Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 ... 6 7 8 9 10 11 12 13 14 15 [16] 17 18 19 20 21 22 23 24 25 26 ...Result(s) : 154514

Alerts Feed Alerts

DateNameCategoriesDetail
N/A2019-10-10CVE-2019-9531cve The web application portal of the Cobham EXPLORER 710, firmware version 1.07, allows unauthenticated access to port 5454. This could allow an unauthenticated, remote attacker to...
4.92019-10-10CVE-2019-9530cve The web root directory of the Cobham EXPLORER 710, firmware version 1.07, has no access restrictions on downloading and reading all files. This could allow an unauthenticated, l...
N/A2019-10-10CVE-2019-9529cve The web application portal of the Cobham EXPLORER 710, firmware version 1.07, has no authentication by default. This could allow an unauthenticated, local attacker connected to ...
N/A2019-10-10CVE-2019-17495cve A Cascading Style Sheets (CSS) injection vulnerability in Swagger UI before 3.23.11 allows attackers to use the Relative Path Overwrite (RPO) technique to perform CSS-based inpu...
4.32019-10-10CVE-2019-17494cve laravel-bjyblog 6.1.1 has XSS via a crafted URL.
4.32019-10-10CVE-2019-17493cve Jiangnan Online Judge (aka jnoj) 0.8.0 has XSS via the Problem[sample_input] parameter to web/admin/problem/create or web/polygon/problem/update.
4.32019-10-10CVE-2019-17491cve Jiangnan Online Judge (aka jnoj) 0.8.0 has XSS via the Problem[description] parameter to web/admin/problem/create or web/polygon/problem/update.
N/A2019-10-10CVE-2019-17490cve app\modules\polygon\controllers\ProblemController in Jiangnan Online Judge (aka jnoj) 0.8.0 allows arbitrary file upload, as demonstrated by PHP code (with a .php filename but t...
4.32019-10-10CVE-2019-17489cve Jiangnan Online Judge (aka jnoj) 0.8.0 has XSS via the Problem[title] parameter to web/polygon/problem/create or web/polygon/problem/update or web/admin/problem/create.
4.32019-10-10CVE-2019-17488cve b3log Symphony (aka Sym) before 3.6.0 has XSS via the HTTP User-Agent header.
6.82019-10-10CVE-2019-17386cve The animate-it plugin before 2.3.6 for WordPress has CSRF in edsanimate.php.
92019-10-10CVE-2019-15051cve An issue was discovered in Softing uaGate (SI, MB, 840D) firmware through 1.71.00.1225. A CGI script is vulnerable to command injection via a maliciously crafted form parameter.
52019-10-10CVE-2019-11528cve An issue was discovered in Softing uaGate SI 1.60.01. A system default path for executables is user writable.
92019-10-10CVE-2019-11527cve An issue was discovered in Softing uaGate SI 1.60.01. A CGI script is vulnerable to command injection with a maliciously crafted url parameter.
N/A2019-10-10CVE-2019-5535cve VMware Workstation and Fusion contain a network denial-of-service vulnerability due to improper handling of certain IPv6 packets. VMware has evaluated the severity of this issue...
N/A2019-10-10CVE-2019-5527cve ESXi, Workstation, Fusion, VMRC and Horizon Client contain a use-after-free vulnerability in the virtual sound device. VMware has evaluated the severity of this issue to be in t...
2.12019-10-10CVE-2019-4265cve IBM Maximo Anywhere 7.6.0, 7.6.1, 7.6.2, and 7.6.3 does not have device root detection which could result in an attacker gaining sensitive information about the device. IBM X-Fo...
N/A2019-10-10CVE-2019-17455cve Libntlm through 1.5 relies on a fixed buffer size for tSmbNtlmAuthRequest, tSmbNtlmAuthChallenge, and tSmbNtlmAuthResponse read and write operations, as demonstrated by a stack-...
4.32019-10-10CVE-2019-17454cve Bento4 1.5.1.0 has a NULL pointer dereference in AP4_Descriptor::GetTag in Core/Ap4Descriptor.h, related to AP4_StsdAtom::GetSampleDescription in Core/Ap4StsdAtom.cpp, as demons...
4.32019-10-10CVE-2019-17453cve Bento4 1.5.1.0 has a NULL pointer dereference in AP4_DescriptorListWriter::Action in Core/Ap4Descriptor.h, related to AP4_IodsAtom::WriteFields in Core/Ap4IodsAtom.cpp, as demon...
Page(s) : 1 ... 6 7 8 9 10 11 12 13 14 15 [16] 17 18 19 20 21 22 23 24 25 26 ...Result(s) : 154514