Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 2 3 4 5 6 7 8 9 10 [11] 12 13 14 15 16 17 18 19 20 21 ...Result(s) : 129287

Alerts Feed Alerts

DateNameCategoriesDetail
3.52019-09-15CVE-2019-16333cve GetSimple CMS v3.3.15 has Persistent Cross-Site Scripting (XSS) in admin/theme-edit.php.
4.32019-09-15CVE-2019-16332cve In the api-bearer-auth plugin before 20190907 for WordPress, the server parameter is not correctly filtered in the swagger-config.yaml.php file, and it is possible to inject Jav...
7.52019-09-15CVE-2019-14540cve A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig.
4.32019-09-15CVE-2019-16321cve ScadaBR 1.0CE, and 1.1.x through 1.1.0-RC, has XSS via a request for a nonexistent resource, as demonstrated by the dwr/test/ PATH_INFO.
52019-09-15CVE-2019-16320cve Cobham Sea Tel v170 224521 through v194 225444 devices allow attackers to obtain potentially sensitive information, such as a vessel's latitude and longitude, via the publi...
7.82019-09-15CVE-2019-16319cve In Wireshark 3.0.0 to 3.0.3 and 2.6.0 to 2.6.10, the Gryphon dissector could go into an infinite loop. This was addressed in plugins/epan/gryphon/packet-gryphon.c by checking fo...
6.52019-09-14CVE-2019-16318cve In Pimcore before 5.7.1, an attacker with limited privileges can bypass file-extension restrictions via a 256-character filename, as demonstrated by the failure of automatic ren...
6.52019-09-14CVE-2019-16317cve In Pimcore before 5.7.1, an attacker with limited privileges can trigger execution of a .phar file via a phar:// URL in a filename parameter, because PHAR uploads are not blocke...
7.52019-09-14CVE-2019-16314cve Indexhibit 2.1.5 allows a product reinstallation, with resultant remote code execution, via /ndxzstudio/install.php?p=2.
52019-09-14CVE-2019-16313cve ifw8 Router ROM v4.31 allows credential disclosure by reading the action/usermanager.htm HTML source code.
4.32019-09-14CVE-2019-16312cve s-cms V3.0 has XSS in index.php?type=text via the S_id parameter.
6.82019-09-14CVE-2019-16311cve NIUSHOP V1.11 has CSRF via search_info to index.php.
3.52019-09-14CVE-2019-16310cve NIUSHOP V1.11 has XSS via the index.php?s=/admin URI.
7.52019-09-14CVE-2019-16309cve FlameCMS 3.3.5 has SQL injection in account/login.php via accountName.
4.32019-09-14CVE-2019-16307cve A Reflected Cross-Site Scripting (XSS) vulnerability in the webEx module in webExMeetingLogin.jsp and deleteWebExMeetingCheck.jsp in Fuji Xerox DocuShare through 7.0.0.C1.609 al...
6.82019-09-14CVE-2019-16305cve In MobaXterm 11.1 and 12.1, the protocol handler is vulnerable to command injection. A crafted link can trigger a popup asking whether the user wants to run MobaXterm to handle ...
6.82019-09-14CVE-2019-16294cve SciLexer.dll in Scintilla in Notepad++ (x64) before 7.7 allows remote code execution or denial of service via Unicode characters in a crafted .ml file.
7.52019-09-13CVE-2019-16303cve A class generated by the Generator in JHipster before 6.3.0 and JHipster Kotlin through 1.1.0 produces code that uses an insecure source of randomness (apache.commons.lang3 Rand...
102019-09-13CVE-2019-5485cve NPM package gitlabhook version 0.0.17 is vulnerable to a Command Injection vulnerability. Arbitrary commands can be injected through the repository name.
52019-09-13CVE-2019-5484cve Bower before 1.8.8 has a path traversal vulnerability permitting file write in arbitrary locations via install command, which allows attackers to write arbitrary files when a ma...
Page(s) : 1 2 3 4 5 6 7 8 9 10 [11] 12 13 14 15 16 17 18 19 20 21 ...Result(s) : 129287