Click to open the Alert Filter

 
Year Month
Severity
Categories
Search by Alert Name
Page(s) : 1 ... 14 15 16 17 18 19 20 21 22 23 [24] 25 26 27 28 29 30 31 32 33 34 ...Result(s) : 130797

Alerts Feed Alerts

DateNameCategoriesDetail
4.32019-10-08CVE-2019-17108cve Local file inclusion in brokerPerformance.php in Centreon Web before 2.8.28 allows attackers to disclose information or perform a stored XSS attack on a user.
6.52019-10-08CVE-2019-17107cve minPlayCommand.php in Centreon Web before 2.8.27 allows authenticated attackers to execute arbitrary code via the command_hostaddress parameter. NOTE: some sources have listed C...
42019-10-08CVE-2019-17106cve In Centreon Web through 2.8.29, disclosure of external components' passwords allows authenticated attackers to move laterally to external components.
52019-10-08CVE-2019-17104cve In Centreon VM through 19.04.3, the cookie configuration within the Apache HTTP Server does not protect against theft because the HTTPOnly flag is not set.
N/A2019-10-08CVE-2019-16929cve Auth0 auth0.net before 6.5.4 has Incorrect Access Control because IdentityTokenValidator can be accidentally used to validate untrusted ID tokens.
3.52019-10-08CVE-2019-16417cve HRworks FLOW 3.36.9 allows XSS via the purpose of a travel-expense report.
3.52019-10-08CVE-2019-16416cve HRworks 3.36.9 allows XSS via the purpose of a travel-expense report.
N/A2019-10-08CVE-2019-14657cve Yealink phones through 2019-08-04 have an issue with OpenVPN file upload. They execute tar as root to extract files, but do not validate the extraction directory. Creating a tar...
N/A2019-10-08CVE-2019-14656cve Yealink phones through 2019-08-04 do not properly check user roles in POST requests. Consequently, the default User account (with a password of user) can make admin requests via...
N/A2019-10-08CVE-2019-13336cve The dbell Wi-Fi Smart Video Doorbell DB01-S Gen 1 allows remote attackers to launch commands with no authentication verification via TCP port 81, because the loginuse and loginp...
102019-10-08CVE-2018-21025cve In Centreon VM through 19.04.3, centreon-backup.pl allows attackers to become root via a crafted script, due to incorrect rights of sourced configuration files.
6.52019-10-08CVE-2018-21023cve getStats.php in Centreon Web before 2.8.28 allows authenticated attackers to execute arbitrary code via the ns_id parameter.
6.52019-10-08CVE-2018-21022cve makeXML_ListServices.php in Centreon Web before 2.8.28 allows attackers to perform SQL injections via the host_id parameter.
6.52019-10-08CVE-2018-21021cve img_gantt.php in Centreon Web before 2.8.27 allows attackers to perform SQL injections via the host_id parameter.
52019-10-08CVE-2018-21020cve In very rare cases, a PHP type juggling vulnerability in centreonAuth.class.php in Centreon Web before 2.8.27 allows attackers to bypass authentication mechanisms in place.
6.92019-10-07CVE-2019-3745cve The vulnerability is limited to the installers of Dell Encryption Enterprise versions prior to 10.4.0 and Dell Endpoint Security Suite Enterprise versions prior to 2.4.0. This i...
6.62019-10-07CVE-2019-3688cve The /usr/sbin/pinger binary packaged with squid in SUSE Linux Enterprise Server 15 before and including version 4.8-5.8.1 and in SUSE Linux Enterprise Server 12 before and inclu...
4.92019-10-07CVE-2019-17351cve An issue was discovered in drivers/xen/balloon.c in the Linux kernel before 5.2.3, as used in Xen through 4.12.x, allowing guest OS users to cause a denial of service because of...
4.92019-10-07CVE-2019-17350cve An issue was discovered in Xen through 4.12.x allowing Arm domU attackers to cause a denial of service (infinite loop) involving a compare-and-exchange operation.
4.92019-10-07CVE-2019-17349cve An issue was discovered in Xen through 4.12.x allowing Arm domU attackers to cause a denial of service (infinite loop) involving a LoadExcl or StoreExcl operation.
Page(s) : 1 ... 14 15 16 17 18 19 20 21 22 23 [24] 25 26 27 28 29 30 31 32 33 34 ...Result(s) : 130797