Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 ... 7 8 9 10 11 12 13 14 15 16 [17] 18 19 20 21 22 23 24 25 26 27 ...Result(s) : 67584

Alerts Feed Alerts

DateNameCategoriesDetail
7.52014-12-08CVE-2014-9348cve SQL injection vulnerability in the formulaireRobot function in admin/robots.lib.php in RobotStats 1.0 allows remote attackers to execute arbitrary SQL commands via the robot par...
7.52014-12-08CVE-2014-9347cve SQL injection vulnerability in dosearch.php in phpMyRecipes 1.2.2 allows remote attackers to execute arbitrary SQL commands via the words_exact parameter.
3.52014-12-08CVE-2014-9346cve Multiple cross-site scripting (XSS) vulnerabilities in the Hierarchical Select module 6.x-3.x before 6.x-3.9 for Drupal allow remote authenticated users with certain permissions...
7.52014-12-08CVE-2014-9345cve SQL injection vulnerability in Guruperl.net Advertise With Pleasure! Professional (aka AWP PRO) 6.6 and earlier allows remote attackers to execute arbitrary SQL commands via the...
6.82014-12-08CVE-2014-9344cve Cross-site request forgery (CSRF) vulnerability in Snowfox CMS before 1.0.10 allows remote attackers to hijack the authentication of administrators for requests that add a new a...
5.82014-12-08CVE-2014-9343cve Open redirect vulnerability in modules/system/controller/selectlanguage.class.php in Snowfox CMS 1.0 allows remote attackers to redirect users to arbitrary web sites and conduct...
6.52014-12-08CVE-2014-9305cve SQL injection vulnerability in the shortcodeProductsTable function in models/Cart66Ajax.php in the Cart66 Lite plugin before 1.5.2 for WordPress allows remote authenticated user...
7.52014-12-08CVE-2014-9280cve The current_user_get_bug_filter function in core/current_user_api.php in MantisBT before 1.2.18 allows remote attackers to execute arbitrary PHP code via the filter parameter.
52014-12-08CVE-2014-9279cve The print_test_result function in admin/upgrade_unattended.php in MantisBT 1.1.0a3 through 1.2.x before 1.2.18 allows remote attackers to obtain database credentials via a URL i...
4.62014-12-08CVE-2014-9273cve lib/handle.c in Hivex before 1.3.11 allows local users to execute arbitrary code and gain privileges via a small hive files, which triggers an out-of-bounds read or write.
4.32014-12-08CVE-2014-9270cve Cross-site scripting (XSS) vulnerability in the projax_array_serialize_for_autocomplete function in core/projax_api.php in MantisBT 1.1.0a3 through 1.2.17 allows remote attacker...
6.82014-12-08CVE-2014-9268cve The AdView.AdViewer.1 ActiveX control in Autodesk Design Review (ADR) before 2013 Hotfix 1 allows remote attackers to execute arbitrary code via a crafted DWF file.
6.82014-12-08CVE-2014-9267cve Heap-based buffer overflow in the PTC IsoView ActiveX control allows remote attackers to execute arbitrary code via a crafted ViewPort property value.
7.52014-12-08CVE-2014-9266cve The STWConfig ActiveX control in Samsung SmartViewer does not properly initialize a variable, which allows remote attackers to execute arbitrary code via unspecified vectors.
6.82014-12-08CVE-2014-9265cve Stack-based buffer overflow in the BackupToAvi method in the CNC_Ctrl ActiveX control in Samsung SmartViewer allows remote attackers to execute arbitrary code via unspecified ve...
7.52014-12-08CVE-2014-9263cve Multiple buffer overflows in the PocketNetNVRMediaClientAxCtrl.NVRMediaViewer.1 control in 3S Pocketnet Tech VMS allow remote attackers to execute arbitrary code via a crafted s...
52014-12-08CVE-2014-9130cve scanner.c in LibYAML 0.1.5 and 0.1.6, as used in the YAML-LibYAML (aka YAML-XS) module for Perl, allows context-dependent attackers to cause a denial of service (assertion failu...
7.52014-12-08CVE-2014-9029cve Multiple off-by-one errors in the (1) jpc_dec_cp_setfromcox and (2) jpc_dec_cp_setfromrgn functions in jpc/jpc_dec.c in JasPer 1.900.1 and earlier allow remote attackers to exec...
4.62014-12-08CVE-2014-8106cve Heap-based buffer overflow in the Cirrus VGA emulator (hw/display/cirrus_vga.c) in QEMU before 2.2.0 allows local guest users to execute arbitrary code via vectors related to bl...
6.52014-12-08CVE-2014-5462cve Multiple SQL injection vulnerabilities in OpenEMR 4.1.2 (Patch 7) and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) layout_id parameter ...
Page(s) : 1 ... 7 8 9 10 11 12 13 14 15 16 [17] 18 19 20 21 22 23 24 25 26 27 ...Result(s) : 67584