| Page(s) : 1 ... 11 12 13 14 15 16 17 18 19 20 [21] 22 23 24 25 26 27 28 29 30 31 ... | Result(s) : 39741 |
Alerts
| DATE | NAME | CATEGORIES | DETAIL | |
|---|---|---|---|---|
| 9.8 | 2024-01-23 | CVE-2023-31654 | cve | Redis raft master-1b8bd86 to master-7b46079 was discovered to contain an ODR violation via the component hiredisAllocFns at /opt/fs/redisraft/deps/hiredis/alloc.c. |
| 9.8 | 2024-01-23 | CVE-2023-36177 | cve | An issue was discovered in badaix Snapcast version 0.27.0, allows remote attackers to execute arbitrary code and gain sensitive information via crafted request in JSON-RPC-API. |
| 9.8 | 2024-01-23 | CVE-2023-51199 | cve | Buffer Overflow vulnerability in ROS2 Foxy Fitzroy ROS_VERSION=2 and ROS_PYTHON_VERSION=3 allows attackers to run arbitrary code or cause a denial of service via improper handli... |
| 9.8 | 2024-01-23 | CVE-2023-51208 | cve | An Arbitrary File Upload vulnerability in ROS2 Foxy Fitzroy ROS_VERSION=2 and ROS_PYTHON_VERSION=3 allows attackers to run arbitrary code and cause other impacts via upload of c... |
| 9.8 | 2024-01-23 | CVE-2024-22660 | cve | TOTOLINK_A3700R_V9.1.2u.6165_20211012has a stack overflow vulnerability via setLanguageCfg |
| 9.8 | 2024-01-23 | CVE-2024-22662 | cve | TOTOLINK A3700R_V9.1.2u.6165_20211012 has a stack overflow vulnerability via setParentalRules |
| 9.8 | 2024-01-23 | CVE-2024-22663 | cve | TOTOLINK_A3700R_V9.1.2u.6165_20211012has a command Injection vulnerability via setOpModeCfg |
| 9.8 | 2024-01-23 | CVE-2024-22203 | cve | Whoogle Search is a self-hosted metasearch engine. In versions prior to 0.8.4, the `element` method in `app/routes.py` does not validate the user-controlled `src_type` and `elem... |
| 9.8 | 2024-01-23 | CVE-2024-22205 | cve | Whoogle Search is a self-hosted metasearch engine. In versions 0.8.3 and prior, the `window` endpoint does not sanitize user-supplied input from the `location` variable and pass... |
| 9.8 | 2024-01-23 | CVE-2024-23636 | cve | SOFARPC is a Java RPC framework. SOFARPC defaults to using the SOFA Hessian protocol to deserialize received data, while the SOFA Hessian protocol uses a blacklist mechanism to ... |
| 9.8 | 2024-01-23 | CVE-2024-22076 | cve | MyQ Print Server before 8.2 patch 43 allows remote authenticated administrators to execute arbitrary code via PHP scripts that are reached through the administrative interface. |
| 9.8 | 2024-01-22 | CVE-2021-42141 | cve | An issue was discovered in Contiki-NG tinyDTLS through 2018-08-30. One incorrect handshake could complete with different epoch numbers in the packets Client_Hello, Client_key_ex... |
| 9.8 | 2024-01-22 | CVE-2023-48118 | cve | SQL Injection vulnerability in Quest Analytics LLC IQCRM v.2023.9.5 allows a remote attacker to execute arbitrary code via a crafted request to the Common.svc WSDL page. |
| 9.8 | 2024-01-22 | CVE-2024-0778 | cve | ** UNSUPPORTED WHEN ASSIGNED ** A vulnerability, which was classified as critical, has been found in Uniview ISC 2500-S up to 20210930. Affected by this issue is the function se... |
| 9.1 | 2024-01-22 | CVE-2022-45790 | cve | The Omron FINS protocol has an authenticated feature to prevent access to memory regions. Authentication is susceptible to bruteforce attack, which may allow an adversary to gai... |
| 9.8 | 2024-01-22 | CVE-2024-0204 | cve | Authentication bypass in Fortra's GoAnywhere MFT prior to 7.4.1 allows an unauthorized user to create an admin user via the administration portal. |
| 9.8 | 2024-01-22 | CVE-2024-0783 | cve | A vulnerability was found in Project Worlds Online Admission System 1.0 and classified as critical. This issue affects some unknown processing of the file documents.php. The man... |
| 9.8 | 2024-01-22 | CVE-2024-0784 | cve | A vulnerability was found in hongmaple octopus 1.0. It has been classified as critical. Affected is an unknown function of the file /system/role/list. The manipulation of the ar... |
| 9.8 | 2024-01-22 | CVE-2017-20189 | cve | In Clojure before 1.9.0, classes can be used to construct a serialized object that executes arbitrary code upon deserialization. This is relevant if a server deserializes untrus... |
| 9.8 | 2024-01-22 | CVE-2024-23751 | cve | LlamaIndex (aka llama_index) through 0.9.34 allows SQL injection via the Text-to-SQL feature in NLSQLTableQueryEngine, SQLTableRetrieverQueryEngine, NLSQLRetriever, RetrieverQue... |
| Page(s) : 1 ... 11 12 13 14 15 16 17 18 19 20 [21] 22 23 24 25 26 27 28 29 30 31 ... | Result(s) : 39741 |
