CMS v.2.33 allows a remote attacker to execute arbitrary code via a crafted script to the edit_addon_post.php component. |
| N/A | 2024-04-22 | CVE-2024-29376 | cve | Sylius 1.12.13 is vulnerable to Cross Site Scripting (XSS) via the "Province" field in Address Book. |
| N/A | 2024-04-22 | CVE-2024-31545 | cve | Computer Laboratory Management System v1.0 is vulnerable to SQL Injection via the "id" parameter of /admin/?page=user/manage_user&id=6. |
| N/A | 2024-04-22 | CVE-2024-32407 | cve | An issue in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via a crafted payload to the Page Sandbox feature. |
| N/A | 2024-04-22 | CVE-2024-32205 | cve | Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes... |
| N/A | 2024-04-22 | CVE-2024-32238 | cve | H3C ER8300G2-X is vulnerable to Incorrect Access Control. The password for the router's management system can be accessed via the management system page login interface. |
| N/A | 2024-04-22 | CVE-2024-32399 | cve | Directory Traversal vulnerability in RaidenMAILD Mail Server v.4.9.4 and before allows a remote attacker to obtain sensitive information via the /webeditor/ component. |
| N/A | 2024-04-22 | CVE-2024-32405 | cve | Cross Site Scripting vulnerability in inducer relate before v.2024.1 allows a remote attacker to escalate privileges via a crafted payload to the Answer field of InlineMultiQues... |
| N/A | 2024-04-22 | CVE-2024-4040 | cve | A server side template injection vulnerability in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows unauthenticated remote attackers to read files from t... |
| N/A | 2024-04-22 | CVE-2024-27574 | cve | SQL Injection vulnerability in Trainme Academy version Ichin v.1.3.2 allows a remote attacker to obtain sensitive information via the informacion, idcurso, and tit parameters. |
| Page(s) : 1 2 3 4 5 6 7 8 9 [10] 11 12 13 14 15 16 17 18 19 20 ... | Result(s) : 21379 |
